CCNA Design of SAP Workloads on AWS Questions

75 of 462 questions · Page 2/7 · Design of SAP Workloads on AWS · Answers revealed

76
MCQhard

A company runs SAP HANA on AWS with a multi-AZ deployment using HANA System Replication (HSR). The primary site is in us-east-1a and the secondary in us-east-1b. Each site has an ASCS and PAS. The HANA database uses a virtual IP address managed by a Route 53 health check with a failover routing policy. During a recent AZ failure in us-east-1a, the automatic failover to the secondary site took over 15 minutes. The recovery time objective (RTO) is 5 minutes. Analysis shows that the Route 53 health check failed but the failover did not trigger quickly because the DNS TTL was set to 300 seconds. What changes should be made to meet the RTO?

A.Increase the DNS TTL to 600 seconds to ensure stability.
B.Replace Route 53 with an Application Load Balancer for the virtual IP.
C.Reduce the DNS TTL to 60 seconds and use a weighted routing policy with health checks.
D.Remove the health check and use a simple routing policy with a low TTL.
AnswerC

Lower TTL speeds up DNS propagation; weighted routing allows immediate failover.

Why this answer

Option C is correct because reducing the DNS TTL to 60 seconds ensures that DNS resolvers cache the failover record for a shorter duration, allowing the Route 53 failover routing policy to propagate the new IP address more quickly after a health check failure. Combined with a weighted routing policy and health checks, this enables failover within the 5-minute RTO by minimizing DNS propagation delay, which was the bottleneck at 300 seconds.

Exam trap

The trap here is that candidates may think increasing TTL improves stability (Option A) or that an ALB can replace a virtual IP for HANA HSR (Option B), but the core issue is DNS propagation delay, and only reducing TTL with a failover routing policy directly addresses the RTO requirement.

How to eliminate wrong answers

Option A is wrong because increasing the DNS TTL to 600 seconds would worsen the failover time, extending the delay beyond 15 minutes and making it impossible to meet the 5-minute RTO. Option B is wrong because an Application Load Balancer (ALB) does not support virtual IP addresses for SAP HANA HSR; ALBs operate at Layer 7 and cannot handle the static IP requirements of HANA System Replication, which relies on a fixed virtual IP for client connections. Option D is wrong because removing the health check eliminates the automated failure detection mechanism, and using a simple routing policy without health checks would not trigger failover at all, leaving the system unable to recover from an AZ failure.

77
MCQmedium

A company is running SAP on AWS and needs to ensure that its SAP HANA database is backed up daily with minimal impact on performance. The database is 2 TB in size and runs on an r5.8xlarge instance. Which backup strategy meets these requirements?

A.Perform a full backup to Amazon EBS volumes attached to the instance
B.Use the SAP HANA Backint agent to back up directly to Amazon S3
C.Use AWS Backup to create snapshots of the entire EC2 instance
D.Use AWS Storage Gateway to back up to Amazon S3 Glacier
AnswerB

Backint integrates with SAP HANA for efficient, performant backups.

Why this answer

Option C is correct because using Backint agent with Amazon S3 is the recommended method for SAP HANA backups on AWS, providing efficient backups with minimal performance impact. Options A and B can cause performance issues. Option D is not SAP-specific.

78
Multi-Selecteasy

A company is migrating SAP workloads to AWS and needs to choose storage for SAP HANA. Which two storage options are supported for SAP HANA data volumes? (Select TWO.)

Select 2 answers
A.Amazon EBS io2 Block Express volumes.
B.Amazon S3.
C.Amazon EFS.
D.Instance Store (NVMe SSD) volumes.
E.Amazon EBS gp3 volumes.
AnswersA, E

Supports high IOPS and low latency required by HANA.

Why this answer

Amazon EBS io2 Block Express volumes are supported for SAP HANA data volumes because they provide high durability (99.999% durability) and sub-millisecond latency with up to 256,000 IOPS per volume, meeting SAP's performance requirements for production HANA workloads. Amazon EBS gp3 volumes are also supported for SAP HANA data volumes, offering a baseline of 3,000 IOPS and 125 MB/s throughput with the ability to scale independently, making them suitable for non-production or smaller production environments.

Exam trap

The trap here is that candidates often confuse supported storage for SAP HANA data volumes with log volumes, where Instance Store (NVMe SSD) is supported for log volumes but not for data volumes, leading to incorrect selection of Option D.

79
MCQmedium

A company runs SAP HANA on AWS and needs to ensure that the database can survive a single Availability Zone failure without manual intervention. The SAP HANA system is currently deployed on a single EC2 instance. Which solution meets this requirement?

A.Use an Auto Scaling group to launch a new SAP HANA instance if the current instance fails
B.Configure SAP HANA System Replication with a secondary instance in a different Availability Zone and enable automatic takeover
C.Deploy the SAP HANA instance in a placement group within a single Availability Zone
D.Take daily EBS snapshots and copy them to another AWS Region
AnswerB

System Replication with automatic takeover ensures failover without manual intervention.

Why this answer

SAP HANA System Replication with automatic takeover in a Multi-AZ setup provides automatic failover. Option A is wrong because a single instance in one AZ does not survive AZ failure. Option C is wrong because manual snapshots require intervention.

Option D is wrong because Auto Scaling is for stateless applications, not databases.

80
Multi-Selectmedium

An architect is designing a highly available SAP NetWeaver architecture on AWS. The system uses an SAP Central Services (ASCS) instance. Which THREE components are required to achieve high availability for the SAP environment? (Choose THREE.)

Select 3 answers
A.Shared file storage (e.g., Amazon EFS or EBS Multi-Attach)
B.A cluster manager such as Pacemaker
C.A NAT Gateway for outbound traffic
D.An Internet Gateway for inbound traffic
E.A Network Load Balancer to distribute traffic to ASCS
AnswersA, B, E

Shared storage ensures data consistency after failover.

Why this answer

A cluster manager like Pacemaker handles failover. Shared storage (e.g., Amazon EFS or EBS) is needed for /sapmnt and /usr/sap. A Network Load Balancer distributes traffic and detects failures.

Option B is wrong because NAT Gateway is for outbound internet. Option D is wrong because an Internet Gateway is for inbound internet. Option E is wrong because an ALB is not suitable for ASCS health checks; NLB is preferred.

81
MCQmedium

A company is designing a disaster recovery (DR) strategy for SAP S/4HANA on AWS. The primary region is us-east-1 and the DR region is us-west-2. The RPO is 15 minutes and RTO is 1 hour. Which approach should be used to replicate SAP HANA data?

A.Configure HANA System Replication across regions
B.Use AWS Database Migration Service (DMS) with ongoing replication
C.Use Amazon S3 Cross-Region Replication for backup files
D.Use AWS Backup cross-region copy of EBS snapshots
AnswerA

Synchronous replication can achieve low RPO.

Why this answer

HANA System Replication (HSR) is the only option that meets the 15-minute RPO and 1-hour RTO for SAP HANA data replication across regions. HSR uses log-based asynchronous replication to continuously ship redo logs to the DR region, enabling near-real-time data synchronization with minimal data loss. This is the native SAP-recommended method for cross-region DR of SAP HANA databases.

Exam trap

The trap here is that candidates often confuse AWS-native services (DMS, S3 CRR, AWS Backup) as viable for SAP HANA DR, but they fail to recognize that only HANA System Replication provides the sub-15-minute RPO and sub-1-hour RTO required for SAP-certified DR on AWS.

How to eliminate wrong answers

Option B is wrong because AWS DMS with ongoing replication does not support SAP HANA as a source for continuous change data capture (CDC) in a production-grade DR scenario; DMS is designed for heterogeneous migrations, not for low-latency, log-based replication of SAP HANA. Option C is wrong because S3 Cross-Region Replication of backup files can only achieve RPOs measured in hours (due to backup frequency and replication delays), not the required 15 minutes, and it does not provide a mechanism for rapid database recovery within 1 hour. Option D is wrong because AWS Backup cross-region copy of EBS snapshots typically has an RPO of at least 1 hour (snapshot intervals) and an RTO of several hours (restore time), failing both the 15-minute RPO and 1-hour RTO requirements.

82
Multi-Selectmedium

A company is designing an SAP HANA multi-node scale-out system on AWS. Which two of the following are required for the network configuration? (Select TWO.)

Select 2 answers
A.Assign public IP addresses to each node for inter-node communication.
B.Configure an Elastic Load Balancer to distribute traffic among nodes.
C.Enable EBS optimization on all EC2 instances.
D.Create a separate subnet for HANA internal communication.
E.Place all nodes in a cluster placement group.
AnswersD, E

Isolates HANA node-to-node traffic.

Why this answer

Option D is correct because SAP HANA multi-node scale-out systems require a dedicated subnet for internal inter-node communication to ensure low latency and high throughput. This separate network isolates HANA internal traffic (e.g., internal SQL and replication traffic) from other network traffic, which is critical for performance and stability.

Exam trap

The trap here is that candidates often confuse external-facing components (like Elastic Load Balancers or public IPs) with internal cluster communication requirements, or they mistakenly think EBS optimization is a network prerequisite for HANA scale-out, when in fact the focus should be on placement groups and dedicated subnets for low-latency inter-node traffic.

83
Multi-Selecteasy

Which TWO of the following are recommended best practices for deploying SAP HANA on AWS? (Choose two.)

Select 2 answers
A.Deploy HANA in a single Availability Zone to reduce costs.
B.Disable hyper-threading on the HANA instance.
C.Store HANA data on instance store volumes for better performance.
D.Use EBS-optimized instances for HANA workloads.
E.Use EBS snapshots for backup of HANA data volumes.
AnswersD, E

EBS-optimized instances provide dedicated throughput to EBS.

Why this answer

Options A and C are correct. A is correct because using EBS-optimized instances ensures dedicated network bandwidth for EBS. C is correct because EBS snapshots provide point-in-time backups.

B is incorrect because instance store is ephemeral. D is incorrect because a single AZ does not provide high availability. E is incorrect because disabling multi-threading is not a best practice.

84
MCQmedium

A company is implementing SAP S/4HANA on AWS and wants to ensure that the system is backed up properly. They need to back up the HANA database and the application layer. Which approach is recommended for backing up the HANA database?

A.Use EBS snapshots for the HANA data volumes
B.Configure an S3 lifecycle policy to archive the HANA log files
C.Use AWS Backup with a backup plan that includes the HANA instance
D.Use the AWS Backint agent to back up HANA to Amazon S3
AnswerD

AWS Backint agent provides application-consistent backups of HANA to S3 via SAP Backint interface.

Why this answer

Option B is correct because Backint is the SAP-certified interface for backing up HANA to Amazon S3 via AWS Backint agent. Option A is wrong because EBS snapshots are crash-consistent but not application-consistent for HANA without additional steps. Option C is wrong because AWS Backup can orchestrate snapshots but not Backint.

Option D is wrong because S3 lifecycle policies are for storage management, not backups.

85
Multi-Selectmedium

Which THREE are valid strategies for backing up an SAP HANA database on AWS? (Choose three.)

Select 3 answers
A.Use Amazon EBS snapshots of the HANA data volumes.
B.Use AWS Backup to schedule and manage HANA backups.
C.Use SAP HANA Backint agent to back up to Amazon S3.
D.Set up an Amazon RDS for SAP HANA read replica.
E.Configure a lifecycle policy to move backups to Amazon S3 Glacier immediately.
AnswersA, B, C

EBS snapshots are crash-consistent and can be used for HANA backups with application consistency steps.

Why this answer

Amazon EBS snapshots provide crash-consistent, point-in-time backups of the HANA data volumes. When used with SAP HANA's snapshot mode (e.g., via hdbsql or Python scripts), they ensure transactional consistency by quiescing the database before the snapshot. This is a valid and commonly used backup strategy for SAP HANA on AWS.

Exam trap

The trap here is that candidates may confuse Amazon RDS with EC2-based deployments, incorrectly assuming RDS supports SAP HANA, or they may think immediate Glacier transitions are acceptable without considering SAP HANA's need for rapid restore access.

86
MCQhard

An SAP system uses an Amazon RDS for SAP ASE database. The database is experiencing high connection timeouts. The SAP team notices that the RDS instance's maximum connections parameter is set to 500. What should be done to resolve the issue?

A.Upgrade the RDS instance to a larger size with more vCPUs.
B.Modify the RDS parameter group to increase max_connections.
C.Create a read replica to offload connections.
D.Increase the allocated storage for the RDS instance.
AnswerB

Directly addresses the connection limit.

Why this answer

The high connection timeouts are caused by the max_connections parameter being set to 500, which is the default for many RDS for SAP ASE instances. Increasing this value in the RDS parameter group allows more concurrent connections to the database, directly resolving the timeout issue without changing the instance size or storage. This is the simplest and most effective fix because the database engine itself is capable of handling more connections if the parameter is adjusted.

Exam trap

The trap here is that candidates often assume connection timeouts are caused by insufficient compute or storage resources, leading them to choose instance upgrades or storage increases, when the actual root cause is a misconfigured database parameter that directly controls the connection limit.

How to eliminate wrong answers

Option A is wrong because upgrading to a larger instance with more vCPUs does not automatically increase the max_connections limit; it only provides more compute resources, but the connection limit is a separate parameter that must be explicitly modified. Option C is wrong because creating a read replica does not offload connections from the primary database; read replicas handle read-only traffic, but connection timeouts are typically caused by the primary database reaching its connection limit, and read replicas do not reduce the number of connections to the primary instance. Option D is wrong because increasing allocated storage does not affect the max_connections parameter; storage size is unrelated to the number of concurrent database connections.

87
Multi-Selectmedium

A company is migrating an SAP NetWeaver system to AWS. The system uses an on-premises shared file system (NFS). Which TWO AWS services can provide a scalable, highly available NFS share for SAP transport directories?

Select 2 answers
A.AWS Storage Gateway File Gateway
B.Amazon Elastic Block Store (EBS) with a shared volume
C.Amazon Elastic File System (EFS)
D.Amazon S3 with S3 File Gateway
E.Amazon FSx for NetApp ONTAP
AnswersC, E

EFS is a scalable NFS file system.

Why this answer

Amazon EFS provides a scalable, fully managed NFS file system that is highly available across multiple Availability Zones, making it suitable for SAP transport directories. It supports the NFSv4 protocol required by SAP and automatically scales storage capacity as files are added or removed, eliminating the need for manual provisioning.

Exam trap

The trap here is that candidates may confuse AWS Storage Gateway File Gateway or S3 File Gateway with native NFS services, not realizing that these gateway solutions introduce additional latency and are not recommended for SAP transport directories due to performance and consistency requirements.

88
MCQeasy

An SAP Basis administrator needs to automate the start and stop of SAP application servers on AWS to reduce costs during non-business hours. The instance must be stopped (not terminated) to preserve the data. Which AWS service can be used to schedule the start and stop?

A.AWS Auto Scaling
B.Amazon CloudWatch Alarms
C.AWS Instance Scheduler
D.AWS Systems Manager Maintenance Windows
AnswerC

Specifically designed to schedule start/stop of instances.

Why this answer

Option D is correct because AWS Instance Scheduler is a solution that uses CloudWatch Events and Lambda to start/stop instances on a schedule. Option A is wrong because Auto Scaling is for scaling based on demand, not scheduling. Option B is wrong because CloudWatch Alarms can trigger actions but not easily for complex schedules.

Option C is wrong because Systems Manager Maintenance Windows are for patching, not start/stop.

89
MCQmedium

A company is planning to migrate its SAP landscape to AWS. The environment includes SAP HANA databases for production and non-production. Which AWS service can be used to automate the provisioning of the SAP HANA infrastructure? (Select TWO.)

A.AWS CloudFormation
B.Amazon Macie
C.AWS OpsWorks
D.AWS Service Catalog
E.AWS CodePipeline
AnswerA, D

Infrastructure as code to provision resources.

Why this answer

AWS CloudFormation (Option A) is correct because it allows you to define SAP HANA infrastructure as code using templates, automating the provisioning of EC2 instances, storage, networking, and security groups required for SAP HANA. This aligns with SAP's deployment best practices on AWS, enabling repeatable and consistent infrastructure setup for both production and non-production environments.

Exam trap

The trap here is that candidates often confuse AWS OpsWorks or AWS CodePipeline as infrastructure provisioning tools, but they are designed for configuration management and CI/CD respectively, not for automating the deployment of SAP HANA infrastructure which requires specific storage and compute orchestration.

How to eliminate wrong answers

Option B (Amazon Macie) is wrong because it is a data security service that uses machine learning to discover and protect sensitive data in Amazon S3, and it has no capability to provision or manage SAP HANA infrastructure. Option C (AWS OpsWorks) is wrong because it is a configuration management service based on Chef and Puppet, designed for managing application stacks and server configurations, not for automating the provisioning of SAP HANA infrastructure which requires specific HANA-aware orchestration. Option E (AWS CodePipeline) is wrong because it is a continuous integration and continuous delivery (CI/CD) service for automating software build, test, and deploy pipelines, and it does not provision infrastructure resources like SAP HANA servers.

90
MCQmedium

A company is running SAP ERP on AWS. They want to implement automated backups for the SAP HANA database using AWS Backup. Which AWS service should they use to orchestrate the HANA backup?

A.AWS Backup
B.AWS Lambda
C.Amazon Data Lifecycle Manager
D.AWS Systems Manager
AnswerA

AWS Backup supports SAP HANA via Backint.

Why this answer

AWS Backup natively supports SAP HANA databases by integrating with the SAP HANA Backint agent, which allows you to define backup policies, retention rules, and cross-region copy directly from the AWS Backup console. This eliminates the need for custom scripting or manual orchestration, making it the correct service for automating HANA backups on AWS.

Exam trap

The trap here is that candidates may confuse AWS Backup's general snapshot capabilities with services like DLM or Systems Manager, not realizing that AWS Backup has specific SAP HANA Backint integration that makes it the only correct choice for orchestrating HANA database backups.

How to eliminate wrong answers

Option B is wrong because AWS Lambda is a serverless compute service used for running code in response to events, not for orchestrating database backups; it would require custom code to invoke HANA backup commands and manage lifecycle, adding complexity without native backup integration. Option C is wrong because Amazon Data Lifecycle Manager (DLM) is designed for automating the creation, retention, and deletion of Amazon EBS snapshots and EBS-backed AMIs, not for orchestrating SAP HANA database backups which require Backint integration. Option D is wrong because AWS Systems Manager is a management service for operational tasks like patching and automation runbooks, but it does not provide native backup orchestration for SAP HANA; while it can trigger scripts, it lacks the built-in backup policy and retention management that AWS Backup offers for HANA.

91
MCQmedium

A company is running SAP on AWS and wants to use a custom AMI for SAP application servers. They need to ensure that the AMI is encrypted using AWS KMS. Which step is required to launch encrypted instances from this AMI?

A.Use an AWS Marketplace AMI that is already encrypted.
B.Use the AWS Management Console to modify the AMI to enable encryption.
C.Specify the KMS key ID in the run-instances command.
D.Copy the AMI and specify a KMS key for encryption.
AnswerD

Copying allows encryption of the AMI.

Why this answer

Option D is correct because to launch encrypted instances from an unencrypted custom AMI, you must first copy the AMI and specify a KMS key for encryption during the copy process. This creates an encrypted AMI that can then be used to launch encrypted instances. AWS does not allow you to directly encrypt an existing AMI in place; the copy operation is the required mechanism.

Exam trap

The trap here is that candidates confuse encrypting the instance's root volume at launch (option C) with encrypting the AMI itself, not realizing that only a copy operation with a KMS key creates a persistently encrypted AMI.

How to eliminate wrong answers

Option A is wrong because the question specifies using a custom AMI, not an AWS Marketplace AMI, and the requirement is to encrypt a custom AMI, not to use a pre-encrypted one. Option B is wrong because the AWS Management Console does not provide a direct 'modify AMI to enable encryption' action; AMI encryption is only achieved through the copy operation or during instance launch with encryption settings. Option C is wrong because specifying a KMS key ID in the run-instances command only encrypts the root volume of the instance being launched, not the AMI itself; the AMI remains unencrypted, and subsequent launches from that AMI would not be encrypted unless the AMI is first copied with encryption.

92
MCQmedium

A retail company runs its SAP ERP system on AWS. The system includes an SAP HANA database on an r5.8xlarge instance with 4TB of storage using a single EBS io1 volume with 16000 provisioned IOPS. The application experiences periodic slowdowns during end-of-month financial closing, which typically lasts for 2 hours. The CloudWatch metrics show that during the slowdown, the EBS volume's Average Queue Length peaks at 20, and the instance's EBS Bandwidth is at 3500 Mbps (the maximum for r5.8xlarge is 4750 Mbps). The database team confirms that HANA is not CPU-bound during these periods. The SAP team wants a cost-effective solution to eliminate the performance bottleneck. Which solution should be recommended?

A.Use an Amazon FSx for Lustre file system as the HANA data volume for higher throughput.
B.Move to an r5n.24xlarge instance and use multiple io1 volumes in a RAID 0 stripe to increase throughput.
C.Increase the provisioned IOPS on the io1 volume to 32000 IOPS to reduce queue length.
D.Switch to a gp3 volume with 16000 IOPS and 1000 MB/s throughput to reduce cost.
AnswerB

Larger instance provides more EBS bandwidth; RAID 0 improves aggregate IOPS and throughput.

Why this answer

Option B is correct because the bottleneck is EBS bandwidth, not IOPS. The r5.8xlarge instance has a maximum EBS bandwidth of 4750 Mbps, and during the slowdown the volume is already using 3500 Mbps, leaving limited headroom. By moving to an r5n.24xlarge instance, which offers significantly higher EBS bandwidth (up to 19,000 Mbps), and using multiple io1 volumes in a RAID 0 stripe, you can distribute the I/O load and increase both throughput and IOPS, eliminating the queue length issue cost-effectively without over-provisioning a single volume.

Exam trap

The trap here is that candidates often focus on increasing IOPS (option C) when the real bottleneck is EBS bandwidth, which is an instance-level limit, not a volume-level limit.

How to eliminate wrong answers

Option A is wrong because Amazon FSx for Lustre is a high-performance file system designed for HPC and large-scale analytics, not for SAP HANA data volumes; SAP HANA requires block storage (EBS) for its data and log volumes, and using a file system would introduce unacceptable latency and complexity. Option C is wrong because increasing provisioned IOPS to 32000 on a single io1 volume would not resolve the bottleneck; the instance's EBS bandwidth limit of 4750 Mbps caps the maximum throughput, and the queue length is caused by bandwidth saturation, not insufficient IOPS. Option D is wrong because switching to a gp3 volume with 16000 IOPS and 1000 MB/s throughput would actually reduce performance; gp3 has a baseline throughput of only 125 MB/s (1000 Mbps) and would throttle the workload, worsening the slowdown, and it does not address the instance-level bandwidth limitation.

93
MCQhard

A company is running SAP HANA on AWS and wants to encrypt the EBS volumes at rest. They also need to manage the encryption keys themselves. Which solution should they use?

A.Use AWS KMS with a customer managed key (CMK)
B.Enable EBS encryption with the default AWS managed KMS key
C.Use AWS CloudHSM to store keys
D.Use AWS Systems Manager Parameter Store
AnswerA

CMK allows customer to manage keys.

Why this answer

Option A is correct because AWS KMS with a customer managed key (CMK) allows the company to have full control over the encryption keys used for EBS volume encryption, including key rotation, access policies, and disabling or deleting the key. This meets the requirement to manage the encryption keys themselves while still leveraging AWS KMS for key management and auditing.

Exam trap

The trap here is that candidates may confuse CloudHSM as a valid option for EBS encryption because it provides key storage, but AWS EBS encryption only supports KMS keys, not direct CloudHSM integration.

How to eliminate wrong answers

Option B is wrong because using the default AWS managed KMS key means AWS manages the key lifecycle and the customer cannot control or manage the key themselves, which violates the requirement to manage encryption keys. Option C is wrong because AWS CloudHSM provides hardware security modules for key storage but does not directly integrate with EBS encryption; EBS encryption requires a KMS key, and CloudHSM cannot be used as the key source for EBS volume encryption. Option D is wrong because AWS Systems Manager Parameter Store is a service for storing configuration data and secrets, not for managing encryption keys for EBS volumes, and it does not provide the cryptographic operations needed for EBS encryption.

94
MCQhard

A company runs SAP ERP 6.0 on an Oracle database on EC2. The system is experiencing high CPU usage on the database server during peak hours. Analysis shows that the CPU is consumed by log writes. Which configuration change can reduce CPU usage?

A.Disable archiving of redo logs.
B.Switch from EBS gp3 to io2 Block Express volumes.
C.Upgrade to a larger EC2 instance type with more vCPUs.
D.Increase the Oracle log buffer size to reduce the number of log write operations.
AnswerD

Larger log buffer reduces write frequency, lowering CPU usage.

Why this answer

High CPU usage from log writes indicates that the database is spending excessive CPU cycles on writing redo log entries to disk. Increasing the Oracle log buffer size reduces the frequency of log write operations by allowing more redo data to accumulate before a write is triggered, thereby lowering CPU overhead. This directly addresses the root cause without changing storage or compute capacity.

Exam trap

The trap here is that candidates often confuse storage performance improvements (like faster EBS volumes) with database-level tuning, assuming that faster I/O reduces CPU usage, when in fact the CPU is consumed by the overhead of too many small write operations, not by slow I/O.

How to eliminate wrong answers

Option A is wrong because disabling archiving of redo logs would prevent point-in-time recovery and is not a supported configuration for production SAP systems, nor does it reduce CPU usage from log writes (it only stops copying to archive logs). Option B is wrong because switching to io2 Block Express volumes improves IOPS and throughput but does not reduce the number of log write operations; CPU consumption from log writes is a database-level issue, not a storage latency issue. Option C is wrong because upgrading to a larger EC2 instance adds more vCPUs but does not address the underlying inefficiency of frequent log writes; it would mask the symptom rather than fix the cause.

95
MCQhard

An SAP environment on AWS is using a single Availability Zone. The company wants to achieve high availability for SAP Central Services (ASCS) and Enqueue Replication Server (ERS). Which architecture should they implement?

A.Deploy ASCS and ERS in the same Availability Zone with a second instance as passive.
B.Place ASCS and ERS on the same instance to reduce complexity.
C.Deploy ASCS and ERS in separate Availability Zones using AWS Launch Wizard for SAP.
D.Use Auto Scaling groups to automatically replace failed instances.
AnswerC

AWS Launch Wizard for SAP can deploy a multi-AZ HA architecture with automatic failover.

Why this answer

Option C is correct because achieving high availability for SAP Central Services (ASCS) and Enqueue Replication Server (ERS) on AWS requires deploying them in separate Availability Zones (AZs) to protect against an entire AZ failure. AWS Launch Wizard for SAP automates the deployment of a multi-AZ SAP system, including the necessary infrastructure components like Elastic Load Balancing and Amazon EFS, ensuring that the ASCS and ERS instances are in different AZs with a replicated enqueue table. This architecture aligns with SAP's recommendation for a high-availability setup using a Pacemaker cluster with STONITH fencing, which is supported by AWS.

Exam trap

The trap here is that candidates often assume that a passive instance in the same AZ provides sufficient redundancy, overlooking that AWS defines an Availability Zone as a single failure domain, so true high availability requires separation across AZs.

How to eliminate wrong answers

Option A is wrong because deploying ASCS and ERS in the same Availability Zone with a passive instance does not protect against an AZ outage; if that single AZ fails, both the active and passive instances become unavailable, violating the high-availability requirement. Option B is wrong because placing ASCS and ERS on the same instance eliminates redundancy and creates a single point of failure; SAP explicitly requires separate instances for ASCS and ERS in a high-availability configuration to allow independent failover. Option D is wrong because Auto Scaling groups are designed for stateless, horizontally scalable workloads and cannot handle the stateful failover requirements of SAP ASCS/ERS, which rely on cluster-aware fencing and enqueue replication, not instance replacement.

96
MCQeasy

A company is designing a highly available SAP NetWeaver system on AWS. They plan to use a two-node ASCS/ERS cluster with SUSE Linux Enterprise Server (SLES). Which AWS service is required to manage the virtual IP address for the cluster?

A.AWS VPC Peering
B.Amazon Route 53
C.Amazon EBS
D.Elastic Load Balancing
AnswerB

Route 53 can be configured with DNS failover to route traffic to the active node using the virtual IP.

Why this answer

Amazon Route 53 is required to manage the virtual IP address for the two-node ASCS/ERS cluster by using DNS failover. In a SLES-based SAP NetWeaver cluster on AWS, the cluster software (e.g., Pacemaker) updates a Route 53 DNS record with the private IP address of the active node, enabling clients to connect via a hostname that resolves to the current primary node. This DNS-based approach replaces traditional virtual IP (VIP) floating, which is not natively supported in AWS VPC due to the lack of gratuitous ARP or multicast.

Exam trap

The trap here is that candidates often confuse the need for a virtual IP address with traditional network-level VIPs (e.g., using Elastic IP or ENI attachment) and overlook that AWS does not support gratuitous ARP, so DNS-based failover via Route 53 is the required method for SAP ASCS/ERS clusters on SLES.

How to eliminate wrong answers

Option A is wrong because AWS VPC Peering is a network connectivity feature that connects VPCs, not a service for managing virtual IP addresses or DNS failover for an SAP cluster. Option C is wrong because Amazon EBS provides block-level storage volumes for EC2 instances, but it does not manage IP addresses or provide any DNS-based failover mechanism. Option D is wrong because Elastic Load Balancing distributes incoming traffic across multiple targets, but it cannot be used to manage a single virtual IP address for an ASCS/ERS cluster; the cluster requires a static VIP that follows the active node, which ELB does not support.

97
MCQmedium

A company has deployed SAP S/4HANA on AWS using a single EC2 instance for the HANA database and multiple EC2 instances for the application servers. The system is in production and the company wants to implement high availability for the HANA database to minimize downtime during patching and failures. The HANA database is critical and must have an RTO of less than 5 minutes and an RPO of zero. The current setup uses a single EBS volume for /hana/data and another for /hana/log. The company has two Availability Zones available. Which solution meets the requirements?

A.Configure SAP HANA System Replication with automatic failover to a secondary HANA instance in another AZ.
B.Attach the EBS volumes to two EC2 instances using EBS Multi-Attach.
C.Use AWS Backup to schedule snapshots every 5 minutes and restore in another AZ if needed.
D.Deploy the HANA database on a larger EC2 instance with higher availability SLA.
AnswerA

Synchronous replication provides zero RPO and fast failover.

Why this answer

Option B is correct because SAP HANA System Replication in active/passive mode with automatic failover provides near-zero RPO and fast RTO. Option A is wrong because manual failover takes longer than 5 minutes. Option C is wrong because EBS Multi-Attach does not support active/passive cross-AZ.

Option D is wrong because a larger instance does not provide HA.

98
MCQmedium

An SAP system on AWS is running on an r5.16xlarge instance. The system is experiencing network throughput bottlenecks. Which step should be taken to improve network performance?

A.Move the instance to a placement group
B.Attach an Elastic Fabric Adapter
C.Enable Enhanced Networking and install the ENA driver
D.Change the instance type to c5.18xlarge
AnswerC

ENA provides higher bandwidth and lower latency.

Why this answer

Option C is correct because enabling Enhanced Networking and installing the Elastic Network Adapter (ENA) driver is the standard method to achieve higher packet-per-second (PPS) performance, lower latency, and increased network bandwidth on supported instance types like r5.16xlarge. Without the ENA driver, the instance uses the older Xen network driver, which cannot utilize the full 25 Gbps network bandwidth available to r5 instances, leading to throughput bottlenecks.

Exam trap

The trap here is that candidates assume changing to a larger or different instance type (like c5.18xlarge) will automatically increase network bandwidth, when in fact the root cause is the missing ENA driver, and the r5.16xlarge already supports the same 25 Gbps bandwidth once Enhanced Networking is enabled.

How to eliminate wrong answers

Option A is wrong because placement groups (cluster, spread, partition) affect network latency and throughput between instances within the same group, but they do not increase the maximum network bandwidth of a single instance; they only reduce inter-instance latency and jitter. Option B is wrong because Elastic Fabric Adapter (EFA) is designed for tightly coupled HPC/ML workloads using OS-bypass (e.g., Libfabric) and is not supported or beneficial for SAP workloads, which rely on standard TCP/IP networking. Option D is wrong because changing to c5.18xlarge does not inherently improve network performance; both r5.16xlarge and c5.18xlarge offer up to 25 Gbps network bandwidth, but the bottleneck is due to missing ENA driver, not instance type; additionally, c5 instances lack the memory required for SAP workloads, making this change impractical.

99
MCQmedium

A company runs SAP HANA on AWS using an m5.24xlarge instance. The storage is configured with multiple EBS io1 volumes striped with LVM. Recently, the database performance has degraded. CloudWatch shows that the EBS write latency averages 5 ms, and the queue depth is consistently below 1. What is the most likely cause of the performance degradation?

A.The LVM stripe width is misconfigured causing uneven I/O distribution
B.The EBS-optimized instance feature is not enabled
C.The EBS volume type should be changed to gp3
D.The EBS write latency is too high and requires a larger instance
AnswerA

Improper stripe width can lead to hot spots.

Why this answer

Option C is correct because if the stripe width is not optimal, the I/O may not be distributed evenly, leading to hot spots. Option A is wrong because io1 volumes can handle high IOPS. Option B is wrong because 5 ms latency is acceptable.

Option D is wrong because EBS-optimized instances by default provide dedicated bandwidth.

100
Multi-Selectmedium

A company is deploying SAP NetWeaver on AWS and needs to ensure high availability for the SAP Central Services (ASCS) and Enqueue Replication Server (ERS). Which AWS services can be used to implement a failover cluster for ASCS and ERS? (Select THREE.)

Select 3 answers
A.AWS CloudTrail
B.Elastic Load Balancing
C.Amazon Route 53
D.AWS Config
E.Custom scripts to manage floating IP and start/stop services
AnswersB, C, E

Can be used to route traffic to the active ASCS instance.

Why this answer

Elastic Load Balancing (ELB) is correct because it can be used in conjunction with a Network Load Balancer (NLB) to provide a stable endpoint for SAP ASCS and ERS failover. The NLB supports static IP addresses and can be configured with health checks that monitor the SAP service, automatically routing traffic to the healthy node in the cluster. This eliminates the need for a traditional floating IP and integrates with AWS-native failover mechanisms.

Exam trap

The trap here is that candidates often assume a traditional floating IP is required for SAP ASCS/ERS failover, but AWS recommends using an NLB and/or Route 53 to provide a stable endpoint, making custom scripts for floating IP management optional rather than mandatory.

101
MCQhard

An SAP system on AWS has an SAP Central Services (ASCS) instance running on an EC2 instance. The solution must ensure high availability for the ASCS in case of an EC2 failure. The ASCS uses a shared file system for the /sapmnt and /usr/sap/trans directories. Which architecture meets the high availability requirement with the least administrative overhead?

A.Deploy a second ASCS instance in another AZ and use an EC2 instance running NFS server with an EBS volume
B.Use an Amazon EBS volume attached to the ASCS instance and replicate it to another Availability Zone using EBS Snapshots
C.Use Amazon S3 and mount it using s3fs-fuse for the shared file system
D.Use Amazon EFS for /sapmnt and /usr/sap/trans, and configure a Pacemaker cluster across two Availability Zones
AnswerD

EFS is a managed NFS file system that is highly available and integrates with Pacemaker for automatic failover.

Why this answer

Option A is correct because a Pacemaker cluster with Amazon EFS provides a fully managed NFS file system that is highly available and eliminates the need for a separate shared storage cluster. Option B is wrong because EBS fails over with the instance but is not shared. Option C is wrong because S3 is not a POSIX-compliant file system.

Option D is wrong because it adds complexity with an additional EC2 instance for NFS.

102
Multi-Selectmedium

Which THREE of the following are best practices for securing an SAP system on AWS? (Choose THREE.)

Select 3 answers
A.Enable CloudTrail to log API calls for auditing
B.Use AWS Key Management Service (KMS) to encrypt EBS volumes
C.Use the same security group for all SAP instances
D.Store SAP license keys in a public S3 bucket
E.Restrict network access using security groups and network ACLs
AnswersA, B, E

Auditing is a security best practice.

Why this answer

AWS CloudTrail records all API calls made to the AWS environment, including those that modify SAP infrastructure (e.g., EC2 instance launches, security group changes). Enabling CloudTrail provides an immutable audit log that is essential for compliance, security incident investigation, and operational troubleshooting in an SAP landscape. This aligns with the AWS shared responsibility model, where customers must log and monitor actions taken on their SAP workloads.

Exam trap

The trap here is that candidates may think sharing a security group simplifies management, but AWS explicitly requires separate security groups for different SAP tiers to enforce network segmentation and meet SAP certification requirements.

103
MCQeasy

A customer wants to migrate their SAP HANA database to AWS and needs to ensure that the EBS volumes for /hana/data and /hana/log are configured for maximum throughput and low latency. Which EBS volume type should be used for /hana/data?

A.st1
B.io2
C.gp3
D.sc1
AnswerB

io2 provides low latency and high IOPS suitable for HANA.

Why this answer

For SAP HANA workloads on AWS, the /hana/data volume requires the highest level of IOPS and low latency to support real-time data processing. io2 Block Express volumes provide up to 256,000 IOPS and sub-millisecond latency, making them the correct choice for /hana/data. io2 volumes also offer 99.999% durability, which is critical for SAP HANA database consistency.

Exam trap

The trap here is that candidates often choose gp3 (Option C) because it is the default general-purpose SSD and can be provisioned for high IOPS, but they overlook that SAP HANA certification for /hana/data mandates io1 or io2 volumes to guarantee the consistent low latency and durability required for production workloads.

How to eliminate wrong answers

Option A (st1) is wrong because st1 is a throughput-optimized HDD volume designed for large sequential workloads like big data and log processing, not for the random I/O and low-latency requirements of SAP HANA /hana/data. Option C (gp3) is wrong because while gp3 offers baseline performance and can be provisioned for higher IOPS, it does not match the maximum throughput and sub-millisecond latency of io2 Block Express, and SAP HANA certification for production /hana/data specifically requires io1 or io2 volumes. Option D (sc1) is wrong because sc1 is a cold HDD volume designed for infrequently accessed data with the lowest cost, and its performance is completely inadequate for the high IOPS and low latency demands of SAP HANA /hana/data.

104
MCQeasy

A company is planning to migrate its SAP HANA database to AWS. They require high availability with automatic failover in less than 30 seconds. Which AWS service should be used to meet this requirement?

A.Elastic Load Balancing
B.AWS Direct Connect
C.AWS Global Accelerator
D.Amazon Route 53
AnswerD

Route 53 with failover routing can meet the sub-30-second failover requirement.

Why this answer

Amazon Route 53 can be configured with health checks and DNS failover to automatically redirect traffic to a standby SAP HANA database in a different Availability Zone or region when the primary fails. With a low TTL (e.g., 5 seconds) and active-passive routing, failover can occur in under 30 seconds, meeting the high availability requirement.

Exam trap

The trap here is that candidates often confuse high-availability load balancing (ELB) with DNS-based failover (Route 53), assuming ELB can handle database failover, but ELB cannot redirect traffic to a standby database in a different AZ or region with sub-30-second failover timing.

How to eliminate wrong answers

Option A is wrong because Elastic Load Balancing operates at Layer 4/7 and is designed for distributing traffic across multiple healthy targets, but it does not provide automatic DNS-based failover for database endpoints and cannot reroute traffic to a standby database in a different region within 30 seconds. Option B is wrong because AWS Direct Connect establishes a dedicated network connection from on-premises to AWS, but it does not offer any automatic failover or routing logic for database availability. Option C is wrong because AWS Global Accelerator improves performance and provides static IP addresses with health-check-based traffic shifting, but it operates at the network layer and is not designed for DNS-level failover of database endpoints with sub-30-second failover times.

105
MCQhard

An SAP HANA database on AWS is using EBS io2 volumes. The administrator wants to increase the IOPS limit to meet peak workload demands without changing the volume size. What is the maximum IOPS that can be provisioned for an io2 volume per GB?

A.2,000 IOPS per GB
B.500 IOPS per GB
C.1,000 IOPS per GB
D.100 IOPS per GB
AnswerC

io2 volumes support up to 1,000 IOPS per GB.

Why this answer

Option C is correct. io2 volumes have a maximum ratio of 1,000 IOPS per GB (up to 256,000 IOPS per volume). Option A is wrong because 500 IOPS/GB is for io1. Option B is wrong because 100 IOPS/GB is too low.

Option D is wrong because 2,000 IOPS/GB exceeds the io2 limit.

106
Multi-Selectmedium

Which TWO statements are correct regarding SAP HANA backup strategies on AWS? (Choose two.)

Select 2 answers
A.EBS snapshots are the most cost-effective option for long-term backup retention.
B.S3 can be used as a backup destination for SAP HANA using AWS Backup.
C.S3 Standard-IA storage class is optimal for cross-region replication.
D.EBS snapshots can be used for fast recovery of HANA database volumes.
E.SAP HANA backup to EBS volumes is the recommended method for long-term archival.
AnswersB, D

AWS Backup supports SAP HANA on EC2.

Why this answer

AWS Backup natively supports SAP HANA as a managed backup service, allowing backups to be stored directly in Amazon S3. This provides a durable, scalable, and cost-effective backup destination without the need to manage backup infrastructure or scripts. Option B is correct because AWS Backup integrates with SAP HANA to automate full, incremental, and differential backups to S3.

Exam trap

The trap here is that candidates often assume EBS snapshots are the best for all backup scenarios due to their speed and simplicity, but they overlook that AWS Backup with S3 provides superior cost efficiency and lifecycle management for long-term retention and archival.

107
MCQmedium

An SAP administrator applies the IAM policy shown in the exhibit to an IAM user. The administrator reports that the user can start and stop EC2 instances but cannot tag them. Why is the user unable to tag instances?

A.The user does not have permission to describe instances.
B.The resource ARN is too restrictive.
C.There is an implicit deny for all actions not listed.
D.The policy does not include the ec2:CreateTags action.
AnswerD

Tagging requires ec2:CreateTags action.

Why this answer

Option B is correct because the policy does not include ec2:CreateTags action. Option A is wrong because ec2:DescribeInstances is allowed but does not grant tagging. Option C is wrong because the resource is set to instance/* but tagging is an action, not a resource constraint.

Option D is wrong because there is no explicit deny.

108
MCQmedium

A company is migrating an SAP Business Suite system to AWS. The system has a large database and requires high network throughput between the application and database tiers. Which Amazon EC2 placement group strategy should be used?

A.Spread placement group
B.Partition placement group
C.Cluster placement group
D.No placement group
AnswerC

Cluster groups provide low-latency, high-throughput within an AZ.

Why this answer

Option C is correct because a cluster placement group provides low-latency, high-throughput connectivity within a single Availability Zone, which is optimal for application and database tier communication. Option A is wrong because spread placement groups are for high availability and reduce correlated failures, not for low latency. Option B is wrong because partition placement groups are for large distributed workloads.

Option D is wrong because no placement group would not guarantee low latency.

109
Multi-Selecteasy

Which TWO AWS services can be used to monitor the performance of SAP applications? (Select two.)

Select 2 answers
A.Amazon CloudWatch
B.AWS Config
C.AWS Shield
D.AWS CloudTrail
E.AWS X-Ray
AnswersA, E

CloudWatch collects metrics and logs from SAP infrastructure.

Why this answer

Amazon CloudWatch is correct because it provides comprehensive monitoring for SAP applications by collecting metrics such as CPU utilization, memory usage, disk I/O, and network throughput from EC2 instances running SAP. You can set custom CloudWatch alarms to trigger actions when SAP-specific performance thresholds are breached, and integrate with SAP's CCMS (Computing Center Management System) via the AWS SAP Monitoring agent to pull SAP application-level metrics like dialog response times and buffer hit ratios.

Exam trap

The trap here is that candidates often confuse AWS CloudTrail (audit logging) with CloudWatch (monitoring), or assume AWS Config can monitor performance because it tracks resource state changes, but neither provides the real-time metric collection needed for SAP performance analysis.

110
MCQeasy

A company is running SAP Business Suite on AWS and needs to back up the SAP HANA database daily. Which AWS service can be used to automate HANA backups to Amazon S3?

A.AWS Storage Gateway
B.Amazon EBS snapshots
C.AWS Backup
D.AWS DataSync
AnswerC

AWS Backup can orchestrate SAP HANA backups to S3 with application consistency.

Why this answer

AWS Backup is the correct service because it provides a fully managed, policy-based backup solution that natively supports SAP HANA databases running on Amazon EC2. It automates the creation, retention, and deletion of HANA backups directly to Amazon S3 using the Backint agent, eliminating the need for custom scripts or manual intervention.

Exam trap

The trap here is that candidates often confuse AWS Backup with EBS snapshots, assuming that block-level snapshots are sufficient for database backups, but they fail to recognize that SAP HANA requires application-consistent backups managed through its own backup catalog and the Backint interface.

How to eliminate wrong answers

Option A is wrong because AWS Storage Gateway is a hybrid storage service for on-premises integration with AWS storage, not a backup automation service for SAP HANA; it cannot orchestrate HANA-specific backups or use the Backint interface. Option B is wrong because Amazon EBS snapshots capture the entire volume at the block level, which is not crash-consistent for a running SAP HANA database and does not support HANA's log backup or point-in-time recovery requirements; they also lack integration with HANA's backup catalog. Option D is wrong because AWS DataSync is designed for high-speed data transfer between on-premises storage and AWS, not for automating database backups; it cannot trigger HANA backup jobs or manage backup retention policies.

111
MCQhard

An SAP administrator notices that the SAP HANA database is running on an EC2 instance with a single EBS volume for /hana/data and /hana/log. The system is experiencing high latency during write operations. What is the most cost-effective design change to improve performance?

A.Create separate EBS volumes for /hana/data and /hana/log, attaching them to the instance
B.Use an Instance Store volume for /hana/data
C.Modify the EBS volume to use Provisioned IOPS (io2) with higher IOPS
D.Increase the size of the existing EBS volume to gain more throughput
AnswerA

Separating data and log volumes eliminates contention and improves write latency cost-effectively.

Why this answer

Option A is correct because SAP HANA requires separate EBS volumes for /hana/data and /hana/log to avoid I/O contention. When both directories share a single volume, write operations to the log (sequential) and data (random) compete for the same queue depth and bandwidth, causing high latency. Separating them allows each workload to use dedicated IOPS and throughput, which is the most cost-effective fix without upgrading to premium volume types.

Exam trap

The trap here is that candidates often choose Provisioned IOPS (io2) or volume size increases, thinking more performance is needed, when the real issue is I/O contention from sharing a single volume between two distinct workload types.

How to eliminate wrong answers

Option B is wrong because Instance Store volumes are ephemeral and do not persist data across instance stops or terminations, making them unsuitable for SAP HANA database files that require durability. Option C is wrong because switching to Provisioned IOPS (io2) increases cost significantly without addressing the root cause of I/O contention between /hana/data and /hana/log; separation is more cost-effective. Option D is wrong because simply increasing the size of the existing EBS volume does not resolve the contention between the two workloads; throughput gains from size increases are marginal and do not eliminate queueing delays from mixed access patterns.

112
MCQhard

A company is running SAP Business Suite on AWS. The SAP application servers are behind an Application Load Balancer (ALB). Users are experiencing session timeouts because the ALB is distributing requests to different application servers. What should the company configure on the ALB to maintain session stickiness?

A.Use a Network Load Balancer instead of an Application Load Balancer.
B.Enable sticky sessions using the ALB-generated cookie.
C.Enable cross-zone load balancing on the ALB.
D.Enable path-based routing to route all requests from a user to the same server.
AnswerB

Sticky sessions ensure user requests go to the same server.

Why this answer

Option C is correct because Application Load Balancers support sticky sessions using cookies (either application-generated or AWS-generated). This ensures that a user's requests are sent to the same target group member. Option A is incorrect because path-based routing is for routing requests based on URL path, not for session stickiness.

Option B is incorrect because cross-zone load balancing distributes traffic across all zones, but does not ensure stickiness. Option D is incorrect because a Network Load Balancer does not natively support sticky sessions for SAP.

113
MCQhard

An SAP system on AWS is using an Oracle database. The company wants to implement automated backups to Amazon S3. Which AWS service should be used to orchestrate the backup process?

A.Amazon RDS for Oracle
B.AWS Backup
C.Amazon S3 Lifecycle policies
D.AWS Database Migration Service (DMS)
AnswerB

AWS Backup can automate backups of Oracle databases to S3.

Why this answer

Option A is correct because AWS Backup supports Oracle databases and can automate backups to S3. Option B is wrong because DMS is for migration, not backups. Option C is wrong because RDS is a managed service, not applicable to self-managed Oracle.

Option D is wrong because S3 Lifecycle policies manage object lifecycle, not backup orchestration.

114
MCQhard

A company is running a mission-critical SAP S/4HANA system on AWS in the us-east-1 region. The system uses a two-tier architecture with the SAP application server and HANA database on the same EC2 instance. The instance type is an r5.24xlarge with 12 x 2 TB gp3 EBS volumes striped using LVM. The HANA data volume is 10 TB. The company has a disaster recovery (DR) requirement with an RPO of 15 minutes and an RTO of 4 hours. The DR site must be in us-west-2. The company currently takes daily EBS snapshots of the data volume and copies them to us-west-2. However, they are not meeting the RPO. The operations team is considering implementing SAP HANA System Replication (HSR) asynchronously to the DR region. However, network latency between us-east-1 and us-west-2 averages 60 ms. The SAP HANA database has a heavy write workload, with average log writes of 500 MB/sec. The team is concerned that the replication may fall behind and cause data loss. What should the team do to meet the DR requirements while minimizing data loss?

A.Implement HSR asynchronously and also enable HANA log backups to an S3 bucket in us-west-2.
B.Switch to synchronous replication to ensure zero data loss.
C.Increase the HANA log buffer size to reduce the frequency of log flushes, so that less data is sent over the network.
D.Use HSR with multiple replicas in us-west-2 to improve replication speed.
AnswerA

Log backups provide an additional recovery point if replication lags.

Why this answer

Option A is correct because combining asynchronous HANA System Replication (HSR) with HANA log backups to an S3 bucket in us-west-2 provides a dual-layer protection strategy. Asynchronous HSR will replicate log changes in near real-time, but given the 60 ms latency and 500 MB/sec write workload, it may fall behind; the log backups act as a safety net to capture any log data that hasn't been replicated yet, allowing recovery with minimal data loss while still meeting the 15-minute RPO.

Exam trap

The trap here is that candidates assume asynchronous replication alone is sufficient for DR, but they overlook that under high latency and heavy write workloads, the replication lag can exceed the RPO, making a complementary log backup strategy essential to meet the recovery objectives.

How to eliminate wrong answers

Option B is wrong because synchronous replication requires sub-millisecond latency to avoid impacting application performance; with 60 ms latency between us-east-1 and us-west-2, synchronous HSR would cause severe write latency and likely timeouts, making it impractical for a heavy write workload. Option C is wrong because increasing the HANA log buffer size does not reduce the frequency of log flushes; log flushes are triggered by transaction commits and log buffer fullness, so a larger buffer only delays flushing but does not reduce the amount of data sent over the network per second, and it can increase data loss risk if the instance crashes before a flush. Option D is wrong because using multiple replicas in us-west-2 does not improve replication speed; HSR with multiple replicas adds overhead and complexity without addressing the fundamental latency bottleneck, and it does not reduce the risk of falling behind under high write loads.

115
MCQmedium

A company is running SAP on AWS and needs to back up their SAP HANA database daily. The backup must be stored cost-effectively and retained for 7 years for compliance. Which AWS service should be used for long-term backup storage?

A.Amazon S3 One Zone-IA
B.Amazon S3 Standard
C.Amazon S3 Glacier Deep Archive
D.Amazon EBS Snapshots
AnswerC

Most cost-effective for long-term archival.

Why this answer

Option B is correct because S3 Glacier Deep Archive is the most cost-effective storage class for long-term retention of backups. Option A is wrong because S3 Standard is too expensive for 7-year retention. Option C is wrong because EBS Snapshots are not designed for long-term archival and have higher cost.

Option D is wrong because S3 One Zone-IA is not suitable for long-term retention due to lower durability and potential data loss in case of facility failure.

116
MCQhard

An SAP system on AWS is experiencing high CPU utilization on the application server during peak hours. The SAP administrator wants to add a new application server instance to distribute the load. Which AWS service should be used to automatically register the new instance with the existing SAP system's load balancer?

A.Auto Scaling group
B.AWS Lambda
C.Amazon SQS
D.AWS CloudFormation
AnswerA

Auto Scaling can automatically register new instances with a load balancer.

Why this answer

An Auto Scaling group can automatically launch new EC2 instances based on scaling policies (e.g., when CPU utilization exceeds a threshold) and, when configured with a lifecycle hook or a launch template that includes a user-data script, can register the new instance with the existing SAP system's load balancer (such as an Application Load Balancer or Classic Load Balancer). This ensures the new application server is automatically added to the load balancer target group, distributing incoming traffic without manual intervention.

Exam trap

The trap here is that candidates may confuse Auto Scaling groups with CloudFormation, thinking that CloudFormation can dynamically register instances, but CloudFormation is a provisioning tool that does not handle real-time auto-registration of instances with a load balancer.

How to eliminate wrong answers

Option B is wrong because AWS Lambda is a serverless compute service for running code in response to events, not a service for automatically registering instances with a load balancer; while it could be used in a custom solution, it is not the native AWS service designed for this purpose. Option C is wrong because Amazon SQS is a message queuing service for decoupling application components, not a service that manages instance registration with a load balancer. Option D is wrong because AWS CloudFormation is an infrastructure-as-code service for provisioning resources, but it does not automatically register new instances with a load balancer in real time; it would require manual or scheduled updates to the stack.

117
MCQhard

A company is designing a disaster recovery strategy for SAP S/4HANA. The primary site is in us-east-1 and the DR site is in us-west-2. The RPO must be less than 30 minutes and RTO less than 2 hours. Which approach meets these requirements?

A.Configure HANA System Replication in asynchronous mode with automatic takeover
B.Configure HANA System Replication in synchronous mode across regions
C.Take nightly backups to S3 and restore in DR
D.Use AWS Backup to copy daily snapshots to DR region
AnswerA

Async replication can meet <30 min RPO and with pre-provisioned DR instances, RTO <2 hours.

Why this answer

Option A is correct because HANA System Replication in asynchronous mode with automatic takeover meets the RPO of less than 30 minutes and RTO of less than 2 hours. Asynchronous replication provides near-real-time data transfer across AWS regions with minimal impact on primary performance, and automatic takeover enables fast failover to the DR instance, satisfying the RTO requirement.

Exam trap

The trap here is that candidates confuse synchronous mode as more reliable for DR, but fail to recognize that cross-region latency makes synchronous replication impractical, while asynchronous mode with automatic takeover is the standard AWS-recommended approach for SAP HANA disaster recovery.

How to eliminate wrong answers

Option B is wrong because HANA System Replication in synchronous mode across regions introduces high latency and potential transaction blocking, making it impractical for cross-region setups and unable to meet the RPO/RTO without significant performance degradation. Option C is wrong because nightly backups to S3 cannot achieve an RPO of less than 30 minutes, as backups are taken only once per day, and restoring from S3 typically exceeds the 2-hour RTO due to data transfer and recovery time. Option D is wrong because AWS Backup copying daily snapshots to the DR region results in an RPO of at least 24 hours, far exceeding the 30-minute requirement, and snapshot restoration is slower than HANA System Replication failover.

118
MCQmedium

A company is migrating its SAP HANA database to AWS. The database requires high I/O and low latency. Which storage option should be used for the /hana/data volume?

A.io2 EBS volume
B.gp3 EBS volume
C.Amazon S3
D.Amazon EFS
AnswerA

io2 EBS volumes provide high IOPS and low latency required for SAP HANA data.

Why this answer

The /hana/data volume for SAP HANA requires high I/O and low latency, which is best met by io2 EBS volumes. io2 volumes are provisioned IOPS SSD volumes designed for latency-sensitive transactional workloads, offering up to 64,000 IOPS per volume and 99.999% durability, making them ideal for SAP HANA data files.

Exam trap

The trap here is that candidates often confuse gp3's high baseline performance with suitability for production SAP HANA, but the exam expects knowledge that only io2 (or io1) volumes meet the strict latency and IOPS consistency requirements for /hana/data as per SAP's official guidance.

How to eliminate wrong answers

Option B (gp3 EBS volume) is wrong because gp3 volumes are general-purpose SSDs with baseline performance that may not sustain the consistently high IOPS and sub-millisecond latency required for SAP HANA /hana/data, especially under heavy write loads. Option C (Amazon S3) is wrong because S3 is an object storage service with higher latency and no file system semantics, making it unsuitable for database block-level storage. Option D (Amazon EFS) is wrong because EFS is a network file system (NFS) that introduces additional latency and throughput variability compared to block storage, and it is not supported for SAP HANA data volumes.

119
MCQhard

A company runs SAP Business Suite on AWS. They notice that their SAP application servers are not evenly distributing load across multiple instances. They have configured an Application Load Balancer (ALB) in front of the SAP Web Dispatchers. What is the MOST likely cause of uneven load distribution?

A.Sticky sessions (session stickiness) are enabled on the ALB.
B.The ALB health check interval is too short.
C.Cross-zone load balancing is enabled.
D.The ALB is using the least outstanding requests routing algorithm.
AnswerA

Sticky sessions cause uneven distribution with long-lived sessions.

Why this answer

When sticky sessions (session stickiness) are enabled on an Application Load Balancer, the ALB uses a cookie to bind a client's session to a specific target (SAP Web Dispatcher). This prevents the load balancer from distributing subsequent requests from that client to other healthy targets, causing an uneven distribution of load across the SAP application servers, especially if a few clients generate a disproportionate number of requests.

Exam trap

The trap here is that candidates often assume sticky sessions are always beneficial for stateful applications, but they fail to recognize that sticky sessions directly contradict the goal of even load distribution by pinning clients to specific targets.

How to eliminate wrong answers

Option B is wrong because a short health check interval would cause the ALB to mark targets as unhealthy more frequently, potentially removing them from the rotation, but it would not cause uneven distribution of load across healthy instances; it would simply reduce the number of available targets. Option C is wrong because cross-zone load balancing is enabled by default on ALBs and actually improves load distribution by evenly routing traffic across all targets in all enabled Availability Zones, so it would not cause uneven load. Option D is wrong because the least outstanding requests routing algorithm is designed to send traffic to the target with the fewest pending requests, which actively promotes even load distribution, not uneven distribution.

120
Multi-Selecthard

An SAP administrator needs to ensure high availability for SAP NetWeaver ABAP stack on AWS. Which three components should be configured in a multi-AZ active/passive cluster? (Select THREE.)

Select 3 answers
A.Enqueue Replication Server (ERS).
B.ABAP SAP Central Services (ASCS).
C.Database instance.
D.SAP Gateway.
E.Dialog instances.
AnswersA, B, C

ERS works with ASCS for failover.

Why this answer

The Enqueue Replication Server (ERS) is a critical component in an SAP NetWeaver ABAP stack active/passive cluster because it replicates the lock table from the primary ASCS instance to the standby node. In a multi-AZ setup, this ensures that if the primary ASCS fails, the standby can take over with minimal disruption, as the lock state is preserved. Without ERS, a failover would require all locked resources to be released, causing data inconsistencies or application errors.

Exam trap

AWS often tests the misconception that all SAP components must be in an active/passive cluster for high availability, but only stateful components like ASCS, ERS, and the database require this; stateless components like SAP Gateway and Dialog instances can be distributed across AZs in an active/active manner.

121
MCQeasy

A company is setting up a disaster recovery (DR) site for SAP on AWS. They need to replicate the SAP HANA database to another region. Which AWS service is BEST suited for this?

A.SAP HANA System Replication
B.AWS Backup cross-region copy
C.AWS Database Migration Service (DMS)
D.Amazon S3 Cross-Region Replication
AnswerA

HANA System Replication is designed for cross-region DR.

Why this answer

SAP HANA System Replication (HSR) is the native, SAP-supported mechanism for replicating HANA databases asynchronously or synchronously across regions. It replicates at the database level using log shipping and is the only option that maintains full SAP HANA consistency, transaction integrity, and support for takeover in a DR scenario.

Exam trap

The trap here is that candidates confuse general-purpose AWS backup or replication services (like AWS Backup or S3 CRR) with SAP-specific replication, assuming any cross-region copy can serve as DR, but only HSR provides the required database-level consistency and SAP certification for HANA DR.

How to eliminate wrong answers

Option B (AWS Backup cross-region copy) is wrong because it creates point-in-time snapshots of the entire HANA instance, not continuous log replication, leading to potential data loss and longer recovery time objectives (RTO/RPO) unsuitable for SAP HANA DR. Option C (AWS Database Migration Service) is wrong because DMS is designed for one-time or ongoing migration between heterogeneous databases, not for continuous replication of a live SAP HANA system with full transaction consistency and failover support. Option D (Amazon S3 Cross-Region Replication) is wrong because S3 CRR replicates objects in S3 buckets, not database files or logs, and cannot maintain the transactional state of a running HANA database.

122
MCQhard

An SAP Basis team is migrating an SAP Business Suite system to AWS. The system has a large number of background jobs and requires consistent performance for batch processing. Which Amazon EC2 instance type is most suitable for this workload?

A.i3.2xlarge
B.g4dn.xlarge
C.z1d.xlarge
D.t3.large
AnswerC

z1d instances offer high CPU frequency and large memory, suitable for SAP batch workloads.

Why this answer

The z1d.xlarge instance is most suitable because it offers a high baseline clock speed of up to 4.0 GHz with Intel Turbo Boost, which is critical for SAP Business Suite batch processing workloads that are CPU-bound and sensitive to single-threaded performance. SAP background jobs often require consistent, high-frequency CPU performance to meet batch window SLAs, and the z1d family is specifically designed for such high-performance, memory-intensive SAP workloads on AWS.

Exam trap

The trap here is that candidates often confuse storage-optimized instances (i3) with compute-optimized needs, or mistakenly think burstable instances (t3) can handle sustained batch loads due to their low cost, ignoring CPU credit exhaustion and performance throttling.

How to eliminate wrong answers

Option A (i3.2xlarge) is wrong because it is an instance optimized for high-speed NVMe SSD storage and low-latency I/O, not for high CPU clock speed; it is intended for database workloads like SAP HANA, not for CPU-bound batch processing. Option B (g4dn.xlarge) is wrong because it is a GPU-accelerated instance designed for machine learning and graphics workloads, not for SAP batch jobs that do not leverage GPU compute. Option D (t3.large) is wrong because it is a burstable performance instance that uses CPU credits; sustained batch processing would deplete credits and throttle performance, making it unsuitable for consistent batch processing requirements.

123
MCQeasy

A company is designing a new SAP environment on AWS. The SAP application servers communicate with the database over the network. The architect wants to minimize latency and maximize throughput. Which placement strategy should the architect use?

A.Place all servers in a single Availability Zone and use a cluster placement group.
B.Place the application servers in one Availability Zone and the database in a different Availability Zone.
C.Place the application servers in one VPC and the database in a different VPC connected via VPC peering.
D.Place the application servers in one AWS Region and the database in another Region.
AnswerA

Cluster placement group provides low latency and high throughput.

Why this answer

A cluster placement group is the correct choice because it provides the lowest possible latency and highest throughput by ensuring that all SAP application and database servers are placed in close physical proximity within a single Availability Zone. This placement minimizes network hops and leverages non-blocking, high-bandwidth networking, which is critical for SAP's latency-sensitive communication between application and database layers.

Exam trap

The trap here is that candidates may assume spreading resources across multiple Availability Zones improves availability, but for SAP workloads requiring minimal latency, a single-AZ cluster placement group is the correct performance optimization, even though it sacrifices AZ-level fault tolerance.

How to eliminate wrong answers

Option B is wrong because placing the application servers and database in different Availability Zones introduces cross-AZ network latency (typically 1-2 ms) and additional data transfer costs, which degrades SAP performance. Option C is wrong because using separate VPCs connected via VPC peering adds extra network hops and does not guarantee the same physical proximity or bandwidth as a single VPC, increasing latency. Option D is wrong because inter-Region latency (often 10-100 ms) is far too high for SAP's real-time database communication, making it impractical for production workloads.

124
MCQhard

A company is running a large SAP S/4HANA production system on AWS. The system consists of a single HANA database instance running on an r5.24xlarge EC2 instance (with 768 GB of RAM), and multiple application server instances behind an Application Load Balancer. The database uses six EBS io1 volumes for data and log files, each with 20,000 provisioned IOPS. The application servers are in an Auto Scaling group. Recently, the company experienced a prolonged database outage when the primary EC2 instance failed. The recovery took over 4 hours because a new instance had to be launched and snapshots restored. The company wants to improve the Recovery Time Objective (RTO) to less than 30 minutes for the HANA database. They also want to minimize data loss with an RPO of less than 5 minutes. The company has a second AWS region (us-west-2) available for disaster recovery but prefers to keep costs low for the DR site. Which solution should the company implement?

A.Configure SAP HANA System Replication to a standby instance in the same region but use a larger instance to ensure capacity.
B.Configure automated Amazon EBS snapshots every 5 minutes and create an AMI for the HANA instance. In the event of a failure, launch a new instance from the AMI in the same Availability Zone.
C.Set up SAP HANA System Replication to a standby HANA instance in a different Availability Zone. Use a smaller instance type for the standby to reduce costs. Automate failover using a cluster manager like Pacemaker.
D.Use Amazon RDS for SAP HANA with Multi-AZ deployment to automatically failover to a standby in another Availability Zone.
AnswerC

HSR with failover can achieve RTO < 30 minutes and RPO < 5 minutes.

Why this answer

Option C is correct because SAP HANA System Replication (HSR) provides near-synchronous replication with a typical RPO of seconds and can be configured with automatic takeover to a standby instance in another Availability Zone. The standby can be a smaller instance (e.g., r5.12xlarge) to reduce costs. The takeover can be automated with Pacemaker, achieving RTO of minutes.

Option A is incorrect because a new EC2 instance launch and snapshot restore cannot achieve 30-minute RTO. Option B is incorrect because Multi-AZ RDS is not for HANA. Option D is incorrect because HSR to a smaller instance in the same region provides DR but does not use the second region as specified.

125
MCQhard

An SAP system on AWS is experiencing intermittent connectivity issues between the SAP application servers and the HANA database server. The network team confirms that the VPC network ACLs and security groups allow all required traffic. However, the issue occurs only during peak load. What is the most likely cause?

A.The TCP segmentation offload (TSO) is causing packet drops.
B.The EBS-optimized instance is not providing enough bandwidth for the database workload.
C.The Elastic Network Adapter (ENA) is not enabled on the instance.
D.The instance is using IPv6 addresses for communication.
AnswerB

EBS bandwidth can bottleneck network performance.

Why this answer

Option B is correct because EBS-optimized instances provide dedicated bandwidth for EBS traffic, and during peak load, the database workload may exceed the available EBS bandwidth, causing network I/O throttling and intermittent connectivity. This manifests as packet drops or timeouts between SAP application servers and the HANA database, even though security groups and ACLs are correctly configured.

Exam trap

The trap here is that candidates often assume network ACLs or security groups are misconfigured, but the issue is actually a resource contention problem at the EBS bandwidth level, which only manifests under peak load.

How to eliminate wrong answers

Option A is wrong because TCP segmentation offload (TSO) offloads TCP segmentation to the NIC, reducing CPU overhead and typically improving performance; it does not cause packet drops under load. Option C is wrong because the Elastic Network Adapter (ENA) is a virtual NIC that provides higher throughput and lower latency, and if it were not enabled, the issue would be persistent, not intermittent during peak load. Option D is wrong because using IPv6 addresses for communication does not inherently cause intermittent connectivity issues; IPv6 is fully supported on AWS and would not degrade only under load.

126
MCQhard

An SAP HANA database on AWS is using EBS gp3 volumes with 3000 IOPS. The database team observes that the write latency is high during peak hours. The EBS volume is not exceeding its bandwidth limit. What is the most likely cause?

A.The EBS volume is not attached as a dedicated EBS bandwidth volume.
B.The EBS volume's IOPS limit is being reached, causing queuing.
C.The EC2 instance's EBS bandwidth is saturated.
D.The EC2 instance does not have EBS optimization enabled.
AnswerB

3000 IOPS may be insufficient, leading to high queue depth and latency.

Why this answer

The correct answer is B because the observed high write latency during peak hours, despite the EBS volume not exceeding its bandwidth limit, indicates that the volume's IOPS limit of 3000 is being reached. When the IOPS limit is hit, the EBS volume queues I/O requests, which increases latency. This is a classic symptom of IOPS saturation rather than bandwidth saturation.

Exam trap

The trap here is that candidates confuse IOPS limits with bandwidth limits, assuming high latency must be due to bandwidth saturation, but the question explicitly rules out bandwidth as the cause, pointing directly to IOPS queuing.

How to eliminate wrong answers

Option A is wrong because there is no such concept as a 'dedicated EBS bandwidth volume' in AWS; EBS bandwidth is determined by the EC2 instance type and volume type, not by a dedicated attachment setting. Option C is wrong because the question explicitly states the EBS volume is not exceeding its bandwidth limit, so the EC2 instance's EBS bandwidth is not saturated. Option D is wrong because EBS optimization is enabled by default on all current-generation EC2 instances, and if it were disabled, the instance would be throttled at the network level, not specifically cause write latency only during peak hours without bandwidth saturation.

127
Multi-Selectmedium

Which TWO of the following are best practices for running SAP HANA on AWS?

Select 2 answers
A.Use RAID 0 across multiple EBS volumes to increase IOPS.
B.Deploy the HANA database in multiple Availability Zones for high availability.
C.Store HANA data and log files on Amazon S3.
D.Use EBS-optimized instances for dedicated storage throughput.
E.Use burstable instance types for cost savings.
AnswersB, D

Multi-AZ is key for HA.

Why this answer

Deploying the HANA database in multiple Availability Zones is a best practice for high availability because it protects against an entire AZ failure. SAP HANA supports system replication (HSR) in synchronous or synchronous-memory mode across AZs, enabling automatic failover with minimal data loss. This aligns with the AWS Well-Architected Framework's reliability pillar for critical SAP workloads.

Exam trap

The trap here is that candidates often confuse high availability (multi-AZ) with disaster recovery (multi-Region), or they assume RAID 0 is a performance best practice without considering the data integrity risks for a mission-critical database like SAP HANA.

128
MCQhard

A company runs SAP ECC on AWS with a multi-ASCS architecture for high availability. During a failover test, the secondary ASCS instance does not take over. The cluster logs indicate that the 'aws-cluster' resource agent failed to release the Elastic IP. What is the MOST likely cause?

A.The Elastic IP is associated with the primary private IP address of the ENI.
B.The Elastic IP is in a different Availability Zone than the secondary ASCS instance.
C.The cluster is using a NAT Gateway for outbound traffic, conflicting with the Elastic IP.
D.The IAM role assigned to the instances does not have permission to release the Elastic IP.
AnswerA

EIPs are associated with private IPs; if it's on the primary IP, the ENI cannot be moved without detaching. A secondary IP allows reassignment.

Why this answer

In a multi-ASCS SAP cluster on AWS, the 'aws-cluster' resource agent manages Elastic IP (EIP) failover by disassociating the EIP from the primary instance and associating it with the secondary instance. If the EIP is associated with the primary private IP address of the Elastic Network Interface (ENI) rather than the ENI itself, the resource agent cannot release it because the association is at the IP level, not the ENI level. This prevents the secondary ASCS instance from acquiring the EIP, causing the failover to fail.

Exam trap

The trap here is that candidates often assume IAM permissions (Option D) are the root cause of any AWS resource management failure, but the specific log message about 'failed to release' points to a technical limitation of the resource agent with IP-level EIP associations, not an authorization issue.

How to eliminate wrong answers

Option B is wrong because Elastic IPs are regional resources that can be associated with instances in any Availability Zone within the same region; a different AZ does not prevent release or association. Option C is wrong because a NAT Gateway is used for outbound internet traffic and does not conflict with Elastic IP operations; the cluster resource agent interacts directly with the EC2 API to manage EIPs, independent of NAT Gateway routing. Option D is wrong because the IAM role permissions issue would typically cause an authorization error in the logs, but the question states the logs indicate the resource agent 'failed to release the Elastic IP' — this points to a technical limitation of the agent, not a permissions failure.

129
MCQmedium

A company is planning to run SAP NetWeaver on AWS and wants to use Auto Scaling for the application server tier. Which consideration is critical when implementing Auto Scaling for SAP application servers?

A.Ensure the database can scale automatically with the application tier.
B.Enable termination protection on all Auto Scaling instances.
C.Use encrypted EBS volumes for all instances.
D.Automatically register new instances with the SAP Central Services instance.
AnswerD

New app servers must be registered with ASCS to join the SAP system.

Why this answer

Option D is correct because SAP application servers must be registered with the SAP Central Services instance (ASCS/SCS) to be recognized as part of the SAP system. Auto Scaling can launch new instances, but without automatic registration via sapstartsrv or the SAP Host Agent, the new instances will not be able to communicate with the Central Services instance, and the SAP system will not utilize them for workload.

Exam trap

The trap here is that candidates often focus on infrastructure-level concerns like encryption or termination protection, overlooking the application-level dependency that SAP application servers must be explicitly registered with Central Services to function as part of the SAP system.

How to eliminate wrong answers

Option A is wrong because the database tier in an SAP NetWeaver landscape is typically a single, stateful component that cannot be scaled automatically with the application tier; Auto Scaling is designed for stateless application servers, and the database must be scaled independently, often requiring manual intervention or separate database clustering solutions. Option B is wrong because termination protection is a safety feature to prevent accidental deletion of instances, but it is not a critical consideration for implementing Auto Scaling for SAP application servers; in fact, Auto Scaling requires the ability to terminate instances during scale-in events, and enabling termination protection would break the scaling process. Option C is wrong while encrypted EBS volumes are a security best practice, they are not a critical consideration specific to Auto Scaling for SAP application servers; encryption does not affect the ability to scale or register instances with Central Services.

130
MCQmedium

A company is migrating its SAP HANA database to AWS and needs to choose the most appropriate EC2 instance type. The workload requires high memory bandwidth and is CPU-intensive. Which instance family would best meet these requirements?

A.M5 instance family
B.I3 instance family
C.C5 instance family
D.X1e instance family
AnswerD

X1e instances are memory-optimized with high memory bandwidth, ideal for SAP HANA workloads.

Why this answer

The X1e instance family is purpose-built for high-memory, CPU-intensive SAP HANA workloads, offering up to 3.9 TB of memory and high memory bandwidth per vCPU. This aligns with SAP HANA's requirement for large in-memory databases and compute-intensive processing, making D the correct choice.

Exam trap

The trap here is that candidates often confuse compute-optimized (C5) or storage-optimized (I3) families with SAP HANA requirements, overlooking that SAP HANA's in-memory nature demands memory-optimized instances like X1e with high memory bandwidth and capacity, not just raw CPU or I/O performance.

How to eliminate wrong answers

Option A is wrong because the M5 instance family is a general-purpose option that balances compute, memory, and networking, but lacks the high memory bandwidth and large memory capacity required for SAP HANA. Option B is wrong because the I3 instance family is storage-optimized with high local NVMe SSD performance, designed for I/O-intensive workloads like databases with high throughput, not for CPU-intensive, high-memory-bandwidth SAP HANA. Option C is wrong because the C5 instance family is compute-optimized, focusing on high CPU performance for workloads like batch processing or web servers, but it does not provide the large memory footprint or memory bandwidth needed for SAP HANA in-memory operations.

131
Multi-Selecteasy

A company is deploying SAP on AWS and needs to ensure high availability for the SAP application servers. Which TWO strategies can be used to achieve this? (Choose TWO.)

Select 2 answers
A.Use Amazon RDS Multi-AZ for the application tier
B.Use a single large EC2 instance with an Elastic IP
C.Use an Auto Scaling group with an Application Load Balancer
D.Attach the same EBS volume to multiple instances
E.Deploy application servers in multiple Availability Zones
AnswersC, E

Auto Scaling replaces failed instances, ALB distributes traffic.

Why this answer

Option A and Option B are correct. Deploying across multiple Availability Zones and using an Auto Scaling group with a load balancer provides HA and scalability. Option C is wrong because a single instance does not provide HA.

Option D is wrong because EBS Multi-Attach is limited and not for application servers. Option E is wrong because RDS is for databases, not application servers.

132
MCQmedium

A company is designing a highly available SAP HANA system on AWS. They need to replicate data synchronously to a secondary site in a different Availability Zone. Which AWS service should they use?

A.Amazon S3 cross-region replication
B.AWS Database Migration Service (DMS)
C.Amazon RDS Multi-AZ
D.SAP HANA System Replication (HSR)
AnswerD

HSR is SAP's native replication for HANA.

Why this answer

Option B is correct because the SAP HANA System Replication (HSR) with synchronous replication is the standard approach for HA across AZs. Options A, C, and D are not SAP HANA replication mechanisms.

133
MCQmedium

An SAP administrator created the IAM policy shown in the exhibit to allow a monitoring tool to start and stop SAP application servers tagged with Environment=Production. When testing the policy, the tool fails to start an instance. What is the most likely cause?

A.The policy requires the instance to be stopped before starting.
B.The policy is missing the ec2:DescribeInstances action.
C.The policy does not allow starting instances that are already running.
D.The resource ARN does not match the instance ID.
AnswerC

ec2:StartInstances only works on stopped instances; attempting to start a running instance fails.

Why this answer

Option C is correct because the policy uses a condition that checks if the instance is already running (`ec2:InstanceState/Name` equals `running`). The `ec2:StartInstances` action is only allowed when the instance is in the `running` state, but starting an instance requires it to be in the `stopped` state. This mismatch causes the start action to fail for production-tagged instances.

Exam trap

The trap here is that candidates assume the condition `ec2:InstanceState/Name` equals `running` is correct for starting instances, confusing the required state for start (stopped) with the state for stop (running).

How to eliminate wrong answers

Option A is wrong because the policy does not require the instance to be stopped before starting; the condition incorrectly requires the instance to be running, which is the opposite of what is needed for a start operation. Option B is wrong because the `ec2:DescribeInstances` action is not required for starting instances; the `ec2:StartInstances` action alone is sufficient, and the failure is due to the condition, not a missing action. Option D is wrong because the resource ARN uses a wildcard (`*`) for the instance ID, which matches any instance ID, so the ARN format is not the issue.

134
MCQeasy

A company is running SAP HANA on an r5.8xlarge instance. They want to scale up to meet increased memory requirements. Which instance family would be the MOST suitable for a scale-up scenario?

A.x1e.32xlarge
B.r5.24xlarge
C.i3.16xlarge
D.c5.18xlarge
AnswerA

x1e is designed for large SAP HANA scale-up.

Why this answer

The x1e.32xlarge instance is part of the X1e family, which is specifically designed for high-memory workloads like SAP HANA. With 3,904 GiB of memory, it provides the largest memory capacity among AWS instances, making it the most suitable for scaling up SAP HANA to meet increased memory requirements. SAP HANA is an in-memory database, so scaling up requires instances with high memory-to-vCPU ratios, which the X1e family delivers.

Exam trap

The trap here is that candidates may choose the r5.24xlarge because it is memory-optimized, but they overlook that the X1e family offers much higher memory capacity specifically required for SAP HANA scale-up scenarios.

How to eliminate wrong answers

Option B (r5.24xlarge) is wrong because while the R5 family is memory-optimized, it offers only 768 GiB of memory, which is significantly less than the x1e.32xlarge and may not meet the increased memory requirements for a scale-up scenario. Option C (i3.16xlarge) is wrong because the I3 family is storage-optimized with high local NVMe SSD performance, not designed for large memory capacity; it provides only 488 GiB of memory, which is insufficient for SAP HANA scale-up. Option D (c5.18xlarge) is wrong because the C5 family is compute-optimized, focusing on high CPU performance with only 144 GiB of memory, making it completely unsuitable for memory-intensive SAP HANA workloads.

135
MCQeasy

An SAP system on AWS requires persistent storage for its database logs. Which storage option should be used to meet the performance requirements of SAP HANA?

A.Instance store volumes
B.Amazon EBS io2 Block Express volumes
C.Amazon S3
D.Amazon EFS
AnswerB

io2 Block Express offers high IOPS and low latency for HANA.

Why this answer

Option C is correct because SAP HANA requires high-performance, low-latency storage, and EBS io2 Block Express volumes provide consistent low latency and high IOPS. Options A, B, and D do not meet the performance requirements.

136
MCQeasy

An SAP workload on AWS uses a single Availability Zone deployment. The company wants to improve high availability without changing the existing architecture significantly. Which action should be taken?

A.Use an Amazon EBS volume attached to multiple instances across AZs.
B.Add a second SAP application server in a different Availability Zone and configure load balancing.
C.Increase the size of the EC2 instances to handle failover.
D.Enable EBS Multi-Attach on the database volume.
AnswerB

This provides application tier HA across AZs.

Why this answer

Adding a second SAP application server in a different Availability Zone and configuring load balancing provides high availability by distributing traffic across multiple AZs, ensuring that if one AZ fails, the application remains accessible. This approach aligns with SAP's recommended architecture for multi-AZ deployments without requiring significant changes to the existing single-AZ setup, as it only adds an additional application tier instance and a load balancer.

Exam trap

The trap here is that candidates often confuse scaling (increasing instance size) with high availability, or assume EBS Multi-Attach works across Availability Zones, when in fact it is restricted to a single AZ and specific volume types.

How to eliminate wrong answers

Option A is wrong because an Amazon EBS volume cannot be attached to multiple EC2 instances across different Availability Zones; EBS volumes are AZ-specific and can only be attached to instances within the same AZ, and multi-attach is limited to specific volume types and instances within the same AZ. Option C is wrong because increasing the size of EC2 instances does not provide high availability; it only improves performance or capacity for a single instance, which remains a single point of failure in the event of an AZ outage. Option D is wrong because EBS Multi-Attach is only supported for io1 or io2 volumes within a single Availability Zone and cannot be used across AZs; it also does not address application-level high availability and is not suitable for SAP database volumes that require consistent read/write access from multiple instances.

137
Multi-Selectmedium

Which TWO of the following are valid strategies for reducing the total cost of ownership (TCO) for SAP workloads on AWS?

Select 2 answers
A.Schedule start/stop of non-production instances using Instance Scheduler
B.Use Reserved Instances for production systems
C.Use GP2 EBS volumes instead of GP3
D.Use Graviton-based instances for SAP application servers
E.Deploy SAP HANA in Multi-AZ configuration
AnswersA, B

Stops instances when not needed.

Why this answer

Option A is correct because AWS Instance Scheduler allows you to define start and stop schedules for non-production SAP instances, significantly reducing compute costs during off-hours. This is a direct TCO reduction strategy for SAP workloads, as non-production environments often run 24/7 unnecessarily.

Exam trap

The trap here is that candidates may confuse cost-reduction strategies with performance or availability strategies, such as choosing GP2 over GP3 (which actually increases cost) or assuming Graviton is supported for SAP when it is not.

138
MCQmedium

An SAP system running on AWS is experiencing high latency to its S3-backed backup destination. Which architectural change would most effectively reduce backup latency?

A.Configure an S3 Gateway Endpoint in the VPC to route traffic to S3 privately.
B.Increase the size of the EC2 instance running SAP to improve I/O throughput.
C.Move the SAP instance to a different Availability Zone closer to the S3 bucket.
D.Enable S3 Transfer Acceleration on the backup bucket.
AnswerA

An S3 Gateway Endpoint keeps traffic within the AWS network, reducing latency and improving performance.

Why this answer

An S3 Gateway Endpoint provides a private, low-latency path from the SAP EC2 instance to S3 without traversing the public internet or NAT gateways. This eliminates network hops and reduces latency by keeping traffic within the AWS network, directly addressing the high-latency issue for S3-backed backups.

Exam trap

The trap here is that candidates often confuse S3 Transfer Acceleration (which is for long-distance, cross-region speed) with a solution for within-region latency, or assume that moving to a different Availability Zone reduces latency to a regional service like S3.

How to eliminate wrong answers

Option B is wrong because increasing EC2 instance size improves compute and I/O throughput for local storage, but does not reduce network latency to S3, which is the root cause. Option C is wrong because moving the SAP instance to a different Availability Zone does not change the physical distance to the S3 bucket (S3 is a regional service), and may even increase latency if the new AZ is farther from the S3 endpoints. Option D is wrong because S3 Transfer Acceleration optimizes upload speed over long distances via edge locations, but adds overhead and cost; it does not reduce latency for backups within the same region and may actually increase latency for short-distance transfers.

139
MCQmedium

An SAP administrator runs the above CLI command to find the public IP of an m5.2xlarge instance. The output is null. Which of the following is the most likely reason?

A.The security group blocks the public IP
B.The CLI command has a syntax error
C.The instance type m5.2xlarge does not support public IP addresses
D.The instance does not have a public IP address assigned
AnswerD

The instance may be in a private subnet or launched without a public IP.

Why this answer

A null value for Association.PublicIp means the instance does not have a public IP address assigned. Option A is wrong because the instance type does not affect public IP assignment. Option C is wrong because a security group does not assign public IPs.

Option D is wrong because the command syntax is correct.

140
MCQhard

An SAP Basis administrator is troubleshooting a performance issue on a SAP HANA database running on an r5.4xlarge instance with dedicated tenancy. The instance is part of a placement group named 'sap-cluster'. The administrator suspects network throughput is suboptimal. Based on the exhibit, what is the MOST likely reason?

A.Dedicated tenancy prevents the use of Enhanced Networking.
B.The instance type r5.4xlarge does not support Enhanced Networking.
C.The placement group 'sap-cluster' restricts network throughput.
D.The instance is using the Xen hypervisor, which does not support Enhanced Networking with ENA.
AnswerD

Xen hypervisor indicates no Enhanced Networking.

Why this answer

The r5.4xlarge instance uses the Nitro hypervisor, not Xen. However, the exhibit shows that Enhanced Networking is not enabled, and the instance is using the Xen PV network driver. This indicates that the instance was launched with an older Amazon Machine Image (AMI) that does not support the Elastic Network Adapter (ENA).

Without ENA, the instance cannot achieve the high network throughput required for SAP HANA, leading to suboptimal performance.

Exam trap

The trap here is that candidates may assume all modern instance types automatically have Enhanced Networking enabled, but the actual driver and AMI support determine whether ENA is used, and the exhibit's network driver information reveals the root cause.

How to eliminate wrong answers

Option A is wrong because dedicated tenancy does not prevent the use of Enhanced Networking; Enhanced Networking with ENA is supported on dedicated instances. Option B is wrong because the r5.4xlarge instance type fully supports Enhanced Networking with ENA. Option C is wrong because placement groups do not restrict network throughput; they can actually improve network performance by placing instances in close proximity within a single Availability Zone.

141
MCQhard

A company is designing a high-availability architecture for SAP NetWeaver on AWS. The architecture includes two application server instances in different Availability Zones, a shared file system using Amazon EFS, and a database using SAP HANA with HANA System Replication (HSR). During a failover test, the application servers cannot connect to the database after the HANA secondary becomes the primary. What is the most likely cause?

A.HANA System Replication is not configured correctly for automatic failover.
B.The SAP application servers are configured with the hostname of the primary HANA instance, which did not update after failover.
C.The Amazon EFS file system is not available in the secondary Availability Zone.
D.The security group of the application servers does not allow outbound traffic to the secondary HANA instance.
AnswerB

Application servers need to have a virtual hostname or use a DNS name that updates to the new primary.

Why this answer

In SAP NetWeaver, application servers connect to the database using a fixed hostname or virtual IP address. After HANA System Replication (HSR) failover, the secondary becomes the primary but retains its own hostname unless a virtual hostname (e.g., using Amazon Route 53 or Elastic IP) is configured to automatically update. If the application servers are hardcoded with the original primary's hostname, they cannot resolve or reach the new primary, causing connection failure.

Exam trap

The trap here is that candidates often assume HSR automatic failover (Option A) is the root cause, but the real issue is the lack of a virtual hostname or DNS update mechanism, which is a common misconfiguration in SAP on AWS architectures.

How to eliminate wrong answers

Option A is wrong because HSR automatic failover is not required for the application servers to reconnect; even with manual failover, the connection would fail if the hostname is not updated. Option C is wrong because Amazon EFS is a regional, multi-AZ service that is available in all Availability Zones simultaneously, so its availability does not affect database connectivity. Option D is wrong because outbound traffic from application servers to the secondary HANA instance is typically allowed by default in security groups; the issue is name resolution, not network access.

142
MCQeasy

A company is deploying a new SAP BusinessObjects system on AWS. The system will consist of multiple servers: a CMS database server, an audit database server, and several processing servers. The administrator needs to ensure that all servers can communicate with each other and with corporate on-premises systems via a VPN connection. The AWS environment is in a single VPC with public and private subnets. Which network architecture should be used to meet these requirements?

A.Place servers in private subnets and use a NAT Gateway for outbound internet and a VPN gateway for on-premises connectivity.
B.Place all servers in public subnets with Elastic IPs and use security groups to restrict access.
C.Use a single public subnet for all servers and rely on network ACLs for isolation.
D.Place servers in private subnets and use a bastion host for all inter-server communication.
AnswerA

Private subnets with NAT and VPN provide secure connectivity.

Why this answer

Placing the SAP BusinessObjects servers in private subnets ensures they are not directly exposed to the internet, which is a security best practice. A NAT Gateway provides outbound internet access for tasks like software updates, while a VPN Gateway (or Virtual Private Gateway) establishes encrypted connectivity to the corporate on-premises systems, meeting the requirement for inter-server and hybrid communication.

Exam trap

The trap here is that candidates often confuse the purpose of a NAT Gateway (outbound internet only) with a bastion host (administrative access) or mistakenly think public subnets are acceptable for SAP servers, ignoring the security and compliance requirements for private, isolated workloads.

How to eliminate wrong answers

Option B is wrong because placing all servers in public subnets with Elastic IPs exposes them directly to the internet, violating security best practices and increasing the attack surface unnecessarily. Option C is wrong because using a single public subnet for all servers and relying solely on network ACLs for isolation does not provide the private, secure environment required for SAP workloads and does not address the need for VPN-based on-premises connectivity. Option D is wrong because a bastion host is used for administrative access to private instances, not for inter-server communication; inter-server traffic should flow directly within the VPC using private IPs, not be routed through a bastion host.

143
MCQeasy

A company is planning to run SAP HANA on AWS and needs to ensure that the instance is optimally placed for low latency between the application and database tiers. Which AWS feature should be used?

A.Application Load Balancer
B.VPC endpoint
C.Cluster placement group
D.Auto Scaling group
AnswerC

Cluster placement groups provide low-latency network performance within an AZ.

Why this answer

Option C is correct because a cluster placement group is designed for low-latency, high-throughput communication between instances. Option A is wrong because an Auto Scaling group is for scaling, not placement. Option B is wrong because an ALB is for load balancing.

Option D is wrong because a VPC endpoint does not affect instance placement.

144
MCQhard

An SAP administrator created the above IAM policy for an EC2 instance that performs automated SAP HANA backups. The backup script runs successfully but fails to upload the backup files to the S3 bucket. What is the most likely cause?

A.The S3 bucket policy denies the upload
B.The IAM policy does not include permissions for multipart upload operations
C.The IAM policy does not allow s3:PutObject
D.The EC2 instance does not have permission to create snapshots
AnswerB

Multipart uploads require additional actions like s3:AbortMultipartUpload.

Why this answer

The policy allows s3:PutObject and s3:GetObject on objects in the bucket, but does not include s3:ListBucket or s3:PutObjectAcl. However, the failure is most likely because the script uses multipart upload and the policy does not include s3:AbortMultipartUpload or s3:ListMultipartUploadParts. Option A is wrong because the policy allows PutObject.

Option C is wrong because the bucket policy is not shown. Option D is wrong because ec2:CreateSnapshot is allowed.

145
Multi-Selecthard

An SAP system on AWS uses an Oracle database on EC2. The database is experiencing I/O bottlenecks. Which THREE design changes can improve I/O performance?

Select 3 answers
A.Provision Amazon EBS volumes with Provisioned IOPS (io2) for the database.
B.Use an EBS-optimized instance for dedicated bandwidth to EBS.
C.Configure EBS Multi-Attach to allow multiple instances to share the same volume for parallel I/O.
D.Use instance store volumes for the database files to reduce latency.
E.Offload database backups to Amazon S3 using the Oracle Secure Backup module.
AnswersA, B, C

Provisioned IOPS volumes deliver consistent, low-latency performance for I/O-intensive workloads.

Why this answer

Option A is correct because Amazon EBS io2 volumes provide consistent, low-latency I/O performance with a guaranteed IOPS rate, which directly addresses I/O bottlenecks for Oracle databases on EC2. By provisioning dedicated IOPS, you eliminate the variability of burstable gp2/gp3 volumes, ensuring predictable throughput for SAP workloads.

Exam trap

The trap here is that candidates confuse EBS-optimized instances (which ensure network bandwidth) with actual I/O performance improvements, or they mistakenly think Multi-Attach can parallelize I/O for a single database, when it is designed for multi-instance shared access only.

146
MCQhard

An SAP landscape on AWS includes several instances in a VPC. The administrator needs to ensure that SAProuter can connect to the SAP system from the internet securely. Which networking component should be used?

A.AWS Direct Connect with a public VIF
B.Internet Gateway with a public IP on the SAProuter instance
C.AWS CloudFront with a security group
D.AWS VPN connection to the customer's network
AnswerD

VPN provides encrypted tunnel for secure SAProuter communication.

Why this answer

Option D is correct because an AWS VPN connection establishes an encrypted tunnel over the internet between the customer's on-premises network and the VPC, allowing SAProuter to connect securely to the SAP system without exposing any instance to the public internet. This aligns with the requirement for secure, authenticated connectivity from the internet while maintaining network isolation.

Exam trap

The trap here is that candidates often confuse 'secure connectivity from the internet' with simply providing internet access via an Internet Gateway, overlooking the need for encrypted tunneling and network isolation that a VPN provides.

How to eliminate wrong answers

Option A is wrong because AWS Direct Connect with a public VIF provides a dedicated network connection to AWS public services, but it does not inherently secure SAProuter traffic from the internet; it bypasses the internet but still requires additional security measures and does not address the 'from the internet' requirement directly. Option B is wrong because attaching an Internet Gateway with a public IP on the SAProuter instance exposes the instance directly to the internet, violating security best practices for SAP systems and increasing the attack surface. Option C is wrong because AWS CloudFront is a content delivery network (CDN) for distributing static and dynamic web content, not a networking component for routing SAProuter traffic; it cannot establish a secure tunnel for SAProuter's proprietary protocol.

147
MCQhard

A company is planning to run SAP S/4HANA on AWS and needs to ensure that the system can automatically recover from an Availability Zone failure. They want to use SAP HANA System Replication with automatic failover. Which AWS configuration is required?

A.AWS Auto Scaling groups with lifecycle hooks
B.Pacemaker cluster with STONITH across two Availability Zones
C.Amazon RDS Multi-AZ deployment
D.Amazon EFS as shared storage for HANA data
AnswerB

Pacemaker with STONITH provides automatic failover and fencing.

Why this answer

Pacemaker cluster with STONITH ensures automatic failover by fencing failed nodes. EBS Multi-Attach is not supported across AZs, so NFS or other shared storage is used.

148
MCQeasy

An SAP administrator is designing a new SAP NetWeaver system on AWS. They need to choose an EC2 instance type that is certified for SAP. Which source should they consult?

A.Amazon EC2 console
B.AWS Pricing Calculator
C.SAP Note 2235581 (SAP HANA Hardware Directory)
D.AWS documentation on EC2 instance types
AnswerC

SAP Note 2235581 provides the official SAP HANA hardware directory.

Why this answer

SAP Note 2235581 is the authoritative source for the SAP HANA Hardware Directory, which lists all EC2 instance types certified for SAP HANA and SAP NetWeaver. AWS relies on SAP's own certification process, so only SAP's official directory provides the definitive list of supported instance types.

Exam trap

The trap here is that candidates assume AWS documentation or the EC2 console would list SAP-certified instances, but SAP maintains its own hardware directory independently, and only SAP Note 2235581 is the definitive source.

How to eliminate wrong answers

Option A is wrong because the Amazon EC2 console does not display SAP certification status; it only shows general instance type information and features. Option B is wrong because the AWS Pricing Calculator is a cost estimation tool and does not include SAP certification data. Option D is wrong because AWS documentation on EC2 instance types describes general capabilities but does not maintain the official SAP certification list, which is exclusively managed by SAP.

149
MCQhard

An administrator needs to back up SAP HANA database to S3 with encryption. The backup must be encrypted at rest in S3. Which combination of actions should be taken?

A.Use AWS CloudHSM to generate keys and store them in S3
B.Enable S3 Versioning and use S3-managed keys
C.Configure S3 bucket with default encryption using SSE-S3 or SSE-KMS
D.Use AWS Backup to back up to S3 with default settings
AnswerC

Default encryption ensures all objects are encrypted at rest.

Why this answer

Option C is correct because configuring an S3 bucket with default encryption using SSE-S3 or SSE-KMS ensures that backups written to S3 are automatically encrypted at rest. SSE-S3 uses Amazon-managed keys with AES-256, while SSE-KMS allows you to use AWS KMS customer managed keys (CMKs) for additional control. This meets the requirement for encryption at rest in S3 without requiring additional infrastructure or manual key management.

Exam trap

The trap here is that candidates confuse S3 Versioning (which protects against accidental deletion) with encryption, or assume that AWS Backup automatically enforces encryption without explicitly configuring bucket default encryption.

How to eliminate wrong answers

Option A is wrong because AWS CloudHSM generates keys that are stored in the HSM itself, not in S3; storing keys in S3 would defeat the purpose of a hardware security module and is not a supported pattern for S3 encryption. Option B is wrong because enabling S3 Versioning provides object versioning, not encryption; S3-managed keys (SSE-S3) are a valid encryption method, but Versioning alone does not encrypt data. Option D is wrong because AWS Backup with default settings does not guarantee encryption at rest in S3; default settings may use SSE-S3, but the question requires a specific action to ensure encryption, and AWS Backup does not inherently configure S3 bucket encryption.

150
MCQmedium

A company is running SAP ERP on AWS with an Oracle database. The application servers are deployed in an Auto Scaling group across three Availability Zones. The database is hosted on a single EC2 instance in us-east-1a. The company wants to improve availability with minimal changes to the application. The database must be highly available with automatic failover and no data loss. The database size is 1 TB. The current RTO is 2 hours and RPO is 1 hour. The company is considering using Oracle Data Guard for replication. Which solution should the company implement to meet the HA requirements?

A.Use AWS Database Migration Service (DMS) to replicate the Oracle database to a second EC2 instance in another AZ, and use an Amazon Route 53 health check to redirect traffic.
B.Migrate the Oracle database to Amazon RDS for Oracle with Multi-AZ deployment and automatic failover.
C.Configure Oracle Data Guard with synchronous replication and Fast-Start Failover (FSFO) to automatically fail over to a standby instance in another AZ.
D.Configure Oracle Data Guard with asynchronous replication to a standby instance in us-east-1b, and use a custom script to detect failure and promote the standby.
AnswerC

Synchronous replication ensures zero data loss; FSFO provides automatic failover.

Why this answer

Option C is correct because Oracle Data Guard with synchronous replication ensures zero data loss by committing transactions only after they are written to both primary and standby redo logs. Fast-Start Failover (FSFO) automates the failover process without manual intervention, meeting the RTO of 2 hours and RPO of 1 hour while requiring minimal application changes since the database remains Oracle-native.

Exam trap

The trap here is that candidates often assume AWS-managed services like RDS Multi-AZ are always the best choice for high availability, but the question explicitly requires minimal application changes and zero data loss, making Oracle-native Data Guard with synchronous replication the correct fit despite the operational overhead.

How to eliminate wrong answers

Option A is wrong because AWS DMS is a migration tool, not a high-availability replication solution; it does not support automatic failover or synchronous replication, and using Route 53 health checks for traffic redirection introduces DNS propagation delays that violate the RTO. Option B is wrong because migrating to Amazon RDS for Oracle with Multi-AZ is not a minimal change—it requires application connection string changes and may not support all SAP ERP-specific Oracle features or customizations, and Multi-AZ uses asynchronous replication by default, risking data loss. Option D is wrong because asynchronous replication does not guarantee zero data loss (RPO=0), and relying on a custom script for failover detection and promotion introduces complexity and potential delays that could exceed the RTO.

← PreviousPage 2 of 7 · 462 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Design of SAP Workloads on AWS questions.