ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 290 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 290
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company is serving files to its customers through an SFTP server that is accessible over the internet. The SFTP server is running on a single Amazon EC2 instance with an Elastic IP address attached. Customers connect to the SFTP server through its Elastic IP address and use SSH for authentication. The EC2 instance also has an attached security group that allows access from all customer IP addresses.

A solutions architect must implement a solution to improve availability, minimize the complexity of infrastructure management, and minimize the disruption to customers who access files. The solution must not change the way customers connect.

Which solution will meet these requirements?

  • A. Disassociate the Elastic IP address from the EC2 instance. Create an Amazon S3 bucket to be used for SFTP file hosting. Create an AWS Transfer Family server. Configure the Transfer Family server with a publicly accessible endpoint. Associate the SFTP Elastic IP address with the new endpoint. Point the Transfer Family server to the S3 bucket. Sync all files from the SFTP server to the S3 bucket.
  • B. Disassociate the Elastic IP address from the EC2 instance. Create an Amazon S3 bucket to be used for SFTP file hosting. Create an AWS Transfer Family server. Configure the Transfer Family server with a VPC-hosted, internet-facing endpoint. Associate the SFTP Elastic IP address with the new endpoint. Attach the security group with customer IP addresses to the new endpoint. Point the Transfer Family server to the S3 bucket. Sync all files from the SFTP server to the S3 bucket.
  • C. Disassociate the Elastic IP address from the EC2 instance. Create a new Amazon Elastic File System (Amazon EFS) file system to be used for SFTP file hosting. Create an AWS Fargate task definition to run an SFTP server. Specify the EFS file system as a mount in the task definition. Create a Fargate service by using the task definition, and place a Network Load Balancer (NLB) in front of the service. When configuring the service, attach the security group with customer IP addresses to the tasks that run the SFTP server. Associate the Elastic IP address with the NLB. Sync all files from the SFTP server to the S3 bucket.
  • D. Disassociate the Elastic IP address from the EC2 instance. Create a multi-attach Amazon Elastic Block Store (Amazon EBS) volume to be used for SFTP file hosting. Create a Network Load Balancer (NLB) with the Elastic IP address attached. Create an Auto Scaling group with EC2 instances that run an SFTP server. Define in the Auto Scaling group that instances that are launched should attach the new multi-attach EBS volume. Configure the Auto Scaling group to automatically add instances behind the NLB. Configure the Auto Scaling group to use the security group that allows customer IP addresses for the EC2 instances that the Auto Scaling group launches. Sync all files from the SFTP server to the new multi-attach EBS volume.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by psyx21 at June 21, 2023, 11:08 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SkyZeroZx
Highly Voted 1 year, 9 months ago
Selected Answer: B
B Question say " The EC2 instance also has an attached security group that allows access from all customer IP addresses." B say "Attach the security group with customer IP addresses to the new endpoint" Should be Security Group for working with security for customer
upvoted 7 times
...
SmileyCloud
Highly Voted 1 year, 10 months ago
Selected Answer: B
It's B. You can't attach elastic IP with A). -> https://repost.aws/knowledge-center/aws-sftp-endpoint-type - look at the table
upvoted 5 times
...
JoeTromundo
Most Recent 6 months, 3 weeks ago
Selected Answer: B
https://repost.aws/knowledge-center/aws-sftp-endpoint-type
upvoted 2 times
...
Syre
7 months, 3 weeks ago
Selected Answer: A
B is wrong, it's similar to A but uses a VPC-hosted endpoint, which is unnecessary for this public-facing scenario and adds complexity without any clear benefit.
upvoted 1 times
...
duriselvan
1 year, 4 months ago
https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html -b ans
upvoted 2 times
...
duriselvan
1 year, 4 months ago
S Fargate and a Network Load Balancer provides the most efficient and secure solution, meeting all the requirements without compromising availability, introducing unnecessary complexity, or disrupting existing customer access.
upvoted 1 times
...
career360guru
1 year, 5 months ago
Selected Answer: B
Option B
upvoted 1 times
...
rlf
1 year, 6 months ago
Answer is B. https://aws.amazon.com/blogs/storage/use-ip-whitelisting-to-secure-your-aws-transfer-for-sftp-servers/
upvoted 1 times
...
NikkyDicky
1 year, 9 months ago
Selected Answer: B
B of course. need SG to whitelist IPs
upvoted 1 times
...
YodaMaster
1 year, 9 months ago
Selected Answer: B
https://repost.aws/knowledge-center/aws-sftp-endpoint-type
upvoted 2 times
...
ozelllll
1 year, 10 months ago
Selected Answer: B
It's B: https://repost.aws/knowledge-center/aws-sftp-endpoint-type
upvoted 4 times
...
gd1
1 year, 10 months ago
Selected Answer: B
A is public access; the requirement says need Security Group with Ip addresses - B is correct
upvoted 1 times
...
Jackhemo
1 year, 10 months ago
Selected Answer: B
Olabiba.ai Says B: Option B suggests disassociating the Elastic IP address from the EC2 instance and creating an Amazon S3 bucket for SFTP file hosting. An AWS Transfer Family server is then created and configured with a VPC-hosted, internet-facing endpoint. The SFTP Elastic IP address is associated with the new endpoint, and the security group with customer IP addresses is attached to the endpoint. The Transfer Family server is pointed to the S3 bucket, and all files from the SFTP server are synced to the S3 bucket.
upvoted 2 times
...
psyx21
1 year, 10 months ago
Selected Answer: A
Correct Answer is A
upvoted 3 times
rxhan
1 year, 9 months ago
again wrong, dont be quick and wrong.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago