ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 497 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 497
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company is moving a business-critical application onto AWS. It is a traditional three-tier web application using an Oracle database. Data must be encrypted in transit and at rest. The database hosts 12 TB of data. Network connectivity to the source Oracle database over the internal is allowed, and the company wants to reduce operational costs by using AWS Managed Services where possible. All resources within the web and application tiers have been migrated. The database has a few tables and a simple schema using primary keys only; however, it contains many Binary Large Object (BLOB) fields. It was not possible to use the database's native replication tools because of licensing restrictions.
Which database migration solution will result in the LEAST amount of impact to the application's availability?

  • A. Provision an Amazon RDS for Oracle instance. Host the RDS database within a virtual private cloud (VPC) subnet with internet access, and set up the RDS database as an encrypted Read Replica of the source database. Use SSL to encrypt the connection between the two databases. Monitor the replication performance by watching the RDS ReplicaLag metric. During the application maintenance window, shut down the on-premises database and switch over the application connection to the RDS instance when there is no more replication lag. Promote the Read Replica into a standalone database instance.
  • B. Provision an Amazon EC2 instance and install the same Oracle database software. Create a backup of the source database using the supported tools. During the application maintenance window, restore the backup into the Oracle database running in the EC2 instance. Set up an Amazon RDS for Oracle instance, and create an import job between the databases hosted in AWS. Shut down the source database and switch over the database connections to the RDS instance when the job is complete.
  • C. Use AWS DMS to load and replicate the dataset between the on-premises Oracle database and the replication instance hosted on AWS. Provision an Amazon RDS for Oracle instance with Transparent Data Encryption (TDE) enabled and configure it as a target for the replication instance. Create a customer-managed AWS KMS master key to set it as the encryption key for the replication instance. Use AWS DMS tasks to load the data into the target RDS instance. During the application maintenance window and after the load tasks reach the ongoing replication phase, switch the database connections to the new database.
  • D. Create a compressed full database backup of the on-premises Oracle database during an application maintenance window. While the backup is being performed, provision a 10 Gbps AWS Direct Connect connection to increase the transfer speed of the database backup files to Amazon S3, and shorten the maintenance window period. Use SSL/TLS to copy the files over the Direct Connect connection. When the backup files are successfully copied, start the maintenance window, and rise any of the Amazon RDS supported tools to import the data into a newly provisioned Amazon RDS for Oracle instance with encryption enabled. Wait until the data is fully loaded and switch over the database connections to the new database. Delete the Direct Connect connection to cut unnecessary charges.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://aws.amazon.com/blogs/apn/oracle-database-encryption-options-on-amazon-rds/ https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.AdvSecurity.htm
(DMS in transit encryption)
https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html
by donathon at Sept. 25, 2019, 3:28 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Moon
Highly Voted 3 years, 7 months ago
More toward "C". https://aws.amazon.com/blogs/apn/oracle-database-encryption-options-on-amazon-rds/ https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.AdvSecurity.html (DMS in transit encryption) https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html
upvoted 20 times
...
donathon
Highly Voted 3 years, 7 months ago
https://aws.amazon.com/blogs/database/best-practices-for-migrating-an-oracle-database-to-amazon-rds-postgresql-or-amazon-aurora-postgresql-source-database-considerations-for-the-oracle-and-aws-dms-cdc-environment/
upvoted 8 times
donathon
3 years, 7 months ago
Answer is C
upvoted 13 times
...
...
mnsait
Most Recent 4 months, 2 weeks ago
Selected Answer: C
Agree with others on option C. However, what about this "Network connectivity to the source Oracle database over the internal is allowed". Nothing is mentioned about this access in C?
upvoted 1 times
...
SkyZeroZx
1 year, 10 months ago
Selected Answer: C
Keyword = AWS DMS for replication task in Database
upvoted 1 times
...
cldy
3 years, 4 months ago
C. Use AWS DMS to load and replicate the dataset between the on-premises Oracle database and the replication instance hosted on AWS. Provision an Amazon RDS for Oracle instance with Transparent Data Encryption (TDE) enabled and configure it as a target for the replication instance. Create a customer-managed AWS KMS master key to set it as the encryption key for the replication instance. Use AWS DMS tasks to load the data into the target RDS instance. During the application maintenance window and after the load tasks reach the ongoing replication phase, switch the database connections to the new database.
upvoted 2 times
...
AzureDP900
3 years, 4 months ago
I will go with C
upvoted 1 times
...
WhyIronMan
3 years, 5 months ago
I'll go with C
upvoted 1 times
...
Waiweng
3 years, 5 months ago
it's C with DMS
upvoted 2 times
...
Kian1
3 years, 5 months ago
going with C
upvoted 2 times
...
Ebi
3 years, 6 months ago
C is the answer
upvoted 3 times
...
T14102020
3 years, 6 months ago
Correct answer is C. DMS tool
upvoted 2 times
...
Bulti
3 years, 6 months ago
Answer is C. Cannot use native Oracle replication tool and Direct Connect cannot be setup during the maintenance window.
upvoted 3 times
...
jackdryan
3 years, 6 months ago
I'll go with C
upvoted 3 times
...
gookseang
3 years, 6 months ago
seems C
upvoted 1 times
...
Paitan
3 years, 6 months ago
Definitely C.
upvoted 1 times
...
fullaws
3 years, 6 months ago
C is correct, D will reduce availability time and seem impossible without native replication.
upvoted 2 times
...
NikkyDicky
3 years, 6 months ago
C clearly
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago