AWS Certified Solutions Architect Associate Practice Test (SAA-C03)

A content delivery network (CDN) specializes in reducing latency by caching content at edge locations closer to the end users. This service dramatically decreases the time taken to deliver content, regardless of the user's geographic location.

A well-implemented throttling strategy prevents server overload by limiting the number of API requests that can be made by a user over time. This prevents unexpected bursts of traffic from causing autoscaling events or the provisioning of additional, potentially unnecessary resources, which would incur higher costs. Throttling ensures a balanced distribution of system load, maintaining steady performance which can reduce costs on compute resources and help in maintaining the budget. The answer related to decreasing latency is incorrect as throttling can actually increase response times. The suggestion about flat-rate billing misunderstands AWS pricing models, which can include per-request costs or scale with utilization. Enhanced monitoring on its own would not directly result in cost savings but rather increased visibility.

Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD volumes (io1 or io2) provide consistent low-latency performance and high input/output operations per second (IOPS), making them ideal for high-performance transactional workloads that require rapid access to data. They are designed to handle intensive workloads that demand the highest performance. Amazon S3 is an object storage service with higher latency, unsuitable for transactional workloads requiring block storage. Amazon EFS offers shared file storage but may not provide the necessary low-latency performance for high IOPS workloads. Amazon EBS Throughput Optimized HDD (st1) volumes are designed for throughput-intensive workloads with large, sequential I/O rather than low-latency transactional workloads.

The correct service is Storage Gateway because it enables integration of on-premises applications with cloud storage by supporting common storage protocols such as NFS, SMB, and iSCSI. This facilitates a smooth extension of on-premises storage to the cloud, which is beneficial for cost-optimized storage strategies. DataSync is mainly focused on the efficient transfer of data between on-premises and the cloud and is not primarily used for real-time access. FSx provides fully managed native third-party file system services, but it doesn't provide a direct hybrid storage solution. EBS is designed for use with EC2 instances for block storage and does not fit the hybrid storage integration scenario described.

Shipping the data using a physical data transport appliance like Snowball Edge provides the most cost-effective and time-efficient method for transferring large amounts of data to the cloud. It avoids the limitations of network bandwidth and reduces costs associated with prolonged Internet transfers. Transferring 50 TB over a 500 Mbps connection would take over 9 days, exceeding the one-week requirement, and could incur higher costs due to extended network usage. Using data transfer services over the Internet or uploading via command-line tools would face similar time constraints and potentially higher costs. Establishing a dedicated network connection is not feasible within a week and involves substantial setup costs.

Amazon S3 Glacier is the most cost-effective storage class for objects that are infrequently accessed and can tolerate retrieval times of several hours. It is designed for long-term storage, providing lower storage costs and higher retrieval costs compared to other S3 storage classes, making it an ideal choice for archiving data which is not accessed frequently.

An Amazon EC2 Auto Scaling group with a target tracking scaling policy is the best solution for the described use case as it allows automatic adjustment of the number of EC2 instances in response to the load on the application. Target tracking scaling policies adjust the capacity to maintain a specific target for a selected metric such as average CPU utilization or number of requests per target. This is suitable for handling unpredictable, spikey traffic because it provides elasticity by automatically increasing or decreasing the number of EC2 instances as required to meet the target. The other options, such as fixed-size EC2 groups or an Application Load Balancer without Auto Scaling, do not offer the same level of elasticity and cannot automatically adjust the compute capacity in response to varying loads.

The service's built-in Point-In-Time Recovery (PITR) feature provides the ability to restore data to any second within the last 35 days, which is within the company's five-week requirement. This feature captures changes to the data up to the last second before a failure, which makes it suitable for the scenario presented. The streaming feature while useful for capturing data changes in real-time does not allow for restoring data to any point in time. Versioning is not applicable directly to NoSQL databases and typically pertains to object storage services. While a continuous backup solution is a good practice, it's distinct from the native point-in-time recovery capabilities that are specifically designed for the NoSQL service in question.

When the primary task is to deliver static content, a balance of compute, memory, and networking resources is usually sufficient. T3 instances are designed as burstable general-purpose instances that provide a baseline level of CPU performance with the ability to burst CPU usage at any time for as long as required, making them cost-efficient choices for workloads with moderate CPUs that can spike temporarily. For the web application described, where the demand on CPU resources is not constant or predictably high but may experience occasional spikes, a t3.medium instance is likely to offer an optimal balance between cost and capability.

AWS Transfer Family provides fully managed service for file transfers directly into and out of Amazon S3 using Secure File Transfer Protocol (SFTP), FTPS, and FTP. With AWS Transfer Family, you can set up an SFTP server without needing to manage any servers, thus minimizing operational overhead and eliminating the need to handle infrastructure.

AWS DataSync is used for transferring large amounts of data online between on-premises storage and AWS storage services but does not provide SFTP endpoints.

AWS Storage Gateway helps integrate on-premises environments with cloud storage for hybrid deployments but doesn't offer SFTP functionality.

Amazon S3 Transfer Acceleration speeds up file uploads and downloads to and from Amazon S3 by leveraging Amazon CloudFront's globally distributed edge locations. It does not provide SFTP access or serverless file transfer capabilities.

AWS Storage Gateway with a File Gateway configuration is ideal for this scenario as it provides a hybrid storage service that enables your on-premises applications to seamlessly use AWS Cloud storage. File Gateway offers a local cache for low-latency access to often-accessed data, while less frequently accessed data is read directly from S3; thus, it satisfies the need for efficient caching and low-latency data access.

Setting up an IAM role in the target account with the necessary permissions and allowing users from the source account to assume this role is the most secure and efficient solution. This method leverages AWS Security Token Service (STS) to provide temporary credentials when users assume the role, adhering to AWS security best practices and reducing the need to manage multiple user accounts. Creating IAM users in the target account and sharing credentials is not secure and increases administrative overhead. Manually generating and distributing temporary credentials is not efficient and poses security risks compared to using roles. Establishing a VPN connection addresses network connectivity but does not provide the necessary access control.

Using the selected service, enterprises can manage multiple environments by setting up a well-architected baseline, automating the provisioning of new environments, and uniformly applying policy controls across all environments for security and compliance. While the other options provide specific security features or advisory services, they do not offer the comprehensive solution needed for centralized governance and automated environment setup.

CloudTrail is the appropriate choice for monitoring and logging user actions and resource changes over time, vital for handling sensitive information like PHI. It ensures that actions taken by users, roles, or AWS services are recorded, which is fundamental for maintaining stringent access logs required by compliance standards, such as those related to healthcare information.

The use of Inspector would not fulfill the requirement as its use case is security assessment for applications, not detailed logging of data access. Config helps monitor resource states and changes but does not provide the granular action-level logging required for compliance audits associated with healthcare data. CloudWatch primarily focuses on performance monitoring rather than user access and interaction logs.

Auto Scaling is the correct answer because it provides the functionality of adjusting the number of instances dynamically to cope with the load, ensuring both performance maintenance and cost optimization. Lambda, while it does scale automatically, is event-driven and designed for short-duration workloads, making it less suited for traditional web application hosting. Elastic MapReduce (EMR) focuses on data processing and big data use cases rather than web application traffic fluctuation. Fargate, although it scales easily, is a container management service and not primarily used for instance-level scaling like the situation described.