PAS-C01 PDF試験材料2023年最新の実際に出るPAS-C01問題集 [Q16-Q41]

PAS-C01 PDF試験材料2023年最新の実際に出るPAS-C01問題集

更新されたのはAmazon PAS-C01問題集PDFオンラインエンジン

Amazon PAS-C01 認定試験の出題範囲：

トピック	出題範囲
トピック 1	AWS への SAP ワークロードの異種移行の実行 AWS への SAP ワークロードの移行
トピック 2	AWS 上の SAP ワークロード向けの回復力の高いソリューションを設計する AWS 上の SAP ワークロード向けの AWS アカウント構造と接続パターンを設計する
トピック 3	AWS 上の SAP ワークロード向けに最適化された費用対効果の高いインフラストラクチャ ソリューションを定義する AWS 上の SAP ワークロードの設計
トピック 4	AWS への SAP ワークロードの最適な移行アプローチを決定する AWS への SAP ワークロードの同種の移行を実行する
トピック 5	AWS での SAP アプリケーションの定期的かつ予防的なメンテナンス活動の実行 AWS での SAP ワークロードの運用とメンテナンス
トピック 6	SAP ワークロードの高可用性の構成 AWS での SAP ワークロードの実装
トピック 7	AWS 上の SAP 環境の基盤となるインフラストラクチャのパフォーマンス、可用性、およびセキュリティを監視する SAP ワークロードの展開を自動化する
トピック 8	AWS で SAP ワークロード用のデータベースをデプロイする AWS で SAP アプリケーションをデプロイする

 

質問 16
A company has deployed its SAP applications into multiple Availability Zones in the same AWS Region To accommodate storage of media files database table export and import and files dropped by third-party tools the company has mounted Amazon Elastic File System (Amazon EFS) file systems between the SAP instances The company needs to retrieve the files quickly for installations updates and system refreshes Over time the EFS file systems have grown exponentially to multiple terabytes An SAP solutions architect must optimize storage cost for the tiles that are stored in Amazon EFS.
Which solution will meet this requirement with the LEAST administrative overhead?

• A. Scan the files manually to identify unnecessary files Delete the unnecessary files
• B. Move the files to Amazon S3 Glacier Deep Archive
• C. Apply a lifecycle policy on the files in Amazon EFS to move the files to EFS Standard-Infrequent Access (Standard-IA)
• D. Move the files to Amazon S3 Glacier Apply an S3 Glacier vault lock policy to the files

正解: C

 

質問 17
A company is hosting an SAP HANA database on AWS. The company is automating operational tasks including backup and system refreshes. The company wants to use SAP HANA Studio to perform data backup of an SAP HANA tenant database to a backint interface. The SAP HANA database is running in multi-tenant database container (MDO mode. The company receives the following error message during an attempt to perform the backup.

What should an SAP solutions architect do to resolve this issue?

• A. Ensure that the cataiog_backup_using_backint SAP HANA parameter is set to true Ensure that the data_backup_parameter_file and log_backup_parameter_file parameters have the correct path location in the global ini file
• B. Set the execute permission for AWS Backint agent binary aws-backint-agent and for the launcher script aws-backint-agent-launcher sh in the installation directory
• C. Add the SAP HANA system to SAP HANA Studio Select multiple container mode and then try to initiate the backup again
• D. Verify the installation steps Create symbolic links (symlinks)

正解: C

 

質問 18
An SAP basis architect is configuring high availability for a critical SAP system on AWS. The SAP basis architect is using an overlay IP address to route traffic to the subnets across multiple Availability Zones within an AWS Region for the system's SAP HANA database.
What should the SAP basis architect do to route the traffic to the Amazon EC2 instance of the active SAP HANA database?

• A. Edit the network ACL of the subnet that includes the EC2 instance that runs SAP HANA Allow traffic for SAP HANA specific ports from the overlay IP address
• B. Edit the inbound and outbound rules in the security group of the EC2 instance that runs SAP HANA Allow traffic for SAP HANA specific ports from the overlay IP address
• C. Edit the route in the route table of the VPC that includes the EC2 instance that runs SAP HANA Specify the overlay IP address as the destination Specify the elastic network interface of the EC2 instance as the target
• D. Edit the route in the route table of the VPC that includes the EC2 instance that runs SAP HANA Specify the overlay IP address as the destination Specify the private IP address of the EC2 instance as the target

正解: C

 

質問 19
A company is moving to the AWS Cloud gradually. The company has multiple SAP landscapes on VMware The company already has sandbox development and QA systems on AWS The company's production system is still running on premises. The company has 2 months to cut over the entre landscape to the AWS Cloud The company has adopted a hybrid architecture for the next 2 months and needs to synchronize its shared file systems between the landscapes These shared file systems include trans directory mounts, /software directory mounts, and third-party integration mounts in the on-premises landscape the company has NFS mounts between the servers On the AWS infrastructure side the company is using Amazon Elastic File System (Amazon EFS) to share the common files An SAP solutions architect needs to design a solution to schedule transfer of these shared files bidirectional^ four times each day. The data transfer must be encrypted Which solution will meet these requirements?

• A. Install an AWS DataSync agent on the on-premises VMware platform Use the DataSync endpoint to synchronize between the on-premises NFS server and Amazon EFS on AWS
• B. Set up a separate AWS Direct Connect connection for synchronization between the on-premises servers and AWS
• C. Order an AWS Snowcone device Use the Snowcone device to transfer data between the on-premises servers and AWS
• D. Write an rsync script Schedule the script through cron for four times each day in the on-premises VMware servers to transfer the data from on premises to AWS

正解: D

 

質問 20
A company is running its SAP workloads on premises and needs to migrate the workloads to AWS All the workloads are running on SUSE Linux Enterprise Server and Oracle Database. The company's landscape consists of SAP ERP Central Component {SAP ECC). SAP Business Warehouse (SAP BW), and SAP NetWeaver systems. The company has a dedicated AWS Direct Connect connection between its on-premises environment and AWS The company needs to migrate the systems to AWS with the least possible downtime Which migration solution will meet these requirements?

• A. Use SAP Software Provisioning Manager to perform parallel export import of the systems to migrate the systems to SUSE Linux Enterprise Server and Oracle Database on AWS
• B. Use SAP Software Provisioning Manager to perform parallel export/import of the systems to migrate the systems to Oracle Enterprise Linux and Oracle Database on AWS
• C. Use SAP Software Provisioning Manager to perform an export of the systems Copy the export to Amazon S3 Use SAP Software Provisioning Manager to perform an import of the systems to Oracle Enterprise Linux and Oracle Database on AWS.
• D. Use SAP Software Provisioning Manager to perform an export of the systems Copy the export to Amazon S3 Use SAP Software Provisioning Manager to perform an import of the systems to SUSE Linux Enterprise Server and Oracle Database on AWS

正解: B

 

質問 21
An SAP specialist is budding an SAP environment The SAP environment contains Amazon EC2 instances that fun in a private subnet in a VPC. The VPC includes a NAT gateway.
The SAP specialist is selling up IBM Db2 high availability disaster recovery for the SAP duster. After configuration of overlay IP address routing traffic is not routing to the database EC2 instances.
What should the SAP specialist do to resolve this issue?

• A. Create route table entries to allow traffic from the database EC2 instances to the NAT gateway
• B. Turn off the source destination check for the database EC2 instances
• C. Open a security group tor SAP ports to allow traffic on port 443
• D. Create an IAM role that has permission to access network traffic Associate the role with the database EC2 instances

正解: A

 

質問 22
A company is running SAP ERP Central Component (SAP ECC) with a Microsoft SQL Server database on AWS A solutions architect must attach an additional 1 TB Amazon Elastic Block Store (Amazon EBS) volume. The company needs to write the SQL Server database backups to this EBS volume before moving the database backups to Amazon S3 for long-term storage.
Which EBS volume type will meet these requirements MOST cost-effectively?

• A. Cold HDD (sc1)
• B. General Purpose SSD (gp3)
• C. Throughput Optimized HDD (st1)
• D. Provisioned IOPS SSD (io3)

正解: D

 

質問 23
A company has an SAP environment that runs on AWS. The company wants to enhance security by restricting Amazon EC2 Instance Metadata Service (IMDS) to IMDSv2 only. The company's current configuration option supports both iMDSvi and iM0Sv2. The security enhancement must not create an SAP outage.
What should the company do before it applies the security enhancement on EC2 instances that are running the SAP environment?

• A. Ensure that the AWS Data Provider for SAP is installed on each EC2 instance
• B. Ensure that the EC2 instances are Nitro based
• C. Ensure that the SAP kernel versions are 7 45 or later
• D. Stop the EC2 instances

正解: C

 

質問 24
A company is planning to move to AWS. The company wants to set up sandbox and test environments on AWS to perform proofs of concept (POCs) Development and production environments will remain on premises until the POCs are completed.
At the company's on-premises location SAProuter is installed on the same server as SAP Solution Manager.
The company uses SAP Solution Manager to monitor the entire landscape The company uses SAP router to connect to SAP Support The on-premises SAP Solution Manager instance must monitor the performance and server metrics of the newly created POC systems on AWS. The existing SAP router must be able to report any issues to SAP What should an SAP solutions architect do to set up this hybrid infrastructure MOST cost-effectively'?

• A. Use AWS Site-to-Site VPN to connect the on-premises network to the AWS environment Connect the POC systems on AWS to the on-premises SAP Solution Manager instance and the on-premises SAP router instance
• B. Add the POC systems on AWS to the existing SAP Transport Management System that is configured m the on-premises SAP systems
• C. Install a new SAP Solution Manager instance and a new SAP router instance m the AWS environment Connect the POC systems to these new instances Use these new instances m parallel with the on-premises SAP Solution Manager instance and the on-premises SAP router instance
• D. Install a new SAP Solution Manager instance and a new SAP router instance in the AWS environment install the Amazon CloudWatch agent on all on-premises instances Push the monitoring data to the new SAP Solution Manager instance Connect ail on-premises systems and POC systems on AWS to the new SAP Solution Manager instance and the new SAP router instance Remove the on-premises SAP Solution Manager instance and the on-premises SAP router instance Use the new instances on AWS

正解: A

解説:
Explanation
It allows to use the existing on-premises SAP Solution Manager and SAP router instances to monitor and report issues from the POC systems on AWS, thus minimizing the additional infrastructure costs. Also this approach allows to use the VPN to establish a secure connection between the on-premises network and the AWS environment, thus ensuring that the monitoring data is transmitted securely. Option D can also be used to manage the transport of the customizing objects and support packages between the on-premises systems and the POC systems on AWS.

 

質問 25
A company is migrating its SAP workloads to AWS The company's IT team installs a highly available SAP
S.4HANA system that uses the SAP HANA system replication cluster package on SUSE Linux Enterprise Server The IT team deploys the system by using cluster nodes m different Availability Zones within the same AWS Region.
After the initial launch of the SAP application the application is accessible However after failover the IT team cannot access the application even though the system is up and running on the secondary node After investigation an SAP solutions architect discovers that the virtual IP address has not been used correctly Which combination of steps should the SAP solutions architect take to resolve this problem? (Select TWO.)

• A. Use an overlay IP address as a virtual IP address
• B. Use an overlay IP address as a secondary IP address with the primary node of the cluster
• C. Choose an overlay IP address within the VPC CiDR block that corresponds with the secondary node of the cluster
• D. Choose an overlay IP address outside the VPC CiDR block that hosts the application and the database
• E. Choose an overlay IP address within the VPC CIDR block that corresponds with the primary node of the cluster

正解: B,E

 

質問 26
A company wants to improve the RPO and RTO for its SAP disaster recovery (DR) solution by running the DR solution on AWS The company is running SAP ERP Central Component (SAP ECO on SAP HANA The company has set an RPO of 15 minutes and an RTO of 4 hours.
The production SAP HANA database is running on a physical appliance that has x86 architecture. The appliance has 1 TB of memory and the SAP HANA global allocation limit is set to 768 GB. The SAP application servers are running as VMs on VMware and they store data on an NFS file system The company does not want to change any existing SAP HANA parameters that are related to data and log backup for its on-premises systems.
What should an SAP solutions architect do to meet the DR objectives MOST cost-effectively?

• A. For the SAP HANA database SAP application servers and NFS Me shares use CloudEndure Disaster Recovery to replicate the data continuously from on premises to AWS Use CloudEndure Disaster Recovery to launch target instances in the event of a disaster
• B. For the SAP HANA database use a smaller SAP certified Amazon EC2 instance Use SAP HANA system replication with ASYNC replication mode to replicate the data continuously from on premises to AWS For the SAP application servers use CloudEndure Disaster Recovery for continuous data replication For NFS file shares sapmnt and .'uv-sap'trans. establish real-time synchronization from AWS DataSync to Amazon Elastic File System (Amazon EFS)
• C. For the SAP HANA database change the log backup frequency to 5 minutes Move the data and log backups to Amazon S3 by using AWS Storage Gateway File Gateway For the SAP application servers export the VMs as AMIs by using the VM Import'Export feature from AWS For NFS file shares
  /sapmnt and 'usr saplrans establish realtime synchronization from AWS DataSync to Amazon Elastic Foe System (Amazon EFS)
• D. For the SAP HANA database change the log backup frequency to 5 minutes Move the data and log backups to Amazon S3 by using the AWS CLI or AWS DataSync Launch the SAP HANA database For the SAP application servers, export the VMs as AMis by using the VM import/Export feature from AWS For NFS file shares/sapmnt and usr-sap/trans/ establish real-time synchronization from DataSync to Amazon Elastic File System (Amazon EFS)

正解: B

 

質問 27
A company needs to migrate its critical SAP workloads from an on-premises data center to AWS The company has a few source production databases that are 10 TB or more in size The company wants to minimize the downtime for this migration As part of the proof of concept the company used a low-speed high-latency connection between its data center and AWS During the actual migration the company wants to maintain a consistent connection that delivers high bandwidth and low latency. The company also wants to add a layer of connectivity resiliency. The backup connectivity does not need to be as fast as the primary connectivity An SAP solutions architect needs to determine the optimal network configuration for data transfer. The solution must transfer the data with minimum latency Which configuration will meet these requirements?

• A. Set up Amazon Elastic fie System (Amazon EPS) file system storage between the on-premises data center and AWS Configure a cron job to copy the data into this EFS mount Access the data in the EFS file system from the target environment
• B. Set up two redundant AWS Site-to-Site VPN connections for connectivity between the on-premises data center and AWS
• C. Set up one AWS Direct Connect connection for connectivity between the on-premises data center and AWS Add an AWS Site-to-Site VPN connection as a backup to the Direct Connect connection
• D. Set up an AWS Direct Connect gateway with multiple Direct Connect connections that use a link aggregation group (LAG) between the on-premises data center and AWS

正解: D

 

質問 28
A company hosts multiple SAP applications on Amazon EC2 instances in a VPC While monitoring the environment the company notices that multiple port scans are attempting to connect to SAP portals inside the VPC. These port scans are originating from the same IP address block. The company must deny access to the VPC from all the offending IP addresses for the next 24 hours.
Which solution win meet this requirement?

• A. Add a rule in the security group of the EC2 instances to deny access from the IP address block
• B. Modify network ACLs that are associated with all public subnets in the VPC to deny access from the IP address block
• C. Create a policy in AWS identity and Access Management (1AM) to deny access from the IP address block
• D. Configure the firewall m the operating system of the EC2 instances to deny access from the IP address block

正解: C

 

質問 29
A company has deployed SAP workloads on AWS The AWS Data Provider for SAP is installed on the Amazon EC2 instance where the SAP application is running An SAP solutions architect has attached an IAM role to the EC2 instance with the following policy.

The AWS Data Provider for SAP is not returning any metrics to the SAP application. Which change should the SAP solutions architect make to the 1AM permissions to resolve this issued.

• A. Add the cloudwatch GetMetricStream action (o the policy statement with Sid AWSDataProvider
• B. Add the cloudwatch GetMetricStatrstics action to the policy statement with Sid AWSDataProvider1
• C. Add the cloudwatch ListMetrics action to the policy statement with Sid AWSDataProvider1.
• D. Add the cloudwatch DescribeAlarmsForMetric action to the policy statement with Sid AWSDataProvider

正解: B

解説:
Explanation
The AWS Data Provider for SAP requires the ability to access metrics data in order to return metrics to the SAP application. The IAM policy statement with Sid "AWSDataProvider1" currently does not have the necessary permissions to access metrics data. The SAP solutions architect should add the cloudwatch:GetMetricStatistics action to the policy statement with Sid "AWSDataProvider1" to grant the necessary permissions for the Data Provider to access metrics data.
The other actions such as "EC2:DescribeInstances" and "EC2:DescribeVolumes" are not related to CloudWatch metrics and only provide the ability to describe EC2 instances and volumes. Actions such as
"s3:GetObject" are not related to CloudWatch metrics, it's used to get an object from an S3 bucket. Actions such as "cloudwatch:ListMetrics" and "cloudwatch:DescribeAlarmsForMetric" would not be necessary for the AWS Data Provider for SAP to return metrics to the SAP application and it's not related to the problem described.

 

質問 30
A company is starting a new project to implement an SAP landscape with multiple accounts that belong to multiple teams in the us-east-2 Region. These teams include procurement finance sales and human resources An SAP solutions architect has started designing this new landscape and the AWS account structures The company wants to use automation as much as possible The company also wants to secure the environment implement federated access to accounts centralize logging and establish cross-account security audits in addition the company's management team needs to receive a top-level summary of policies that are applied to the AWS accounts.
What should the SAP solutions architect do to meet these requirements?

• A. Use an AWS Elastic Beanstalk blue green deployment to create 1AM policies and apply them to multiple accounts together Use an Amazon CloudWatch dashboard to check the applied policies in the accounts
• B. Use AWS CloudFormation StackSets to apply SCPs to multiple accounts in multiple Regions. Use an Amazon CloudWatch dashboard to check the applied policies in the accounts
• C. Apply SCPs through AWS Control Tower Use the AWS Control Tower integrated dashboard to check the applied policies in the accounts
• D. Implement guardrails by using AWS CodeDeploy and AWS CodePipeline to deploy SCPs into each account Use the CodePipeline deployment dashboard to check the applied policies in the accounts

正解: C

 

質問 31
A company has an SAP environment that runs on AWS. The company wants to enhance security by restricting Amazon EC2 Instance Metadata Service (IMDS) to IMDSv2 only. The company's current configuration option supports both iMDSvi and iM0Sv2. The security enhancement must not create an SAP outage.
What should the company do before it applies the security enhancement on EC2 instances that are running the SAP environment?

• A. Ensure that the AWS Data Provider for SAP is installed on each EC2 instance
• B. Ensure that the EC2 instances are Nitro based
• C. Stop the EC2 instances
• D. Ensure that the SAP kernel versions are 7.45 or later

正解: D

解説:
Explanation
Ensure that the SAP kernel versions are 7.45 or later. This is important because IMDSv2 is only supported by SAP kernel versions 7.45 and later. If the SAP kernel versions are not at least 7.45, then the enhancement will cause an SAP outage as the instances will not be able to communicate with the metadata service.

 

質問 32
A company needs to implement high availability for its SAP S 4HANA system on AWS The company will use a SUSE Linux Enterprise Server clustering solution in private subnets across two Availability Zones An SAP solutions architect must ensure that the solution can route traffic to the active SAP instance m this clustered configuration.
What should the SAP solutions architect do to meet these requirements?

• A. implement the SAP duster solution by using an overlay IP address that is outside the CIDR block of the VPC Use overlay IP address routing to dynamically update the route table to point to the active node and provide external access by using a Network Load Balancer or AWS Transit Gateway.
• B. Implement the SAP cluster solution by using an Elastic IP address Mask the failure of an instance or software by rapidly remapping the address to another instance in the account
• C. Implement the SAP duster solution by using a public IP address Use this public IP address for communication between the instances and the internet
• D. Implement the SAP cluster solution by using a secondary private IP address Reassign the secondary private IP address from one network interface to another network interface in the event of any failure that affects the primary instance.

正解: A

 

質問 33
A company wants 10 migrate its SAP ERP landscape to AWS The company will use a highly available distributed deployment for the new architecture Clients will access SAP systems from a local data center through an AWS Site-to-Site VPN connection that is already in place An SAP solutions architect needs to design the network access to the SAP production environment Which configuration approaches will meet these requirements? (Select TWO.)

• A. For the ASCS instance configure an overlay IP address that is within the production VPC ClDR range Create a target group that points to the overlay IP address Create a Network Load Balancer and register the target group Create a static route on the production VPC to route traffic that is directed to the overlay IP address to the ASCS instance
• B. For the ASCS instance configure an overlay IP address that is outside the production VPC ClDR range Create a target group that points to the overlay IP address Create a Network Load Balancer, and register the target group Create a static route on the production VPC to route traffic that is directed to the overlay IP address to the ASCS instance
• C. For the ASCS instance configure an overlay IP address that is within the production VPC ClDR range Create an AWS Transit Gateway Attach me VPN to the transit gateway Use the transit gateway to route the communications between the local data center and the production VPC Create a static route on the production VPC to route traffic that is directed to the overlay IP address to the ASCS instance
• D. For the ASCS instance configure an overlay IP address that is outside the production VPC ClDR range Create a target group that points to the overlay IP address Create an Application Load Balancer and register the target group Create a static route on the production VPC to route traffic that is directed to the overlay IP address to the ASCS instance.
• E. For the ASCS instance configure an overlay IP address that is outside the production VPC ClDR range Create an AWS Transit Gateway Attach the VPN to the transit gateway Use the transit gateway to route the communications between the local data center and the production VPC Create a static route on the production VPC to route traffic that is directed to the overlay IP address to the ASCS instance

正解: B,C

解説:
Explanation
AWS Transit Gateway provides a central hub for the traffic between different VPCs, on-premises data centers, and AWS services. By attaching the VPN connection to the Transit Gateway, the solutions architect can route the communication between the local data center and the production VPC. Additionally, By configuring an overlay IP address within the production VPC, the solutions architect can create a static route on the production VPC to route the traffic to the ASCS instance.
An Application Load Balancer can also provide high availability to the ASCS instance by distributing the traffic to the instance. Additionally, by configuring an overlay IP address outside the production VPC, the solutions architect can create

 

質問 34
A company is running an SAP ERP Central Component (SAP ECC) system on an SAP HANA database that is 10 TB m size The company rs receiving notifications about long-running database backups every day The company uses AWS Backint Agent for SAP HANA (AWS Backint agent) on an Amazon EC2 instance to back up the database An SAP NetWeaver administrator needs to troubleshoot the problem and propose a solution Which solution will help resolve this problem'?

• A. Check the MaximumConcurrentFilesForRestore parameter tor AWS Backint agent Increase the parameter from 5 to 10 by using the aws-backint-agent-config yaml configuration file
• B. Ensure mat AWS Backint agent is configured to send the backups to an Amazon S3 bucket over the internet Ensure that the EC2 instance is configured to access the internet through a NAT gateway
• C. Check the UploadChanneiSize parameter for AWS Backint agent increase this value in the aws-backint-agent-config yaml configuration file based on the EC2 instance type and storage configurations
• D. Ensure that the backups are compressed if necessary configure AWS Backint agent to compress the backups and send them to an Amazon S3 bucket

正解: B

 

質問 35
A company has deployed SAP workloads on AWS The AWS Data Provider for SAP is installed on the Amazon EC2 instance where the SAP application is running An SAP solutions architect has attached an IAM role to the EC2 instance with the following policy.

The AWS Data Provider for SAP is not returning any metrics to the SAP application. Which change should the SAP solutions architect make to the 1AM permissions to resolve this issued.

• A. Add the cloudwatch ListMetrics action to the policy statement with Sid AWSDataProvider1.
• B. Add the cloudwatch GetMetricStream action (o the policy statement with Sid AWSDataProvider
• C. Add the cloudwatch GetMetricStatrstics action to the policy statement with Sid AWSDataProvider1
• D. Add the cloudwatch DescribeAlarmsForMetric action to the policy statement with Sid AWSDataProvider

正解: A

 

質問 36
A company is implementing SAP HANA on AWS According 10 the company's security policy SAP backups must be encrypted Only authorized team members can have the ability to decrypt the SAP backups What is the MOST operationally efficient solution that meets these requirements?

• A. Configure AWS Backint Agent for SAP HANA to create SAP backups in an Amazon S3 bucket After a backup is created encrypt the backup by using client-side encryption Share the encryption key with authorized team members only
• B. Configure AWS Storage Gateway to transfer SAP backups from a file system to an Amazon S3 bucket Use an S3 bucket policy to grant decryption permission to authorized team members only
• C. Configure AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups Grant object ACL decryption permission to authorized team members only
• D. Configure AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups Create a key policy to grant decryption permission to authorized team members only

正解: D

解説:
Explanation
This is the most operationally efficient solution that meets the company's security policy requirements. AWS KMS is a service that enables you to create and manage encryption keys that are used to encrypt and decrypt data. By configuring AWS Backup Agent for SAP HANA to use AWS KMS for SAP backups, the company can ensure that the backups are encrypted at rest and that only authorized team members have the ability to decrypt them. The key policy allows the company to define which team members are authorized to access the key, so that it can be used to decrypt the backup. This approach is operationally efficient because it does not require the company to manually encrypt and decrypt backups, and it enables the company to manage access to the encryption key through IAM policies, without the need for sharing encryption keys.

 

質問 37
A company uses an SAP application that runs batch jobs that ate performance sensitive. The batch jobs can be restarted safely The SAP application has sot application servers. The SAP application functions reliability as long as the SAP application availability remains greater than 60%. The company wants to migrate the SAP application to AWS. The company is using a duster with two Availability Zones How should the company distribute the SAP application servers to maintain system reliability?

• A. Create an Amazon EC2 Auto Scaling group across two Availability Zones Set a minimum capacity value of 4.
• B. Distribute the SAP application servers equally across two Availability Zones
• C. Distribute the SAP application servers equally across three Availability Zones
• D. Distribute the SAP application servers equally across three partition placement groups

正解: C

解説:
Explanation
This will ensure that even in the event of a failure in one Availability Zone, the remaining two Availability Zones will still have sufficient capacity to meet the availability requirement of greater than 60%. This will also provide an additional layer of redundancy and protection against a single point of failure.

 

質問 38
An SAP solutions architect is designing an SAP HANA scale-out architecture for SAP Business Warehouse (SAP BW) on SAP HANA on AWS. The SAP solutions architect identifies the design as a three-node scale out deployment of x1e 32xlarge Amazon EC2 instances The SAP solutions architect must ensure that the SAP HANA scale-out nodes can achieve the low-latency and high-throughput network performance that are necessary for node-to-node communication Which combination of steps should the SAP solutions architect take to meet these requirements? (Select TWO.)

• A. Create a cluster placement group Launch the instances into the cluster placement group
• B. Based on the operating system version verify that enhanced networking is enabled on all the nodes
• C. Switch to a different instance family that provides network throughput that is greater than 25 Gbps
• D. Create a partition placement group Launch the instances into the partition placement group
• E. Create a spread placement group Launch the instances into the spread placement group

正解: C,D

 

質問 39
A company has deployed a highly available SAP NetWeaver system on SAP HANA into a VPC The system is distributed across multiple Availability Zones within a single AWS Region SAP NetWeaver is running on SUSE Linux Enterprise Server for SAP SUSE Linux Enterprise High Availability Extension is configured to protect SAP ASCS and ERS instances and uses the overlay IP address concept The SAP shared dies sapmnt and . usrsap. trans are hosted on an Amazon Elastic File System (Amazon EFS) tile system The company needs a solution that uses already-existing private connectivity to the VPC. The SAP NetWeaver system must be accessible through the SAP GUI client tool.
Which solutions will meet these requirements? (Select TWO)

• A. Use an Amazon Route 53 private zone Create an A record that has the overlay IP address as a target
• B. Deploy a Network Load Balancer Configure the overlay IP address as a target
• C. Use a NAT gateway Configure the overlay IP address as a target
• D. Deploy an Application Load Balancer Configure the overlay IP address as a target
• E. Use AWS Transit Gateway Configure the overlay IP address as a static route in the transit gateway route table Specify the VPC as a target

正解: D,E

解説:
Explanation
The Application Load Balancer (ALB) would be a good solution for the company's requirements, it provides a layer-7 load balancing and it's highly available, it allows the company to use the overlay IP address as a target and makes the SAP NetWeaver system accessible through the SAP GUI client tool.
AWS Transit Gateway can also be used to meet the company's requirements, it provides a centralized and scalable solution to route traffic between VPCs. The company can configure the overlay IP address as a static route in the transit gateway route table and specify the VPC as a target. This would allow the company to use the existing private connectivity to the VPC and make the SAP NetWeaver system accessible through the SAP GUI client tool.

 

質問 40
Business users are reporting timeouts during periods of peak query activity on an enterprise SAP HANAdata mart An SAP system administrator has discovered that at peak volume the CPU utilization increases rapidly to
100% for extended periods on the x1.32xlarge Amazon EC2 instance where the database is installed However the SAP HANA database is occupying only 1 120 GiB of the available 1 952 GiB on the instance 10 wart times are not increasing Extensive query tuning and system tuning have not resolved this performance problem Which solutions should the SAP system administrator use to improve the performance? (Select TWO.)

• A. Move to a scale-out architecture for SAP HANA with at least three x1 16xlarge instances
• B. Change to a supported compute optimized instance type for SAP HANA
• C. Reduce the global_allocation_limit parameter to i 120 GiB
• D. Migrate the SAP HANA database to an EC2 High Memory instance with a larger number of available vCPUs
• E. Modify the Amazon Elastic Block Store (Amazon EBS) volume type from General Purpose to Provisioned lOPS for ail SAP HANA data volumes

正解: B,E

 

質問 41
......

Amazon PAS-C01問題集PDFのベストを目指すなら問題集を使おう 目指そう高得点：https://www.jpntest.com/shiken/PAS-C01-mondaishu

PAS-C01.PDFで問題解答PDFサンプル問題は信頼され続ける：https://drive.google.com/open?id=1ju7c26gucXt6u4RU2I7HbLjXQnLYC61B