ExpertMinds LogoExpertMinds
Medium1 markMultiple Choice
Domain 4.2: New Architecture DesignDatabaseAuroraSecurity

AWS SAP-C02 · Question 20 · Domain 4.2: New Architecture Design

A company is migrating a critical MySQL database to Amazon Aurora MySQL. The database handles high-volume financial transactions. The architecture must ensure zero data loss (RPO = 0) in the event of an Availability Zone failure, and minimal downtime (RTO < 1 minute). The application must securely authenticate to the database without hardcoding credentials. Which combination of features should be used? (Select TWO)

Answer options:

A.

Deploy an Amazon Aurora Multi-AZ cluster.

B.

Use AWS IAM database authentication for the application to connect to Aurora.

C.

Deploy Amazon RDS for MySQL with Multi-AZ and synchronous replication.

D.

Use AWS Secrets Manager to rotate the database credentials every hour.

E.

Configure Aurora Global Database with synchronous cross-region replication.

F.

Use Amazon ElastiCache for Redis to cache transactions before writing to Aurora.

How to approach this question

Select the native Aurora HA feature and the most secure authentication method.

Full Answer

Deploy an Amazon Aurora Multi-AZ cluster., Use AWS IAM database authentication for the application to connect to Aurora.
Amazon Aurora automatically maintains 6 copies of your data across 3 Availability Zones, providing synchronous replication and RPO=0 for AZ failures. Failover is automatic and typically completes in under a minute. For secure authentication without hardcoded credentials, AWS IAM database authentication uses short-lived authentication tokens instead of passwords.

Common mistakes

Selecting Secrets Manager when IAM authentication is an option, or confusing Aurora's regional HA with Global Database.
19All questions21

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 5

75 questions · hints · full answers · grading

Sign up freeTake the exam

More questions from this exam

Q01A global enterprise is redesigning its AWS network architecture across 50 AWS accounts and 3 AWS ...HardQ02A company uses AWS Organizations to manage multiple accounts. The security team mandates that no ...MediumQ03A financial institution requires a disaster recovery strategy for its critical trading applicatio...HardQ04An enterprise is setting up a new multi-account AWS environment using AWS Control Tower. They nee...MediumQ05A company has a complex AWS environment with hundreds of linked accounts under AWS Organizations....Hard
View all 75 questions →