Domain 3.1: Operational Excellence

A company wants to improve operational excellence by automatically remediating non-compliant AWS resources. For example, if an S3 bucket is created without public access block enabled, it should be automatically corrected. Which solution achieves this?

A company wants to implement Site Reliability Engineering (SRE) practices. They need to define Service Level Objectives (SLOs) and track Error Budgets for their microservices running on Amazon EKS. Which AWS service is BEST suited for this observability requirement?

A development team wants to trace requests as they travel through a distributed microservices architecture consisting of Amazon API Gateway, AWS Lambda, and Amazon DynamoDB. They need to identify performance bottlenecks. Which AWS service should they use?

A company wants to improve the operational excellence of their AWS environment. They want to automatically track changes to AWS resources, evaluate those changes against compliance rules, and receive alerts if a resource becomes non-compliant. Which THREE AWS services should be integrated to achieve this? (Select THREE)

A company wants to improve the operational excellence of their AWS environment. They want to automatically detect when an EC2 instance is underutilized, automatically resize it to a smaller instance type, notify the operations team, and log the action for auditing. Which FOUR services should be combined to achieve this? (Select FOUR)

An enterprise is using AWS Transit Gateway to connect 50 VPCs. They want to monitor the network traffic flowing between specific VPCs to identify potential security threats and performance bottlenecks. Which feature should they enable?

An enterprise wants to improve operational excellence by automatically remediating unencrypted EBS volumes. Which solution requires the LEAST operational overhead?

A company wants to track the end-to-end latency of user requests as they travel through API Gateway, AWS Lambda, and Amazon DynamoDB. Which service provides this observability?

An operations team manually patches 1,000 EC2 instances every month. They want to automate this process, ensuring patches are applied during specific maintenance windows and compliance is reported centrally. Which service should they use?

A company wants to improve the operational excellence of their serverless architecture (API Gateway, Lambda, DynamoDB). They need to track error rates, visualize request latency, and receive alerts if the error rate exceeds 5%. Which THREE services should they use? (Select THREE)

A company is using AWS Organizations. They want to ensure that any new EC2 instance launched in any account automatically has the AWS Systems Manager (SSM) Agent installed and is managed by SSM. They also want to automatically apply critical OS patches every weekend. What is the MOST operationally efficient way to achieve this?

An enterprise wants to improve its operational excellence by automating incident response. When an EC2 instance fails a status check, they want to automatically capture memory dumps, restart the instance, and notify the operations team via Slack. Which combination of services should be used to build this automated runbook? (Select THREE)

A security team is investigating a potential breach. They need to analyze VPC Flow Logs, AWS CloudTrail logs, and Amazon Route 53 DNS logs across 50 AWS accounts. The logs are currently stored in a centralized Amazon S3 bucket in a dedicated Security account. The team needs to query this massive dataset using standard SQL without provisioning any infrastructure. Which service should they use?

A company has a legacy application running on a single large EC2 instance. The application writes logs to a local file. The operations team wants to centralize these logs in Amazon CloudWatch Logs to set up metric filters and alarms. The application cannot be modified to use the AWS SDK. How can the Architect achieve this with the LEAST operational overhead?

A development team is using AWS CloudFormation to manage their infrastructure. They frequently update a stack that contains an Amazon RDS database. Recently, a junior developer accidentally modified the database identifier in the CloudFormation template, which caused CloudFormation to replace (delete and recreate) the database, resulting in data loss. How can the Architect prevent this from happening again?

A company wants to improve operational excellence by automatically remediating non-compliant AWS resources. For example, if an S3 bucket is created without versioning enabled, it should be automatically enabled. Which combination of services achieves this?

A distributed microservices application spans EC2, ECS, and Lambda. Developers are struggling to trace requests as they travel through the various services, making debugging difficult. Which service should the architect implement to provide end-to-end visibility?

An operations team manually patches 500 EC2 instances across 10 AWS accounts every month. This process is error-prone and time-consuming. How can the architect automate this process across all accounts?

A company wants to track the operational health of their workloads against their defined Service Level Objectives (SLOs). They need a centralized dashboard that aggregates metrics, alarms, and logs to calculate an 'error budget'. Which AWS feature supports this?

During a major incident, the operations team needs to securely execute a series of diagnostic scripts on EC2 instances without opening inbound SSH ports or managing bastion hosts. How should they achieve this?

A company has a legacy monolithic application running on a single large EC2 instance. The application frequently crashes due to memory leaks. The company wants to improve operational excellence by automatically detecting these crashes and restarting the application service without manual intervention. Which solution requires the LEAST operational overhead?

A company is designing a hybrid cloud architecture. They have an AWS Direct Connect connection. They want to use AWS Systems Manager to manage their on-premises servers alongside their EC2 instances. The on-premises servers do not have direct internet access. Which combination of steps is required? (Select THREE)

A company has a fleet of Amazon EC2 instances running a legacy application. The application logs are written to local text files. The company wants to centralize these logs, search them in near real-time, and create dashboards to monitor application errors. Which solution requires the LEAST operational overhead?

An organization is using AWS CloudFormation to manage its infrastructure. They want to ensure that any manual changes made to resources outside of CloudFormation are detected and reported. Which CloudFormation feature should they use?