Amazon PAS-C01 Exam Practice Test Instant Access

Question 1

A global enterprise is running SAP ERP Central Component (SAP ECC) workloads on Oracle in an on-premises environment. The enterprise plans to migrate to SAP S 4HANA on AWS.

The enterprise recently acquired two other companies One of the acquired companies is running SAP ECC on Oracle as its ERP system The other acquired company is running an ERP system that is not from SAP The enterprise wants to consolidate the three ERP systems into one ERP system on SAP S 4HANA on AWS Not all the data from the acquired companies needs to be migrated to the final ERP system The enterprise needs to complete this migration with a solution that minimizes cost and maximizes operational efficiency.

Which solution will meet these requirements?

APerform a lift-and-shift migration of all the systems to AWS Migrate the ERP system that is not from SAP to SAP ECC Convert all three systems to SAP S/4HANA by using SAP Software Update Manager (SUM) Database Migration Option (DMO) Consolidate all three SAP S4HANA systems into a final SAP &4HANAsystem Decommission the other systems

BPerform a lift-and-shift migration of an the systems to AWS Migrate the enterprise's initial system to SAP HANA, and then perform a conversion to SAP S/4HANA
Consolidate the two systems from the acquired companies with this SAP S4HANA system by using the Selective Data Transition approach with SAP Data Management and Landscape Transformation (DMLT)

CUse SAP Software Update Manager (SUM) Database Migration Option (DMO) with System Move to re-architect the enterprise initial system to SAP S'4HANA and to change the platform to AWS Consolidate the two systems from the acquired companies with this SAP S 4HANA system by using the Selective Data Transition approach with SAP Data Management and Landscape Transformation (DMLT)

DUse SAP Software Update Manager (SUM) Database Migration Option (DMO) with System Move to re-architect all the systems to SAP S/4HANA and to change the platform to AWS Consolidate all three SAP S-4HANA systems two a final SAP S/4HANA system Decommission the other systems

Answer : C

By using the selective data transition approach with DMLT, the enterprise would only need to migrate the data that is needed to the final ERP system, reducing the cost and effort required for the migration. Additionally, re-architecting the enterprise's initial system to SAP S/4HANA and changing the platform to AWS would allow the enterprise to take advantage of the scalability and cost savings of the cloud, while still consolidating all three ERP systems into a single SAP S/4HANA system.

Question 2

A company is starting a new project to implement an SAP landscape with multiple accounts that belong to multiple teams in the us-east-2 Region. These teams include procurement finance sales and human resources An SAP solutions architect has started designing this new landscape and the AWS account structures

The company wants to use automation as much as possible The company also wants to secure the environment implement federated access to accounts centralize logging and establish cross-account security audits in addition the company's management team needs to receive a top-level summary of policies that are applied to the AWS accounts.

What should the SAP solutions architect do to meet these requirements?

AUse AWS CloudFormation StackSets to apply SCPs to multiple accounts in multiple Regions. Use an Amazon CloudWatch dashboard to check the applied policies in the accounts

BUse an AWS Elastic Beanstalk blue green deployment to create 1AM policies and apply them to multiple accounts together Use an Amazon CloudWatch dashboard to check the applied policies in the accounts

CImplement guardrails by using AWS CodeDeploy and AWS CodePipeline to deploy SCPs into each account Use the CodePipeline deployment dashboard to check the applied policies in the accounts

DApply SCPs through AWS Control Tower Use the AWS Control Tower integrated dashboard to check the applied policies in the accounts

Answer : D

AWS Control Tower is a service that automates the set up of a secure, compliant, multi-account AWS environment. It helps to establish guardrails and automate the deployment of security policies to multiple accounts in a centralized and consistent manner. By using AWS Control Tower, the SAP solutions architect can establish guardrails across all accounts, set up federated access, centralize logging, and establish cross-account security audits. The integrated dashboard in AWS Control Tower allows the management team to receive a top-level summary of policies that are applied to the AWS accounts. This will help the company to meet their requirements of using automation as much as possible, securing the environment and implementing federated access to accounts, centralizing logging and establishing cross-account security audits.

Question 3

A company needs to migrate its critical SAP workloads from an on-premises data center to AWS The company has a few source production databases that are 10 TB or more in size The company wants to minimize the downtime for this migration

As part of the proof of concept the company used a low-speed high-latency connection between its data center and AWS During the actual migration the company wants to maintain a consistent connection that delivers high bandwidth and low latency. The company also wants to add a layer of connectivity resiliency. The backup connectivity does not need to be as fast as the primary connectivity

An SAP solutions architect needs to determine the optimal network configuration for data transfer. The solution must transfer the data with minimum latency

Which configuration will meet these requirements?

ASet up one AWS Direct Connect connection for connectivity between the on-premises data center and AWS Add an AWS Site-to-Site VPN connection as a backup to the Direct Connect connection

BSet up an AWS Direct Connect gateway with multiple Direct Connect connections that use a link aggregation group (LAG) between the on-premises data center and AWS

CSet up Amazon Elastic fie System (Amazon EPS) file system storage between the on-premises data center and AWS Configure a cron job to copy the data into this EFS mount Access the data in the EFS file system from the target environment

DSet up two redundant AWS Site-to-Site VPN connections for connectivity between the on-premises data center and AWS

Answer : A

Question 4

A company is implementing SAP HANA on AWS According 10 the company's security policy SAP backups must be encrypted Only authorized team members can have the ability to decrypt the SAP backups

What is the MOST operationally efficient solution that meets these requirements?

AConfigure AWS Backint Agent for SAP HANA to create SAP backups in an Amazon S3 bucket After a backup is created encrypt the backup by using client-side encryption Share the encryption key with authorized team members only

BConfigure AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups Create a key policy to grant decryption permission to authorized team members only

CConfigure AWS Storage Gateway to transfer SAP backups from a file system to an Amazon S3 bucket Use an S3 bucket policy to grant decryption permission to authorized team members only

DConfigure AWS Backint Agent for SAP HANA to use AWS Key Management Service (AWS KMS) for SAP backups Grant object ACL decryption permission to authorized team members only

Answer : B

This is the most operationally efficient solution that meets the company's security policy requirements. AWS KMS is a service that enables you to create and manage encryption keys that are used to encrypt and decrypt data. By configuring AWS Backup Agent for SAP HANA to use AWS KMS for SAP backups, the company can ensure that the backups are encrypted at rest and that only authorized team members have the ability to decrypt them. The key policy allows the company to define which team members are authorized to access the key, so that it can be used to decrypt the backup. This approach is operationally efficient because it does not require the company to manually encrypt and decrypt backups, and it enables the company to manage access to the encryption key through IAM policies, without the need for sharing encryption keys.

Question 5

A company's basis administrator is planning to deploy SAP on AWS m Linux. The basis administrator must set up the proper storage to store SAP HANA data and log volumes. Which storage options should the basis administrator choose to meet these requirements? (Select TWO.)

AAmazon Elastic Block Store (Amazon EBS) Throughput Optimized HDD (st1)

BAmazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1, k>2)

CAmazon S3

DAmazon Elastic File System (Amazon EFS)

EAmazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2 gp3)

Answer : B, E

Amazon Elastic Block Store (EBS) Provisioned IOPS SSD (io1) provides high IOPS, low latency, and high throughput, making it ideal for use as a storage option for SAP HANA data and log volumes. It is designed for I/O-intensive workloads and is recommended for SAP HANA. Amazon Elastic Block Store (EBS) General Purpose SSD (gp2, gp3) is also a good choice for SAP HANA data and log storage, it provides a balance of performance and cost, with a low latency and high throughput. Amazon S3 is an object storage service and not suitable for storing the SAP HANA data and log volumes. Amazon Elastic File System (Amazon EFS) is a file storage service, it's not a good fit for block-based storage workloads like SAP HANA. https://docs.aws.amazon.com/sap/latest/sap-hana/hana-ops-storage-config.html

Question 6

A company has deployed SAP workloads on AWS The AWS Data Provider for SAP is installed on the Amazon EC2 instance where the SAP application is running An SAP solutions architect has attached an IAM role to the EC2 instance with the following policy.

The AWS Data Provider for SAP is not returning any metrics to the SAP application. Which change should the SAP solutions architect make to the 1AM permissions to resolve this issued.

AAdd the cloudwatch ListMetrics action to the policy statement with Sid AWSDataProvider1.

BAdd the cloudwatch GetMetricStatrstics action to the policy statement with Sid AWSDataProvider1

CAdd the cloudwatch GetMetricStream action (o the policy statement with Sid AWSDataProvider

DAdd the cloudwatch DescribeAlarmsForMetric action to the policy statement with Sid AWSDataProvider

Answer : B

The AWS Data Provider for SAP requires the ability to access metrics data in order to return metrics to the SAP application. The IAM policy statement with Sid 'AWSDataProvider1' currently does not have the necessary permissions to access metrics data. The SAP solutions architect should add the cloudwatch:GetMetricStatistics action to the policy statement with Sid 'AWSDataProvider1' to grant the necessary permissions for the Data Provider to access metrics data.

The other actions such as 'EC2:DescribeInstances' and 'EC2:DescribeVolumes' are not related to CloudWatch metrics and only provide the ability to describe EC2 instances and volumes. Actions such as 's3:GetObject' are not related to CloudWatch metrics, it's used to get an object from an S3 bucket. Actions such as 'cloudwatch:ListMetrics' and 'cloudwatch:DescribeAlarmsForMetric' would not be necessary for the AWS Data Provider for SAP to return metrics to the SAP application and it's not related to the problem described.

https://docs.aws.amazon.com/sap/latest/general/data-provider-troubleshooting.html

Question 7

A company's SAP basis team is responsible for database backups in Amazon S3. The company frequently needs to restore the last 3 months of backups into the pre-production SAP system to perform tests and analyze performance. Previously an employee accidentally deleted backup files from the S3 bucket. The SAP basis team wants to prevent accidental deletion of backup files in the future.

Which solution will meet these requirements?

ACreate a new resource-based policy that prevents deletion of the S3 bucket

BEnable versioning and multi-factor authentication (MFA) on the S3 bucket

CCreate signed cookies for the backup files in the S3 bucket Provide the signed cookies to authorized users only

DApply an S3 Lifecycle policy to move the backup fries immediately to S3 Glacier

Answer : B

enabling versioning and multi-factor authentication (MFA) on the S3 bucket. Versioning will allow you to keep multiple versions of your backup files in the same bucket, so you won't have to worry about accidental deletion. Multi-factor authentication (MFA) will help ensure that only authorized users can access or delete the backup files.

Amazon PAS-C01 AWS Certified: SAP on AWS - Specialty Exam Practice Test