SAP-C02 第 40 题
题目
A company is hosting an image-processing service on AWS in a VPC. The VPC extends across two Availability Zones. Each Availability Zone contains one public subnet and one private subnet. The service runs on Amazon EC2 instances in the private subnets. An Application Load Balancer in the public subnets is in front of the service. The service needs to communicate with the internet and does so through two NAT gateways. The service uses Amazon S3 for image storage. The EC2 instances retrieve approximately 1 ТВ of data from an S3 bucket each day. The company has promoted the service as highly secure. A solutions architect must reduce cloud expenditures as much as possible without compromising the service’s security posture or increasing the time spent on ongoing operations. Which solution will meet these requirements?
中文翻译:
一家公司在 AWS 上的 VPC 中托管图像处理服务。 VPC 跨越两个可用区。每个可用区包含 1 个公有子网和 1 个私有子网。该服务在私有子网中的 Amazon EC2 实例上运行。公有子网中的应用程序负载均衡器位于服务前面。该服务需要与 Internet 进行通信,并通过两个 NAT 网关进行通信。该服务使用 Amazon S3 进行图像存储。 EC2 实例每天从 S3 存储桶检索大约 1TB 数据。该公司将该服务宣传为高度安全的。解决方案架构师必须在不影响服务安全状况或增加持续运营时间的情况下尽可能减少云支出。哪种解决方案可以满足这些要求?
选项
A. Replace the NAT gateways with NAT instances. In the VPC route table, create a route from the private subnets to the NAT instances.
中文翻译:
将 NAT 网关替换为 NAT 实例。在 VPC 路由表中,创建从私有子网到 NAT 实例的路由。
B. Move the EC2 instances to the public subnets. Remove the NAT gateways.
中文翻译:
将 EC2 实例移至公有子网。删除 NAT 网关。
C. Set up an S3 gateway VPC endpoint in the VPC. Attach an endpoint policy to the endpoint to allow the required actions on the S3 bucket.
中文翻译:
在 VPC 中设置 S3 网关 VPC 终端节点。将端点策略附加到端点以允许在 S3 存储桶上执行所需的操作。
D. Attach an Amazon Elastic File System (Amazon EFS) volume to the EC2 instances. Host the images on the EFS volume.
中文翻译:
将 Amazon Elastic File System (Amazon EFS) 卷附加到 EC2 实例。将映像托管在 EFS 卷上。
答案
C
解析
正确答案:C 解析: 本题应选择 C。 正确选项: C. 在 VPC 中设置 S3 网关 VPC 终端节点。将端点策略附加到端点以允许在 S3 存储桶上执行所需的操作。 选择理由: 该选项最直接地满足题干中的关键约束。做 SAP-C02 题目时,需要同时对照题干里的限定词,例如最高性能、最低运维开销、成本效益、可靠性、可扩展性、安全性、RTO/RPO、合规要求等。本题相关考点主要包括:VPC、S3、EC2、EFS。 排除思路: A、B、...