SAP-C02 第 500 题
题目
A company runs an ecommerce web application on AWS. The web application is hosted as a static website on Amazon S3 with Amazon CloudFront for content delivery. An Amazon API Gateway API invokes AWS Lambda functions to handle user requests and order processing for the web application The Lambda functions store data in an Amazon ROS for MySQL DB cluster that uses On-Demand instances. The DB cluster usage has been consistent in the past 12 months. Recently, the website has experienced SQL injection and web exploit attempts. Customers also report that order processing time has increased during periods of peak usage. During these periods, the Lambda functions often have cold starts. As the company grows, the company needs to ensure scalability and low-latency access during traffic peaks. The company also must optimize the database costs and add protection against the SQL injection and web exploit attempts. Which solution will meet these requirements?
中文翻译:
一家公司在 AWS 上运行电子商务 Web 应用程序。该 Web 应用程序作为静态网站托管在 Amazon S3 上,并使用 Amazon CloudFront 进行内容交付。 Amazon API Gateway API 调用 AWS Lambda 函数来处理 Web 应用程序的用户请求和订单处理。Lambda 函数将数据存储在使用按需实例的 Amazon ROS for MySQL 数据库集群中。数据库集群使用情况在过去 12 个月中保持一致。近期,该网站遭遇SQL注入和Web漏洞攻击。客户还报告说,在使用高峰期,订单处理时间有所增加。在此期间,Lambda 函数通常会冷启动。随着公司的发展,公司需要保证流量高峰时的可扩展性和低延迟访问。该公司还必须优化数据库成本并增加针对 SQL 注入和 Web 攻击尝试的保护。哪种解决方案可以满足这些要求?
选项
A. Configure the Lambda functions to have an increased timeout value during peak periods. Use RDS Reserved Instances for the database. Use CloudFront and subscribe to AWS Shield Advanced to protect against the SQL injection and web exploit attempts.
中文翻译:
将 Lambda 函数配置为在高峰时段增加超时值。使用数据库的 RDS 预留实例。使用 CloudFront 并订阅 AWS Shield Advanced 以防范 SQL 注入和 Web 攻击尝试。
B. Increase the memory of the Lambda functions, Transition to Amazon Redshift for the database. Integrate Amazon Inspector with CloudFront to protect against the SQL injection and web exploit attempts.
中文翻译:
增加 Lambda 函数的内存,将数据库过渡到 Amazon Redshift。将 Amazon Inspector 与 CloudFront 集成,以防止 SQL 注入和 Web 攻击尝试。
C. Use Lambda functions with provisioned concurrency for compute during peak periods, Transition to Amazon Aurora Serverless for the database. Use CloudFront and subscribe to AWS Shield Advanced to protect against the SQL injection and web exploit attempts.
中文翻译:
在高峰期使用具有预配置并发性的 Lambda 函数进行计算,数据库过渡到 Amazon Aurora Serverless。使用 CloudFront 并订阅 AWS Shield Advanced 以防范 SQL 注入和 Web 攻击尝试。
D. Use Lambda functions with provisioned concurrency for compute during peak periods. Use RDS Reserved Instances for the database. Integrate AWS WAF with CloudFront to protect against the SQL injection and web exploit attempts.
中文翻译:
使用具有预配置并发性的 Lambda 函数在高峰时段进行计算。使用数据库的 RDS 预留实例。将 AWS WAF 与 CloudFront 集成,以防止 SQL 注入和 Web 攻击尝试。
答案
D
解析
正确答案:D 解析: 本题应选择 D。 正确选项: D. 使用具有预配置并发性的 Lambda 函数在高峰时段进行计算。使用数据库的 RDS 预留实例。将 AWS WAF 与 CloudFront 集成,以防止 SQL 注入和 Web 攻击尝试。 选择理由: 该选项最直接地满足题干中的关键约束。做 SAP-C02 题目时,需要同时对照题干里的限定词,例如最高性能、最低运维开销、成本效益、可靠性、可扩展性、安全性、RTO/RPO、合规要求...