SAP-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

SAP-C02 Exam - Question 452

A company stores and manages documents in an Amazon Elastic File System (Amazon EFS) file system. The file system is encrypted with an AWS Key Management Service (AWS KMS) key. The file system is mounted to an Amazon EC2 instance that runs proprietary software.

The company has enabled automatic backups for the file system. The automatic backups use the AWS Backup default backup plan.

A solutions architect must ensure that deleted documents can be recovered within an RPO of 100 minutes.

Which solution will meet these requirements?

Show Answer
Correct Answer: A

To ensure that deleted documents can be recovered within an RPO of 100 minutes, it is necessary to have a frequent backup schedule. Creating a new IAM role and a new backup plan ensures that the proper permissions are in place. Updating the KMS key policy allows the new IAM role to use the key, facilitating the encrypted backups. Implementing an hourly backup schedule meets the requirement of recovering data within 100 minutes, as hourly backups will ensure that no data is older than 60 minutes at worst. This approach provides a balance between frequency and managing operational overhead without requiring non-standard solutions like custom cron tasks.

Discussion

8 comments
Sign in to comment
VerRiOption: A
Mar 25, 2024

The default backup plan is once a day, which cannot meet the RPO, so C and D are out. We need both EventBridge and Lambda functions to frequently backup the EFS, so B is out.

AesthetOption: A
Apr 11, 2024

C is not supported, see here: https://docs.aws.amazon.com/aws-backup/latest/devguide/backup-feature-availability.html#features-by-resource B is not possible (minimum is 1 hour, according to https://aws.amazon.com/blogs/storage/automating-backups-and-optimizing-backup-costs-for-amazon-efs-using-aws-backup/#:~:text=cron%20expression%20that%20creates%20backups%20as%20frequently%20as%20hourly). So I vote for A

DgixOption: A
Mar 20, 2024

First of all, using the existing default backup plan means backups only once a day, which disqualifies both C and D. We are thus left with A and B, which both fulfil the RPO. B is slightly more wasteful in that 30-minute backups are overkill. Also, B requires a custom cron task to be set up using EventBridge as it is a non-standard one for AWS Backup. A, however, can be accomplished without extra operational overhead. Therefore, A.

pangchnOption: B
Mar 24, 2024

B Using the AWS Backup console, you can choose a frequency of every 12 hours, daily, weekly, or monthly. You can also create a cron expression that creates backups as frequently as hourly ref: https://aws.amazon.com/blogs/storage/automating-backups-and-optimizing-backup-costs-for-amazon-efs-using-aws-backup/ PITR is not supported for EFS mentioned by djangoUnchained, so C is out From AWS console, the most frequently backup is daily.

CMMCOption: C
Mar 19, 2024

Creating a new IAM role and updating the KMS key policy to allow the role to use the key ensures that the backup mechanism has the necessary permissions for encryption. Enabling continuous backups for point-in-time recovery to increases the likelihood of being able to recover deleted documents within the specified RPO of 100 minutes.

djangoUnchained
Mar 20, 2024

It seems PITR is not supported for EFS https://docs.aws.amazon.com/aws-backup/latest/devguide/point-in-time-recovery.html

AWSPro1234
Mar 22, 2024

Answer C.

titi_rOption: A
Apr 24, 2024

Answer A.

053081fOption: A
Jul 12, 2024

I checked the AWS Backup console and you cannot setup backup plan less than 1 hour, so 30 min backup(B) will be excluded.