Looking for Amazon SAA-C03 Practice Questions? Rejoice because you have reached your destination. Amazonawsdumps.com have prepared a special kind of test material that alters according to the individual candidate’s skillset. Our smart system presents Amazon SAA-C03 Question Answers exactly like they are in the actual exam. We report your progress at the end of each test to ensures 100% success.
Demo | $35 | Add to cart | |
Test Engine | Demo | $45 | Add to cart |
PDF + Test Engine | $55 | Add to cart |
Here are some more features of Amazon SAA-C03 PDF:
824 questions with answers | Updation Date : 13 Sep, 2024 |
Unlimited practice questions | Routinely Daily Updates |
Takes Just 1 Day to Prepare Exam | Passing Guaranteed at First Go |
Money-Back Facility | 3 Months Free Updates |
SAA-C03 is the new test code of the AWS Certified Solutions Architect - Associate test which is booked to be followed through on August 30, 2022. Its continuous variation is SAA-C02 and is reserved to be decommissioned by August 29, 2022 so you really want to know the differentiation between these two structures.
The AWS Certified Solutions Architect - Associate certificate test is expected for IT Specialists who play out a solution Modeler or DevOps work and have a long time of dynamic contribution with arranging open, cost-capable, deficiency receptive, and flexible dispersed structures on the Amazon Web solutions (AWS) stage. Expecting you at this point have the SAA insistence and you wish you re-affirm, then, you want to step through the exam by August 29 or you can similarly hold on for the new SAA-C03 transformation to arise.
Amazon AWS SAA-C03 Dumps are best for accurate results and 100% passing guarantee methodologies. Amazonawsdumps.com provides most genuine and authentic question and answer PDF material that prepare you 100% for your actual Amazon AWS SAA-C03 Exam. Amazonawsdumps gives you full assistance, passing guarantee and total privacy and security when you purchased Amazon AWS SAA-C03 Exam Dumps from their site.
The candidate who wants to clear Amazon AWS SAA-C03 Exam should have one year working experience in developing cloud solutions by utilizing AWS services.
The exam comprises on two type of questions:
Exam modules Amazon AWS SAA-C03 Exam
Exam format for Amazon AWS SAA-C03 Exam
Most Recent Material Supplier for SAA-C03 Test
Breeze through Amazon SAA-C03 exam with Amazonawsdumps SAA-C03 Dumps PDF. All Amazon SAA-C03 Test Questions are the latest and by and large revived and cover the entire Amazon AWS Certified Solutions Architect - Associate SAA-C03 test schedule. The SAA-C03 Questions and Answers are Printable in Brilliant Guide that you can download in your PC or another device and start setting up your SAA-C03 Test.
Exactly when you are attempting to consider to be trustworthy exam dumps for the course of action of AWS Certified Solutions Architect - Associate (SAA-C03) certification test, you ought to be sure that you are picking the right source. All of the PDF dumps from Amazonawsdumps are made by the recognized specialists and you will really need to get all the help you with expecting for clearing the SAA-C03 test. You can tirelessly interact with their preparation test material so you can achieve the best results. If you have no clue about how you can besides develop your status level for AWS Certified Solutions Architect - Associate (SAA-C03) certificate, then, you should buy the Amazonawsdumps study material and you will not at any point regret.
With the help of test dumps you can achieve 100% accomplishment in your AWS Certified Solutions Architect - Associate (SAA-C03) certification and you won't manage any issues while using PDF dumps for organizing of SAA-C03 test. Test dumps have major areas of strength for basic for a base and their clients are content with the results. They gave the entire day genuinely strong support for tackle any unquestionable issue associated with the test coordinating.
What is passing score for Amazon AWS SAA-C03 Exam?
720 is the minimum passing score that required passing Amazon AWS SAA-C03 Exam.
Can I pass Amazon AWS SAA-C03 Exam with just one week preparation?
Yes with the assistance of Amazon AWS SAA-C03 Exam Dumps you can easily breeze through this exam with just one week or 3 days preparation.
From where can I buy the best exam dumps for Amazon AWS SAA-C03 Exam?
For best and excellent preparation of Amazon AWS SAA-C03 Exam you can check Amazonawsdumps exam dumps and you won’t regret anymore.
What is the passing ratio Amazon AWS SAA-C03 Exam?
The failure rate of Amazon AWS SAA-C03 Exam is above 72% that means only 28% applicant who took the Amazon AWS SAA-C03 Exam somehow manage to pass it.
Which AWS certificate is best for new comers?
The first and most demanding certificate AWS Certified Solution Architect Associate certificate is best for new comers.
In today’s world, you need the validation of your skills to get past the competition. Amazon SAA-C03 Exam is that validation. Not only is Amazon a leading industry in IT but it also offers certification exams to prove Amazon's skills. These skills prove you capable of fulfilling the Amazon job role. To get certified you simply pass the SAA-C03 Exam. This brings us to Amazon SAA-C03 Question Answers set. Passing this certification exam from Amazon may seem easy but it’s not. Many students fail this exam only because they didn’t take it seriously. Don’t make this mistake and order your Amazon SAA-C03 Braindumps right now!
Amazonawsdumps.com is the most popular and reliable website that has helped thousands of candidates excel at Amazon Exams. You could be one of those fortunate few too. Pass your exam in one attempt with Amazon SAA-C03 PDF and own the future. Buy Now!
We know we said passing amazon exams is hard but that’s only if you’ve been led astray. There are millions of Amazon SAA-C03 Practice Questions available online promising success but fail when it comes down to it. Choose your training material carefully and get Amazon SAA-C03 Question Answers that are valid, accurate, and approved by famous IT professionals. Our Amazon SAA-C03 Braindumps are created by experts for experts and generate first-class results in just a single attempt. Don’t believe us? Try our free demo version that contains all the features you’ll get with Amazon SAA-C03 PDF. An interactive design, easy to read format, understandable language, and concise pattern. And if you still don’t get the result you want and fail somehow, you get your money back in full. So, order your set of Amazon SAA-C03 Dumps now!
We promise our customers to take full responsibility for their learning, preparation and passing SAA-C03 Exams without a hunch. Our aim is your satisfaction and ease. That is why we demand only the reasonable cost on Amazon SAA-C03 Practice Questions. Moreover, offer 2 formats: PDF and online test engine. Also, there is always a little extra with our discount coupons.
Amazonawsdumps.com the team is a bunch of experts who got lucky with Amazon SAA-C03 Braindumps. We got what we needed to pass the exam and we went through its challenges as well. That is why we want every Amazon Candidate to get success. Choosing among so many options of Amazon SAA-C03 PDF is a tricky situation. Sometimes they don’t turn out like they first appeared to be. That is the reason we offer our valued customers a free demo. They can get a test run of Amazon SAA-C03 Dumps before they buy it. When it comes to buying, the procedure is simple, secure, and hardly jeopardizing. Because our Amazon SAA-C03 Practice Questions have a 99.8% passing rate.
A company uses Amazon EC2 instances and Amazon Elastic Block Store (Amazon EBS)to run its self-managed database The company has 350 TB of data spread across all EBSvolumes. The company takes daily EBS snapshots and keeps the snapshots for 1 month.The dally change rate is 5% of the EBS volumes.Because of new regulations, the company needs to keep the monthly snapshots for 7years. The company needs to change its backup strategy to comply with the newregulations and to ensure that data is available with minimal administrative effort.Which solution will meet these requirements MOST cost-effectively?
A. Keep the daily snapshot in the EBS snapshot standard tier for 1 month Copy themonthly snapshot to Amazon S3 Glacier Deep Archive with a 7-year retentionperiod.
B. Continue with the current EBS snapshot policy. Add a new policy to move the monthlysnapshot to Amazon EBS Snapshots Archive with a 7-year retention period.
C. Keep the daily snapshot in the EBS snapshot standard tier for 1 month Keep themonthly snapshot in the standard tier for 7 years Use incremental snapshots.
D. Keep the daily snapshot in the EBS snapshot standard tier. Use EBS direct APIs to takesnapshots of all the EBS volumes every month. Store the snapshots in an Amazon S3bucket in the Infrequent Access tier for 7 years.
ANSWER : B
A company plans to run a high performance computing (HPC) workload on Amazon EC2Instances The workload requires low-latency network performance and high networkthroughput with tightly coupled node-to-node communication.Which solution will meet these requirements?
A. Configure the EC2 instances to be part of a cluster placement group
B. Launch the EC2 instances with Dedicated Instance tenancy.
C. Launch the EC2 instances as Spot Instances.
D. Configure an On-Demand Capacity Reservation when the EC2 instances are launched.
ANSWER : A
A solutions architect is creating an application. The application will run on Amazon EC2instances in private subnets across multiple Availability Zones in a VPC. The EC2instances will frequently access large files that contain confidential information. These filesare stored in Amazon S3 buckets for processing. The solutions architect must optimize thenetwork architecture to minimize data transfer costs.What should the solutions architect do to meet these requirements?
A. Create a gateway endpoint for Amazon S3 in the VPC. In the route tables for the privatesubnets, add an entry for the gateway endpoint
B. Create a single NAT gateway in a public subnet. In the route tables for the privatesubnets, add a default route that points to the NAT gateway
C. Create an AWS PrivateLink interface endpoint for Amazon S3 in the VPC. In the routetables for the private subnets, add an entry for the interface endpoint.
D. Create one NAT gateway for each Availability Zone in public subnets. In each of theroute labels for the private subnets, add a default route that points lo the NAT gateway inthe same Availability Zone
ANSWER : A
A news company that has reporters all over the world is hosting its broadcast system onAWS. The reporters send live broadcasts to the broadcast system. The reporters usesoftware on their phones to send live streams through the Real Time Messaging Protocol(RTMP).A solutions architect must design a solution that gives the reporters the ability to send thehighest quality streams The solution must provide accelerated TCP connections back tothe broadcast system.What should the solutions architect use to meet these requirements?
A. Amazon CloudFront
B. AWS Global Accelerator
C. AWS Client VPN
D. Amazon EC2 instances and AWS Elastic IP addresses
ANSWER : B
A company is preparing to store confidential data in Amazon S3. For compliance reasons,the data must be encrypted at rest. Encryption key usage must be logged for auditingpurposes. Keys must be rotated every year.Which solution meets these requirements and is the MOST operationally efficient?
A. Server-side encryption with customer-provided keys (SSE-C)
B. Server-side encryption with Amazon S3 managed keys (SSE-S3)
C. Server-side encryption with AWS KMS keys (SSE-KMS) with manual rotation
D. Server-side encryption with AWS KMS keys (SSE-KMS) with automatic rotation
ANSWER : D
A company runs an application that uses Amazon RDS for PostgreSQL The applicationreceives traffic only on weekdays during business hours The company wants to optimizecosts and reduce operational overhead based on this usage.Which solution will meet these requirements?
A. Use the Instance Scheduler on AWS to configure start and stop schedules.
B. Turn off automatic backups. Create weekly manual snapshots of the database.
C. Create a custom AWS Lambda function to start and stop the database based onminimum CPU utilization.
D. Purchase All Upfront reserved DB instances
ANSWER : A
A company wants to use Amazon Elastic Container Service (Amazon ECS) to run its onpremisesapplication in a hybrid environment The application currently runs on containerson premises.The company needs a single container solution that can scale in an on-premises, hybrid, orcloud environment The company must run new application containers in the AWS Cloudand must use a load balancer for HTTP traffic.Which combination of actions will meet these requirements? (Select TWO.)
A. Set up an ECS cluster that uses the AWS Fargate launch type for the cloud applicationcontainers Use an Amazon ECS Anywhere external launch type for theon-premises application containers.
B. Set up an Application Load Balancer for cloud ECS services
C. Set up a Network Load Balancer for cloud ECS services.
D. Set up an ECS cluster that uses the AWS Fargate launch type Use Fargate for the cloud application containers and the on-premises application containers.
E. Set up an ECS cluster that uses the Amazon EC2 launch type for the cloud applicationcontainers. Use Amazon ECS Anywhere with an AWS Fargate launch type for the onpremisesapplication containers.
ANSWER : A,B
A global ecommerce company runs its critical workloads on AWS. The workloads use anAmazon RDS for PostgreSQL DB instance that is configured for a Multi-AZ deployment.Customers have reported application timeouts when the company undergoes databasefailovers. The company needs a resilient solution to reduce failover timeWhich solution will meet these requirements?
A. Create an Amazon RDS Proxy. Assign the proxy to the DB instance.
B. Create a read replica for the DB instance Move the read traffic to the read replica.
C. Enable Performance Insights. Monitor the CPU load to identify the timeouts.
D. Take regular automatic snapshots Copy the automatic snapshots to multiple AWSRegions
ANSWER : A
A company is creating a prototype of an ecommerce website on AWS. The websiteconsists of an Application Load Balancer, an Auto Scaling group of Amazon EC2 instancesfor web servers, and an Amazon RDS for MySQL DB instance that runs with the Single-AZconfiguration.The website is slow to respond during searches of the product catalog. The product catalogis a group of tables in the MySQL database that the company does not ate frequently. Asolutions architect has determined that the CPU utilization on the DB instance is high whenproduct catalog searches occur.What should the solutions architect recommend to improve the performance of the websitedunng searches of the product catalog?
A. Migrate the product catalog to an Amazon Redshift database. Use the COPY commandto load the product catalog tables.
B. Implement an Amazon ElastiCache for Redis cluster to cache the product catalog. Uselazy loading to populate the cache.
C. Add an additional scaling policy to the Auto Scaling group to launch additional EC2instances when database response is slow.
D. Turn on the Multi-AZ configuration for the DB instance. Configure the EC2 instances tothrottle the product catalog queries that are sent to the database.
ANSWER : B
A company has multiple VPCs across AWS Regions to support and run workloads that areisolated from workloads in other Regions Because of a recent application launchrequirement, the company's VPCs must communicate with all other VPCs across allRegions.Which solution will meet these requirements with the LEAST amount of administrativeeffort?
A. Use VPC peering to manage VPC communication in a single Region Use VPC peeringacross Regions to manage VPC communications.
B. Use AWS Direct Connect gateways across all Regions to connect VPCs across regionsand manage VPC communications.
C. Use AWS Transit Gateway to manage VPC communication in a single Region andTransit Gateway peering across Regions to manage VPC communications.
D. Use AWS PrivateLink across all Regions to connect VPCs across Regions and manageVPC communications.
ANSWER : C
A company uses Amazon API Gateway to manage its REST APIs that third-party serviceproviders access The company must protect the REST APIs from SQL injection and crosssitescripting attacks. What is the MOST operationally efficient solution that meets these requirements
A. Configure AWS Shield.
B. Configure AWS WAR
C. Set up API Gateway with an Amazon CloudFront distribution Configure AWS Shield inCloudFront.
D. Set up API Gateway with an Amazon CloudFront distribution. Configure AWS WAF inCloudFront
ANSWER : D
A company is designing an event-driven order processing system Each order requiresmultiple validation steps after the order is created. An independent AWS Lambda functionperforms each validation step. Each validation step is independent from the other validationsteps Individual validation steps need only a subset of the order event information.The company wants to ensure that each validation step Lambda function has access toonly the information from the order event that the function requires The components of theorder processing system should be loosely coupled to accommodate future businesschanges.Which solution will meet these requirements?
A. Create an Amazon Simple Queue Service (Amazon SQS> queue for each validationstep. Create a new Lambda function to transform the order data to the format that eachvalidation step requires and to publish the messages to the appropriate SQS queuesSubscribe each validation step Lambda function to its corresponding SQS queue
B. Create an Amazon Simple Notification Service {Amazon SNS) topic. Subscribe thevalidation step Lambda functions to the SNS topic. Use message body filtering to send only the required data to each subscribed Lambda function.
C. Create an Amazon EventBridge event bus. Create an event rule for each validation stepConfigure the input transformer to send only the required data to each target validation stepLambda function.
D. Create an Amazon Simple Queue Service {Amazon SQS) queue Create a new Lambdafunction to subscribe to the SQS queue and to transform the order data to the format thateach validation step requires. Use the new Lambda function to perform synchronousinvocations of the validation step Lambda functions in parallel on separate threads.
ANSWER : C
A global company runs its workloads on AWS The company's application uses Amazon S3buckets across AWS Regions for sensitive data storage and analysis. The company storesmillions of objects in multiple S3 buckets daily. The company wants to identify all S3buckets that are not versioning-enabled.Which solution will meet these requirements?
A. Set up an AWS CloudTrail event that has a rule to identify all S3 buckets that are notversioning-enabled across Regions
B. Use Amazon S3 Storage Lens to identify all S3 buckets that are not versioning-enabledacross Regions.
C. Enable IAM Access Analyzer for S3 to identify all S3 buckets that are not versioningenabledacross Regions
D. Create an S3 Multi-Region Access Point to identify all S3 buckets that are notversioning-enabled across Regions
ANSWER : B
A company has separate AWS accounts for its finance, data analytics, and developmentdepartments. Because of costs and security concerns, the company wants to control whichservices each AWS account can useWhich solution will meet these requirements with the LEAST operational overhead
A. Use AWS Systems Manager templates to control which AWS services each departmentcan use
B. Create organization units (OUs) for each department in AWS Organizations. Attachservice control policies (SCPs) to the OUs.
C. Use AWS CloudFormation to automatically provision only the AWS services that eachdepartment can use.
D. Set up a list of products in AWS Service Catalog in the AWS accounts to manage andcontrol the usage of specific AWS services
ANSWER : B
A company runs workloads in the AWS Cloud The company wants to centrally collectsecurity data to assess security across the entire company and to improve workloadprotection.Which solution will meet these requirements with the LEAST development effort?
A. Configure a data lake in AWS Lake Formation Use AWS Glue crawlers to ingest thesecurity data into the data lake.
B. Configure an AWS Lambda function to collect the security data in csv format. Upload thedata to an Amazon S3 bucket
C. Configure a data lake in Amazon Security Lake to collect the security data Upload thedata to an Amazon S3 bucket.
D. Configure an AWS Database Migration Service (AWS DMS) replication instance to loadthe security data into an Amazon RDS cluster
ANSWER : C
A company is migrating its workloads to AWS. The company has sensitive and critical datain on-premises relational databases that run on SQL Server instances. The company wantsto use the AWS Cloud to increase security and reduce operational overhead for thedatabases. Which solution will meet these requirements?
A. Migrate the databases to Amazon EC2 instances. Use an AWS Key ManagementService (AWS KMS) AWS managed key for encryption.
B. Migrate the databases to a Multi-AZ Amazon RDS for SQL Server DB instance Use anAWS Key Management Service (AWS KMS) AWS managed key for encryption.
C. Migrate the data to an Amazon S3 bucket Use Amazon Macie to ensure data security
D. Migrate the databases to an Amazon DynamoDB table. Use Amazon CloudWatch Logsto ensure data security
ANSWER : B
A company manages a data lake in an Amazon S3 bucket that numerous applicationsaccess The S3 bucket contains a unique prefix for each application The company wants torestrict each application to its specific prefix and to have granular control of the objectsunder each prefix.Which solution will meet these requirements with the LEAST operational overhead?
A. Create dedicated S3 access points and access point policies for each application.
B. Create an S3 Batch Operations job to set the ACL permissions for each object in the S3bucket
C. Replicate the objects in the S3 bucket to new S3 buckets for each application. Createreplication rules by prefix
D. Replicate the objects in the S3 bucket to new S3 buckets for each application Creatededicated S3 access points for each application
ANSWER : A
A company's application is running on Amazon EC2 instances within an Auto Scaling groupbehind an Elastic Load Balancing (ELB) load balancer Based on the application's history,the company anticipates a spike in traffic during a holiday each year. A solutions architectmust design a strategy to ensure that the Auto Scaling group proactively increases capacityto minimize any performance impact on application users.Which solution will meet these requirements?
A. Create an Amazon CloudWatch alarm to scale up the EC2 instances when CPUutilization exceeds 90%.
B. Create a recurring scheduled action to scale up the Auto Scaling group before theexpected period of peak demand
C. Increase the minimum and maximum number of EC2 instances in the Auto Scalinggroup during the peak demand period
D. Configure an Amazon Simple Notification Service (Amazon SNS) notification to sendalerts when there are autoscaling:EC2_INSTANCE_LAUNCH events.
ANSWER : B
A robotics company is designing a solution for medical surgery The robots will useadvanced sensors, cameras, and Al algorithms to perceive their environment and tocomplete surgeries.The company needs a public load balancer in the AWS Cloud that will ensure seamlesscommunication with backend services. The load balancer must be capable of routing trafficbased on the query strings to different target groups. The traffic must also be encrypted Which solution will meet these requirements?
A. Use a Network Load Balancer with a certificate attached from AWS Certificate Manager(ACM) Use query parameter-based routing
B. Use a Gateway Load Balancer. Import a generated certificate in AWS Identity andAccess Management (1AM). Attach the certificate to the load balancer. Use HTTP pathbasedrouting.
C. Use an Application Load Balancer with a certificate attached from AWS CertificateManager (ACM). Use query parameter-based routing.
D. Use a Network Load Balancer. Import a generated certificate in AWS Identity andAccess Management (1AM). Attach the certificate to the load balancer. Use queryparameter-based routing.
ANSWER : C
An online photo-sharing company stores Hs photos in an Amazon S3 bucket that exists inthe us-west-1 Region. The company needs to store a copy of all new photos in the us-east-1 Region.Which solution will meet this requirement with the LEAST operational effort?
A. Create a second S3 bucket in us-east-1. Use S3 Cross-Region Replication to copyphotos from the existing S3 bucket to the second S3 bucket.
B. Create a cross-origin resource sharing (CORS) configuration of the existing S3 bucket.Specify us-east-1 in the CORS rule's AllowedOngm element.
C. Create a second S3 bucket in us-east-1 across multiple Availability Zones. Create an S3Lifecycle rule to save photos into the second S3 bucket,
D. Create a second S3 bucket In us-east-1. Configure S3 event notifications on objectcreation and update events to Invoke an AWS Lambda function to copy photos from theexisting S3 bucket to the second S3 bucket.
ANSWER : A
A company is planning to migrate data to an Amazon S3 bucket The data must beencrypted at rest within the S3 bucket The encryption key must be rotated automaticallyevery year.Which solution will meet these requirements with the LEAST operational overhead?
A. Migrate the data to the S3 bucket. Use server-side encryption with Amazon S3 managedkeys (SSE-S3). Use the built-in key rotation behavior of SSE-S3encryption keys.
B. Create an AWS Key Management Service (AWS KMS) customer managed key Enableautomatic key rotation Set the S3 bucket's default encryption behavior to use the customermanaged KMS key. Migrate the data to the S3 bucket.
C. Create an AWS Key Management Service (AWS KMS) customer managed key Set theS3 bucket's default encryption behavior to use the customer managed KMS key. Migratethe data to the S3 bucket. Manually rotate the KMS key every year.
D. Use customer key material to encrypt the data Migrate the data to the S3 bucket. Createan AWS Key Management Service (AWS KMS) key without key material Import thecustomer key material into the KMS key. Enable automatic key rotation.
ANSWER : B
A company needs to optimize its Amazon S3 storage costs for an application thatgenerates many files that cannot be recreated Each file is approximately 5 MB and isstored in Amazon S3 Standard storage.The company must store the files for 4 years before the files can be deleted The files mustbe immediately accessible The files are frequently accessed in the first 30 days of objectcreation, but they are rarely accessed after the first 30 days.Which solution will meet these requirements MOST cost-effectively
A. Create an S3 Lifecycle policy to move the files to S3 Glacier Instant Retrieval 30 daysafter object creation. Delete the files 4 years after object creation.
B. Create an S3 Lifecycle policy to move the files to S3 One Zone-Infrequent Access (S3One Zone-IA) 30 days after object creation Delete the files 4 years after object creation.
C. Create an S3 Lifecycle policy to move the files to S3 Standard-Infrequent Access (S3Standard-IA) 30 days after object creation Delete the files 4 years after object creation.
D. Create an S3 Lifecycle policy to move the files to S3 Standard-Infrequent Access (S3Standard-IA) 30 days after object creation. Move the files to S3 Glacier Flexible Retrieval 4years after object creation.
ANSWER : C
A company is storing petabytes of data in Amazon S3 Standard The data is stored inmultiple S3 buckets and is accessed with varying frequency The company does not know access patterns for all the data. The company needs to implement a solution for each S3bucket to optimize the cost of S3 usage.Which solution will meet these requirements with the MOST operational efficiency?
A. Create an S3 Lifecycle configuration with a rule to transition the objects in the S3 bucketto S3 Intelligent-Tiering.
B. Use the S3 storage class analysis tool to determine the correct tier for each object in theS3 bucket. Move each object to the identified storage tier.
C. Create an S3 Lifecycle configuration with a rule to transition the objects in the S3 bucketto S3 Glacier Instant Retrieval.
D. Create an S3 Lifecycle configuration with a rule to transition the objects in the S3 bucketto S3 One Zone-Infrequent Access (S3 One Zone-IA).
ANSWER : A
A company's web application consists of multiple Amazon EC2 instances that run behindan Application Load Balancer in a VPC. An Amazon RDS for MySQL DB instance containsthe data The company needs the ability to automatically detect and respond to suspiciousor unexpected behavior in its AWS environment. The company already has added AWSWAF to its architecture.What should a solutions architect do next to protect against threats?
A. Use Amazon GuardDuty to perform threat detection. Configure Amazon EventBridge tofilter for GuardDuty findings and to Invoke an AWS Lambda function to adjust the AWSWAF rules.
B. Use AWS Firewall Manager to perform threat detection. Configure Amazon EventBridgeto filter for Firewall Manager findings and to invoke an AWS Lambda function to adjust theAWS WAF web ACL
C. Use Amazon Inspector to perform threat detection and lo update the AWS WAF rules. Create a VPC network ACL to limit access to the web application.
D. Use Amazon Macie to perform threat detection and to update the AWS WAF rules.Create a VPC network ACL to limit access to the web application.
ANSWER : A
A company wants to isolate its workloads by creating an AWS account for each workload.The company needs a solution that centrally manages networking components for theworkloads. The solution also must create accounts with automatic security controls(guardrails).Which solution will meet these requirements with the LEAST operational overhead?
A. Use AWS Control Tower to deploy accounts. Create a networking account that has aVPC with private subnets and public subnets. Use AWS Resource Access Manager (AWSRAM) to share the subnets with the workload accounts.
B. Use AWS Organizations to deploy accounts. Create a networking account that has aVPC with private subnets and public subnets. Use AWS Resource Access Manager (AWSRAM) to share the subnets with the workload accounts.
C. Use AWS Control Tower to deploy accounts. Deploy a VPC in each workload account.Configure each VPC to route through an inspection VPC by using a transit gatewayattachment.
D. Use AWS Organizations to deploy accounts. Deploy a VPC in each workload account.Configure each VPC to route through an inspection VPC by using a transit gatewayattachment.
ANSWER : A
A company has a web application in the AWS Cloud and wants to collect transaction datain real time. The company wants to prevent data duplication and does not want to manageinfrastructure. The company wants to perform additional processing on the data after thedata is collected.Which solution will meet these requirements?
A. Configure an Amazon Simple Queue Service (Amazon SOS) FIFO queue. Configure anAWS Lambda function with an event source mapping for the FIFO queue to process thedata.
B. Configure an Amazon Simple Queue Service (Amazon SQS) FIFO queue Use an AWSBatch job to remove duplicate data from the queue Configure an AWSLambda function to process the data.
C. Use Amazon Kinesis Data Streams to send the Incoming transaction data to an AWSBatch job that removes duplicate data. Launch an Amazon EC2 instance that runs acustom script lo process the data.
D. Set up an AWS Step Functions state machine to send incoming transaction data to anAWS Lambda function to remove duplicate data. Launch an Amazon EC2 instance thatruns a custom script to process the data.
ANSWER : A
A company has an on-premises business application that generates hundreds of files eachday. These files are stored on an SMB file share and require a low-latency connection tothe application servers. A new company policy states all application-generated files mustbe copied to AWS. There is already a VPN connection to AWS.The application development team does not have time to make the necessary codemodifications to move the application to AWS Which service should a solutions architectrecommend to allow the application to copy files to AWS?
A. Amazon Elastic File System (Amazon EFS)
B. Amazon FSx for Windows File Server
C. AWS Snowball
D. AWS Storage Gateway
ANSWER : D
A company has a mobile app for customers The app's data is sensitive and must beencrypted at rest The company uses AWS Key Management Service (AWS KMS)The company needs a solution that prevents the accidental deletion of KMS keys Thesolution must use Amazon Simple Notification Service (Amazon SNS) to send an emailnotification to administrators when a user attempts to delete a KMS keyWhich solution will meet these requirements with the LEAST operational overhead''
A. Create an Amazon EventBndge rule that reacts when a user tries to delete a KMS keyConfigure an AWS Config rule that cancels any deletion of a KMS key Add the AWS Configrule as a target of the EventBridge rule Create an SNS topic that notifies the administrators
B. Create an AWS Lambda function that has custom logic to prevent KMS key deletionCreate an Amazon CloudWatch alarm that is activated when a user tries to delete a KMSkey Create an Amazon EventBridge rule that invokes the Lambda function when theDeleteKey operation is performed Create an SNS topic Configure the EventBndge rule topublish an SNS message that notifies the administrators
C. Create an Amazon EventBndge rule that reacts when the KMS DeleteKey operation isperformed Configure the rule to initiate an AWS Systems Manager Automationrunbook Configure the runbook to cancel the deletion of the KMS key Create an SNS topicConfigure the EventBndge rule to publish an SNS message that notifies the administrators.
D. Create an AWS CloudTrail trail Configure the trail to delrver logs to a new AmazonCloudWatch log group Create a CloudWatch alarm based on the metric filter for theCloudWatch log group Configure the alarm to use Amazon SNS to notify the administratorswhen the KMS DeleteKey operation is performed
ANSWER : C
A company regularly uploads GB-sized files to Amazon S3. After Ihe company uploads the files, the company uses a fleet of Amazon EC2 Spot Instances to transcode the file format.The company needs to scale throughput when the company uploads data from the onpremisesdata center to Amazon S3 and when Ihe company downloads data from AmazonS3 to the EC2 instances.gUkicn solutions will meet these requirements? (Select TWO.)
A. Use the S3 bucket access point instead of accessing the S3 bucket directly.
B. Upload the files into multiple S3 buckets.
C. Use S3 multipart uploads.
D. Fetch multiple byte-ranges of an object in parallel. fe
E. Add a random prefix to each object when uploading the files.
ANSWER : C,D
A company deploys Amazon EC2 instances that run in a VPC. The EC2 instances loadsource data into Amazon S3 buckets so that the data can be processed in the future.According to compliance laws, the data must not be transmitted over the public internet.Servers in the company's on-premises data center will consume the output from anapplication that runs on the LC2 instances.Which solution will meet these requirements?
A. Deploy an interface VPC endpoint for Amazon EC2. Create an AWS Site-to-Site VPNconnection between the company and the VPC.
B. Deploys gateway VPC endpoint for Amazon S3 Set up an AWS Direct Connect connection between the on-premises network and the VPC.
C. Set up on AWS Transit Gateway connection from the VPC to the S3 buckets. Create anAWS Site-to-Site VPN connection between the company and the VPC.
D. Set up proxy EC2 instances that have routes to NAT gateways. Configure the proxyEC2 instances lo fetch S3 data and feed the application instances.
ANSWER : B
A company has released a new version of its production application The company'sworkload uses Amazon EC2. AWS Lambda. AWS Fargate. and Amazon SageMaker. Thecompany wants to cost optimize the workload now that usage is at a steady state. Thecompany wants to cover the most services with the fewest savings plans. Whichcombination of savings plans will meet these requirements? (Select TWO.)
A. Purchase an EC2 Instance Savings Plan for Amazon EC2 and SageMaker.
B. Purchase a Compute Savings Plan for Amazon EC2. Lambda, and SageMaker
C. Purchase a SageMaker Savings Plan
D. Purchase a Compute Savings Plan for Lambda, Fargate, and Amazon EC2
E. Purchase an EC2 Instance Savings Plan for Amazon EC2 and Fargate
ANSWER : B,D
A company's solutions architect is designing an AWS multi-account solution that uses AWSOrganizations. The solutions architect has organized the company's accounts intoorganizational units (OUs).The solutions architect needs a solution that will identify any changes to the OU hierarchy.The solution also needs to notify the company's operations team of any changes.Which solution will meet these requirements with the LEAST operational overhead?
A. Provision the AWS accounts by using AWS Control Tower. Use account driftnotifications to Identify the changes to the OU hierarchy.
B. Provision the AWS accounts by using AWS Control Tower. Use AWS Config aggregatedrules to identify the changes to the OU hierarchy.
C. Use AWS Service Catalog to create accounts in Organizations. Use an AWS CloudTrailorganization trail to identify the changes to the OU hierarchy.
D. Use AWS CloudFormation templates to create accounts in Organizations. Use the driftdetection operation on a stack to identify the changes to the OUhierarchy.
ANSWER : A
A company hosts its core network services, including directory services and DNS, in its onpremisesdata center. The data center is connected to the AWS Cloud using AWS DirectConnect (DX). Additional AWS accounts are planned that will require quick, cost-effective,and consistent access to these network services.What should a solutions architect implement to meet these requirements with the LEASTamount of operational overhead?
A. Create a DX connection in each new account. Route the network traffic to the onpremisesservers.
B. Configure VPC endpoints in the DX VPC for all required services. Route the networktraffic to the on-premises servers.
C. Create a VPN connection between each neV account and the DX VPC. Route thenetwork traffic to the on-premises servers.
D. Configure AWS Transit Gateway between the accounts. Assign DX to the transitgateway and route network traffic to the on-premises servers.
ANSWER : D
A marketing company receives a large amount of new clickstream data in Amazon S3 froma marketing campaign The company needs to analyze the clickstream data in Amazon S3quickly. Then the company needs to determine whether to process the data further in thedata pipeline.Which solution will meet these requirements with the LEAST operational overhead?
A. Create external tables in a Spark catalog Configure jobs in AWS Glue to query the data
B. Configure an AWS Glue crawler to crawl the data. Configure Amazon Athena to querythe data.
C. Create external tables in a Hive metastore. Configure Spark jobs in Amazon EMR toquery the data.
D. Configure an AWS Glue crawler to crawl the data. Configure Amazon Kinesis DataAnalytics to use SQL to query the data
ANSWER : B
A company wants to create a mobile app that allows users to stream slow-motion videoclips on their mobile devices. Currently, the app captures video clips and uploads the videoclips in raw format into an Amazon S3 bucket. The app retrieves these video clips directlyfrom the S3 bucket. However, the videos are large in their raw format.Users are experiencing issues with buffering and playback on mobile devices. Thecompany wants to implement solutions to maximize the performance and scalability of theapp while minimizing operational overhead.Which combination of solutions will meet these requirements? (Select TWO.)
A. Deploy Amazon CloudFront for content delivery and caching
B. Use AWS DataSync to replicate the video files across AWS Regions in other S3 buckets
C. Use Amazon Elastic Transcoder to convert the video files to more appropriate formats.
D. Deploy an Auto Scaling group of Amazon EC2 instances in Local Zones for contentdelivery and caching
E. Deploy an Auto Scaling group of Amazon EC2 Instances to convert the video files tomore appropriate formats.
ANSWER : A,C
A social media company wants to store its database of user profiles, relationships, andinteractions in the AWS Cloud. The company needs an application to monitor any changesin the database. The application needs to analyze the relationships between the dataentities and to provide recommendations to users.Which solution will meet these requirements with the LEAST operational overhead?
A. Use Amazon Neptune to store the information. Use Amazon Kinesis Data Streams toprocess changes in the database.
B. Use Amazon Neptune to store the information. Use Neptune Streams to processchanges in the database.
C. Use Amazon Quantum Ledger Database (Amazon QLDB) to store the information. UseAmazon Kinesis Data Streams to process changes in the database.
D. Use Amazon Quantum Ledger Database (Amazon QLDB) to store the information. UseNeptune Streams to process changes in the database.
ANSWER : B
A company needs a secure connection between its on-premises environment and AWS.This connection does not need high bandwidth and will handle a small amount of traffic.The connection should be set up quickly.What is the MOST cost-effective method to establish this type of connection?
A. Implement a client VPN
B. Implement AWS Direct Connect.
C. Implement a bastion host on Amazon EC2.
D. Implement an AWS Site-to-Site VPN connection.
ANSWER : D
A company has applications that run on Amazon EC2 instances in a VPC One of theapplications needs to call the Amazon S3 API to store and read objects. According to thecompany's security regulations, no traffic from the applications is allowed to travel acrossthe internet.Which solution will meet these requirements?
A. Configure an S3 gateway endpoint.
B. Create an S3 bucket in a private subnet.
C. Create an S3 bucket in the same AWS Region as the EC2 instances.
D. Configure a NAT gateway in the same subnet as the EC2 instances
ANSWER : A
A company uses an Amazon Aurora PostgreSQL provisioned cluster with its application.The application's peak traffic occurs several times a day for periods of 30 minutes toseveral hours.The database capacity is provisioned to handle peak traffic from the application, but thedatabase has wasted capacity during non-peak hours. The company wants to reduce thedatabase costs.Which solution will meet these requirements with the LEAST operational effort?
A. Set up an Amazon CloudWatch alarm to monitor database utilization. Scale up or scaledown the database capacity based on the amount of traffic.
B. Migrate the database to Amazon EC2 instances in on Auto Scaling group. Increase ordecrease the number of instances based on the amount of traffic.
C. Migrate the database to an Amazon Aurora Serverless DB cluster to scale up or scaledown the capacity based on the amount of traffic.
D. Schedule an AWS Lambda function to provision the required database capacity at thestart of each day. Schedule another Lambda function to reduce the capacity at the end ofeach day.
ANSWER : C
A company's software development team needs an Amazon RDS Multi-AZ cluster. TheRDS cluster will serve as a backend for a desktop client that is deployed on premises. Thedesktop client requires direct connectivity to the RDS cluster.The company must give the development team the ability to connect to the cluster by usingthe client when the team is in the office.Which solution provides the required connectivity MOST securely?
A. Create a VPC and two public subnets. Create the RDS cluster in the public subnets.Use AWS Site-to-Site VPN with a customer gateway in the company's office.
B. Create a VPC and two private subnets. Create the RDS cluster in the private subnets.Use AWS Site-to-Site VPN with a customer gateway in the company's office.
C. Create a VPC and two private subnets. Create the RDS cluster in the private subnets.Use RDS security groups to allow the company's office IP ranges to access the cluster.
D. Create a VPC and two public subnets. Create the RDS cluster in the public subnets.Create a cluster user for each developer. Use RDS security groups to allow the users toaccess the cluster.
ANSWER : B
A company recently migrated its web application to the AWS Cloud The company uses anAmazon EC2 instance to run multiple processes to host the application. The processesinclude an Apache web server that serves static content The Apache web server makesrequests to a PHP application that uses a local Redis server for user sessions.The company wants to redesign the architecture to be highly available and to use AWSmanaged solutions Which solution will meet these requirements?
A. Use AWS Elastic Beanstalk to host the static content and the PHP application.Configure Elastic Beanstalk to deploy its EC2 instance into a public subnet Assign a publicIP address.
B. Use AWS Lambda to host the static content and the PHP application. Use an AmazonAPI Gateway REST API to proxy requests to the Lambda function. Set the API GatewayCORS configuration to respond to the domain name. Configure Amazon ElastiCache forRedis to handle session information
C. Keep the backend code on the EC2 instance. Create an Amazon ElastiCache for Rediscluster that has Multi-AZ enabled Configure the ElastiCache for Redis cluster in clustermode Copy the frontend resources to Amazon S3 Configure the backend code to referencethe EC2 instance
D. Configure an Amazon CloudFront distribution with an Amazon S3 endpoint to an S3bucket that is configured to host the static content. Configure an Application Load Balancerthat targets an Amazon Elastic Container Service (Amazon ECS) service that runs AWSFargate tasks for the PHP application. Configure the PHP application to use an AmazonElastiCache for Redis cluster that runs in multiple Availability Zones
ANSWER : D
Leave a comment
Your email address will not be published. Required fields are marked *