DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Prepare for SAA-C03 Exams Questions & Study Materials, AWS Certified Solutions Architect – Associate | SPOTO

Preparing for the AWS Certified Solutions Architect - Associate (SAA-C03) exam is a strategic move for IT professionals looking to showcase their expertise in AWS technologies. This certification is a testament to your ability to design efficient and optimized solutions on the AWS platform, aligning with the best practices outlined in the AWS Well-Architected Framework. SPOTO offers a comprehensive array of exam questions, study materials, and practice tests to support your certification journey. Our resources cover a wide range of topics, including exam questions and answers, sample questions, and exam dumps, ensuring thorough preparation. Access free quizzes and exam materials to augment your exam practice and reinforce your understanding of key concepts. With SPOTO's exam simulators and online exam questions, you'll gain valuable hands-on experience and boost your confidence for the SAA-C03 exam. Prepare effectively with SPOTO's study materials and unlock new career opportunities in AWS, backed by a credible and recognized certification.
Take other online exams

Question #1
A. Set up a VPC peering connection between VPC-A and VPC-B.
B. Set up VPC gateway endpoints for the EC2 instance running in VPC-B
C. Attach a virtual private gateway to VPC-B and enable routing from VPC-A
D. Create a private virtual interface (VIF) for the EC2 instance running in VPC-B and add appropriate routes from VPC-B
114. A company currently stores symmetric encryption keys in a hardware security module (HSM)
View answer
Correct Answer: B
Question #2
A company uses AWS Organizations to run workloads within multiple AWS accounts A tagging policy adds department tags to AWS resources when the company creates tags. An accounting team needs to determine spending on Amazon EC2 consumption The accounting team must determine which departments are responsible for the costs regardless of AWS account The accounting team has access to AWS Cost Explorer for all AWS accounts within the organization and needs to access all reports from Cost Explorer. Which solution m
A. rom the Organizations management account billing console, activate a user-defined cost allocation tag named department Create one cost report in Cost Explorer grouping by tag name, and filter by EC2
B. rom the Organizations management account billing console, activate an AWS-defined cost allocation tag named department
C. rom the Organizations member account billing console, activate a user-defined cost allocation tag named department
D. rom the Organizations member account billing console, activate an AWS-defined cost allocation tag named department
View answer
Correct Answer: B
Question #3
A. Use Lambda@Edge for CloudFront.
B. Use Amazon S3 Transfer Acceleration for CloudFront
C. Configure another EC2 instance in a different Availability Zone as part of the origin group
D. Configure another EC2 instance as part of the origin server cluster in the same Availability Zone
113. An application running on an Amazon EC2 instance in VPC-A needs to access files in another EC2 instance in VPC-B
View answer
Correct Answer: A
Question #4
A company has an application that provides marketing services to stores. The services are based on previous purchases by store customers. The stores upload transaction data to the company through SFTP, and the data is processed and analyzed to generate new marketing offers. Some of the files can exceed 200 GB in size. Recently, the company discovered that some of the stores have uploaded files that contain personally identifiable information (PII) that should not have been included. The company wants admini
A. Use an Amazon S3 bucket as a secure transfer point
B. Use an Amazon S3 bucket as a secure transfer point
View answer
Correct Answer: B
Question #5
A. Implement Amazon SNS to store the database calls.
B. Implement Amazon ElastiCache to cache the large datasets
C. Implement an RDS for MySQL read replica to cache database calls
D. Implement Amazon Kinesis Data Firehose to stream the calls to the database
105. A company has an on-premises data center that is running out of storage capacity
View answer
Correct Answer: B
Question #6
A company wants to analyze and troubleshoot Access Denied errors and Unauthonzed errors that are related to 1AM permissions The company has AWS CloudTrail turned on Which solution will meet these requirements with the LEAST effort? This solution meets the following requirements: It is the least effort, as it does not require any additional AWS services, custom scripts, or data processing steps. Amazon Athena is a serverless interactive query service that allows you to analyze data in Amazon S3 using standar
A. se AWS Glue and write custom scripts to query CloudTrail logs for the errors
B. se AWS Batch and write custom scripts to query CloudTrail logs for the errors
C. earch CloudTrail logs with Amazon Athena queries to identify the errors
D. earch CloudTrail logs with Amazon QuickSight
View answer
Correct Answer: C
Question #7
A company observes an increase in Amazon EC2 costs in its most recent bill The billing team notices unwanted vertical scaling of instance types for a couple of EC2 instances A solutions architect needs to create a graph comparing the last 2 months of EC2 costs and perform an in-depth analysis to identify the root cause of the vertical scaling How should the solutions architect generate the information with the LEAST operational overhead?
A. Use AWS Budgets to create a budget report and compare EC2 costs based on instance types
B. Use Cost Explorer's granular filtering feature to perform an in-depth analysis of EC2 costs based on instance types C
View answer
Correct Answer: B
Question #8
A. Use Amazon DynamoDB transactions
B. Create an Amazon Neptune database in a Multi AZ design
C. Use a fully managed Amazon RDS for MySQL database in a Multi-AZ design
D. Deploy PostgreSQL on an Amazon EC2 instance that uses Amazon EBS Throughput Optimized HDD storage
112. A company recently launched its website to serve content to its global user base
View answer
Correct Answer: A
Question #9
A company uses a popular content management system (CMS) for its corporate website. However, the required patching and maintenance are burdensome. The company is redesigning its website and wants anew solution. The website will be updated four times a year and does not need to have any dynamic content available. The solution must provide high scalability and enhanced security.Which combination of changes will meet these requirements with the LEAST operational overhead? (Choose two.)
A. Configure Amazon CloudFront in front of the website to use HTTPS functionality
B. Deploy an AWS WAF web ACL in front of the website to provide HTTPS functionality
C. Create and deploy an AWS Lambda function to manage and serve the website content
D. Create the new website and an Amazon S3 bucket
E. Create the new website
View answer
Correct Answer: AD
Question #10
A. Configure a lifecycle policy to delete the objects after 30 days.
B. Configure a lifecycle policy to transition the objects to Amazon S3 Glacier after 30 days
C. Configure a lifecycle policy to transition the objects to Amazon S3 Standard-Infrequent Access (S3 Standard-IA) after 30 days
D. Configure a lifecycle policy to transition the objects to Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) after 30 days
107. A company delivers files in Amazon S3 to certain users who do not have AWS credentials
View answer
Correct Answer: B
Question #11
A company stores call transcript files on a monthly basis. Users access the files randomly within 1 year of the call, but users access the files infrequently after 1 year. The company wants to optimize its solution by giving users the ability to query and retrieve files that are less than 1-year-old as quickly as possible. A delay in retrieving older files is acceptable. Which solution will meet these requirements MOST cost-effectively?
A. Store individual files with tags in Amazon S3 Glacier Instant Retrieval
B. Store individual files in Amazon S3 Intelligent-Tiering
View answer
Correct Answer: C
Question #12
A company's application integrates with multiple software-as-a-service (SaaS) sources for data collection. The company runs Amazon EC2 instances to receive the data and to upload the data to an Amazon S3 bucket for analysis. The same EC2 instance that receives and uploads the data also sends a notification to the user when an upload is complete. The company has noticed slow application performance and wants to improve the performance as much as possible. Which solution will meet these requirements with the
A. Create an Auto Scaling group so that EC2 instances can scale out
B. Create an Amazon AppFlow flow to transfer data between each SaaS source and the S3 bucket
View answer
Correct Answer: B
Question #13
A company wants to use the AWS Cloud to improve its on-premises disaster recovery (DR) configuration. The company's core production business application uses Microsoft SQL Server Standard, which runs on a virtual machine (VM). The application has a recovery point objective (RPO) of 30 seconds or fewer and a recovery time objective (RTO) of 60 minutes. The DR solution needs to minimize costs wherever possible.Which solution will meet these requirements?
A. Configure a multi-site active/active setup between the on-premises server and AWS by using Microsoft SQL Server Enterprise with Always On availability groups
B. Configure a warm standby Amazon RDS for SQL Server database on AWS
C. Use AWS Elastic Disaster Recovery configured to replicate disk changes to AWS as a pilot light
D. Use third-party backup software to capture backups every night
View answer
Correct Answer: D
Question #14
A company has Amazon EC2 instances that run nightly batch jobs to process data. The EC2 instances run in an Auto Scaling group that uses On-Demand billing. If a job fails on one instance, another instance will reprocess the job. The batch jobs run between 12:00 AM and 06:00 AM local time every day.Which solution will provide EC2 instances to meet these requirements MOST cost-effectively?
A. Purchase a 1-year Savings Plan for Amazon EC2 that covers the instance family of the Auto Scaling group that the batch job uses
B. Purchase a 1-year Reserved Instance for the specific instance type and operating system of the instances in the Auto Scaling group that the batch job uses
C. Create a new launch template for the Auto Scaling group
D. Create a new launch template for the Auto Scaling group
View answer
Correct Answer: C
Question #15
A company needs to store its accounting records in Amazon S3. The records must be immediately accessible for 1 year and then must be archived for an additional 9 years. No one at the company, including administrative users and root users, can be able to delete the records during the entire 10- year period. The records must be stored with maximum resiliency. Which solution will meet these requirements?
A. Store the records in S3 Glacier for the entire 10-year period
B. Store the records by using S3 Intelligent-Tiering
View answer
Correct Answer: C
Question #16
A company needs to connect several VPCs in the us-east-1 Region that span hundreds of AWS accounts. The company's networking team has its own AWS account to manage the cloud network.What is the MOST operationally efficient solution to connect the VPCs?
A. Set up VPC peering connections between each VPC
B. Configure a NAT gateway and an internet gateway in each VPC to connect each VPC through the internet
C. Create an AWS Transit Gateway in the networking teams AWS account
D. Deploy VPN gateways in each VPC
View answer
Correct Answer: C
Question #17
A company is migrating applications to AWS. The applications are deployed in different accounts. The company manages the accounts centrally by using AWS Organizations. The company's security team needs a single sign-on (SSO) solution across all the company's accounts. The company must continue managing the users and groups in its on-premises self-managed Microsoft Active Directory. Which solution will meet these requirements?
A. Enable AWS Single Sign-On (AWS SSO) from the AWS SSO console
B. Enable AWS Single Sign-On (AWS SSO) from the AWS SSO console
View answer
Correct Answer: A
Question #18
A company needs to review its AWS Cloud deployment to ensure that its Amazon S3 buckets do not have unauthorized configuration changes. What should a solutions architect do to accomplish this goal?
A. Turn on AWS Config with the appropriate rules
B. Turn on AWS Trusted Advisor with the appropriate checks
View answer
Correct Answer: A
Question #19
A. Set up AWS Storage Gateway to connect with the backup applications using the NFS interface.
B. Set up an Amazon EFS file system that connects with the backup applications using the NFS interface
C. Set up an Amazon EFS file system that connects with the backup applications using the iSCSI interface
D. Set up AWS Storage Gateway to connect with the backup applications using the iSCSI-virtual tape library (VTL) interface
116. A company hosts an application on an Amazon EC2 instance that requires a maximum of 200 GB storage space
View answer
Correct Answer: A
Question #20
A company is launching a new application deployed on an Amazon Elastic Container Service (Amazon ECS) cluster and is using the Fargate launch type for ECS tasks. The company is monitoring CPU and memory usage because it is expecting high traffic to the application upon its launch. However, the company wants to reduce costs when utilization decreases.What should a solutions architect recommend?
A. Use Amazon EC2 Auto Scaling to scale at certain periods based on previous traffic patterns
B. Use an AWS Lambda function to scale Amazon ECS based on metric breaches that trigger an Amazon CloudWatch alarm
C. Use Amazon EC2 Auto Scaling with simple scaling policies to scale when ECS metric breaches trigger an Amazon CloudWatch alarm
D. Use AWS Application Auto Scaling with target tracking policies to scale when ECS metric breaches trigger an Amazon CloudWatch alarm
View answer
Correct Answer: D
Question #21
A company's website uses an Amazon EC2 instance store for its catalog of items. The company wants to make sure that the catalog is highly available and that the catalog is stored in a durable location. What should a solutions architect do to meet these requirements? A.Move the catalog to Amazon ElastiCache for Redis.
B. Deploy a larger EC2 instance with a larger instance store
View answer
Correct Answer: A
Question #22
A company uses 50 TB of data for reporting. The company wants to move this data from on premises to AWS. A custom application in the companys data center runs a weekly data transformation job. The company plans to pause the application until the data transfer is complete and needs to begin the transfer process as soon as possible.The data center does not have any available network bandwidth for additional workloads. A solutions architect must transfer the data and must configure the transformation job to co
A. Use AWS DataSync to move the data
B. Order an AWS Snowcone device to move the data
C. Order an AWS Snowball Edge Storage Optimized device
D. Order an AWS Snowball Edge Storage Optimized device that includes Amazon EC2 compute
View answer
Correct Answer: C
Question #23
A. Amazon EBS Cold HDD (sc1)
B. Amazon EBS General Purpose SSD (gp2)
C. Amazon EBS Provisioned IOPS SSD (io1)
D. Amazon EBS Throughput Optimized HDD (st1)
117. A company’s application hosted on Amazon EC2 instances needs to access an Amazon S3 bucket
View answer
Correct Answer: B
Question #24
A company recently launched a variety of new workloads on Amazon EC2 instances in its AWS account. The company needs to create a strategy to access and administer the instances remotely and securely. The company needs to implement a repeatable process that works with native AWS services and follows the AWS Well-Architected Framework. Which solution will meet these requirements with the LEAST operational overhead?
A. Use the EC2 serial console to directly access the terminal interface of each instance for administration
B. Attach the appropriate 1AM role to each existing instance and new instance
View answer
Correct Answer: B
Question #25
A. Configure two AWS Lambda functions to run the applications. Create an Amazon EC2 instance with an instance store volume to store the data.
B. Configure two AWS Lambda functions to run the applications
C. Configure one memory optimized Amazon EC2 instance to run both applications simultaneously
D. Configure two Amazon EC2 instances to run both applications
119. An ecommerce company has noticed performance degradation of its Amazon RDS based web application
View answer
Correct Answer: D
Question #26
A company has an Amazon S3 bucket that contains critical dat
A. The company must protect the data from accidental deletion
A. Enable versioning on the S3 bucket
B. Enable MFA Delete on the S3 bucket
E. Create a lifecycle policy for the objects in the S3 bucket
View answer
Correct Answer: AB
Question #27
A company stores multiple Amazon Machine Images (AMIs) in an AWS account to launch its Amazon EC2 instances. The AMIs contain critical data and configurations that are necessary for the company's operations. The company wants to implement a solution that will recover accidentally deleted AMIs quickly and efficiently. Which solution will meet these requirements with the LEAST operational overhead? Recycle Bin is a data recovery feature that enables you to restore accidentally deleted Amazon EBS snapshots and
A. reate Amazon Elastic Block Store (Amazon EBS) snapshots of the AMIs
B. opy all AMIs to another AWS account periodically
C. reate a retention rule in Recycle Bin
D. pload the AMIs to an Amazon S3 bucket that has Cross-Region Replication
View answer
Correct Answer: C
Question #28
A. Create an origin access identity (OAI) and associate it with the distribution. Change the permissions in the bucket policy so that only the OAI can read the objects.
B. Create an AWS WAF web ACL that includes the same IP restrictions that exist in the EC2 security group
C. Create a new security group that includes the same IP restrictions that exist in the current EC2 security group
D. Create a new security group that includes the same IP restrictions that exist in the current EC2 security group
E. Create a new IAM role and associate the role with the distribution
111. A company is investigating potential solutions that would collect, process, and store users’ service usage data
View answer
Correct Answer: C
Question #29
A company hosts a three-tier ecommerce application on a fleet of Amazon EC2 instances. The instances run in an Auto Scaling group behind an Application Load Balancer (ALB). All ecommerce data is stored in an Amazon RDS for MariaDB Multi-AZ DB instance.The company wants to optimize customer session management during transactions. The application must store session data durably.Which solutions will meet these requirements? (Choose two.)
A. Turn on the sticky sessions feature (session affinity) on the ALB
B. Use an Amazon DynamoDB table to store customer session information
C. Deploy an Amazon Cognito user pool to manage user session information
D. Deploy an Amazon ElastiCache for Redis cluster to store customer session information
E. Use AWS Systems Manager Application Manager in the application to manage user session information
View answer
Correct Answer: BD
Question #30
A company has a production workload that runs on 1,000 Amazon EC2 Linux instances. The workload is powered by third-party software. The company needs to patch the third-party software on all EC2 instances as quickly as possible to remediate a critical security vulnerability. What should a solutions architect do to meet these requirements?
A. Create an AWS Lambda function to apply the patch to all EC2 instances
B. Configure AWS Systems Manager Patch Manager to apply the patch to all EC2 instances
View answer
Correct Answer: D
Question #31
A company has a data ingestion workflow that consists the following: An Amazon Simple Notification Service (Amazon SNS) topic for notifications about new data deliveries An AWS Lambda function to process the data and record metadata The company observes that the ingestion workflow fails occasionally because of network connectivity issues. When such a failure occurs, the Lambda function does not ingest the corresponding data unless the company manually reruns the job. Which combination of actions should a so
A. Configure the Lambda function In multiple Availability Zones
B. Create an Amazon Simple Queue Service (Amazon SQS) queue, and subscribe It to me SNS topic
E. Modify the Lambda function to read from an Amazon Simple Queue Service (Amazon SQS) queue
View answer
Correct Answer: BE
Question #32
A company provides a Voice over Internet Protocol (VoIP) service that uses UDP connections. The service consists of Amazon EC2 instances that run in an Auto Scaling group. The company has deployments across multiple AWS Regions. The company needs to route users to the Region with the lowest latency. The company also needs automated failover between Regions. Which solution will meet these requirements?
A. Deploy a Network Load Balancer (NLB) and an associated target group
B. Deploy an Application Load Balancer (ALB) and an associated target group
View answer
Correct Answer: C
Question #33
A company needs to retain application log files for a critical application for 10 years. The application team regularly accesses logs from the past month for troubleshooting, but logs older than 1 month are rarely accessed. The application generates more than 10 TB of logs per month.Which storage option meets these requirements MOST cost-effectively?
A. Store the logs in Amazon S3
B. Store the logs in Amazon S3
C. Store the logs in Amazon CloudWatch Logs
D. Store the logs in Amazon CloudWatch Logs
View answer
Correct Answer: B
Question #34
A company is building an application in the AWS Cloud. The application will store data in Amazon S3 buckets in two AWS Regions. The company must use an AWS Key Management Service (AWS KMS) customer managed key to encrypt all data that is stored in the S3 buckets. The data in both S3 buckets must be encrypted and decrypted with the same KMS key. The data and the key must be stored in each of the two Regions. Which solution will meet these requirements with the LEAST operational overhead?
A. Create an S3 bucket in each Region Configure the S3 buckets to use server-side encryption with Amazon S3 managed encryption keys (SSE-S3) Configure replication between the S3 buckets
B. Create a customer managed multi-Region KMS key
View answer
Correct Answer: C
Question #35
A company is preparing to launch a public-facing web application in the AWS Cloud. The architecture consists of Amazon EC2 instances within a VPC behind an Elastic Load Balancer (ELB). A third-party service is used for the DNS. The company's solutions architect must recommend a solution to detect and protect against large-scale DDoS attacks. Which solution meets these requirements?
A. Enable Amazon GuardDuty on the account
B. Enable Amazon Inspector on the EC2 instances
View answer
Correct Answer: D
Question #36
A company is hosting a static website on Amazon S3 and is using Amazon Route 53 for DNS. The website is experiencing increased demand from around the world. The company must decrease latency for users who access the website. Which solution meets these requirements MOST cost-effectively?
A. Replicate the S3 bucket that contains the website to all AWS Regions
B. Provision accelerators in AWS Global Accelerator
View answer
Correct Answer: C
Question #37
A. Deploy Amazon S3 Glacier Vault and enable expedited retrieval. Enable provisioned retrieval capacity for the workload.
B. Deploy AWS Storage Gateway using cached volumes
C. Deploy AWS Storage Gateway using stored volumes to store data locally
D. Deploy AWS Direct Connect to connect with the on-premises data center
106. A company is processing data on a daily basis
View answer
Correct Answer: D
Question #38
A company needs guaranteed Amazon EC2 capacity in three specific Availability Zones in a specific AWS Region for an upcoming event that will last 1 week. What should the company do to guarantee the EC2 capacity?
A. Purchase Reserved instances that specify the Region needed
B. Create an On Demand Capacity Reservation that specifies the Region needed C
View answer
Correct Answer: D
Question #39
A company maintains a searchable repository of items on its website. The data is stored in an Amazon RDS for MySQL database table that contains more than 10 million rows The database has 2 TB of General Purpose SSD storage There are millions of updates against this data every day through the company's website The company has noticed that some insert operations are taking 10 seconds or longer The company has determined that the database storage performance is the problem Which solution addresses this perform
A. Change the storage type to Provisioned IOPS SSD
B. Change the DB instance to a memory optimized instance class C
View answer
Correct Answer: A
Question #40
A company runs a highly available image-processing application on Amazon EC2 instances in a single VPC The EC2 instances run inside several subnets across multiple Availability Zones. The EC2 instances do not communicate with each other However, the EC2 instances download images from Amazon S3 and upload images to Amazon S3 through a single NAT gateway The company is concerned about data transfer charges What is the MOST cost-effective way for the company to avoid Regional data transfer charges?
A. Launch the NAT gateway in each Availability Zone
B. Replace the NAT gateway with a NAT instance C
View answer
Correct Answer: C
Question #41
A company runs an online marketplace web application on AWS. The application serves hundreds of thousands of users during peak hours. The company needs a scalable, near-real-time solution to share the details of millions of financial transactions with several other internal applications Transactions also need to be processed to remove sensitive data before being stored in a document database for low-latency retrieval. What should a solutions architect recommend to meet these requirements? A.Store the transa
B. Stream the transactions data into Amazon Kinesis Data Firehose to store data in Amazon DynamoDB and Amazon S3 Use AWS Lambda integration with Kinesis Data Firehose to remove sensitive data
View answer
Correct Answer: C
Question #42
A. Server-side encryption with customer-provided encryption keys
B. Client-side encryption with Amazon S3 managed encryption keys
C. Server-side encryption with keys stored in AWS key Management Service (AWS KMS)
D. Client-side encryption with a master key stored in AWS Key Management Service (AWS KMS)
110. A solutions architect is moving the static content from a public website hosted on Amazon EC2 instances to an Amazon S3 bucket
View answer
Correct Answer: AB
Question #43
A company is developing an application that provides order shipping statistics for retrieval by a REST API. The company wants to extract the shipping statistics, organize the data into an easy-to-read HTML format, and send the report to several email addresses at the same time every morning. Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)
A. Configure the application to send the data to Amazon Kinesis Data Firehose
B. Use Amazon Simple Email Service (Amazon SES) to format the data and to send the report by email
View answer
Correct Answer: DE
Question #44
A development team needs to host a website that will be accessed by other teams. The website contents consist of HTML, CSS, client-side JavaScript, and images Which method is the MOST costeffective for hosting the website?
A. Containerize the website and host it in AWS Fargate
B. Create an Amazon S3 bucket and host the website there C
View answer
Correct Answer: B
Question #45
A company is building a game system that needs to send unique events to separate leaderboard, matchmaking, and authentication services concurrently. The company needs an AWS event-driven system that guarantees the order of the events.Which solution will meet these requirements?
A. Amazon EventBridge event bus
B. Amazon Simple Notification Service (Amazon SNS) FIFO topics
C. Amazon Simple Notification Service (Amazon SNS) standard topics
D. Amazon Simple Queue Service (Amazon SQS) FIFO queues
View answer
Correct Answer: B
Question #46
A. Enable public access on an Amazon S3 bucket.
B. Generate a pre signed URL to share with the users
C. Encrypt files using AWS KMS and provide keys to the users
D. Create and assign IAM roles that will grant GetObject permissions to the users
108. A company wants to run a hybrid workload for data processing
View answer
Correct Answer: C
Question #47
A development team runs monthly resource-intensive tests on its general purpose Amazon RDS for MySQL DB instance with Performance Insights enabled. The testing lasts for 48 hours once a month and is the only process that uses the database. The team wants to reduce the cost of running the tests without reducing the compute and memory attributes of the DB instance. Which solution meets these requirements MOST cost-effectively?
A. Stop the DB instance when tests are completed
B. Use an Auto Scaling policy with the DB instance to automatically scale when tests are completed
View answer
Correct Answer: C
Question #48
A company has an on-premises application that generates a large amount of time-sensitive data that is backed up to Amazon S3. The application has grown and there are user complaints about internet bandwidth limitations. A solutions architect needs to design a long-term solution that allows for both timely backups to Amazon S3 and with minimal impact on internet connectivity for internal users. Which solution meets these requirements?
A. Establish AWS VPN connections and proxy all traffic through a VPC gateway endpoint
B. Establish a new AWS Direct Connect connection and direct backup traffic through this new connection
View answer
Correct Answer: B
Question #49
A company is designing an application. The application uses an AWS Lambda function to receive information through Amazon API Gateway and to store the information in an Amazon Aurora PostgreSQL database. During the proof-of-concept stage, the company has to increase the Lambda quotas significantly to handle the high volumes of data that the company needs to load into the database. A solutions architect must recommend a new design to improve scalability and minimize the configuration effort. Which solution wi
A. Refactor the Lambda function code to Apache Tomcat code that runs on Amazon EC2 instances
B. Change the platform from Aurora to Amazon DynamoDB
View answer
Correct Answer: D
Question #50
A company has a three-tier environment on AWS that ingests sensor data from its users' devices The traffic flows through a Network Load Balancer (NIB) then to Amazon EC2 instances for the web tier and finally to EC2 instances for the application tier that makes database calls What should a solutions architect do to improve the security of data in transit to the web tier? A: How do you protect your data in transit? Best Practices: Implement secure key and certificate management: Store encryption keys and cer
A. onfigure a TLS listener and add the server certificate on the NLB
B. onfigure AWS Shield Advanced and enable AWS WAF on the NLB
C. hange the load balancer to an Application Load Balancer and attach AWS WAF to it
D. ncrypt the Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instances using AWS Key Management Service (AWS KMS)
View answer
Correct Answer: A
Question #51
A company that hosts its web application on AWS wants to ensure all Amazon EC2 instances. Amazon RDS DB instances. and Amazon Redshift clusters are configured with tags. The company wants to minimize the effort of configuring and operating this check. What should a solutions architect do to accomplish this?
A. Use AWS Config rules to define and detect resources that are not properly tagged
B. Use Cost Explorer to display resources that are not properly tagged
View answer
Correct Answer: A
Question #52
A company hosts its multi-tier applications on AWS. For compliance, governance, auditing, and security, the company must track configuration changes on its AWS resources and record a history of API calls made to these resources. What should a solutions architect do to meet these requirements?
A. Use AWS CloudTrail to track configuration changes and AWS Config to record API calls
B. Use AWS Config to track configuration changes and AWS CloudTrail to record API calls C
View answer
Correct Answer: B
Question #53
A. Create a private hosted zone using Amazon Route 53.
B. Configure a VPC gateway endpoint for Amazon S3 in the VPC
C. Configure AWS Private Link between the EC2 instance and the S3 bucket
D. Set up a site-to-site VPN connection between the VPC and the S3 bucket
118. A company has two applications it wants to migrate to AWS
View answer
Correct Answer: D
Question #54
A. Amazon S3
B. AWS Secrets Manager
C. AWS Systems Manager Parameter store
D. AWS Key Management Service (AWS KMS)
115. A recent analysis of a company’s IT expenses highlights the need to reduce backup costs
View answer
Correct Answer: A
Question #55
A. Use an AWS Storage Gateway file gateway to provide file storage to AWS, then perform analytics on this data in the AWS Cloud.
B. Use an AWS storage Gateway tape gateway to copy the backup of the local data to AWS, then perform analytics on this data in the AWS cloud
C. Use an AWS Storage Gateway volume gateway in a stored volume configuration to regularly take snapshots of the local data, then copy the data to AWS
D. Use an AWS Storage Gateway volume gateway in a cached volume configuration to back up all the local storage in the AWS cloud, then perform analytics on this data in the cloud
109. A company plans to store sensitive user data on Amazon S3
View answer
Correct Answer: A
Question #56
A solutions architect is designing a VPC with public and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs) for high availability. An internet gateway is used to provide internet access for the public subnets. The private subnets require access to the internet to allow Amazon EC2 instances to download software updates.What should the solutions architect do to enable Internet access for the private subnets?
A. Create three NAT gateways, one for each public subnet in each AZ
B. Create three NAT instances, one for each private subnet in each AZ
C. Create a second internet gateway on one of the private subnets
D. Create an egress-only internet gateway on one of the public subnets
View answer
Correct Answer: A
Question #57
A company is launching a new application and will display application metrics on an Amazon CloudWatch dashboard. The company’s product manager needs to access this dashboard periodically. The product manager does not have an AWS account. A solution architect must provide access to the product manager by following the principle of least privilege. Which solution will meet these requirements?
A. Share the dashboard from the CloudWatch console
B. Create an IAM user specifically for the product manager
View answer
Correct Answer: A
Question #58
A company has thousands of edge devices that collectively generate 1 TB of status alerts each day. Each alert is approximately 2 KB in size. A solutions architect needs to implement a solution to ingest and store the alerts for future analysis. The company wants a highly available solution. However, the company needs to minimize costs and does not want to manage additional infrastructure. Additionally, the company wants to keep 14 days of data available for immediate analysis and archive any data older than
A. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts Configure the Kinesis Data Firehose stream to deliver the alerts to an Amazon S3 bucket Set up an S3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days
B. Launch Amazon EC2 instances across two Availability Zones and place them behind an Elastic Load Balancer to ingest the alerts Create a script on the EC2 instances that will store tne alerts m an Amazon S3 bucket Set up an S3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days C
View answer
Correct Answer: A
Question #59
A company wants to run its payment application on AWS The application receives payment notifications from mobile devices Payment notifications require a basic validation before they are sent for further processing The backend processing application is long running and requires compute and memory to be adjusted The company does not want to manage the infrastructure Which solution will meet these requirements with the LEAST operational overhead? This option is the best solution because it allows the company t
A. reate an Amazon Simple Queue Service (Amazon SQS) queue Integrate the queue with an Amazon EventBndge rule to receive payment notifications from mobile devices Configure the rule to validate payment notifications and send the notifications to the backend application Deploy the backend application on Amazon Elastic Kubernetes Service (Amazon EKS) Anywhere Create a standalone cluster
B. reate an Amazon API Gateway API Integrate the API with anAWS Step Functions state machine to receive payment notifications from mobile devices Invoke the state
machine to validate payment notifications and send the notifications to the backend application Deploy the backend application on Amazon Elastic Kubernetes Sen/ice (Amazon EKS). Configure an EKS cluster with self-managed nodes
C. reate an Amazon Simple Queue Sen/ice (Amazon SQS) queue Integrate the queue with an Amazon EventBridge rule to receive payment notifications from mobile devices Configure the rule to validate payment notifications and send the notifications to the backend application Deploy the backend application on Amazon EC2 Spot Instances Configure a Spot Fleet with a default allocation strategy
D. reate an Amazon API Gateway API Integrate the API with AWS Lambda to receive payment notifications from mobile devices Invoke a Lambda function to validate payment notifications and send the notifications to the backend application Deploy the backend application on Amazon Elastic Container Service (Amazon ECS)
View answer
Correct Answer: D

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: