ExamGecko
Home / Amazon / SAA-C03 / List of questions
Ask Question

Amazon SAA-C03 Practice Test - Questions Answers, Page 10

List of questions

Question 91

Report
Export
Collapse

A company has applications that run on Amazon EC2 instances in a VPC. One of the applications needs to call the Amazon S3 API to store and read objects. According to the company's security regulations, no traffic from the applications is allowed to travel across the internet.

Which solution will meet these requirements?

Configure an S3 interface endpoint.
Configure an S3 interface endpoint.
Configure an S3 gateway endpoint.
Configure an S3 gateway endpoint.
Create an S3 bucket in a private subnet.
Create an S3 bucket in a private subnet.
Create an S3 bucket in the same Region as the EC2 instance.
Create an S3 bucket in the same Region as the EC2 instance.
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-endpoints.html

asked 16/09/2024
Robert L Swafford
38 questions

Question 92

Report
Export
Collapse

A company is storing sensitive user information in an Amazon S3 bucket The company wants to provide secure access to this bucket from the application tier running on Ama2on EC2 instances inside a VPC Which combination of steps should a solutions architect take to accomplish this? (Select TWO.)

Configure a VPC gateway endpoint for Amazon S3 within the VPC
Configure a VPC gateway endpoint for Amazon S3 within the VPC
Create a bucket policy to make the objects to the S3 bucket public
Create a bucket policy to make the objects to the S3 bucket public
Create a bucket policy that limits access to only the application tier running in the VPC
Create a bucket policy that limits access to only the application tier running in the VPC
Create an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance
Create an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance
Create a NAT instance and have the EC2 instances use the NAT instance to access the S3 bucket
Create a NAT instance and have the EC2 instances use the NAT instance to access the S3 bucket
Suggested answer: A, C

Explanation:

https://aws.amazon.com/premiumsupport/knowledge-center/s3-private-connection-noauthentication/

asked 16/09/2024
Tomas Ojeda
41 questions

Question 93

Report
Export
Collapse

A company runs an on-premises application that is powered by a MySQL database The company is migrating the application to AWS to Increase the application's elasticity and availability The current architecture shows heavy read activity on the database during times of normal operation Every 4 hours the company's development team pulls a full export of the production database to populate a database in the staging environment During this period, users experience unacceptable application latency The development team is unable to use the staging environment until the procedure completes A solutions architect must recommend replacement architecture that alleviates the application latency issue

The replacement architecture also must give the development team the ability to continue using the staging environment without delay Which solution meets these requirements?

Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production. Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production. Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production Use database cloning to create the staging database on-demand
Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production Use database cloning to create the staging database on-demand
Use Amazon RDS for MySQL with a Mufti AZ deployment and read replicas for production Use the standby instance tor the staging database.
Use Amazon RDS for MySQL with a Mufti AZ deployment and read replicas for production Use the standby instance tor the staging database.
Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas for production.Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas for production.Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Suggested answer: B
asked 16/09/2024
ME BOX
30 questions

Question 94

Report
Export
Collapse

A company is designing an application where users upload small files into Amazon S3. After a user uploads a file, the file requires one-time simple processing to transform the data and save the data in JSON format for later analysis. Each file must be processed as quickly as possible after it is uploaded. Demand will vary. On some days, users will upload a high number of files. On other days, users will upload a few files or no files. Which solution meets these requirements with the LEAST operational overhead?

Configure Amazon EMR to read text files from Amazon S3. Run processing scripts to transform the data. Store the resulting JSON file in an Amazon Aurora DB cluster.
Configure Amazon EMR to read text files from Amazon S3. Run processing scripts to transform the data. Store the resulting JSON file in an Amazon Aurora DB cluster.
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use Amazon EC2 instances to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB.
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use Amazon EC2 instances to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB.
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use an AWS Lambda function to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB. Most Voted
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use an AWS Lambda function to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB. Most Voted
Configure Amazon EventBridge (Amazon CloudWatch Events) to send an event to Amazon Kinesis Data Streams when a new file is uploaded. Use an AWS Lambda function to consume the event from the stream and process the data. Store the resulting JSON file in Amazon Aurora DB cluster.
Configure Amazon EventBridge (Amazon CloudWatch Events) to send an event to Amazon Kinesis Data Streams when a new file is uploaded. Use an AWS Lambda function to consume the event from the stream and process the data. Store the resulting JSON file in Amazon Aurora DB cluster.
Suggested answer: C

Explanation:

Amazon S3 sends event notifications about S3 buckets (for example, object created, object removed, or object restored) to an SNS topic in the same Region. The SNS topic publishes the event to an SQS queue in the central Region.

The SQS queue is configured as the event source for your Lambda function and buffers the event messages for the Lambda function. The Lambda function polls the SQS queue for messages and processes the Amazon S3 event notifications according to your application’s requirements. https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/subscribe-a-lambda-functionto- event-notifications-from-s3-buckets-in-different-aws-regions.html

asked 16/09/2024
efrem perry
43 questions

Question 95

Report
Export
Collapse

An application allows users at a company's headquarters to access product dat a. The product data is stored in an Amazon RDS MySQL DB instance. The operations team has isolated an application performance slowdown and wants to separate read traffic from write traffic.

A solutions architect needs to optimize the application's performance quickly.

What should the solutions architect recommend?

Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.
Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.
Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.
Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.
Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.
Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.
Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.
Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_MySQL.Replication.ReadReplica s.html

asked 16/09/2024
Juy Juy
39 questions

Question 96

Report
Export
Collapse

An Amazon EC2 administrator created the following policy associated with an IAM group containing several users

Amazon SAA-C03 image Question 96 5007 09162024005823000000

What is the effect of this policy?

Users can terminate an EC2 instance in any AWS Region except us-east-1.
Users can terminate an EC2 instance in any AWS Region except us-east-1.
Users can terminate an EC2 instance with the IP address 10 100 100 1 in the us-east-1 Region
Users can terminate an EC2 instance with the IP address 10 100 100 1 in the us-east-1 Region
Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100 100 254
Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100 100 254
Suggested answer: C

Explanation:

Explanation: as the policy prevents anyone from doing any EC2 action on any region except us-east-1 and allows only users with source ip 10.100.100.0/24 to terminate instances. So user with source ip 10.100.100.254 can terminate instances in us-east-1 region.

asked 16/09/2024
Naveen Nama
37 questions

Question 97

Report
Export
Collapse

A company has a large Microsoft SharePoint deployment running on-premises that requires Microsoft Windows shared file storage. The company wants to migrate this workload to the AWS Cloud and is considering various storage options. The storage solution must be highly available and integrated with Active Directory for access control. Which solution will satisfy these requirements?

Configure Amazon EFS storage and set the Active Directory domain for authentication
Configure Amazon EFS storage and set the Active Directory domain for authentication
Create an SMB Me share on an AWS Storage Gateway tile gateway in two Availability Zones
Create an SMB Me share on an AWS Storage Gateway tile gateway in two Availability Zones
Create an Amazon S3 bucket and configure Microsoft Windows Server to mount it as a volume
Create an Amazon S3 bucket and configure Microsoft Windows Server to mount it as a volume
Create an Amazon FSx for Windows File Server file system on AWS and set the Active Directory domain for authentication
Create an Amazon FSx for Windows File Server file system on AWS and set the Active Directory domain for authentication
Suggested answer: D
asked 16/09/2024
Sharanjit Kareer
41 questions

Question 98

Report
Export
Collapse

An image-processing company has a web application that users use to upload images. The application uploads the images into an Amazon S3 bucket. The company has set up S3 event notifications to publish the object creation events to an Amazon Simple Queue Service (Amazon SQS) standard queue. The SQS queue serves as the event source for an AWS Lambda function that processes the images and sends the results to users through email. Users report that they are receiving multiple email messages for every uploaded image. A solutions architect determines that SQS messages are invoking the Lambda function more than once, resulting in multiple email messages. What should the solutions architect do to resolve this issue with the LEAST operational overhead?

Set up long polling in the SQS queue by increasing the ReceiveMessage wait time to 30 seconds.
Set up long polling in the SQS queue by increasing the ReceiveMessage wait time to 30 seconds.
Change the SQS standard queue to an SQS FIFO queue. Use the message deduplication ID to discard duplicate messages.
Change the SQS standard queue to an SQS FIFO queue. Use the message deduplication ID to discard duplicate messages.
Increase the visibility timeout in the SQS queue to a value that is greater than the total of the function timeout and the batch window timeout.
Increase the visibility timeout in the SQS queue to a value that is greater than the total of the function timeout and the batch window timeout.
Modify the Lambda function to delete each message from the SQS queue immediately after the message is read before processing.
Modify the Lambda function to delete each message from the SQS queue immediately after the message is read before processing.
Suggested answer: C
asked 16/09/2024
Dinu Jose Varghese
38 questions

Question 99

Report
Export
Collapse

A company is implementing a shared storage solution for a media application that is hosted m the AWS Cloud The company needs the ability to use SMB clients to access data The solution must he fully managed. Which AWS solution meets these requirements?

Create an AWS Storage Gateway volume gateway. Create a file share that uses the required client protocol Connect the application server to the tile share.
Create an AWS Storage Gateway volume gateway. Create a file share that uses the required client protocol Connect the application server to the tile share.
Create an AWS Storage Gateway tape gateway Configure (apes to use Amazon S3 Connect the application server lo the tape gateway
Create an AWS Storage Gateway tape gateway Configure (apes to use Amazon S3 Connect the application server lo the tape gateway
Create an Amazon EC2 Windows instance Install and configure a Windows file share role on the instance. Connect the application server to the file share.
Create an Amazon EC2 Windows instance Install and configure a Windows file share role on the instance. Connect the application server to the file share.
Create an Amazon FSx for Windows File Server tile system Attach the fie system to the origin server. Connect the application server to the tile system
Create an Amazon FSx for Windows File Server tile system Attach the fie system to the origin server. Connect the application server to the tile system
Suggested answer: D

Explanation:

Amazon FSx has native support for Windows file system features and for the industry-standard Server Message Block (SMB) protocol to access file storage over a network.https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what- is.html

asked 16/09/2024
martijn Spelt
41 questions

Question 100

Report
Export
Collapse

A company's containerized application runs on an Amazon EC2 instance. The application needs to download security certificates before it can communicate with other business applications. The company wants a highly secure solution to encrypt and decrypt the certificates in near real time. The solution also needs to store data in highly available storage after the data is encrypted. Which solution will meet these requirements with the LEAST operational overhead?

Create AWS Secrets Manager secrets for encrypted certificates. Manually update the certificates as needed. Control access to the data by using fine-grained IAM access.
Create AWS Secrets Manager secrets for encrypted certificates. Manually update the certificates as needed. Control access to the data by using fine-grained IAM access.
Create an AWS Lambda function that uses the Python cryptography library to receive and perform encryption operations. Store the function in an Amazon S3 bucket.
Create an AWS Lambda function that uses the Python cryptography library to receive and perform encryption operations. Store the function in an Amazon S3 bucket.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon S3.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon S3.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon Elastic Block Store (Amazon EBS) volumes.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon Elastic Block Store (Amazon EBS) volumes.
Suggested answer: C
asked 16/09/2024
Paul Beugelsdijk
40 questions
Total 1.002 questions
Go to page: of 101
Search

Related questions