ExamGecko
Login
Home / Amazon / SAA-C03 / List of questions
Ask Question

Amazon SAA-C03 Practice Test - Questions Answers, Page 10

List of questions

Question 91

Report
Export
Collapse

A company has applications that run on Amazon EC2 instances in a VPC. One of the applications needs to call the Amazon S3 API to store and read objects. According to the company's security regulations, no traffic from the applications is allowed to travel across the internet.

Which solution will meet these requirements?

Configure an S3 interface endpoint.
Configure an S3 interface endpoint.
Configure an S3 gateway endpoint.
Configure an S3 gateway endpoint.
Create an S3 bucket in a private subnet.
Create an S3 bucket in a private subnet.
Create an S3 bucket in the same Region as the EC2 instance.
Create an S3 bucket in the same Region as the EC2 instance.
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-endpoints.html

asked 16/09/2024
Robert L Swafford
38 questions

Question 92

Report
Export
Collapse

A company is storing sensitive user information in an Amazon S3 bucket The company wants to provide secure access to this bucket from the application tier running on Ama2on EC2 instances inside a VPC Which combination of steps should a solutions architect take to accomplish this? (Select TWO.)

Configure a VPC gateway endpoint for Amazon S3 within the VPC
Configure a VPC gateway endpoint for Amazon S3 within the VPC
Create a bucket policy to make the objects to the S3 bucket public
Create a bucket policy to make the objects to the S3 bucket public
Create a bucket policy that limits access to only the application tier running in the VPC
Create a bucket policy that limits access to only the application tier running in the VPC
Create an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance
Create an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance
Create a NAT instance and have the EC2 instances use the NAT instance to access the S3 bucket
Create a NAT instance and have the EC2 instances use the NAT instance to access the S3 bucket
Suggested answer: A, C

Explanation:

https://aws.amazon.com/premiumsupport/knowledge-center/s3-private-connection-noauthentication/

asked 16/09/2024
Tomas Ojeda
41 questions

Question 93

Report
Export
Collapse

A company runs an on-premises application that is powered by a MySQL database The company is migrating the application to AWS to Increase the application's elasticity and availability The current architecture shows heavy read activity on the database during times of normal operation Every 4 hours the company's development team pulls a full export of the production database to populate a database in the staging environment During this period, users experience unacceptable application latency The development team is unable to use the staging environment until the procedure completes A solutions architect must recommend replacement architecture that alleviates the application latency issue

The replacement architecture also must give the development team the ability to continue using the staging environment without delay Which solution meets these requirements?

Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production. Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production. Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production Use database cloning to create the staging database on-demand
Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production Use database cloning to create the staging database on-demand
Use Amazon RDS for MySQL with a Mufti AZ deployment and read replicas for production Use the standby instance tor the staging database.
Use Amazon RDS for MySQL with a Mufti AZ deployment and read replicas for production Use the standby instance tor the staging database.
Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas for production.Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas for production.Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Suggested answer: B
asked 16/09/2024
ME BOX
30 questions

Question 94

Report
Export
Collapse

A company is designing an application where users upload small files into Amazon S3. After a user uploads a file, the file requires one-time simple processing to transform the data and save the data in JSON format for later analysis. Each file must be processed as quickly as possible after it is uploaded. Demand will vary. On some days, users will upload a high number of files. On other days, users will upload a few files or no files. Which solution meets these requirements with the LEAST operational overhead?

Configure Amazon EMR to read text files from Amazon S3. Run processing scripts to transform the data. Store the resulting JSON file in an Amazon Aurora DB cluster.
Configure Amazon EMR to read text files from Amazon S3. Run processing scripts to transform the data. Store the resulting JSON file in an Amazon Aurora DB cluster.
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use Amazon EC2 instances to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB.
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use Amazon EC2 instances to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB.
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use an AWS Lambda function to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB. Most Voted
Configure Amazon S3 to send an event notification to an Amazon Simple Queue Service (Amazon SQS) queue. Use an AWS Lambda function to read from the queue and process the data. Store the resulting JSON file in Amazon DynamoDB. Most Voted
Configure Amazon EventBridge (Amazon CloudWatch Events) to send an event to Amazon Kinesis Data Streams when a new file is uploaded. Use an AWS Lambda function to consume the event from the stream and process the data. Store the resulting JSON file in Amazon Aurora DB cluster.
Configure Amazon EventBridge (Amazon CloudWatch Events) to send an event to Amazon Kinesis Data Streams when a new file is uploaded. Use an AWS Lambda function to consume the event from the stream and process the data. Store the resulting JSON file in Amazon Aurora DB cluster.
Suggested answer: C

Explanation:

Amazon S3 sends event notifications about S3 buckets (for example, object created, object removed, or object restored) to an SNS topic in the same Region. The SNS topic publishes the event to an SQS queue in the central Region.

The SQS queue is configured as the event source for your Lambda function and buffers the event messages for the Lambda function. The Lambda function polls the SQS queue for messages and processes the Amazon S3 event notifications according to your application’s requirements. https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/subscribe-a-lambda-functionto- event-notifications-from-s3-buckets-in-different-aws-regions.html

asked 16/09/2024
efrem perry
43 questions

Question 95

Report
Export
Collapse

An application allows users at a company's headquarters to access product dat a. The product data is stored in an Amazon RDS MySQL DB instance. The operations team has isolated an application performance slowdown and wants to separate read traffic from write traffic.

A solutions architect needs to optimize the application's performance quickly.

What should the solutions architect recommend?

Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.
Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.
Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.
Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.
Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.
Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.
Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.
Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_MySQL.Replication.ReadReplica s.html

asked 16/09/2024
Juy Juy
39 questions

Question 96

Report
Export
Collapse

An Amazon EC2 administrator created the following policy associated with an IAM group containing several users

Amazon SAA-C03 image Question 96 5007 09162024005823000000

What is the effect of this policy?

Users can terminate an EC2 instance in any AWS Region except us-east-1.
Users can terminate an EC2 instance in any AWS Region except us-east-1.
Users can terminate an EC2 instance with the IP address 10 100 100 1 in the us-east-1 Region
Users can terminate an EC2 instance with the IP address 10 100 100 1 in the us-east-1 Region
Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100 100 254
Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100 100 254
Suggested answer: C

Explanation:

Explanation: as the policy prevents anyone from doing any EC2 action on any region except us-east-1 and allows only users with source ip 10.100.100.0/24 to terminate instances. So user with source ip 10.100.100.254 can terminate instances in us-east-1 region.

asked 16/09/2024
Naveen Nama
37 questions

Question 97

Report
Export
Collapse

A company has a large Microsoft SharePoint deployment running on-premises that requires Microsoft Windows shared file storage. The company wants to migrate this workload to the AWS Cloud and is considering various storage options. The storage solution must be highly available and integrated with Active Directory for access control. Which solution will satisfy these requirements?

Configure Amazon EFS storage and set the Active Directory domain for authentication
Configure Amazon EFS storage and set the Active Directory domain for authentication
Create an SMB Me share on an AWS Storage Gateway tile gateway in two Availability Zones
Create an SMB Me share on an AWS Storage Gateway tile gateway in two Availability Zones
Create an Amazon S3 bucket and configure Microsoft Windows Server to mount it as a volume
Create an Amazon S3 bucket and configure Microsoft Windows Server to mount it as a volume
Create an Amazon FSx for Windows File Server file system on AWS and set the Active Directory domain for authentication
Create an Amazon FSx for Windows File Server file system on AWS and set the Active Directory domain for authentication
Suggested answer: D
asked 16/09/2024
Sharanjit Kareer
41 questions

Question 98

Report
Export
Collapse

An image-processing company has a web application that users use to upload images. The application uploads the images into an Amazon S3 bucket. The company has set up S3 event notifications to publish the object creation events to an Amazon Simple Queue Service (Amazon SQS) standard queue. The SQS queue serves as the event source for an AWS Lambda function that processes the images and sends the results to users through email. Users report that they are receiving multiple email messages for every uploaded image. A solutions architect determines that SQS messages are invoking the Lambda function more than once, resulting in multiple email messages. What should the solutions architect do to resolve this issue with the LEAST operational overhead?

Set up long polling in the SQS queue by increasing the ReceiveMessage wait time to 30 seconds.
Set up long polling in the SQS queue by increasing the ReceiveMessage wait time to 30 seconds.
Change the SQS standard queue to an SQS FIFO queue. Use the message deduplication ID to discard duplicate messages.
Change the SQS standard queue to an SQS FIFO queue. Use the message deduplication ID to discard duplicate messages.
Increase the visibility timeout in the SQS queue to a value that is greater than the total of the function timeout and the batch window timeout.
Increase the visibility timeout in the SQS queue to a value that is greater than the total of the function timeout and the batch window timeout.
Modify the Lambda function to delete each message from the SQS queue immediately after the message is read before processing.
Modify the Lambda function to delete each message from the SQS queue immediately after the message is read before processing.
Suggested answer: C
asked 16/09/2024
Dinu Jose Varghese
38 questions

Question 99

Report
Export
Collapse

A company is implementing a shared storage solution for a media application that is hosted m the AWS Cloud The company needs the ability to use SMB clients to access data The solution must he fully managed. Which AWS solution meets these requirements?

Create an AWS Storage Gateway volume gateway. Create a file share that uses the required client protocol Connect the application server to the tile share.
Create an AWS Storage Gateway volume gateway. Create a file share that uses the required client protocol Connect the application server to the tile share.
Create an AWS Storage Gateway tape gateway Configure (apes to use Amazon S3 Connect the application server lo the tape gateway
Create an AWS Storage Gateway tape gateway Configure (apes to use Amazon S3 Connect the application server lo the tape gateway
Create an Amazon EC2 Windows instance Install and configure a Windows file share role on the instance. Connect the application server to the file share.
Create an Amazon EC2 Windows instance Install and configure a Windows file share role on the instance. Connect the application server to the file share.
Create an Amazon FSx for Windows File Server tile system Attach the fie system to the origin server. Connect the application server to the tile system
Create an Amazon FSx for Windows File Server tile system Attach the fie system to the origin server. Connect the application server to the tile system
Suggested answer: D

Explanation:

Amazon FSx has native support for Windows file system features and for the industry-standard Server Message Block (SMB) protocol to access file storage over a network.https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what- is.html

asked 16/09/2024
martijn Spelt
41 questions

Question 100

Report
Export
Collapse

A company's containerized application runs on an Amazon EC2 instance. The application needs to download security certificates before it can communicate with other business applications. The company wants a highly secure solution to encrypt and decrypt the certificates in near real time. The solution also needs to store data in highly available storage after the data is encrypted. Which solution will meet these requirements with the LEAST operational overhead?

Create AWS Secrets Manager secrets for encrypted certificates. Manually update the certificates as needed. Control access to the data by using fine-grained IAM access.
Create AWS Secrets Manager secrets for encrypted certificates. Manually update the certificates as needed. Control access to the data by using fine-grained IAM access.
Create an AWS Lambda function that uses the Python cryptography library to receive and perform encryption operations. Store the function in an Amazon S3 bucket.
Create an AWS Lambda function that uses the Python cryptography library to receive and perform encryption operations. Store the function in an Amazon S3 bucket.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon S3.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon S3.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon Elastic Block Store (Amazon EBS) volumes.
Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon Elastic Block Store (Amazon EBS) volumes.
Suggested answer: C
asked 16/09/2024
Paul Beugelsdijk
40 questions
Total 1.002 questions
Go to page: of 101
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company hosts a web application on multiple Amazon EC2 instances The EC2 instances are in an Auto Scaling group that scales in response to user demand The company wants to optimize cost savings without making a long-term commitment Which EC2 instance purchasing option should a solutions architect recommend to meet these requirements'?
A solutions architect is developing a multiple-subnet VPC architecture. The solution will consist of six subnets in two Availability Zones. The subnets are defined as public, private and dedicated for databases. Only the Amazon EC2 instances running in the private subnets should be able to access a database. Which solution meets these requirements?
A company stores data in an on-premises Oracle relational database. The company needs to make the data available in Amazon Aurora PostgreSQL for analysis The company uses an AWS Site-to-Site VPN connection to connect its on-premises network to AWS. The company must capture the changes that occur to the source database during the migration to Aurora PostgreSQL. Which solution will meet these requirements?
A company recently signed a contract with an AWS Managed Service Provider (MSP) Partner for help with an application migration initiative. A solutions architect needs to share an Amazon Machine Image (AMI) from an existing AWS account with the MSP Partner's AWS account. The AMI is backed by Amazon Elastic Block Store (Amazon EBS) and uses a customer managed customer master key (CMK) to encrypt EBS volume snapshots. What is the MOST secure way for the solutions architect to share the AMI with the MSP Partner's AWS account?
A company is implementing a new application on AWS. The company will run the application on multiple Amazon EC2 instances across multiple Availability Zones within multiple AWS Regions. The application will be available through the internet. Users will access the application from around the world. The company wants to ensure that each user who accesses the application is sent to the EC2 instances that are closest to the user's location. Which solution will meet these requirements?
A development team uses multiple AWS accounts for its development, staging, and production environments. Team members have been launching large Amazon EC2 instances that are underutilized. A solutions architect must prevent large instances from being launched in all accounts. How can the solutions architect meet this requirement with the LEAST operational overhead?
A company stores customer data in a multitenant Amazon S3 bucket. Each customer's data is stored in a prefix that is unique to the customer. The company needs to migrate data for specific customers to a new. dedicated S3 bucket that is in the same AWS Region as the source bucket. The company must preserve object metadata such as creation date and version IDs. After the migration is finished, the company must delete the source data for the migrated customers from the original multitenant S3 bucket. Which combination of solutions will meet these requirements with the LEAST overhead? (Select THREE.)
A company hosts its multi-tier, public web application in the AWS Cloud. The web application runs on Amazon EC2 instances, and its database runs on Amazon RDS. The company is anticipating a large increase in sales during an upcoming holiday weekend. A solutions architect needs to build a solution to analyze the performance of the web application with a granularity of no more than 2 minutes. What should the solutions architect do to meet this requirement?
A company uses high concurrency AWS Lambda functions to process a constantly increasing number of messages in a message queue during marketing events. The Lambda functions use CPU intensive code to process the messages. The company wants to reduce the compute costs and to maintain service latency for its customers. Which solution will meet these requirements?
A solutions architect needs to connect a company's corporate network to its VPC to allow on-premises access to its AWS resources. The solution must provide encryption of all traffic between the corporate network and the VPC at the network layer and the session layer. The solution also must provide security controls to prevent unrestricted access between AWS and the on-premises systems. Which solution meets these requirements?