ExamGecko
Search Search Login
Home Home / Amazon / SAA-C03

Amazon SAA-C03 Practice Test - Questions Answers, Page 21

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A solutions architect is developing a multiple-subnet VPC architecture. The solution will consist of six subnets in two Availability Zones. The subnets are defined as public, private and dedicated for databases. Only the Amazon EC2 instances running in the private subnets should be able to access a database. Which solution meets these requirements?
A company creates operations data and stores the data in an Amazon S3 bucket for the company's annual audit, an external consultant needs to access an annual report that is stored in the S3 bucket. The external consultant needs to access the report for 7 days. The company must implement a solution to allow the external consultant access to only the report. Which solution will meet these requirements with the MOST operational efficiency?
A company stores data in an on-premises Oracle relational database. The company needs to make the data available in Amazon Aurora PostgreSQL for analysis The company uses an AWS Site-to-Site VPN connection to connect its on-premises network to AWS. The company must capture the changes that occur to the source database during the migration to Aurora PostgreSQL. Which solution will meet these requirements?
A development team uses multiple AWS accounts for its development, staging, and production environments. Team members have been launching large Amazon EC2 instances that are underutilized. A solutions architect must prevent large instances from being launched in all accounts. How can the solutions architect meet this requirement with the LEAST operational overhead?
A company hosts its multi-tier, public web application in the AWS Cloud. The web application runs on Amazon EC2 instances, and its database runs on Amazon RDS. The company is anticipating a large increase in sales during an upcoming holiday weekend. A solutions architect needs to build a solution to analyze the performance of the web application with a granularity of no more than 2 minutes. What should the solutions architect do to meet this requirement?
A company stores customer data in a multitenant Amazon S3 bucket. Each customer's data is stored in a prefix that is unique to the customer. The company needs to migrate data for specific customers to a new. dedicated S3 bucket that is in the same AWS Region as the source bucket. The company must preserve object metadata such as creation date and version IDs. After the migration is finished, the company must delete the source data for the migrated customers from the original multitenant S3 bucket. Which combination of solutions will meet these requirements with the LEAST overhead? (Select THREE.)
A company is implementing a new application on AWS. The company will run the application on multiple Amazon EC2 instances across multiple Availability Zones within multiple AWS Regions. The application will be available through the internet. Users will access the application from around the world. The company wants to ensure that each user who accesses the application is sent to the EC2 instances that are closest to the user's location. Which solution will meet these requirements?
A company hosts a web application on multiple Amazon EC2 instances The EC2 instances are in an Auto Scaling group that scales in response to user demand The company wants to optimize cost savings without making a long-term commitment Which EC2 instance purchasing option should a solutions architect recommend to meet these requirements'?
A company recently signed a contract with an AWS Managed Service Provider (MSP) Partner for help with an application migration initiative. A solutions architect needs to share an Amazon Machine Image (AMI) from an existing AWS account with the MSP Partner's AWS account. The AMI is backed by Amazon Elastic Block Store (Amazon EBS) and uses a customer managed customer master key (CMK) to encrypt EBS volume snapshots. What is the MOST secure way for the solutions architect to share the AMI with the MSP Partner's AWS account?
A financial services company plans to launch a new application on AWS to handle sensitive financial transactions. The company will deploy the application on Amazon EC2 instances. The company will use Amazon RDS for MySQL as the database. The company's security policies mandate that data must be encrypted at rest and in transit. Which solution will meet these requirements with the LEAST operational overhead?

Question 201

Report
Export
Collapse

An application runs on Amazon EC2 instances in private subnets. The application needs to access an Amazon DynamoDB table. What is the MOST secure way to access the table while ensuring that the traffic does not leave the AWS network?

A.
Use a VPC endpoint for DynamoDB.
A.
Use a VPC endpoint for DynamoDB.
Answers
B.
Use a NAT gateway in a public subnet.
B.
Use a NAT gateway in a public subnet.
Answers
C.
Use a NAT instance in a private subnet.
C.
Use a NAT instance in a private subnet.
Answers
D.
Use the internet gateway attached to the VPC.
D.
Use the internet gateway attached to the VPC.
Answers
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/vpc-endpointsdynamodb.html

A VPC endpoint for DynamoDB enables Amazon EC2 instances in your VPC to use their private IP addresses to access DynamoDB with no exposure to the public internet. Your EC2 instances do not require public IP addresses, and you don't need an internet gateway, a NAT device, or a virtual private gateway in your VPC. You use endpoint policies to control access to DynamoDB. Traffic between your VPC and the AWS service does not leave the Amazon network.

Question 202

Report
Export
Collapse

A company provides an API to its users that automates inquiries for tax computations based on item prices. The company experiences a larger number of inquiries during the holiday season only that cause slower response times. A solutions architect needs to design a solution that is scalable and elastic.

What should the solutions architect do to accomplish this?

A.
Provide an API hosted on an Amazon EC2 instance. The EC2 instance performs the required computations when the API request is made.
A.
Provide an API hosted on an Amazon EC2 instance. The EC2 instance performs the required computations when the API request is made.
Answers
B.
Design a REST API using Amazon API Gateway that accepts the item names. API Gateway passes item names to AWS Lambda for tax computations.
B.
Design a REST API using Amazon API Gateway that accepts the item names. API Gateway passes item names to AWS Lambda for tax computations.
Answers
C.
Create an Application Load Balancer that has two Amazon EC2 instances behind it. The EC2 instances will compute the tax on the received item names.
C.
Create an Application Load Balancer that has two Amazon EC2 instances behind it. The EC2 instances will compute the tax on the received item names.
Answers
D.
Design a REST API using Amazon API Gateway that connects with an API hosted on an Amazon EC2 instance. API Gateway accepts and passes the item names to the EC2 instance for tax computations.
D.
Design a REST API using Amazon API Gateway that connects with an API hosted on an Amazon EC2 instance. API Gateway accepts and passes the item names to the EC2 instance for tax computations.
Answers
Suggested answer: B

Explanation:

Lambda server-less is scalable and elastic than EC2 api gateway solution

Question 203

Report
Export
Collapse

A company wants to use high performance computing (HPC) infrastructure on AWS for financial risk modeling. The company's HPC workloads run on Linux. Each HPC workflow runs on hundreds of Amazon EC2 Spot Instances, is shorl- lived, and generates thousands of output files that are ultimately stored in persistent storage for analytics and long-term future use. The company seeks a cloud storage solution that permits the copying of on-premises data to longterm persistent storage to make data available for processing by all EC2 instances. The solution should also be a high performance file system that is integrated with persistent storage to read and write datasets and output files.

Which combination of AWS services meets these requirements?

A.
Amazon FSx for Lustre integrated with Amazon S3
A.
Amazon FSx for Lustre integrated with Amazon S3
Answers
B.
Amazon FSx for Windows File Server integrated with Amazon S3
B.
Amazon FSx for Windows File Server integrated with Amazon S3
Answers
C.
Amazon S3 Glacier integrated with Amazon Elastic Block Store (Amazon EBS)
C.
Amazon S3 Glacier integrated with Amazon Elastic Block Store (Amazon EBS)
Answers
D.
Amazon S3 bucket with a VPC endpoint integrated with an Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2) volume
D.
Amazon S3 bucket with a VPC endpoint integrated with an Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2) volume
Answers
Suggested answer: A

Explanation:

https://aws.amazon.com/fsx/lustre/

Amazon FSx for Lustre is a fully managed service that provides cost-effective, high-performance, scalable storage for compute workloads. Many workloads such as machine learning, high performance computing (HPC), video rendering, and financial simulations depend on compute instances accessing the same set of data through high-performance shared storage.

Question 204

Report
Export
Collapse

A company is running a publicly accessible serverless application that uses Amazon API Gateway and AWS Lambd a. The application's traffic recently spiked due to fraudulent requests from botnets. Which steps should a solutions architect take to block requests from unauthorized users? (Select TWO.)

A.
Create a usage plan with an API key that is shared with genuine users only.
A.
Create a usage plan with an API key that is shared with genuine users only.
Answers
B.
Integrate logic within the Lambda function to ignore the requests from fraudulent IP addresses.
B.
Integrate logic within the Lambda function to ignore the requests from fraudulent IP addresses.
Answers
C.
Implement an AWS WAF rule to target malicious requests and trigger actions to filter them out.
C.
Implement an AWS WAF rule to target malicious requests and trigger actions to filter them out.
Answers
D.
Convert the existing public API to a private API. Update the DNS records to redirect users to the new API endpoint.
D.
Convert the existing public API to a private API. Update the DNS records to redirect users to the new API endpoint.
Answers
E.
Create an IAM role for each user attempting to access the API. A user will assume the role when making the API call.
E.
Create an IAM role for each user attempting to access the API. A user will assume the role when making the API call.
Answers
Suggested answer: A, C

Explanation:

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usageplans.html#:~:text=Don%27t%20rely%20on%20API%20keys%20as%20your%20only%20means%20of%20authentication%20and%20authorization% 20for%20your%20APIs

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html

Question 205

Report
Export
Collapse

A solutions architect is designing the architecture of a new application being deployed to the AWS Cloud. The application will run on Amazon EC2 On-Demand Instances and will automatically scale across multiple Availability Zones. The EC2 instances will scale up and down frequently throughout the day. An Application Load Balancer (ALB) will handle the load distribution. The architecture needs to support distributed session data management. The company is willing to make changes to code if needed.

What should the solutions architect do to ensure that the architecture supports distributed session data management?

A.
Use Amazon ElastiCache to manage and store session data.
A.
Use Amazon ElastiCache to manage and store session data.
Answers
B.
Use session affinity (sticky sessions) of the ALB to manage session data.
B.
Use session affinity (sticky sessions) of the ALB to manage session data.
Answers
C.
Use Session Manager from AWS Systems Manager to manage the session.
C.
Use Session Manager from AWS Systems Manager to manage the session.
Answers
D.
Use the GetSessionToken API operation in AWS Security Token Service (AWS STS) to manage the session
D.
Use the GetSessionToken API operation in AWS Security Token Service (AWS STS) to manage the session
Answers
Suggested answer: A

Explanation:

https://aws.amazon.com/vi/caching/session-management/

In order to address scalability and to provide a shared data storage for sessions that can be accessible from any individual web server, you can abstract the HTTP sessions from the web servers themselves. A common solution to for this is to leverage an In-Memory Key/Value store such as Redis and Memcached. ElastiCache offerings for In-Memory key/value stores include ElastiCache for Redis, which can support replication, and ElastiCache for Memcached which does not support replication.

Question 206

Report
Export
Collapse

A company hosts a marketing website in an on-premises data center. The website consists of static documents and runs on a single server. An administrator updates the website content infrequently and uses an SFTP client to upload new documents.

The company decides to host its website on AWS and to use Amazon CloudFront. The company's solutions architect creates a CloudFront distribution. The solutions architect must design the most cost-effective and resilient architecture for website hosting to serve as the CloudFront origin.

Which solution will meet these requirements?

A.
Create a virtual server by using Amazon Lightsail. Configure the web server in the Lightsail instance. Upload website content by using an SFTP client.
A.
Create a virtual server by using Amazon Lightsail. Configure the web server in the Lightsail instance. Upload website content by using an SFTP client.
Answers
B.
Create an AWS Auto Scaling group for Amazon EC2 instances. Use an Application Load Balancer.Upload website content by using an SFTP client.
B.
Create an AWS Auto Scaling group for Amazon EC2 instances. Use an Application Load Balancer.Upload website content by using an SFTP client.
Answers
C.
Create a private Amazon S3 bucket. Use an S3 bucket policy to allow access from a CloudFront origin access identity (OAI). Upload website content by using theAWSCLI.
C.
Create a private Amazon S3 bucket. Use an S3 bucket policy to allow access from a CloudFront origin access identity (OAI). Upload website content by using theAWSCLI.
Answers
D.
Create a public Amazon S3 bucket. Configure AWS Transfer for SFTP. Configure the S3 bucket for website hosting. Upload website content by using the SFTP client.
D.
Create a public Amazon S3 bucket. Configure AWS Transfer for SFTP. Configure the S3 bucket for website hosting. Upload website content by using the SFTP client.
Answers
Suggested answer: C

Explanation:

https://docs.aws.amazon.com/cli/latest/reference/transfer/describe-server.html

Question 207

Report
Export
Collapse

A company is developing an ecommerce application that will consist of a load-balanced front end, a container-based application, and a relational database. A solutions architect needs to create a highly available solution that operates with as little manual intervention as possible.

Which solutions meet these requirements? (Select TWO.)

A.
Create an Amazon RDS DB instance in Multi-AZ mode.
A.
Create an Amazon RDS DB instance in Multi-AZ mode.
Answers
B.
Create an Amazon RDS DB instance and one or more replicas in another Availability Zone.
B.
Create an Amazon RDS DB instance and one or more replicas in another Availability Zone.
Answers
C.
Create an Amazon EC2 in stance-based Docker cluster to handle the dynamic application load.
C.
Create an Amazon EC2 in stance-based Docker cluster to handle the dynamic application load.
Answers
D.
Create an Amazon Elastic Container Service (Amazon ECS) cluster with a Fargate launch type to handle the dynamic application load.
D.
Create an Amazon Elastic Container Service (Amazon ECS) cluster with a Fargate launch type to handle the dynamic application load.
Answers
E.
Create an Amazon Elastic Container Service (Amazon ECS) cluster with an Amazon EC2 launch type to handle the dynamic application load.
E.
Create an Amazon Elastic Container Service (Amazon ECS) cluster with an Amazon EC2 launch type to handle the dynamic application load.
Answers
Suggested answer: A, D

Explanation:

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html

1. Relational database: RDS

2. Container-based applications: ECS

"Amazon ECS enables you to launch and stop your container-based applications by using simple API calls. You can also retrieve the state of your cluster from a centralized service and have access to many familiar Amazon EC2 features." 3. Little manual intervention: Fargate

You can run your tasks and services on a serverless infrastructure that is managed by AWS Fargate.

Alternatively, for more control over your infrastructure, you can run your tasks and services on a cluster of Amazon EC2 instances that you manage.

Question 208

Report
Export
Collapse

A company is designing a cloud communications platform that is driven by APIs. The application is hosted on Amazon EC2 instances behind a Network Load Balancer (NLB). The company uses Amazon API Gateway to provide external users with access to the application through APIs. The company wants to protect the platform against web exploits like SQL injection and also wants to detect and mitigate large, sophisticated DDoS attacks. Which combination of solutions provides the MOST protection? (Select TWO.)

A.
Use AWS WAF to protect the NLB.
A.
Use AWS WAF to protect the NLB.
Answers
B.
Use AWS Shield Advanced with the NLB.
B.
Use AWS Shield Advanced with the NLB.
Answers
C.
Use AWS WAF to protect Amazon API Gateway.
C.
Use AWS WAF to protect Amazon API Gateway.
Answers
D.
Use Amazon GuardDuty with AWS Shield Standard.
D.
Use Amazon GuardDuty with AWS Shield Standard.
Answers
E.
Use AWS Shield Standard with Amazon API Gateway.
E.
Use AWS Shield Standard with Amazon API Gateway.
Answers
Suggested answer: B, C

Explanation:

AWS Shield Advanced provides expanded DDoS attack protection for your Amazon EC2 instances, Elastic Load Balancing load balancers, CloudFront distributions, Route 53 hosted zones, and AWS Global Accelerator standard accelerators.AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to your protected web application resources. You can protect the following resource types:Amazon CloudFront distribution Amazon API Gateway REST API Application Load Balancer AWS AppSync GraphQL API Amazon Cognito user pool https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.htm

Question 209

Report
Export
Collapse


A company is running a batch application on Amazon EC2 instances. The application consists of a backend with multiple Amazon RDS databases. The application is causing a high number of leads on the databases. A solutions architect must reduce the number of database reads while ensuring high availability.

What should the solutions architect do to meet this requirement?

A.
Add Amazon RDS read replicas
A.
Add Amazon RDS read replicas
Answers
B.
Use Amazon ElasbCache for Redls
B.
Use Amazon ElasbCache for Redls
Answers
C.
Use Amazon Route 53 DNS caching
C.
Use Amazon Route 53 DNS caching
Answers
D.
Use Amazon ElastiCache for Memcached
D.
Use Amazon ElastiCache for Memcached
Answers
Suggested answer: A

Question 210

Report
Export
Collapse

A company has a web application that is based on Java and PHP. The company plans to move the application from on premises to AWS. The company needs the ability to test new site features frequently. The company also needs a highly available and managed solution that requires minimum operational overhead.

Which solution will meet these requirements?

A.
Create an Amazon S3 bucket Enable static web hosting on the S3 bucket Upload the static content to the S3 bucket Use AWS Lambda to process all dynamic content
A.
Create an Amazon S3 bucket Enable static web hosting on the S3 bucket Upload the static content to the S3 bucket Use AWS Lambda to process all dynamic content
Answers
B.
Deploy the web application to an AWS Elastic Beanstalk environment Use URL swapping to switch between multiple Elastic Beanstalk environments for feature testing
B.
Deploy the web application to an AWS Elastic Beanstalk environment Use URL swapping to switch between multiple Elastic Beanstalk environments for feature testing
Answers
C.
Deploy the web application lo Amazon EC2 instances that are configured with Java and PHP Use Auto Scaling groups and an Application Load Balancer to manage the website's availability
C.
Deploy the web application lo Amazon EC2 instances that are configured with Java and PHP Use Auto Scaling groups and an Application Load Balancer to manage the website's availability
Answers
D.
Containerize the web application Deploy the web application to Amazon EC2 instances Use the AWS Load Balancer Controller to dynamically route traffic between containers thai contain the new site features for testing
D.
Containerize the web application Deploy the web application to Amazon EC2 instances Use the AWS Load Balancer Controller to dynamically route traffic between containers thai contain the new site features for testing
Answers
Suggested answer: B
Total 886 questions
Go to page: of 89
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms