ExamGecko
Login
Home / Amazon / SAA-C03 / List of questions
Ask Question

Amazon SAA-C03 Practice Test - Questions Answers, Page 33

List of questions

Question 321

Report
Export
Collapse

A solutions architect is designing the architecture for a software demonstration environment The environment will run on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB) The system will experience significant increases in traffic during working hours but Is not required to operate on weekends. Which combination of actions should the solutions architect take to ensure that the system can scale to meet demand? (Select TWO)

Use AWS Auto Scaling to adjust the ALB capacity based on request rate
Use AWS Auto Scaling to adjust the ALB capacity based on request rate
Use AWS Auto Scaling to scale the capacity of the VPC internet gateway
Use AWS Auto Scaling to scale the capacity of the VPC internet gateway
Launch the EC2 instances in multiple AWS Regions to distribute the load across Regions
Launch the EC2 instances in multiple AWS Regions to distribute the load across Regions
Use a target tracking scaling policy to scale the Auto Scaling group based on instance CPU utilization
Use a target tracking scaling policy to scale the Auto Scaling group based on instance CPU utilization
Use scheduled scaling to change the Auto Scaling group minimum, maximum, and desired capacity to zero for weekends Revert to the default values at the start of the week
Use scheduled scaling to change the Auto Scaling group minimum, maximum, and desired capacity to zero for weekends Revert to the default values at the start of the week
Suggested answer: D, E
asked 16/09/2024
Daria Frutskaya
42 questions

Question 322

Report
Export
Collapse

A company has deployed a server less application that invokes an AWS Lambda function when new documents are uploaded to an Amazon S3 bucket The application uses the Lambda function to process the documents After a recent marketing campaign the company noticed that the application did not process many of The documents What should a solutions architect do to improve the architecture of this application?

Set the Lambda function's runtime timeout value to 15 minutes
Set the Lambda function's runtime timeout value to 15 minutes
Configure an S3 bucket replication policy Stage the documents m the S3 bucket for later processing
Configure an S3 bucket replication policy Stage the documents m the S3 bucket for later processing
Deploy an additional Lambda function Load balance the processing of the documents across the two Lambda functions
Deploy an additional Lambda function Load balance the processing of the documents across the two Lambda functions
Create an Amazon Simple Queue Service (Amazon SOS) queue Send the requests to the queue Configure the queue as an event source for Lambda.
Create an Amazon Simple Queue Service (Amazon SOS) queue Send the requests to the queue Configure the queue as an event source for Lambda.
Suggested answer: D

Explanation:

To improve the architecture of this application, the best solution would be to use Amazon Simple Queue Service (Amazon SQS) to buffer the requests and decouple the S3 bucket from the Lambda function. This will ensure that the documents are not lost and can be processed at a later time if the Lambda function is not available. This will ensure that the documents are not lost and can be processed at a later time if the Lambda function is not available. By using Amazon SQS, the architecture is decoupled and the Lambda function can process the documents in a scalable and fault-tolerant manner


asked 16/09/2024
Velmurugan P
42 questions

Question 323

Report
Export
Collapse

A developer has an application that uses an AWS Lambda function to upload files to Amazon S3 and needs the required permissions to perform the task The developer already has an IAM user with valid IAM credentials required for Amazon S3 What should a solutions architect do to grant the permissions?

Add required IAM permissions in the resource policy of the Lambda function
Add required IAM permissions in the resource policy of the Lambda function
Create a signed request using the existing IAM credentials n the Lambda function
Create a signed request using the existing IAM credentials n the Lambda function
Create a new IAM user and use the existing IAM credentials in the Lambda function.
Create a new IAM user and use the existing IAM credentials in the Lambda function.
Create an IAM execution role with the required permissions and attach the IAM rote to the Lambda function
Create an IAM execution role with the required permissions and attach the IAM rote to the Lambda function
Suggested answer: D

Explanation:

To grant the necessary permissions to an AWS Lambda function to upload files to Amazon S3, a solutions architect should create an IAM execution role with the required permissions and attach the IAM role to


asked 16/09/2024
Elias Lopez III
44 questions

Question 324

Report
Export
Collapse

A company has a large dataset for its online advertising business stored in an Amazon RDS for MySQL DB instance in a single Availability Zone. The company wants business reporting queries to run without impacting the write operations to the production DB instance.

Which solution meets these requirements?

Deploy RDS read replicas to process the business reporting queries.
Deploy RDS read replicas to process the business reporting queries.
Scale out the DB instance horizontally by placing it behind an Elastic Load Balancer
Scale out the DB instance horizontally by placing it behind an Elastic Load Balancer
Scale up the DB instance to a larger instance type to handle write operations and queries
Scale up the DB instance to a larger instance type to handle write operations and queries
Deploy the OB distance in multiple Availability Zones to process the business reporting queries
Deploy the OB distance in multiple Availability Zones to process the business reporting queries
Suggested answer: A

Explanation:


asked 16/09/2024
Rodrigo Serrano dos Santos
38 questions

Question 325

Report
Export
Collapse

A meteorological startup company has a custom web application to sell weather data to its users online. The company uses Amazon DynamoDB to store is data and wants to bu4d a new service that sends an alert to the managers of four Internal teams every time a new weather event is recorded.

The company does not want true new service to affect the performance of the current application What should a solutions architect do to meet these requirement with the LEAST amount of operational overhead?

Use DynamoDB transactions to write new event data to the table Configure the transactions to notify internal teams.
Use DynamoDB transactions to write new event data to the table Configure the transactions to notify internal teams.
Have the current application publish a message to four Amazon Simple Notification Service(Amazon SNS) topics. Have each team subscribe to one topic.
Have the current application publish a message to four Amazon Simple Notification Service(Amazon SNS) topics. Have each team subscribe to one topic.
Enable Amazon DynamoDB Streams on the table. Use triggers to write to a mingle Amazon Simple Notification Service (Amazon SNS) topic to which the teams can subscribe.
Enable Amazon DynamoDB Streams on the table. Use triggers to write to a mingle Amazon Simple Notification Service (Amazon SNS) topic to which the teams can subscribe.
Add a custom attribute to each record to flag new items. Write a cron job that scans the table every minute for items that are new and notifies an Amazon Simple Queue Service (Amazon SOS) queue to which the teams can subscribe.
Add a custom attribute to each record to flag new items. Write a cron job that scans the table every minute for items that are new and notifies an Amazon Simple Queue Service (Amazon SOS) queue to which the teams can subscribe.
Suggested answer: C
asked 16/09/2024
chanon witchajutakul
28 questions

Question 326

Report
Export
Collapse

A company is developing a real-time multiplayer game that uses UDP for communications between the client and servers In an Auto Scaling group Spikes in demand are anticipated during the day, so the game server platform must adapt accordingly Developers want to store gamer scores and other non-relational data in a database solution that will scale without intervention Which solution should a solutions architect recommend?

Use Amazon Route 53 for traffic distribution and Amazon Aurora Serverless for data storage
Use Amazon Route 53 for traffic distribution and Amazon Aurora Serverless for data storage
Use a Network Load Balancer for traffic distribution and Amazon DynamoDB on-demand for data storage
Use a Network Load Balancer for traffic distribution and Amazon DynamoDB on-demand for data storage
Use a Network Load Balancer for traffic distribution and Amazon Aurora Global Database for data storage
Use a Network Load Balancer for traffic distribution and Amazon Aurora Global Database for data storage
Use an Application Load Balancer for traffic distribution and Amazon DynamoDB global tables for data storage
Use an Application Load Balancer for traffic distribution and Amazon DynamoDB global tables for data storage
Suggested answer: B
asked 16/09/2024
Aamer Shahzad
32 questions

Question 327

Report
Export
Collapse

A company needs to create an Amazon Elastic Kubernetes Service (Amazon EKS) cluster to host a digital media streaming application. The EKS cluster will use a managed node group that is backed by Amazon Elastic Block Store (Amazon EBS) volumes for storage. The company must encrypt all data at rest by using a customer managed key that is stored in AWS Key Management Service (AWS KMS) Which combination of actions will meet this requirement with the LEAST operational overhead?

(Select TWO.)

Use a Kubernetes plugin that uses the customer managed key to perform data encryption.
Use a Kubernetes plugin that uses the customer managed key to perform data encryption.
After creation of the EKS cluster, locate the EBS volumes. Enable encryption by using the customer managed key.
After creation of the EKS cluster, locate the EBS volumes. Enable encryption by using the customer managed key.
Enable EBS encryption by default in the AWS Region where the EKS cluster will be created. Select the customer managed key as the default key.
Enable EBS encryption by default in the AWS Region where the EKS cluster will be created. Select the customer managed key as the default key.
Create the EKS cluster Create an IAM role that has cuwlicy that grants permission to the customer managed key. Associate the role with the EKS cluster.
Create the EKS cluster Create an IAM role that has cuwlicy that grants permission to the customer managed key. Associate the role with the EKS cluster.
Store the customer managed key as a Kubernetes secret in the EKS cluster. Use the customer managed key to encrypt the EBS volumes.
Store the customer managed key as a Kubernetes secret in the EKS cluster. Use the customer managed key to encrypt the EBS volumes.
Suggested answer: A, D

Explanation:

EBS encryption by default is a feature that enables encryption for all new EBS volumes and snapshots created in a Region1. EBS encryption by default uses a service managed key or a customer managed key that is stored in AWS KMS1. EBS encryption by default is suitable for scenarios where data at rest must be encrypted by using a customer managed key, such as the digital media streaming application in the scenario1.

To meet the requirements of the scenario, the solutions architect should enable EBS encryption by default in the AWS Region where the EKS cluster will be created. The solutions architect should select the customer managed key as the default key for encryption1. This way, all new EBS volumes and snapshots created in that Region will be encrypted by using the customer managed key. EKS encryption provider support is a feature that enables envelope encryption of Kubernetes secrets in EKS with a customer managed key that is stored in AWS KMS2. Envelope encryption means that data is encrypted by data encryption keys (DEKs) using AES-GCM; DEKs are encrypted by key encryption keys (KEKs) according to configuration in AWS KMS3. EKS encryption provider support is suitable for scenarios where secrets must be encrypted by using a customer managed key, such as the digital media streaming application in the scenario2. To meet the requirements of the scenario, the solutions architect should create the EKS cluster and create an IAM role that has a policy that grants permission to the customer managed key. The solutions architect should associate the role with the EKS cluster2. This way, the EKS cluster can use envelope encryption of Kubernetes secrets with the customer managed key.


asked 16/09/2024
Landry Tankam
38 questions

Question 328

Report
Export
Collapse

A company has a web application with sporadic usage patterns There is heavy usage at the beginning of each month moderate usage at the start of each week and unpredictable usage during the week The application consists of a web server and a MySQL database server running inside the data center The company would like to move the application to the AWS Cloud and needs to select a costeffective database platform that will not require database modifications Which solution will meet these requirements?

Amazon DynamoDB
Amazon DynamoDB
Amazon RDS for MySQL
Amazon RDS for MySQL
MySQL-compatible Amazon Aurora Serverless
MySQL-compatible Amazon Aurora Serverless
MySQL deployed on Amazon EC2 in an Auto Scaling group
MySQL deployed on Amazon EC2 in an Auto Scaling group
Suggested answer: C

Explanation:

Amazon RDS for MySQL is a fully-managed relational database service that makes it easy to set up, operate, and scale MySQL deployments in the cloud. Amazon Aurora Serverless is an on-demand, auto- scaling configuration for Amazon Aurora (MySQL-compatible edition), where the database will automatically start up, shut down, and scale capacity up or down based on your application's needs. It is a simple, cost-effective option for infrequent, intermittent, or unpredictable workloads


asked 16/09/2024
Lukas Reker
31 questions

Question 329

Report
Export
Collapse

A company uses a payment processing system that requires messages for a particular payment ID to be received in the same order that they were sent Otherwise, the payments might be processed incorrectly. Which actions should a solutions architect take to meet this requirement? (Select TWO.)

Write the messages to an Amazon DynamoDB table with the payment ID as the partition key
Write the messages to an Amazon DynamoDB table with the payment ID as the partition key
Write the messages to an Amazon Kinesis data stream with the payment ID as the partition key.
Write the messages to an Amazon Kinesis data stream with the payment ID as the partition key.
Write the messages to an Amazon ElastiCache for Memcached cluster with the payment ID as the key
Write the messages to an Amazon ElastiCache for Memcached cluster with the payment ID as the key
Write the messages to an Amazon Simple Queue Service (Amazon SQS) queue Set the message attribute to use the payment ID
Write the messages to an Amazon Simple Queue Service (Amazon SQS) queue Set the message attribute to use the payment ID
Write the messages to an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Set the message group to use the payment ID.
Write the messages to an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Set the message group to use the payment ID.
Suggested answer: B, E

Explanation:


asked 16/09/2024
C/1094 WOLOGUEDE COTONOU – BENIN STEVE
32 questions

Question 330

Report
Export
Collapse

An IAM user made several configuration changes to AWS resources m their company's account during a production deployment last week. A solutions architect learned that a couple of security group rules are not configured as desired. The solutions architect wants to confirm which IAM user was responsible for making changes.

Which service should the solutions architect use to find the desired information?

Amazon GuardDuty
Amazon GuardDuty
Amazon Inspector
Amazon Inspector
AWS CloudTrail
AWS CloudTrail
AWS Config
AWS Config
Suggested answer: C
asked 16/09/2024
Eusebio Adrian
33 questions
Total 1.002 questions
Go to page: of 101
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company hosts a web application on multiple Amazon EC2 instances The EC2 instances are in an Auto Scaling group that scales in response to user demand The company wants to optimize cost savings without making a long-term commitment Which EC2 instance purchasing option should a solutions architect recommend to meet these requirements'?
A solutions architect is developing a multiple-subnet VPC architecture. The solution will consist of six subnets in two Availability Zones. The subnets are defined as public, private and dedicated for databases. Only the Amazon EC2 instances running in the private subnets should be able to access a database. Which solution meets these requirements?
A company stores data in an on-premises Oracle relational database. The company needs to make the data available in Amazon Aurora PostgreSQL for analysis The company uses an AWS Site-to-Site VPN connection to connect its on-premises network to AWS. The company must capture the changes that occur to the source database during the migration to Aurora PostgreSQL. Which solution will meet these requirements?
A company recently signed a contract with an AWS Managed Service Provider (MSP) Partner for help with an application migration initiative. A solutions architect needs to share an Amazon Machine Image (AMI) from an existing AWS account with the MSP Partner's AWS account. The AMI is backed by Amazon Elastic Block Store (Amazon EBS) and uses a customer managed customer master key (CMK) to encrypt EBS volume snapshots. What is the MOST secure way for the solutions architect to share the AMI with the MSP Partner's AWS account?
A company is implementing a new application on AWS. The company will run the application on multiple Amazon EC2 instances across multiple Availability Zones within multiple AWS Regions. The application will be available through the internet. Users will access the application from around the world. The company wants to ensure that each user who accesses the application is sent to the EC2 instances that are closest to the user's location. Which solution will meet these requirements?
A development team uses multiple AWS accounts for its development, staging, and production environments. Team members have been launching large Amazon EC2 instances that are underutilized. A solutions architect must prevent large instances from being launched in all accounts. How can the solutions architect meet this requirement with the LEAST operational overhead?
A company stores customer data in a multitenant Amazon S3 bucket. Each customer's data is stored in a prefix that is unique to the customer. The company needs to migrate data for specific customers to a new. dedicated S3 bucket that is in the same AWS Region as the source bucket. The company must preserve object metadata such as creation date and version IDs. After the migration is finished, the company must delete the source data for the migrated customers from the original multitenant S3 bucket. Which combination of solutions will meet these requirements with the LEAST overhead? (Select THREE.)
A company hosts its multi-tier, public web application in the AWS Cloud. The web application runs on Amazon EC2 instances, and its database runs on Amazon RDS. The company is anticipating a large increase in sales during an upcoming holiday weekend. A solutions architect needs to build a solution to analyze the performance of the web application with a granularity of no more than 2 minutes. What should the solutions architect do to meet this requirement?
A company uses high concurrency AWS Lambda functions to process a constantly increasing number of messages in a message queue during marketing events. The Lambda functions use CPU intensive code to process the messages. The company wants to reduce the compute costs and to maintain service latency for its customers. Which solution will meet these requirements?
A solutions architect needs to connect a company's corporate network to its VPC to allow on-premises access to its AWS resources. The solution must provide encryption of all traffic between the corporate network and the VPC at the network layer and the session layer. The solution also must provide security controls to prevent unrestricted access between AWS and the on-premises systems. Which solution meets these requirements?