ExamGecko
Login
Home / Amazon / SAA-C03 / List of questions
Ask Question

Amazon SAA-C03 Practice Test - Questions Answers, Page 38

List of questions

Question 371

Report
Export
Collapse

A company’s compliance team needs to move its file shares to AWS. The shares run on a Windows Server SMB file share. A self-managed on-premises Active Directory controls access to the files and folders. The company wants to use Amazon FSx for Windows File Server as part of the solution. The company must ensure that the on-premises Active Directory groups restrict access to the FSx for Windows File Server SMB compliance shares, folders, and files after the move to AWS. The company has created an FSx for Windows File Server file system. Which solution will meet these requirements?

Create an Active Directory Connector to connect to the Active Directory. Map the Active Directory groups to IAM groups to restrict access.
Create an Active Directory Connector to connect to the Active Directory. Map the Active Directory groups to IAM groups to restrict access.
Assign a tag with a Restrict tag key and a Compliance tag value. Map the Active Directory groups to IAM groups to restrict access.
Assign a tag with a Restrict tag key and a Compliance tag value. Map the Active Directory groups to IAM groups to restrict access.
Create an IAM service-linked role that is linked directly to FSx for Windows File Server to restrict access.
Create an IAM service-linked role that is linked directly to FSx for Windows File Server to restrict access.
Join the file system to the Active Directory to restrict access.
Join the file system to the Active Directory to restrict access.
Suggested answer: D

Explanation:

Joining the FSx for Windows File Server file system to the on-premises Active Directory will allow the company to use the existing Active Directory groups to restrict access to the file shares, folders, and files after the move to AWS. This option allows the company to continue using their existing access controls and management structure, making the transition to AWS more seamless.

asked 16/09/2024
Serhan Azdiken
37 questions

Question 372

Report
Export
Collapse

A solutions architect has created two IAM policies: Policy1 and Policy2. Both policies are attached to an IAM group.

Amazon SAA-C03 image Question 372 5283 09162024005823000000Amazon SAA-C03 image Question 372 5283 09162024005823000000

Amazon SAA-C03 image Question 372 5283 09162024005823000000Amazon SAA-C03 image Question 372 5283 09162024005823000000

A cloud engineer is added as an IAM user to the IAM group. Which action will the cloud engineer be able to perform?

Deleting IAM users
Deleting IAM users
Deleting directories
Deleting directories
Deleting Amazon EC2 instances
Deleting Amazon EC2 instances
Deleting logs from Amazon CloudWatch Logs
Deleting logs from Amazon CloudWatch Logs
Suggested answer: C

Explanation:

https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ds/index.html

asked 16/09/2024
alex aguirre
43 questions

Question 373

Report
Export
Collapse

A company is reviewing a recent migration of a three-tier application to a VPC. The security team discovers that the principle of least privilege is not being applied to Amazon EC2 security group ingress and egress rules between the application tiers.

What should a solutions architect do to correct this issue?

Create security group rules using the instance ID as the source or destination.
Create security group rules using the instance ID as the source or destination.
Create security group rules using the security group ID as the source or destination.
Create security group rules using the security group ID as the source or destination.
Create security group rules using the VPC CIDR blocks as the source or destination.
Create security group rules using the VPC CIDR blocks as the source or destination.
Create security group rules using the subnet CIDR blocks as the source or destination.
Create security group rules using the subnet CIDR blocks as the source or destination.
Suggested answer: B

Explanation:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules.html

asked 16/09/2024
Alexander Castro
42 questions

Question 374

Report
Export
Collapse

A company has deployed a database in Amazon RDS for MySQL. Due to increased transactions, the database support team is reporting slow reads against the DB instance and recommends adding a read replica. Which combination of actions should a solutions architect take before implementing this change?

(Choose two.)

Enable binlog replication on the RDS primary node.
Enable binlog replication on the RDS primary node.
Choose a failover priority for the source DB instance.
Choose a failover priority for the source DB instance.
Allow long-running transactions to complete on the source DB instance.
Allow long-running transactions to complete on the source DB instance.
Create a global table and specify the AWS Regions where the table will be available.
Create a global table and specify the AWS Regions where the table will be available.
Enable automatic backups on the source instance by setting the backup retention period to a value other than 0.
Enable automatic backups on the source instance by setting the backup retention period to a value other than 0.
Suggested answer: C, E

Explanation:

"An active, long-running transaction can slow the process of creating the read replica. We recommend that you wait for long-running transactions to complete before creating a read replica. If you create multiple read replicas in parallel from the same source DB instance, Amazon RDS takes only one snapshot at the start of the first create action. When creating a read replica, there are a few things to consider. First, you must enable automatic backups on the source DB instance by setting the backup retention period to a value other than 0. This requirement also applies to a read replica that is the source DB instance for another read replica" https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html

asked 16/09/2024
Krzychu Kn
42 questions

Question 375

Report
Export
Collapse

A company hosts its web application on AWS using seven Amazon EC2 instances. The company requires that the IP addresses of all healthy EC2 instances be returned in response to DNS queries. Which policy should be used to meet this requirement?

Simple routing policy
Simple routing policy
Latency routing policy
Latency routing policy
Multivalue routing policy
Multivalue routing policy
Geolocation routing policy
Geolocation routing policy
Suggested answer: C

Explanation:

Use a multivalue answer routing policy to help distribute DNS responses across multiple resources.

For example, use multivalue answer routing when you want to associate your routing records with a Route 53 health check. For example, use multivalue answer routing when you need to return multiple values for a DNS query and route traffic to multiple IP addresses.

https://aws.amazon.com/premiumsupport/knowledge-center/multivalue-versus-simple-policies/

asked 16/09/2024
Ahmed Ebrahim
44 questions

Question 376

Report
Export
Collapse

A medical research lab produces data that is related to a new study. The lab wants to make the data available with minimum latency to clinics across the country for their on-premises, file-based applications. The data files are stored in an Amazon S3 bucket that has read-only permissions for each clinic.

What should a solutions architect recommend to meet these requirements?

Deploy an AWS Storage Gateway file gateway as a virtual machine (VM) on premises at each clinic
Deploy an AWS Storage Gateway file gateway as a virtual machine (VM) on premises at each clinic
Migrate the files to each clinic’s on-premises applications by using AWS DataSync for processing.
Migrate the files to each clinic’s on-premises applications by using AWS DataSync for processing.
Deploy an AWS Storage Gateway volume gateway as a virtual machine (VM) on premises at each clinic.
Deploy an AWS Storage Gateway volume gateway as a virtual machine (VM) on premises at each clinic.
Attach an Amazon Elastic File System (Amazon EFS) file system to each clinic’s on-premises servers.
Attach an Amazon Elastic File System (Amazon EFS) file system to each clinic’s on-premises servers.
Suggested answer: A

Explanation:

AWS Storage Gateway is a service that connects an on-premises software appliance with cloud-based storage to provide seamless and secure integration between an organization's on-premises IT environment and AWS's storage infrastructure. By deploying a file gateway as a virtual machine on each clinic's premises, the medical research lab can provide low-latency access to the data stored in the S3 bucket while maintaining read-only permissions for each clinic. This solution allows the clinics to access the data files directly from their on-premises file-based applications without the need for data transfer or migration.

asked 16/09/2024
Louis Reeves
44 questions

Question 377

Report
Export
Collapse

A company is using a content management system that runs on a single Amazon EC2 instance. The EC2 instance contains both the web server and the database software. The company must make its website platform highly available and must enable the website to scale to meet user demand.

What should a solutions architect recommend to meet these requirements?

Move the database to Amazon RDS, and enable automatic backups. Manually launch another EC2 instance in the same Availability Zone. Configure an Application Load Balancer in the Availability Zone, and set the two instances as targets.
Move the database to Amazon RDS, and enable automatic backups. Manually launch another EC2 instance in the same Availability Zone. Configure an Application Load Balancer in the Availability Zone, and set the two instances as targets.
Migrate the database to an Amazon Aurora instance with a read replica in the same Availability Zone as the existing EC2 instance. Manually launch another EC2 instance in the same Availability Zone. Configure an Application Load Balancer, and set the two EC2 instances as targets.
Migrate the database to an Amazon Aurora instance with a read replica in the same Availability Zone as the existing EC2 instance. Manually launch another EC2 instance in the same Availability Zone. Configure an Application Load Balancer, and set the two EC2 instances as targets.
Move the database to Amazon Aurora with a read replica in another Availability Zone. Create an Amazon Machine Image (AMI) from the EC2 instance. Configure an Application Load Balancer in two Availability Zones. Attach an Auto Scaling group that uses the AMI across two Availability Zones.
Move the database to Amazon Aurora with a read replica in another Availability Zone. Create an Amazon Machine Image (AMI) from the EC2 instance. Configure an Application Load Balancer in two Availability Zones. Attach an Auto Scaling group that uses the AMI across two Availability Zones.
Move the database to a separate EC2 instance, and schedule backups to Amazon S3. Create an Amazon Machine Image (AMI) from the original EC2 instance. Configure an Application Load Balancer in two Availability Zones. Attach an Auto Scaling group that uses the AMI across two Availability Zones.
Move the database to a separate EC2 instance, and schedule backups to Amazon S3. Create an Amazon Machine Image (AMI) from the original EC2 instance. Configure an Application Load Balancer in two Availability Zones. Attach an Auto Scaling group that uses the AMI across two Availability Zones.
Suggested answer: C

Explanation:

This approach will provide both high availability and scalability for the website platform. By moving the database to Amazon Aurora with a read replica in another availability zone, it will provide a failover option for the database. The use of an Application Load Balancer and an Auto Scaling group across two availability zones allows for automatic scaling of the website to meet increased user demand. Additionally, creating an AMI from the original EC2 instance allows for easy replication of the instance in case of failure.

asked 16/09/2024
James Williams
34 questions

Question 378

Report
Export
Collapse

A company has a three-tier application for image sharing. The application uses an Amazon EC2 instance for the front-end layer, another EC2 instance for the application layer, and a third EC2 instance for a MySQL database. A solutions architect must design a scalable and highly available solution that requires the least amount of change to the application. Which solution meets these requirements?

Use Amazon S3 to host the front-end layer. Use AWS Lambda functions for the application layer.Move the database to an Amazon DynamoDB table. Use Amazon S3 to store and serve users’ images.
Use Amazon S3 to host the front-end layer. Use AWS Lambda functions for the application layer.Move the database to an Amazon DynamoDB table. Use Amazon S3 to store and serve users’ images.
Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end layer and the application layer. Move the database to an Amazon RDS DB instance with multiple read replicas to serve users’ images.
Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end layer and the application layer. Move the database to an Amazon RDS DB instance with multiple read replicas to serve users’ images.
Use Amazon S3 to host the front-end layer. Use a fleet of EC2 instances in an Auto Scaling group for the application layer. Move the database to a memory optimized instance type to store and serve users’ images.
Use Amazon S3 to host the front-end layer. Use a fleet of EC2 instances in an Auto Scaling group for the application layer. Move the database to a memory optimized instance type to store and serve users’ images.
Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end layer and the application layer. Move the database to an Amazon RDS Multi-AZ DB instance. Use Amazon S3 to store and serve users’ images.
Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end layer and the application layer. Move the database to an Amazon RDS Multi-AZ DB instance. Use Amazon S3 to store and serve users’ images.
Suggested answer: D

Explanation:

Explanation: for "Highly available": Multi-AZ & for "least amount of changes to the application": Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring

asked 16/09/2024
Ibrahim Isaaq
31 questions

Question 379

Report
Export
Collapse

An application running on an Amazon EC2 instance in VPC-A needs to access files in another EC2 instance in VPC-B. Both VPCs are in separate AWS accounts. The network administrator needs to design a solution to configure secure access to EC2 instance in VPC-B from VPCA.

The connectivity should not have a single point of failure or bandwidth concerns.

Which solution will meet these requirements?

Set up a VPC peering connection between VPC-A and VPC-B.
Set up a VPC peering connection between VPC-A and VPC-B.
Set up VPC gateway endpoints for the EC2 instance running in VPC-B.
Set up VPC gateway endpoints for the EC2 instance running in VPC-B.
Attach a virtual private gateway to VPC-B and set up routing from VPC-A.
Attach a virtual private gateway to VPC-B and set up routing from VPC-A.
Create a private virtual interface (VIF) for the EC2 instance running in VPC-B and add appropriate routes from VPC-A.
Create a private virtual interface (VIF) for the EC2 instance running in VPC-B and add appropriate routes from VPC-A.
Suggested answer: A

Explanation:

AWS uses the existing infrastructure of a VPC to create a VPC peering connection; it is neither a gateway nor a VPN connection, and does not rely on a separate piece of physical hardware. There is no single point of failure for communication or a bandwidth bottleneck.

https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html

asked 16/09/2024
Jonathan Dowds
37 questions

Question 380

Report
Export
Collapse

A company wants to experiment with individual AWS accounts for its engineer team. The company wants to be notified as soon as the Amazon EC2 instance usage for a given month exceeds a specific threshold for each account. What should a solutions architect do to meet this requirement MOST cost-effectively?

Use Cost Explorer to create a daily report of costs by service. Filter the report by EC2 instances. Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded.
Use Cost Explorer to create a daily report of costs by service. Filter the report by EC2 instances. Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded.
Use Cost Explorer to create a monthly report of costs by service. Filter the report by EC2 instances. Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded.
Use Cost Explorer to create a monthly report of costs by service. Filter the report by EC2 instances. Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded.
Use AWS Budgets to create a cost budget for each account. Set the period to monthly. Set the scope to EC2 instances. Set an alert threshold for the budget. Configure an Amazon Simple Notification Service (Amazon SNS) topic to receive a notification when a threshold is exceeded.
Use AWS Budgets to create a cost budget for each account. Set the period to monthly. Set the scope to EC2 instances. Set an alert threshold for the budget. Configure an Amazon Simple Notification Service (Amazon SNS) topic to receive a notification when a threshold is exceeded.
Use AWS Cost and Usage Reports to create a report with hourly granularity. Integrate the report data with Amazon Athena. Use Amazon EventBridge to schedule an Athena query. Configure an Amazon Simple Notification Service (Amazon SNS) topic to receive a notification when a threshold is exceeded.
Use AWS Cost and Usage Reports to create a report with hourly granularity. Integrate the report data with Amazon Athena. Use Amazon EventBridge to schedule an Athena query. Configure an Amazon Simple Notification Service (Amazon SNS) topic to receive a notification when a threshold is exceeded.
Suggested answer: C

Explanation:

AWS Budgets allows you to create budgets for your AWS accounts and set alerts when usage exceeds a certain threshold. By creating a budget for each account, specifying the period as monthly and the scope as EC2 instances, you can effectively track the EC2 usage for each account and be notified when a threshold is exceeded. This solution is the most cost-effective option as it does not require additional resources such as Amazon Athena or Amazon EventBridge.

asked 16/09/2024
mckeon mackey
31 questions
Total 1.002 questions
Go to page: of 101
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company hosts a web application on multiple Amazon EC2 instances The EC2 instances are in an Auto Scaling group that scales in response to user demand The company wants to optimize cost savings without making a long-term commitment Which EC2 instance purchasing option should a solutions architect recommend to meet these requirements'?
A solutions architect is developing a multiple-subnet VPC architecture. The solution will consist of six subnets in two Availability Zones. The subnets are defined as public, private and dedicated for databases. Only the Amazon EC2 instances running in the private subnets should be able to access a database. Which solution meets these requirements?
A company stores data in an on-premises Oracle relational database. The company needs to make the data available in Amazon Aurora PostgreSQL for analysis The company uses an AWS Site-to-Site VPN connection to connect its on-premises network to AWS. The company must capture the changes that occur to the source database during the migration to Aurora PostgreSQL. Which solution will meet these requirements?
A company recently signed a contract with an AWS Managed Service Provider (MSP) Partner for help with an application migration initiative. A solutions architect needs to share an Amazon Machine Image (AMI) from an existing AWS account with the MSP Partner's AWS account. The AMI is backed by Amazon Elastic Block Store (Amazon EBS) and uses a customer managed customer master key (CMK) to encrypt EBS volume snapshots. What is the MOST secure way for the solutions architect to share the AMI with the MSP Partner's AWS account?
A company is implementing a new application on AWS. The company will run the application on multiple Amazon EC2 instances across multiple Availability Zones within multiple AWS Regions. The application will be available through the internet. Users will access the application from around the world. The company wants to ensure that each user who accesses the application is sent to the EC2 instances that are closest to the user's location. Which solution will meet these requirements?
A development team uses multiple AWS accounts for its development, staging, and production environments. Team members have been launching large Amazon EC2 instances that are underutilized. A solutions architect must prevent large instances from being launched in all accounts. How can the solutions architect meet this requirement with the LEAST operational overhead?
A company stores customer data in a multitenant Amazon S3 bucket. Each customer's data is stored in a prefix that is unique to the customer. The company needs to migrate data for specific customers to a new. dedicated S3 bucket that is in the same AWS Region as the source bucket. The company must preserve object metadata such as creation date and version IDs. After the migration is finished, the company must delete the source data for the migrated customers from the original multitenant S3 bucket. Which combination of solutions will meet these requirements with the LEAST overhead? (Select THREE.)
A company hosts its multi-tier, public web application in the AWS Cloud. The web application runs on Amazon EC2 instances, and its database runs on Amazon RDS. The company is anticipating a large increase in sales during an upcoming holiday weekend. A solutions architect needs to build a solution to analyze the performance of the web application with a granularity of no more than 2 minutes. What should the solutions architect do to meet this requirement?
A company uses high concurrency AWS Lambda functions to process a constantly increasing number of messages in a message queue during marketing events. The Lambda functions use CPU intensive code to process the messages. The company wants to reduce the compute costs and to maintain service latency for its customers. Which solution will meet these requirements?
A solutions architect needs to connect a company's corporate network to its VPC to allow on-premises access to its AWS resources. The solution must provide encryption of all traffic between the corporate network and the VPC at the network layer and the session layer. The solution also must provide security controls to prevent unrestricted access between AWS and the on-premises systems. Which solution meets these requirements?