AWS Certified Solutions Architect – Associate SAA-C02 Exam Questions and Answers – Page 7

The latest AWS Certified Solutions Architect – Associate SAA-C02 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C02 exam and earn AWS Certified Solutions Architect – Associate SAA-C02 certification.

AWS Certified Solutions Architect - Associate SAA-C02 Exam Questions and Answers

Exam Question 601

A company is building a web application that servers a content management system.

The content management system runs on Amazon EC2 instances behind an Application Load Balancer (ALB).

The EC2 instances run in an Auto Scaling group across Availability Zones.

Users are constantly adding and updating files, blogs, and other website assets in the content management system.

Which solution meets these requirements?

A. Update the EC2 user data in the Auto Scaling group lifecycle policy to copy the website assets from the EC2 instance that was launched most recently. Configure the ALB to make changes to the websites assets only in the newest EC2 instance.
B. Copy the website assets to an Amazon Elastic File System (Amazon EFS) Me system. Configure each EC2 instance to mount the EFS m system locally. Configure the website hosting application to reference the website assets that are stored in the EFS file system.
C. Copy the website assets to an Amazon S3 bucket. Ensure that each EC2 instance downloads the website assets from the S3 bucket to the attached Amazon Basic Block Store (Amazon EBS) volume. Run the S3 sync command once each hour to keep files up to date.
D. Restore an Amazon Elastic Block Store (Amazon EBS) snapshot w.th the website assets. Attach the EBS snapshot as a secondary EBS volume when a new EBS EC2 instance is launched. Configure the website hosting application to reference the website assets that are stored in the secondary EBS volume.

Correct Answer:
C. Copy the website assets to an Amazon S3 bucket. Ensure that each EC2 instance downloads the website assets from the S3 bucket to the attached Amazon Basic Block Store (Amazon EBS) volume. Run the S3 sync command once each hour to keep files up to date.

Exam Question 602

A company’s web site receives 50,000 requests each second.

The company wants to use multiple applications to analyze the navigation patterns of the website users so that the experience can be personalized.

Which AWS services or feature should a solutions architect use to collect page clicks for the website and process them sequentially for each user?

A. Amazon Kinesis Data Streams
B. Amazon Simple Queue Service (Amazon SQS) standard queue
C. Amazon Simple Queue Service (Amazon SQS) FIFO queue
D. AWS CloudTrail

Correct Answer:
A. Amazon Kinesis Data Streams

Exam Question 603

A company fails an AWS security reviews conducted by the third party.

The review finds out that some of the company method to access the Amazon EMR through the public internet.

Which combination of steps should the company take to MOST improve its security? (Select TWO.)

A. Set up a VPC peering connect to the Amazon EMR API.
B. Set up VPC endpoints to connect to the Amazon EMR API.
C. Set up a NAT gateway to connect to the Amazon EMR API.
D. Set up 1AM roles to be used to connect to the Amazon FMR API.
E. Set up each developer with AWS Secrets Manager to store access keys.

Correct Answer:
A. Set up a VPC peering connect to the Amazon EMR API.
D. Set up 1AM roles to be used to connect to the Amazon FMR API.

Exam Question 604

A company has developed a database in Amazon RDS for MySQL.

Due to increased support team is reporting slow reads against the DB instance and recommends adding a read replica.

Which combination of actions should a solutions architect take before implementing this change? (Select TWO.)

A. Enable binlog replication on the RDS master.
B. Choose a failover priority for the source DB instance.
C. Allow long-running transactions to complete on the source DB instance.
D. Create a global table and specify the AWS Regions where the table will be available.
E. Enable automatic backups on the source instance by settings the backup retention period to a value other than 0.

Correct Answer:
C. Allow long-running transactions to complete on the source DB instance.
E. Enable automatic backups on the source instance by settings the backup retention period to a value other than 0.

Exam Question 605

A company is running a publicly accessible serverless application that uses Amazon API Gateway and AWS Lambda.

The application’s traffic recently spiked due to fraudulent requests from botnets.

Which steps should a solutions architect take to block requests from unauthorized users? (Select TWO.)

A. Create a usage plan with an API key that is shared with genuine users only.
B. Integrate logic within the Lambda function to ignore the requests from fraudulent addresses.
C. Implement an AWS WAF rule to target malicious requests and trigger actions to filter them out.
D. Convert the existing public API to a private API. Update the DNS records to redirect users to the new API endpoint.
E. Create an IAM role for each user attempting to access the API. A user will assume the role when making the API call.

Correct Answer:
B. Integrate logic within the Lambda function to ignore the requests from fraudulent addresses.
E. Create an IAM role for each user attempting to access the API. A user will assume the role when making the API call.

Exam Question 606

A company experienced a breach from an attacker on its on-premises network.

The attacker launched port scanning, waged on outbound Dos attack, and performed crypto currency mining.

The company is moving to AWS to build a more resilient architecture that monitors and remediate this type the attack on the account level.

How should the company use AWS services to meet these requirements?

A. Enable Amazon GuardDuty to generate findings. Trigger AWS Lambda for automated remediation of identified threats.
B. Enable AWS Config and configure policies to monitor against breaches. Trigger AWS Lambda for automated remediation of non-compliant resources
C. Enable Amazon Macie to identify and classify security threats. Configure events in Amazon EventBridge (Amazon CloudWatch Events) to trigger actions based on the severity of threats.
D. Enable Amazon inspector to generate assessment reports. Configure events in Amazon EventBridge (Amazon CloudWatch Events) to trigger actions based on identified threat.

Correct Answer:
A. Enable Amazon GuardDuty to generate findings. Trigger AWS Lambda for automated remediation of identified threats.

Exam Question 607

A company is using Amazon CloudFront with its website.

The company has enabled logging on the CloudFront distribution, and logs are saved in one of the company’s Amazon S3 buckets.

The company needs to perform advanced analysis on the logs and build visualizations.

What should a solutions architect do to meet these requirements?

A. Use standard SQL queries in Amazon Athena to analyze CloudFront logs in the S3 bucket. Visualize the results with AWS Glue.
B. Use standard SQL queries in Amazon Athena to analyze the CloudFront logs in the S3 bucket. Visual the results with Amazon QuickSight.
C. Use standard queries in Amazon DynamoDB to analyze the Cloudfront logs in the S3 bucket. Visualize the results with the AWS Glue.
D. Use standard SQL queries in Amazon DynamoDB to analyze the CloudFront logs in the S3 bucket. Visualize the results with Amazon QuickSight.

Correct Answer:
D. Use standard SQL queries in Amazon DynamoDB to analyze the CloudFront logs in the S3 bucket. Visualize the results with Amazon QuickSight.

Exam Question 608

A company has a web application for travel ticketing.

The application is based on a database that runs in a single data center in North America. The company wants to expand the application to serve a global user base. The company needs to display the application to multiple AWS Regions. Average latency must be less than 1 second on updates to reservation database.

The company wants to have separate deployments of its web platform across multiple Regions. However, the company must maintain a single primary reservation database that is globally consistent.

Which solution should a solutions architect recommend to meet these requirements?

A. Convert the application to use Amazon DynamoDB. Use a global table for the center reservation table. Use the correct Regional endpoint in each Regional deployment.
B. Migrate the database to an Amazon Aurora MySQL database. Deploy Aurora Read Replicas in each Region. Use the correct Region endpoint in each Regional deployment for access to the database.
C. Migrate the database to an Amazon RDS for MySQL database. Deploy MySQL read replicas in each Region. Use the correct Regional endpoint In each Regional deployment for access to the database.
D. Migrate the application to an Amazon Aurora Serverless database. Deploy instances of the database to each Region. Use the correct Region endpoint in each Regional deployment to access the database. Use AWS Lambda functions to process event streams in each Region to synchronize the databases.

Correct Answer:
A. Convert the application to use Amazon DynamoDB. Use a global table for the center reservation table. Use the correct Regional endpoint in each Regional deployment.

Exam Question 609

A company is planning to migrate 40 servers hosted on-premises in VMware to the AWS Cloud. The migration process must be implemented with minimal downtime.

The company also wants to test the servers before the cutover date.

Which solution meets these requirements?

A. Deploy the AWS DataSync agent into the on-premises environment. Use DataSync to migrate the servers.
B. Deploy an AWS Snowball device connected by way of RJ45 to the on-premises network. Use Snowball to migrate the servers.
C. Deploy an AWS Database Migration Service (AWS DMS) replication instance into AWS. Use AWS DMS to migrate the servers.
D. Deploy the AWS Server Migration Service (AWS SMS) connector into the on-premises environment. Use AWS SMS to migrate the servers.

Correct Answer:
A. Deploy the AWS DataSync agent into the on-premises environment. Use DataSync to migrate the servers.

Exam Question 610

A company is building a RESTful serverless web application on AWS by using Amazon API Gateway and AWS Lambda.

The users of this web application will be geographically disturbed, and the company wants to reduce the latency of API requests to these users.

Which type of endpoint should a solutions architect use to meet these requirements?

A. Private endpoint
B. Regional endpoint
C. Interface VPC endpoint
D. Edge-optimized endpoint

Correct Answer:
A. Private endpoint