Skip to Content

AWS Certified Solutions Architect – Associate SAA-C02 Exam Questions and Answers – Page 8

The latest AWS Certified Solutions Architect – Associate SAA-C02 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C02 exam and earn AWS Certified Solutions Architect – Associate SAA-C02 certification.

AWS Certified Solutions Architect - Associate SAA-C02 Exam Questions and Answers

Exam Question 791

A company has thousands of files stored in an Amazon S3 bucket that has a well-defined access pattern. The files are accessed by an application multiple times a day for the first 30 days. Files are rarely accessed within the next 90 days. After that, the files are never accessed again. During the first 120 days, accessing these files should never take more than a few seconds.

Which lifecycle policy should be used for the S3 objects to minimize costs based on the access pattern?

A. Use Amazon S3 Standard-Infrequent Access (S3 Standard-IA) storage for the first 30 days. Then move the files to the GLACIER storage class for the next 90 days. Allow the data to expire after that.
B. Use Amazon S3 Standard storage for the first 30 days. Then move the files to Amazon S3 Standard- Infrequent Access (S3 Standard-IA) for the next 90 days. Allow the data to expire after that.
C. Use Amazon S3 Standard storage for first 30 days. Then move the files to the GLACIER storage class for the next 90 days. Allow the data to expire after that.
D. Use Amazon S3 Standard-Infrequent Access (S3 Standard-IA) for the first 30 days. After that, move the data to the GLACIER storage class, where is will be deleted automatically.

Correct Answer:
B. Use Amazon S3 Standard storage for the first 30 days. Then move the files to Amazon S3 Standard- Infrequent Access (S3 Standard-IA) for the next 90 days. Allow the data to expire after that.

Answer Description:
It is mentioned that they need to access data in few seconds during the 120 days.

Exam Question 792

During a review of business applications, a Solutions Architect identifies a critical application with a relational database that was built by a business user and is running on the user’s desktop. To reduce the risk of a business interruption, the Solutions Architect wants to migrate the application to a highly available, multi-tiered solution in AWS.

What should the Solutions Architect do to accomplish this with the LEAST amount of disruption to the business?

A. Create an import package of the application code for upload to AWS Lambda, and include a function to create another Lambda function to migrate data into an Amazon RDS database
B. Create an image of the user’s desktop, migrate it to Amazon EC2 using VM Import, and place the EC2 instance in an Auto Scaling group
C. Pre-stage new Amazon EC2 instances running the application code on AWS behind an Application Load Balancer and an Amazon RDS Multi-AZ DB instance
D. Use AWS DMS to migrate the backend database to an Amazon RDS Multi-AZ DB instance. Migrate the application code to AWS Elastic Beanstalk

Correct Answer:
D. Use AWS DMS to migrate the backend database to an Amazon RDS Multi-AZ DB instance. Migrate the application code to AWS Elastic Beanstalk

Exam Question 793

A three-tier application is being created to host small news articles. The application is expected to serve millions of users. When breaking news occurs, the site must handle very large spikes in traffic without significantly impacting database performance.

Which design meets these requirements while minimizing costs?

A. Use Auto Scaling groups to increase the number of Amazon EC2 instances delivering the web application
B. Use Auto Scaling groups to increase the size of the Amazon RDS instances delivering the database
C. Use Amazon DynamoDB strongly consistent reads to adjust for the increase in traffic
D. Use Amazon DynamoDB Accelerator (DAX) to cache read operations to the database

Correct Answer:
D. Use Amazon DynamoDB Accelerator (DAX) to cache read operations to the database

Answer Description:
DAX has in memory cache. If breaking news happens, majority of the users searching will look for the exact same thing. That being said, requests will query the Memory Cache first and will not need to fetch the data from the DB directly.

Exam Question 794

An application running in a private subnet accesses an Amazon DynamoDB table. There is a security requirement that the data never leave the AWS network.

How should this requirement be met?

A. Configure a network ACL on DynamoDB to limit traffic to the private subnet
B. Enable DynamoDB encryption at rest using an AWS KMS key
C. Add a NAT gateway and configure the route table on the private subnet
D. Create a VPC endpoint for DynamoDB and configure the endpoint policy

Correct Answer:
D. Create a VPC endpoint for DynamoDB and configure the endpoint policy

Answer Description:
Hint: Private Subnet = VPC Endpoint

Exam Question 795

A client reports that they want see an audit log of any changes made to AWS resources in their account.

What can the client do to achieve this?

A. Set up Amazon CloudWatch monitors on services they own
B. Enable AWS CloudTrail logs to be delivered to an Amazon S3 bucket
C. Use Amazon CloudWatch Events to parse logs
D. Use AWS OpsWorks to manage their resources

Correct Answer:
B. Enable AWS CloudTrail logs to be delivered to an Amazon S3 bucket

Answer Description:
A CloudTrail trail can be created which delivers log files to an Amazon S3 bucket.

Exam Question 796

A company has been storing analytics data in an Amazon RDS instance for the past few years. The company asked a solutions architect to find a solution that allows users to access this data using an API.

The expectation is that the application will experience periods of inactivity but could receive bursts of traffic within seconds.

Which solution should the solutions architect suggest?

A. Set up an Amazon API Gateway and use Amazon ECS.
B. Set up an Amazon API Gateway and use AWS Elastic Beanstalk.
C. Set up an Amazon API Gateway and use AWS Lambda functions
D. Set up an Amazon API Gateway and use Amazon EC2 with Auto Scaling

Correct Answer:
C. Set up an Amazon API Gateway and use AWS Lambda functions

Answer Description:
This question is simply asking you to work out the best compute service for the stated requirements. The key requirements are that the compute service should be suitable for a workload that can range quite broadly in demand from no requests to large bursts of traffic. AWS Lambda is an ideal solution as you pay only when requests are made and it can easily scale to accommodate the large bursts in traffic. Lambda works well with both API Gateway and Amazon RDS.

CORRECT: “Set up an Amazon API Gateway and use AWS Lambda functions” is the correct answer.

INCORRECT: “Set up an Amazon API Gateway and use Amazon ECS” is incorrect as Lambda is a better fit for this use case as the traffic patterns are highly dynamic.

INCORRECT: “Set up an Amazon API Gateway and use AWS Elastic Beanstalk” is incorrect as Lambda is a better fit for this use case as the traffic patterns are highly dynamic.

INCORRECT: “Set up an Amazon API Gateway and use Amazon EC2 with Auto Scaling” is incorrect as Lambda is a better fit for this use case as the traffic patterns are highly dynamic.

Exam Question 797

A company deploys Amazon EC2 instances that run in a VPC The EC2 instances load source data into Amazon S3 buckets so that the data can be processed in the future According to compliance laws, the data must not be transmitted over the public internet Servers in the company’s on-premises data center will consume the output from an application that runs on the EC2 instances.

Which solution will meet these requirements?

A. Deploy an interface VPC endpoint for Amazon EC2 Create an AWS Site-to-Site VPN connection between the company and the VPC
B. Deploy a gateway VPC endpoint for Amazon S3 Set up an AWS Direct Connect connection between the on-premises network and the VPC
C. Set up an AWS Transit Gateway connection from the VPC to the S3 buckets Create an AWS Site-to-Site VPN connection between the company and the VPC
D. Set up proxy EC2 instances that have routes to NAT gateways Configure the proxy EC2 instances to fetch S3 data and feed the application instances

Correct Answer:
B. Deploy a gateway VPC endpoint for Amazon S3 Set up an AWS Direct Connect connection between the on-premises network and the VPC

Exam Question 798

A company has a web application that runs on Amazon EC2 instances. The company wants end users to authenticate themselves before they use the web application. The web application accesses AWS resources, such as Amazon S3 buckets, on behalf of users who are logged on.

Which combination of actions must a solutions architect take to meet these requirements? (Select TWO).

A. Configure AWS App Mesh to log on users.
B. Enable and configure AWS Single Sign-On in AWS Identity and Access Management (IAM).
C. Define a default (AM role for authenticated users.
D. Use AWS Identity and Access Management (IAM) for user authentication.
E. Use Amazon Cognito for user authentication.

Correct Answer:
B. Enable and configure AWS Single Sign-On in AWS Identity and Access Management (IAM).
E. Use Amazon Cognito for user authentication.

Exam Question 799

A company is implementing a shared storage solution for a media application that is hosted m the AWS Cloud The company needs the ability to use SMB clients to access data The solution must he fully managed

Which AWS solution meets these requirements?

A. Create an AWS Storage Gateway volume gateway. Create a file share that uses the required client protocol Connect the application server to the tile share.
B. Create an AWS Storage Gateway tape gateway Configure (apes to use Amazon S3 Connect the application server lo the tape gateway.
C. Create an Amazon EC2 Windows instance Install and configure a Windows file share role on the instance. Connect the application server to the file share.
D. Create an Amazon FSx for Windows File Server tile system Attach the fie system to the origin server. Connect the application server to the tile system.

Correct Answer:
D. Create an Amazon FSx for Windows File Server tile system Attach the fie system to the origin server. Connect the application server to the tile system.

Exam Question 800

A company uses Amazon EC2 instances to host its internal systems As pan of a deployment operation, an administrator tries to use the AWS CLI to terminate an EC2 instance However, the administrator receives a 403 (Access Dented) error message

The administrator is using an IAM role that has the following 1AM policy attached:

The administrator is using an IAM role that has the following 1AM policy attached:

What is the cause of the unsuccessful request?

A. The EC2 Instance has a resource-based policy win a Deny statement.
B. The principal has not been specified in the policy statement.
C. The ‘Action’ field does not grant the actions that are required to terminate the EC2 instance.
D. The request to terminate the EC2 instance does not originate from the CIDR blocks 192 0 2.0:24 or 203.0.113.0/24.

Correct Answer:
B. The principal has not been specified in the policy statement.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.