The latest AWS Certified Solutions Architect – Associate SAA-C03 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C03 exam and earn AWS Certified Solutions Architect – Associate SAA-C03 certification.
Table of Contents
- Exam Question 311
- Correct Answer
- Exam Question 312
- Correct Answer
- Exam Question 313
- Correct Answer
- Exam Question 314
- Correct Answer
- Exam Question 315
- Correct Answer
- Exam Question 316
- Correct Answer
- Exam Question 317
- Correct Answer
- Exam Question 318
- Correct Answer
- Exam Question 319
- Correct Answer
- Exam Question 320
- Correct Answer
Exam Question 311
A company recently started using Amazon Aurora as the data store for its global eCommerce application.
When large reports are run, developers report that the eCommerce application is performing poorly. After reviewing metrics in Amazon CloudWatch. A solutions architect finds that the ReadIOPS and CPU Utilization metrics are spiking when monthly reports run.
What is the MOST cost-effective solution?
A. Migrate the monthly reporting to Amazon Redshift.
B. Migrate the monthly reporting to an Aurora Replica.
C. Migrate the Aurora database to a larger instance class.
D. Increase the Provisioned IOPS on the Aurora instance.
Correct Answer
D. Increase the Provisioned IOPS on the Aurora instance.
Exam Question 312
A company uses on-premises servers to host its applications. The company is running out of storage capacity. The applications use both block storage and NFS storage. The company needs a high-performing solution that supports local caching without re-architecting its existing applications.
Which combination of actions should a solutions architect take to meet these requirements? (Choose two.)
A. Mount Amazon S3 as a file system to the on-premises servers.
B. Deploy an AWS Storage Gateway file gateway to replace NFS storage.
C. Deploy AWS Snowball Edge to provision NFS mounts to on-premises servers.
D. Deploy an AWS Storage Gateway volume gateway to replace the block storage.
E. Deploy Amazon Elastic Fife System (Amazon EFS) volumes and mount them to on-premises servers.
Correct Answer
D. Deploy an AWS Storage Gateway volume gateway to replace the block storage.
E. Deploy Amazon Elastic Fife System (Amazon EFS) volumes and mount them to on-premises servers.
Exam Question 313
A solution architect needs to design a highly available application consisting of web, application, and database tiers. HTTPS content delivery should be as close to the edge as possible, with the least delivery time.
Which solution meets these requirements and is MOST secure?
A. Configure a public Application Load Balancer (ALB) with multiple redundant Amazon EC2 instances in public subnets. Configure Amazon CloudFront to deliver HTTPS content using the public ALB as the origin.
B. Amazon EC2 instances in private subnets Configure. Configure a public Application Load Balancer with multiple redundant Amazon CloudFront to deliver HTTPS content using the EC2 instances as the origin.
C. Configure a public Application Load Balancer (ALB) with multiple redundant Amazon EC2 instances in private subnets. Configure Amazon CloudFront to deliver HTTPS content using the public ALB as the origin.
D. Configure a public Application Load Balancer with multiple redundant Amazon EC2 instances in public subnets. Configure Amazon CloudFront to deliver HTTPS content using the EC2 instances as the origin.
Correct Answer
B. Amazon EC2 instances in private subnets Configure. Configure a public Application Load Balancer with multiple redundant Amazon CloudFront to deliver HTTPS content using the EC2 instances as the origin.
Exam Question 314
A company has a popular gaming platform running on AWS. The application is sensitive to latency because latency can impact the user experience and introduce unfair advantages to some players. The application is deployed in every AWS Region it runs on Amazon EC2 instances that are part of Auto Scaling groups configured behind Application Load Balancers (ALBs). A solutions architect needs to implement a mechanism to monitor the health of the application and redirect traffic to healthy endpoints.
Which solution meets these requirements?
A. Configure an accelerator in AWS Global Accelerator. Add a listener for the port that the application listens on and attach it to a Regional endpoint in each Region. Add the ALB as the endpoint.
B. Create an Amazon CloudFront distribution and specify the ALB as the origin server. Configure the cache behavior to use origin cache headers. Use AWS Lambda functions to optimize the traffic.
C. Create an Amazon CloudFront distribution and specify Amazon S3 as the origin server. Configure the cache behavior to use origin cache headers. Use AWS Lambda functions to optimize the traffic.
D. Configure an Amazon DynamoDB database to serve as the data store for the application. Create a DynamoDB Accelerator (DAX) cluster to act as the in-memory cache for DynamoDB hosting the application data.
Correct Answer
D. Configure an Amazon DynamoDB database to serve as the data store for the application. Create a DynamoDB Accelerator (DAX) cluster to act as the in-memory cache for DynamoDB hosting the application data.
Exam Question 315
A development team stores its Amazon RDS MySQL DB instance user name and password credentials in a configuration file. The configuration file is stored as plaintext on the root device volume of the team’s Amazon EC2 instance. When the team’s application needs to reach the database, it reads the file and loads the credentials into the code. The team has modified the permissions of the configuration file so that only the application can read its content. A solution architect must design a more secure solution.
What should the solutions architect do to meet this requirement?
A. Store the configuration file in Amazon S3. Grant the application access to read the configuration file.
B. Create an IAM role with permission to access the database. Attach this IAM role to the EC2 instance.
C. Enable SSL connections on the database instance. Alter the database user to require SSL when logging in.
D. Move the configuration file to an EC2 instance store, and create an Amazon Machine Image (AMI) of the instance. Launch new instances from this AMI.
Correct Answer
D. Move the configuration file to an EC2 instance store, and create an Amazon Machine Image (AMI) of the instance. Launch new instances from this AMI.
Exam Question 316
A company wants to use high performance computing (HPC) infrastructure on AWS for financial risk modeling. The company’s HPC workloads run on Linux. Each HPC workflow runs on hundreds of AmazonEC2 Spot Instances, is short-lived, and generates thousands of output files that are ultimately stored in persistent storage for analytics and long-term future use.
The company seeks a cloud storage solution that permits the copying of on-premises data to long-term persistent storage to make data available for processing by all EC2 instances. The solution should also be a high performance file system that is integrated with persistent storage to read and write datasets and output files.
Which combination of AWS services meets these requirements?
A. Amazon FSx for Lustre integrated with Amazon S3
B. Amazon FSx for Windows File Server integrated with Amazon S3
C. Amazon S3 Glacier integrated with Amazon Elastic Block Store (Amazon EBS)
D. Amazon S3 bucket with a VPC endpoint integrated with an Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2) volume
Correct Answer
A. Amazon FSx for Lustre integrated with Amazon S3
Exam Question 317
A solutions architect must design a database solution for a high-traffic eCommerce web application. The database stores customer profiles and shopping cart information. The database must support a peak load of several million requests each second and deliver responses in milliseconds. The operational overhead form an aging and scaling the database must be minimized.
Which database solution should the solutions architect recommend?
A. Amazon Aurora
B. Amazon DynamoDB
C. Amazon RDS
D. Amazon Redshift
Correct Answer
A. Amazon Aurora
Exam Question 318
A company is working with an external vendor that requires write access to the company’s Amazon Simple Queue Service (Amazon SQS) queue. The vendor has its own AWS account.
What should a solutions architect do to implement least privilege access?
A. Update the permission policy on the SQS queue to give write access to the vendor’s AWS account.
B. Create an IAM user with write access to the SQS queue and share the credentials for the IAM user.
C. Update AWS Resource Access Manager to provide write access to the SQS queue from the vendor’s AWS account.
D. Create a cross-account role with access to all SQS queues and use the vendor’s AWS account in the trust document for the role.
Correct Answer
D. Create a cross-account role with access to all SQS queues and use the vendor’s AWS account in the trust document for the role.
Exam Question 319
A meteorological startup company has a custom web application to sell weather data to its users online.
The company uses Amazon DynamoDB to store its data and wants to build a new service that sends an alert to the managers of four internal teams every time a new weather event is recorded. The company does not want this new service to affect the performance of the current application.
What should a solutions architect do to meet these requirements with the LEAST amount of operational overhead?
A. Use DynamoDB transactions to write new event data to the table. Configure the transactions to notify internal teams.
B. Have the current application publish a message to four Amazon Simple Notification Service (Amazon SNS) topics. Have each team subscribe to one topic.
C. Enable Amazon DynamoDB Streams on the table. Use triggers to write to a single Amazon Simple Notification Service (Amazon SNS) topic to which the teams can subscribe.
D. Add a custom attribute to each record to flag new items. Write a cron job that scans the table every minute for items that are new and notifies an Amazon Simple Queue Service (Amazon SQS) queue to which the teams can subscribe.
Correct Answer
A. Use DynamoDB transactions to write new event data to the table. Configure the transactions to notify internal teams.
Exam Question 320
A company is preparing to deploy a new serverless workload. A solutions architect needs to configure permissions for invoking an AWS Lambda function. The function will be triggered by an Amazon EventBridge (Amazon CloudWatch Events) rule. Permissions should be configured using the principle of least privilege.
Which solution will meet these requirements?
A. Add an execution role to the function with lambda:InvokeFunction as the action and * as the principal.
B. Add an execution rote to the function with lambda:InvokeFunction as the action and Service:eventsamazonaws.com as the principal.
C. Add a resource-based policy to the function with lambda:’ as the action and Service:events.amazonaws.com as the principal.
D. Add a resource-based policy to the function with lambda:InvokeFunction as the action and Service:events.amazonaws.com as the principal.
Correct Answer
C. Add a resource-based policy to the function with lambda:’ as the action and Service:events.amazonaws.com as the principal.