The latest AWS Certified Solutions Architect – Associate SAA-C03 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C03 exam and earn AWS Certified Solutions Architect – Associate SAA-C03 certification.
Table of Contents
- Exam Question 461
- Correct Answer
- Exam Question 462
- Correct Answer
- Exam Question 463
- Correct Answer
- Exam Question 464
- Correct Answer
- Exam Question 465
- Correct Answer
- Exam Question 466
- Correct Answer
- Exam Question 467
- Correct Answer
- Exam Question 468
- Correct Answer
- Exam Question 469
- Correct Answer
- Exam Question 470
- Correct Answer
Exam Question 461
A company has three AWS accounts Management Development and Production. These accounts use AWS services only in the us-east-1 Region All accounts have a VPC with VPC Flow Logs configured to publish data to an Amazon S3 bucket in each separate account For compliance reasons the company needs an ongoing method to aggregate all the VPC flow logs across all accounts into one destination S3 bucket in the Management account.
What should a solutions architect do to meet these requirements with the LEAST operational overhead?
A. Add S3 Same-Region Replication rules in each S3 bucket that stores VPC flow logs to replicate objects to the destination S3 bucket Configure the destination S3 bucket to allow objects to be received from the S3 buckets in other accounts
B. Set up an 1AM user in the Management account Grant permissions to the 1AM user to access the S3 buckets that contain the VPC flow logs Run the aws s3 sync command in the AWS CLI to copy the objects to the destination S3 bucket
C. Use an S3 inventory report to specify which objects in the S3 buckets to copy Perform an S3 batch operation to copy the objects into the destination S3 bucket in the Management account with a single request.
D. Create an AWS Lambda function in the Management account Grant S3 GET permissions on the source S3 buckets Grant S3 PUT permissions on the destination S3 bucket Configure the function to invoke when objects are loaded in the source S3 buckets
Correct Answer
A. Add S3 Same-Region Replication rules in each S3 bucket that stores VPC flow logs to replicate objects to the destination S3 bucket Configure the destination S3 bucket to allow objects to be received from the S3 buckets in other accounts
Exam Question 462
A company is building a web application that serves a content management system. The content management system runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The EC2 instances run in an Auto Scaling group across multiple Availability Zones Users are constantly adding and updating files blogs and other website assets in the content management system.
A solutions architect must implement a solution in which all the EC2 instances share up-to-date website content with the least possible lag time.
Which solution meets these requirements?
A. Update the EC2 user data in the Auto Scaling group lifecycle policy to copy the website assets from the EC2 instance that was launched most recently Configure the ALB to make changes to the website assets only m the newest EC2 instance
B. Copy the website assets to an Amazon Elastic File System (Amazon EFS) file system Configure each EC2 instance to mount the EPS file system locally Configure the website hosting application to reference the website assets that are stored in the EFS file system
C. Copy the website assets to an Amazon S3 bucket Ensure that each EC2 instance downloads the website assets from the S3 bucket to the attached Amazon Elastic Block Store (Amazon EBS) volume Run the S3 sync command once each hour to keep files up to date
D. Restore an Amazon Elastic Block Store (Amazon EBS) snapshot with the website assets Attach the EBS snapshot as a secondary EBS volume when a new EC2 instance is launched Configure the website hosting application to reference the website assets that are stored in the secondary EBS volume
Correct Answer
A. Update the EC2 user data in the Auto Scaling group lifecycle policy to copy the website assets from the EC2 instance that was launched most recently Configure the ALB to make changes to the website assets only m the newest EC2 instance
Exam Question 463
A solutions architect is designing the architecture for a new web application. The application will run on AWS Fargate containers with an Application Load Balancer (ALB) and an Amazon Aurora PostgreSQL database. The web application will perform primarily read queries against the database.
What should the solutions architect do to ensure that the website can scale with increasing traffic? (Select TWO.)
A. Enable auto scaling on the ALB to scale the load balancer horizontally.
B. Configure Aurora Auto Scaling to adjust the number of Aurora Replicas in the Aurora cluster dynamically.
C. Enable cross-zone load balancing on the ALB to distribute the load evenly across containers in all Availability Zones.
D. Configure an Amazon Elastic Container Service (Amazon ECS) cluster in each Availability Zone to distribute the load across multiple Availability Zones.
E. Configure Amazon Elastic Container Service (Amazon ECS) Service Auto Scaling with a target tracking scaling policy that is based on CPU utilization.
Correct Answer
A. Enable auto scaling on the ALB to scale the load balancer horizontally.
B. Configure Aurora Auto Scaling to adjust the number of Aurora Replicas in the Aurora cluster dynamically.
Exam Question 464
The application’s traffic is often low. but it occasionally grows significantly. During these sudden increases in traffic, DynamoDB returns throttling errors. The result is that error pages are displayed to end users.
What should a solutions architect do to reduce these errors?
A. Change the DynamoDB table to use on-demand capacity mode.
B. Create a DynamoDB read replica to scale the read traffic horizontally.
C. Purchase DynamoDB reserved capacity of 1,000 RCUs and 500 WCUs.
D. Configure the application to use strongly consistent reads for DynamoDB queries.
Correct Answer
D. Configure the application to use strongly consistent reads for DynamoDB queries.
Exam Question 465
A company wants to build an immutable infrastructure for its software applications. The company wants to test the software applications before sending traffic to them. The company seeks an efficient solution that limits the effects of application bugs
Which combination of steps should a solutions architect recommend? {Select TWO)
A. Use AWS Cloud Formation to update the production infrastructure and roll back the stack if the update fails
B. Apply Amazon Route 53 weighted routing to test the staging environment and gradually increase the traffic as the tests pass
C. Apply Amazon Route 53 failover routing to test the staging environment and fail over to the production environment if the tests pass
D. Use AWS Cloud Formation with a parameter set to the staging value in a separate environment other than the production environment
E. Use AWS Cloud Formation to deploy the staging environment with a snapshot deletion policy and reuse the resources in the production environment if the tests pass
Correct Answer
A. Use AWS Cloud Formation to update the production infrastructure and roll back the stack if the update fails
B. Apply Amazon Route 53 weighted routing to test the staging environment and gradually increase the traffic as the tests pass
Exam Question 466
A company stores project information in a shared spreadsheet. The company wants to create a web application to replace the spreadsheet. The company has chosen Amazon DynamoDB to store the spreadsheet’s data and is designing the web application to display the project information that is obtained from DynamoDB.
A solutions architect must design the web application’s backend by using managed services that require minimal operational maintenance.
Which architectures meet these requirements? (Select TWO.)
A. An Amazon API Gateway REST API accesses the project information that is in DynamoD
B. An Elastic Load Balancer forwards requests to a target group with DynamoDB set up as the target.
C. An Amazon API Gateway REST API invokes an AWS Lambda function. The Lambda function accesses DynamoD
D. An Amazon Route 53 hosted zone routes requests to an AWS Lambda endpoint to invoke a Lambda function that accesses DynamoD
E. An Elastic Load Balancer forwards requests to a target group of Amazon EC2 instances. The EC2 instances run an application that accesses DynamoD
Correct Answer
A. An Amazon API Gateway REST API accesses the project information that is in DynamoD
E. An Elastic Load Balancer forwards requests to a target group of Amazon EC2 instances. The EC2 instances run an application that accesses DynamoD
Exam Question 467
A solution architect at a company is designing the architecture for a two-tiered web application. The web application is composed of an internet facing application load balancer that forwards traffic to an auto scaling group of Amazon EC2 instances. The EC2 instances must be able to access a database that runs on Amazon RDS.
The company has requested a defense-in-depth approach to the network layout. The company does not want to rely solely on security groups or network ACLs. Only the minimum resources that are necessary should be routable from the internet.
Which network design should the solutions architect recommend to meet these requirements?
A. Place the ALB, EC2 instances and RDS database in private subnets.
B. Place the ALB in public subnets. Place the EC2 instances and RDS database in private subnets
C. Place the ALB and EC2 instances in public subnets. Place the RDS database in private subnets
D. Place the ALB outside the VP
E. Place the EC2 instances and RDS database in private subnets.
Correct Answer
B. Place the ALB in public subnets. Place the EC2 instances and RDS database in private subnets
Exam Question 468
A company has thousands of edge devices that collectively generate 1 TB of status averts each day Each alert s approximately 2 KB in size. A solutions architect needs to implement a solution to ingest and store the alerts for future analysis.
The company wants a highly available solution However the company needs to minimize costs and does not want to manage additional infrastructure Additionally, the company wants to keep 14 days of data available for immediate analysis and archive any data older than 14 days.
What is the MOST operationally efficient solution that meets these requirements?
A. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts Configure the Kinesis Data Firehose stream to deliver the alerts to an Amazon S3 bucket Set up an S3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days
B. Launch Amazon EC2 instances across two Availability Zones and place them behind an Elastic Load Balancer to ingest the alerts Create a script on the EC2 instances that will store the alerts m an Amazon S3 bucket Set up an S3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days
C. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts Configure the Kinesis Data Firehose stream to deliver the alerts to an Amazon Elasticsearch Service (Amazon ES) duster Set up the Amazon ES cluster to take manual snapshots every day and delete data from the duster that is older than 14 days
D. Create an Amazon Simple Queue Service (Amazon SQS I standard queue to ingest the alerts and set the message retention period to 14 days Configure consumers to poll the SQS queue check the age of the message and analyze the message data as needed If the message is 14 days old the consumer should copy the message to an Amazon S3 bucket and delete the message from the SQS queue
Correct Answer
A. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts Configure the Kinesis Data Firehose stream to deliver the alerts to an Amazon S3 bucket Set up an S3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days
Exam Question 469
A company has a customer relationship management (CRM) application that stores data in an Amazon RDS DB instance that runs Microsoft SQL Server. The company’s IT staff has administrative access to the database. The database contains sensitive data. The company wants to ensure that the data is not accessible to the IT staff and that only authorized personnel can view the data.
What should a solutions architect do to secure the data?
A. Use client-side encryption with an Amazon RDS managed key.
B. Use client-side encryption with an AWS Key Management Service (AWS KMS) customer managed key.
C. Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) default encryption key.
D. Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) customer managed key.
Correct Answer
D. Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) customer managed key.
Exam Question 470
A company is developing a serverless web application that gives users the ability to interact with real-time analytics from online games. The data from the games must be streamed in real time. The company needs a durable, low-latency database option for user data. The company does not know how many users will use the application Any design considerations must provide response times of single-digit milliseconds as the application scales.
Which combination of AWS services will meet these requirements? (Select TWO.)
A. Amazon CloudFront
B. Amazon DynamoDB
C. Amazon Kinesis
D. Amazon RDS
E. AWS Global Accelerator
Correct Answer
A. Amazon CloudFront
B. Amazon DynamoDB