The latest AWS Certified Solutions Architect – Associate SAA-C03 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C03 exam and earn AWS Certified Solutions Architect – Associate SAA-C03 certification.
Table of Contents
- Exam Question 481
- Correct Answer
- Exam Question 482
- Correct Answer
- Exam Question 483
- Correct Answer
- Exam Question 484
- Correct Answer
- Exam Question 485
- Correct Answer
- Exam Question 486
- Correct Answer
- Exam Question 487
- Correct Answer
- Exam Question 488
- Correct Answer
- Answer Description
- References
- Exam Question 489
- Correct Answer
- Exam Question 490
- Correct Answer
Exam Question 481
A company is designing a shared storage solution for a gaming application that is hosted in the AWS Cloud. The company needs the ability to use SMB clients to access data solution must be fully managed.
Which AWS solution meets these requirements?
A. Create an AWS DataSync task that shares the data as a mountable file system Mount the file system to the application server
B. Create an Amazon EC2 Windows instance Install and configure a Windows file share role on the instance Connect the application server to the file share
C. Create an Amazon FSx for Windows File Server file system Attach the file system to the origin server Connect the application server to the Me system
D. Create an Amazon S3 bucket Assign an 1AM role to the application to grant access to the S3 bucket Mount the S3 bucket to the application server
Correct Answer
C. Create an Amazon FSx for Windows File Server file system Attach the file system to the origin server Connect the application server to the Me system
Exam Question 482
A company is Re-architecting a strongly coupled application to be loosely coupled Previously the application used a request/response pattern to communicate between tiers. The company plans to use Amazon Simple Queue Service (Amazon SQS) to achieve decoupling requirements. The initial design contains one queue for requests and one for responses However, this approach is not processing all the messages as the application scales.
What should a solutions architect do to resolve this issue?
A. Configure a dead-letter queue on the ReceiveMessage API action of the SQS queue.
B. Configure a FIFO queue, and use the message deduplication ID and message group I
C. Create a temporary queue, with the Temporary Queue Client to receive each response message.
D. Create a queue for each request and response on startup for each producer, and use a correlation ID message attribute.
Correct Answer
A. Configure a dead-letter queue on the ReceiveMessage API action of the SQS queue.
Exam Question 483
A solutions architect is creating a new Amazon CloudFront distribution for an application Some of the information submitted by users is sensitive. The application uses HTTPS but needs another layer of security. The sensitive information should be protected throughout the entire application stack, and access to the information should be restricted to certain applications.
Which action should the solutions architect take?
A. Configure a CloudFront signed URL
B. Configure a CloudFront signed cookie.
C. Configure a CloudFront field-level encryption profile.
D. Configure CloudFront and set the Origin Protocol Policy setting to HTTPS Only for the Viewer Protocol Pokey
Correct Answer
A. Configure a CloudFront signed URL
Exam Question 484
A solutions architect needs to design a resilient solution for Windows users’ home directories. The solution must provide fault tolerance, file-level backup and recovery, and access control, based upon the company’s Active Directory.
Which storage solution meets these requirements?
A. Configure Amazon S3 to store the users’ home directories. Join Amazon S3 to Active Directory.
B. Configure a Multi-AZ file system with Amazon FSx for Windows File Server Join Amazon FSx to Active Directory.
C. Configure Amazon Elastic File System (Amazon EFS) for the users’ home directories. Configure AWS Single Sign-On with Active Directory.
D. Configure Amazon Elastic Block Store (Amazon EBS) to store the users’ home directories Configure AWS Single Sign-On with Active Directory.
Correct Answer
C. Configure Amazon Elastic File System (Amazon EFS) for the users’ home directories. Configure AWS Single Sign-On with Active Directory.
Exam Question 485
A solutions architect is creating a data processing job that runs once daily and can take up to 2 hours to complete If the job is interrupted, it has to restart from the beginning
How should the solutions architect address this issue in the MOST cost-effective manner?
A. Create a script that runs locally on an Amazon EC2 Reserved Instance that is triggered by a cron job.
B. Create an AWS Lambda function triggered by an Amazon EventBridge (Amazon CloudWatch Events} scheduled event
C. Use an Amazon Elastic Container Service (Amazon ECS) Fargate task triggered by an Amazon EventBridge (Amazon CloudWatch Events) scheduled event.
D. Use an Amazon Elastic Container Service (Amazon ECS) task running on Amazon EC2 triggered by an Amazon EventBridge (Amazon CloudWatch Events) scheduled event.
Correct Answer
C. Use an Amazon Elastic Container Service (Amazon ECS) Fargate task triggered by an Amazon EventBridge (Amazon CloudWatch Events) scheduled event.
Exam Question 486
A company hosts its multi-tier public web application in the AWS Cloud. The web application runs on Amazon EC2 instances and its database runs on Amazon RDS. The company is anticipating a large increase in sales during an upcoming holiday weekend A solutions architect needs to build a solution to analyze the performance of the web application with a granularity of no more than 2 minutes.
What should the solutions architect do to meet this requirement?
A. Send Amazon CloudWatch logs to Amazon Redshift Use Amazon QuickSight to perform further analysis
B. Enable detailed monitoring on all EC2 instances Use Amazon CloudWatch metrics to perform further analysis
C. Create an AWS Lambda function to fetch EC2 logs from Amazon CloudWatch Logs Use Amazon CloudWatch metrics to perform further analysis
D. Send EC2 logs to Amazon S3 Use Amazon Redshift to fetch logs from the S3 bucket to process raw data for further analysis with Amazon QuickSight.
Correct Answer
B. Enable detailed monitoring on all EC2 instances Use Amazon CloudWatch metrics to perform further analysis
Exam Question 487
A company is creating a three-tier web application consisting of a web server, an application server, and a database server. The application will track GPS coordinates of packages as they are being delivered. The application will update the database every 0-5 seconds.
The tracking will need to read a fast as possible for users to check the status of their packages. Only a few packages might be tracked on some days, whereas millions of package might be tracked on other days. Tracking will need to be searchable by tracking ID customer ID and order ID Order than 1 month no longer read to be tracked.
What should a solution architect recommend to accomplish this with minimal cost of ownership?
A. Use Amazon DynamoDB Enable Auto Scaling on the DynamoDB table. Schedule an automatic deletion script for items older than 1 month.
B. Use Amazon DynamoDB with global secondary indexes. Enable Auto Scaling on the DynamoDB table and the global secondary indexes. Enable TTL on the DynamoDB table.
C. Use an Amazon RDS On-Demand instance with Provisioned IOPS (PIOPS). Enable Amazon CloudWatch alarms to send notifications when PIOPS are exceeded. Increase and decrease PIOPS as needed.
D. Use a Amazon RDS Reserved Instance with Provisioned IOPS (PIOPS). Enable Amazon CloudWatch alarms to send notification when PIOPS are exceeded. Increase and decrease PIOPS as needed.
Correct Answer
B. Use Amazon DynamoDB with global secondary indexes. Enable Auto Scaling on the DynamoDB table and the global secondary indexes. Enable TTL on the DynamoDB table.
Exam Question 488
A start-up company has a web application based in the us-east-1 Region with multiple Amazon EC2 instances running behind an Application Load Balancer across multiple Availability Zones As the company’s user base grows in the us-west-1 Region, it needs 3 solution with low latency and high availability.
What should a solutions architect do to accomplish this?
A. Provision EC2 instances in us-west-1. Switch my Application Load Balancer to a Network Load Balancer to achieve cross-Region load balancing.
B. Provision EC2 instances and an Application Load Balancer in us-west-1 Make the load balancer distribute the traffic based on the location of the request
C. Provision EC2 instances and configure an Application Load Balancer in us-west-1. Create an accelerator in AWS Global Accelerator that uses an endpoint group that includes the load balancer endpoints in both Regions.
D. Provision EC2 Instances and configure an Application Load Balancer in us-west-1 Configure Amazon Route 53 with a weighted routing policy. Create alias records in Route 53 that point to the Application Load Balancer
Correct Answer
C. Provision EC2 instances and configure an Application Load Balancer in us-west-1. Create an accelerator in AWS Global Accelerator that uses an endpoint group that includes the load balancer endpoints in both Regions.
Answer Description
ELB provides load balancing within one Region, AWS Global Accelerator provides traffic management across multiple Regions […] AWS Global Accelerator complements ELB by extending these capabilities beyond a single AWS Region, allowing you to provision a global interface for your applications in any number of Regions. If you have workloads that cater to a global client base, we recommend that you use AWS Global Accelerator. If you have workloads hosted in a single AWS Region and used by clients in and around the same Region, you can use an Application Load Balancer or Network Load Balancer to manage your resources.
References
Exam Question 489
A company has a service that produces event data. The company wants to use AWS to process the event data as it is received. The data is written in a specific order that must be maintained throughout processing. The company wants to implement a solution that minimizes operational overhead.
How should a solution architect accomplish this”
A. Create an Amazon Simple Queue Service (Amazon SOS) FIFO queue to hold messages. Set up an AWS Lambda function to process messages from the queue.
B. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process. Configure an AWS Lambda function as a subscriber
C. Create an Amazon Simple Queue Service (Amazon SOS) standard queue to hold messages Set up an AWS Lambda function 😮 process messages from the queue independently
D. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process Configure an Amazon Simple Queue Service (Amazon SQS) queue as a subscriber.
Correct Answer
A. Create an Amazon Simple Queue Service (Amazon SOS) FIFO queue to hold messages. Set up an AWS Lambda function to process messages from the queue.
Exam Question 490
The following IAM policy is attached to an IAM group. This is the only policy applied to the group.
What are the effective IAM permissions of this policy for group members?
A. Group members are permitted any Amazon EC2 action within the us-east-1 Region. Statements after. The Allow permission are not applied
B. Group member are denied any Amazon EC2 permissions in the us-east-1 Region unless they are tagged in with multi-factor authentication (MFA).
C. Group members are allowed the ec2:StopInstances and ec2:Terminatelnstances permissions for all Regions when logged in with multi-factor authentication (MFA). Group members authorized any other Amazon EC2 action.
D. Group members are allowed the ec2:Stoplnstances and ec2:Terminatelnstances permissions for the us-east-1 Region only when logged in with multi-factor authentication (MFA). Groups are permitted any other Amazon EC2 action within the us-east-1 Region
Correct Answer
D. Group members are allowed the ec2:Stoplnstances and ec2:Terminatelnstances permissions for the us-east-1 Region only when logged in with multi-factor authentication (MFA). Groups are permitted any other Amazon EC2 action within the us-east-1 Region