The latest AWS Certified Solutions Architect – Associate SAA-C03 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C03 exam and earn AWS Certified Solutions Architect – Associate SAA-C03 certification.
Question 551
A solutions architect needs to design a centralized logging solution for a group of web applications running on Amazon EC2 instances.
The solution requires min mal development effort due to budget containts.
What should the architect recommend?
A. Create a crontab job script in each instance t regularly push the logs to Amazon S3
* B. Install and configure Amazon CloudWatch Logs agent in the Amazon EC2 instances
C. Enable Amazon EventBridge (Amazon CloudWatch Events) in the AWS Management Console.
D. Enable AWS Cloud Trail to map all API Calls invoked by the applications
Question 552
A developer has an application that uses an AWS Lambda function to upload files to Amazon S3 and needs the required permissions to perform the task.
The developer already has an IAM user with valid IAM credentials required for Amazon S3.
What should a solutions architect do to grant the permissions?
A. Add required IAM permissions in the resource policy of the Lambda function.
B. Create a signed request using the existing IAM credential in the Lambda function.
* C. Create a new IAM user and use the existing IAM credentials in the Lambda function
D. Create an IAM execution role with the required permissions and attach the IAM role to the Lambda function
Question 553
A solution architect is designing an application that will allow business users to upload objects to Amazon S3. The solution needs to maximize object durability. Objects also must be readily available at any time and for any length of time. Users will access objects frequently within the first 30 days after the objects are uploaded, but users are much less likely to access objects that are older than 30 days.
Which solution meets these requirements Most cost-effectively?
A. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Glacier after 30 days.
B. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Standard- infrequent Access (S3 Standard-IA) after 30 days.
C. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Zone- Infrequent Access (S3 Zone-IA) after 30 days.
* D. Store all the objects in S3 intelligent-Tiering with an S3 Lifecycle rule to transition the object to S3 Standard-infrequent Access (S3 Standard-IA) after 30 days.
Question 554
A company has an AWS account used for software engineering.
The AWS account has access to the company’s on-premises data center through a pair of AWS Direct Connect connections All non-VPC traffic routes to the virtual private gateway.
A development team recently created an AWS Lambada function through the console.
The development team needs to allow the function to access a database that runs in a private subnet in the company’s data center.
Which solution will meet these requirements?
A. Configure the Lambda function to run in the VPC with the appropriate security group.
B. Set up a VPN connection from AWS to the data center. Route the traffic from the Lambda function through the VPN
* C. Update the route tables in the VPC to allow the Lambda function to access the on-premises data center through direct connect.
D. Create an Elastic IP address. Configure the Lambda function to send traffic through the Elastic IP address without an elastic network interface.
Question 555
A company is developing a new mobile app. The company must implement proper traffic filtering to protect its Application Load Balancer (ALB) against common application-level attacks, such as cross-site scripting or SQL injection. The company has minimal infrastructure and operational staff. The company needs to reduce its share of the responsibility in managing, updating and securing servers for its AWS environment.
What should a solutions architect recommend to meet these requirements?
A. Configure AWS WAF rules and associate them with the ALB
B. Deploy the application using Amazon S3 with public hosting enabled.
C. Deploy AWS shield Advanced and add the ALB as protected resources
* D. Create a new ALB that directs traffic to an Amazon EC2 instance running a third-party firewall, which then passes the traffic to the current ALB
Question 556
A company manages its own Amazon EC2 instances that run MySQL databases.
The company is manually managing replication and scaling as demand increases or decreases. The company needs a new solution that simplifies the process of adding or removing compute capacity to or from its database tier as needed.
The solution also must offer improved performance, scaling and durability with minimal effort from operations.
Which solution meets these requirements?
A. Migrate thee databases to Amazon Aurora Serverless for Aurora MySQL
B. Migrate tie databases to Amazon Aurora Serverless tor Aurora PostgreSQL
* C. Combine the databases into one larger MySQL database Run the larger database on larger EC2 instances
D. Create an EC2 Auto Scaling group for the database tier Migrate the existing databases to the new environment.
Question 557
An 1AM user made several configuration changes to AWS resources in their company’s account during a production deployment last week. A solutions architect learned that a couple of security group rules are not configured as desired. The solutions architect wants to confirm which 1AM user was responsible for making changes.
Which service should the solutions architect use to find the desired information?
* A. Amazon GuardDuty
B. Amazon Inspector
C. AWS CloudTrail
D. AWS Config
Question 558
A solutions architect is designing a solution for a dynamic website, “example.com,” that is deployed in two AWS Regions: Tokyo. Japan and Sydney. Australia.
The architect wants to ensure that users located in Australia are directed to the website deployed in the Sydney AWS Region and users located in Japan are directed to the website in the Tokyo AWS Region when they browse to “example.com.”
Which service should the architect use to achieve this goal with the LEAST administrative effort?
* A. Amazon CloudFront with geolocation routing
B. Amazon Route 53
C. Application Load Balancer
D. Network Load Balancer deployed across multiple regions
Question 559
A prediction process requires access to a trained model that is stored in an Amazon S3 bucket. The process takes a few seconds to process an image and make a prediction.
The process is not overly resource-intensive does not require any specialized hardware, and takes less than 512 MB of memory to run.
What is the MOST effective compute solution for this use case?
A. Amazon Elastic Container Service (Amazon ECS)
B. Amazon EC2 Spot instances
* C. AWS Lambda functions
D. AWS Elastic Beanstalk
Question 560
A customer has a service based out of Oregon. US and Paris. France. The application stores data in an Amazon S3 bucket located in Oregon. That data is updated frequently.
The Pans office is experiencing slow response times when retrieving objects.
What should a solutions architect do to resolve the slow response times for the Paris office?
A. Set up an S3 bucket based in Paris, and enable Cross-Region Replication from the Oregon bucket to the Paris bucket.
B. Create an Application Load Balancer that load balances data retrieval between the Oregon S3 bucket and a new Paris S3 bucket.
* C. Create an Amazon CloudFront distribution with the bucket located m Oregon as the origin and set the maximum TTL setting for the cache behavior to er
D. Set up an S3 bucket based in Paris, and enable a lifecycle management rule to transition data from the Oregon bucket to the Paris bucket.