The latest AWS Certified Solutions Architect – Associate SAA-C03 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C03 exam and earn AWS Certified Solutions Architect – Associate SAA-C03 certification.
Question 591
A company finds that, as its use of Amazon EC2 instances grows us Amazon Elastic Block Store (Amazon EDS) storage costs are increasing faster man expected.
Which EBS management practices would help reduce costs? (Select TWO. )
A. Convert the EBS volumes to an EC2 instance store.
* B. Monitor and enforce that the DetetionOn termination attribute is set to true for all EBS volumes, unless persistence requirements dictate otherwise.
C. Purchase an EC2 Instance Savings Plan for an EBS volumes that are serving persistent business requirements.
* D. For EBS volumes needed for retention purposes that are not being actively used, take a snapshot and terminate the instance and volume.
E. Convert the existing EBS volumes to EBS Provisio ed IOPS SSD (io1).
Question 592
A company wants to migrate la accounting system from an on-premises data center to the AWS Cloud in a single AWS Region Data security and an immutable audit log are the top priorities.
The company must monitor all AWS activities for compliance auditing. The company has enabled AWS CloudTrail but wants to make sure it meets these requirements.
Which actions should a solutions architect take to protect and secure CloudTrail? (Select TWO.)
A. Enable CloudTrail log tile validation
B. Install the CloudTrail Processing Library
* C. Enable logging of insights events in CloudTrail
D. Enable custom logging from the on-premises resources
* E. Create an AWS Config rule to monitor whether CloudTrail is configured to use server-side encryption with AWS KMS managed encryption keys (SSE-KMS)
Question 593
A company wants to identify underutilized instances for Amazon EX2 and Amazon RDS.
The company needs to report on the cost of all underutilized instances and the utilization metrics for each resource.
Which combination of tools and services will provide this data? (Select TWO.)
* A. Cost Explorer
B. AWS Cost and Usage Report
C. AWS Budgets
* D. Amazon CloudWarch
E. AWS CloudTrail
Question 594
A company is developing a data lake solution in Amazon S3 to analyze large scale datasets. The solution makes infrequent SOL queries only in addition, the company wants to minimize infrastructure costs.
Which AWS service should be used to meet these requirements?
A. Amazon Athena
* B. Amazon Redshift Spectrum
C. Amazon RDS for PostgreSQL
D. Amazon Aurora
Question 595
A company has a web application hosted over 10 Amazon CC2 instances with traffic directed by Amazon Route 53.
The company occasionally experiences a timeout error when attempting to browse the application.
The networking team finds that some DNS queries return IP addresses of unhealthy instances, resulting in the timeout error.
What should a solutions architect implement to overcome these timeout errors?
* A. Create a Route 53 simple touting policy record lot each EC2 instance Associate a hearth check with each record
B. Create a Route 53 failover routing policy record for each EC2 instance Associate a health check with each record
C. Create an Amazon CloudFront distribution with EC2 instances as its origin Associate a health check with the EC2 instances
D. Create an Application Load Balancer (ALB) with a health check in front of the EC2 instances Route to the ALB from Route 53
Question 596
A company sells datasets to customers who do research in artificial intelligence and machine learning (AIMU).
The datasets are large formatted files met are stored in an Amazon S3 bucket in the us-east-1 Region.
The company hosts a web application that the customers use o purchase access to a given dataset.
The web application Is deployed on mutate Amazon EC2 instances behind an Application Load Balancer.
After a purchase is made customers receive an S3 signed URL that allows access to the files. The customers are distributed across North America and Europe.
The company wants to reduce the cost that is associated with data transfers and wants to maintain or improve performance.
What should a solutions architect do to meet these requirements?
* A. Configure S3 Transfer Accelerator on the ex sting S3 bucket. Direct customer requests to the S3 Transfer Acceleration endpoint Continue to use S3 signed URLs to access control
B. Deploy an Amazon CloudFront distribution with the existing S3 bucket as the origin Direct customer requests to the CloudFront URL. Switch to CloudFront signed URLs for access control
C. Set up a second S3 Ducket in the eu-central-1 Region with S3 Cross-Region Replication between lite Duckets. Direct customer requests to the closest Region. Continue to use S3 signed URLs for access control
D. Modify the web application to enable streaming of the datasets to and users. Configure the web application to read the data from the existing S3 bucket implement access control directly in the application
Question 597
A team has an application that detects new objects being uploaded into an Amazon bucket. The upload a trigger AWS Lambda function to write metadata into an Amazon DynamoDB table and an Amazon RDS for PostgreSQL database.
Which action should the team take to ensure high availability?
A. Enable Cross-Region Replication to ensure high availability
B. Create a Lambda function for each Availability Zone the application is deployed in
* C. Enable Multi-AZ on the RDS PostgreSQL database.
D. Create a DynamoDB stream for the DynamoDB table
Question 598
A company manages a data lake in an Amazon S3 bucket that numerous application share. The S3 bucket contain unique folders with a prefix for each application.
The company wants to restrict each application to its specific folder and have more granular control of the objects in each folder.
Which solution met these requirements with the LEAST amount of effort?
A. Create dedicated S3 access points and access point policies for each application.
* B. Create anS3 Batch Operations job to set the ACL permissions for each object in the S3 bucket.
C. Update theS3 S3 bucket policy to grant access to each application based on its specific folder in the S3 bucket.
D. Replicate the objects in the S3 bucket to new S3 buckets for each application. Create replication rules by prefix.
Question 599
A gaming company is designing a highly available architecture.
The application runs on a modified Linux kernel and support only UDP-based traffic. The company needs the front-end tier to provide the best possible user experience.
The tier must have low latency, route traffic to the nearest edge location, and possible static IP addresses for entry into the application endpoints.
What should a solution architect do to meet these requirements?
* A. Configure Amazon Route 53 to forward requests to an Application Load Balancer. Use AWS Lambda for the application in AWS Application Auto Scaling.
B. Configure Amazon CloudFront to forward requests to a network Load Balancer. Use AWS Lambda for the application in a AWS Application Auto Scaling group
C. Configure AWS Global Accelerator to forward requests to a Network Load Balancer. Use Amazon EC2 instances for the application in an EC2 Auto Sca ing group.
D. Configure Amazon API Gateway to forward requests to an Application Load Balancer. Use Amazon EC2 instances for the application in an EC2 Auto Scaling group.
Question 600
A company needs to connect several VPCs in the us-east Region that span hundreds of AWS accounts.
The company’s networking team as its own AWS account to manage the cloud network.
What is the MOST operationally efficient solution to connect the VPCs?
A. Set up VPC peering connections between each VPC. Update each associated subnet’s route table.
B. Configure a NAT gateway and an internal gateway in each VPC in connected each VPC through the internal.
* C. Create an AWS Transit Gateway in the networking team’s AWS account. Configure static routes from each VPC.
D. Deploy VPN gateway in each VPC. Configure create a transit VPC in the networking team’s AWS account to connect to each VPC.