The latest AWS Certified Solutions Architect – Associate SAA-C03 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C03 exam and earn AWS Certified Solutions Architect – Associate SAA-C03 certification.
Table of Contents
- Exam Question 731
- Correct Answer
- Answer Description
- Exam Question 732
- Correct Answer
- Answer Description
- References
- Exam Question 733
- Correct Answer
- Answer Description
- References
- Exam Question 734
- Correct Answer
- Exam Question 735
- Correct Answer
- Exam Question 736
- Correct Answer
- Answer Description
- References
- Exam Question 737
- Correct Answer
- Answer Description
- References
- Exam Question 738
- Correct Answer
- Answer Description
- References
- Exam Question 739
- Correct Answer
- Answer Description
- References
- Exam Question 740
- Correct Answer
- Answer Description
Exam Question 731
A company wants to use an AWS Region as a disaster recovery location for its on-premises infrastructure. The company has 10 TB of existing data, and the on-premise data center has a 1 Gbps internet connection. A solutions architect must find a solution so the company can have its existing data on AWS in 72 hours without transmitting it using an unencrypted channel.
Which solution should the solutions architect select?
A. Send the initial 10 TB of data to AWS using FTP.
B. Send the initial 10 TB of data to AWS using AWS Snowball.
C. Establish a VPN connection between Amazon VPC and the company’s data center.
D. Establish an AWS Direct Connect connection between Amazon VPC and the company’s data center
Correct Answer
C. Establish a VPN connection between Amazon VPC and the company’s data center.
Answer Description
Keyword: AWS Region as DR for On-premises DC (Existing Data=10TB) + 1G Internet Connection
Condition: 10TB on AWS in 72 Hours + Without Unencrypted Channel Without Unencrypted Channel = VPN
FTP = Unencrypted Channel
Options – A – Out of race, since this is unencrypted channel & not matching the condition Options – B – Out of race due to the timebound target & order /delivering AWS Snowball device will take time
Options – C – Win the race, using the existing 1G Internet Link we can transfer this 10TB data within 24Hrs using encrypted Channel
Options – D – Out of race due to the timebound target & order /delivering AWS Direct Connect will take time
Exam Question 732
A company wants to use an AWS Region as a disaster recovery location for its on-premises infrastructure. The company has 10 TB of existing data, and the on-premise data center has a 1 Gbps internet connection. A solutions architect must find a solution so the company can have its existing data on AWS in 72 hours without transmitting it using an unencrypted channel.
Which solution should the solutions architect select?
A. Send the initial 10 TB of data to AWS using FTP.
B. Send the initial 10 TB of data to AWS using AWS Snowball.
C. Establish a VPN connection between Amazon VPC and the company’s data center.
D. Establish an AWS Direct Connect connection between Amazon VPC and the company’s data center.
Correct Answer
C. Establish a VPN connection between Amazon VPC and the company’s data center.
Answer Description
Keyword: AWS Region as DR for On-premises DC (Existing Data=10TB) + 1G Internet Connection
Condition: 10TB on AWS in 72 Hours + Without Unencrypted Channel Without Unencrypted Channel = VPN
FTP = Unencrypted Channel
Options – A – Out of race, since this is unencrypted channel & not matching the condition Options – B – Out of race due to the timebound target & order /delivering AWS Snowball device will take time
Options – C – Win the race, using the existing 1G Internet Link we can transfer this 10TB data within 24Hrs using encrypted Channel
Options – D – Out of race due to the timebound target & order /delivering AWS Direct Connect will take time
References
- AWS Snowball > User Guide > Shipping an AWS Snowball device
- AWS Direct Connect
- Amazon VPC
Exam Question 733
A company has a mobile chat application with a data store based in Amazon DynamoDB. Users would like new messages to be read with as little latency as possible. A solutions architect needs to design an optimal solution that requires minimal application changes.
Which method should the solutions architect select?
A. Configure Amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use the DAX endpoint.
B. Add DynamoDB read replicas to handle the increased read load. Update the application to point to the read endpoint for the read replicas.
C. Double the number of read capacity units for the new messages table in DynamoDB. Continue to use the existing DynamoDB endpoint.
D. Add an Amazon ElastiCache for Redis cache to the application stack. Update the application to point to the Redis cache endpoint instead of DynamoDB.
Correct Answer
A. Configure Amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use the DAX endpoint.
Answer Description
Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache that can reduce Amazon DynamoDB response times from milliseconds to microseconds, even at millions of requests per second.
Amazon ElastiCache is incorrect because although you may use ElastiCache as your database cache, it will not reduce the DynamoDB response time from milliseconds to microseconds as compared with DynamoDB DAX.
AWS Device Farm is incorrect because this is an app testing service that lets you test and interact with your Android, iOS, and web apps on many devices at once, or reproduce issues on a device in real-time.
DynamoDB Read Replica is incorrect because this is primarily used to automate capacity management for your tables and global secondary indexes.
References
Exam Question 734
A media company is evaluating the possibility of moving its systems to the AWS Cloud. The company needs at least 10 TB of storage with the maximum possible I/O performance for video processing. 300 TB of very durable storage for storing media content, and 900 TB of storage to meet requirements for archival media that is not in use anymore.
Which set of services should a solutions architect recommend to meet these requirements?
A. Amazon EBS for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage
B. Amazon EBS for maximum performance. Amazon EFS for durable data storage, and Amazon S3 Glacier for archival storage
C. Amazon EC2 instance store for maximum performance, Amazon EFS for durable data storage, and Amazon S3 for archival storage
D. Amazon EC2 instance store for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage
Correct Answer
A. Amazon EBS for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage
Exam Question 735
A Solutions Architect is designing the architecture for a web application that will be hosted on AWS. Internet users will access the application using HTTP and HTTPS.
How should the Architect design the traffic control requirements?
A. Use a network ACL to allow outbound ports for HTTP and HTTPS. Deny other traffic for inbound and outbound.
B. Use a network ACL to allow inbound ports for HTTP and HTTPS. Deny other traffic for inbound and outbound.
C. Allow inbound ports for HTTP and HTTPS in the security group used by the web servers.
D. Allow outbound ports for HTTP and HTTPS in the security group used by the web servers.
Correct Answer
C. Allow inbound ports for HTTP and HTTPS in the security group used by the web servers.
Exam Question 736
In Amazon EC2 Container Service, are other container types supported?
A. Yes, EC2 Container Service supports any container service you need.
B. Yes, EC2 Container Service also supports Microsoft container service.
C. No, Docker is the only container platform supported by EC2 Container Service presently.
D. Yes, EC2 Container Service supports Microsoft container service and Openstack.
Correct Answer
C. No, Docker is the only container platform supported by EC2 Container Service presently.
Answer Description
In Amazon EC2 Container Service, Docker is the only container platform supported by EC2 Container Service presently.
References
Exam Question 737
A major finance organization has engaged your company to set up a large data mining application. Using AWS you decide the best service for this is Amazon Elastic MapReduce(EMR) which you know uses Hadoop. Which of the following statements best describes Hadoop?
A. Hadoop is 3rd Party software which can be installed using AMI
B. Hadoop is an open source python web framework
C. Hadoop is an open source Java software framework
D. Hadoop is an open source javascript framework
Correct Answer
C. Hadoop is an open source Java software framework
Answer Description
Amazon EMR uses Apache Hadoop as its distributed data processing engine. Hadoop is an open source, Java software framework that supports data-intensive distributed applications running on large clusters of commodity hardware. Hadoop implements a programming model named “MapReduce,” where the data is divided into many small fragments of work, each of which may be executed on any node in the cluster.
This framework has been widely used by developers, enterprises and startups and has proven to be a reliable software platform for processing up to petabytes of data on clusters of thousands of commodity machines.
References
Exam Question 738
You’ve created your first load balancer and have registered your EC2 instances with the load balancer. Elastic Load Balancing routinely performs health checks on all the registered EC2 instances and automatically distributes all incoming requests to the DNS name of your load balancer across your registered, healthy EC2 instances. By default, the load balancer uses the protocol for checking the health of your instances.
A. HTTPS
B. HTTP
C. ICMP
D. IPv6
Correct Answer
B. HTTP
Answer Description
In Elastic Load Balancing a health configuration uses information such as protocol, ping port, ping path (URL), response timeout period, and health check interval to determine the health state of the instances registered with the load balancer. Currently, HTTP on port 80 is the default health check.
References
- Elastic Load Balancing > User Guide > How Elastic Load Balancing works
Exam Question 739
Your EBS volumes do not seem to be performing as expected and your team leader has requested you look into improving their performance. Which of the following is not a true statement relating to the performance of your EBS volumes?
A. Frequent snapshots provide a higher level of data durability and they will not degrade the performance of your application while the snapshot is in progress.
B. General Purpose (SSD) and Provisioned IOPS (SSD) volumes have a throughput limit of 128 MB/s per volume.
C. There is a relationship between the maximum performance of your EBS volumes, the amount of I/O you are driving to them, and the amount of time it takes for each transaction to complete.
D. There is a 5 to 50 percent reduction in IOPS when you first access each block of data on a newly created or restored EBS volume
Correct Answer
A. Frequent snapshots provide a higher level of data durability and they will not degrade the performance of your application while the snapshot is in progress.
Answer Description
Several factors can affect the performance of Amazon EBS volumes, such as instance configuration, I/O characteristics, workload demand, and storage configuration. Frequent snapshots provide a higher level of data durability, but they may slightly degrade the performance of your application while the snapshot is in progress. This trade off becomes critical when you have data that changes rapidly. Whenever possible, plan for snapshots to occur during off-peak times in order to minimize workload impact.
References
- Amazon Elastic Compute Cloud > User Guide for Linux Instances > Amazon EBS volume performance on Linux instances
Exam Question 740
Much of your company’s data does not need to be accessed often, and can take several hours for retrieval time, so it’s stored on Amazon Glacier. However someone within your organization has expressed concerns that his data is more sensitive than the other data, and is wondering whether the high level of encryption that he knows is on S3 is also used on the much cheaper Glacier service.
Which of the following statements would be most applicable in regards to this concern?
A. There is no encryption on Amazon Glacier, that’s why it is cheaper.
B. Amazon Glacier automatically encrypts the data using AES-128 a lesser encryption method than Amazon S3 but you can change it to AES-256 if you are willing to pay more.
C. Amazon Glacier automatically encrypts the data using AES-256, the same as Amazon S3.
D. Amazon Glacier automatically encrypts the data using AES-128 a lesser encryption method than Amazon S3.
Correct Answer
C. Amazon Glacier automatically encrypts the data using AES-256, the same as Amazon S3.
Answer Description
Like Amazon S3, the Amazon Glacier service provides low-cost, secure, and durable storage. But where S3 is designed for rapid retrieval, Glacier is meant to be used as an archival service for data that is not accessed often, and for which retrieval times of several hours are suitable.
Amazon Glacier automatically encrypts the data using AES-256 and stores it durably in an immutable form. Amazon Glacier is designed to provide average annual durability of 99.999999999% for an archive. It stores each archive in multiple facilities and multiple devices. Unlike traditional systems which can require laborious data verification and manual repair, Glacier performs regular, systematic data integrity checks, and is built to be automatically self-healing.