Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Amazon AWS Certified Solutions Architect - Associate SAA-C02 Exam Practice Questions

The questions for AWS Certified Solutions Architect - Associate SAA-C02 were last updated at May 23, 2022.
  • Viewing page 1 out of 58 pages.
  • Viewing questions 1-10 out of 577 questions
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.
Question #1 Topic 1

A firm is developing a web application on AWS utilizing containers. At any one moment, the organization needs three instances of the web application to be running. The application must be scalable in order to keep up with demand increases. While management is cost-conscious, they agree that the application should be highly accessible.

What recommendations should a solutions architect make?

  • A. Add an execution role to the function with lambda:InvokeFunction as the action and * as the principal.
  • B. Add an execution role to the function with lambda:InvokeFunction as the action and Service:amazonaws.com as the principal.
  • C. Add a resource-based policy to the function with lambda:'* as the action and Service:events.amazonaws.com as the principal.
  • D. Add a resource-based policy to the function with lambda:InvokeFunction as the action and Service:events.amazonaws.com as the principal.
Reveal Solution Hide Solution   Discussion   46

Correct Answer: C 🗳️

Question #2 Topic 1

A business outsources its marketplace analytics management to a third-party partner. The vendor requires restricted programmatic access to the company's account's resources. All necessary policies have been established to ensure acceptable access.

Which new component provides the vendor the MOST SECURE access to the account?

  • A. Stop the instance outside the application's availability window. Start up the instance again when required.
  • B. Hibernate the instance outside the application's availability window. Start up the instance again when required.
  • C. Use Auto Scaling to scale down the instance outside the application's availability window. Scale up the instance when required.
  • D. Terminate the instance outside the application's availability window. Launch the instance by using a preconfigured Amazon Machine Image (AMI) when required.
Reveal Solution Hide Solution   Discussion   18

Correct Answer: B 🗳️

Question #3 Topic 1

A firm seeks to migrate its accounting system from an on-premises data center to an Amazon Web Services (AWS) Region. Data security and an unalterable audit log should be prioritized. All AWS activities must be subjected to compliance audits. Despite the fact that the business has enabled AWS CloudTrail, it want to guarantee that it meets these requirements.

What precautions and security procedures should a solutions architect include to protect and secure CloudTrail? (Choose two.)

  • A. Create a second S3 bucket in us-east-1. Enable S3 Cross-Region Replication from the existing S3 bucket to the second S3 bucket.
  • B. Create a cross-origin resource sharing (CORS) configuration of the existing S3 bucket. Specify us-east-1 in the CORS rule's AllowedOrigin element.
  • C. Create a second S3 bucket in us-east-1 across multiple Availability Zones. Create an S3 Lifecycle management rule to save photos into the second S3 bucket.
  • D. Create a second S3 bucket in us-east-1 to store the replicated photos. Configure S3 event notifications on object creation and update events that invoke an AWS Lambda function to copy photos from the existing S3 bucket to the second S3 bucket.
Reveal Solution Hide Solution   Discussion   38

Correct Answer: B 🗳️

Question #4 Topic 1

A firm maintains a searchable inventory of items on its website. The data is stored in an Amazon RDS for MySQL database in a table with over ten million entries. The database is kept on a two-terabyte (TB) General Purpose Solid State Drive (gp2) array. The company's website gets millions of updates to this data each day. The business discovered that some tasks took 10 seconds or longer and determined that the bottleneck was the database storage performance.

Which of the following options meets the performance requirement?

  • A. Configure a VPC endpoint for Amazon S3. Add an entry to the private subnet's route table for the S3 endpoint.
  • B. Configure a NAT gateway in a public subnet. Configure the private subnet's route table to use the NAT gateway.
  • C. Configure Amazon S3 as a file system mount point on the EC2 instances. Access Amazon S3 through the mount.
  • D. Move the EC2 instances into a public subnet. Configure the public subnet route table to point to an internet gateway.
Reveal Solution Hide Solution   Discussion   47

Correct Answer: B 🗳️

Question #5 Topic 1

A business that is currently hosting a web application on-premises is prepared to transition to AWS and launch a newer version of the application. The organization must route requests to the AWS or on-premises application based on the URL query string. The on-premises application is rendered unreachable over the internet, and a VPN connection is established between Amazon VPC and the business's data center. The company wishes to deploy this application using a load balancer (ALB).

Which of the following solutions meets these criteria?

  • A. Use AWS Snowball Edge devices to process and store the images.
  • B. Upload the images to Amazon Simple Queue Service (Amazon SQS) during intermittent connectivity to EC2 instances.
  • C. Configure Amazon Kinesis Data Firehose to create multiple delivery streams aimed separately at the S3 buckets for storage and the EC2 instances for processing the images.
  • D. Use AWS Storage Gateway pre-installed on a hardware appliance to cache the images locally for Amazon S3 to process the images when connectivity becomes available.
Reveal Solution Hide Solution   Discussion   45

Correct Answer: A 🗳️

Question #6 Topic 1

A meteorological start-up company has created a custom web application for the aim of selling weather data to its members online. The company currently uses Amazon DynamoDB to store its data and wishes to establish a new service that alerts the managers of four internal teams whenever a new weather event is recorded. The business does not want for this new service to impair the operation of the present application.

What steps should a solutions architect take to guarantee that these objectives are satisfied with the MINIMUM feasible operational overhead?

  • A. Create a DynamoDB table in on-demand capacity mode.
  • B. Create a DynamoDB table with a global secondary Index.
  • C. Create a DynamoDB table with provisioned capacity and auto scaling.
  • D. Create a DynamoDB table in provisioned capacity mode, and configure it as a global table.
Reveal Solution Hide Solution   Discussion   22

Correct Answer: A 🗳️

Question #7 Topic 1

A corporation uses an AWS application to offer content to its subscribers worldwide. Numerous Amazon EC2 instances are deployed on a private subnet behind an Application Load Balancer for the application (ALB). The chief information officer (CIO) wishes to limit access to some nations due to a recent change in copyright regulations.

Which course of action will satisfy these criteria?

  • A. Modify the ALB security group to deny incoming traffic from blocked countries.
  • B. Modify the security group for EC2 instances to deny incoming traffic from blocked countries.
  • C. Use Amazon CloudFront to serve the application and deny access to blocked countries.
  • D. Use ALB listener rules to return access denied responses to incoming traffic from blocked countries.
Reveal Solution Hide Solution   Discussion   89

Correct Answer: C 🗳️
"block access for certain countries." You can use geo restriction, also known as geo blocking, to prevent users in specific geographic locations from accessing content that you're distributing through a CloudFront web distribution.
Reference:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html

Question #8 Topic 1

Using seven Amazon EC2 instances, a business runs its web application on AWS. The organization needs that DNS queries provide the IP addresses of all healthy EC2 instances.

Which policy should be employed to comply with this stipulation?

  • A. Simple routing policy
  • B. Latency routing policy
  • C. Multi-value routing policy
  • D. Geolocation routing policy
Reveal Solution Hide Solution   Discussion   19

Correct Answer: C 🗳️

Question #9 Topic 1

Each day, a corporation collects data from millions of consumers totalling around 1'. The firm delivers use records for the last 12 months to its customers. To meet with regulatory and auditing standards, all use data must be retained for at least five years.

Which storage option is the MOST CHEAPEST?

  • A. Store the data in Amazon S3 Standard. Set a lifecycle rule to transition the data to S3 Glacier Deep Archive after 1 year. Set a lifecycle rule to delete the data after 5 years.
  • B. Store the data in Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA). Set a lifecycle rule to transition the data to S3 Glacier after 1 year. Set the lifecycle rule to delete the data after 5 years.
  • C. Store the data in Amazon S3 Standard. Set a lifecycle rule to transition the data to S3 Standard-Infrequent Access (S3 Standard-IA) after 1 year. Set a lifecycle rule to delete the data after 5 years.
  • D. Store the data in Amazon S3 Standard. Set a lifecycle rule to transition the data to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 1 year. Set a lifecycle rule to delete the data after 5 years.
Reveal Solution Hide Solution   Discussion   23

Correct Answer: C 🗳️
Reference:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html

Question #10 Topic 1

A business uses an Amazon RDS for PostgreSQL database instance to manage a fleet of web servers. Following a normal compliance review, the corporation establishes a standard requiring all production databases to have a recovery point objective (RPO) of less than one second.

Which solution satisfies these criteria?

  • A. Enable a Multi-AZ deployment for the DB instance.
  • B. Enable auto scaling for the DB instance in one Availability Zone.
  • C. Configure the DB instance in one Availability Zone, and create multiple read replicas in a separate Availability Zone.
  • D. Configure the DB instance in one Availability Zone, and configure AWS Database Migration Service (AWS DMS) change data capture (CDC) tasks.
Reveal Solution Hide Solution   Discussion   37

Correct Answer: D 🗳️
Reference:
https://aws.amazon.com/blogs/database/implementing-a-disaster-recovery-strategy-with-amazon-rds/

Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...