Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Location Chicago IL, USA

Amazon AWS Certified Solutions Architect - Associate SAA-C02 Exam Practice Questions

The questions for AWS Certified Solutions Architect - Associate SAA-C02 were last updated at Dec. 7, 2021.
  • Viewing page 1 out of 51 pages.
  • Viewing questions 1-10 out of 514 questions
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.
Question #1 Topic 1

A firm is developing a web application on AWS utilizing containers. At any one moment, the organization needs three instances of the web application to be running. The application must be scalable in order to keep up with demand increases. While management is cost-conscious, they agree that the application should be highly accessible.

What recommendations should a solutions architect make?

  • A. Add an execution role to the function with lambda:InvokeFunction as the action and * as the principal.
  • B. Add an execution role to the function with lambda:InvokeFunction as the action and Service:amazonaws.com as the principal.
  • C. Add a resource-based policy to the function with lambda:ג€™* as the action and Service:events.amazonaws.com as the principal.
  • D. Add a resource-based policy to the function with lambda:InvokeFunction as the action and Service:events.amazonaws.com as the principal.
Reveal Solution Hide Solution   Discussion   21

Correct Answer: C

Question #2 Topic 1

A firm seeks to migrate its accounting system from an on-premises data center to an Amazon Web Services (AWS) Region. Data security and an unalterable audit log should be prioritized. All AWS activities must be subjected to compliance audits. Despite the fact that the business has enabled AWS CloudTrail, it want to guarantee that it meets these requirements.

What precautions and security procedures should a solutions architect include to protect and secure CloudTrail? (Choose two.)

  • A. Create a second S3 bucket in us-east-1. Enable S3 Cross-Region Replication from the existing S3 bucket to the second S3 bucket.
  • B. Create a cross-origin resource sharing (CORS) configuration of the existing S3 bucket. Specify us-east-1 in the CORS rule's AllowedOrigin element.
  • C. Create a second S3 bucket in us-east-1 across multiple Availability Zones. Create an S3 Lifecycle management rule to save photos into the second S3 bucket.
  • D. Create a second S3 bucket in us-east-1 to store the replicated photos. Configure S3 event notifications on object creation and update events that invoke an AWS Lambda function to copy photos from the existing S3 bucket to the second S3 bucket.
Reveal Solution Hide Solution   Discussion   19

Correct Answer: B

Question #3 Topic 1

A meteorological start-up company has created a custom web application for the aim of selling weather data to its members online. The company currently uses Amazon DynamoDB to store its data and wishes to establish a new service that alerts the managers of four internal teams whenever a new weather event is recorded. The business does not want for this new service to impair the operation of the present application.

What steps should a solutions architect take to guarantee that these objectives are satisfied with the MINIMUM feasible operational overhead?

  • A. Create a DynamoDB table in on-demand capacity mode.
  • B. Create a DynamoDB table with a global secondary Index.
  • C. Create a DynamoDB table with provisioned capacity and auto scaling.
  • D. Create a DynamoDB table in provisioned capacity mode, and configure it as a global table.
Reveal Solution Hide Solution   Discussion   17

Correct Answer: A

Question #4 Topic 1

A corporation uses an AWS application to offer content to its subscribers worldwide. Numerous Amazon EC2 instances are deployed on a private subnet behind an Application Load Balancer for the application (ALB). The chief information officer (CIO) wishes to limit access to some nations due to a recent change in copyright regulations.

Which course of action will satisfy these criteria?

  • A. Modify the ALB security group to deny incoming traffic from blocked countries.
  • B. Modify the security group for EC2 instances to deny incoming traffic from blocked countries.
  • C. Use Amazon CloudFront to serve the application and deny access to blocked countries.
  • D. Use ALB listener rules to return access denied responses to incoming traffic from blocked countries.
Reveal Solution Hide Solution   Discussion   86

Correct Answer: C
"block access for certain countries." You can use geo restriction, also known as geo blocking, to prevent users in specific geographic locations from accessing content that you're distributing through a CloudFront web distribution.
Reference:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html

Question #5 Topic 1

Prior to delivering a new workload, a solutions architect must examine and update the organization's current IAM rules. The following policy was written by the solutions architect:


What is the policy's net effect?

  • A. Users will be allowed all actions except s3:PutObject if multi-factor authentication (MFA) is enabled.
  • B. Users will be allowed all actions except s3:PutObject if multi-factor authentication (MFA) is not enabled.
  • C. Users will be denied all actions except s3:PutObject if multi-factor authentication (MFA) is enabled.
  • D. Users will be denied all actions except s3:PutObject if multi-factor authentication (MFA) is not enabled.
Reveal Solution Hide Solution   Discussion   44

Correct Answer: C

Question #6 Topic 1

Using seven Amazon EC2 instances, a business runs its web application on AWS. The organization needs that DNS queries provide the IP addresses of all healthy EC2 instances.

Which policy should be employed to comply with this stipulation?

  • A. Simple routing policy
  • B. Latency routing policy
  • C. Multi-value routing policy
  • D. Geolocation routing policy
Reveal Solution Hide Solution   Discussion   9

Correct Answer: C

Question #7 Topic 1

A business uses an Amazon RDS for PostgreSQL database instance to manage a fleet of web servers. Following a normal compliance review, the corporation establishes a standard requiring all production databases to have a recovery point objective (RPO) of less than one second.

Which solution satisfies these criteria?

  • A. Enable a Multi-AZ deployment for the DB instance.
  • B. Enable auto scaling for the DB instance in one Availability Zone.
  • C. Configure the DB instance in one Availability Zone, and create multiple read replicas in a separate Availability Zone.
  • D. Configure the DB instance in one Availability Zone, and configure AWS Database Migration Service (AWS DMS) change data capture (CDC) tasks.
Reveal Solution Hide Solution   Discussion   18

Correct Answer: D
Reference:
https://aws.amazon.com/blogs/database/implementing-a-disaster-recovery-strategy-with-amazon-rds/

Question #8 Topic 1

On Amazon EC2 instances, a business is developing an application that creates transitory transactional data. Access to data storage that can deliver adjustable and consistent IOPS is required by the application.

What recommendations should a solutions architect make?

  • A. Provision an EC2 instance with a Throughput Optimized HDD (st1) root volume and a Cold HDD (sc1) data volume.
  • B. Provision an EC2 instance with a Throughput Optimized HDD (st1) volume that will serve as the root and data volume.
  • C. Provision an EC2 instance with a General Purpose SSD (gp2) root volume and Provisioned IOPS SSD (io1) data volume.
  • D. Provision an EC2 instance with a General Purpose SSD (gp2) root volume. Configure the application to store its data in an Amazon S3 bucket.
Reveal Solution Hide Solution   Discussion   18

Correct Answer: C

Question #9 Topic 1

To allow neat-real-time processing, a web application must persist order data to Amazon S3. A solutions architect must design a scalable and fault-tolerant architecture.

Which solutions satisfy these criteria? (Select two.)

  • A. Write the order event to an Amazon DynamoDB table. Use DynamoDB Streams to trigger an AWS Lambda function that parses the payload and writes the data to Amazon S3.
  • B. Write the order event to an Amazon Simple Queue Service (Amazon SQS) queue. Use the queue to trigger an AWSLambda function that parsers the payload and writes the data to Amazon S3.
  • C. Write the order event to an Amazon Simple Notification Service (Amazon SNS) topic. Use the SNS topic to trigger an AWS Lambda function that parses the payload and writes the data to Amazon S3.
  • D. Write the order event to an Amazon Simple Queue Service (Amazon SQS) queue. Use an Amazon EventBridge (Amazon CloudWatch Events) rule to trigger an AWS Lambda function that parses the payload and writes the data to Amazon S3.
  • E. Write the order event to an Amazon Simple Notification Service (Amazon SNS) topic. Use an Amazon EventBridge (Amazon CloudWatch Events) rule to trigger an AWS Lambda function that parses the payload andwrites the data to Amazon S3.
Reveal Solution Hide Solution   Discussion   55

Correct Answer: BE

Question #10 Topic 1

A business is creating a website that will store static photos in an Amazon S3 bucket. The company's goal is to reduce both latency and cost for all future requests.

How should a solutions architect propose a service configuration?

  • A. Deploy a NAT server in front of Amazon S3.
  • B. Deploy Amazon CloudFront in front of Amazon S3.
  • C. Deploy a Network Load Balancer in front of Amazon S3.
  • D. Configure Auto Scaling to automatically adjust the capacity of the website.
Reveal Solution Hide Solution   Discussion   17

Correct Answer: B
Reference:
https://aws.amazon.com/getting-started/hands-on/deliver-content-faster/

Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...