Amazon AWS Certified Solutions Architect - Associate SAA-C03
Prev

There are 677 results

Next
#21 (Accuracy: 100% / 28 votes)
A development team needs to host a website that will be accessed by other teams. The website contents consist of HTML, CSS, client-side JavaScript, and images.
Which method is the MOST cost-effective for hosting the website?
  • A. Containerize the website and host it in AWS Fargate.
  • B. Create an Amazon S3 bucket and host the website there.
  • C. Deploy a web server on an Amazon EC2 instance to host the website.
  • D. Configure an Application Load Balancer with an AWS Lambda target that uses the Express.js framework.
#22 (Accuracy: 99% / 25 votes)
A company hosts its multi-tier applications on AWS. For compliance, governance, auditing, and security, the company must track configuration changes on its AWS resources and record a history of API calls made to these resources.
What should a solutions architect do to meet these requirements?
  • A. Use AWS CloudTrail to track configuration changes and AWS Config to record API calls.
  • B. Use AWS Config to track configuration changes and AWS CloudTrail to record API calls.
  • C. Use AWS Config to track configuration changes and Amazon CloudWatch to record API calls.
  • D. Use AWS CloudTrail to track configuration changes and Amazon CloudWatch to record API calls.
#23 (Accuracy: 100% / 23 votes)
A company is preparing to launch a public-facing web application in the AWS Cloud. The architecture consists of Amazon EC2 instances within a VPC behind an Elastic Load Balancer (ELB). A third-party service is used for the DNS. The company's solutions architect must recommend a solution to detect and protect against large-scale DDoS attacks.
Which solution meets these requirements?
  • A. Enable Amazon GuardDuty on the account.
  • B. Enable Amazon Inspector on the EC2 instances.
  • C. Enable AWS Shield and assign Amazon Route 53 to it.
  • D. Enable AWS Shield Advanced and assign the ELB to it.
#24 (Accuracy: 95% / 28 votes)
A company recently launched a variety of new workloads on Amazon EC2 instances in its AWS account. The company needs to create a strategy to access and administer the instances remotely and securely. The company needs to implement a repeatable process that works with native AWS services and follows the AWS Well-Architected Framework.
Which solution will meet these requirements with the LEAST operational overhead?
  • A. Use the EC2 serial console to directly access the terminal interface of each instance for administration.
  • B. Attach the appropriate IAM role to each existing instance and new instance. Use AWS Systems Manager Session Manager to establish a remote SSH session.
  • C. Create an administrative SSH key pair. Load the public key into each EC2 instance. Deploy a bastion host in a public subnet to provide a tunnel for administration of each instance.
  • D. Establish an AWS Site-to-Site VPN connection. Instruct administrators to use their local on-premises machines to connect directly to the instances by using SSH keys across the VPN tunnel.
#25 (Accuracy: 100% / 22 votes)
A company is hosting a static website on Amazon S3 and is using Amazon Route 53 for DNS. The website is experiencing increased demand from around the world. The company must decrease latency for users who access the website.
Which solution meets these requirements MOST cost-effectively?
  • A. Replicate the S3 bucket that contains the website to all AWS Regions. Add Route 53 geolocation routing entries.
  • B. Provision accelerators in AWS Global Accelerator. Associate the supplied IP addresses with the S3 bucket. Edit the Route 53 entries to point to the IP addresses of the accelerators.
  • C. Add an Amazon CloudFront distribution in front of the S3 bucket. Edit the Route 53 entries to point to the CloudFront distribution.
  • D. Enable S3 Transfer Acceleration on the bucket. Edit the Route 53 entries to point to the new endpoint.
#26 (Accuracy: 95% / 43 votes)
A company maintains a searchable repository of items on its website. The data is stored in an Amazon RDS for MySQL database table that contains more than 10 million rows. The database has 2 TB of General Purpose SSD storage. There are millions of updates against this data every day through the company's website.
The company has noticed that some insert operations are taking 10 seconds or longer. The company has determined that the database storage performance is the problem.
Which solution addresses this performance issue?
  • A. Change the storage type to Provisioned IOPS SSD.
  • B. Change the DB instance to a memory optimized instance class.
  • C. Change the DB instance to a burstable performance instance class.
  • D. Enable Multi-AZ RDS read replicas with MySQL native asynchronous replication.
#27 (Accuracy: 99% / 19 votes)
A company runs a highly available image-processing application on Amazon EC2 instances in a single VPC. The EC2 instances run inside several subnets across multiple Availability Zones. The EC2 instances do not communicate with each other. However, the EC2 instances download images from Amazon S3 and upload images to Amazon S3 through a single NAT gateway. The company is concerned about data transfer charges.
What is the MOST cost-effective way for the company to avoid Regional data transfer charges?
  • A. Launch the NAT gateway in each Availability Zone.
  • B. Replace the NAT gateway with a NAT instance.
  • C. Deploy a gateway VPC endpoint for Amazon S3.
  • D. Provision an EC2 Dedicated Host to run the EC2 instances.
#28 (Accuracy: 99% / 17 votes)
A company has an on-premises application that generates a large amount of time-sensitive data that is backed up to Amazon S3. The application has grown and there are user complaints about internet bandwidth limitations. A solutions architect needs to design a long-term solution that allows for both timely backups to Amazon S3 and with minimal impact on internet connectivity for internal users.
Which solution meets these requirements?
  • A. Establish AWS VPN connections and proxy all traffic through a VPC gateway endpoint.
  • B. Establish a new AWS Direct Connect connection and direct backup traffic through this new connection.
  • C. Order daily AWS Snowball devices. Load the data onto the Snowball devices and return the devices to AWS each day.
  • D. Submit a support ticket through the AWS Management Console. Request the removal of S3 service limits from the account.
#29 (Accuracy: 98% / 41 votes)
A company has an Amazon S3 bucket that contains critical data. The company must protect the data from accidental deletion.
Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)
  • A. Enable versioning on the S3 bucket.
  • B. Enable MFA Delete on the S3 bucket.
  • C. Create a bucket policy on the S3 bucket.
  • D. Enable default encryption on the S3 bucket.
  • E. Create a lifecycle policy for the objects in the S3 bucket.
#30 (Accuracy: 98% / 17 votes)
A company has a data ingestion workflow that consists of the following:
• An Amazon Simple Notification Service (Amazon SNS) topic for notifications about new data deliveries
• An AWS Lambda function to process the data and record metadata
The company observes that the ingestion workflow fails occasionally because of network connectivity issues. When such a failure occurs, the Lambda function does not ingest the corresponding data unless the company manually reruns the job.
Which combination of actions should a solutions architect take to ensure that the Lambda function ingests all data in the future? (Choose two.)
  • A. Deploy the Lambda function in multiple Availability Zones.
  • B. Create an Amazon Simple Queue Service (Amazon SQS) queue, and subscribe it to the SNS topic.
  • C. Increase the CPU and memory that are allocated to the Lambda function.
  • D. Increase provisioned throughput for the Lambda function.
  • E. Modify the Lambda function to read from an Amazon Simple Queue Service (Amazon SQS) queue.