Amazon AWS Certified Solutions Architect - Associate SAA-C03
Prev

There are 677 results

Next
#591 (Accuracy: 100% / 4 votes)
A company has migrated a two-tier application from its on-premises data center to the AWS Cloud. The data tier is a Multi-AZ deployment of Amazon RDS for Oracle with 12 TB of General Purpose SSD Amazon Elastic Block Store (Amazon EBS) storage. The application is designed to process and store documents in the database as binary large objects (blobs) with an average document size of 6 MB.

The database size has grown over time, reducing the performance and increasing the cost of storage. The company must improve the database performance and needs a solution that is highly available and resilient.

Which solution will meet these requirements MOST cost-effectively?
  • A. Reduce the RDS DB instance size. Increase the storage capacity to 24 TiB. Change the storage type to Magnetic.
  • B. Increase the RDS DB instance size. Increase the storage capacity to 24 TiChange the storage type to Provisioned IOPS.
  • C. Create an Amazon S3 bucket. Update the application to store documents in the S3 bucket. Store the object metadata in the existing database.
  • D. Create an Amazon DynamoDB table. Update the application to use DynamoDB. Use AWS Database Migration Service (AWS DMS) to migrate data from the Oracle database to DynamoDB.
#592 (Accuracy: 96% / 9 votes)
A research company uses on-premises devices to generate data for analysis. The company wants to use the AWS Cloud to analyze the data. The devices generate .csv files and support writing the data to an SMB file share. Company analysts must be able to use SQL commands to query the data. The analysts will run queries periodically throughout the day.

Which combination of steps will meet these requirements MOST cost-effectively? (Choose three.)
  • A. Deploy an AWS Storage Gateway on premises in Amazon S3 File Gateway mode.
  • B. Deploy an AWS Storage Gateway on premises in Amazon FSx File Gateway made.
  • C. Set up an AWS Glue crawler to create a table based on the data that is in Amazon S3.
  • D. Set up an Amazon EMR cluster with EMR File System (EMRFS) to query the data that is in Amazon S3. Provide access to analysts.
  • E. Set up an Amazon Redshift cluster to query the data that is in Amazon S3. Provide access to analysts.
  • F. Setup Amazon Athena to query the data that is in Amazon S3. Provide access to analysts.
#593 (Accuracy: 100% / 5 votes)
A company's applications run on Amazon EC2 instances in Auto Scaling groups. The company notices that its applications experience sudden traffic increases on random days of the week. The company wants to maintain application performance during sudden traffic increases.

Which solution will meet these requirements MOST cost-effectively?
  • A. Use manual scaling to change the size of the Auto Scaling group.
  • B. Use predictive scaling to change the size of the Auto Scaling group.
  • C. Use dynamic scaling to change the size of the Auto Scaling group.
  • D. Use schedule scaling to change the size of the Auto Scaling group.
#594 (Accuracy: 100% / 6 votes)
A company is building a RESTful serverless web application on AWS by using Amazon API Gateway and AWS Lambda. The users of this web application will be geographically distributed, and the company wants to reduce the latency of API requests to these users.

Which type of endpoint should a solutions architect use to meet these requirements?
  • A. Private endpoint
  • B. Regional endpoint
  • C. Interface VPC endpoint
  • D. Edge-optimized endpoint
#595 (Accuracy: 100% / 4 votes)
A company runs an application in a VPC with public and private subnets. The VPC extends across multiple Availability Zones. The application runs on Amazon EC2 instances in private subnets. The application uses an Amazon Simple Queue Service (Amazon SQS) queue.

A solutions architect needs to design a secure solution to establish a connection between the EC2 instances and the SQS queue.

Which solution will meet these requirements?
  • A. Implement an interface VPC endpoint for Amazon SQS. Configure the endpoint to use the private subnets. Add to the endpoint a security group that has an inbound access rule that allows traffic from the EC2 instances that are in the private subnets.
  • B. Implement an interface VPC endpoint for Amazon SQS. Configure the endpoint to use the public subnets. Attach to the interface endpoint a VPC endpoint policy that allows access from the EC2 instances that are in the private subnets.
  • C. Implement an interface VPC endpoint for Amazon SQS. Configure the endpoint to use the public subnets. Attach an Amazon SQS access policy to the interface VPC endpoint that allows requests from only a specified VPC endpoint.
  • D. Implement a gateway endpoint for Amazon SQS. Add a NAT gateway to the private subnets. Attach an IAM role to the EC2 instances that allows access to the SQS queue.
#596 (Accuracy: 100% / 7 votes)
A global video streaming company uses Amazon CloudFront as a content distribution network (CDN). The company wants to roll out content in a phased manner across multiple countries. The company needs to ensure that viewers who are outside the countries to which the company rolls out content are not able to view the content.

Which solution will meet these requirements?
  • A. Add geographic restrictions to the content in CloudFront by using an allow list. Set up a custom error message.
  • B. Set up a new URL tor restricted content. Authorize access by using a signed URL and cookies. Set up a custom error message.
  • C. Encrypt the data for the content that the company distributes. Set up a custom error message.
  • D. Create a new URL for restricted content. Set up a time-restricted access policy for signed URLs.
#597 (Accuracy: 100% / 5 votes)
A company has a workload in an AWS Region. Customers connect to and access the workload by using an Amazon API Gateway REST API. The company uses Amazon Route 53 as its DNS provider. The company wants to provide individual and secure URLs for all customers.

Which combination of steps will meet these requirements with the MOST operational efficiency? (Choose three.)
  • A. Register the required domain in a registrar. Create a wildcard custom domain name in a Route 53 hosted zone and record in the zone that points to the API Gateway endpoint.
  • B. Request a wildcard certificate that matches the domains in AWS Certificate Manager (ACM) in a different Region.
  • C. Create hosted zones for each customer as required in Route 53. Create zone records that point to the API Gateway endpoint.
  • D. Request a wildcard certificate that matches the custom domain name in AWS Certificate Manager (ACM) in the same Region.
  • E. Create multiple API endpoints for each customer in API Gateway.
  • F. Create a custom domain name in API Gateway for the REST API. Import the certificate from AWS Certificate Manager (ACM).
#598 (Accuracy: 90% / 10 votes)
A company operates a two-tier application for image processing. The application uses two Availability Zones, each with one public subnet and one private subnet. An Application Load Balancer (ALB) for the web tier uses the public subnets. Amazon EC2 instances for the application tier use the private subnets.

Users report that the application is running more slowly than expected. A security audit of the web server log files shows that the application is receiving millions of illegitimate requests from a small number of IP addresses. A solutions architect needs to resolve the immediate performance problem while the company investigates a more permanent solution.

What should the solutions architect recommend to meet this requirement?
  • A. Modify the inbound security group for the web tier. Add a deny rule for the IP addresses that are consuming resources.
  • B. Modify the network ACL for the web tier subnets. Add an inbound deny rule for the IP addresses that are consuming resources.
  • C. Modify the inbound security group for the application tier. Add a deny rule for the IP addresses that are consuming resources.
  • D. Modify the network ACL for the application tier subnets. Add an inbound deny rule for the IP addresses that are consuming resources.
#599 (Accuracy: 100% / 5 votes)
A company runs container applications by using Amazon Elastic Kubernetes Service (Amazon EKS). The company's workload is not consistent throughout the day. The company wants Amazon EKS to scale in and out according to the workload.

Which combination of steps will meet these requirements with the LEAST operational overhead? (Choose two.)
  • A. Use an AWS Lambda function to resize the EKS cluster.
  • B. Use the Kubernetes Metrics Server to activate horizontal pod autoscaling.
  • C. Use the Kubernetes Cluster Autoscaler to manage the number of nodes in the cluster.
  • D. Use Amazon API Gateway and connect it to Amazon EKS.
  • E. Use AWS App Mesh to observe network activity.
#600 (Accuracy: 100% / 6 votes)
A company has migrated multiple Microsoft Windows Server workloads to Amazon EC2 instances that run in the us-west-1 Region. The company manually backs up the workloads to create an image as needed.

In the event of a natural disaster in the us-west-1 Region, the company wants to recover workloads quickly in the us-west-2 Region. The company wants no more than 24 hours of data loss on the EC2 instances. The company also wants to automate any backups of the EC2 instances.

Which solutions will meet these requirements with the LEAST administrative effort? (Choose two.)
  • A. Create an Amazon EC2-backed Amazon Machine Image (AMI) lifecycle policy to create a backup based on tags. Schedule the backup to run twice daily. Copy the image on demand.
  • B. Create an Amazon EC2-backed Amazon Machine Image (AMI) lifecycle policy to create a backup based on tags. Schedule the backup to run twice daily. Configure the copy to the us-west-2 Region.
  • C. Create backup vaults in us-west-1 and in us-west-2 by using AWS Backup. Create a backup plan for the EC2 instances based on tag values. Create an AWS Lambda function to run as a scheduled job to copy the backup data to us-west-2.
  • D. Create a backup vault by using AWS Backup. Use AWS Backup to create a backup plan for the EC2 instances based on tag values. Define the destination for the copy as us-west-2. Specify the backup schedule to run twice daily.
  • E. Create a backup vault by using AWS Backup. Use AWS Backup to create a backup plan for the EC2 instances based on tag values. Specify the backup schedule to run twice daily. Copy on demand to us-west-2.