Amazon AWS Certified Solutions Architect - Associate SAA-C03
Prev

There are 677 results

Next
#611 (Accuracy: 100% / 6 votes)
A company has a three-tier application on AWS that ingests sensor data from its users’ devices. The traffic flows through a Network Load Balancer (NLB), then to Amazon EC2 instances for the web tier, and finally to EC2 instances for the application tier. The application tier makes calls to a database.

What should a solutions architect do to improve the security of the data in transit?
  • A. Configure a TLS listener. Deploy the server certificate on the NLB.
  • B. Configure AWS Shield Advanced. Enable AWS WAF on the NLB.
  • C. Change the load balancer to an Application Load Balancer (ALB). Enable AWS WAF on the ALB.
  • D. Encrypt the Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instances by using AWS Key Management Service (AWS KMS).
#612 (Accuracy: 96% / 8 votes)
A company has implemented a self-managed DNS service on AWS. The solution consists of the following:

• Amazon EC2 instances in different AWS Regions
• Endpoints of a standard accelerator in AWS Global Accelerator

The company wants to protect the solution against DDoS attacks.

What should a solutions architect do to meet this requirement?
  • A. Subscribe to AWS Shield Advanced. Add the accelerator as a resource to protect.
  • B. Subscribe to AWS Shield Advanced. Add the EC2 instances as resources to protect.
  • C. Create an AWS WAF web ACL that includes a rate-based rule. Associate the web ACL with the accelerator.
  • D. Create an AWS WAF web ACL that includes a rate-based rule. Associate the web ACL with the EC2 instances.
#613 (Accuracy: 100% / 7 votes)
A company hosts a frontend application that uses an Amazon API Gateway API backend that is integrated with AWS Lambda. When the API receives requests, the Lambda function loads many libraries. Then the Lambda function connects to an Amazon RDS database, processes the data, and returns the data to the frontend application. The company wants to ensure that response latency is as low as possible for all its users with the fewest number of changes to the company's operations.

Which solution will meet these requirements?
  • A. Establish a connection between the frontend application and the database to make queries faster by bypassing the API.
  • B. Configure provisioned concurrency for the Lambda function that handles the requests.
  • C. Cache the results of the queries in Amazon S3 for faster retrieval of similar datasets.
  • D. Increase the size of the database to increase the number of connections Lambda can establish at one time.
#614 (Accuracy: 92% / 12 votes)
A company uses Amazon API Gateway to run a private gateway with two REST APIs in the same VPC. The BuyStock RESTful web service calls the CheckFunds RESTful web service to ensure that enough funds are available before a stock can be purchased. The company has noticed in the VPC flow logs that the BuyStock RESTful web service calls the CheckFunds RESTful web service over the internet instead of through the VPC. A solutions architect must implement a solution so that the APIs communicate through the VPC.

Which solution will meet these requirements with the FEWEST changes to the code?
  • A. Add an X-API-Key header in the HTTP header for authorization.
  • B. Use an interface endpoint.
  • C. Use a gateway endpoint.
  • D. Add an Amazon Simple Queue Service (Amazon SQS) queue between the two REST APIs.
#615 (Accuracy: 100% / 5 votes)
A company recently deployed a new auditing system to centralize information about operating system versions, patching, and installed software for Amazon EC2 instances. A solutions architect must ensure all instances provisioned through EC2 Auto Scaling groups successfully send reports to the auditing system as soon as they are launched and terminated.

Which solution achieves these goals MOST efficiently?
  • A. Use a scheduled AWS Lambda function and run a script remotely on all EC2 instances to send data to the audit system.
  • B. Use EC2 Auto Scaling lifecycle hooks to run a custom script to send data to the audit system when instances are launched and terminated.
  • C. Use an EC2 Auto Scaling launch configuration to run a custom script through user data to send data to the audit system when instances are launched and terminated.
  • D. Run a custom script on the instance operating system to send data to the audit system. Configure the script to be invoked by the EC2 Auto Scaling group when the instance starts and is terminated.
#616 (Accuracy: 97% / 8 votes)
A company is migrating an old application to AWS. The application runs a batch job every hour and is CPU intensive. The batch job takes 15 minutes on average with an on-premises server. The server has 64 virtual CPU (vCPU) and 512 GiB of memory.

Which solution will run the batch job within 15 minutes with the LEAST operational overhead?
  • A. Use AWS Lambda with functional scaling.
  • B. Use Amazon Elastic Container Service (Amazon ECS) with AWS Fargate.
  • C. Use Amazon Lightsail with AWS Auto Scaling.
  • D. Use AWS Batch on Amazon EC2.
#617 (Accuracy: 100% / 4 votes)
A company has launched an Amazon RDS for MySQL DB instance. Most of the connections to the database come from serverless applications. Application traffic to the database changes significantly at random intervals. At times of high demand, users report that their applications experience database connection rejection errors.

Which solution will resolve this issue with the LEAST operational overhead?
  • A. Create a proxy in RDS Proxy. Configure the users’ applications to use the DB instance through RDS Proxy.
  • B. Deploy Amazon ElastiCache for Memcached between the users’ applications and the DB instance.
  • C. Migrate the DB instance to a different instance class that has higher I/O capacity. Configure the users’ applications to use the new DB instance.
  • D. Configure Multi-AZ for the DB instance. Configure the users’ applications to switch between the DB instances.
#618 (Accuracy: 100% / 5 votes)
A company has an Amazon S3 data lake that is governed by AWS Lake Formation. The company wants to create a visualization in Amazon QuickSight by joining the data in the data lake with operational data that is stored in an Amazon Aurora MySQL database. The company wants to enforce column-level authorization so that the company’s marketing team can access only a subset of columns in the database.

Which solution will meet these requirements with the LEAST operational overhead?
  • A. Use Amazon EMR to ingest the data directly from the database to the QuickSight SPICE engine. Include only the required columns.
  • B. Use AWS Glue Studio to ingest the data from the database to the S3 data lake. Attach an IAM policy to the QuickSight users to enforce column-level access control. Use Amazon S3 as the data source in QuickSight.
  • C. Use AWS Glue Elastic Views to create a materialized view for the database in Amazon S3. Create an S3 bucket policy to enforce column-level access control for the QuickSight users. Use Amazon S3 as the data source in QuickSight.
  • D. Use a Lake Formation blueprint to ingest the data from the database to the S3 data lake. Use Lake Formation to enforce column-level access control for the QuickSight users. Use Amazon Athena as the data source in QuickSight.
#619 (Accuracy: 100% / 6 votes)
An ecommerce company is building a distributed application that involves several serverless functions and AWS services to complete order-processing tasks. These tasks require manual approvals as part of the workflow. A solutions architect needs to design an architecture for the order-processing application. The solution must be able to combine multiple AWS Lambda functions into responsive serverless applications. The solution also must orchestrate data and services that run on Amazon EC2 instances, containers, or on-premises servers.

Which solution will meet these requirements with the LEAST operational overhead?
  • A. Use AWS Step Functions to build the application.
  • B. Integrate all the application components in an AWS Glue job.
  • C. Use Amazon Simple Queue Service (Amazon SQS) to build the application.
  • D. Use AWS Lambda functions and Amazon EventBridge events to build the application.
#620 (Accuracy: 100% / 9 votes)
A company is planning to store data on Amazon RDS DB instances. The company must encrypt the data at rest.

What should a solutions architect do to meet this requirement?
  • A. Create a key in AWS Key Management Service (AWS KMS). Enable encryption for the DB instances.
  • B. Create an encryption key. Store the key in AWS Secrets Manager. Use the key to encrypt the DB instances.
  • C. Generate a certificate in AWS Certificate Manager (ACM). Enable SSL/TLS on the DB instances by using the certificate.
  • D. Generate a certificate in AWS Identity and Access Management (IAM). Enable SSL/TLS on the DB instances by using the certificate.