Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Amazon Web Services SAA-C03 Practice Exam with Questions & Answers

Questions 1

A company runs an application on Amazon EC2 instances. The application needs to access an Amazon RDS database. The company wants to grant the EC2 instances access permissions to the RDS database while following the principle of least privilege.

Which solution will meet these requirements?

Options:
A.

Create an IAM user that has a policy that grants administrative permissions. Use the IAM user ' s access keys on the EC2 instances to access the RDS database.

B.

Create an IAM user that has a policy that grants the minimum required permissions to access the RDS database. Embed the IAM user ' s access keys on the EC2 instances to access the RDS database.

C.

Create an IAM role that has a policy that grants the minimum required permissions to access the RDS database. Attach the IAM role access key and the IAM role secret key to the EC2 instance profile.

D.

Create an IAM role that has a policy that grants the minimum required permissions to access the RDS database. Attach the IAM role to an EC2 instance profile. Associate the instance profile with the instances.

Amazon Web Services SAA-C03 Premium Access
Questions 2

A company is planning to deploy a managed MySQL database solution for its non-production applications. The company plans to run the system for several years on AWS. Which solution will meet these requirements MOST cost-effectively?

Options:
A.

Create an Amazon RDS for MySQL instance. Purchase a Reserved Instance.

B.

Create an Amazon RDS for MySQL instance. Use the instance on an on-demand basis.

C.

Create an Amazon Aurora MySQL cluster with writer and reader nodes. Use the cluster on an on-demand basis.

D.

Create an Amazon EC2 instance. Manually install and configure MySQL Server on the instance.

Questions 3

A company is building a data processing application that uses AWS Lambda functions. The Lambda functions need to communicate with an Amazon RDS DB instance deployed inside a VPC in the same AWS account.

Which solution meets these requirements in the most secure way?

Options:
A.

Configure the DB instance for public access. Allow Lambda public address space.

B.

Deploy Lambda inside the VPC. Attach a network ACL allowing outbound access to the VPC CIDR. Update the DB security group to allow traffic from 0.0.0.0/0.

C.

Deploy Lambda inside the VPC. Attach a security group to the Lambda functions. Allow outbound access only to the VPC CIDR. Update the DB instance security group to allow traffic from the Lambda security group.

D.

Peer the Lambda default VPC with the DB VPC and avoid security groups.

Questions 4

A company runs container applications by using Amazon Elastic Kubernetes Service (Amazon EKS) and the Kubernetes Horizontal Pod Autoscaler. The workload is not consistent throughout the day. A solutions architect notices that the number of nodes does not automatically scale out when the existing nodes have reached maximum capacity in the cluster, which causes performance issues.

Which solution will resolve this issue with the LEAST administrative overhead?

Options:
A.

Scale out the nodes by tracking the memory usage.

B.

Use the Kubernetes Cluster Autoscaler to manage the number of nodes in the cluster.

C.

Use an AWS Lambda function to resize the EKS cluster automatically.

D.

Use an Amazon EC2 Auto Scaling group to distribute the workload.

Questions 5

A company hosts a public web application on AWS. The website has a three-tier architecture. The frontend web tier is comprised of Amazon EC2 instances in an Auto Scaling group. The application tier is a second Auto Scaling group. The database tier is an Amazon RDS database.

The company has configured the Auto Scaling groups to handle the application ' s normal level of demand. During an unexpected spike in demand, the company notices a long delay in the startup time when the frontend and application layers scale out. The company needs to improve the scaling performance of the application without negatively affecting the user experience.

Which solution will meet these requirements MOST cost-effectively?

Options:
A.

Decrease the minimum number of EC2 instances for both Auto Scaling groups. Increase the desired number of instances to meet the peak demand requirement.

B.

Configure the maximum number of instances for both Auto Scaling groups to be the number required to meet the peak demand. Create a warm pool.

C.

Increase the maximum number of EC2 instances for both Auto Scaling groups to meet the normal demand requirement. Create a warm pool.

D.

Reconfigure both Auto Scaling groups to use a scheduled scaling policy. Increase the size of the EC2 instance types and the RDS instance types.

Questions 6

A company is developing a photo sharing web application on AWS. The application allows users to upload, durably store, and share photos. The application processes uploaded photos into a variety of sizes.

The company needs to ensure that the application can handle thousands of uploads each hour. The company wants to decouple upload operations from processing operations.

Which solution will meet these requirements with the LEAST operational effort?

Options:
A.

Use Amazon EC2 instances to directly upload and process the images. Store the processed images in an Amazon S3 bucket and enable S3 Transfer Acceleration.

B.

Use an Amazon S3 bucket to store uploaded images. Use an S3 event notification to invoke an AWS Lambda function to process each image. Store the processed images in a second S3 bucket.

C.

Use an Amazon S3 bucket to store uploaded images. Use an Amazon EC2 instance to poll the S3 bucket for new images and to process them. Store each processed image in the original S3 bucket.

D.

Use an Amazon EFS file system to store uploaded images. Use an Amazon EC2 instance to process uploaded images. Store the processed images in the original EFS file system.

Questions 7

A company is building an application that needs to process real-time streaming data. The application must process and transform the data and then store the data for later analysis.

Which solution will meet these requirements with the LEAST operational overhead?

Options:
A.

Use Amazon Kinesis Data Streams to ingest streaming data. Configure Amazon EC2 instances to process and transform data records from the data streams. Configure the EC2 instances to store the processed and transformed data in an Amazon RDS for MySQL database.

B.

Send streaming data to an Amazon SQS queue. Configure AWS Lambda functions to process the data in the SQS queue. Store the processed data in an Amazon DynamoDB table.

C.

Use Amazon Kinesis Data Streams to ingest streaming data. Configure an AWS Lambda function to process and transform data records from the data streams. Configure the Lambda function to store the processed and transformed data in an Amazon DynamoDB table.

D.

Send streaming data to an Amazon SNS topic. Create an application to process the data on an Amazon EC2 instance. Store the processed data in an Amazon ElastiCache cache.

Questions 8

A company decides to use AWS Key Management Service (AWS KMS) for data encryption operations. The company must create a KMS key and automate the rotation of the key. The company also needs the ability to deactivate the key and schedule the key for deletion.

Which solution will meet these requirements?

Options:
A.

Create an asymmetric customer managed KMS key. Enable automatic key rotation.

B.

Create a symmetric customer managed KMS key. Disable the envelope encryption option.

C.

Create a symmetric customer managed KMS key. Enable automatic key rotation.

D.

Create an asymmetric customer managed KMS key. Disable the envelope encryption option.

Questions 9

A company is migrating some of its applications to AWS. The company wants to migrate and modernize the applications quickly after it finalizes networking and security strategies. The company has set up an AWS Direct Connect connection in a central network account.

The company expects to have hundreds of AWS accounts and VPCs in the near future. The corporate network must be able to access the resources on AWS seamlessly and also must be able to communicate with all the VPCs. The company also wants to route its cloud resources to the internet through its on-premises data center.

Which combination of steps will meet these requirements? (Select THREE.)

Options:
A.

Create a Direct Connect gateway in the central account. In each of the accounts, create an association proposal by using the Direct Connect gateway and the account ID for every virtual private gateway.

B.

Create a Direct Connect gateway and a transit gateway in the central network account. Attach the transit gateway to the Direct Connect gateway by using a transit VIF.

C.

Provision an internet gateway. Attach the internet gateway to subnets. Allow internet traffic through the gateway.

D.

Share the transit gateway with other accounts. Attach VPCs to the transit gateway.

E.

Provision VPC peering as necessary.

F.

Provision only private subnets. Open the necessary route on the transit gateway and customer gateway to allow outbound internet traffic from AWS to flow through NAT services that run in the data center.

Questions 10

A company runs an application on Amazon EC2 instances across multiple Availability Zones in the same AWS Region. The EC2 instances share an Amazon Elastic File System (Amazon EFS) volume that is mounted on all the instances. The EFS volume stores a variety of files such as installation media, third-party files, interface files, and other one-time files.

The company accesses some EFS files frequently and needs to retrieve the files quickly. The company accesses other files rarely. The EFS volume is multiple terabytes in size. The company needs to optimize storage costs for Amazon EFS.

Which solution will meet these requirements with the LEAST effort?

Options:
A.

Move the files to Amazon S3. Set up a lifecycle policy to move the files to S3 Glacier Flexible Retrieval.

B.

Apply a lifecycle policy to the EFS files to move the files to EFS Infrequent Access.

C.

Move the files to Amazon Elastic Block Store (Amazon EBS) Cold HDD Volumes (sc1).

D.

Move the files to Amazon S3. Set up a lifecycle policy to move the rarely-used files to S3 Glacier Deep Archive.

Questions 11

Question:

A company uses Apache Hadoop and Spark on-prem. The infrastructure is complex and not scalable. They want to reduce operational complexity but keep data processing on-premises.

Options:

Options:
A.

Use Site-to-Site VPN to access on-prem HDFS. Use Amazon EMR to process the data.

B.

Use AWS DataSync to connect to on-prem HDFS. Use Amazon EMR to process the data.

C.

Migrate to Amazon EMR on AWS Outposts.

D.

Use AWS Snowball to migrate data to S3. Use EMR to process.

Questions 12

A company is migrating a data processing application to AWS. The application processes several short-lived batch jobs that cannot be disrupted. The process generates data after each batch job finishes running. The company accesses the data for 30 days following data generation. After 30 days, the company stores the data for 2 years.

The company wants to optimize costs for the application and data storage. Which solution will meet these requirements?

Options:
A.

Use Amazon EC2 Spot Instances to run the application. Store the data in Amazon S3 Standard. Move the data to S3 Glacier Instant Retrieval after 30 days. Configure a bucket policy to delete the data after 2 years.

B.

Use Amazon EC2 On-Demand Instances to run the application. Store the data in Amazon S3 Glacier Instant Retrieval. Move the data to S3 Glacier Deep Archive after 30 days. Configure an S3 Lifecycle configuration to delete the data after 2 years.

C.

Use Amazon EC2 Spot Instances to run the application. Store the data in Amazon S3 Standard. Move the data to S3 Glacier Flexible Retrieval after 30 days. Configure a bucket policy to delete the data after 2 years.

D.

Use Amazon EC2 On-Demand Instances to run the application. Store the data in Amazon S3 Standard. Move the data to S3 Glacier Deep Archive after 30 days. Configure an S3 Lifecycle configuration to delete the data after 2 years.

Questions 13

A solutions architect is creating a data processing job that runs once daily and can take up to 2 hours to complete. If the job is interrupted, it has to restart from the beginning.

How should the solutions architect address this issue in the MOST cost-effective manner?

Options:
A.

Create a script that runs locally on an Amazon EC2 Reserved Instance that is triggered by a cron job.

B.

Create an AWS Lambda function triggered by an Amazon EventBridge scheduled event.

C.

Use an Amazon Elastic Container Service (Amazon ECS) Fargate task triggered by an Amazon EventBridge scheduled event.

D.

Use an Amazon Elastic Container Service (Amazon ECS) task running on Amazon EC2 triggered by an Amazon EventBridge scheduled event.

Questions 14

A solutions architect needs to optimize storage costs. The solutions architect must identify any Amazon S3 buckets that are no longer being accessed or are rarely accessed.

Which solution will accomplish this goal with the LEAST operational overhead?

Options:
A.

Analyze bucket access patterns by using the S3 Storage Lens dashboard for advanced activity metrics.

B.

Analyze bucket access patterns by using the S3 dashboard in the AWS Management Console.

C.

Turn on the Amazon CloudWatch BucketSizeBytes metric for buckets. Analyze bucket access patterns by using the metrics data with Amazon Athena.

D.

Turn on AWS CloudTrail for S3 object monitoring. Analyze bucket access patterns by using CloudTrail logs that are integrated with Amazon CloudWatch Logs.

Questions 15

A company wants to store a large amount of data as objects for analytics and long-term archiving. Resources from outside AWS need to access the data. The external resources need to access the data with unpredictable frequency. However, the external resource must have immediate access when necessary.

The company needs a cost-optimized solution that provides high durability and data security.

Which solution will meet these requirements?

Options:
A.

Store the data in Amazon S3 Standard. Apply S3 Lifecycle policies to transition older data to S3 Glacier Deep Archive.

B.

Store the data in Amazon S3 Intelligent-Tiering.

C.

Store the data in Amazon S3 Glacier Flexible Retrieval. Use expedited retrieval to provide immediate access when necessary.

D.

Store the data in Amazon Elastic File System (Amazon EFS) Infrequent Access (IA). Use lifecycle policies to archive older files.

Questions 16

A company uses AWS Lambda functions in a private subnet in a VPC to run application logic. The Lambda functions must not have access to the public internet. Additionally, all data communication must remain within the private network. As part of a new requirement, the application logic needs access to an Amazon DynamoDB table.

What is the MOST secure way to meet this new requirement?

Options:
A.

Provision the DynamoDB table inside the same VPC that contains the Lambda functions.

B.

Create a gateway VPC endpoint for DynamoDB to provide access to the table.

C.

Use a network ACL to only allow access to the DynamoDB table from the VPC.

D.

Use a security group to only allow access to the DynamoDB table from the VPC.

Questions 17

A media company hosts a mobile app backend in the AWS Cloud. The company is releasing a new feature to allow users to upload short videos and apply special effects by using the mobile app. The company uses AWS Amplify to store the videos that customers upload in an Amazon S3 bucket.

The videos must be processed immediately. Users must receive a notification when processing is finished.

Which solution will meet these requirements?

Options:
A.

Use Amazon EventBridge Scheduler to schedule an AWS Lambda function to process the videos. Save the processed videos to the S3 bucket. Use Amazon Simple Notification Service (Amazon SNS) to send push notifications to customers when processing is finished.

B.

Use Amazon EventBridge Scheduler to schedule AWS Fargate to process the videos. Save the processed videos to the S3 bucket. Use Amazon Simple Notification Service (Amazon SNS) to send push notifications to customers when processing is finished.

C.

Use an S3 trigger to invoke an AWS Lambda function to process the videos. Save the processed videos to the S3 bucket. Use Amazon Simple Notification Service (Amazon SNS) to send push notifications to customers when processing is finished.

D.

Use an S3 trigger to invoke an AWS Lambda function to process the videos. Save the processed videos to the S3 bucket. Use AWS Amplify to send push notifications to customers when processing is finished.

Questions 18

A company has multiple Amazon RDS DB instances that run in a development AWS account. All the instances have tags to identify them as development resources. The company needs the development DB instances to run on a schedule only during business hours.

Which solution will meet these requirements with the LEAST operational overhead?

Options:
A.

Create an Amazon CloudWatch alarm to identify RDS instances that need to be stopped Create an AWS Lambda function to start and stop the RDS instances.

B.

Create an AWS Trusted Advisor report to identify RDS instances to be started and stopped. Create an AWS Lambda function to start and stop the RDS instances.

C.

Create AWS Systems Manager State Manager associations to start and stop the RDS instances.

D.

Create an Amazon EventBridge rule that invokes AWS Lambda functions to start and stop the RDS instances.

Questions 19

A company wants to design a microservices architecture for an application. Each microservice must perform operations that can be completed within 30 seconds.

The microservices need to expose RESTful APIs and must automatically scale in response to varying loads. The APIs must also provide client access control and rate limiting to maintain equitable usage and service availability.

Which solution will meet these requirements with the LEAST operational overhead?

Options:
A.

Use Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 to host each microservice. Use Amazon API Gateway to manage the RESTful API requests.

B.

Deploy each microservice as a set of AWS Lambda functions. Use Amazon API Gateway to manage the RESTful API requests.

C.

Host each microservice on Amazon EC2 instances in Auto Scaling groups behind an Elastic Load Balancing (ELB) load balancer. Use the ELB to manage the RESTful API requests.

D.

Deploy each microservice on Amazon Elastic Beanstalk. Use Amazon CloudFront to manage the RESTful API requests.

Questions 20

A company runs a payment processing system in the AWS Cloud Sometimes when a payment fails because of insufficient funds or technical issues, users attempt to resubmit the payment. Sometimes payment resubmissions invoke multiple payment messages for the same payment ID.

A solutions architect needs to ensure that the payment processing system receives payment messages that have the same payment ID sequentially, according to when the messages were generated. The processing system must process the messages in the order in which the messages are received. The solution must retain all payment messages for 10 days for analytics.

Which solutions will meet these requirements? (Select TWO.)

Options:
A.

Write the payment messages to an Amazon DynamoDB table that uses the payment ID as the partition key.

B.

Write the payment messages to an Amazon Kinesis data stream that uses the payment ID as the partition key.

C.

Write the payment messages to an Amazon ElastiCache for Memcached cluster that uses the payment ID as the key

D.

Write the payment messages to an Amazon Simple Queue Service (Amazon SQS) queue. Set the message attribute to use the payment ID.

E.

Write the payment messages to an Amazon Simple Queue Service (Amazon SQS) FIFO queue Set the message group to use the payment ID.