1. Home
  2. Amazon
  3. SAA-C01

Amazon SAA-C01 Online Practice Questions and Exam Preparation

SAA-C01 Exam Details

  • Exam Code
    :SAA-C01
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C01)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :424 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C01 Online Questions & Answers

  • Question 221:

    A legacy application running in premises requires a Solutions Architect to be able to open a firewall to allow access to several Amazon S3 buckets. The Architect has a VPN connection to AWS in place. How should the Architect meet this requirement?

    A. Create an IAM role that allows access from the corporate network to Amazon S3.
    B. Configure a proxy on Amazon EC2 and use an Amazon S3 VPC endpoint.
    C. Use Amazon API Gateway to do IP whitelisting.
    D. Configure IP whitelisting on the customer's gateway.

  • Question 222:

    A company plans to use Amazon GuardDuty to detect unexpected and potentially malicious activity. The company wants to use Amazon CloudWatch to ensure that when findings occur, remediation takes place automatically. Which CloudWatch feature should be used to trigger an AWS Lambda function to perform the remediation?

    A. Events
    B. Dashboards
    C. Metrics
    D. Alarms

  • Question 223:

    An International company has deployed a multi-tier web application that relies on DynamoDB in a single region. For regulatory reasons they need disaster recovery capability In a separate region with a Recovery Time Objective of 2 hours

    and a Recovery Point Objective of 24 hours They should synchronize their data on a regular basis and be able to provision me web application rapidly using CloudFormation. The objective is to minimize changes to the existing web

    application, control the throughput of DynamoDB used for the synchronization of data and synchronize only the modified elements.

    Which design would you choose to meet these requirements?

    A. Use AWS data Pipeline to schedule a DynamoDB cross region copy once a day. create a Lastupdated' attribute in your DynamoDB table that would represent the timestamp of the last update and use it as a filter.
    B. Use EMR and write a custom script to retrieve data from DynamoDB in the current region using a SCAN operation and push it to DynamoDB in the second region.
    C. Use AWS data Pipeline to schedule an export of the DynamoDB table to S3 in the current region once a day then schedule another task immediately after it that will import data from S3 to DynamoDB in the other region.
    D. Send also each Ante into an SQS queue in me second region; use an auto-scaling group behind the SQS queue to replay the write in the second region.

  • Question 224:

    An application runs on Amazon EC2 instances in an Auto Scaling group. When instances are terminated, the Systems Operations team cannot determine the route cause, because the logs reside on the terminated instances and are lost. How can the root cause be determined?

    A. Use ephemeral volumes to store the log files.
    B. Use a scheduled Amazon CloudWatch Event to take regular Amazon EBS snapshots.
    C. Use an Amazon CloudWatch agent to push the logs to Amazon CloudWatch Logs.
    D. Use AWS CloudTrail to pull the logs from the Amazon EC2 instances.

  • Question 225:

    A Solutions Architect is designing a customer order processing application that will likely have high usage spikes.

    What should the Architect do to ensure that customer orders are not lost before being written to an Amazon RDS database? (Choose two.)

    A. Use Amazon CloudFront to deliver the application front end.
    B. Use Elastic Load Balancing with a round-robin routing algorithm.
    C. Have the orders written into an Amazon SQS queue.
    D. Scale the number of processing nodes based on pending order volume.
    E. Have a standby Amazon RDS instance in a separate Availability Zone.

  • Question 226:

    Users submit requests to a service that takes several minutes to process. A Solutions Architect needs to ensure that these requests are processed at least once, and that the service has the ability to handle large increases in the number of requests.

    How should these requirements be met?

    A. Put the requests into an Amazon SQS queue and configure Amazon EC2 instances to poll the queue
    B. Publish the message to an Amazon SNS topic that an Amazon EC2 subscriber can receive and process
    C. Save the requests to an Amazon DynamoDB table with a DynamoDB stream that triggers an Amazon EC2 Spot Instance
    D. Use Amazon S3 to store the requests and configure an event notification to have Amazon EC2 instances process the new object

  • Question 227:

    A company is building a critical ingestion service on AWS that will receive 1,000 incoming events per second. The events must be processed in order, and no events may be lost. Multiple applications will need to process each event. The company will expose the service as RESTful calls through an API Gateway.

    What should a Solutions Architect use to receive the events based on these requirements?

    A. Amazon Kinesis Data Stream
    B. Amazon DynamoDB
    C. Amazon SQS
    D. Amazon SNS

  • Question 228:

    A customer is deploying a production portal application on AWS. The database tier has structured data. The company requires a solution that is easily manageable and highly available. How can these requirements be met?

    A. Deploy the database on multiple Amazon EC2 instances backed by Amazon EBS across multiple Availability Zones.
    B. Use Amazon RDS with a multiple Availability Zone option.
    C. Use RDS with a single Available Zone option and schedule periodic database snapshots.
    D. Use Amazon DynamoDB.

  • Question 229:

    A company is implementing a data lake solution on Amazon S3. Its security policy mandates that the data stored in Amazon S3 should be encrypted at rest. Which options can achieve this? (Select TWO.)

    A. Use S3 server-side encryption with an Amazon EC2 key pair.
    B. Use S3 server-side encryption with customer-provided keys (SSE-C).
    C. Use S3 bucket policies to restrict access to the data at rest.
    D. Use client-side encryption before ingesting the data to Amazon S3 using encryption keys.
    E. Use SSL to encrypt the data while in transit to Amazon S3.

  • Question 230:

    A company wants to migrate a highly transactional database to AWS. Requirements state that the database has more than 6 TB of data and will grow exponentially. Which solution should a Solutions Architect recommend?

    A. Amazon Aurora
    B. Amazon Redshift
    C. Amazon DynamoDB
    D. Amazon RDS MySQL

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.