1. Home
  2. Amazon
  3. SAA-C02

Amazon SAA-C02 Online Practice Questions and Exam Preparation

SAA-C02 Exam Details

  • Exam Code
    :SAA-C02
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1080 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C02 Online Questions & Answers

  • Question 131:

    A recently created startup built a three-tier web application. The front end has static content. The application layer is based on microservices. User data is stored as JSON documents that need to be accessed with low latency. The company

    expects regular traffic to be low during the first year, with peaks in traffic when it publicizes new features every month. The startup team needs to minimize operational overhead costs.

    What should a solutions architect recommend to accomplish this?

    A. Use Amazon S3 static website hosting to store and serve the front end Use AWS Elastic Beanstalk for the application layer. Use Amazon DynamoDB to store user data.
    B. Use Amazon S3 static website hosting to store and serve the front end. Use Amazon Elastic Kubernetes Service (Amazon EKS) for the application layer. Use Amazon DynamoDB to store user data.
    C. Use Amazon S3 static website hosting to store and serve the front end. Use Amazon API Gateway and AWS Lambda functions for the application layer Use Amazon DynamoDB to store user data.
    D. Use Amazon S3 static website hosting to store and serve the front end. Use Amazon API Gateway and AWS Lambda functions for the application layer. Use Amazon RDS with read replicas to store user data.

  • Question 132:

    A company currently stores symmetric encryption keys in a hardware security module (HSM). A solution architect must design a solution to migrate key management to AWS. The solution should allow for key rotation and support the use of customer provided keys. Where should the key material be stored to meet these requirements?

    A. Amazon S3
    B. AWS Secrets Manager
    C. AWS Systems Manager Parameter store
    D. AWS Key Management Service (AWS KMS)

  • Question 133:

    A solution architect is designing a hybrid application using the AWS cloud. The network between the on-premises data center and AWS will use an AWS Direct Connect (DX) connection. The application connectivity between AWS and the on-premises data center must be highly resilient. Which DX configuration should be implemented to meet these requirements?

    A. Configure a DX connection with a VPN on top of it.
    B. Configure DX connections at multiple DX locations.
    C. Configure a DX connection using the most reliable DX partner.
    D. Configure multiple virtual interfaces on top of a DX connection.

  • Question 134:

    A company Is seeing access requests by some suspicious IP addresses. The security team discovers the requests are horn different IP addresses under the same CIDR range. What should a solutions architect recommend to the team?

    A. Add a rule in the inbound table of the security group to deny the traffic from that CIDR range.
    B. Add a rule In the outbound table of the security group to deny the traffic from that CIDR range
    C. Add a deny rule in the Inbound table of the network ACL with a lower rule number than other rules.
    D. Add a deny rule in the outbound table of the network ACL with a tower rule number than other rules.

  • Question 135:

    A company has a business system that generates hundreds of reports each day. The business system saves the reports to a network share in CSV format The company needs to store this data in the AWS Cloud in near-real time for analysis. Which solution will meet these requirements with the LEAST administrative overhead?

    A. Use AWS DataSync to transfer the files to Amazon S3 Create a scheduled task that runs at the end of each day.
    B. Create an Amazon S3 File Gateway Update the business system to use a new network share from the S3 File Gateway.
    C. Use AWS DataSync to transfer the files to Amazon S3 Create an application that uses the DataSync API in the automation workflow.
    D. Deploy an AWS Transfer for SFTP endpoint Create a script that checks for new files on the network share and uploads the new files by using SFTP.

  • Question 136:

    A company wants to improve the availability and performance of its hybrid application. The application consists of a stateful TCP-based workload hosted on Amazon EC2 instances in different AWS Regions and a stateless UOP-based workload hosted on premises.

    Which combination of actions should a solutions architect take to improve availability and performance? (Choose two.)

    A. Create an accelerator using AWS Global Accelerator. Add the load balancers as endpoints.
    B. Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency- based routing to route requests to the load balancers
    C. Configure two Application Load Balancers in each Region. The first will route to the EC2 endpoints and the second will route to the on-premises endpoints.
    D. Configure a Network Load Balancer in each Region to address the EC2 endpoints Configure a Network Load Balancer in each Region that routes to the on-premises endpoints
    E. Configure a Network Load Balancer in each Region to address the EC2 endpoints Configure an Application Load Balancer in each Region that routes to the on-premises endpoints

  • Question 137:

    A solutions architect is designing a shared storage solution for a web application that is deployed across multiple Availability Zones. The web application runs on Amazon EC2 instances that are in an Auto Scaling group. The company plans to make frequent changes to the content. The solution must have strong consistency in returning the new content as soon as the changes occur.

    Which solutions meet these requirements? (Select TWO.)

    A. Use AWS Storage Gateway Volume Gateway Internet Small Computer Systems Interface (ISCSI) block storage that is mounted to the individual EC2 instances.
    B. Create an Amazon Elastic File System (Amazon EFS) file system. Mount the EFS file system on the individual EC2 instances.
    C. Create a shared Amazon Elastic Block Store (Amazon EBS) volume. Mount the EBS volume on the individual EC2 instances.
    D. Use AWS DataSync to perform continuous synchronization of data between EC2 hosts in the Auto Scaling group.
    E. Create an Amazon S3 bucket to store the web content. Set the metadata for the Cache- Control header to no-cache. Use Amazon CloudFront to deliver the content.

  • Question 138:

    A company processes large amounts of data

    The output data is stored in Amazon S3 Standard storage in an S3 bucket, where it is analyzed for 1 month. The data must remain immediately accessible after the 1-month analysis period.

    Which storage solution meets these requirements MOST cost-effectively?

    A. Configure an S3 Lifecycle policy to transition the objects to S3 Glacier after 30 days.
    B. Configure S3 Intelligent-Tiering to transition the objects to S3 Glacier after 30 days.
    C. Configure an S3 Lifecycle policy to transition the objects to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 30 days.
    D. Configure an S3 Lifecycle policy to delete the objects after 30 days. Enable versioning on the S3 bucket so that deleted objects can still be immediately restored as needed.

  • Question 139:

    A company has an Amazon S3 bucket that contains confidential information in its production AWS account The company has turned on AWS CloudTrail for the account. The account sends a copy of its logs to Amazon CloudWatch Logs. The company has configured the S3 bucket to log read and write data events.

    A company auditor discovers that some objects in the S3 bucket have been deleted A solutions architect must provide the auditor with information about who deleted the objects

    What should the solutions architect do to provide this information?

    A. Create a CloudWatch Logs fitter to extract the S3 write API calls against the S3 bucket
    B. Query the CloudTrail togs with Amazon Athena to identify the S3 write API calls against the S3 bucket
    C. Use AWS Trusted Advisor to perform security checks for S3 writ?API calls that deleted the content
    D. Use AWS Config to track configuration changes on the S3 bucket Use these details to track the S3 write API calls that deleted the content

  • Question 140:

    A company receives data (rem different sources and implements multiple applications to consume this data

    There are many short-running jobs that run only on the weekend The data arrives in batches rather than throughout the entire weekend. The company needs an environment on AWS to ingest and process this data while maintaining the order

    of the transactions.

    Which combination of AWS services meets these requirements in the MOST cost-effective manner?

    A. Amazon Kinesis Data Streams with AWS Lambda
    B. Amazon Kinesis Data Streams with Amazon EC2 Auto Scaling
    C. Amazon Simple Queue Service (Amazon SQS) with AWS Lambda
    D. Amazon Simple Queue Service (Amazon SQS) with Amazon EC2 Auto Scaling

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.