1. Home
  2. Amazon
  3. SAA-C02

Amazon SAA-C02 Online Practice Questions and Exam Preparation

SAA-C02 Exam Details

  • Exam Code
    :SAA-C02
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1080 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C02 Online Questions & Answers

  • Question 271:

    A solutions architect creates a VPC that includes two public subnets and two private subnets A corporate security mandate requires the solutions architect to launch all Amazon EC2 instances in a private subnet However when the solutions architect launches an EC2 instance that runs a web server on ports 80 and 443 in a private subnet, no external internet traffic can connect to the server.

    What should the solutions architect do to resolve this issue?

    A. Attach the EC2 instance to an Auto Scaling group in a private subnet Ensure that the DNS record for the website resolves to the Auto Scaling group identifier
    B. Provision an internet-facing Application Load Balancer (ALB) in a public subnet Add the EC2 instance to the target group that is associated with the ALB Ensure that the DNS record for the website resolves to the ALB
    C. Launch a NAT gateway in a private subnet Update the route table for the private subnets to add a default route to the NAT gateway Attach a public Elastic IP address to the NAT gateway
    D. Ensure that the security group that is attached to the EC2 instance allows HTTP traffic on port 80 and HTTPS traffic on port 443 Ensure that the DNS record for the website resolves to the public IP address of the EC2 instance

  • Question 272:

    A company has a 143 TB MySQL database that it wants to migrate to AWS. The plan is to use Amazon Aurora MySQL as the platform going forward. The company has a 100 Mbps AWS Direct Connect connection to Amazon VPC. Which solution meets the company's needs and takes the LEAST amount of time?

    A. Use a gateway endpoint for Amazon S3 Migrate the data to Amazon S3 Import the data into Aurora
    B. Upgrade the Direct Connect link to 500 Mbps. Copy the data to Amazon S3 Import the data into Aurora
    C. Order an AWS Snowmobile and copy the database backup to it. Have AWS import the data into Amazon S3 Import the backup into Aurora
    D. Order four 50-TB AWS Snowball devices and copy the database backup onto them. Have AWS import the data into Amazon S3 Import the data into Aurora

  • Question 273:

    A company needs guaranteed Amazon EC2 capacity in three specific Availability Zones in a specific AWS Region for an upcoming event that will last 1 week.

    What should the company do to guarantee the EC2 capacity?

    A. Purchase Reserved Instances that specify the Region needed.
    B. Create an On-Demand Capacity Reservation that specifies the Region needed.
    C. Purchase Reserved Instances that specify the Region and three Availability Zones needed.
    D. Create an On-Demand Capacity Reservation that specifies the Region and three Availability Zones needed.

  • Question 274:

    A company recently announced the deployment of its retail website to a global audience. The website runs on multiple Amazon EC2 instances behind an Elastic Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones.

    The company wants to provide its customers with different versions of content based on the devices that the customers use to access the website.

    Which combination of actions should a solutions architect take to meet these requirements? (Select TWO.)

    A. Configure Amazon CloudFront to cache multiple versions of the content.
    B. Configure a host header in a Network Load Balancer to forward traffic to different instances.
    C. Configure a Lambda@Edge function to send specific objects to users based on the User-Agent header.
    D. Configure AWS Global Accelerator. Forward requests to a Network Load Balancer (NLB). Configure the NLB to set up host-based routing to different EC2 instances.
    E. Configure AWS Global Accelerator. Forward requests to a Network Load Balancer (NLB). Configure the NLB to set up path-based routing to different EC2 instances.

  • Question 275:

    A company designs a mobile app for its customers to upload photos to a website. The app needs a secure login with multi-factor authentication (MFA). The company wants to limit the initial build time and the maintenance of the solution Which solution should a solutions architect recommend to meet these requirements?

    A. Use Amazon Cognito Identity with SMS based MFA.
    B. Edit 1AM policies to require MFA for all users
    C. Federate 1AM against the corporate Active Directory that requires MFA
    D. Use Amazon API Gateway and require server-side encryption (SSE) for photos

  • Question 276:

    A solutions architect is creating an application that will handle batch processing of large amounts of data.

    The input data will be held in Amazon S3 and the output data will be stored in a different S3 bucket. For processing, the application will transfer the data over the network between multiple Amazon EC2 instances.

    What should the solutions architect do to reduce the overall data transfer costs?

    A. Place all the EC2 instances in an Auto Scaling group.
    B. Place all the EC2 instances in the same AWS Region.
    C. Place all the EC2 instances in the same Availability Zone.
    D. Place all the EC2 instances in private subnets in multiple Availability Zones.

  • Question 277:

    A solutions architect finds that an Amazon Aurora cluster with On-Demand Instance pricing is being underutilized for a blog application The application is used only for a few minutes several times each day for reads

    What should a solutions architect do to optimize utilization MOST cost-effectively?

    A. Enable auto scaling on the original Aurora Database
    B. Convert the original Aurora Database to Aurora parallel query
    C. Convert the original Aurora Database to Aurora global database
    D. Convert the original Aurora Database to Aurora Aurora serverless

  • Question 278:

    A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB) The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures What should the solutions architect recommend?

    A. Leverage Amazon CloudFront with the ALB endpoint as the origin
    B. Deploy an appropriate managed rule for AWS WAF and associate it with the ALB
    C. Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked
    D. Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances

  • Question 279:

    An ecommerce company needs to run a scheduled daily job to aggregate and filter sales records for analytics. The company stores the sales records in an Amazon S3 bucket. Each object can be up to 10 GB in size. Based on the number of sales events, the job can take up to an hour to complete. The CPU and memory usage of the job are constant and are known in advance.

    A solutions architect needs to minimize the amount of operational effort that is needed for the job to run.

    Which solution meets these requirements?

    A. Create an AWS Lambda function that has an Amazon EventBridge (Amazon CloudWatch Events) notification. Schedule the EventBridge (CloudWatch Events) event to run once a day.
    B. Create an AWS Lambda function. Create an Amazon API Gateway HTTP API. and integrate the API with the function. Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that calls the API and invokes the function.
    C. Create an Amazon Elastic Container Service (Amazon ECS) cluster with an AWS Fargate launch type. Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that launches an ECS task on the cluster to run the job.
    D. Create an Amazon Elastic Container Service (Amazon ECS) cluster with an Amazon EC2 launch type and an Auto Scaling group with at least one EC2 instance. Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that launches an ECS task on the cluster to run the job.

  • Question 280:

    A company has an application workflow that uses an AWS Lambda function to download and decrypt files from Amazon S3 These files are encrypted using AWS Key Management Service Customer Master Keys (AWS KMS CMKs) A solutions architect needs to design a solution that will ensure the required permissions are set correctly.

    Which combination of actions accomplish this? (Select TWO.)

    A. Attach the kms.decrypt permission to the Lambda function's resource policy.
    B. Grant the decrypt permission for the Lambda IAM role in the KMS key's policy
    C. Grant the decrypt permission for the Lambda resource policy in the KMS key's policy.
    D. Create a new IAM policy with the kms:decrypt permission and attach the policy to the Lambda function
    E. Create a new IAM role with the kms decrypt permission and attach the execution role to the Lambda function.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.