1. Home
  2. Amazon
  3. SAA-C02

Amazon SAA-C02 Online Practice Questions and Exam Preparation

SAA-C02 Exam Details

  • Exam Code
    :SAA-C02
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1080 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C02 Online Questions & Answers

  • Question 341:

    A solutions architect needs to allow developers to have SSH connectivity to web servers The requirements are as follows

    1.

    Limit access to users originating from the corporate network.

    2.

    Web servers cannot have SSH access directly from the internet.

    3.

    Web servers reside in a private subnet.

    Which combination of steps must the architect complete to meet these requirements? (Select TWO.)

    A. Create a bastion host that authenticates users against the corporate directory
    B. Create a bastion host with security group rules that only allow traffic from the corporate network.
    C. Attach an 1AM role to the bastion host with relevant permissions
    D. Configure the web servers' security group to allow SSH traffic from a bastion host.
    E. Deny all SSH traffic from the corporate network in the inbound network ACL.

  • Question 342:

    A company has an application that calls AWS Lambda functions. A recent code review found database credentials stored in the source code. The database credentials needs to be removed from the Lambda source code. The credentials must then be securely stored and rotated on a on-going basis to meet security policy requirements.

    What should a solutions architect recommend meet these requirements?

    A. Store the password in AWS CloudHSM Associate the Lambda function with a role that can retrieve the password from CloudHSM given its key ID
    B. Store the password in AWS Secrets Manager . A associate the Lambda function with a role that can retrieve the password from secrets Manager given its secret ID.
    C. Move the database password to an environment variable associated with the Lambda function Retrieve the password from the environment variable upon execution
    D. Store the password in AWS Key Management Service (AWS KMS) Associate the Lambda function with a role that can retrieve the password from AWS KMS given its key ID

  • Question 343:

    A company stores confidential data in an Amazon Aurora PostgreSQL database in the ap-southeast-3 Region The database is encrypted with an AWS Key Management Service (AWS KMS) customer managed key The company was recently acquired and must securely share a backup of the database with the acquiring company's AWS account in ap-southeast-3.

    What should a solutions architect do to meet these requirements?

    A. Create a database snapshot Copy the snapshot to a new unencrypted snapshot Share the new snapshot with the acquiring company's AWS account.
    B. Create a database snapshot Add the acquiring company's AWS account to the KMS key policy Share the snapshot with the acquiring company's AWS account.
    C. Create a database snapshot that uses a different AWS managed KMS key Add the acquiring company's AWS account to the KMS key alias. Share the snapshot with the acquiring company's AWS account.
    D. Create a database snapshot Download the database snapshot Upload the database snapshot to an Amazon S3 bucket Update the S3 bucket policy to allow access from the acquiring company's AWS account.

  • Question 344:

    A company is experiencing growth as demand for its product has increased The company's existing purchasing application is slow when traffic spikes The application is a monolithic three tier application that uses synchronous transactions

    and sometimes sees bottlenecks in the application tier A solutions architect needs to design a solution that can meet required application response times while accounting for traffic volume spikes.

    Which solution will meet these requirements?

    A. Vertically scale the application instance using a larger Amazon EC2 instance size.
    B. Scale the application's persistence layer horizontally by introducing Oracle RAC on AWS
    C. Scale the web and application tiers horizontally using Auto Scaling groups and an Application Load Balancer
    D. Decouple the application and data tiers using Amazon Simple Queue Service (Amazon SQS) with asynchronous AWS Lambda calls.

  • Question 345:

    A company is running a media store across multiple Amazon EC2 instances distributed across multiple Availability Zones in a single VPC. The company wants a high-performing solution to share data between all the EC2 Instances, and prefers to keep the data within the VPC only.

    What should a solutions architect recommend?

    A. Create an Amazon S3 bucket and call the service APIs from each instance's application.
    B. Create an Amazon S3 bucket and configure all instances to access it as a mounted volume.
    C. Configure an Amazon Elastic Block Store (Amazon EBS) volume and mount it across all instances.
    D. Configure an Amazon Elastic File System (Amazon EFS) file system and mount it across all instances

  • Question 346:

    A company has two VPCs that are located in the us-west-2 Region within the same AWS account. The company needs to allow network traffic between these VPCs. Approximately 500 GB of data transfer will occur between the VPCs each month.

    What is the MOST cost-effective solution to connect these VPCs?

    A. Implement AWS Transit Gateway to connect the VPCs. Update the route tables of each VPC to use the transit gateway for inter-VPC communication.
    B. Implement an AWS Site-to-Site VPN tunnel between the VPCs. Update the route tables of each VPC to use the VPN tunnel for inter-VPC communication.
    C. Set up a VPC peering connection between the VPCs. Update the route tables of each VPC to use the VPC peering connection for inter-VPC communication.
    D. Set up a 1 GB AWS Direct Connect connection between the VPCs. Update the route tables of each VPC to use the Direct Connect connection for inter-VPC communication.

  • Question 347:

    A company is running an ASP.NET MVC application on a single Amazon EC2 instance. A recent increase in application traffic is causing slow response times for users during lunch hours. The company needs to resolve this concern with the least amount of configuration.

    What should a solutions architect recommend to meet these requirements?

    A. Move the application to AWS Elastic Beanstalk. Configure load-based auto scaling and time-based scaling to handle scaling during lunch hours
    B. Move the application to Amazon Elastic Container Service (Amazon ECS) Create an AWS Lambda function to handle scaling during lunch hours.
    C. Move the application to Amazon Elastic Container Service (Amazon ECS). Configure scheduled scaling for AWS Application Auto Scaling during lunch hours.
    D. Move the application to AWS Elastic Beanstalk. Configure load-based auto scaling, and create an AWS Lambda function to handle scaling during lunch hours.

  • Question 348:

    A company is running a high performance computing (HPC) workload on AWS across many Linux based Amazon EC2 instances. The company needs a shared storage system that is capable of sub-millisecond latencies, hundreds of Gbps of throughput and millions of IOPS. Users will store millions of small files.

    Which solution meets these requirements?

    A. Create an Amazon Elastic File System (Amazon EFS) file system Mount me file system on each of the EC2 instances
    B. Create an Amazon S3 bucket Mount the S3 bucket on each of the EC2 instances
    C. Ensure that the EC2 instances ate Amazon Elastic Block Store (Amazon EBS) optimized Mount Provisioned lOPS SSD (io2) EBS volumes with Multi-Attach on each instance
    D. Create an Amazon FSx for Lustre file system. Mount the file system on each of the EC2 instances

  • Question 349:

    Organizers for a global event want to put daily reports online as static HTML pages The pages are expected to generate millions of views from users around the world The files are stored in an Amazon S3 bucket A solutions architect has been asked to design an efficient and effective solution Which action should the solutions architect take to accomplish this?

    A. Generate presigned URLs for the files
    B. Use cross-Region replication to all Regions
    C. Use the geoproximity feature of Amazon Route 53
    D. Use Amazon CloudFront with the S3 bucket as its origin

  • Question 350:

    A ride-sharing company stores historical service usage data as structured .csv data files in Amazon S3. A data analyst needs to perform SQL queries on this data. A solutions architect must recommend a solution that optimizes cost-effectiveness for the queries.

    Which solution meets these requirements?

    A. Create an Amazon EMR cluster. Load the data. Perform the queries.
    B. Create an Amazon Redshift cluster. Import the data. Perform the queries.
    C. Create an Amazon Aurora PostgreSQL DB cluster. Import the data. Perform the queries.
    D. Create an Amazon Athena database. Associate the data in Amazon S3. Perform the queries.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.