SAA-C02 Exam Details

  • Exam Code
    :SAA-C02
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1080 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C02 Online Questions & Answers

  • Question 31:

    A solutions architect is designing a high performance computing (HPC) workload on Amazon EC2 The EC2 instances need to communicate to each other frequently and require network performance with low latency and high throughput Which EC2 configuration meets these requirements'?

    A. Launch the EC2 instances in a cluster placement group in one Availability Zone
    B. Launch the EC2 instances in a spread placement group in one Availability Zone
    C. Launch the EC2 instances in an Auto Scaling group in two Regions and peer the VPCs
    D. Launch the EC2 instances in an Auto Scaling group spanning multiple Availability Zones

  • Question 32:

    A company has a corporate network on premises and has three VPCs in the AWS Cloud. The company has one VPC each for development, test, and, production. The company wants its system administrators to security gain remote command-line access from the corporate network to Amazon EC2 instances in the VPCs.

    Which solution meets these requirements MOST cost-effectively?

    A. Set up a VPN connection between the corporate network and each of the three VPCs by using AWS VPN Use Remote Desktop Protocol (RDP) or SSH over the VPN connection to access the EC2 instances remotely.
    B. Configure the EC2 instances to use an instance profile that trusts AWS Systems Manager Use Systems Manager Session Manager to gain console access to the EC2 instances
    C. Create a new VPC Purchase and install a virtual router from AWS Marketplace Establish a VPN connection from the corporate network to this router. Establish another VPN connection from the 'outer to the other three VPCs Use Remote Desktop Protocol (RDP) or SSH over the VPN connection to access the EC2 instances remotely.
    D. Create a new VPC Establish a VPN connection to the new VPC. Configure peering connections between the new VPC and the existing VPCs In the new VPC create an EC2 bastion host to serve as a jump box lo EC2 instances in the other VPCs Use Remote Desktop Protocol (RDP) or SSH over the VPN connection to the bastion host

  • Question 33:

    A company provides a three-tier web application to its customers Each customer has an AWS account in which the application is deployed, and these accounts are members of the company's organization in AWS Organizations To protect its customers' AWS accounts and applications the company wants to monitor them for unusual and unexpected behavior The company needs to analyze and monitor customer VPC Flow Logs. AWS CloudTrail logs, and DNS logs What should a solutions architect do to meet these requirements?

    A. Designate an account in the organization as the AWS Shield master account Enable Shield and Shield logs in every account, and invite the accounts to join the Shield master account Analyze Shield findings m the Shield master account
    B. Designate an account in the organization as the Amazon GuardDuty master account Enable GuardDuty in every account and invite the accounts to join the GuardDuty master account Analyze GuardDuty findings in the GuardDuty master account
    C. Designate an account in the organization as the AWS WAF master account Enable AWS WAF and AWS WAF logs in every account and invite the accounts to join the AWS WAF master account Analyze AWS WAF logs in the AWS WAF master account
    D. Designate an account in the organization as the AWS Resource Access Manager (AWS RAM) master account Enable AWS RAM in every account, and invite the accounts to join the AWS RAM master account Analyze AWS RAM logs in the AWS RAM master account

  • Question 34:

    An online retailer has a series of flash sales occurring every Friday Sales Traffic will increase during the sales only and the platform will handle the increased load. The platform is a three-tier application. The web tier runs on Amazon EC2

    instances behind an Application Load Balancer. Amazon CloudFront is used to reduce web server load, but many requests for dynamic content must go to the web servers.

    What should be done to the web tier to reduce costs without impacting performance or reliability?

    A. Use T-series instances
    B. Purchase scheduled Reserved instances.
    C. Implement Amazon ElasticCache
    D. Use Spot instances.

  • Question 35:

    A solutions architect is creating an application. The application will run on Amazon EC2 instances in private subnets across multiple Availability Zones in a VPC. The EC2 instances will frequently access large files that contain confidential information. These files are stored in Amazon S3 buckets for processing. The solutions architect must optimize the network architecture to minimize data transfer costs.

    What should the solutions architect do to meet these requirements?

    A. Create a gateway endpoint for Amazon S3 in the VPC. In the route tables for the private subnets, add an entry for the gateway endpoint.
    B. Create a single NAT gateway in a public subnet. In the route tables for the private subnets, add a default route that points to the NAT gateway.
    C. Create an AWS PrivateLink interface endpoint for Amazon S3 in the VPC. In the route tables for the private subnets, add an entry for the interface endpoint.
    D. Create one NAT gateway for each Availability Zone in public subnets. In each of the route tables for the private subnets, add a default route that points to the NAT gateway in the same Availability Zone.

  • Question 36:

    A company is designing a distributed application to optimize its global supply chain and manufacturing process. The company has facilities near the us east-1 Region, the eu-west- 1 Region and the ap-south 1 Region. According to the application requirements, orders that are booked in one Region must be visible in the other two Regions in 1 second or less. The database must be able to support failover with a recovery time objective (RTO) of less than 5 minutes. The application must avoid downtime so that the manufacturing process is not negatively affected

    Which solution meets these requirements?

    A. Use Amazon DynamoDB to invoke an AWS Lambda function
    B. Use an Amazon Aurora global database
    C. Use Amazon RDS for MySQL with a cross-Region read replica
    D. Use Amazon RDS for PostgreSQL with a cross-Region read replica.

  • Question 37:

    A company has an automobile sales website that stores its listings in an database on Amazon RDS When an automobile is sold, the listing needs to be removed from the website and the data must be sent to multiple target systems.

    Which design should a solutions architect recommend?

    A. Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS) queue for the targets to consume.
    B. Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS) FIFO queue for the targets to consume
    C. Subscribe to an RDS event notification and send an Amazon Simple Queue Service (Amazon SQS) queue fanned out to multiple Amazon Simple Notification Service (Amazon SNS) topics Use AWS Lambda functions to update the targets
    D. Subscribe to an RDS event notification and send an Amazon Simple Notification Service (Amazon SNS) topic fanned out to multiple Amazon Simple Queue Service (Amazon SQS) queues Use AWS Lambda functions to update the targets

  • Question 38:

    A medical records company is hosting an application on Amazon EC2 instances. The application processes customer data files that are stored on Amazon S3. The EC2 instc The EC2 instances access Amazon S3 over the internet, but they

    do not require any other network access.

    A new requirement mandates that the network traffic for file transfers take a private route and not be sent over the internet.

    Which change to the network architecture should a solutions architect recommend to meet this requirement?

    A. Create a NAT gateway. Configure the route table for the public subnets to send traffic to Amazon S3 through the NAT gateway.
    B. Configure the security group for the EC2 instances to restrict outbound traffic so that only traffic to the S3 prefix list is permitted.
    C. Move the EC2 instances to private subnets. Create a VPC endpoint for Amazon S3, and link the endpoint to the route table for the private subnets.
    D. Remove the internet gateway from the VPC. Set up an AWS Direct Connect connection, and route traffic to Amazon S3 over the Direct Connect connection.

  • Question 39:

    An operations team has a standard that states IAM policies should not be applied directly to users. Some new members have not been following this standard. The operation manager needs a way to easily identify the users with attached

    policies.

    What should a solutions architect do to accomplish this?

    A. Monitor using AWS CloudTrail
    B. Create an AWS Config rule to run daily
    C. Publish IAM user changes lo Amazon SNS
    D. Run AWS Lambda when a user is modified

  • Question 40:

    A company hosts a static website on-premises and wants to migrate the website to AWS The website should load as quickly as possible for users around the world The company also wants the most cost- effective solution What should a solutions architect do to accomplish this?

    A. Copy the website content to an Amazon S3 bucket Configure the bucket to serve static webpage content Replicate the S3 bucket to multiple AWS Regions
    B. Copy the website content to an Amazon S3 bucket Configure the bucket to serve static webpage content Configure Amazon CloudFront with the S3 bucket as the origin
    C. Copy the website content to an Amazon EBS-backed Amazon EC2 instance running Apache HTTP Server Configure Amazon Route 53 geolocation routing policies to select the closest origin
    D. Copy the website content to multiple Amazon EBS-backed Amazon EC2 instances running Apache HTTP Server in multiple AWS Regions Configure Amazon CloudFront geolocation routing policies to select the closest origin

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.