1. Home
  2. Amazon
  3. SAA-C02

Amazon SAA-C02 Online Practice Questions and Exam Preparation

SAA-C02 Exam Details

  • Exam Code
    :SAA-C02
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1080 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C02 Online Questions & Answers

  • Question 401:

    An ecommerce company uses an Amazon Aurora DB cluster to store customer transactions. The company also maintains a separate Amazon DynamoDB table that contains item sales information The company wants the DB cluster to invoke a recently deployed AWS Lambda function to update the DynamoDB table every time a row is inserted into the database.

    Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)

    A. Modify the Lambda function to allow outbound communication to the DB cluster
    B. Modify the DB cluster to allow outbound communication to the Lambda function.
    C. Modify the DB cluster to allow outbound communication to the DynamoDB table
    D. Ensure that the DB cluster has an IAM role that allows the DB cluster to invoke Lambda functions.
    E. Ensure that the Lambda function has an 1AM role that allows Lambda to invoke functions on the DB cluster

  • Question 402:

    An image-processing company has a web application that users use to upload images. The application uploads the images into an Amazon S3 bucket. The company has set up S3 event notifications to publish the object creation events to an

    Amazon Simple Queue Service (Amazon SQS) standard queue. The SQS queue serves as the event source for an AWS Lambda function that processes the images and sends the results to users through email.

    Users report that they are receiving multiple email messages for every uploaded image. A solutions architect determines that SQS messages are invoking the Lambda function more than once, resulting in multiple email messages.

    What should the solutions architect do to resolve this issue with the LEAST operational overhead?

    A. Set up long polling in the SQS queue by increasing the ReceiveMessage wait time to 30 seconds.
    B. Change the SQS standard queue to an SQS FIFO queue. Use the message deduplication ID to discard duplicate messages.
    C. Increase the visibility timeout in the SQS queue to a value that is greater than the total of the function timeout and the batch window timeout.
    D. Modify the Lambda function to delete each message from the SQS queue immediately after the message is read before processing.

  • Question 403:

    A company wants to improve the availability of an existing firewall. To meet the compliance requirements of the applications hosted in the VPC. the company's security team is using a proprietary firewall running on Amazon EC2 instances All internet traffic flows through the primary firewall. When the primary firewall goes down, the team manually changes the VPC route table so that it uses a secondary firewall running in a different Availability Zone. Which strategies should a solutions architect use to improve the availability of the firewall? (Select TWO.)

    A. Create an EC2 gateway endpoint In the VPC where the firewall is hosted.
    B. Create an EC2 interface endpoint in the VPC where the firewall is hosted.
    C. Enable enhanced networking on the EC2 instance running the proprietary firewall
    D. Deploy a scheduled AWS Lambda function in the VPC to monitor the primary firewall and change the route table to use the secondary firewall in case of failure.
    E. Monitor the firewall instance health in Amazon EventBridge (Amazon CloudWatch Events). Trigger an event rule to restart the primary firewall upon a detected failure.

  • Question 404:

    A development team needs to host a website that will be accessed by other teams. The website contents.consist of HTML, CSS, client side JavaScript, and images. Which method is the MOST cost-effective for hosting the website?

    A. Containerize the website and host it in AWS Fargate
    B. Create an Amazon S3 bucket and host the website there.
    C. Deploy a web server on an Amazon EC2 instance to host the website.
    D. Configure an Application Load Balancer with an AWS Lambda target that uses the Express is framework

  • Question 405:

    A solution architect has configured the following IAM policy.

    Which action will be allowed by the policy?

    A. An AWS Lambda function can be deleted from any network.
    B. An AWS Lambda function can be created from any network.
    C. An AWS Lambda function can be deleted from the 100.220.0.0/20 network
    D. An AWS Lambda function can be deleted from the 220 100.16 0 20 network

  • Question 406:

    A company has an application that is hosted on Amazon EC2 instances in two private subnets. A solutions architect must make the application available on the public internet with the least amount of N-y administrative effort. What should the solutions architect recommend?

    A. Create a load balancer and associate two public subnets from the same Availability Zones as the private instances. Add the private instances to the load balancer.
    B. Create a load balancer and associate two private subnets from the same Availability Zones as the private instances. Add the private instances to the load balancer.
    C. Create an Amazon Machine Image (AMI) of the instances in the private subnet and restore In the public subnet Create a load balancer and associate two public subnets from the same Availability Zones as the public instances.
    D. Create an Amazon Machine Image (AMI) of the instances in the private subnet and restore in the public subnet.Create a load balancer and associate two private subnets from the same Availability Zones as the public instances.

  • Question 407:

    A company currently operates a web application backed by an Amazon RDS MySQL database It has automated backups that are run daily and are not encrypted A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed The company will make at least one encrypted backup before destroying the old backups What should be done to enable encryption for future backups''

    A. Enable default encryption for the Amazon S3 bucket where backups are stored
    B. Modify the backup section of the database configuration to toggle the Enable encryption check box
    C. Create a snapshot of the database Copy it to an encrypted snapshot Restore the database from the encrypted snapshot
    D. Enable an encrypted read replica on RDS for MySQL Promote the encrypted read replica to primary Remove the original database instance

  • Question 408:

    A company has a popular gaming platform running on AWS. The application is sensitive to latency because latency can impact the user experience and introduce unfair advantages to some players The application is deployed in every AWS

    Region it runs on Amazon EC2 instances that are part of Auto Scaling groups configured behind Application Load Balancers (ALBs) A solutions architect needs to implement a mechanism to monitor the health of the application and redirect

    traffic to healthy endpoints.

    Which solution meets these requirements?

    A. Configure an accelerator in AWS Global Accelerator Add a listener for the port that the application listens on. and attach it to a Regional endpoint in each Region Add the ALB as the endpoint
    B. Create an Amazon CloudFront distribution and specify the ALB as the origin server. Configure the cache behavior to use origin cache headers Use AWS Lambda functions to optimize the traffic
    C. Create an Amazon CloudFront distribution and specify Amazon S3 as the origin server. Configure the cache behavior to use origin cache headers. Use AWS Lambda functions to optimize the traffic
    D. Configure an Amazon DynamoDB database to serve as the data store for the application Create a DynamoDB Accelerator (DAX) cluster to act as the in-memory cache for DynamoDB hosting the application data.

  • Question 409:

    A company is rolling out a new web service, but is unsure how many customers the service will attract However, the company is unwilling to accept any downtime. What could a solutions architect recommend to the company to keep.\

    A. Amazon EC2
    B. Amazon RDS
    C. AWS CtoudTrail
    D. Amazon DynamoDB

  • Question 410:

    A company is building an application in the AWS Cloud. The application will store data in Amazon S3 buckets in two AWS Regions. The company must use an AWS Key Management Service (AWS KMS) customer managed key to encrypt all data that is stored in the S3 buckets. The data in both S3 buckets must be encrypted and decrypted with the same KMS key. The data and the key must be stored in each of the two Regions.

    Which solution will moot those requirements with the LEAST operational overhead?

    A. Create an S3 bucket in each Region Configure the S3 buckets to use server-side encryption with Amazon S3 managed encryption keys (SSE-S3) Configure replication between the S3 buckets.
    B. Create a customer managed multi-Region KMS key. Create an S3 bucket in each Region. Configure replication between the S3 buckets. Configure the application to use the KMS key with client-side encryption.
    C. Create a customer managed KMS key and an S3 bucket in each Region Configure the S3 buckets to use server-side encryption with Amazon S3 managed encryption keys (SSE-S3) Configure replication between the S3 buckets.
    D. Create a customer managed KMS key and an S3 bucket m each Region Configure the S3 buckets to use server-side encryption with AWS KMS keys (SSE-KMS) Configure replication between the S3 buckets.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.