A medical company is designing a new application that gathers symptoms from patients The company has decided to use Amazon Simple Queue Service (Amazon SQS) and Amazon Simple Notification Service (Amazon SNS) in the architecture
A solutions architect is reviewing the infrastructure design Data must be encrypted while at rest and in transit Only authorized personnel of the company can access the data
Which combination of steps should the solutions architect take to meet these requirements'? (Select TWO )
A. Turn on server-side encryption on the SQS components Update the default key policy to restrict key usage to a set of authorized principalsA company is deploying a web portal. The company wants to ensure that only the web portion of the application is publicly accessible. To accomplish this, the VPC was designed with two public subnets and two private subnets. The application will run on several Amazon EC2 instances in an Auto Scaling group. SSL termination must be offloaded from the EC2 instances. What should a solutions architect do to ensure these requirements are met?
A. Configure the Network Load Balancer in the public subnets. Configure the Auto Scaling group in the private subnets and associate it with the Application Load BalancerA company that develops web applications has launched hundreds of Application Load Balancers (ALBs) in multiple Regions. The company wants to create an allow list (or the IPs of all the load balancers on its firewall device. A solutions
architect is looking for a one-time, highly available solution to address this request, which will also help reduce the number of IPs that need to be allowed by the firewall.
What should the solutions architect recommend to meet these requirements?
A. Create a AWS Lambda function to keep track of the IPs for all the ALBs in different Regions Keep refreshing this list.A company is creating an architecture for a mobile app that requires minimal latency for its users The company's architecture consists of Amazon EC2 instances behind an Application Load Balancer running in an Auto Scaling group The EC2 instances connect to Amazon RDS. Application beta testing showed there was a slowdown when reading the data However the metrics indicate that the EC2 instances do not cross any CPU utilization thresholds
How can this issue be addressed1?
A. Reduce the threshold for CPU utilization in the Auto Scaling groupA developer is creating an AWS Lambda function to perform dynamic updates to a database when an item is added to an Amazon Simple Queue Service (Amazon SQS) queue A solutions architect must recommend a solution that tracks any usage of database credentials in AWS CloudTrail. The solution also must provide auditing capabilities.
Which solution will meet these requirements?
A. Store the encrypted credentials in a Lambda environment variableA company has an on-premises application that collects data and stores it to an on-premises NFS server. The company recently set up a 10 Gbps AWS Direct Connect connection.
The company is running out of storage capacity on premises. The company needs to migrate the application data from on premises to the AWS Cloud while maintaining low-latency access to the data from the on-premises application.
What should a solutions architect do to meet these requirements?
A. Deploy AWS Storage Gateway for the application data, and use the file gateway to store the data in Amazon S3. Connect the on-premises application servers to the file gateway using NFS.A company has an application mat provides marketing services to stores. The services are based on previous purchases by store customers. The stores upload transaction data to the company through SFTP, and the data is processed and
analyzed to generate new marketing offers Some of the files can exceed 200 GB in size.
Recently, the company discovered that some of the stores have uploaded tiles that contain personally identifiable information (PII) mat should not have been included. The company wants administrators to be alerted if Pll is shared again. The
company also wants to automate remediation. What should a solutions architect do to meet these requirements with the LEAS F development effort?
A. Use an Amazon S3 bucket as a secure transfer point Use Amazon inspector to scan the objects in the bucket. If objects contain Pll, trigger an S3 Lifecycle policy to remove the objects that contain Pll.A company recently migrated a message processing system to AWS. The system receives messages into an ActiveMQ queue running on an Amazon EC2 instance. Messages are processed by a consumer application running on Amazon EC2 The consumer application processes the messages and writes results to a MySQL database running on Amazon EC2. The company wants this application to be highly available with low operational complexity Which architecture offers the HIGHEST availability?
A. Add a second ActiveMQ server to another Availability Zone Add an additional consumer EC2 instance in another Availability Zone Replicate the MySQL database to another Availability Zone.A company has a three-tier environment on AWS that ingests sensor data from its usersA. Configure a TLS listener and add the server certificate on the NLB.
B. Configure AWS Shield Advanced and enable AWS WAF on the NLB
C. Change the load balancer to an Application Load Balancer and attach AWS WAF to it.
D. Encrypt the Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instances using AWS Key Management Service (AWS KMS)
A company uses Application Load Balancers (ALBs) in different AWS Regions. The ALBs receive inconsistent traffic that can spike and drop throughout the year The company's networking team needs to allow the IP addresses of the ALBs in the on-premises firewall to enable connectivity.
Which solution is the MOST scalable with minimal configuration changes?
A. Write an AWS Lambda script to get the IP addresses of the ALBs in different Regions Update the on-premises firewall's rule to allow the IP addresses of the ALBs.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.