A company wants to experiment with individual AWS accounts tor its engineer team The company wants to be notified as soon as the Amazon EC2 instance usage for a given month exceeds a specific threshold for each account.
What should a solutions architect do to meet this requirement MOST cost-effectively?
A. Use Cost Explorer to create a daily report of costs by service. Filter the report by EC2 instances. Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded
B. Use Cost Explorer to create a monthly report of costs by service. Filter the report by EC2 instances Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded
C. Use AWS Budgets to create a cost budget for each account Set the period to monthly Set the scope to EC2 instances Set an alert threshold for the budget Configure an Amazon Simple Notification Service (Amazon SNS) topic to receive a notification when a threshold is exceeded.
D. Use AWS Cost and Usage Reports to create a report with hourly granularity. Integrate the report data with Amazon Athena. Use Amazon EventBridge (Amazon CloudWatch Events) to schedule an Athena query Configure an Amazon Simple Notifiication Service (Amazon SNS) topic lo receive a notification when a threshold is exceeded
A company is implementing a new business application The application runs on two Amazon EC2 instances and uses an Amazon S3 bucket for document storage A solutions architect needs to ensure that the EC? instances can access the S3 bucket
What should the solutions architect do to moot this requirement?
A. Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 Instances.
B. Create an IAM policy that grants access to the S3 bucket Attach the policy to the EC2 Instances
C. Create an IAM group that grants access to the S3 bucket Attach the group to the EC2 instances
D. Create an IAM user that grants access to the S3 bucket Attach the user account to the EC2 Instances
A company has two AWS accounts in the same AWS Region. One account is a publisher account, and the other account is a subscriber account Each account has its own Amazon S3 bucket.
An application puts media objects into the publisher account's S3 bucket The objects are encrypted with server-side encryption with customer-provided encryption keys (SSE-C). The company needs a solution that will automatically copy the objects to the subscriber's account's S3 bucket.
Which solution will meet these requirements with the LEAST operational overhead?
A. Enable S3 Versioning on the publisher account's S3 bucket Configure S3 Same-Region Replication of the objects to the subscriber account's S3 bucket
B. Create an AWS Lambda function that is invoked when objects are published in the publisher account's S3 bucket. Configure the Lambda function to copy the objects to the subscriber accounts S3 bucket
C. Configure Amazon EventBridge (Amazon CloudWatch Events) to invoke an AWS Lambda function when objects are published in the publisher account's S3 bucket Configure the Lambda function to copy the objects to the subscriber account's S3 bucket
D. Configure Amazon EventBridge (Amazon CloudWatch Events) to publish Amazon Simple Notification Service (Amazon SNS) notifications when objects are published in the publisher account's S3 bucket When notifications are received use the S3 console to copy the objects to the subscriber accounts S3 bucket
A company has deployed a server less application that invokes an AWS Lambda function when new documents are uploaded to an Amazon S3 bucket The application uses the Lambda function to process the documents After a recent marketing campaign the company noticed that the application did not process many of The documents
What should a solutions architect do to improve the architecture of this application?
A. Set the Lambda function's runtime timeout value to 15 minutes
B. Configure an S3 bucket replication policy Stage the documents m the S3 bucket for later processing
C. Deploy an additional Lambda function Load balance the processing of the documents across the two Lambda functions
D. Create an Amazon Simple Queue Service (Amazon SOS) queue Send the requests to the queue Configure the queue as an event source for Lambda.
A company is running a high performance computing (HPC) workload on AWS across many Linux based Amazon EC2 instances. The company needs a shared storage system that is capable of sub-millisecond latencies, hundreds of Gbps of throughput and millions of IOPS. Users will store millions of small files.
Which solution meets these requirements?
A. Create an Amazon Elastic File System (Amazon EFS) file system Mount me file system on each of the EC2 instances
B. Create an Amazon S3 bucket Mount the S3 bucket on each of the EC2 instances
C. Ensure that the EC2 instances ate Amazon Elastic Block Store (Amazon EBS) optimized Mount Provisioned lOPS SSD (io2) EBS volumes with Multi-Attach on each instance
D. Create an Amazon FSx for Lustre file system. Mount the file system on each of the EC2 instances
A company is expecting rapid growth in the near future. A solutions architect needs to configure existing users and grant permissions to new users on AWS The solutions architect has decided to create IAM groups The solutions architect will add the new users to IAM groups based on department
Which additional action is the MOST secure way to grant permissions to the new users?
A. Apply service control policies (SCPs) to manage access permissions
B. Create IAM roles that have least privilege permission Attach the roles lo the IAM groups
C. Create an IAM policy that grants least privilege permission Attach the policy to the IAM groups
D. Create IAM roles Associate the roles with a permissions boundary that defines the maximum permissions
A company is migrating a distributed application to AWS The application serves variable workloads The legacy platform consists of a primary server trial coordinates jobs across multiple compute nodes The company wants to modernize the application with a solution that maximizes resiliency and scalability
How should a solutions architect design the architecture to meet these requirements?
A. Configure an Amazon Simple Queue Service (Amazon SQS) queue as a destination for the jobs Implement the compute nodes with Amazon EC2 instances that are managed in an Auto Scaling group. Configure EC2 Auto Scaling to use scheduled scaling
B. Configure an Amazon Simple Queue Service (Amazon SQS) queue as a destination for the jobs Implement the compute nodes with Amazon EC2 Instances that are managed in an Auto Scaling group Configure EC2 Auto Scaling based on the size of the queue
C. Implement the primary server and the compute nodes with Amazon EC2 instances that are managed In an Auto Scaling group. Configure AWS CloudTrail as a destination for the fobs Configure EC2 Auto Scaling based on the load on the primary server
D. implement the primary server and the compute nodes with Amazon EC2 instances that are managed in an Auto Scaling group Configure Amazon EventBridge (Amazon CloudWatch Events) as a destination for the jobs Configure EC2 Auto Scaling based on the load on the compute nodes
A medical company is designing a new application that gathers symptoms from patients The company has decided to use Amazon Simple Queue Service (Amazon SQS) and Amazon Simple Notification Service (Amazon SNS) in the architecture
A solutions architect is reviewing the infrastructure design Data must be encrypted while at rest and in transit Only authorized personnel of the company can access the data
Which combination of steps should the solutions architect take to meet these requirements'? (Select TWO )
A. Turn on server-side encryption on the SQS components Update the default key policy to restrict key usage to a set of authorized principals
B. Turn on server-side encryption on the SNS components by using a custom CMK Apply a key policy to restrict key usage to a set of authorized principals
C. Turn on encryption on the SNS components Update the default key policy to restrict key usage to a set of authorized principals Set a condition in the topic policy to allow only encrypted connections over TLS.
D. Turn on server-side encryption on the SQS components by using a custom CMK. Apply a key policy to restrict key usage to a set of authonzed pnncipals Set a condition in the queue policy to allow only encrypted connections over TLS.
E. Turn on server-side encryption on the SQS components by using a custom CMK. Apply an IAM policy to restrict key usage to a set of authorized principals Set a condition in the queue policy to allow only encrypted connections over TLS.
A company is testing an application that runs on an Amazon EC2 Linux instance. The instance contains a data volume of 500 GB that consists of a single Amazon Elastic Block Store {Amazon EBS) General Purpose SSD (gp2) volume
The application is now ready for production use and will be installed on multiple EC2 instances that run m an Auto Scaling group All instances need access to the data that was stored on the 500 GB volume. The company needs a highly available and fault-tolerant solution that does not introduce any significant changes to the applications code
Which solution meets these requirements''
A. Provision an EC2 instance with NFS server software that is configured with a single 500 GB gp2 volume
B. Use an Amazon FSx for Windows File Server file system that is configured as an SMB file store within a single Availability Zone
C. Migrate the data into an Amazon S3 bucket Use an EC2 instance profile to access the contents of the bucket
D. Use an Amazon Elastic File System {Amazon EFS) file system that is configured with the General Purpose performance mode
A company is planning to migrate to AWS. The network layout will include more than 1.000 VPCs in a single AWS Region The resources in the VPCs need to communicate with each other
What should a solutions architect recommend to meet these requirements?
A. Create VPN tunnels from all the VPCs to each other Enable route propagation
B. Create an AWS Direct Connect gateway and attach a public virtual interface (VIF) to each VPC Enable route propagation
C. Peer all the VPCs together by creating and accepting peering requests Update route tables with the new routes
D. Create a transit gateway and place attachments m subnets of all the VPCs Configure a transit gateway route table with the new routes
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.