Amazon SAA-C02 Online Practice Questions and Exam Preparation

Amazon SAA-C02 Online Questions & Answers

• Question 711:

  A gaming company wants to launch a new internet-facing application in multiple AWS Regions. The application will use the TCP and UDP protocols for communication. The company needs to provide high availability and minimum latency for global users.

  Which combination of actions should a solutions architect take to meet these requirements? (Select TWO.)

  A. Create internal Network Load Balancers in front of the application in each Region
  B. Create external Application Load Balancers in front of the application in each Region
  C. Create an AWS Global Accelerator accelerator to route traffic to the load balancers in each Region
  D. Configure Amazon Route 53 to use a geolocation routing policy to distribute the traffic
  E. Configure Amazon CloudFront to handle the traffic and route requests to the application in each Region
  A. Create internal Network Load Balancers in front of the application in each Region
  C. Create an AWS Global Accelerator accelerator to route traffic to the load balancers in each Region

• Question 712:

  An application allows users at a company's headquarters to access product data. The product data is stored in an Amazon RDS MySQL DB instance The operations team has isolated an application performance slowdown and wants to separate read traffic from write traffic A solutions architect needs to optimize the application's performance quickly

  What should the solutions architect recommend?

  A. Change the existing database to a Multi-AZ deployment Serve the read requests from the primary Availability Zone
  B. Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone
  C. Create read replicas for the database Configure the read replicas with half of the compute and storage resources as the source database
  D. Create read replicas for the database Configure the read replicas with the same compute and storage resources as the source database
  D. Create read replicas for the database Configure the read replicas with the same compute and storage resources as the source database

• Question 713:

  A company hosts a serverless application on AWS. The application uses Amazon API Gateway. AWS Lambda, and an Amazon RDS for PostgreSQL database. The company notices an increase in application errors that result from database connection timeouts during times of peak traffic or unpredictable traffic. The company needs a solution that reduces the application failures with the least amount of change to the code.

  What should a solutions architect do to meet these requirements?

  A. Reduce the Lambda concurrency rate.
  B. Enable RDS Proxy on the RDS DB instance.
  C. Resize the ROS DB instance class to accept more connections.
  D. Migrate the database to Amazon DynamoDB with on-demand scaling
  B. Enable RDS Proxy on the RDS DB instance.

• Question 714:

  A solutions architect is designing a solution for a dynamic website, "example.com," that is deployed in two AWS Regions: Tokyo. Japan and Sydney. Australia The architect wants to ensure that users located in Australia are directed to the website deployed in the Sydney AWS Region and users located in Japan are directed to the website in the Tokyo AWS Region when they browse to "example.com." Which service should the architect use to achieve this goal with the LEAST administrative effort?

  A. Amazon CloudFront with geolocation routing
  B. Amazon Route 53
  C. Application Load Balancer
  D. Network Load Balancer deployed across multiple regions
  A. Amazon CloudFront with geolocation routing

• Question 715:

  An application running on an Amazon EC2 instance needs to securely access tiles on an Amazon Elastic File System (Amazon I tile system. The EFS tiles are stored using encryption at rest. Which solution for accessing the tiles is MOST secure?

  A. Enable TLS when mounting Amazon EFS
  B. Store the encryption key in the code of the application
  C. Enable AWS Key Management Service (AWS KMS) when mounting Amazon EFS
  D. Store the encryption key in an Amazon S3 bucket and use IAM roles to grant the EC2 instance access permission
  B. Store the encryption key in the code of the application

• Question 716:

  A solutions architect is helping a developer design a new ecommerce shopping cart application using AWS services. The developer is unsure of the current database schema and expects to make changes as the ecommerce site grows. The

  solution needs to be highly resilient and capable of automatically scaling read and write capacity.

  Which database solution meets these requirements?

  A. Amazon Aurora PostgreSQL
  B. Amazon DynamoDB with on-demand enabled
  C. Amazon DynamoDB with DynamoDB Streams enabled
  D. Amazon SQS and Amazon Aurora PostgreSQL
  B. Amazon DynamoDB with on-demand enabled

  ---

  Explanation/Reference:

  DynamoDB supports both key-value and document data models. This enables DynamoDB to have a flexible schema, so each row can have any number of columns at any point in time. This allows you to easily adapt the tables as your

  business requirements change, without having to redefine the table schema as you would in relational databases.

  https://aws.amazon.com/dynamodb/features/

• Question 717:

  A company is planning to migrate a business-critical dataset to Amazon S3. The current solution design uses a single S3 bucket in the us-east-1 Region with versioning enabled to store the dataset. The company's disaster recovery policy states that all data multiple AWS Regions.

  How should a solutions architect design the S3 solution?

  A. Create an additional S3 bucket in another Region and configure cross-Region replication.
  B. Create an additional S3 bucket in another Region and configure cross-origin resource sharing (CORS).
  C. Create an additional S3 bucket with versioning in another Region and configure cross-Region replication.
  D. Create an additional S3 bucket with versioning in another Region and configure cross-origin resource (CORS).
  C. Create an additional S3 bucket with versioning in another Region and configure cross-Region replication.

  ---

  Explanation/Reference:

  Object Versioning Use Amazon S3 Versioning to keep multiple versions of an object in one bucket. For example, you could store my-image.jpg (version 111111) and my-image.jpg (version 222222) in a single bucket. S3 Versioning protects you from the consequences of unintended overwrites and deletions. You can also use it to archive objects so that you have access to previous versions. You must explicitly enable S3 Versioning on your bucket. By default, S3 Versioning is disabled. Regardless of whether you have enabled Versioning, each object in your bucket has a version ID. If you have not enabled Versioning, Amazon S3 sets the value of the version ID to null. If S3 Versioning is enabled, Amazon S3 assigns a version ID value for the object. This value distinguishes it from other versions of the same key. Enabling and suspending versioning is done at the bucket level. When you enable versioning on an existing bucket, objects that are already stored in the bucket are unchanged. The version IDs (null), contents, and permissions remain the same. After you enable S3 Versioning for a bucket, each object that is added to the bucket gets a version ID, which distinguishes it from other versions of the same key. Cross-origin resource sharing (CORS) Cross-origin resource sharing (CORS) defines a way for client web applications that are loaded in one domain to interact with resources in a different domain. With CORS support, you can build rich client-side web applications with Amazon S3 and selectively allow cross-origin access to your Amazon S3 resources. https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectVersioning.html https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html

• Question 718:

  A company's cloud operations team wants to standardize resource remediation. The company wants to provide a standard set of governance evaluations and remediation's to all member accounts in its organization in AWS Organizations. Which self-managed AWS service can the company use to meet these requirements with the LEAST amount of operational effort?

  A. AWS Security Hub compliance standards
  B. AWS Config conformance packs
  C. AWS CloudTrail
  D. AWS Trusted Advisor
  A. AWS Security Hub compliance standards

• Question 719:

  A company has implemented one of its microservices on AWS Lambda that accesses an Amazon DynamoDB table named Books. A solutions architect is design an IAM policy to be attached to the Lambda function's IAM role, giving it access to put, update, and delete items in the Books table. the IAM policy must prevent function from performing any other actions on the Books table or any other.

  Which IAM policy would fulfill these needs and provide the LEAST privileged access?

  

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A

• Question 720:

  A company is looking for a solution that can store video archives in AWS from old news footage. The company needs to minimize costs and will rarely need to restore these files. When the files are needed, they must be available in a

  maximum of five minutes.

  What is the MOST cost-effective solution?

  A. Store the video archives in Amazon S3 Glacier and use Expedited retrievals.
  B. Store the video archives in Amazon S3 Glacier and use Standard retrievals.
  C. Store the video archives in Amazon S3 Standard-Infrequent Access (S3 Standard-IA).
  D. Store the video archives in Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA).
  A. Store the video archives in Amazon S3 Glacier and use Expedited retrievals.