A company is preparing to deploy a data lake on AWS. A solutions architect must define the encryption strategy tor data at rest m Amazon S3/ The company's security policy states:
1.
Keys must be rotated every 90 days.
2.
Strict separation of duties between key users and key administrators must be implemented.
3.
Auditing key usage must be possible.
What should the solutions architect recommend?
A. Server-side encryption with AWS KMS managed keys (SSE-KMS) with customer managed customer master keys (CMKs)A company has a build server that is in an Auto Scaling group and often has multiple Linux instances running. The build server requires consistent shared NFS storage for jobs and configurations. Which storage option should a solution architect recommend?
A. Amazon S3A company recently deployed a new auditing system to centralize information about operating system versions patching and installed software for Amazon EC2 instances. A solutions architect must ensure all instances provisioned through EC2 Auto Scaling groups successfully send reports to the auditing system as soon as they are launched and terminated
Which solution achieves these goals MOST efficiently?
A. Use a scheduled AWS Lambda function and run a script remotely on all EC2 instances to send data to the audit system.A company is creating a prototype of an ecommerce website on AWS. The website consists of an Application Load Balancer, an Auto Scaling group of Amazon EC2 instances for web servers, and an Amazon RDS for MySQL DB instance that runs with the Single-AZ configuration.
The website is slow to respond during searches of the product catalog. The product catalog is a group of tables in the MySQL database that the company does not update frequently. A solutions architect has determined that the CPU utilization on the DB instance is high when product catalog searches occur.
What should the solutions architect recommend to improve the performance of the website during searches of the product catalog?
A. Migrate the product catalog to an Amazon Redshift database. Use the COPY command to load the product catalog tables.A company is migrating a large, mission-critical database to AWS. A solutions architect has decided to use an Amazon RDS for MySQL Multi-AZ DB instance that is deployed with 80,000 Provisioned IOPS for storage. The solutions architect is using AWS Database Migration Service (AWS DMS) to perform the data migration. The migration is taking longer than expected, and the company wants to speed up the process. The company's network team has ruled out bandwidth as a limiting factor.
Which actions should the solutions architect take to speed up the migration? (Choose two.)
A. Disable Multi-AZ on the target DB instance.A solutions architect is designing a VPC with public and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs) for high availability. An interne! gateway is used to provide internet access for the public subnets. The private subnets require access to the internet to allow Amazon EC2 instances to download software updates.
What should the solutions architect do to enable internet access for the private subnets?
A. Create three NAT gateways, one for each public subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT gateway in its AZA company needs to comply with a regulatory requirement that states all emails must Pe stored and archived externally for 7 years. An administrator has created compressed email files on premises and wants a managed service to transfer the files to AWS storage. Which managed service should a solutions architect recommend?
A. Amazon Elastic File System (Amazon EPS)A solutions architect is developing a multiple-subnet VPC architecture. The solution will consist of six subnets in two Availability Zones. The subnets are defined as public, private and dedicated for databases Only the Amazon EC2 instances
running in the private subnets should be able to access a database.
Which solution meets these requirements?
A. Create a now route table that excludes the route to the public subnets' CIDR blocks Associate the route table to the database subnets.A company is adopting serverless architecture The company's solutions architect wants to modernize an application that has source data in csv format A large team of developers needs to use the application to run SQL queries and reports on demand by joining data across multiple tables
Which combination of actions will meet these requirements MOST cost-effectively? (Select TWO )
A. Store the source data in Amazon S3A company hosts its core network services, including directory services and DNS. in its on-premises data center. The data center is connected to the AWS Cloud using AWS Direct Connect (DX) Additional AWS accounts are planned that will require quick, cost-effective, and consistent access to these network services What should a solutions architect implement to meet these requirements with the LEAST amount of operational overhead?
A. Create a DX connection in each new account Route the network traffic to the on-premises serversNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.