1. Home
  2. Amazon
  3. SAA-C02

Amazon SAA-C02 Online Practice Questions and Exam Preparation

SAA-C02 Exam Details

  • Exam Code
    :SAA-C02
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1080 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C02 Online Questions & Answers

  • Question 71:

    A company created and hosts a legacy software application for its customers. The application runs on a dedicated Linux server for each customer. The application stores no persistent data except for MySQL data.

    The company experienced some data corruption issues in the past and wants to move the application to AWS. The company needs to implement a solution to optimize the stability of the application. The solution also must give the company the ability to restore a customer's database to a specific point in time. The company will migrate customer data by using AWS Database Migration Service (AWS DMS).

    Which architecture should a solutions architect recommend to meet these requirements?

    A. Set up a shared Amazon Aurora database. Configure an Amazon EC2 launch template for each customer.
    B. Set up a shared Amazon Aurora database. Create an Amazon EC2 Amazon Machine Image (AMI) for each customer. Use the AMI to launch the application.
    C. Set up an Amazon RDS database and an Amazon EC2 instance for each customer. Download the installation script. Run the script to install and configure the application.
    D. Set up an Amazon RDS database for each customer Deploy the application by using an Amazon EC2 launch template. Use user data to configure the customer-specific data.

  • Question 72:

    A company is planning to store data on Amazon RDS DB instances. The company must encrypt the data at rest

    What should a solutions architect do to meet this requirement?

    A. Create an encryption key and store the key in AWS Secrets Manager Use the key to encrypt the DB instances
    B. Generate a certificate in AWS Certificate Manager (ACM). Enable SSL/TLS on the DB instances by using the certificate
    C. Create a customer master key (CMK) in AWS Key Management Service (AWS KMS) Enable encryption for the DB instances
    D. Generate a certificate in AWS Identity and Access Management {IAM) Enable SSUTLS on the DB instances by using the certificate

  • Question 73:

    A company runs an application on three very large Amazon EC2 instances In a single Availability Zone in the us-east-1 Region Multiple 16 TB Amazon Elastic Block Store (Amazon EBS) volumes are attached to each EC2 instance. The operations team uses an AWS Lambda script triggered by a schedule-based Amazon EventBridge (Amazon CloudWatch Events) rule to stop the instances on evenings and weekends, and start the instances on weekday mornings. Before deploying the solution, the company used the public AWS pricing documentation to estimate the overall costs of running this data warehouse solution 5 days a week for 10 hours a day. When looking at monthly Cost Explorer charges for this new account, the overall charges are higher than the estimate. What is the MOST likely cost factor that the company overlooked?

    A. EC2 data transfer charges between the instances are much higher than expected.
    B. EC2 and EBS rates are higher in us-east-1 than most other AWS Regions
    C. The Lambda charges to stop and start the instances are much higher than expected.
    D. The company is being billed for the EBS storage on nights and weekends

  • Question 74:

    A company has created a VPC with multiple private subnets in multiple Availability Zones (AZs) and one public subnet in one of the AZs. The public subnet is used to launch a NAT gateway. There are instance in the private subnet that use a

    NAT gateway to connect to the internet. In case of an AZ failure, the company wants to ensure that the instance are not all experiencing internet connectivity issues and that there is a backup plan ready.

    Which solution should a solutions architect recommend that is MOST highly available?

    A. Create a new public subnet with a NAT gateway in the same AZ Distribute the traffic between the two NAT gateways
    B. Create an Amazon EC2 NAT instance in a now public subnet Distribute the traffic between the NAT gateway and the NAT instance
    C. Create public subnets In each AZ and launch a NAT gateway in each subnet Configure the traffic from the private subnets In each A2 to the respective NAT gateway
    D. Create an Amazon EC2 NAT instance in the same public subnet Replace the NAT gateway with the NAT instance and associate the instance with an Auto Scaling group with an appropriate scaling policy.

  • Question 75:

    A solution architect is designing an application that will allow business users to upload objects to Amazon S3. The solution needs to maximize object durability. Objects also must be readily available at any time and for any length of time.

    Users will access objects frequently within the first 30 days after the objects are uploaded, but users are much less likely to access objects that are older than 30 days.

    Which solution meets these requirements Most cost-effectively?

    A. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Giacier after 30 days.
    B. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Standard- infrequent Access (S3 Standard-IA) after 30 days.
    C. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Zone- infrequent Access (S3 Zone-IA) after 30 days.
    D. Store all the objects in S3 intelligent-Tiering with an S3 Lifecycle rule to transition the object to S3 Standard-infrequent Access (S3 Standard-IA) after 30 days.

  • Question 76:

    A company is launching a new application and will display application metrics on an Amazon CloudWatch dashboard. The company's product manager needs to access this dashboard periodically. The product manager does not have an AWS account. A solution architect must provide access to the product manager by following the principle of least privilege.

    Which solution will meet these requirements?

    A. Share the dashboard from the CloudWatch console. Enter the product manager's email address, and complete the sharing steps. Provide a shareable link for the dashboard to the product manager.
    B. Create an IAM user specifically for the product manager. Attach the CloudWatch Read Only Access managed policy to the user. Share the new login credential with the product manager. Share the browser URL of the correct dashboard with the product manager.
    C. Create an IAM user for the company's employees, Attach the View Only Access AWS managed policy to the IAM user. Share the new login credentials with the product manager. Ask the product manager to navigate to the CloudWatch console and locate the dashboard by name in the Dashboards section.
    D. Deploy a bastion server in a public subnet. When the product manager requires access to the dashboard, start the server and share the RDP credentials. On the bastion server, ensure that the browser is configured to open the dashboard URL with cached AWS credentials that have appropriate permissions to view the dashboard.

  • Question 77:

    A company is using AWS Organizations with two AWS accounts: Logistics and Sales. The Logistics account operates an Amazon Redshift cluster. The Sales account includes Amazon EC2 instances. The Sales account needs to access the Logistics account's Amazon Redshift cluster.

    What should a solutions architect recommend to meet this requirement MOST cost-effectively?

    A. Set up VPC sharing with the Logistics account as the owner and the Sales account as the participant to transfer the data.
    B. Create an AWS Lambda function in the Logistics account to transfer data to the Amazon EC2 instances in the Sales account.
    C. Create a snapshot of the Amazon Redshift cluster, and share the snapshot with the Sales account. In the Sales account, restore the cluster by using the snapshot ID that is shared by the Logistics account.
    D. Run COPY commands to load data from Amazon Redshift into Amazon S3 buckets in the Logistics account. Grant permissions to the Sales account to access the S3 buckets of the Logistics account.

  • Question 78:

    A media company is using two video conversion tools that run on Amazon EC2 instances. One tool runs on Windows instances, and the other tool runs on Linux instances. Each video file is large in size and must be processed by both tools.

    The company needs a storage solution that can provide a centralized file system that can be mounted on all the EC2 instances that are used in this process.

    Which solution meets these requirements?

    A. Use Amazon FSx for Windows File Server for the Windows instances. Use Amazon Elastic File System (Amazon EFS) with Max I/O performance mode for the Linux instances.
    B. Use Amazon FSx for Windows File Server for the Windows instances. Use Amazon FSx for Lustre for the Linux instances. Link both Amazon FSx file systems to the same Amazon S3 bucket.
    C. Use Amazon Elastic File System (Amazon EFS) with General Purpose performance mode for the Windows instances and the Linux instances
    D. Use Amazon FSx for Windows File Server for the Windows instances and the Linux instances.

  • Question 79:

    A company wants to reduce Its Amazon S3 storage costs in its production environment without impacting durability or performance of the stored objects What is the FIRST step the company should take to meet these objectives?

    A. Enable Amazon Made on the business-critical S3 buckets lo classify the sensitivity of the objects
    B. Enable S3 analytics to Identify S3 buckets that are candidates for transitioning to S3 Standard- Infrequent Access (S3 Standard-IA)
    C. Enable versioning on all business-critical S3 buckets.
    D. Migrate me objects in all S3 buckets to S3 Intelligent-Tie ring

  • Question 80:

    A company wants to share forensic accounting data is stored in an Amazon RDS DB instance with an external auditor. The Auditor has its own AWS account and requires its own copy of the database. How should the company securely share the database with the auditor?

    A. Create a read replica of the database and configure IAM standard database authentication to grant the auditor access.
    B. Copy a snapshot of the database to Amazon S3 and assign an IAM role to the auditor to grant access to the object in that bucket.
    C. Export the database contents to text files, store the files in Amazon S3, and create a new IAM user for the auditor with access to that bucket.
    D. Make an encrypted snapshot of the database, share the snapshot, and allow access to the AWS Key Management Service (AWS KMS) encryption key.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.