1. Home
  2. Amazon
  3. SAA-C02

Amazon SAA-C02 Online Practice Questions and Exam Preparation

SAA-C02 Exam Details

  • Exam Code
    :SAA-C02
  • Exam Name
    :AWS Certified Solutions Architect - Associate (SAA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :1080 Q&As
  • Last Updated
    :Jun 04, 2025

Amazon SAA-C02 Online Questions & Answers

  • Question 871:

    A solutions architect is investigating AWS file storage solutions that can be used with a company's on- premises Linux servers and applications The company has an existing VPN connection set up between the company's VPC and its on-premises network. Which AWS services should the solutions architect use? (Select TWO )

    A. AWS Backup
    B. AWS DataSync
    C. AWS Snowball Edge
    D. AWS Storage Gateway
    E. Amazon Elastic File System (Amazon EFS)

  • Question 872:

    A company has a two-tier application architecture that runs in public and private subnets Amazon EC2 instances running the web application are in the public subnet and a database runs on the private subnet The web application instances

    and the database are running in a single Availability Zone (AZ).

    Which combination of steps should a solutions architect take to provide high availability for this architecture? (Select TWO.)

    A. Create new public and private subnets in the same AZ for high availability
    B. Create an Amazon EC2 Auto Scaling group and Application Load Balancer spanning multiple AZs
    C. Add the existing web application instances to an Auto Scaling group behind an Application Load Balancer
    D. Create new public and private subnets in a new AZ Create a database using Amazon EC2 in one AZ
    E. Create new public and private subnets in the same VPC each in a new AZ Migrate the database to an Amazon RDS multi-AZ deployment.

  • Question 873:

    A company's web application is running on Amazon EC2 instances behind an Application Load Balancer. The company recently changed its policy, which now requires the application to be accessed from one specific country only. Which configuration will meet this requirement?

    A. Configure the security group for the EC2 instances.
    B. Configure the security group on the Application Load Balancer.
    C. Configure AWS WAF on the Application Load Balancer in a VPC.
    D. Configure the network ACL for the subnet that contains the EC2 instances.

  • Question 874:

    A company wants to use high performance computing (HPC) infrastructure on AWS for financial risk modeling. The company s HPC workloads run on Linux Each HPC workflow runs on hundreds of Amazon EC2 Spot Instances, is short-lived, and generates thousands of output files that are ultimately stored in persistent storage for analytics and long-term future use The company seeks a cloud storage solution that permits the copying of on premises data to long- term persistent storage to make data available for processing by all EC2 instances. The solution should also be a high performance file system that is integrated with persistent storage to read and write datasets and output files.

    Which combination of AWS services meets these requirements?

    A. Amazon FSx for Lustre integrated with Amazon S3
    B. Amazon FSx for Windows File Server integrated with Amazon S3
    C. Amazon S3 Glacier integrated with Amazon Elastic Block Store (Amazon EBS)
    D. Amazon S3 bucket with a VPC endpoint integrated with an Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2) volume

  • Question 875:

    A company is running a multi-tier ecommerce web application In the AWS Cloud. The application runs on Amazon EC2 Instances with an Amazon RDS MySQL Mutt>AZ DB instance. Amazon RDS is configured with the latest generation instance with 2,000 GB of storage in an Amazon EBS General Purpose SSD (gp2) volume. The database performance impacts the application during periods of high demand. After analyzing the logs in Amazon CloudWatch Logs, a database administrator finds that the application performance always degrades when the number of read and write IOPS is higher than 6.000 What should a solutions architect do to improve the application performance?

    A. Replace the volume with a Magnetic volume
    B. Increase the number of IOPS on the gp2 volume
    C. Replace the volume with a Provisioned IOPS (PIOPS) volume.
    D. Replace the 2,000 GB gp2 volume with two 1,000 GBgp2 volumes.

  • Question 876:

    A company wants to migrate la accounting system from an on-premises data center to the AWS Cloud in a single AWS Region Data security and an immutable audit log are the top priorities. The company must monitor all AWS activities for compliance auditing. The company has enabled AWS CloudTrail but wants to make sure it meets these requirements.

    Which actions should a solutions architect take to protect and secure CloudTrail? (Select TWO.)

    A. Enable CloudTrail log tile validation
    B. Install the CloudTrail Processing Library
    C. Enable logging of insights events in CloudTrail
    D. Enable custom logging from the on-premises resources
    E. Create an AWS Config rule to monitor whether CloudTrail is configured to use server-side encryption with AWS KMS managed encryption keys (SSE-KMS)

  • Question 877:

    A solutions architect needs to ensure that all Amazon Elastic Block Store (Amazon EBS) volumes restored from unencrypted EBS snapshots are encrypted What should the solutions architect do to accomplish this?

    A. Enable EBS encryption by default for the AWS Region
    B. Enable EBS encryption by default for the specific volumes
    C. Create a new volume and specify the symmetric customer master key (CMK) to use for encryption
    D. Create a new volume and specify the asymmetric customer master key (CMK) to use for encryption.

  • Question 878:

    A company is making a prototype of the infrastructure for its new website by manually provisioning the necessary infrastructure This infrastructure includes an Auto Scaling group an Application Load Balancer, and an Amazon RDS database After the configuration has been thoroughly validated the company wants the capability to immediately deploy the infrastructure for development and production use in two Availability Zones in an automated fashion What should a solutions architect recommend to meet these requirements''

    A. Use AWS Systems Manager to replicate and provision the prototype infrastructure in two Availability Zones
    B. Define the infrastructure as a template by using the prototype infrastructure as a guide Deploy the infrastructure with AWS CloudFormation
    C. Use AWS Config to record the inventory of resources that are used in the prototype infrastructure Use AWS Config to deploy the prototype infrastructure into two Availability Zones.
    D. Use AWS Elastic Beanstalk and configure it to use an automated reference to the prototype infrastructure to automatically deploy new environments in two Availability Zones

  • Question 879:

    A company is running a three-tier web application to process credit card payments. The front-end user interface consists of static webpages. The application tier can have long-running processes The database tier uses MySQL.

    The application is currently running on a single, general purpose large Amazon EC2 instance A solutions architect needs to decouple the services to make the web application highly available.

    Which solution would provide the HIGHEST availability?

    A. Move static assets to Amazon CloudFront Leave the application in EC2 in an Auto Scaling group.Move the database to Amazon RDS to deploy Multi-AZ.
    B. Move static assets and the application into a medium EC2 instance. Leave the database on the large instance. Place both instances in an Auto Scaling group.
    C. Move static assets to Amazon S3. Move the application to AWS Lambda with the concurrency limit set. Move the database to Amazon DynamoDB with on-demand enabled.
    D. Move static assets to Amazon S3. Move the application to Amazon Elastic Container Service (Amazon ECS) containers with Auto Scaling enabled. Move the database to Amazon RDS to deploy Multi-AZ

  • Question 880:

    A company is planning on deploying a newly built application on AWS in a default VPC The application will consist of a web layer and database layer. The web server was created in public subnets, and the MySQL database was created in

    private subnets. All subnets are created with the default network ACL settings, and the default security group in the VPC will be replaced with new custom security groups.

    The following are the key requirements:

    1.

    The web servers must be accessible only to users on an SSL connection.

    2.

    The database should be accessible to the web layer, which is created in a public subnet only.

    3.

    All traffic to and from the IP range 182.20.0.0/16 subnet should be blocked.

    Which combination of steps meets these requirements? (Select TWO.)

    A. Create a database server security group with inbound and outbound rules for MySQL port 3306 traffic to and from anywhere (0 0.0.0/0)
    B. Create a database server security group with an inbound rule for MySQL port 3306 and specify the source as a web server security group.
    C. Create a web server security group with an inbound allow rule for HTTPS port 443 traffic from anywhere (0.0.0.0/0) and an inbound deny rule for IP range 182.20.0 0/16.
    D. Create a web server security group with an inbound rule for HTTPS port 443 traffic from anywhere (0.0 0 0/0) Create network ACL inbound and outbound deny rules for IP range 182 20.00/16
    E. Create a web server security group with inbound and outbound rules for HTTPS port 443 traffic to and from anywhere (0.0.0.0/0). Create a network ACL inbound deny rule for IP range 182.20.0.0/16.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.