Amazon SAA-C03 Online Practice Questions and Exam Preparation

Amazon SAA-C03 Online Questions & Answers

• Question 1451:

  A company uses locally attached storage to run a latency-sensitive application on premises. The company is using a lift and shift method to move the application to the AWS Cloud. The company does not want to change the application architecture.

  Which solution will meet these requirements MOST cost-effectively?

  A. Configure an Auto Scaling group with an Amazon EC2 instance. Use an Amazon FSx for Lustre file system to run the application.
  B. Host the application on an Amazon EC2 instance. Use an Amazon Elastic Block Store (Amazon EBS) GP2 volume to run the application.
  C. Configure an Auto Scaling group with an Amazon EC2 instance. Use an Amazon FSx for OpenZFS file system to run the application.
  D. Host the application on an Amazon EC2 instance. Use an Amazon Elastic Block Store (Amazon EBS) GP3 volume to run the application.
  D. Host the application on an Amazon EC2 instance. Use an Amazon Elastic Block Store (Amazon EBS) GP3 volume to run the application.

• Question 1452:

  A medical research lab produces data that is related to a new study. The lab wants to make the data available with minimum latency to clinics across the country for their on-premises, file-based applications.

  The data files are stored in an Amazon S3 bucket that has read-only permissions for each clinic.

  What should a solutions architect recommend to meet these requirements?

  A. Deploy an AWS Storage Gateway file gateway as a virtual machine (VM) on premises at each clinic
  B. Migrate the files to each clinic's on-premises applications by using AWS DataSync for processing.
  C. Deploy an AWS Storage Gateway volume gateway as a virtual machine (VM) on premises at each clinic.
  D. Attach an Amazon Elastic File System (Amazon EFS) file system to each clinic's on-premises servers.
  A. Deploy an AWS Storage Gateway file gateway as a virtual machine (VM) on premises at each clinic

• Question 1453:

  A company runs a web application that is deployed on Amazon EC2 instances in the private subnet of a VPC. An Application Load Balancer (ALB) that extends across the public subnets directs web traffic to the EC2 instances. The company wants to implement new security measures to restrict inbound traffic from the ALB to the EC2 instances while preventing access from any other source inside or outside the private subnet of the EC2 instances.

  Which solution will meet these requirements?

  A. Configure a route in a route table to direct traffic from the internet to the private IP addresses of the EC2 instances.
  B. Configure the security group for the EC2 instances to only allow traffic that comes from the security group for the ALB.
  C. Move the EC2 instances into the public subnet. Give the EC2 instances a set of Elastic IP addresses.
  D. Configure the security group for the ALB to allow any TCP traffic on any port.
  B. Configure the security group for the EC2 instances to only allow traffic that comes from the security group for the ALB.

• Question 1454:

  A company is using a centralized AWS account to store log data in various Amazon S3 buckets. A solutions architect needs to ensure that the data is encrypted at rest before the data is uploaded to the S3 buckets. The data also must be encrypted in transit.

  Which solution meets these requirements?

  A. Use client-side encryption to encrypt the data that is being uploaded to the S3 buckets.
  B. Use server-side encryption to encrypt the data that is being uploaded to the S3 buckets.
  C. Create bucket policies that require the use of server-side encryption with S3 managed encryption keys (SSE-S3) for S3 uploads.
  D. Enable the security option to encrypt the S3 buckets through the use of a default AWS Key Management Service (AWS KMS) key.
  A. Use client-side encryption to encrypt the data that is being uploaded to the S3 buckets.

• Question 1455:

  A medical records company is hosting an application on Amazon EC2 instances. The application processes customer data files that are stored on Amazon S3. The EC2 instances are hosted in public subnets. The EC2 instances access Amazon S3 over the internet, but they do not require any other network access. A new requirement mandates that the network traffic for file transfers take a private route and not be sent over the internet.

  Which change to the network architecture should a solutions architect recommend to meet this requirement?

  A. Create a NAT gateway. Configure the route table for the public subnets to send traffic to Amazon S3 through the NAT gateway.
  B. Configure the security group for the EC2 instances to restrict outbound traffic so that only traffic to the S3 prefix list is permitted.
  C. Move the EC2 instances to private subnets. Create a VPC endpoint for Amazon S3, and link the endpoint to the route table for the private subnets.
  D. Remove the internet gateway from the VPC. Set up an AWS Direct Connect connection, and route traffic to Amazon S3 over the Direct Connect connection.
  C. Move the EC2 instances to private subnets. Create a VPC endpoint for Amazon S3, and link the endpoint to the route table for the private subnets.

• Question 1456:

  A company is developing a serverless, bidirectional chat application that can broadcast messages to connected clients. The application is based on AWS Lambda functions. The Lambda functions receive incoming messages in JSON format.

  The company needs to provide a frontend component for the application.

  Which solution will meet this requirement?

  A. Use an Amazon API Gateway HTTP API to direct incoming JSON messages to backend destinations.
  B. Use an Amazon API Gateway REST API that is configured with a Lambda proxy integration.
  C. Use an Amazon API Gateway WebSocket API to direct incoming JSON messages to backend destinations.
  D. Use an Amazon CloudFront distribution that is configured with a Lambda function URL as a custom origin.
  C. Use an Amazon API Gateway WebSocket API to direct incoming JSON messages to backend destinations.

  ---

  Explanation

  For bidirectional communication such as chat applications, Amazon API Gateway WebSocket API is the correct service. WebSocket APIs allow clients to establish long-lived connections and exchange messages with the backend Lambda functions in real time.

  HTTP APIs and REST APIs are suitable for request-response models, not continuous two-way communication. CloudFront cannot maintain stateful WebSocket connections, so only Option C fits the requirements for a real-time, bidirectional application.

• Question 1457:

  A company asks a solutions architect to review the architecture for its messaging application. The application uses TCP and UDP traffic. The company is planning to deploy a new VoIP feature, but its 10 test users in other countries are reporting poor call quality.

  The VoIP application runs on an Amazon EC2 instance with more than enough resources. The HTTP portion of the company's application behind an Application Load Balancer has no issues.

  What should the solutions architect recommend for the company to do to address the VoIP performance issues?

  A. Use AWS Global Accelerator.
  B. Implement Amazon CloudFront into the architecture.
  C. Use an Amazon Route 53 geoproximity routing policy.
  D. Migrate from Application Load Balancers to Network Load Balancers.
  A. Use AWS Global Accelerator.

  ---

  Explanation

  AWS Global Accelerator is a service that improves global application availability and performance using the AWS global network. It supports both TCP and UDP protocols and provides optimized routing and lower latency for real-time applications such as VoIP, regardless of where the user is located globally.

  AWS Documentation Extract: " AWS Global Accelerator uses the AWS global network to optimize the path to your application endpoints, improving performance for TCP and UDP traffic, such as VoIP. " (Source: AWS Global Accelerator documentation)

  Option B: CloudFront accelerates HTTP/S content, not TCP/UDP.

  Option C: Route 53 geoproximity routing is for DNS-based routing, not for traffic acceleration.

  Option D: Network Load Balancers support TCP/UDP, but do not address global latency or provide acceleration.

  References:

  AWS Certified Solutions Architect?Official Study Guide, Networking Optimization.

• Question 1458:

  A company produces batch data that comes from different databases. The company also produces live stream data from network sensors and application APIs. The company needs to consolidate all the data into one place for business analytics. The company needs to process the incoming data and then stage the data in different Amazon S3 buckets. Teams will later run one-time queries and import the data into a business intelligence tool to show key performance indicators (KPIs).

  Which combination of steps will meet these requirements with the LEAST operational overhead? (Choose two.)

  A. Use Amazon Athena for one-time queries. Use Amazon QuickSight to create dashboards for KPIs.
  B. Use Amazon Kinesis Data Analytics for one-time queries. Use Amazon QuickSight to create dashboards for KPIs.
  C. Create custom AWS Lambda functions to move the individual records from the databases to an Amazon Redshift cluster.
  D. Use an AWS Glue extract, transform, and load (ETL) job to convert the data into JSON format. Load the data into multiple Amazon OpenSearch Service (Amazon Elasticsearch Service) clusters.
  E. Use blueprints in AWS Lake Formation to identify the data that can be ingested into a data lake. Use AWS Glue to crawl the source, extract the data, and load the data into Amazon S3 in Apache Parquet format.
  A. Use Amazon Athena for one-time queries. Use Amazon QuickSight to create dashboards for KPIs.
  E. Use blueprints in AWS Lake Formation to identify the data that can be ingested into a data lake. Use AWS Glue to crawl the source, extract the data, and load the data into Amazon S3 in Apache Parquet format.

• Question 1459:

  As part of budget planning, management wants a report of AWS billed items listed by user. The data will be used to create department budgets. A solutions architect needs to determine the most efficient way to obtain this report information.

  Which solution meets these requirements?

  A. Run a query with Amazon Athena to generate the report.
  B. Create a report in Cost Explorer and download the report.
  C. Access the bill details from the billing dashboard and download the bill.
  D. Modify a cost budget in AWS Budgets to alert with Amazon Simple Email Service (Amazon SES).
  B. Create a report in Cost Explorer and download the report.

• Question 1460:

  A company is storing petabytes of data in Amazon S3 Standard. The data is stored in multiple S3 buckets and is accessed with varying frequency. The company does not know access patterns for all the data. The company needs to implement a solution for each S3 bucket to optimize the cost of S3 usage.

  Which solution will meet these requirements with the MOST operational efficiency?

  A. Create an S3 Lifecycle configuration with a rule to transition the objects in the S3 bucket to S3 Intelligent-Tiering.
  B. Use the S3 storage class analysis tool to determine the correct tier for each object in the S3 bucket. Move each object to the identified storage tier.
  C. Create an S3 Lifecycle configuration with a rule to transition the objects in the S3 bucket to S3 Glacier Instant Retrieval.
  D. Create an S3 Lifecycle configuration with a rule to transition the objects in the S3 bucket to S3 One Zone-Infrequent Access (S3 One Zone-IA).
  A. Create an S3 Lifecycle configuration with a rule to transition the objects in the S3 bucket to S3 Intelligent-Tiering.