Amazon Amazon Certifications SAA-C03 Questions & Answers

• Question 531:

  A company is migrating an old application to AWS The application runs a batch job every hour and is CPU intensive The batch job takes 15 minutes on average with an on-premises server The server has 64 virtual CPU (vCPU) and 512 GiB of memory

  Which solution will run the batch job within 15 minutes with the LEAST operational overhead?

  A. Use AWS Lambda with functional scaling

  B. Use Amazon Elastic Container Service (Amazon ECS) with AWS Fargate

  C. Use Amazon Lightsail with AWS Auto Scaling

  D. Use AWS Batch on Amazon EC2

  Correct Answer: D

  Use AWS Batch on Amazon EC2. AWS Batch is a fully managed batch processing service that can be used to easily run batch jobs on Amazon EC2 instances. It can scale the number of instances to match the workload, allowing the batch job to be completed in the desired time frame with minimal operational overhead.

  Using AWS Lambda with Amazon API Gateway-AWS Lambda https://docs.aws.amazon.com/lambda/latest/dg/services-apigateway.html

  AWS Lambda FAQs https://aws.amazon.com/lambda/faqs/

• Question 532:

  An ecommerce company has noticed performance degradation of its Amazon RDS based web application. The performance degradation is attributed to an increase in the number of read-only SQL queries triggered by business analysts. A solutions architect needs to solve the problem with minimal changes to the existing web application.

  What should the solutions architect recommend?

  A. Export the data to Amazon DynamoDB and have the business analysts run their queries.

  B. Load the data into Amazon ElastiCache and have the business analysts run their queries.

  C. Create a read replica of the primary database and have the business analysts run their queries.

  D. Copy the data into an Amazon Redshift cluster and have the business analysts run their queries

  Correct Answer: C

  Creating a read replica of the primary RDS database will offload the read-only SQL queries from the primary database, which will help to improve the performance of the web application. Read replicas are exact copies of the primary database that can be used to handle read-only traffic, which will reduce the load on the primary database and improve the performance of the web application. This solution can be implemented with minimal changes to the existing web application, as the business analysts can continue to run their queries on the read replica without modifying the code.

• Question 533:

  A hospital is designing a new application that gathers symptoms from patients. The hospital has decided to use Amazon Simple Queue Service (Amazon SOS) and Amazon Simple Notification Service (Amazon SNS) in the architecture.

  A solutions architect is reviewing the infrastructure design Data must be encrypted at test and in transit. Only authorized personnel of the hospital should be able to access the data.

  Which combination of steps should the solutions architect take to meet these requirements? (Select TWO.)

  A. Turn on server-side encryption on the SQS components Update tie default key policy to restrict key usage to a set of authorized principals.

  B. Turn on server-side encryption on the SNS components by using an AWS Key Management Service (AWS KMS) customer managed key Apply a key policy to restrict key usage to a set of authorized principals.

  C. Turn on encryption on the SNS components Update the default key policy to restrict key usage to a set of authorized principals. Set a condition in the topic pokey to allow only encrypted connections over TLS.

  D. Turn on server-side encryption on the SOS components by using an AWS Key Management Service (AWS KMS) customer managed key Apply a key pokey to restrict key usage to a set of authorized principals. Set a condition in the queue pokey to allow only encrypted connections over TLS.

  E. Turn on server-side encryption on the SOS components by using an AWS Key Management Service (AWS KMS) customer managed key. Apply an IAM pokey to restrict key usage to a set of authorized principals. Set a condition in the queue pokey to allow only encrypted connections over TLS

  Correct Answer: BD

  https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html

• Question 534:

  A rapidly growing global ecommerce company is hosting its web application on AWS. The web application includes static content and dynamic content. The website stores online transaction processing (OLTP) data in an Amazon RDS database. The website's users are experiencing slow page loads.

  Which combination of actions should a solutions architect take to resolve this issue? (Select TWO.)

  A. Configure an Amazon Redshift cluster.

  B. Set up an Amazon CloudFront distribution

  C. Host the dynamic web content in Amazon S3

  D. Create a t wd replica tor the RDS DB instance.

  E. Configure a Multi-AZ deployment for the RDS DB instance

  Correct Answer: BD

  To resolve the issue of slow page loads for a rapidly growing e-commerce website hosted on AWS, a solutions architect can take the following two actions:

  1.

  Set up an Amazon CloudFront distribution

  2.

  Create a read replica for the RDS DB instance

  Configuring an Amazon Redshift cluster is not relevant to this issue since Redshift is a data warehousing service and is typically used for the analytical processing of large amounts of data.

  Hosting the dynamic web content in Amazon S3 may not necessarily improve performance since S3 is an object storage service, not a web application server. While S3 can be used to host static web content, it may not be suitable for hosting

  dynamic web content since S3 doesn't support server-side scripting or processing.

  Configuring a Multi-AZ deployment for the RDS DB instance will improve high availability but may not necessarily improve performance.

• Question 535:

  A company hosts a multiplayer gaming application on AWS. The company wants the application to read data with sub-millisecond latency and run one-time queries on historical data. Which solution will meet these requirements with the LEAST operational overhead?

  A. Use Amazon RDS for data that is frequently accessed. Run a periodic custom script to export the data to an Amazon S3 bucket.

  B. Store the data directly in an Amazon S3 bucket. Implement an S3 Lifecycle policy to move older data to S3 Glacier Deep Archive for long-term storage. Run one-time queries on the data in Amazon S3 by using Amazon Athena

  C. Use Amazon DynamoDB with DynamoDB Accelerator (DAX) for data that is frequently accessed. Export the data to an Amazon S3 bucket by using DynamoDB table export. Run one-time queries on the data in Amazon S3 by using Amazon Athena.

  D. Use Amazon DynamoDB for data that is frequently accessed Turn on streaming to Amazon Kinesis Data Streams. Use Amazon Kinesis Data Firehose to read the data from Kinesis Data Streams. Store the records in an Amazon S3 bucket.

  Correct Answer: C

• Question 536:

  A solutions architect has created two IAM policies: Policy1 and Policy2. Both policies are attached to an IAM group.

  

  A cloud engineer is added as an IAM user to the IAM group. Which action will the cloud engineer be able to perform?

  A. Deleting IAM users

  B. Deleting directories

  C. Deleting Amazon EC2 instances

  D. Deleting logs from Amazon CloudWatch Logs

  Correct Answer: C

  https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ds/index.html

• Question 537:

  A company is planning to store data on Amazon RDS DB instances. The company must encrypt the data at rest. What should a solutions architect do to meet this requirement?

  A. Create an encryption key and store the key in AWS Secrets Manager Use the key to encrypt the DB instances

  B. Generate a certificate in AWS Certificate Manager (ACM). Enable SSL/TLS on the DB instances by using the certificate

  C. Create a customer master key (CMK) in AWS Key Management Service (AWS KMS) Enable encryption for the DB instances

  D. Generate a certificate in AWS Identity and Access Management {IAM) Enable SSUTLS on the DB instances by using the certificate

  Correct Answer: C

• Question 538:

  A company needs to export its database once a day to Amazon S3 for other teams to access. The exported object size vanes between 2 GB and 5 GB. The S3 access pattern for the data is variable and changes rapidly. The data must be immediately available and must remain accessible for up to 3 months. The company needs the most cost-effective solution that will not increase retrieval time

  Which S3 storage class should the company use to meet these requirements?

  A. S3 Intelligent-Tiering

  B. S3 Glacier Instant Retrieval

  C. S3 Standard

  D. S3 Standard-Infrequent Access (S3 Standard-IA)

  Correct Answer: A

  S3 Intelligent-Tiering monitors access patterns and moves objects that have not been accessed for 30 consecutive days to the Infrequent Access tier and after 90 days of no access to the Archive Instant Access tier.

• Question 539:

  A company wants to migrate an Oracle database to AWS. The database consists of a single table that contains millions of geographic information systems (GIS) images that are high resolution and are identified by a geographic code.

  When a natural disaster occurs tens of thousands of images get updated every few minutes. Each geographic code has a single image or row that is associated with it. The company wants a solution that is highly available and scalable during such events Which solution meets these requirements MOST cost-effectively?

  A. Store the images and geographic codes in a database table. Use Oracle running on an Amazon RDS Multi-AZ DB instance.

  B. Store the images in Amazon S3 buckets. Use Amazon DynamoDB with the geographic code as the key and the image S3 URL as the value.

  C. Store the images and geographic codes in an Amazon DynamoDB table. Configure DynamoDB Accelerator (DAX) during times of high load.

  D. Store the images in Amazon S3 buckets. Store geographic codes and image S3 URLs in a database table. Use Oracle running on an Amazon RDS Multi-AZ DB instance.

  Correct Answer: D

  Simple use case, highly available, and scalable -> Choose DynamoDB over RDS in terms of cost.

• Question 540:

  A company runs a fleet of web servers using an Amazon RDS for PostgreSQL DB instance After a routine compliance check, the company sets a standard that requires a recovery pant objective (RPO) of less than 1 second for all its production databases.

  Which solution meets these requirement?

  A. Enable a Multi-AZ deployment for the DB Instance

  B. Enable auto scaling for the OB instance m one Availability Zone.

  C. Configure the 06 instance in one Availability Zone and create multiple read replicas in a separate Availability Zone

  D. Configure the 06 instance m one Availability Zone, and configure AWS Database Migration Service (AWS DMS) change data capture (CDC) tasks

  Correct Answer: A

  Used for DR. Every single change is replicated in a standby AZ. If we lose the main AZ, (uses the same DNS name) standby becomes automatic failover and the new main DB.