Amazon SAA-C03 Online Practice Questions and Exam Preparation

Amazon SAA-C03 Online Questions & Answers

• Question 591:

  A company runs a critical public application on Amazon Elastic Kubernetes Service (Amazon EKS) clusters. The application has a microservices architecture. The company needs to implement a solution that collects, aggregates, and summarizes metrics and logs from the application in a centralized location.

  Which solution will meet these requirements in the MOST operationally efficient way?

  A. Run the Amazon CloudWatch agent in the existing EKS cluster. Use a CloudWatch dashboard to view the metrics and logs.
  B. Configure a data stream in Amazon Kinesis Data Streams. Use Amazon Kinesis Data Firehose to read events and to deliver the events to an Amazon S3 bucket. Use Amazon Athena to view the events.
  C. Configure AWS CloudTrail to capture data events. Use Amazon OpenSearch Service to query CloudTrail.
  D. Configure Amazon CloudWatch Container Insights in the existing EKS cluster. Use a CloudWatch dashboard to view the metrics and logs.
  D. Configure Amazon CloudWatch Container Insights in the existing EKS cluster. Use a CloudWatch dashboard to view the metrics and logs.

  ---

  Explanation

  Amazon CloudWatch Container Insightsis designed for monitoring containerized environments like EKS. It provides native support for collecting and visualizing metrics and logs in a centralized location through CloudWatch dashboards, offering the most operationally efficient solution.

  Option A:Using the CloudWatch agent provides basic metrics but lacks the specific insights required for containerized applications.

  Option B:Kinesis Data Streams and Firehose add unnecessary complexity for this use case.

  Option C:CloudTrail is for auditing API activity and is not designed for application metrics and log aggregation.

  References:

  Amazon CloudWatch Container Insights

• Question 592:

  A company hosts its main public web application in one AWS Region across multiple Availability Zones.

  The application uses an Amazon EC2 Auto Scaling group and an Application Load Balancer (ALB). A web development team needs a cost-optimized compute solution to improve the company's ability to serve dynamic content globally to millions of customers.

  Which solution will meet these requirements?

  A. Create an Amazon CloudFront distribution. Configure the existing ALB as the origin.
  B. Use Amazon Route 53 to serve traffic to the ALB and EC2 instances based on the geographic location of each customer.
  C. Create an Amazon S3 bucket with public read access enabled. Migrate the web application to the S3 bucket. Configure the S3 bucket for website hosting.
  D. Use AWS Direct Connect to directly serve content from the web application to the location of each customer.
  A. Create an Amazon CloudFront distribution. Configure the existing ALB as the origin.

• Question 593:

  A company has a serverless website with millions of objects in an Amazon S3 bucket. The company uses the S3 bucket as the origin for an Amazon CloudFront distribution. The company did not set encryption on the S3 bucket before the objects were loaded. A solutions architect needs to enable encryption for all existing objects and for all objects that are added to the S3 bucket in the future.

  Which solution will meet these requirements with the LEAST amount of effort?

  A. Create a new S3 bucket. Turn on the default encryption settings for the new S3 bucket. Download all existing objects to temporary local storage. Upload the objects to the new S3 bucket.
  B. Turn on the default encryption settings for the S3 bucket. Use the S3 Inventory feature to create a .csv file that lists the unencrypted objects. Run an S3 Batch Operations job that uses the copy command to encrypt those objects.
  C. Create a new encryption key by using AWS Key Management Service (AWS KMS). Change the settings on the S3 bucket to use server-side encryption with AWS KMS managed encryption keys (SSE-KMS). Turn on versioning for the S3 bucket.
  D. Navigate to Amazon S3 in the AWS Management Console. Browse the S3 bucket's objects. Sort by the encryption field. Select each unencrypted object. Use the Modify button to apply default encryption settings to every unencrypted object in the S3 bucket.
  B. Turn on the default encryption settings for the S3 bucket. Use the S3 Inventory feature to create a .csv file that lists the unencrypted objects. Run an S3 Batch Operations job that uses the copy command to encrypt those objects.

• Question 594:

  A company is planning to use an Amazon DynamoDB table for data storage. The company is concerned about cost optimization. The table will not be used on most mornings. In the evenings, the read and write traffic will often be unpredictable. When traffic spikes occur, they will happen very quickly.

  What should a solutions architect recommend?

  A. Create a DynamoDB table in on-demand capacity mode.
  B. Create a DynamoDB table with a global secondary index.
  C. Create a DynamoDB table with provisioned capacity and auto scaling.
  D. Create a DynamoDB table in provisioned capacity mode, and configure it as a global table.
  A. Create a DynamoDB table in on-demand capacity mode.

• Question 595:

  A company wants to isolate its workloads by creating an AWS account for each workload. The company needs a solution that centrally manages networking components for the workloads. The solution also must create accounts with automatic security controls (guardrails).

  Which solution will meet these requirements with the LEAST operational overhead?

  A. Use AWS Control Tower to deploy accounts. Create a networking account that has a VPC with private subnets and public subnets. Use AWS Resource Access Manager (AWS RAM) to share the subnets with the workload accounts.
  B. Use AWS Organizations to deploy accounts. Create a networking account that has a VPC with private subnets and public subnets. Use AWS Resource Access Manager (AWS RAM) to share the subnets with the workload accounts.
  C. Use AWS Control Tower to deploy accounts. Deploy a VPC in each workload account. Configure each VPC to route through an inspection VPC by using a transit gateway attachment.
  D. Use AWS Organizations to deploy accounts. Deploy a VPC in each workload account. Configure each VPC to route through an inspection VPC by using a transit gateway attachment.
  A. Use AWS Control Tower to deploy accounts. Create a networking account that has a VPC with private subnets and public subnets. Use AWS Resource Access Manager (AWS RAM) to share the subnets with the workload accounts.

• Question 596:

  A company is developing software that uses a PostgreSQL database schema. The company needs to configure multiple development environments and databases for the company's developers. On average, each development environment is used for half of the 8-hour workday.

  Which solution will meet these requirements MOST cost-effectively?

  A. Configure each development environment with its own Amazon Aurora PostgreSQL database
  B. Configure each development environment with its own Amazon RDS for PostgreSQL Single-AZ DB instances
  C. Configure each development environment with its own Amazon Aurora On-Demand PostgreSQL-Compatible database
  D. Configure each development environment with its own Amazon S3 bucket by using Amazon S3 Object Select
  C. Configure each development environment with its own Amazon Aurora On-Demand PostgreSQL-Compatible database

• Question 597:

  A company is deploying an application that processes streaming data in near-real time. The company plans to use Amazon EC2 instances for the workload. The network architecture must be configurable to provide the lowest possible latency between nodes.

  Which networking solution meets these requirements?

  A. Place the EC2 instances in multiple VPCs, and configure VPC peering.
  B. Attach an Elastic Fabric Adapter (EFA) to each EC2 instance.
  C. Run the EC2 instances in a spread placement group.
  D. Use Amazon Elastic Block Store (Amazon EBS) optimized instance types.
  B. Attach an Elastic Fabric Adapter (EFA) to each EC2 instance.

  ---

  Explanation

  For near-real-time streaming workloads that are highly latency-sensitive, the network layer must provide ultra-low latency and high throughput between compute nodes. Elastic Fabric Adapter (EFA) is specifically designed to meet these requirements. EFA enables EC2 instances to communicate using a high-performance network interface that bypasses traditional TCP/IP networking, providing lower and more consistent latency. This is especially valuable for tightly coupled workloads that require fast inter-node communication. Option B is the correct choice because EFA supports custom networking stacks and is optimized for applications such as real-time data processing, distributed computing, and high-performance workloads. EFA integrates directly with supported EC2 instance types and allows applications to take advantage of enhanced networking capabilities without requiring complex multi-VPC architectures.

  Option A introduces additional network hops and latency due to VPC peering and is not suitable for ultra-low-latency workloads.

  Option C (spread placement groups) is designed to increase fault tolerance by placing instances on separate hardware, but it does not optimize for low-latency communication and may actually increase network distance between instances.

  Option D improves storage performance, not network performance, and does not affect inter-instance latency.

  Therefore, B is the best solution because Elastic Fabric Adapter is the AWS-recommended approach for achieving the lowest possible network latency between EC2 instances in performance-critical streaming architectures.

• Question 598:

  An ecommerce company has noticed performance degradation of its Amazon RDS based web application.

  The performance degradation is attributed to an increase in the number of read-only SQL queries triggered by business analysts. A solutions architect needs to solve the problem with minimal changes to the existing web application.

  What should the solutions architect recommend?

  A. Export the data to Amazon DynamoDB and have the business analysts run their queries.
  B. Load the data into Amazon ElastiCache and have the business analysts run their queries.
  C. Create a read replica of the primary database and have the business analysts run their queries.
  D. Copy the data into an Amazon Redshift cluster and have the business analysts run their queries.
  C. Create a read replica of the primary database and have the business analysts run their queries.

• Question 599:

  A company is implementing a shared storage solution for a gaming application that is hosted in an on-premises data center. The company needs the ability to use Lustre clients to access data. The solution must be fully managed.

  Which solution meets these requirements?

  A. Create an AWS Storage Gateway file gateway. Create a file share that uses the required client protocol. Connect the application server to the file share.
  B. Create an Amazon EC2 Windows instance. Install and configure a Windows file share role on the instance. Connect the application server to the file share.
  C. Create an Amazon Elastic File System (Amazon EFS) file system, and configure it to support Lustre. Attach the file system to the origin server. Connect the application server to the file system.
  D. Create an Amazon FSx for Lustre file system. Attach the file system to the origin server. Connect the application server to the file system.
  D. Create an Amazon FSx for Lustre file system. Attach the file system to the origin server. Connect the application server to the file system.

• Question 600:

  A company stores data in an on-premises Oracle relational database. The company needs to make the data available in Amazon Aurora PostgreSQL for analysis. The company uses an AWS Site-to-Site VPN connection to connect its on-premises network to AWS.

  The company must capture the changes that occur to the source database during the migration to Aurora PostgreSQL.

  Which solution will meet these requirements?

  A. Use the AWS Schema Conversion Tool (AWS SCT) to convert the Oracle schema to Aurora PostgreSQL schema. Use the AWS Database Migration Service (AWS DMS) full-load migration task to migrate the data.
  B. Use AWS DataSync to migrate the data to an Amazon S3 bucket. Import the S3 data to Aurora PostgreSQL by using the Aurora PostgreSQL aws_s3 extension.
  C. Use the AWS Schema Conversion Tool (AWS SCT) to convert the Oracle schema to Aurora PostgreSQL schema. Use AWS Database Migration Service (AWS DMS) to migrate the existing data and replicate the ongoing changes.
  D. Use an AWS Snowball device to migrate the data to an Amazon S3 bucket. Import the S3 data to Aurora PostgreSQL by using the Aurora PostgreSQL aws_s3 extension.
  C. Use the AWS Schema Conversion Tool (AWS SCT) to convert the Oracle schema to Aurora PostgreSQL schema. Use AWS Database Migration Service (AWS DMS) to migrate the existing data and replicate the ongoing changes.