[NEW] Amazon SAA-C02 dumps pdf questions and exam tips Up-to-date

The SAA-C02 exam is difficult to pass, and good SAA-C02 dumps are hard to find! How do you break through? Some of you took more than 3 months to prepare and didn’t have confidence, and some of you sprinted for a month or so to get through. Share free Amazon SAA-C02 dumps pdf questions and exam tips here that will give you confidence.

BIG TIP: If you have learned from Pass4Sure SAA-C02 dumps pdf https://www.pass4itsure.com/saa-c02.html(PDF+VCE), 100% of the problems are from there, make sure you pass.

The first step is free Amazon SAA-C02 dumps practice questions to share with you:

1-

A developer has an application that uses an AWS Lambda function to upload files to Amazon S3 and needs the required permissions to perform the task.

The developer already has an IAM user with valid IAM credentials required for Amazon S3. What should a solutions architect do to grant the permissions?

A. Add required IAM permissions in the resource policy of the Lambda function.
B. Create a signed request using the existing IAM credential in the Lambda function.
C. Create a new IAM user and use the existing IAM credentials in the Lambda function
D. Create an IAM execution role with the required permissions and attach the IAM role to the Lambda function

2 –

A financial services company has a web application that serves users in the United States and Europe The application consists of a database tier and a web server tier The database tier consists of a MySQL database hosted in us-east-1

Amazon Route 53 geo proximity routing is used to direct traffic to instances in the closest Region A performance review of the system reveals that European users are not receiving the same level of query performance as those in the United States

Which changes should be made to the database tier to improve performance?

A. Migrate the database to Amazon RDS for MySQL Configure Multi-AZ in one of the European Regions
B. Migrate the database to Amazon DynamoDB Use DynamoDB global tables to enable replication to additional Regions
C. Deploy MySQL instances in each Region Deploy an Application Load Balancer in front of MySQL to reduce the load on the primary instance
D. Migrate the database to an Amazon Aurora global database in MySQL compatibility mode Configure read replicas in one of the European Regions

3 –

A company designs a mobile app for its customers to upload photos to a website. The app needs a secure login with multi-factor authentication (MFA). The company wants to limit the initial build time and the maintenance of the solution

Which solution should a solutions architect recommend to meet these requirements?

A. Use Amazon Cognito Identity with SMS-based MFA.
B. Edit 1 AM policies to require MFA for all users
C. Federate 1 AM against the corporate Active Directory that requires MFA
D. Use Amazon API Gateway and require server-side encryption (SSE) for photos

4 –

A company recently launched a new service that involves medical images. The company scans the images and sends them from its on-premises data center through an AWS Direct Connect connection to Amazon EC2 instances.

After processing is complete, the images are stored in an Amazon S3 bucket.

A company requirement states that the EC2 instances cannot be accessible through the internet. The EC2 instances run in a private subnet, which has a default route back to the on-premises data center for outbound internet access.

Usage of the new service is increasing rapidly. A solutions architect must recommend a solution that meets the company\\’s requirements and reduces the Direct Connect charges.

Which solution accomplishes these goals MOST cost-effectively?

A. Configure a VPC endpoint for Amazon S3. Add an entry to the private subnet\\’s route table for the S3 endpoint.
B. Configure a NAT gateway in a public subnet. Configure the private subnet\\’s route table to use the NAT gateway.
C. Configure Amazon S3 as a file system mount point on the EC2 instances. Access Amazon S3 through the mount.
D. Move the EC2 instances into a public subnet. Configure the public subnet route table to point to an internet gateway.

5 –

A company is designing a cloud communications platform trial is driven by APIs. The application is hosted on Amazon EC2 instances behind a Network Load Balancer (NLB). The company uses Amazon API Gateway to provide external users with access to the application through APIs.

The company wants to protect the platform against web exploits like SQL Injection and also wants to detect and mitigate large, sophisticated DDoS attacks Which combination of solutions provides the MOST protection? (Select TWO.)

A. Use AWS WAF to protect the NLB
B. Use AWS Shield Advanced with the NLB
C. Use AWS WAF to protect Amazon API Gateway
D. Use Amazon GuardDuty with AWS Shield Standard
E. Use AWS Shield Standard with Amazon API Gateway

6 –

A company runs an application on Amazon EC2 Instances. The application is deployed in private subnets in three Availability Zones of the us-east-1 Region.

The instances must be able to connect to the internet to download files The company wants a design that Is highly available across the Region.

Which solution should be implemented to ensure that there are no disruptions to Internet connectivity?

A. Deploy a NAT Instance In a private subnet of each Availability Zone.
B. Deploy a NAT gateway in a public subnet of each Availability Zone.
C. Deploy a transit gateway in a private subnet of each Availability Zone.
D. Deploy an internet gateway in a public subnet of each Availability Zone.

7 –

A solutions architect is designing a new workload in which an AWS Lambda function will access an Amazon DynamoDB table. What are the MOST secure means of granting the Lambda function access to the DynamoDB labia?

A. Create an IAM role with the necessary permissions to access the DynamoDB table Assign the role to the Lambda function.
B. Create a DynamoDB user name and password and give them to the developer to use in the Lambda function.
C. Create an IAM user, and create access and secret keys for the user. Give the user the necessary permissions to access the DynarnoOB table. Have the developer use these keys to access the resources.
D. Create an IAM role allowing access from AWS Lambda Assign the role to the DynamoDB table

8 –

Organizers for a global event want to put daily reports online as static HTML pages The pages are expected to generate millions of views from users around the world The files are stored in an Amazon S3 bucket A solutions architect has been asked to design an efficient and effective solution

Which action should the solutions architect take to accomplish this?

A. Generate pre-signed URLs for the files
B. Use cross-Region replication to all Regions
C. Use the geo proximity feature of Amazon Route 53
D. Use Amazon CloudFront with the S3 bucket as its origin

Using Amazon S3 Origins, MediaPackage Channels, and Custom Origins for Web Distributions Using Amazon S3 Buckets for Your Origin When you use Amazon S3 as an origin for your distribution, you place any objects that you
want CloudFront to deliver in an Amazon S3 bucket.

You can use any method that is supported by Amazon S3 to get your objects into Amazon S3, for example, the Amazon S3 console or API, or a third-party tool. You can create a hierarchy in your bucket to store the objects, just as you would with any other Amazon S3 bucket.

Using an existing Amazon S3 bucket as your CloudFront origin server doesn\’t change the bucket in any way; you can still use it as you normally would to store and access Amazon S3 objects at the standard Amazon S3 price. You incur
regular Amazon S3 charges for storing the objects in the bucket.

Using Amazon S3 Buckets Configured as Website Endpoints for Your Origin You can set up an Amazon S3 bucket that is configured as a website endpoint as custom origin with CloudFront.

When you configure your CloudFront distribution, for the origin, enter the Amazon S3 static website hosting endpoint for your bucket. This value appears in the Amazon S3 console, on the Properties tab, in the Static website hosting pane.

For example:
http://bucket-name.s3-website-region.amazonaws.com
For more information about specifying Amazon S3 static website endpoints, see Website endpoints in the Amazon Simple Storage Service Developer Guide. When you specify the bucket name in this format as your origin, you can use
Amazon S3 redirects and Amazon S3 custom error documents.

For more information about Amazon S3 features, see
the Amazon S3 documentation. Using an Amazon S3 bucket as your CloudFront origin server doesn\’t change it in any way.

You can still use it as you normally would and you incur regular Amazon S3 charges. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCust omOrigins.html

9 –

A company runs multiple Amazon EC2 Linux instances in a VPC across two Availability Zones The instances, host applications that use a hierarchical directory structure The applications need to read and write rapidly and concurrently to shared storage
What should a solutions architect do to meet these requirements?

A. Create an Amazon S3 bucket Allow access from all the EC2 instances in the VPC
B. Create an Amazon Elastic File System (Amazon EFS) file system Mount the EFS file system from each EC2 instance
C. Create a file system on a Provisioned IOPS SSD (io2) Amazon Elastic Block Store (Amazon EBS) volume Attach the EBS volume to all the EC2 instances
D. Create file systems on Amazon Elastic Block Store (Amazon EBS) volumes that are attached to each EC2 instance Synchronize the EBS volumes across the different EC2 instances

10 –

An eCommerce company is experiencing an increase in user traffic. The company\\’s store is deployed on Amazon EC2 instances as a two-tier two application consisting of a web tier and a separate database tier As traffic increases, the company notices that the architecture is causing significant delays in sending timely marketing and order confirmation
email to users.

The company wants to reduce the time it spends resolving complex email delivery issues and minimize operational overhead What should a solutions architect do to meet these requirements?

A. Create a separate application tier using EC2 instances dedicated to email processing.
B. Configure the web instance to send email through Amazon Simple Email Service (Amazon SES)
C. Configure the web instance to send email through Amazon Simple Notification Service (Amazon SNS)
D. Create a separate application tier using EC2 instances dedicated to email processing. Place the instances in an Auto Scaling group.

11 –

A company\\’s security policy requires that alt AWS API activity in its AWS accounts be recorded for periodic auditing. The company needs to ensure that AWS CloudTrail is enabled on all of its current and future AWS accounts using AWS Organizations.

Which solution is MOST secure?

A. At the organization\\’s root define and attach a service control policy (SCP) that permits enabling CloudTrail only
B. Create 1 AM groups in the organization\\’s master account as needed Define and attach a 1 AM policy to the groups that prevent users from disabling CloudTrail
C. Organize accounts into organizational units (OUs) At the organization\\’s root, define and attach a service control policy (SCP) that prevents users from disabling CloudTrail
D. Add all existing accounts under the organization\\’s root Define and attach a service control policy (SCP) to every account that prevents users from disabling CloudTrail

12 –

A company is selling up an application to use an Amazon RDS MySQL DB instance. The database must be architected for high availability across Availability Zones and AWS Regions with minimal downtime.

How should a solutions architect meet this requirement?

A. Set up an RDS MySQL Multi-AZ DB instance. Configure an appropriate backup window.
B. Set up an RDS MySQL Multi-AZ DB instance. Configure a read replica in a different Region.
C. Set up an RDS MySQL Single-AZ DB instance. Configure a read replica in a different Region.
D. Set up an RDS MySQL Single-AZ DB instance. Copy automated snapshots to at least one other Region.

Post answer

1. C, 2. D, 3. A, 4. B, 5. AD, 6. B, 7. A, 8. D, 9. B, 10. B, 11. D, 12. C

In the second step, you can also choose to study online for free SAA-C02 dumps pdf

[latest google drive SAA-C02 pdf] Contains 12 questions and answers with parsed AWS Certified Solutions Architect – Associate (SAA-C02) exam questions https://drive.google.com/file/d/1Oa-2k9ePg0XhbLn8PzRnIs2ci_eJTuXI/view?usp=sharing

Exam tips:

  • Do not drink too much water before the exam.
  • If English is not your primary language, use the ESL option.
  • Do not eat too many carbs before the test to avoid drowsiness

Exam Experience: For AWS Certified Solutions Architect – Associate (SAA-C02) exams, many people have the trouble mentioned at the beginning, don’t be dazed, believe in yourself. Pass4Sure SAA-C02 dumps pdf will help you learn to prepare and finally achieve your goals to earn the AWS Certified Associate certification.

Preparation: See the free SAA-C02 exam practice test above for a constant review of all the questions you made wrong in the practice exam. The next step is to get the full Pass4Sure SAA-C02 dumps pdf https://www.pass4itsure.com/saa-c02.html (980 total questions).

Thank you for reading, and finally wish everyone a smooth exam!

Examdemosimulation is designed to share Amazon’s latest SAA-C02 exam questions to help you pass.

Previous SAA-C02 exam questions

Latest Amazon AWS SAA-C02 exam dumps Q&As share online

Like other exams, the SAA-C02 exam is hard, and you can learn from the latest Amazon AWS SAA-C02 exam dumps PDF+ VCE. Examdemosimulation shares some of the best-used Updated Amazon SAA-C02 exams dumps learning materials and where to find them…

Where to find latest Amazon AWS SAA-C02 exam dumps?

Click on the link https://www.pass4itsure.com/saa-c02.html (get the latest SAA-C02 Dumps PDF + VCE) to purchase the full Amazon SAA-C02 exam dumps at the cheapest price with the discount code “Amazon”.

Here’s a Q&A from Pass4itsure SAA-C02 dumps share for the AWS Certified Solutions Architect – Associate (SAA-C02) exam:

Amazon AWS Certified Associate SAA-C02 practice test 1-12:

SAA-C02 Q&As

QUESTION 1

company\\’s human resources (HR) department saves its sensitive documents in an Amazon S3 bucket
named conf>dential_bucket An 1AM policy grants permission for ail S3 actions to a group of which each HR employee is a member A solutions architect needs to make the objects secure and raccessible outside the company\\’s AWS account and on-premises IP CIDR range The solutions architect adds the following S3 bucket policy ( “Version”: “2008-10-17”, “Statement”: [
{ “Effect”: “Deny”, “Principal”: { “AWS”: -“Action”: “s3:””, “Resource”: “arn:aws:s3:::confidential_bucket/*”, “Condition”: {
“StringNotLike”: {
“aws:sourceVpce”: “vpce-C12345789” }, “NotlpAddress”: { “aws:SourceIp”: [
“10.100.0.0/24”, “172.31.0.0/24”
J } }
} J }

What is the effect of the added bucket policy?

A. Option A
B. Option B
C. Option C
D. Option D

Correct Answer: D

QUESTION 2

A company is building a payment application that must be highly available even during regional service disruptions A solutions architect must design a data storage solution that can be easily replicated and used in other AWS Regions.

The application also requires low-latency atomicity, consistency, isolation, and durability (ACID) transactions that need to be immediately available to generate reports The development team also needs to use SQL. Which data storage solution meets these requirements\’?

A. Amazon Aurora Global Database
B. Amazon DynamoDB global tables
C. Amazon S3 with cross-Region replication and Amazon Athena
D. MySQL on Amazon EC2 instances with Amazon Elastic Block Store (Amazon EBS) snapshot replication

Correct Answer: C

QUESTION 3

A gaming company hosts a browser-based application on AWS. The users of the application consume a large number of videos and images that are stored in Amazon S3. This content is the same for all users.

The application has increased in popularity, and millions of users worldwide are accessing these media files. The company wants to provide the files to the users while reducing the load on the origin.
Which solution meets these requirements MOST cost-effectively?

A. Deploy an AWS Global Accelerator accelerator in front of the web servers.
B. Deploy an Amazon CloudFront web distribution in front of the S3 bucket.
C. Deploy an Amazon ElastiCache for Redis instance in front of the web servers.
D. Deploy an Amazon ElastiCache for Memcached instance in front of the web servers.

Correct Answer: B

Reference: https://aws.amazon.com/getting-started/hands-on/deliver-content-faster/

QUESTION 4

A company designed a stateless two-tier that uses Amazon EC2 in a single Availability Zone and an Amazon RDS multi DB instance. New company management wants to ensure the application is highly available.

What should a solutions architect do to meet this requirement?

A. Configure the application to use Multi-AZ EC2 Auto Scaling and create an Application Load Balancer.
B. Configure the application to take snapshots of the EC2 instances and send them to a different AWS Region.
C. Configure the application to use Amazon Route 53 latency-based routing to feed requests to the application.
D. Configure Amazon Route 53 rules to handle incoming requests and create a multi-AZ Application Load Balancer.

Correct Answer: A

QUESTION 5

The following IAM policy is attached to an IAM group. This is the only policy applied to the group.

What are the effective IAM permissions of this policy for group members?

A. Group members are permitted any Amazon EC2 action within the uss-east-1 Region. Statements after The Allow permission is not applied

B. Group members are denied any Amazon EC2 permissions in the us-east-1 Region unless they are tagged in with multifactor authentication (MFA).

C. Group members are allowed the ec2:StopInstances and ec2:Terminatelnstances permissions for all Regions when logged in with multi-factor authentication (MFA). Group members authorized any other Amazon EC2 action.

D. Group members are allowed the ec2:Stoplnstances and ec2:Terminatelnstances permissions for the us-east-1 Region only when logged in with multi-factor authentication (MFA). Groups are permitted any other Amazon EC2 action within the us-east-1 Region

Correct Answer: D

QUESTION 6

A company needs to use its on-premises LDAP directory service to authenticate its users to the AWS Management Console. The directory service is not compatible with Security Assertion Markup Language (SAML) Which solution meets these requirements?

A. Enable AWS Single Sign-On between AWS and the on-premises LDAP
B. Create a 1 AM policy mat that uses AWS credentials and integrate the policy into LDAP
C. Set up a process that rotates the IAM credentials whenever LDAP credentials are updated.
D. Develop an on-premises custom identity broker application of process mat uses AWS Security Token Service (AWS STS) to get short-lived credentials

Correct Answer: A

QUESTION 7

A company\\’s packaged application dynamically creates and returns single-use text files in response to user requests.

The company is using Amazon CloudFront for distribution but wants to future reduce data transfer costs. The company modifies the application\\’s source code.

What should a solution architect do to reduce costs?

A. Use Lambda adage to compress the files as they are sent to users.
B. Enable Amazon S3 Transfer Acceleration to reduce the response times.
C. Enable caching on the CloudFront distribution to store generated files at the edge.
D. Use Amazon S3 multipart uploads to move the files to Amazon S3 before returning them to users.

Correct Answer: C

QUESTION 8

A company is hosting an election reporting website on AWS for users around the world The website uses Amazon EC2 Instances for the web and application tiers in an Auto Scaling group with Application Load Balancers The database tier uses an Amazon RDS for MySQL database

The website is updated with election results once an hour and has historically observed hundreds of users accessing the reports The company Is expecting a significant increase In demand because of upcoming elections in different countries. A solutions architect must Improve The website\’s ability
to handle additional demand while minimizing the need for additional EC2 instances

Which solution will meet these requirements?

A. Launch an Amazon ElastiCache cluster to cache common database queries.
B. Launch an Amazon CloudFront web distribution to cache commonly requested website content
C. Enable disk-based caching on the EC2 instances to cache commonly requested website content
D. Deploy a reverse proxy into the design using an EC2 instance with caching enabled for commonly requested website content

Correct Answer: B

QUESTION 9

A company is running a publicly accessible serverless application that uses Amazon API Gateway and AWS Lambda The application\’s traffic recently spiked due to fraudulent requests from botnets.
Which steps should a solutions architect take to block requests from unauthorized users? (Select TWO.)

A. Create a usage plan with an API key that is shared with genuine users only.
B. Integrate logic within the Lambda function to ignore the requests from fraudulent addresses.
C. Implement an AWS WAF rule to target malicious requests and trigger actions to filter them out.
D. Convert the existing public API to a private API. Update the DNS records to redirect users to the new API endpoint.
E. Create an IAM role for each user attempting to access the API. A user will assume the role when making the API
call.

Correct Answer: CD

QUESTION 10

A company runs a fleet of web servers using an Amazon RDS for PostgreSQL DB instance. After a routine compliance check, the company sets a standard that requires a recovery point objective (RPO) of less than 1 second for all its production databases.

Which solution meets these requirements?

A. Enable a Multi-AZ deployment for the DB instance.
B. Enable auto-scaling for the DB instance in one Availability Zone.
C. Configure the DB instance in one Availability Zone, and create multiple read replicas in a separate Availability Zone.
D. Configure the DB instance in one Availability Zone, and configure AWS Database Migration Service (AWS DMS) change data capture (CDC) tasks.

Correct Answer: A

Reference: https://aws.amazon.com/blogs/database/implementing-a-disaster-recovery-strategy-withamazon-rds/

QUESTION 11

A gaming company is designing a highly available architecture. the application runs on a modified Linux kernel and supports only UDP-based traffic. The company needs the front-end tier to provide the best possible user experience.

The tier must have low latency, route traffic to the nearest edge location, and possible static IP addresses for entry into the application endpoints. What should a solution architect do to meet these requirements?

A. Configure Amazon Route 53 to forward requests to an Application Load Balancer. Use AWS Lambda for the application in AWS Application Auto Scaling.
B. Configure Amazon CloudFront to forward requests to a Network Load Balancer. Use AWS Lambda for the application in an AWS Application Auto Scaling group.
C. Configure AWS Global Accelerator to forward requests to a Network Load Balancer. Use Amazon EC2 instances for the application in an EC2 Auto Scaling group.
D. Configure Amazon API Gateway to forward requests to an Application Load Balancer. Use Amazon EC2 instances for the application in an EC2 Auto Scaling group.

Correct Answer: A

QUESTION 12

A company that hosts an online shopping application that stores all orders in an Amazon RDS for PostgreSQL Single-AZ DB instance Management wants to eliminate single points of failure and has asked a solutions architect to recommend an approach to minimize database downtime without requiring any changes to the application code.

Which solution meets these requirements?

A. Convert the existing database instance to a Multi-AZ deployment by modifying the database instance and specifying the Multi-AZ option.

B. Create a new RDS Multi-AZ deployment Take a snapshot of the current RDS instance and restore the new Multi-AZ deployment with the snapshot

C. Create a read-only replica of the PostgreSQL database in another Availability Zone Use Amazon Route 53 weighted recordsets to distribute requests across the databases.

D. Place the RDS for PostgreSQL database in an Amazon EC2 Auto Scaling group with a minimum group size of two Use Amazon Route 53 weighted recordsets to distribute requests across instances.

Correct Answer: A

PS, SAA-C02 exam pdf free download

google drive:

https://drive.google.com/file/d/1eYGs-78qblOHmGnz798OPyLzJ41vYjBT/view?usp=sharing

Other Amazon exam practice test https://www.examdemosimulation.com/category/amazon-exam-practice-test/

You can trust Pass4itSure SAA-C02 exam dumps because it has many years of experience and is always up to date. Get the full SAA-C02 exam dumps https://www.pass4itsure.com/saa-c02.html (total Q&As: 922).

Thanks for making these practice tests! I would like to receive a reply like this.

I hope this helps others learn,

Good luck to those who choose SAA-C02!

Great way to get AWS Certified Solutions Architect – Associate (SAA-C02)

Great way to get AWS (SAA-C02)

I believe a lot of the information about the Amazon SAA-C02 exam is outdated. Because the exams are always updated, the methods also need to be up-to-date. Has anyone here had a recent experience with this AWS Certified Solutions Architect – Associate (SAA-C02) exam? Or a good way to pass? I’ll tell you! The best way to pass the exam is to practice as many AWS Certified Associate SAA-C02 exam questions as possible and improve your abilities with practice!

Here I share the free SAA-C02 practice test (Side note: only partial, not a complete AA-C02 test). The full AWS SAA-C02 practice test access URL I also share with you, here >>> https://www.pass4itsure.com/saa-c02.html SAA-C02 Dumps PDF + VCE.

What’s next? free AWS SAA-C02 pdf

google drive: SAA-C02 dumps pdf free https://drive.google.com/file/d/1hhocAZ2ZOzGTZre-TLKh4BvlQQMbaklT/view?usp=sharing

Next, AWS SAA-C02 practice test free share

QUESTION 1

A company needs guaranteed Amazon EC2 capacity in three specific Availability Zones in a specific AWS Region for an upcoming event that will last 1 week.

What should the company do to guarantee the EC2 capacity?

A. Purchase Reserved Instances that specify the Region needed.
B. Create an On-Demand Capacity Reservation that specifies the Region needed.
C. Purchase Reserved Instances that specify the Region and three Availability Zones needed.
D. Create an On-Demand Capacity Reservation that specifies the Region and three Availability Zones needed.

Correct Answer: D

QUESTION 2

A company hosts an application used to upload files to an Amazon S3 bucket Once uploaded, the files are processed to extract metadata, which takes less than 5 seconds. The volume and frequency of the uploads vanes from a few files each hour to hundreds of concurrent uploads.

The company has asked a solutions architect to design a cost-effective architecture that will meet these requirements. What should the solutions architect recommend?

A. Configure AWS CloudTrail trails to log S3 API calls Use AWS AppSync to process the files
B. Configure an object-created event notification within the S3 bucket to invoke an AWS Lambda function to process the files.
C. Configure Amazon Kinesis Data Streams to process and send data to Amazon S3 Invoke an AWS Lambda function to process the files
D. Configure an Amazon Simple Notification Service (Amazon SNS) topic to process the files uploaded to Amazon S3. Invoke an AWS Lambda function to process the files.

Correct Answer: B

QUESTION 3

A solution architect is designing a solution that involves orchestrating a series of Amazon Elastic Container Service (Amazon ECS) task types running on Amazon EC2 instances that are part of an ECS cluster. The output and state data for all tasks need to be stored.

The amount of data output by each task is approximately 10 MB, and there could be hundreds of tasks running at a time. The system should be optimized for high-frequency reading and writing. As old outputs are archived and deleted the storage size is not expected to exceed 1 TB. Which storage solution should the solution architect recommend?

A. An Amazon DynamoDB table accessible by all ECS cluster instances.
B. An Amazon Elastic File System (Amazon EFS) with Provisioned Throughput mode.
C. An Amazon Elastic File System (Amazon EFS) file system with Bursting Throughput mode.
D. An Amazon Elastic Block Store (Amazon EBS) volume mounted to the ECS cluster instances.

Correct Answer: C

QUESTION 4

A company is running a multi-tier e-commerce web application In the AWS Cloud. The application runs on Amazon EC2 Instances with an Amazon RDS MySQL Mutt>AZ DB instance. Amazon RDS is configured with the latest generation instance with 2,000 GB of storage in an Amazon EBS General Purpose SSD (gp2) volume.

The database performance impacts the application during periods of high demand. After analyzing the logs in Amazon CloudWatch Logs, a database administrator finds that the application performance always degrades when the number of reading and writing IOPS is higher than 6.000 What should a solutions architect do to improve the application performance?

A. Replace the volume with a Magnetic volume
B. Increase the number of IOPS on the gp2 volume
C. Replace the volume with a Provisioned IOPS (PIOPS) volume.
D. Replace the 2,000 GB gp2 volume with two 1,000 GBgp2 volumes.

Correct Answer: C

QUESTION 5

A company needs to connect its on-premises data center network to a new VPC. The data center network has a 100 Mbps symmetrical Internet connection. An application that is running on-premises will transfer multiple gigabytes of data each day. The application will use an Amazon Kinesis Data Firehose delivery stream for processing

What should a solutions architect recommend for maximum performance?

A. Create a VPC peering connection between the on-premises network and the VPC Configure routing for the on-premises network to use the VPC peering connection.

B. Procure an AWS Snowball Edge Storage Optimized device. After several days\\’ worth of data has accumulated, copy the data to the device and ship the device to AWS for expedited transfer to Kinesis Data Firehose Repeat as needed

C. Create an AWS Site-to-Site VPN connection between the on-premises network and the VPC. Configure BGP routing between the customer gateway and the virtual private gateway. Use the VPN connection to send the data from on-premises to Kinesis Data Firehose.

D. Use AWS PrivateLink to create an interface VPC endpoint for Kinesis Data Firehose in the VPC. Set up a 1 Gbps AWS Direct Connect connection between the on-premises network and AWS Use the PrivateLink endpoint to send the data from on-premises to Kinesis Data Firehose.

Correct Answer: D

QUESTION 6

A company is managing health records on-premises. The company must keep these records indefinitely, disable any modifications to the records once they are stored, and granularly audit access at all levels.

The chief technology officer (CTO) is concerned because there are already millions of records not being used by any application, and the current infrastructure is running out of space The CTO has requested a solutions architect design a solution to move existing data and support future records

Which services can the solutions architect recommend to meet these requirements\’?

A. Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data Enable Amazon S3 object lock and enable AWS CloudTrail with data events.

B. Use AWS Storage Gateway to move existing data to AWS Use Amazon S3 to store existing and new data. Enable Amazon S3 object lock and enable AWS CloudTrail with management events.

C. Use AWS DataSync to move existing data to AWS Use Amazon S3 to store existing and new data Enable Amazon S3 object lock and enable AWS CloudTrail with management events.

D. Use AWS Storage Gateway to move existing data to AWS Use Amazon Elastic Block Store (Amazon EBS) to store existing and new data Enable Amazon S3 object lock and enable Amazon S3 server access logging

Correct Answer: A

QUESTION 7

A company is designing a shared storage solution for a gaming application that is hosted in the AWS Cloud. The company needs the ability to use SMB clients to access data. The solution must be fully managed.

Which AWS solution meets these requirements?

A. Create an AWS DataSync task that shares the data as a mountable file system. Mount the file system to the application server.

B. Create an Amazon EC2 Windows instance. Install and configure a Windows file share role on the instance. Connect the application server to the file share.

C. Create an Amazon FSx for Windows File Server file system. Attach the file system to the origin server. Connect the application server to the file system.

D. Create an Amazon S3 bucket. Assign an IAM role to the application to grant access to the S3 bucket. Mount the S3 bucket to the application server.

Correct Answer: C

Reference: https://aws.amazon.com/fsx/windows/

QUESTION 8

A company has two applications it wants to migrate to AWS. Both applications process a large set of files by accessing the same files at the same time. Both applications need to read the files with low latency. Which architecture should the solutions architect recommend for this situation?

A. Configure two AWS Lambda functions to run the applications. Create an Amazon EC2 instance with an instance store volume to store the data.

B. Configure two AWS Lambda functions to run the applications. Create an Amazon EC2 instance with an Amazon Elastic Block Store (Amazon EBS) volume to store the data.

C. Configure one memory-optimized Amazon EC2 instance to run both applications simultaneously. Create an Amazon Elastic Block Store (Amazon EBS) volume with Provisioned IOPS to store the data.

D. Configure two Amazon EC2 instances to run both applications. Configure Amazon Elastic File System (Amazon EFS) with General Purpose performance mode and Bursting Throughput mode to store the data.

Correct Answer: D

QUESTION 9

A solutions architect is redesigning a monolithic application to be a loosely coupled application composed of two microservices: Microservice A and Microservice B Microservice A places messages in a mam Amazon Simple Queue Service (Amazon SOS) queue for Microservice B to consume When Microservice B fails to process a message after four retries, the message needs to be removed from the queue and stored for further investigation.

What should the solutions architect do to meet these requirements?

A. Create an SQS dead-letter queue Microservice B adds failed messages to that queue after it receives and fails to process the message four times.

B. Create an SQS dead-letter queue Configure the main SQS queue to deliver messages to the dead-letter queue after the message has been received four times.

C. Create an SQS queue for failed messages Microservice A adds failed messages to that queue after Microservice B receives and fails to process the message four times.

D. Create an SQS queue for failed messages. Configure the SQS queue for failed messages to pull messages from the main SQS queue after the original message has been received four times.

Correct Answer: B

https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letterqueues.html#sqsdead-letter-queues-how-they-work

QUESTION 10

A company has an application running on Amazon EC2 instances in a private subnet. The application needs to store and retrieve data in Amazon S3. To reduce costs, the company wants to configure its AWS resources in a cost-effective manner.

How should the company accomplish this?

A. Deploy a NAT gateway to access the S3 buckets
B. Deploy AWS Storage Gateway to access the S3 buckets
C. Deploy an S3 gateway endpoint to access the S3 buckets
D. Deploy an S3 interface endpoint to access the S3 buckets.

Correct Answer: B

QUESTION 11

A development team is creating an event-based application that uses AWS Lambda functions. Events will be generated when files are added to an Amazon S3 bucket. The development team currently has Amazon Simple Notification Service (Amazon SNS) configured as the event target from Amazon S3.

What should a solution architect do to process the events from Amazon S3 in a scalable way?

A. Create an SNS subscription that processes the event in Amazon Elastic Container Service (Amazon ECS) before the event runs in Lambda.

B. Create an SNS subscription that processes the event in Amazon Elastic Kubernetes Service (Amazon EKS) before the event runs in Lambda.

C. Create an SNS subscription that sends the event to AWS Server Migration Service (AWS SQS). Configure the SQS queue to trigger a Lambda function.

D. Create an SNS subscription that sends the event to AWS Server Migration Service (AWS SMS). Configure the Lambda function to poll from the SMS event

Correct Answer: D

QUESTION 12

A company is running a batch application on Amazon EC2 instances The application consists of a backend with multiple Amazon RDS databases, The application is causing a high number of reads on the databases A solutions architect must reduce the number of database reads while ensuring high availability.

What should the solutions architect do to meet this requirement?

A. Add Amazon RDS read replicas.
B. Use Amazon ElastiCache for Redis
C. Use Amazon Route 53 DNS caching
D. Use Amazon ElastiCache for Memcached

Correct Answer: A

QUESTION 13

A company Is seeing access requests by some suspicious IP addresses. The security team discovers the requests are horn different IP addresses under the same CIDR range. What should a solutions architect recommend to the team?

A. Add a rule in the inbound table of the security group to deny the traffic from that CIDR range.
B. Add a rule In the outbound table of the security group to deny the traffic from that CIDR range
C. Add a deny rule in the Inbound table of the network ACL with a lower rule number than other rules.
D. Add a deny rule in the outbound table of the network ACL with a tower rule number than other rules.

Correct Answer: C

Summary:

Although SAA-C02 is a very large and complex exam, with the right method, it can be passed easily. Seriously start your SAA-C02 practice test. Last but not least, don’t talk nonsense. If you don’t know the answer, humbly acknowledge it and then understand it.

The road to exam success >>>https://www.pass4itsure.com/saa-c02.html trustworthy new exam SAA-C02 practice test.

Is it possible to pass the AWS SAA-C02 exam in 4 days of study

Anything is possible, as long as you try. What needs to be done is to find the easiest way to pass the Amazon AWS SAA-C02 exam. Pass4itSure SAA-C02 dumps are the best resources for this certification. I mean, SAA-C02 dumps learning can improve your learning efficiency, let you pass the exam as quickly as possible.

The Pass4itSure SAA-C02 practice exam is absolutely first-class and helps you gain a better understanding of AWS SAA-C02. Here are some of the latest updates to the SAA-C02 exam practice questions to help you improve your pass rate! Of course, this is not enough to get the full SAA-C02 exam questions and answers https://www.pass4itsure.com/saa-c02.html (PDF + VCE) to help you pass the exam 100% early.

Free AWS SAA-C02 exam questions PDF

[latest PDF] free AWS SAA-C02 PDF https://drive.google.com/file/d/1KO4_xHVZhkSXpsoTfhzVq-2NPpjGA2Tc/view?usp=sharing

The latest free AWS SAA-C02 exam PDF is from Pass4itSure SAA-C02 exam dumps! Get the complete exam questions and answers in Pass4itSure.

Practice Exams: AWS SAA-C02 exam questions and answers free

QUESTION 1 #

A start-up company has a web application based in the us-east-1 Region with multiple Amazon EC2 instances running behind an Application Load Balancer across multiple Availability Zones As the company\\’s user base grows in the west- 1 Region, it needs 3 solutions with low latency and high availability.

What should a solutions architect do to accomplish this?

A. Provision EC2 instances in us-west-1. Switch my Application Load Balancer to a Network Load Balancer to achieve cross-Region load balancing.

B. Provision EC2 instances and an Application Load Balancer in us-west-1 Make the load balancer distribute the traffic based on the location of the request

C. Provision EC2 instances and configure an Application Load Balancer in us-west-1. Create an accelerator in AWS Global Accelerator uses an endpoint group that includes the load balancer endpoints in both Regions.

D. Provision EC2 Instances and configure an Application Load Balancer in us-wesl-1 Configure Amazon Route 53 with
a weighted routing policy. Create alias records in Route 53 that point to the Application Load Balancer

Correct Answer: C

Register endpoints for endpoint groups: You register one or more regional resources, such as Application Load Balancers, Network Load Balancers, EC2 Instances, or Elastic IP addresses, in each endpoint group. Then you can set weights to choose how much traffic is routed to each endpoint.
Endpoints in AWS Global Accelerator can be Network Load Balancers, Application Load
Balancers, Amazon EC2 instances, or Elastic IP addresses.

A static IP address serves as a single point of contact for clients, and Global Accelerator then distributes incoming traffic across healthy endpoints.
Global Accelerator directs traffic to endpoints by using the port (or port range) that you specify for the listener that the endpoint group for the endpoint belongs to.
Each endpoint group can have multiple endpoints. You can add each endpoint to multiple endpoint groups, but the endpoint groups must be associated with different listeners.

Global Accelerator continually monitors the health of all endpoints that are included in an endpoint group. It routes traffic only to the active endpoints that are healthy. If Global Accelerator does ?€™t have any healthy endpoints to route traffic to, it routes traffic to all endpoints.

Reference:
https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints.html
https://aws.amazon.com/global-accelerator/faqs/

QUESTION 2 #

Company is running an application on Amazon EC2 instances. Traffic to the workload increases substantially during business hours and decreases afterward. The CPU utilization of an EC2 instance is a strong indicator of end-user demand on the application. The company has configured an Auto Scaling group to have a minimum group size of 2 EC2 instances and a maximum group size of 10 EC2 instances.

The company is concerned that the current scaling policy that is associated with the Auto Scaling group might not be correct. The company must avoid over-provisioning EC2 instances and incurring unnecessary costs.

What should a solutions architect recommend to meet these requirements?

A. Configure Amazon EC2 Auto Scaling to use a scheduled scaling plan and launch an additional 8 EC2 instances during business hours.

B. Configure AWS Auto Scaling to use a scaling plan that enables predictive scaling. Configure predictive scaling with a scaling model of forecast and scale, and enforce the maximum capacity setting during scaling.

C. Configure a step scaling policy to add 4 EC2 instances at 50% CPU utilization and add another 4 EC2 instances at 90% CPU utilization. Configure scale-in policies to perform the reverse and remove EC2 instances based on the two values.

D. Configure AWS Auto Scaling to have the desired capacity of 5 EC2 instances, and disable any existing scaling policies. Monitor the CPU utilization metric for 1 week. Then create dynamic scaling policies that are based on the observed values.

Correct Answer: B

QUESTION 3 #

A company needs the ability to analyze the log files of its proprietary application The logs are stored in JSON format in an Amazon S3 bucket Queries will be simple and will run on- demand A solutions architect needs to perform the analysis with minimal changes to the existing architecture
What should the solutions architect do to meet these requirements with the LEAST amount of operational overhead?

A. Use Amazon Redshift to load all the content into one place and run the SQL queries as needed

B. Use Amazon CloudWatch Logs to store the logs Run SQL queries as needed from the Amazon CloudWatch console

C. Use Amazon Athena directly with Amazon S3 to run the queries as needed

D. Use AWS Glue to catalog the logs Use a transient Apache Spark cluster on Amazon EMR to run the SQL queries as needed

Correct Answer: B

QUESTION 4 #

An application running on AWS uses an Amazon Aurora Multi-AZ deployment for its database When evaluating performance metrics, a solutions architect discovered that the database reads are causing high I/O and adding latency to the write requests against the database What should the solutions architect do to separate the read requests from the write requests?

A. Enable read-through caching on the Amazon Aurora database

B. Update the application to read from the Multi-AZ standby instance

C. Create a read replica and modify the application to use the appropriate endpoint

D. Create a second Amazon Aurora database and link it to the primary database as a read replica.

Correct Answer: C

Amazon RDS Read Replicas provide enhanced performance and durability for RDS database (DB) instances. They make it easy to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads.

You can create one or more replicas of a given source DB Instance and serve high-volume application read traffic from multiple copies of your data, thereby increasing aggregate read throughput. Read replicas can also be promoted when needed to become standalone DB instances. Read replicas are available in Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server as well as Amazon Aurora.

For MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server database engines, Amazon RDS creates a second DB instance using a snapshot of the source DB instance. It then uses the engines\’ native asynchronous replication to update the read replica whenever there is a change to the source DB instance.

The read replica operates as a DB instance that allows only read-only connections; applications can connect to a read replica just as they would to any DB instance. Amazon RDS replicates all databases in the source DB instance.

Amazon Aurora further extends the benefits of reading replicas by employing an SSD-backed virtualized storage layer purpose-built for database workloads. Amazon Aurora replicas share the same underlying storage as the source instance, lowering costs and avoiding the need to copy data to the replica nodes. For more information about replication with Amazon Aurora, see the online documentation.

https://aws.amazon.com/rds/features/read-replicas/

QUESTION 5 #

A company has multiple AWS accounts, for various departments. One of the departments wants to share an Amazon S3 bucket with all other departments.

Which solution will require the LEAST amount of effort?

A. Enable cross-account S3 replication for the bucket

B. Create a pre-signed URL for the bucket and share it with other departments

C. Set the S3 bucket policy to allow cross-account access to other departments

D. Create IAM users for each of the departments and configure a read-only IAM policy

Correct Answer: C
https://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-accessexample2.html

QUESTION 6 #

A company has a customer relationship management (CRM) application that stores data in an Amazon RDS DB instance that runs Microsoft SQL Server. The company\’s IT staff has administrative access to the database. The database contains sensitive data. The company wants to ensure that the data is not accessible to the IT staff and that only authorized personnel can view the data.

What should a solutions architect do to secure the data?

A. Use client-side encryption with an Amazon RDS managed key.

B. Use client-side encryption with an AWS Key Management Service (AWS KMS) customer-managed key.

C. Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) default encryption key.

D. Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) customer-managed key.
Correct Answer: C

QUESTION 7 #

A solutions architect is designing a VPC with public and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs) for high availability.

An intern! gateway is used to provide internet access for the public subnets. The private subnets require access to the internet to allow Amazon EC2 instances to download software updates.

What should the solutions architect do to enable internet access for the private subnets?

A. Create three NAT gateways, one for each public subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT gateway in its AZ

B. Create three NAT instances, one for each private subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT instance in its AZ

C. Create a second internet gateway on one of the private subnets. Update the routing table for the private subnets that forward non-VPC traffic to the private internet gateway

D. Create an egress-only internet gateway on one of the public subnets. Update the routing table for the private subnets that forward non-VPC traffic to the egress only internet gateway

Correct Answer: B

QUESTION 8 #

A company currently stores symmetric encryption keys in a hardware security module (HSM). A solution architect must design a solution to migrate key management to AWS. The solution should allow for key rotation and support the use of customer-provided keys.

Where should the key material be stored to meet these requirements?

A. Amazon S3

B. AWS Secrets Manager

C. AWS Systems Manager Parameter store

D. AWS Key Management Service (AWS KMS)

Correct Answer: B
https://aws.amazon.com/cloudhsm/

QUESTION 9 #

A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB) The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures.

What should the solutions architect recommend?

A. Leverage Amazon CloudFront with the ALB endpoint as the origin

B. Deploy an appropriately managed rule for AWS WAF and associate it with the ALB

C. Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked

D. Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances

Correct Answer: B

QUESTION 10 #

The company has a live chat application running on a list of on-premises servers that use WebSockets. The company wants to migrate the application to AWS Application traffic is inconsistent, and the company expects there to be more traffic with sharp spikes in the future.

Does the company want a highly scalable solution with no server maintenance nor advanced capacity planning Which solution meets these requirements?

A. Use Amazon API Gateway and AWS Lambda with an Amazon DynamoDB table as the data store Configure the DynamoDB table for provisioned capacity

B. Use Amazon API Gateway and AWS Lambda with an Amazon DynamoDB table as the data store Configure the DynaiWDB table for on-demand capacity

C. Run Amazon EC2 instances behind an Application Load Balancer in an Auto Scaling group with an Amazon DynamoDB table as the data store Configure the DynamoDB table for on-demand capacity

D. Run Amazon EC2 instances behind a Network Load Balancer in an Auto Scaling group with an Amazon DynamoDB table as the data store Configure the DynamoDB table for provisioned capacity

Correct Answer: B

QUESTION 11 #

A company runs a static website through its on-premises data center. The company has multiple servers mat handle all of its traffic, but on busy days, services are interrupted and the website becomes unavailable. The company wants to expand its presence globally and plans to triple its website traffic.

What should a solutions architect recommend to meet these requirements?

A. Migrate the website content to Amazon S3 and host the website on Amazon CloudFront.

B. Migrate the website content to Amazon EC2 instances with public Elastic IP addresses in multiple AWS Regions.

C. Migrate the website content to Amazon EC2 instances and vertically scale as the load increases.

D. Use Amazon Route 53 to distribute the loads across multiple Amazon CloudFront distributions for each AWS Region that exists globally.

Correct Answer: A

Amazon CloudFront is a global Content Delivery Network (CDN), which will host your website on a global network of edge servers, helping users load your website more quickly. When requests for your website content come through, they are automatically routed to the nearest edge location, closest to where the request originated from, so your content is delivered to your end-user with the best possible performance.

QUESTION 12 #

A solution architect is performing a security review of a recently migrated workload. The workload is a web application that consists of Amazon EC2 instances in an Auto Scaling group behind an Application Load balancer. The solution architect must improve the security posture and minimize the impact of a DDoS attack on resources.

Which solution is MOST effective?

A. Configure an AWS WAF ACL with rate-based rules. Create an Amazon CloudFront distribution that points to the Application Load Balancer. Enable the EAF ACL on the CloudFront distribution

B. Create a custom AWS Lambda function that adds identified attacks into a common vulnerability pool to capture a potential DDoS attack. use the identified information to modify a network ACL to block access.

C. Enable VPC Flow Logs and store them in Amazon S3. Create a custom AWS Lambda functions that parse the logs looking for a DDoS attack. Modify a network ACL to block identified source IP addresses.

D. Enable Amazon GuardDuty and configure findings written 10 Amazon GloudWatch Create an event with Cloud Watch Events for DDoS alerts that trigger Amazon Simple Notification Service (Amazon SNS) Have Amazon SNS invoke a custom AWS Lambda function that parses the logs looking for a DDoS attack Modify a network ACL to block identified source IP addresses

Correct Answer: B

QUESTION 13

A solutions architect needs to ensure that all Amazon Elastic Block Store (Amazon EBS) volumes restored from unencrypted EBS snapshots are encrypted What should the solutions architect do to accomplish this?

A. Enable EBS encryption by default for the AWS Region

B. Enable EBS encryption by default for the specific volumes

C. Create a new volume and specify the symmetric customer master key (CMK) to use for encryption

D. Create a new volume and specify the asymmetric customer master key (CMK) to use for encryption.

Correct Answer: C

This is only part of the complete exam question answer in Pass4itSure. After each question, read the wrong answers carefully and try to understand the concepts. Instead of trying to remember the answer, try to understand the theory/concept.

Finally

Pass4itSure’s real-time updates to SAA-C02 questions and answers help you pass exams quickly. Study hard, use the right way to learn! It is possible to pass the Amazon AWS SAA-C02 exam in a 4-day study. You can visit Pass4itSure to get the complete AWS SAA-C02 exam dumps https://www.pass4itsure.com/saa-c02.html (Q&As: 787). 100% help you pass the exam early.

Good luck to those going for SAA-C02!

[2021.8] Pdf, Practice Exam Free, Amazon SAA-C02 Practice Questions Free Share

Are you preparing for the Amazon SAA-C02 exam? Well, this is the right place, we provide you with free AmazonSAA-C02 practice questions. Free SAA-C02 exam sample questions, SAA-C02 PDF download. Pass Amazon SAA-C02 exam with practice tests and exam dumps from Pass4itSure! Pass4itSure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html (Q&As: 693).

Amazon SAA-C02 pdf free download

SAA-C02 pdf free https://drive.google.com/file/d/1advj2Wn9uVEW-bXAySblAdm4FNl81-Fz/view?usp=sharing

Latest Amazon SAA-C02 practice exam questions

QUESTION 1
A company decides to migrate its three-tier web application from on premises to the AWS Cloud. The new database
must be capable of dynamically scaling storage capacity and performing table joins. Which AWS service meets these
requirements?
A. Amazon Aurora
B. Amazon RDS for SqlServer
C. Amazon DynamoDB Streams
D. Amazon DynamoDB on-demand
Correct Answer: A

QUESTION 2
A public-facing web application queries a database hosted on a Amazon EC2 instance in a private subnet.
A large number of queries involve multiple table joins, and the application performance has been
degrading due to an increase in complex queries. The application team will be performing updates to
improve performance.
What should a solutions architect recommend to the application team? (Select TWO.)
A. Cache query data in Amazon SQS
B. Create a read replica to offload queries
C. Migrate the database to Amazon Athena
D. Implement Amazon DynamoDB Accelerator to cache data.
E. Migrate the database to Amazon RDS
Correct Answer: BE

QUESTION 3
A company has several web servers that need to frequently access a common Amazon RDS MySQL Multi-AZ instance.
The company wants a secure method for the web servers to connect to thedatabase while meeting a security
requirement to rotate user credentials frequently. A company has several web servers that need to frequently access a
common Amazon ROS MySQL Muto-AZ DB instance The company wants a secure method for the web servers to
connect to the database while meeting a security requirement to rotate user credentials frequently Which solution meets
these requirements^
A. Store the database user credentials in AWS Secrets Manager Grant the necessary 1AM permissions to allow the
web servers to access AWS Secrets Manager
B. Store the database user credentials m AWS Systems Manager OpsCenter Grant the necessary 1AM permissions to
allow the web servers to access OpsCenter
C. Store the database user credentials in a secure Amazon S3 bucket Grant the necessary 1AM permissions to allow
the web servers to retrieve credentials and access the database
D. Store the database user credentials in fries encrypted with AWS Key Management Service (AWS KMS) on the web
server file system The web server should be able to decrypt the files and access the database
Correct Answer: A

QUESTION 4
A company provides an online service for posting video content and transcoding it for use by any mobile platform. The
application architecture uses Amazon Elastic File System (Amazon EFS) Standard to collect and store the videos so
that multiple Amazon EC2 Linux instances can access the video content for processing As the popularity of the service
has grown over time, the storage costs have become too expensive Which storage solution is MOST cost-effective?
A. Use AWS Storage Gateway for files to store and process the video content
B. Use AWS Storage Gateway for volumes to store and process the video content
C. Use Amazon EFS for storing the video content Once processing is complete, transfer the files to Amazon Elastic
Block Store (Amazon EBS)
D. Use Amazon S3 for storing the video content Move the files temporarily over to an Amazon Elastic Block Store
(Amazon EBS) volume attached to the server for processing
Correct Answer: A

QUESTION 5
A company uses Amazon S3 as its object storage solution. The company has thousands of S3 it uses to store data
Some of the S3 bucket have data that is accessed less frequently than others. A solutions architect found that lifecycle
policies are not consistently implemented or are implemented partially. resulting in data being stored in high-cost
storage. Which solution will lower costs without compromising the availability of objects?
A. Use S3 ACLs
B. Use Amazon Elastic Block Store EBS) automated snapshots
C. Use S3 intelligent-Tiering storage
D. Use S3 One Zone-infrequent Access (S3 One Zone-IA).
Correct Answer: C

QUESTION 6
A development team is creating an event-based application that uses AWS Lambda functions. Events will be generated when files are added to an Amazon S3 bucket. The development team currently has Amazon
Simple Notification Service (Amazon SNS) configured as the event target from Amazon S3.
What should a solution architect do to process the events from Amazon S3 in a scalable why?
A. Create an SNS subscription that processes the event in Amazon Elastic Container Service (Amazon ECS) before the
event runs in Lambda.
B. Create an SNS subscription that processes the event in Amazon Elastic Kubermetes Service (Amazon EKS) before
the event runs in Lambda.
C. Create on SNS subscription that sends the event to AWS Server Migration Service (AWS SQS).Configure the SQS
queue to trigger a Lambda function.
D. Create an SNS subscription that sends the event to AWS Server Migration Service (AWS SMS).Configure the
Lambda function to poll from the SMS event
Correct Answer: D

QUESTION 7
An application running on an Amazon EC2 instance needs to securely access tiles on an Amazon Elastic File System
(Amazon I tile system. The EFS tiles are stored using encryption at rest. Which solution for accessing the tiles is MOST
secure?
A. Enable TLS when mounting Amazon EFS
B. Store the encryption key in the code of the application
C. Enable AWS Key Management Service (AWS KMS) when mounting Amazon EFS
D. Store the encryption key in an Amazon S3 bucket and use IAM roles to grant the EC2 instance access permission
Correct Answer: B

QUESTION 8
A company has an application running on Amazon EC2 On-Demand Instances. The application does not scale, and the
Instances run In one AWS Region. The company wants the flexibility to change the operating system from Windows to
AWS Linux in the future. The company needs to reduce the cost of the instances without creating additional operational
overhead or changes to the application What should the company purchase lo meet these requirements MOST costeffectively?
A. Dedicated Hosts for the Instance type being used
B. A Compute Savings Plan for the instance type being used
C. An EC2 Instance Savings Plan (or the instance type being used
D. Convertible Reserved Instances tor the instance type being used
Correct Answer: D

QUESTION 9
A company with facilities in North America Europe, and Asia is designing new distributed application to optimize its
global supply chain and manufacturing process. The orders booked on one continent should be visible to all Regions in
a second or less. The database should be able to support failover with a short Recovery Time Objective (RTO) The
uptime of the application is important to ensure that manufacturing is not impacted What should a solutions architect
recommend?
A. Use Amazon DynamoDB global tables
B. Use Amazon Aurora Global Database
C. Use Amazon RDS for MySQL with a cross-Region read replica
D. Use Amazon RDS for PostgreSQL with a cross-Region read replica
Correct Answer: A

QUESTION 10
A company is migrating its applications to AWS. Currently, applications that run on premises generate hundreds of
terabytes of data that is stored on a shared file system. The company is running an analytics application in the cloud
that runs hourly to generate insights from this data.
The company needs a solution to handle the ongoing data transfer between the on-premises shared file system and
Amazon S3. The solution also must be able to handle occasional interruptions in internet connectivity.
Which solutions should the company use for the data transfer to meet these requirements?
A. AWS DataSync
B. AWS Migration Hub
C. AWS Snowball Edge Storage Optimized
D. AWS Transfer for SFTP
Correct Answer: A
Reference: https://aws.amazon.com/cloud-data-migration/

QUESTION 11
An operations team has a standard that states IAM policies should not be applied directly to users. Some
new members have not been following this standard. The operation manager needs a way to easily identify
the users with attached policies.
What should a solutions architect do to accomplish this?
A. Monitor using AWS CloudTrail
B. Create an AWS Config rule to run daily
C. Publish IAM user changes lo Amazon SNS
D. Run AWS Lambda when a user is modified
Correct Answer: C

QUESTION 12
A company is managing health records on-premises. The company must keep these records indefinitely, disable any
modifications to the records once they are stored, and granularly audit access at all levels. The chief technology officer
(CTO) is concerned because there are already millions of records not being used by any application, and the current
infrastructure is running out of space The CTO has requested a solutions architect design a solution to move existing
data and support future records Which services can the solutions architect recommend to meet these requirements\\’?
A. Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data Enable Amazon
S3 object lock and enable AWS CloudTrail with data events.
B. Use AWS Storage Gateway to move existing data to AWS Use Amazon S3 to store existing and new data. Enable
Amazon S3 object lock and enable AWS CloudTrail with management events.
C. Use AWS DataSync to move existing data to AWS Use Amazon S3 to store existing and new data Enable Amazon
S3 object lock and enable AWS CloudTrail with management events.
D. Use AWS Storage Gateway to move existing data to AWS Use Amazon Elastic Block Store (Amazon EBS) to store
existing and new data Enable Amazon S3 object lock and enable Amazon S3 server access logging
Correct Answer: C

QUESTION 13
A company wants to reduce Its Amazon S3 storage costs in its production environment without impacting durability or
performance of the stored objects What is the FIRST step the company should take to meet these objectives?
A. Enable Amazon Made on the business-critical S3 buckets lo classify the sensitivity of the objects
B. Enable S3 analytics to Identify S3 buckets that are candidates for transitioning to S3 Standard-Infrequent Access (S3
Standard-IA)
C. Enable versioning on all business-critical S3 buckets.
D. Migrate me objects in all S3 buckets to S3 Intelligent-Tie ring
Correct Answer: D

Pass4itsure Amazon exam dumps coupon code 2021

Pass4itsure Amazon exam dumps coupon code 2021

SAA-C02 pdf free share https://drive.google.com/file/d/1advj2Wn9uVEW-bXAySblAdm4FNl81-Fz/view?usp=sharing

AAWS Certified Associate

Valid Amazon DVA-C01 Practice Questions Free Share

[2021.3] DVA-C01 Questions https://www.examdemosimulation.com/valid-amazon-aws-dva-c01-practice-questions-free-share-from-pass4itsure-2/

Valid Amazon SAA-C01 Practice Questions Free Share

[2021.3] SAA-C01 Questions https://www.examdemosimulation.com/valid-amazon-aws-saa-c01-practice-questions-free-share-from-pass4itsure/

Valid Amazon SOA-C01 Practice Questions Free Share

[2021.3] SOA-C01 Questions https://www.examdemosimulation.com/valid-amazon-aws-soa-c01-practice-questions-free-share-from-pass4itsure/

ps.

Pass4itSure provides updated Amazon SAA-C02 dumps as the practice test and pdf https://www.pass4itsure.com/saa-c02.html (Updated: Aug 05, 2021). Pass4itSure SAA-C02 dumps help you prepare for the Amazon SAA-C02 exam quickly!

[2021.6] Update! New Valid Amazon SAA-C02 Practice Questions Free Share From Pass4itsure

Amazon AWS SAA-C02 is difficult. But with the Pass4itsure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html preparation material candidate, it can be achieved easily. In SAA-C02 practice tests, you can practice on the same exam as the actual exam. If you master the tricks you gained through practice, it will be easier to achieve your target score.

Amazon AWS SAA-C02 pdf free https://drive.google.com/file/d/10-SqFdc5mve1OySmpOMYpyLAlLAgBm0K/view?usp=sharing

Latest Amazon SAA-C02 dumps practice test video tutorial

Latest Amazon AWS SAA-C02 practice exam questions at here:

QUESTION 1
A company is running a three-tier web application to process credit card payments. The front-end user interface consists
of static webpages. The application tier can have long-running processes The database tier uses MySQL. The
application is currently running on a single, general purpose large Amazon EC2 instance A solutions architect needs to
decouple the services to make the web application highly available. Which solution would provide the HIGHEST
availability?
A. Move static assets to Amazon CloudFront Leave the application in EC2 in an Auto Scaling group.Move the database
to Amazon RDS to deploy Multi-AZ.
B. Move static assets and the application into a medium EC2 instance. Leave the database on the large instance. Place
both instances in an Auto Scaling group.
C. Move static assets to Amazon S3. Move the application to AWS Lambda with the concurrency limit set. Move the
database to Amazon DynamoDB with on-demand enabled.
D. Move static assets to Amazon S3. Move the application to Amazon Elastic Container Service (Amazon ECS)
containers with Auto Scaling enabled. Move the database to Amazon RDS to deploy Multi-AZ
Correct Answer: B


QUESTION 2
A disaster response team is using drones to collect images ot recent storm damage. The response team\\’s laptops lack
the storage and compute capacity to transfer the images and process the data While the team has Amazon EC2
instances for processing and Amazon S3 buckets for storage, network connectivity is intermittent and unreliable. The
images need to be processed to evaluate the damage. What should a solutions architect recommend?
A. Use AWS Snowball Edge devices to process and store the images.
B. Upload the images to Amazon Simple Queue Service (Amazon SOS) during intermittent connectivity to EC2
instances.
C. Configure Amazon Kinesis Data Firehose to create multiple delivery streams aimed separately at the S3 buckets for
storage and the EC2 instances for processing the images.
D. Use AWS Storage Gateway pre-installed on a hardware appliance to cache the images locally for Amazon S3 to
process the images when connectivity becomes available.
Correct Answer: B
QUESTION 3
A healthcare company stores highly sensitive patient records. Compliance requires that multiple copies be stored in
different locations Each record must be stored for 7 years. The company has a service level agreement (SLA) to provide
records to government agencies immediately for the first 30 days and then within 4 hours of a request thereafter. What
should a solutions architect recommend?
A. Use Amazon S3 with cross-Region replication enabled After 30 days, transition the data to Amazon S3 Glacier using
lifecycle policy
B. Use Amazon S3 with cross-origin resource sharing (CORS) enabled. After 30 days, transition the data to Amazon S3
Glacier using a lifecycle policy.
C. Use Amazon S3 with cross-Region replication enabled After 30 days, transition the data to Amazon S3 Glacier Deep
Achieve using a lifecycle policy
D. Use Amazon S3 with cross-origin resource sharing (GORS) enabled After 30 days, transition the data to Amazon S3
Glacier Deep Archive using a lifecycle policy
Correct Answer: A

QUESTION 4
A company needs to connect several VPCs in the us-east Region that span hundreds of AWS accounts. The
company\\’s networking team has its own AWS account to manage the cloud network. What is the MOST operationally
efficient solution to connect the VPCs?
A. Set up VPC peering connections between each VPC. Update each associated subnet\\’s route table.
B. Configure a NAT gateway and an internal gateway in each VPC in connected each VPC through the internal.
C. Create an AWS Transit Gateway in the networking team\\’s AWS account. Configure static routes from each VPC.
D. Deploy VPN gateway in each VPC. Configure create a transit VPC in the networking team\\’s AWS account to
connect to each VPC.
Correct Answer: C


QUESTION 5
A company needs to run its external website on Amazon EC2 instances and on-premises virtualized servers The AWS
environment has a 1 GB AWS Direct Connect connection to the data center. The application has IP addresses that will
not change. The on-premises and AWS servers are able to restart themselves while maintaining the same IP address if
a failure occurs Some website users have to add their vendors to an allow list, so the solution must have a fixed IP
address The company needs a solution with the lowest operational overhead to handle this split traffic. What should a
solutions architect do to meet these requirements?
A. Deploy an Amazon Route 53 Resolver with rules pointing to the on-premises and AWS IP addresses
B. Deploy a Network Load Balancer on AWS. Create target groups for the on-premises and AWS IP addresses.
C. Deploy an Application Load Balancer on AWS Register the on-premises and AWS IP addresses with the target
group.
D. Deploy Amazon API Gateway to direct traffic to the on-premises and AWS IP addresses based on the header of the
request.
Correct Answer: A

QUESTION 6
An ecommerce company has noticed performance degradation of its Amazon RDS based web application.
The performance degradation is attribute to an increase in the number of read-only SQL queries triggered
by business analysts. A solution architect needs to solve the problem with minimal changes to the existing
web application.
What should the solution architect recommend?
A. Export the data to Amazon DynamoDB and have the business analysts run their queries.
B. Load the data into Amazon ElasticCache and have the business analysts run their queries.
C. Create a read replica of the primary database and have the business analysts run their queries.
D. Copy the data into an Amazon Redshift cluster and have the business analysts run their queries.
Correct Answer: C


QUESTION 7
A company has a dynamic web application hosted on two Amazon EC2 instances. The company has its own SSL
certificate, which is on each instance to perform SSL termination. There has been an increase in traffic recently, and the
operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to
reach their maximum limit. What should a solutions architect do to increase the application\\’s performance?
A. Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.
B. Create an Amazon S3 bucket. Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference
the bucket for SSL termination.
C. Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to
direct connections to the existing EC2 instances.
D. Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS
listener that uses the SSL certificate from ACM.
Correct Answer: D

QUESTION 8
A company has an application that is hosted on Amazon EC2 instances in two private subnets. A solutions
architect must make the application available on the public internet with the least amount of N-y
administrative effort.
What should the solutions architect recommend?
A. Create a load balancer and associate two public subnets from the same Availability Zones as the private instances.
Add the private instances to the load balancer.
B. Create a load balancer and associate two private subnets from the same Availability Zones as the private instances.
Add the private instances to the load balancer.
C. Create an Amazon Machine Image (AMI) of the instances in the private subnet and restore In the public subnet
Create a load balancer and associate two public subnets from the same Availability Zones as the public instances.
D. Create an Amazon Machine Image (AMI) of the instances in the private subnet and restore in the public
subnet.Create a load balancer and associate two private subnets from the same Availability Zones as the public
instances.
Correct Answer: C


QUESTION 9
A company had a build server that is in an Auto Scaling group and often has multiple Linux instances running. The build
server requires consistent and mountable shared NFS storage for jobs and configurations.
Which storage option should a solutions architect recommend?
A. Amazon S3
B. Amazon FSx
C. Amazon Elastic Block Store (Amazon EBS)
D. Amazon Elastic File System (Amazon EFS)
Correct Answer: D


QUESTION 10
A company\\’s near-real-time streaming application is running on AWS As (he data is ingested a job runs on the data
and takes 30 minutes to complete The workload frequently experiences high latency due to large amounts of incoming
data A solutions architect needs to design a scalable and serverless solution to enhance performance Which
combination of steps should the solutions architect take? (Select TWO)
A. Use Amazon Kinesis Data Firehose to ingest the data
B. Use AWS Lambda with AWS Step Functions to process the data
C. Use AWS Database Migration Service (AWS DMS) to ingest the data
D. Use Amazon EC2 instances in an Auto Scaling group to process the data
E. Use AWS Fargate with Amazon Elastic Container Service (Amazon ECS) to process the data.
Correct Answer: AD

QUESTION 11
A company is deploying a multi-instance application within AWS that requires minimal latency between the instances.
What should a solutions architect recommend?
A. Use an Auto Scaling group with a cluster placement group.
B. Use an Auto Scaling group with single Availability Zone in the same AWS Region.
C. Use an Auto Scaling group with multiple Availability Zones in the same AWS Region.
D. Use a Network Load Balancer with multiple Amazon EC2 Dedicated Hosts as the targets
Correct Answer: A


QUESTION 12
A company is building a document storage application on AWS. The Application runs on Amazon EC2
instances in multiple Availability Zones. The company requires the document store to be highly available.
The documents need to be returned immediately when requested. The lead engineer has configured the
application to use Amazon Elastic Block Store (Amazon EBS) to store the documents, but is willing to
consider other options to meet the availability requirement.
What should a solution architect recommend?
A. Snapshot the EBS volumes regularly and build new volumes using those snapshots in additional Availability Zones.
B. Use Amazon EBS for the EC2 instance root volumes. Configure the application to build the document store on
Amazon S3.
C. Use Amazon EBS for the EC2 instance root volumes. Configure the application to build the document store on
Amazon S3 Glacier.
D. Use at least three Provisioned IOPS EBS volumes for EC2 instances. Mount the volumes to the EC2 instances in
RAID 5 configuration.
Correct Answer: B

QUESTION 13
A solution architect is performing a security review of a recently migrated workload. The workload is a web application
that consists of amazon EC2 instances in an Auto Scaling group behind an Application Load balancer. The solution
architect must improve the security posture and minimize the impact of a DDoS attack on resources. Which solution is
MOST effective?
A. Configure an AWS WAF ACL with rate-based rules. Create an Amazon CloudFront distribution that points to the
Application Load Balancer. Enable the EAF ACL on the CloudFront distribution
B. Create a custom AWS Lambda function that adds identified attacks into a common vulnerability pool to capture a
potential DDoS attack. use the identified information to modify a network ACL to block access.
C. Enable VPC Flow Logs and store then in Amazon S3. Create a custom AWS Lambda functions that parses the logs
looking for a DDoS attack. Modify a network ACL to block identified source IP addresses.
D. Enable Amazon GuardDuty and configure findings written 10 Amazon GloudWatch Create an event with Cloud
Watch Events for DDoS alerts that triggers Amazon Simple Notification Service (Amazon SNS) Have Amazon SNS
invoke a custom AWS lambda function that parses the logs looking for a DDoS attack Modify a network ACL to block
identified source IP addresses
Correct Answer: B

Welcome to download the valid Pass4itsure SAA-C02 pdf

Free downloadGoogle Drive
Amazon AWS SAA-C02 pdf https://drive.google.com/file/d/10-SqFdc5mve1OySmpOMYpyLAlLAgBm0K/view?usp=sharing

Pass4itsure latest Amazon exam dumps coupon code free share

Summary:

New Amazon SAA-C02 exam questions from Pass4itsure SAA-C02 dumps! Welcome to download the newest Pass4itsure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html (642 Q&As), verified the latest SAA-C02 practice test questions with relevant answers.

Amazon AWS SAA-C02 dumps pdf free share https://drive.google.com/file/d/10-SqFdc5mve1OySmpOMYpyLAlLAgBm0K/view?usp=sharing

[2021.5] New Valid Amazon SAA-C02 Practice Questions Free Share From Pass4itsure

Amazon AWS SAA-C02 is difficult. But with the Pass4itsure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html preparation material candidate, it can be achieved easily. In SAA-C02 practice tests, you can practice on the same exam as the actual exam. If you master the tricks you gained through practice, it will be easier to achieve your target score.

Amazon AWS SAA-C02 pdf free https://drive.google.com/file/d/1gwY_gPm8qq1dBmZKCF5XqtmOsjqh3p7q/view?usp=sharing

Latest Amazon SAA-C02 dumps practice test video tutorial

Latest Amazon AWS SAA-C02 practice exam questions at here:

QUESTION 1
A company\\’s website hosted on Amazon EC2 instances processes classified data stored in Amazon S3 Due to
security concerns, the company requires a private and secure connection between its EC2 resources and Amazon S3
Which solution meets these requirements?
A. Set up S3 bucket policies to allow access from a VPC endpoint.
B. Set up an IAM policy to grant read-write access to the S3 bucket.
C. Set up a NAT gateway to access resources outside the private subnet.
D. Set up an access key ID and a secret access key to access the S3 bucket
Correct Answer: A
Reference: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-overview.html


QUESTION 2
A company plans to deploy a new application in AWS that reads and writes information to a database. The company
wants to deploy the application in two different AWS Regions with each application writing to a database in their Region.
The databases in the Two Regions needs to keep We data synchronized What should be used to meet these
requirements?
A. Use Amazon Athena with Amazon S3 Cross-Region Replication
B. Use AWS Database Migration Service (AWS DMS] with change data capture between an RDS for MySQL cluster in
each Region
C. Use Amazon DynamoDB with global tables
D. Use Amazon RDS for PostgreSQL cluster with a Cross-Region Read Replica
Correct Answer: A

QUESTION 3
A company has copied 1 PB of data from a colocation facility to an Amazon S3 bucket in the us-east-1 Region using an
AWS Direct Connect link. The company now wants to copy the data to another S3 bucket in the us-west-2 Region. The
colocation facility does not allow the use AWS Snowball. What should a solutions architect recommend to accomplish
this?
A. Order a Snowball Edge device to copy the data from one Region to another Region.
B. Transfer contents from the source S3 bucket to a target S3 bucket using the S3 console.
C. Use the aws S3 sync command to copy data from the source bucket to the destination bucket.
D. Add a cross-Region replication configuration to copy objects across S3 buckets in different Reg.
Correct Answer: B


QUESTION 4
A company has a large dataset for its online advertising business stored in an Amazon RDS for MySQL
DB instance in a single Availability Zone. The company wants business reporting queries to run without
impacting the write operations to the production DB instance.
Which solution meets these requirements?
A. Deploy RDS read replicas to process the business reporting queries.
B. Scale out the DB instance horizontally by placing it behind an Elastic Load Balancer
C. Scale up the DB instance to a larger instance type to handle write operations and queries.
D. Deploy the DB instance in multiple Availability Zones to process the business reporting queries.
Correct Answer: A


QUESTION 5
A company wants to deploy an additional Amazon Aurora MySQL DB cluster for development purposes. The cluster will
be used several times a week for a few minutes upon to debug production query issues. The company wants to keep
overhead low for this resource. Which solution meets the company\\’s requirements MOST cost-effectively?
A. Purchas a Reserved Instance for the DB instances.
B. Run the DB instances on Aurora Serverless
C. Create a stop/start schedule for the DB instances.
D. Create an AWS Lambda function to stop DB instances it there are no active connections
Correct Answer: D

QUESTION 6
A solutions architect is designing a customer-facing application. The application is expected to have a variable amount
of reads and writes depending on the time of year and clearly defined access patterns throughout the year.
Management requires that database auditing and scaling be managed in the AWS Cloud. The Recovery Point Objective
(RPO) must be less than 5 hours. Which solutions can accomplish this? (Select TWO.)
A. Use Amazon DynamoDB with auto scaling. Use on-demand backups and AWS CloudTrail.
B. Use Amazon DynamoDB with auto scaling. Use on-demand backups and Amazon DynamoDB Streams.
C. Use Amazon Redshift Configure concurrency scaling. Enable audit logging. Perform database snapshots every 4
hours.
D. Use Amazon RDS with Provisioned IOPS. Enable the database auditing parameter. Perform database snapshots
every 5 hours.
E. Use Amazon RDS with auto scaling. Enable the database auditing parameter. Configure the backup retention period
to at least 1 day.
Correct Answer: AB


QUESTION 7
A company has a build server that is in an Auto Scaling group and often has multiple Linux instances running. The build
server requires consistent shared NFS storage for jobs and configurations. Which storage option should a solution
architect recommend?
A. Amazon S3
B. Amazon FSx
C. Amazon Elastic Block Store (Amazon EBS)
D. Amazon Elastic File System (Amazon EFS)
Correct Answer: D

QUESTION 8
As part of budget planning, management wants a report of AWS billed items listed by user. The data will
be used to create department budgets. A solutions architect needs to determine the most efficient way to
obtain this report information.
Which solution meets these requirements?
A. Run a query with Amazon Athena to generate the report.
B. Create a report in Cost Explorer and download the report.
C. Access the bill details from the billing dashboard and download the bill.
D. Modify a cost budget in AWS Budgets to alert with Amazon Simple Email Service (Amazon SES).
Correct Answer: D


QUESTION 9
A company is running its application in a single region on Amazon EC2 with Amazon Elastic Block Store
(Amazon EBS) and S3 as part of the storage design.
What should be done to reduce data transfer costs?
A. Create a copy of the compute environment in another AWS Region
B. Convert the application to run on [email protected]
C. Create an Amazon CloudFront distribution with Amazon S3 as the origin
D. Replicate Amazon S3 data to buckets in AWS Regions closer to the requester.
Correct Answer: C

QUESTION 10
The financial application at a company stores monthly reports in an Amazon S3 bucket. The vice president of finance
has mandated that all access to these reports be logged and that any modifications to the log files be detected Which
actions can a solutions architect take to meet these requirements7
A. Use S3 server access logging on the bucket that houses the reports with the read and write data events and log file
validation options enabled.
B. Use S3 server access logging on the bucket that houses the reports with the read and write management events and
log file validation options enabled
C. Use AWS CloudTrail to create a new trail. Configure the trail to log read and write data events on the S3 bucket that
houses the reports Log these events to a new bucket, and enable log file validation
D. Use AWS CloudTrail to create a new trail. Configure the trail to log read and write management events on the S3
bucket that houses the reports. Log these events to a new bucket, and enable log file validation.
Correct Answer: C


QUESTION 11
A company wants to migrate la accounting system from an on-premises data center to the AWS Cloud in a single AWS
Region Data security and an immutable audit log are the top priorities. The company must monitor all AWS activities for
compliance auditing. The company has enabled AWS CloudTrail but wants to make sure it meets these requirements
Which actions should a solutions architect take to protect and secure CloudTrail? (Select TWO.)
A. Enable CloudTrail log tile validation
B. Install the CloudTrail Processing Library
C. Enable logging of insights events in CloudTrail
D. Enable custom logging from the on-premises resources
E. Create an AWS Config rule to monitor whether CloudTrail is configured to use server-side encryption with AWS KMS
managed encryption keys (SSE-KMS)
Correct Answer: CE

QUESTION 12
A solutions architect is helping a developer design a new ecommerce shopping cart application using AWS services.
The developer is unsure of the current database schema and expects to make changes as the ecommerce site grows.
The solution needs to be highly resilient and capable of automatically scaling read and write capacity. Which database
solution meets these requirements?
A. Amazon Aurora PostgreSQL
B. Amazon DynamoDB with on-demand enabled
C. Amazon DynamoDB with DynamoDB Streams enabled
D. Amazon SQS and Amazon Aurora PostgreSQL
Correct Answer: A
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-general-nosql-design.html


QUESTION 13
A product team is creating a new application that will store a large amount of data The data will be analyzed hourly and
modified by multiple Amazon EC2 Linux instances The application team believes the amount of space needed will
continue to grow for the next 6 months Which set of actions should a solutions architect take to support these needs\\’?
A. Store the data in an Amazon EBS volume Mount the EBS volume on the application instances
B. Store the data in an Amazon EFS file system Mount the file system on the application instances
C. Store the data in Amazon S3 Glacier Update the vault policy to allow access to the application instances
D. Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) Update the bucket policy to allow access
to the application instances
Correct Answer: B
Amazon Elastic File System Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed
elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to
petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating
the need to provision and manage capacity to accommodate growth. Amazon EFS is designed to provide massively
parallel shared access to thousands of Amazon EC2 instances, enabling your applications to achieve high levels of
aggregate throughput and IOPS with consistent low latencies.
Amazon EFS is well suited to support a broad spectrum of use cases from home directories to business-critical
applications. Customers can use EFS to lift-and-shift existing enterprise applications to the AWS Cloud. Other use
cases include: big data analytics, web serving and content management, application development and testing, media
and entertainment workflows, database backups, and container storage. Amazon EFS is a regional service storing data
within and across multiple Availability Zones (AZs) for high availability and durability. Amazon EC2 instances can
access your file system across AZs, regions, and VPCs, while on-premises servers can access using AWS Direct
Connect or AWS VPN. https://aws.amazon.com/efs/

Welcome to download the valid Pass4itsure SAA-C02 pdf

Free downloadGoogle Drive
Amazon AWS SAA-C02 pdf https://drive.google.com/file/d/1gwY_gPm8qq1dBmZKCF5XqtmOsjqh3p7q/view?usp=sharing

Pass4itsure latest Amazon exam dumps coupon code free share

Summary:

New Amazon SAA-C02 exam questions from Pass4itsure SAA-C02 dumps! Welcome to download the newest Pass4itsure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html (605 Q&As), verified the latest SAA-C02 practice test questions with relevant answers.

Amazon AWS SAA-C02 dumps pdf free share https://drive.google.com/file/d/1gwY_gPm8qq1dBmZKCF5XqtmOsjqh3p7q/view?usp=sharing

[2021.2] Valid Amazon AWS SAA-C02 Practice Questions Free Share From Pass4itsure

Amazon AWS SAA-C02 is difficult. But with the Pass4itsure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html preparation material candidate, it can be achieved easily. In SAA-C02 practice tests, you can practice on the same exam as the actual exam. If you master the tricks you gained through practice, it will be easier to achieve your target score.

Amazon AWS SAA-C02 pdf free https://drive.google.com/file/d/1LGLeMvDYfb8shsHNsqJQn2F1LqNy8yxo/view?usp=sharing

Latest Amazon AWS SAA-C02 practice exam questions at here:

QUESTION 1
An operations team has a standard that states IAM policies should not be applied directly to users. Some
new members have not been following this standard. The operation manager needs a way to easily identify
the users with attached policies.
What should a solutions architect do to accomplish this?
A. Monitor using AWS CloudTrail
B. Create an AWS Config rule to run daily
C. Publish IAM user changes lo Amazon SNS
D. Run AWS Lambda when a user is modified
Correct Answer: C


QUESTION 2
A company uses Application Load Balancers (ALBs) in different AWS Regions. The ALBs receive inconsistent traffic
that can spike and drop throughout the year The company\\’s networking team needs to allow the IP addresses of the
ALBs in the on-premises firewall to enable connectivity. Which solution is the MOST scalable with minimal configuration
changes?
A. Write an AWS Lambda script to get the IP addresses of the ALBs in different Regions Update the on-premises
firewall\\’s rule to allow the IP addresses of the ALBs.
B. Migrate all ALBs in different Regions to the Network Load Balancers (NLBs) Update the on- premises firewall\\’s rule
to allow the Elastic IP addresses of all the NLBs.
C. Launch AWS Global Accelerator Register the ALBs in different Regions to the accelerator. Update the on-premises
firewall\\’s rule to allow static IP addresses associated with the accelerator.
D. Launch a Network Load Balancer (NLB) in one Region Register the private IP addresses of the ALBs m different
Regions with the NLB Update the on-premises firewall\\’s rule to allow the Elastic IP address attached to the NLB.
Correct Answer: C

QUESTION 3
A company that hosts its web application on AWS wants to ensure all Amazon EC2 instances. Amazon RDS DB
instances and Amazon Redshift clusters are configured with tags. The company wants to minimize the effort of
configuring and operating this check. What should a solutions architect do to accomplish this?
A. Use AWS Config rules to define and detect resources that are not property tagged
B. Use Cost Explorer to display resources that are not properly tagged Tag those resources manually.
C. Write API calls to check all resources for proper tag allocation. Periodically run the code on an EC2 instance.
D. Write API calls to check all resources for proper tag allocation. Schedule an AWS Lambda function through Amazon
CloudWatch to periodically run the code
Correct Answer: A


QUESTION 4
A monolithic application was recently migrated to AWS and is now running on a single Amazon EC2 instance. Due to
application limitations, it is not possible to use automatic scaling to scale out the application. The chief technology officer
(CTO) wants an automated solution to restore the EC2 instance in the unlikely event the underlying hardware fails.
What would allow for automatic recovery of the EC2 instance as quickly as possible?
A. Configure an Amazon CloudWatch alarm that triggers the recovery of the EC2 instance if it becomes impaired.
B. Configure an Amazon CloudWatch alarm to trigger an SNS message that alerts the CTO when the EC2 instance is
impaired.
C. Configure AWS CloudTrail to monitor the health of the EC2 instance, and if it becomes impaired, triggered instance
recovery.
D. Configure an Amazon EventBridge event to trigger an AWS Lambda function once an hour that checks the health of
the EC2 instance and triggers instance recovery if the EC2 instance is unhealthy.
Correct Answer: A

QUESTION 5
A start-up company has a web application based in the us-east-1 Region with multiple Amazon EC2 instances running
behind an Application Load Balancer across multiple Availability Zones As the company\\’s user base grows in the uswest- 1 Region, it needs 3 solution with low latency and high availability. What should a solutions architect do to
accomplish this?
A. Provision EC2 instances in us-west-1. Switch me Application Load Balancer to a Network Load Balancer to achieve
cross-Region load balancing.
B. Provision EC2 instances and an Application Load Balancer in us-west-1 Make the load balancer distribute the traffic
based on the location of the request
C. Provision EC2 instances and configure an Application Load Balancer in us-west-1. Create an accelerator in AWS
Global Accelerator that uses an endpoint group that includes the load balancer endpoints in both Regions.
D. Provision EC2 Instances and configure an Application Load Balancer in us-wesl-1 Configure Amazon Route 53 with
a weighted routing policy. Create alias records in Route 53 that point to the Application Load Balancer
Correct Answer: C
https://aws.amazon.com/global-accelerator/faqs/

QUESTION 6
An application requires a development environment (DEV) and production environment (PROD) for several years. The
DEV instances will run for 10 hours each day during normal business hours, while the PROD instances will run 24 hours
each day. A solutions architect needs to determine a compute instance purchase strategy to minimize costs.
Which solution is the MOST cost-effective?
A. DEV with Spot Instances and PROD with On-Demand Instances
B. DEV with On-Demand Instances and PROD with Spot Instances
C. DEV with Scheduled Reserved Instances and PROD with Reserved Instances
D. DEV with On-Demand Instances and PROD with Scheduled Reserved Instances
Correct Answer: C

QUESTION 7
A solutions architect has configured the following IAM policy.

SAA-C02 exam questions-q7

Which action will be allowed by the policy?
A. An AWS Lambda function can be deleted from any network.
B. An AWS Lambda function can be created from any network.
C. An AWS Lambda function can be deleted from the 100.220.0.0/20 network
D. An AWS Lambda function can be deleted from the 220 100.16 0 20 network
Correct Answer: D

QUESTION 8
An application running on AWS uses an Amazon Aurora Multi-AZ deployment for its database When evaluating
performance metrics, a solutions architect discovered that the database reads are causing high I/O and adding latency
to the write requests against the database What should the solutions architect do to separate the read requests from the
write requests?
A. Enable read-through caching on the Amazon Aurora database
B. Update the application to read from the Multi-AZ standby instance
C. Create a read replica and modify the application to use the appropriate endpoint
D. Create a second Amazon Aurora database and link it to the primary database as a read replica.
Correct Answer: C
Amazon RDS Read Replicas Amazon RDS Read Replicas provide enhanced performance and durability for RDS
database (DB) instances. They make it easy to elastically scale out beyond the capacity constraints of a single DB
instance for read-heavy database workloads. You can create one or more replicas of a given source DB Instance and
serve high-volume application read traffic from multiple copies of your data, thereby increasing aggregate read
throughput. Read replicas can also be promoted when needed to become standalone DB instances. Read replicas are
available in Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server as well as Amazon Aurora. For
the MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server database engines, Amazon RDS creates a second DB
instance using a snapshot of the source DB instance. It then uses the engines\\’ native asynchronous replication to
update the read replica whenever there is a change to the source DB instance. The read replica operates as a DB
instance that allows only read-only connections; applications can connect to a read replica just as they would to any DB
instance. Amazon RDS replicates all databases in the source DB instance.
Amazon Aurora futher extends the benefits of read replicas by employing an SSD-backed virtualized storage layer
purpose-built for database workloads. Amazon Aurora replicas share the same underlying storage as the source
instance, lowering costs and avoiding the need to copy data to the replica nodes. For more information about replication
with Amazon Aurora, see the online documentation.

SAA-C02 exam questions-q8

https://aws.amazon.com/rds/features/read-replicas/

QUESTION 9
A company stores user data in AWS. The data is used continuously with peak usage during business
hours. Access patterns vary, with some data not being used tor months at a time.
A solution architect must choose a cost that maintains the highest level ot durability while maintaining high
availability.
Which storage solution meets these requirements?
A. Amazon S3 Standard
B. Amazon S3 intelligent Tiering
C. Amazon S3 Glacier Deep Archive
D. Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)
Correct Answer: A


QUESTION 10
A company is planning to migrate its virtual server-based workloads to AWS The company has internetfacing load
balancers backed by application servers. The application servers rely on patches from an internet-hosted repository
Which services should a solutions architect recommend be hosted on the public subnet*? (Select TWO.)
A. NAT gateway
B. Amazon RDS DB instances
C. Application Load Balancers
D. Amazon EC2 application servers
E. Amazon Elastic File System (Amazon EFS) volumes
Correct Answer: AC

QUESTION 11
A three-tier web application processes orders from customers. The web tier consists of Amazon EC2 instances behind
an Application Load Balancer, a middle tier of three EC2 instances decoupled from the web tier using Amazon SQS.
and an Amazon DynamoDB backend. At peak times, customers who submit orders using the site have to wait much
longer than normal to receive confirmations due to lengthy processing times. A solutions architect needs to reduce
these processing times. Which action will be MOST effective in accomplishing this?
A. Replace the SQS queue with Amazon Kinesis Data Firehose.
B. Use Amazon ElastiCache for Redis in front of the DynamoDB backend tier.
C. Add an Amazon CloudFront distribution to cache the responses for the web tier.
D. Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SOS queue depth.
Correct Answer: D

QUESTION 12
A company currently stores symmetric encryption keys in a hardware security module (HSM). A solution architect must
design a solution to migrate key management to AWS. The solution should allow for key rotation and support the use of
customer provided keys. Where should the key material be stored to meet these requirements?
A. Amazon S3
B. AWS Secrets Manager
C. AWS Systems Manager Parameter store
D. AWS Key Management Service (AWS KMS)
Correct Answer: B
https://aws.amazon.com/cloudhsm/

QUESTION 13
A solutions architect must design a database solution for a high-traffic ecommerce web application. The database stores
customer profiles and shopping cart information. The database must support a peak load of several million requests
each second and deliver responses in milliseconds. The operational overhead for managing and scaling the database
must be minimized. Which database solution should the solutions architect recommend?
A. Amazon Aurora
B. Amazon DynamoDB
C. Amazon RDS
D. Amazon Redshift
Correct Answer: A

Welcome to download the valid Pass4itsure SAA-C02 pdf

Free downloadGoogle Drive
Amazon AWS SAA-C02 pdf https://drive.google.com/file/d/1LGLeMvDYfb8shsHNsqJQn2F1LqNy8yxo/view?usp=sharing

Summary:

New Amazon SAA-C02 exam questions from Pass4itsure SAA-C02 dumps! Welcome to download the newest Pass4itsure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html (559 Q&As), verified the latest SAA-C02 practice test questions with relevant answers.

Amazon AWS SAA-C02 dumps pdf free share https://drive.google.com/file/d/1LGLeMvDYfb8shsHNsqJQn2F1LqNy8yxo/view?usp=sharing