Tag: Pass4itSure saa-c02 dumps

SAA-C02 Dumps [Latest Version]: Useful AWS Certified Solutions Architect – Associate Prepare Materials

admin

Candidates can use the latest version of the SAA-C02 dumps updated by Pass4itSure to efficiently prepare for the AWS Certified Solutions Architect – Associate exam.

The new version of the SAA-C02 dumps > > https://www.pass4itsure.com/saa-c02.html is very accurate, which helps you prepare for the Amazon SAA-C02 exam. It will be your best AWS Certified Solutions Architect – Associate preparation material.

introduction SAA-C02 exam

A brief introduction to the AWS Certified Solutions Architect – Associate exam, what to say?

The true SAA-C02 exam is for anyone with a year or more of hands-on experience designing usable, cost-effective, fault-tolerant, and scalable distributed systems on AWS. You will need to complete the exam in 130 minutes and answer 65 questions. The type of question can be multiple choices or multiple answers. It costs $150 to take the exam.

Participate and pass AWS Certified Solutions Architect-Associate (SAA-C02) to earn AWS Certified Associate certification.

Which is the ideal AWS Certified Solutions Architect – Associate preparation material?

That must be the latest SAA-C02 dumps from the Pass4itSure launch.

Pass4itSure SAA-C02 dumps provide useful AWS Certified Solutions Architect-Assistant preparation materials, based on real exams, that are very effective. Can help you easily pass the SAA-C02 exam.

Where can I get the latest SAA-C02 dumps for Free Q&A?

Here is a free SAA-C02 exam preparation material for you.

SAA-C02 exam free preparation questions PDF download: https://drive.google.com/file/d/1kCMAVYvlQJu-d5egupz1_YRmapcMWuNg/view?usp=sharing

You can also read the online SAA-C02 exam questions directly below.

(SAA-C02 Free Dumps) AWS Certified Solutions Architect – Associate Exam Questions Answers: 2022.9

Q1 NEW.

A company has an AWS Glue extract. transform, and load (ETL) job that runs every day at the same time. The job processes XML data that is in an Amazon S3 bucket. New data is added to the S3 bucket every day.

A solutions architect notices that AWS Glue is processing all the data during each run. What should the solutions architect do to prevent AWS Glue from reprocessing old data?

A. Edit the job to use job bookmarks.
B. Edit the job to delete data after the data is processed
C. Edit the job by setting the number of workers field to 1.
D. Use a FindMatches machine learning (ML) transform.

Correct Answer: B

Q2 New.

A company captures ordered clickstream data from multiple websites and uses batch processing to analyze the data. The company receives 100 million event records, all approximately 1 KB in size, each day. The company loads the data into Amazon Redshift each night, and business analysts consume the data.

The company wants to move toward near-real-time data processing for timely insights. The solution should process the streaming data while requiring the least possible operational overhead. Which combination of AWS services will meet these requirements MOST cost-effectively? (Choose two.)

A. Amazon EC2
B. AWS Batch
C. Amazon Simple Queue Service (Amazon SQS)
D. Amazon Kinesis Data Firehose
E. Amazon Kinesis Data Analytics

Correct Answer: BC

Q3 New.

A company is planning to host its compute-intensive applications on Amazon EC2 instances. The majority of the network traffic will be between these applications The company needs a solution that minimizes latency and maximizes network throughput

The underlying hardware for the EC2 instances must not be shared with any other company Which solution will meet these requirements?

A. Launch EC2 instances as Dedicated Hosts in a cluster placement group
B. Launch EC2 instances as Dedicated Hosts in a partition placement group
C. Launch EC2 instances as Dedicated Instances in a cluster placement group
D. Launch EC2 instances as Dedicated Instances in a partition placement group

Correct Answer: A

Q4 New.

A solutions architect is working on optimizing a legacy document management application running on Microsoft a network file share. The chief information officer wants to reduce the on-premises data center footprint and minimize storage by moving on-premises storage to AWS.

What should the solution architect do to meet these requirements?

A. Set up an AWS Storage Gateway file gateway.
B. Set up Amazon Elastic File System (Amazon EFS).
C. Set up AWS Storage Gateway as a volume gateway.
D. Set up an Amazon Elastic Block Store (Amazon EBS) volume.

Correct Answer: A

Q5 New.

Cost Explorer is showing charges higher than expected for Amazon Elastic Block Store (Amazon EBS) volumes connected to application servers in a production account A significant portion of the changes from Amazon EBS are from volumes that were created as Provisioned IOPS SSD (io1) volume types Controlling costs is the highest priority for
this application.

Which steps should the user take to analyze and reduce the EBS costs without incurring any application downtime\\’? (Select TWO)

A. Use the Amazon EC2 ModifylnstanceAttribute action to enable EBS optimization on the application server instances
B. Use the Amazon CloudWatch GetMetricData action to evaluate the read-write operations and read/ write bytes of each volume
C. Use the Amazon EC2 ModifyVoiume action to reduce the size of the underutilized 101 volumes
D. Use the Amazon EC2 ModifyVolume action to change the volume type of the underutilized io1 volumes to General Purpose SSD (gp2)
E. Use an Amazon S3 PutBucketPolicy action to migrate existing volume snapshots to Amazon S3 Glacier

Correct Answer: AD

Q6 New.

A company has a service that produces event data. The company wants to use AWS to process the event data as it is received. The data is written in a specific order that
must be maintained throughout processing The company wants to implement a solution that minimizes operational overhead.

How should a solution architect accomplish this?

A. Create an Amazon Simple Queue Service (Amazon SQS) FIFO queue to hold messages. Set up an AWS Lambda function to process messages from the queue.
B. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process. Configure an AWS Lambda function as a subscriber
C. Create an Amazon Simple Queue Service (Amazon SQS) standard queue to hold messages Set up an AWS Lambda function 😮 process messages from the queue independently
D. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process Configure an Amazon Simple Queue Service (Amazon SQS) queue as a subscriber.

Correct Answer: A

Q7 New.

A company runs a web-based portal that provides users with global breaking news, local alerts, and weather updates. The portal delivers each user a personalized view by using a mixture of static and dynamic content Content is served over HTTPS through an API server running on an Amazon EC2 instance behind an Application Load Balancer (ALB).

The company wants the portal to provide this content to its users across the world as quickly as possible. How should a solutions architect design the application to ensure the LEAST amount of latency for all users?

A. Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve all static and dynamic content by specifying the ALB as an origin
B. Deploy the application stack in two AWS Regions Use an Amazon Route 53 latency routing policy to serve all content from the ALB in the closest Region.
C. Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve the static content Serve the dynamic content directly from the ALB.
D. Deploy the application stack in two AWS Regions Use an Amazon Route 53 geolocation routing policy to serve all content from the ALB in the closest Region.

Correct Answer: A

Q8 New.

A company uses on-premises servers to host its applications. The company is running out of storage capacity. The applications use both block storage and NFS storage. The company needs a high-performing solution that supports local caching without re-architecting its existing applications.

Which combination of actions should a solutions architect take to meet these requirements? (Select TWO.)

A. Mount Amazon S3 as a file system to the on-premises servers.
B. Deploy an AWS Storage Gateway file gateway to replace NFS storage
C. Deploy AWS Snowball Edge to provision NFS mounts to on-premises servers.
D. Deploy an AWS Storage Gateway volume gateway to replace the block storage.
E. Deploy Amazon Elastic Fife System (Amazon EFS) volumes and mount them to on-premises servers.

Correct Answer: BD

Q9 New.

A company is using a centralized AWS account to store log data in various Amazon S3 buckets. A solutions architect needs to ensure that the data is encrypted at rest before the data is uploaded to the S3 buckets. The data also must be encrypted in transit.

Which solution meets these requirements?

A. Use client-side encryption to encrypt the data that is being uploaded to the S3 buckets.
B. Use server-side encryption to encrypt the data that is being uploaded to the S3 buckets.
C. Create bucket policies that require the use of server-side encryption with S3-managed encryption keys (SSE-S3) for S3 uploads.
D. Enable the security option to encrypt the S3 buckets through the use of a default AWS Key Management Service (AWS KMS) key.

Correct Answer: B

Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingEncryption.html

Q10 New.

Organizers for a global event want to put daily reports online as static HTML pages The pages are expected to generate millions of views from users around the world The files are stored in an Amazon S3 bucket A solutions architect has been asked to design an efficient and effective solution.

Which action should the solutions architect take to accomplish this?

A. Generate pre-signed URLs for the files
B. Use cross-Region replication to all Regions
C. Use the geo proximity feature of Amazon Route 53
D. Use Amazon CloudFront with the S3 bucket as its origin

Correct Answer: D

Using Amazon S3 Origins, MediaPackage Channels, and Custom Origins for Web Distributions Using Amazon S3 Buckets for Your Origin When you use Amazon S3 as an origin for your distribution, you place any objects that you want CloudFront to deliver in an Amazon S3 bucket.

You can use any method that is supported by Amazon S3 to get your objects into Amazon S3, for example, the Amazon S3 console or API, or a third-party tool. You can create a hierarchy in your bucket to store the objects, just as you would with any other Amazon S3 bucket.

Using an existing Amazon S3 bucket as your CloudFront origin server doesn\’t change the bucket in any way; you can still use it as you normally would to store and access Amazon S3 objects at the standard Amazon S3 price. You incur regular Amazon S3 charges for storing the objects in the bucket.

Using Amazon S3 Buckets Configured as Website Endpoints for Your Origin You
can set up an Amazon S3 bucket that is configured as a website endpoint as a custom origin with CloudFront. When you configure your CloudFront distribution, for the origin, enter the Amazon S3 static website hosting endpoint for your bucket.

This value appears in the Amazon S3 console, on the Properties tab, and in the Static website hosting pane.

For example http://bucket-name.s3-website-region.amazonaws.com

For more information about specifying Amazon S3 static website endpoints, see Website endpoints in the Amazon Simple Storage Service Developer Guide. When you
specify the bucket name in this format as your origin, you can use Amazon S3 redirects and Amazon S3 custom error documents.

For more information about Amazon S3 features, see the Amazon S3 documentation. Using an Amazon S3 bucket as your CloudFront origin server doesn\’t change it in any way. You can still use it as you normally would and you incur regular Amazon S3 charges.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCust omOrigins.html

Q11 New.

A company has a three-tier, stateless web application. The company\’s web and application tiers run on Amazon BC2 instances in an Auto Scaling group with an Amazon Elastic Block Store (Amazon EBS) root volume, and the database tier runs on Amazon RDS for PostgreSQL. The company\’s recovery point objective (RPO) is 2 hours

What should a solutions architect recommend enabling backups for this environment?

A. Take snapshots of EBS volumes of the EC2 instances and database every 2 hours
B. Configure a snapshot lifecycle policy to take EBS snapshots and configure an automated database backup in Amazon RDS to meet the RPO
C. Take snapshots of EBS volumes of the EC2 instances every 2 hours Configure an automated database backup in Amazon RDS so that it runs every 2 hours
D. Retain the latest Amazon Machine Images (AMIs) of the web and application tiers Configure daily Amazon RDS snapshots and use point-in-time recovery to meet the RPO.

Correct Answer: D

Q12 New.

A gaming company hosts a browser-based application on AWS. The users of the application consume a large number of videos and images that are stored in Amazon S3. This content is the same for all users.

The application has increased in popularity, and millions of users worldwide are accessing these media files. The company wants to provide the files to the users while reducing the load on the origin.

Which solution meets these requirements MOST cost-effectively?

A. Deploy an AWS Global Accelerator accelerator in front of the web servers.
B. Deploy an Amazon CloudFront web distribution in front of the S3 bucket.
C. Deploy an Amazon ElastiCache for Redis instance in front of the web servers.
D. Deploy an Amazon ElastiCache for Memcached instance in front of the web servers.

Correct Answer: B

Reference: https://aws.amazon.com/getting-started/hands-on/deliver-content-faster/

Q13 New.

A company hosts a training site on a fleet of Amazon EC2 instances. The company anticipates that its new course, which consists of dozens of training videos on the site, will be extremely popular when it is released in 1 week.

What should a solutions architect do to minimize the anticipated server load?

A. Store the videos in Amazon ElastiCache for Redis Update the web servers to serve the videos using the Elastic cache API
B. Store the videos in Amazon Elastic File System (Amazon EFS) Create a user data script for the web servers to mount the EFS volume.
C. Store the videos in an Amazon S3 bucket Create an Amazon CloudFlight distribution with an origin access identity (OAI) of that S3 bucket Restrict Amazon S3 access to the OAI.
D. Store the videos in an Amazon S3 bucket. Create an AWS Storage Gateway file gateway to access the S3 bucket Create a user data script for the web servers to mount the file gateway

Correct Answer: C

With the latest SAA-C02 dumps, it’s easy to get AWS Certified Associate certification. More Amazon SAA-C02 exam questions are on this website.

Is it possible to pass the AWS SAA-C02 exam in 4 days of study

admin

Anything is possible, as long as you try. What needs to be done is to find the easiest way to pass the Amazon AWS SAA-C02 exam. Pass4itSure SAA-C02 dumps are the best resources for this certification. I mean, SAA-C02 dumps learning can improve your learning efficiency, let you pass the exam as quickly as possible.

The Pass4itSure SAA-C02 practice exam is absolutely first-class and helps you gain a better understanding of AWS SAA-C02. Here are some of the latest updates to the SAA-C02 exam practice questions to help you improve your pass rate! Of course, this is not enough to get the full SAA-C02 exam questions and answers https://www.pass4itsure.com/saa-c02.html (PDF + VCE) to help you pass the exam 100% early.

Free AWS SAA-C02 exam questions PDF

[latest PDF] free AWS SAA-C02 PDF https://drive.google.com/file/d/1KO4_xHVZhkSXpsoTfhzVq-2NPpjGA2Tc/view?usp=sharing

The latest free AWS SAA-C02 exam PDF is from Pass4itSure SAA-C02 exam dumps! Get the complete exam questions and answers in Pass4itSure.

Practice Exams: AWS SAA-C02 exam questions and answers free

QUESTION 1 #

A start-up company has a web application based in the us-east-1 Region with multiple Amazon EC2 instances running behind an Application Load Balancer across multiple Availability Zones As the company\\’s user base grows in the west- 1 Region, it needs 3 solutions with low latency and high availability.

What should a solutions architect do to accomplish this?

A. Provision EC2 instances in us-west-1. Switch my Application Load Balancer to a Network Load Balancer to achieve cross-Region load balancing.

B. Provision EC2 instances and an Application Load Balancer in us-west-1 Make the load balancer distribute the traffic based on the location of the request

C. Provision EC2 instances and configure an Application Load Balancer in us-west-1. Create an accelerator in AWS Global Accelerator uses an endpoint group that includes the load balancer endpoints in both Regions.

D. Provision EC2 Instances and configure an Application Load Balancer in us-wesl-1 Configure Amazon Route 53 with
a weighted routing policy. Create alias records in Route 53 that point to the Application Load Balancer

Correct Answer: C

Register endpoints for endpoint groups: You register one or more regional resources, such as Application Load Balancers, Network Load Balancers, EC2 Instances, or Elastic IP addresses, in each endpoint group. Then you can set weights to choose how much traffic is routed to each endpoint.
Endpoints in AWS Global Accelerator can be Network Load Balancers, Application Load
Balancers, Amazon EC2 instances, or Elastic IP addresses.

A static IP address serves as a single point of contact for clients, and Global Accelerator then distributes incoming traffic across healthy endpoints.
Global Accelerator directs traffic to endpoints by using the port (or port range) that you specify for the listener that the endpoint group for the endpoint belongs to.
Each endpoint group can have multiple endpoints. You can add each endpoint to multiple endpoint groups, but the endpoint groups must be associated with different listeners.

Global Accelerator continually monitors the health of all endpoints that are included in an endpoint group. It routes traffic only to the active endpoints that are healthy. If Global Accelerator does ?€™t have any healthy endpoints to route traffic to, it routes traffic to all endpoints.

Reference:
https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints.html
https://aws.amazon.com/global-accelerator/faqs/

QUESTION 2 #

Company is running an application on Amazon EC2 instances. Traffic to the workload increases substantially during business hours and decreases afterward. The CPU utilization of an EC2 instance is a strong indicator of end-user demand on the application. The company has configured an Auto Scaling group to have a minimum group size of 2 EC2 instances and a maximum group size of 10 EC2 instances.

The company is concerned that the current scaling policy that is associated with the Auto Scaling group might not be correct. The company must avoid over-provisioning EC2 instances and incurring unnecessary costs.

What should a solutions architect recommend to meet these requirements?

A. Configure Amazon EC2 Auto Scaling to use a scheduled scaling plan and launch an additional 8 EC2 instances during business hours.

B. Configure AWS Auto Scaling to use a scaling plan that enables predictive scaling. Configure predictive scaling with a scaling model of forecast and scale, and enforce the maximum capacity setting during scaling.

C. Configure a step scaling policy to add 4 EC2 instances at 50% CPU utilization and add another 4 EC2 instances at 90% CPU utilization. Configure scale-in policies to perform the reverse and remove EC2 instances based on the two values.

D. Configure AWS Auto Scaling to have the desired capacity of 5 EC2 instances, and disable any existing scaling policies. Monitor the CPU utilization metric for 1 week. Then create dynamic scaling policies that are based on the observed values.

Correct Answer: B

QUESTION 3 #

A company needs the ability to analyze the log files of its proprietary application The logs are stored in JSON format in an Amazon S3 bucket Queries will be simple and will run on- demand A solutions architect needs to perform the analysis with minimal changes to the existing architecture
What should the solutions architect do to meet these requirements with the LEAST amount of operational overhead?

A. Use Amazon Redshift to load all the content into one place and run the SQL queries as needed

B. Use Amazon CloudWatch Logs to store the logs Run SQL queries as needed from the Amazon CloudWatch console

C. Use Amazon Athena directly with Amazon S3 to run the queries as needed

D. Use AWS Glue to catalog the logs Use a transient Apache Spark cluster on Amazon EMR to run the SQL queries as needed

Correct Answer: B

QUESTION 4 #

An application running on AWS uses an Amazon Aurora Multi-AZ deployment for its database When evaluating performance metrics, a solutions architect discovered that the database reads are causing high I/O and adding latency to the write requests against the database What should the solutions architect do to separate the read requests from the write requests?

A. Enable read-through caching on the Amazon Aurora database

B. Update the application to read from the Multi-AZ standby instance

C. Create a read replica and modify the application to use the appropriate endpoint

D. Create a second Amazon Aurora database and link it to the primary database as a read replica.

Correct Answer: C

Amazon RDS Read Replicas provide enhanced performance and durability for RDS database (DB) instances. They make it easy to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads.

You can create one or more replicas of a given source DB Instance and serve high-volume application read traffic from multiple copies of your data, thereby increasing aggregate read throughput. Read replicas can also be promoted when needed to become standalone DB instances. Read replicas are available in Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server as well as Amazon Aurora.

For MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server database engines, Amazon RDS creates a second DB instance using a snapshot of the source DB instance. It then uses the engines\’ native asynchronous replication to update the read replica whenever there is a change to the source DB instance.

The read replica operates as a DB instance that allows only read-only connections; applications can connect to a read replica just as they would to any DB instance. Amazon RDS replicates all databases in the source DB instance.

Amazon Aurora further extends the benefits of reading replicas by employing an SSD-backed virtualized storage layer purpose-built for database workloads. Amazon Aurora replicas share the same underlying storage as the source instance, lowering costs and avoiding the need to copy data to the replica nodes. For more information about replication with Amazon Aurora, see the online documentation.

https://aws.amazon.com/rds/features/read-replicas/

QUESTION 5 #

A company has multiple AWS accounts, for various departments. One of the departments wants to share an Amazon S3 bucket with all other departments.

Which solution will require the LEAST amount of effort?

A. Enable cross-account S3 replication for the bucket

B. Create a pre-signed URL for the bucket and share it with other departments

C. Set the S3 bucket policy to allow cross-account access to other departments

D. Create IAM users for each of the departments and configure a read-only IAM policy

Correct Answer: C
https://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-accessexample2.html

QUESTION 6 #

A company has a customer relationship management (CRM) application that stores data in an Amazon RDS DB instance that runs Microsoft SQL Server. The company\’s IT staff has administrative access to the database. The database contains sensitive data. The company wants to ensure that the data is not accessible to the IT staff and that only authorized personnel can view the data.

What should a solutions architect do to secure the data?

A. Use client-side encryption with an Amazon RDS managed key.

B. Use client-side encryption with an AWS Key Management Service (AWS KMS) customer-managed key.

C. Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) default encryption key.

D. Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) customer-managed key.
Correct Answer: C

QUESTION 7 #

A solutions architect is designing a VPC with public and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs) for high availability.

An intern! gateway is used to provide internet access for the public subnets. The private subnets require access to the internet to allow Amazon EC2 instances to download software updates.

What should the solutions architect do to enable internet access for the private subnets?

A. Create three NAT gateways, one for each public subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT gateway in its AZ

B. Create three NAT instances, one for each private subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT instance in its AZ

C. Create a second internet gateway on one of the private subnets. Update the routing table for the private subnets that forward non-VPC traffic to the private internet gateway

D. Create an egress-only internet gateway on one of the public subnets. Update the routing table for the private subnets that forward non-VPC traffic to the egress only internet gateway

Correct Answer: B

QUESTION 8 #

A company currently stores symmetric encryption keys in a hardware security module (HSM). A solution architect must design a solution to migrate key management to AWS. The solution should allow for key rotation and support the use of customer-provided keys.

Where should the key material be stored to meet these requirements?

A. Amazon S3

B. AWS Secrets Manager

C. AWS Systems Manager Parameter store

D. AWS Key Management Service (AWS KMS)

Correct Answer: B
https://aws.amazon.com/cloudhsm/

QUESTION 9 #

A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB) The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures.

What should the solutions architect recommend?

A. Leverage Amazon CloudFront with the ALB endpoint as the origin

B. Deploy an appropriately managed rule for AWS WAF and associate it with the ALB

C. Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked

D. Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances

Correct Answer: B

QUESTION 10 #

The company has a live chat application running on a list of on-premises servers that use WebSockets. The company wants to migrate the application to AWS Application traffic is inconsistent, and the company expects there to be more traffic with sharp spikes in the future.

Does the company want a highly scalable solution with no server maintenance nor advanced capacity planning Which solution meets these requirements?

A. Use Amazon API Gateway and AWS Lambda with an Amazon DynamoDB table as the data store Configure the DynamoDB table for provisioned capacity

B. Use Amazon API Gateway and AWS Lambda with an Amazon DynamoDB table as the data store Configure the DynaiWDB table for on-demand capacity

C. Run Amazon EC2 instances behind an Application Load Balancer in an Auto Scaling group with an Amazon DynamoDB table as the data store Configure the DynamoDB table for on-demand capacity

D. Run Amazon EC2 instances behind a Network Load Balancer in an Auto Scaling group with an Amazon DynamoDB table as the data store Configure the DynamoDB table for provisioned capacity

Correct Answer: B

QUESTION 11 #

A company runs a static website through its on-premises data center. The company has multiple servers mat handle all of its traffic, but on busy days, services are interrupted and the website becomes unavailable. The company wants to expand its presence globally and plans to triple its website traffic.

What should a solutions architect recommend to meet these requirements?

A. Migrate the website content to Amazon S3 and host the website on Amazon CloudFront.

B. Migrate the website content to Amazon EC2 instances with public Elastic IP addresses in multiple AWS Regions.

C. Migrate the website content to Amazon EC2 instances and vertically scale as the load increases.

D. Use Amazon Route 53 to distribute the loads across multiple Amazon CloudFront distributions for each AWS Region that exists globally.

Correct Answer: A

Amazon CloudFront is a global Content Delivery Network (CDN), which will host your website on a global network of edge servers, helping users load your website more quickly. When requests for your website content come through, they are automatically routed to the nearest edge location, closest to where the request originated from, so your content is delivered to your end-user with the best possible performance.

QUESTION 12 #

A solution architect is performing a security review of a recently migrated workload. The workload is a web application that consists of Amazon EC2 instances in an Auto Scaling group behind an Application Load balancer. The solution architect must improve the security posture and minimize the impact of a DDoS attack on resources.

Which solution is MOST effective?

A. Configure an AWS WAF ACL with rate-based rules. Create an Amazon CloudFront distribution that points to the Application Load Balancer. Enable the EAF ACL on the CloudFront distribution

B. Create a custom AWS Lambda function that adds identified attacks into a common vulnerability pool to capture a potential DDoS attack. use the identified information to modify a network ACL to block access.

C. Enable VPC Flow Logs and store them in Amazon S3. Create a custom AWS Lambda functions that parse the logs looking for a DDoS attack. Modify a network ACL to block identified source IP addresses.

D. Enable Amazon GuardDuty and configure findings written 10 Amazon GloudWatch Create an event with Cloud Watch Events for DDoS alerts that trigger Amazon Simple Notification Service (Amazon SNS) Have Amazon SNS invoke a custom AWS Lambda function that parses the logs looking for a DDoS attack Modify a network ACL to block identified source IP addresses

Correct Answer: B

QUESTION 13

A solutions architect needs to ensure that all Amazon Elastic Block Store (Amazon EBS) volumes restored from unencrypted EBS snapshots are encrypted What should the solutions architect do to accomplish this?

A. Enable EBS encryption by default for the AWS Region

B. Enable EBS encryption by default for the specific volumes

C. Create a new volume and specify the symmetric customer master key (CMK) to use for encryption

D. Create a new volume and specify the asymmetric customer master key (CMK) to use for encryption.

Correct Answer: C

This is only part of the complete exam question answer in Pass4itSure. After each question, read the wrong answers carefully and try to understand the concepts. Instead of trying to remember the answer, try to understand the theory/concept.

Finally

Pass4itSure’s real-time updates to SAA-C02 questions and answers help you pass exams quickly. Study hard, use the right way to learn! It is possible to pass the Amazon AWS SAA-C02 exam in a 4-day study. You can visit Pass4itSure to get the complete AWS SAA-C02 exam dumps https://www.pass4itsure.com/saa-c02.html (Q&As: 787). 100% help you pass the exam early.

Good luck to those going for SAA-C02!

[2021.8] Pdf, Practice Exam Free, Amazon SAA-C02 Practice Questions Free Share

admin

Are you preparing for the Amazon SAA-C02 exam? Well, this is the right place, we provide you with free AmazonSAA-C02 practice questions. Free SAA-C02 exam sample questions, SAA-C02 PDF download. Pass Amazon SAA-C02 exam with practice tests and exam dumps from Pass4itSure! Pass4itSure SAA-C02 dumps https://www.pass4itsure.com/saa-c02.html (Q&As: 693).

Amazon SAA-C02 pdf free download

SAA-C02 pdf free https://drive.google.com/file/d/1advj2Wn9uVEW-bXAySblAdm4FNl81-Fz/view?usp=sharing

Latest Amazon SAA-C02 practice exam questions

QUESTION 1
A company decides to migrate its three-tier web application from on premises to the AWS Cloud. The new database
must be capable of dynamically scaling storage capacity and performing table joins. Which AWS service meets these
requirements?
A. Amazon Aurora
B. Amazon RDS for SqlServer
C. Amazon DynamoDB Streams
D. Amazon DynamoDB on-demand
Correct Answer: A

QUESTION 2
A public-facing web application queries a database hosted on a Amazon EC2 instance in a private subnet.
A large number of queries involve multiple table joins, and the application performance has been
degrading due to an increase in complex queries. The application team will be performing updates to
improve performance.
What should a solutions architect recommend to the application team? (Select TWO.)
A. Cache query data in Amazon SQS
B. Create a read replica to offload queries
C. Migrate the database to Amazon Athena
D. Implement Amazon DynamoDB Accelerator to cache data.
E. Migrate the database to Amazon RDS
Correct Answer: BE

QUESTION 3
A company has several web servers that need to frequently access a common Amazon RDS MySQL Multi-AZ instance.
The company wants a secure method for the web servers to connect to thedatabase while meeting a security
requirement to rotate user credentials frequently. A company has several web servers that need to frequently access a
common Amazon ROS MySQL Muto-AZ DB instance The company wants a secure method for the web servers to
connect to the database while meeting a security requirement to rotate user credentials frequently Which solution meets
these requirements^
A. Store the database user credentials in AWS Secrets Manager Grant the necessary 1AM permissions to allow the
web servers to access AWS Secrets Manager
B. Store the database user credentials m AWS Systems Manager OpsCenter Grant the necessary 1AM permissions to
allow the web servers to access OpsCenter
C. Store the database user credentials in a secure Amazon S3 bucket Grant the necessary 1AM permissions to allow
the web servers to retrieve credentials and access the database
D. Store the database user credentials in fries encrypted with AWS Key Management Service (AWS KMS) on the web
server file system The web server should be able to decrypt the files and access the database
Correct Answer: A

QUESTION 4
A company provides an online service for posting video content and transcoding it for use by any mobile platform. The
application architecture uses Amazon Elastic File System (Amazon EFS) Standard to collect and store the videos so
that multiple Amazon EC2 Linux instances can access the video content for processing As the popularity of the service
has grown over time, the storage costs have become too expensive Which storage solution is MOST cost-effective?
A. Use AWS Storage Gateway for files to store and process the video content
B. Use AWS Storage Gateway for volumes to store and process the video content
C. Use Amazon EFS for storing the video content Once processing is complete, transfer the files to Amazon Elastic
Block Store (Amazon EBS)
D. Use Amazon S3 for storing the video content Move the files temporarily over to an Amazon Elastic Block Store
(Amazon EBS) volume attached to the server for processing
Correct Answer: A

QUESTION 5
A company uses Amazon S3 as its object storage solution. The company has thousands of S3 it uses to store data
Some of the S3 bucket have data that is accessed less frequently than others. A solutions architect found that lifecycle
policies are not consistently implemented or are implemented partially. resulting in data being stored in high-cost
storage. Which solution will lower costs without compromising the availability of objects?
A. Use S3 ACLs
B. Use Amazon Elastic Block Store EBS) automated snapshots
C. Use S3 intelligent-Tiering storage
D. Use S3 One Zone-infrequent Access (S3 One Zone-IA).
Correct Answer: C

QUESTION 6
A development team is creating an event-based application that uses AWS Lambda functions. Events will be generated when files are added to an Amazon S3 bucket. The development team currently has Amazon
Simple Notification Service (Amazon SNS) configured as the event target from Amazon S3.
What should a solution architect do to process the events from Amazon S3 in a scalable why?
A. Create an SNS subscription that processes the event in Amazon Elastic Container Service (Amazon ECS) before the
event runs in Lambda.
B. Create an SNS subscription that processes the event in Amazon Elastic Kubermetes Service (Amazon EKS) before
the event runs in Lambda.
C. Create on SNS subscription that sends the event to AWS Server Migration Service (AWS SQS).Configure the SQS
queue to trigger a Lambda function.
D. Create an SNS subscription that sends the event to AWS Server Migration Service (AWS SMS).Configure the
Lambda function to poll from the SMS event
Correct Answer: D

QUESTION 7
An application running on an Amazon EC2 instance needs to securely access tiles on an Amazon Elastic File System
(Amazon I tile system. The EFS tiles are stored using encryption at rest. Which solution for accessing the tiles is MOST
secure?
A. Enable TLS when mounting Amazon EFS
B. Store the encryption key in the code of the application
C. Enable AWS Key Management Service (AWS KMS) when mounting Amazon EFS
D. Store the encryption key in an Amazon S3 bucket and use IAM roles to grant the EC2 instance access permission
Correct Answer: B

QUESTION 8
A company has an application running on Amazon EC2 On-Demand Instances. The application does not scale, and the
Instances run In one AWS Region. The company wants the flexibility to change the operating system from Windows to
AWS Linux in the future. The company needs to reduce the cost of the instances without creating additional operational
overhead or changes to the application What should the company purchase lo meet these requirements MOST costeffectively?
A. Dedicated Hosts for the Instance type being used
B. A Compute Savings Plan for the instance type being used
C. An EC2 Instance Savings Plan (or the instance type being used
D. Convertible Reserved Instances tor the instance type being used
Correct Answer: D

QUESTION 9
A company with facilities in North America Europe, and Asia is designing new distributed application to optimize its
global supply chain and manufacturing process. The orders booked on one continent should be visible to all Regions in
a second or less. The database should be able to support failover with a short Recovery Time Objective (RTO) The
uptime of the application is important to ensure that manufacturing is not impacted What should a solutions architect
recommend?
A. Use Amazon DynamoDB global tables
B. Use Amazon Aurora Global Database
C. Use Amazon RDS for MySQL with a cross-Region read replica
D. Use Amazon RDS for PostgreSQL with a cross-Region read replica
Correct Answer: A

QUESTION 10
A company is migrating its applications to AWS. Currently, applications that run on premises generate hundreds of
terabytes of data that is stored on a shared file system. The company is running an analytics application in the cloud
that runs hourly to generate insights from this data.
The company needs a solution to handle the ongoing data transfer between the on-premises shared file system and
Amazon S3. The solution also must be able to handle occasional interruptions in internet connectivity.
Which solutions should the company use for the data transfer to meet these requirements?
A. AWS DataSync
B. AWS Migration Hub
C. AWS Snowball Edge Storage Optimized
D. AWS Transfer for SFTP
Correct Answer: A
Reference: https://aws.amazon.com/cloud-data-migration/

QUESTION 11
An operations team has a standard that states IAM policies should not be applied directly to users. Some
new members have not been following this standard. The operation manager needs a way to easily identify
the users with attached policies.
What should a solutions architect do to accomplish this?
A. Monitor using AWS CloudTrail
B. Create an AWS Config rule to run daily
C. Publish IAM user changes lo Amazon SNS
D. Run AWS Lambda when a user is modified
Correct Answer: C

QUESTION 12
A company is managing health records on-premises. The company must keep these records indefinitely, disable any
modifications to the records once they are stored, and granularly audit access at all levels. The chief technology officer
(CTO) is concerned because there are already millions of records not being used by any application, and the current
infrastructure is running out of space The CTO has requested a solutions architect design a solution to move existing
data and support future records Which services can the solutions architect recommend to meet these requirements\\’?
A. Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data Enable Amazon
S3 object lock and enable AWS CloudTrail with data events.
B. Use AWS Storage Gateway to move existing data to AWS Use Amazon S3 to store existing and new data. Enable
Amazon S3 object lock and enable AWS CloudTrail with management events.
C. Use AWS DataSync to move existing data to AWS Use Amazon S3 to store existing and new data Enable Amazon
S3 object lock and enable AWS CloudTrail with management events.
D. Use AWS Storage Gateway to move existing data to AWS Use Amazon Elastic Block Store (Amazon EBS) to store
existing and new data Enable Amazon S3 object lock and enable Amazon S3 server access logging
Correct Answer: C

QUESTION 13
A company wants to reduce Its Amazon S3 storage costs in its production environment without impacting durability or
performance of the stored objects What is the FIRST step the company should take to meet these objectives?
A. Enable Amazon Made on the business-critical S3 buckets lo classify the sensitivity of the objects
B. Enable S3 analytics to Identify S3 buckets that are candidates for transitioning to S3 Standard-Infrequent Access (S3
Standard-IA)
C. Enable versioning on all business-critical S3 buckets.
D. Migrate me objects in all S3 buckets to S3 Intelligent-Tie ring
Correct Answer: D

Pass4itsure Amazon exam dumps coupon code 2021

Pass4itsure Amazon exam dumps coupon code 2021

SAA-C02 pdf free share https://drive.google.com/file/d/1advj2Wn9uVEW-bXAySblAdm4FNl81-Fz/view?usp=sharing

AAWS Certified Associate

Valid Amazon DVA-C01 Practice Questions Free Share

[2021.3] DVA-C01 Questions https://www.examdemosimulation.com/valid-amazon-aws-dva-c01-practice-questions-free-share-from-pass4itsure-2/

Valid Amazon SAA-C01 Practice Questions Free Share

[2021.3] SAA-C01 Questions https://www.examdemosimulation.com/valid-amazon-aws-saa-c01-practice-questions-free-share-from-pass4itsure/

Valid Amazon SOA-C01 Practice Questions Free Share

[2021.3] SOA-C01 Questions https://www.examdemosimulation.com/valid-amazon-aws-soa-c01-practice-questions-free-share-from-pass4itsure/

ps.

Pass4itSure provides updated Amazon SAA-C02 dumps as the practice test and pdf https://www.pass4itsure.com/saa-c02.html (Updated: Aug 05, 2021). Pass4itSure SAA-C02 dumps help you prepare for the Amazon SAA-C02 exam quickly!