Amazon SAA-C02 AWS Certified Solutions Architect – Associate Online Training
Amazon SAA-C02 Online Training
The questions for SAA-C02 were last updated at Apr 22,2024.
- Exam Code: SAA-C02
- Exam Name: AWS Certified Solutions Architect – Associate
- Certification Provider: Amazon
- Latest update: Apr 22,2024
A company’s website hosted on Amazon EC2 instances processes classified data stored in Amazon S3. Due to security concerns, the company requires a private and secure connection between its EC2 resources and Amazon S3.
Which solution meets these requirements?
- A . Set up S3 bucket policies to allow access from a VPC endpoint
- B . Set up an IAM policy to grant read-write access to the S3 bucket,
- C . Set up a NAT gateway to access resources outside the private subnet
- D . Set up an access key ID and a secret access key to access the S3 bucket
A company runs an application on a group of Amazon Linux EC2 instances. For compliance reasons, the company must retain all application log files for 7 years. The log files will be analyzed by a reporting tool that must be able to access all the files concurrently.
Which storage solution meets these requirements MOST cost-effectively?
- A . Amazon Elastic Block Store (Amazon EBS)
- B . Amazon Elastic File System (Amazon EFS)
- C . Amazon EC2 instance store
- D . Amazon S3
A company processes large amounts of data. The output data is stored in Amazon S3 Standard storage in an S3 bucket, where it is analyzed for 1 month. The data must remain immediately accessible after the 1-month analysis period.
Which storage solution meets these requirements MOST cost-effectively?
- A . Configure an S3 Lifecycle policy to transition the objects to S3 Glacier after 30 days.
- B . Configure S3 Intelligent-Tiering to transition the objects to S3 Glacier after 30 days.
- C . Configure an S3 Lifecycle policy to transition the objects to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 30 days.
- D . Configure an S3 Lifecycle policy to delete the objects after 30 days. Enable versioning on the S3 bucket so that deleted objects can still be immediately restored as needed.
A company hosts historical weather records in Amazon S3. The records are downloaded from the company’s website by way of a URL that resolves to a domain name Users all over the world access this content through subscriptions A third-party provider hosts the company’s root domain name, but the company recently migrated some of its services to Amazon Route 53. The company wants to consolidate contracts, reduce latency for users, and reduce costs related to serving the application to subscribers
Which solution meets these requirements?
- A . Create a web distribution on Amazon CloudFront to serve the S3 content for the application Create a CNAME record in a Route 53 hosted zone that points to the CloudFront distribution, resolving to the application’s URL domain name.
- B . Create a web distribution on Amazon CloudFront to serve the S3 content for the application. Create an ALIAS record in the Amazon Route 53 hosted zone that points to the CloudFront distribution, resolving to the application’s URL domain name.
- C . Create an A record in a Route 53 hosted zone for the application. Create a Route 53 traffic policy for the web application, and configure a geolocation rule Configure health checks to check the health of the endpoint and route DNS queries to other endpoints if an endpoint is unhealthy.
- D . Create an A record in a Route 53 hosted zone for the application Create a Route 53 traffic policy for the web application, and configure a geoproximity rule. Configure health checks to check the health of the endpoint and route DNS queries to other endpoints if an endpoint is unhealthy
A company is creating an architecture for a mobile app that requires minimal latency for its users. The company’s architecture consists of Amazon EC2 instances behind an Application Load Balancer running in an Auto Seating group. The EC2 instances connect to Amazon RDS Application beta testing showed there was a slowdown when reading the data However, the metrics indicate that the EC2 instances do not cross any CPU utilization thresholds
How can this issue be addressed?
- A . Reduce the threshold for CPU utilization in the Auto Scaling group
- B . Replace the Application Load Balancer with a Network Load Balancer.
- C . Add read replicas for the RDS instances and direct read traffic to the replica
- D . Add Multi-AZ support to the RDS instances and direct read traffic to the new EC2 instance
A solutions architect is designing the cloud architecture for a new application that is being deployed on AWS. The application’s users will interactively download and upload files. Files that are more than 90 days old will be accessed less frequently than newer files, but all files need to be instantly available. The solutions architect must ensure that the application can scale to store petabytes of data with maximum durability.
Which solution meets these requirements?
- A . Store the files in Amazon S3 Standard. Create an S3 Lifecycle policy that moves objects that are more than 90 days old to S3 Glacier.
- B . Store the tiles in Amazon S3 Standard. Create an S3 Lifecycle policy that moves objects that are more than 90 days old to S3 Standard-Infrequent Access (S3 Standard-IA).
- C . Store the files in Amazon Elastic Block Store (Amazon EBS) volumes. Schedule snapshots of the volumes. Use the snapshots to archive data that is more than 90 days old.
- D . Store the files in RAID-striped Amazon Elastic Block Store (Amazon EBS) volumes. Schedule snapshots of the volumes. Use the snapshots to archive data that is more than 90 days old.
An application runs on Amazon EC2 instances across multiple Availability Zones. The instances run in an Amazon EC2 Auto Scaling group behind an Application Load Balancer. The application performs best when the CPU utilization of the EC2 instances is at or near 40%.
What should a solutions architect do to maintain the desired performance across all instances in the group?
- A . Use a simple scaling policy to dynam
- B . Amazon DynamoDB global tables
- C . Amazon RDS for MySQL with Multi-AZ enabled
- D . Amazon RDS for MySQL with a cross-Region snapshot copy
A solutions architect needs to design a network that will allow multiple Amazon EC2 instances to access a common data source used for mission-critical data that can be accessed by all the EC2 instances simultaneously. The solution must be highly scalable, easy to implement, and support the NFS protocol
Which solution meets these requirements?
- A . Create an Amazon EFS file system Configure a mount target in each Availability Zone. Attach each instance to the appropriate mount target
- B . Create an additional EC2 instance and configure it as a file server Create a security group that allows communication between the instances and apply that to the additional instance.
- C . Create an Amazon S3 bucket with the appropriate permissions Create a role in AWS IAM that grants the correct permissions to the S3 bucket. Attach the role to the EC2 instances that need access to the data
- D . Create an Amazon EBS volume with the appropriate permissions. Create a role in AWS IAM that grants the correct permissions to the EBS volume. Attach the role to the EC2 instances that need access to the data.
A company has an application that calls AWS Lambda functions. A recent code review found database credentials stored in the source code. The database credentials needs to be removed from the Lambda source code. The credentials must then be securely stored and rotated on a on-going basis to meet security policy requirements.
What should a solutions architect recommend meet these requirements?
- A . Store the password in AWS CloudHSM. Associate the Lambda function with a role that can review the password from CloudHSM given key ID.
- B . Store the password in AWS Secrets Manager . A associate the Lambda function with a role that can retrieve the password from secrets Manager given its secret ID.
- C . Move the database password to an environment variable associate the Lambda function Retrieve the password from the environment variable upon execution.
- D . Store the password in AWS Key Management Service (AWS KMS). Associate the Lambda function with a role that can retrieve the password from AWS KMS given its key ID.
A company is migrating a large, mission-critical database to AWS. A solutions architect has decided to use an Amazon RDS for MySQL Multi-AZ DB instance that Is deployed with 80,000 Provisioned IOPS for storage. The solutions architect is using AWS Database Migration Service (AWS DMS) to perform the data migration. The migration is taking longer than expected, and the company wants to speed up the process. The company’s network team has ruled out bandwidth as a limiting factor.
Which actions should the solutions architect take to speed up the migration? (Select TWO.)
- A . Disable Multi-AZ on the target DB instance.
- B . Create a new DMS instance that has a larger instance size.
- C . Turn off logging on the target DB instance until the initial load is complete.
- D . Restart the DMS task on a new DMS instance with transfer acceleration enabled.
- E . Change the storage type on the target DB instance to Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2).