What Simulation SAA-C02 Free Practice Test Is

Your success in Amazon-Web-Services SAA-C02 is our sole target and we develop all our SAA-C02 braindumps in a way that facilitates the attainment of this target. Not only is our SAA-C02 study material the best you can find, it is also the most detailed and the most updated. SAA-C02 Practice Exams for Amazon-Web-Services Amazon-Web-Services Other Exam SAA-C02 are written to the highest standards of technical accuracy.

Amazon-Web-Services SAA-C02 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
A company is hosting a website behind multiple Application Load Balancers. The company has different distribution rights for its content around the world. A solutions architect needs to ensure that users are served the correct content without violating distribution rights.
Which configuration should the solutions architect choose to meet these requirements?
D18912E1457D5D1DDCBD40AB3BF70D5D

  • A. Configure Amazon CloudFront with AWS WAF.
  • B. Configure Application Load Balancers with AWS WAF.
  • C. Configure Amazon Route 53 with a geolocation policy.
  • D. Configure Amazon Route 53 with a geoproximity routing policy.

Answer: C

NEW QUESTION 2
A gaming company has multiple Amazon EC2 instances in a single Availability Zone for its multiplayer game that communicates with users on Layer 4 The chief technology officer (CTO) wants to make the architecture highly available and cost-effective.
What should a solutions architect do to meet these requirements? (Select TWO.)

  • A. Increase the number of EC2 instances.
  • B. Decrease the number of EC2 instances
  • C. Configure a Network Load Balancer in front of the EC2 instances.
  • D. Configure an Application Load Balancer in front of the EC2 instances
  • E. Configure an Auto Scaling group to add or remove instances in multiple Availability Zones automatically.

Answer: CE

NEW QUESTION 3
A solutions architect is designing the cloud architecture for a new application being deployed on AWS The process should run in parallel while adding and removing application nodes as needed based on the number of jobs to be processed The processor application is stateless The solutions architect must ensure that the application is loosely coupled and the job items are durably stored
Which design should the solutions architect use?

  • A. Create an Amazon SNS topic to send the jobs that need to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch configuration that uses the AMI Create an Auto Scaling group using the launch configuration Set the scaling policy for the Auto Scaling group to add and remove nodes based on CPU usage
  • B. Create an Amazon SQS queue to hold the jobs that need to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch configuration that uses the AMI Create an Auto Scaling group using the launch configuration Set the scaling policy for the Auto Scaling group to add and remove nodes based on network usage
  • C. Create an Amazon SQS queue to hold the jobs that needs to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch template that uses the AMI Create an Auto Scaling group using the launch template Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of items in the SQS queue
  • D. Create an Amazon SNS topic to send the jobs that need to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch template that uses the AMI Create an Auto Scaling group using the launch template Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of messages published to the SNS topic.

Answer: C

NEW QUESTION 4
A solutions architect is designing a solution where users will De directed to a backup static error page it the primary website is unavailable The primary website's DNS records are hosted in Amazon Route 53 where their domain is pointing to an Application Load Balancer (ALB)
Which configuration should the solutions architect use to meet the company's needs while minimizing changes and infrastructure overhead?

  • A. Point a Route 53 alias record to an Amazon CloudFront distribution with the ALB as one of its origins Then, create custom error pages for the distribution
  • B. Set up a Route 53 active-passive failover configuration Direct traffic to a static error page hosted within an Amazon S3 bucket when Route 53 health checks determine that the ALB endpoint is unhealthy
  • C. Update the Route 53 record to use a latency-based routing policy Add the backup static error page hosted within an Amazon S3 bucket to the record so the traffic is sent to the most responsive endpoints
  • D. Set up a Route 53 active-active configuration with the ALB and an Amazon EC2 instance hosting a static error page as endpoints Route 53 will only send requests to the instance if the health checks fail for the ALB

Answer: B

NEW QUESTION 5
A company hosts a static website on-premises and wants to migrate the website to AWS The website should load as quickly as possible for users around the world The company also wants the most cost-effective solution
What should a solutions architect do to accomplish this?

  • A. Copy the website content to an Amazon S3 bucket Configure the bucket to serve static webpage content Replicate the S3 bucket to multiple AWS Regions
  • B. Copy the website content to an Amazon S3 bucket Configure the bucket to serve static webpage content Configure Amazon CloudFront with the S3 bucket as the origin
  • C. Copy the website content to an Amazon EBS-backed Amazon EC2 instance running Apache HTTP Server Configure Amazon Route 53 geolocation routing policies to select the closest origin
  • D. Copy the website content to multiple Amazon EBS-backed Amazon EC2 instances running Apache HTTP Server in multiple AWS Regions Configure Amazon CloudFront geolocation routing policies to select the closest origin

Answer: B

NEW QUESTION 6
A company has on-premises servers running a relational database The current database serves high read traffic for users in different locations The company wants to migrate to AWS with the least amount of effort The database solution should support disaster recovery and not affect the company's current traffic flow.
Which solution meets these requirements?

  • A. Use a database in Amazon RDS with Multi-AZ and at least one read replica
  • B. Use a database in Amazon RDS with Multi-AZ and at least one standby replica
  • C. Use databases hosted on multiple Amazon EC2 instances in different AWS Regions
  • D. Use databases hosted on Amazon EC2 instances behind an Application Load Balancer in different Availability Zones

Answer: A

NEW QUESTION 7
A solutions architect has created a new AWS account and must secure AWS account root user access Which combination of actions will accomplish this? (Select TWO.)

  • A. Ensure the root user uses a strong password
  • B. Enable multi-factor authentication to the root user
  • C. Store root user access keys in an encrypted Amazon S3 bucket
  • D. Add the root user to a group containing administrative permissions.
  • E. Apply the required permissions to the root user with an inline policy document

Answer: AB

Explanation:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html

NEW QUESTION 8
A company runs an application in a branch office within a small data closet with no virtualized compute resources. The application data is stored on an NFS volume. Compliance standards require a daily offsite backup of the NFS volume.
Which solution meet these requirements?

  • A. Install an AWS Storage Gateway file gateway on premises to replicate the data to Amazon S3.
  • B. Install an AWS Storage Gateway file gateway hardware appliance on premises to replicate the data to Amazon S3.
  • C. Install an AWS Storage Gateway volume gateway with stored volumes on premises to replicate the data to Amazon S3.
  • D. Install an AWS Storage Gateway volume gateway with cached volumes on premises to replicate the data to Amazon S3.

Answer: C

NEW QUESTION 9
A company runs an internal browser-based application The application runs on Amazon EC2 instances behind an Application Load Balancer The instances run in an Amazon EC2 Auto Scaling group across multiple Availability Zones The Auto Scaling group scales up to 20 instances during work hours, but scales down to 2 instances overnight Staff are complaining that the application is very slow when the day begins, although it runs well by mid-morning.
How should the scaling be changed to address the staff complaints and keep costs to a minimum?

  • A. Implement a scheduled action that sets the desired capacity to 20 shortly before the office opens
  • B. Implement a step scaling action triggered at a lower CPU threshold, and decrease the cooldown period.
  • C. Implement a target tracking action triggered at a lower CPU threshold and decrease the cooldown period
  • D. Implement a scheduled action that sets the minimum and maximum capacity to 20 shortly before the office opens

Answer: B

NEW QUESTION 10
A company allows its developers to attach existing 1AM policies to existing 1AM roles to enable (aster experimentation and agility However the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies
How should a solutions architect address this issue?

  • A. Create an Amazon SNS topic to send an alert every time a developer creates a new policy
  • B. Use service control policies to disable IAM activity across all accounts in the organizational unit
  • C. Prevent the developers from attaching any policies and assign all 1AM duties to the security operations team
  • D. Set an IAM permissions boundary on the developer 1AM role that explicitly denies attaching the administrator policy

Answer: D

Explanation:
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html

NEW QUESTION 11
A Solutions Architect must design a web application that will be hosted on AWS, allowing users to purchase access to premium, shared content that is stored in an S3 bucket. Upon payment, content will be available for download for 14 days before the user is denied access
Which of the following would be the LEAST complicated implementation?

  • A. Use an Amazon CloudFront distribution with an origin access identity (OAI) Configure the distribution with an Amazon S3 origin to provide access to the file through signed URL’s Design a Lambda function to remove data that is older than 14 days.
  • B. Use an S3 bucket and provide direct access to the tile Design the application to track purchases in a DynamoDH tableConfigure a Lambda function to remove data that is older than 14 days based on a query to Amazon DynamoDB
  • C. Use an Amazon CloudFront distribution with an OAI Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs Design the application to sot an expiration of 14 days for the URL
  • D. Use an Amazon CloudFront distribution with an OAI Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs Design the application to set an expiration of 60 minutes for the URL and recreate the URL as necessary

Answer: C

NEW QUESTION 12
A company's production application runs online transaction processing (OLTP) transactions on an Amazon RDS MySQL DB instance The company is launching a new reporting tool that will access the same data The reporting tool must be highly available and not impact the performance of the production application
How can this be achieved'?

  • A. Create hourly snapshots of the production RDS DB instance
  • B. Create a Multi-AZ RDS Read Replica of the production RDS DB instance
  • C. Create multiple RDS Read Replicas of the production RDS DB instance Place the Read Replicas in an Auto Scaling group
  • D. Create a Single-AZ RDS Read Replica of the production RDS DB instance Create a second Single-AZ RDS Read Replica from the replica

Answer: B

NEW QUESTION 13
A solutions architect at an ecommerce company wants to back up application log data to Amazon S3 The solutions architect is unsure how frequently the logs will be accessed or which logs will be accessed the most The company wants to keep costs as low as possible by using the appropriate S3 storage class.
Which S3 storage class should be implemented to meet these requirements?

  • A. S3 Glacier
  • B. S3 Intelligent-Tiering
  • C. S3 Standard-Infrequent Access (S3 Standard-IA)
  • D. S3 One Zone-Infrequent Access (S3 One Zone-IA)

Answer: D

Explanation:
S3 One Zone-IA is for data that is accessed less frequently, but requires rapid access when needed. Unlike other S3 Storage Classes which store data in a minimum of three Availability Zones (AZs), S3 One Zone-IA stores data in a single AZ and costs 20% less than S3 Standard-IA. S3 One Zone-IA is ideal for customers who want a lower-cost option for infrequently accessed data but do not require the availability and resilience of S3 Standard or S3 Standard-IA. It’s a good choice for storing secondary backup copies of on-premises data or easily re-creatable data. You can also use it as cost-effective storage for data that is replicated from another AWS Region using S3 Cross-Region Replication.

NEW QUESTION 14
A recently acquired company is required to buikl its own infrastructure on AWS and migrate multiple applications to the cloud within a month Each application has approximately 50 TB of data to be transferred After the migration is complete this company and its parent company will both require secure network connectivity with consistent throughput from their data centers to the applications A solutions architect must ensure one-time data migration and ongoing network connectivity
Which solution will meet these requirements''

  • A. AWS Direct Connect for both the initial transfer and ongoing connectivity
  • B. AWS Site-to-Site VPN for both the initial transfer and ongoing connectivity
  • C. AWS Snowball for the initial transfer and AWS Direct Connect for ongoing connectivity
  • D. AWS Snowball for the initial transfer and AWS Site-to-Site VPN for ongoing connectivity

Answer: C

NEW QUESTION 15
A marketing company is storing CSV files in an Amazon S3 bucket for statistical analysis An application on an Amazon EC2 instance needs permission to efficiently process the CSV data stored in the S3 bucket.
Which action will MOST securely grant the EC2 instance access to the S3 bucket?

  • A. Attach a resource-based policy to the S3 bucket
  • B. Create an 1AM user for the application with specific permissions to the S3 bucket
  • C. Associate an 1AM role with least privilege permissions to the EC2 instance profile
  • D. Store AWS credentials directly on the EC2 instance for applications on the instance to use for API calls

Answer: C

NEW QUESTION 16
A manufacturing company wants to implement predictive maintenance on its machinery equipment The company will install thousands of loT sensors that will send data to AWS in real time A solutions architect is tasked with implementing a solution that will receive events in an ordered manner for each machinery asset and ensure that data is saved for further processing at a later time
Which solution would be MOST efficient?

  • A. Use Amazon Kinesis Data Streams for real-time events with a partition for each equipment asset Use Amazon Kinesis Data Firehose to save data to Amazon S3
  • B. Use Amazon Kinesis Data Streams for real-time events with a shard for each equipment asset Use Amazon Kinesis Data Firehose to save data to Amazon EBS
  • C. Use an Amazon SQS FIFO queue for real-time events with one queue for each equipment asset Trigger an AWS Lambda function for the SQS queue to save data to Amazon EFS
  • D. Use an Amazon SQS standard queue for real-time events with one queue for each equipment asset Trigger an AWS Lambda function from the SQS queue to save data to Amazon S3

Answer: A

NEW QUESTION 17
A company’s website is using an Amazon RDS MySQL Multi-AZ DB instance for its transactional data storage.
There are other internal systems that query this DB instance to fetch data for internal batch processing. The RDS DB instance slows down significantly the internal systems fetch data. This impacts the website’s read and write performance, and the users experience slow response times.
Which solution will improve the website's performance?

  • A. Use an RDS PostgreSQL DB instance instead of a MySQL database.
  • B. Use Amazon ElastiCache to cache the query responses for the website.
  • C. Add an additional Availability Zone to the current RDS MySQL Multi.AZ DB instance.
  • D. Add a read replica to the RDS DB instance and configure the internal systems to query the read replica.

Answer: D

NEW QUESTION 18
A company's website is used to sell products to the public The site runs on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB) There is also an Amazon CloudFront distribution and AWS WAF is being used to protect against SQL injection attacks The ALB is the origin for the CloudFront distribution A recent review of security logs revealed an external malicious IP that needs to be blocked from accessing the website
What should a solutions architect do to protect the application"?

  • A. Modify the network ACL on the CloudFront distribution to add a deny rule for the malicious IP address
  • B. Modify the configuration of AWS WAF to add an IP match condition to block the malicious IP address
  • C. Modify the network ACL for the EC2 instances in the target groups behind the ALB to deny the malicious IP address
  • D. Modify the security groups for the EC2 instances in the target groups behind the ALB to deny the malicious IP address

Answer: B

NEW QUESTION 19
A solutions architect is implementing a document review application using an Amazon S3 bucket for storage
The solution must prevent accidental deletion of the documents and ensure that all versions of the documents are available Users must be able to download, modify, and upload documents
Which combination of actions should be taken to meet these requirements'? (Select TWO )

  • A. Enable a read-only bucket ACL
  • B. Enable versioning on the bucket
  • C. Attach an 1AM policy to the bucket
  • D. Enable MFA Delete on the bucket
  • E. Encrypt the bucket using AWS KMS

Answer: BD

NEW QUESTION 20
A web application is deployed in the AWS Cloud It consists of a two-tier architecture that includes a web layer and a database layer The web server is vulnerable to cross-site scripting (XSS) attacks
What should a solutions architect do to remediate the vulnerability?

  • A. Create a Classic Load Balancer Put the web layer behind the load balancer and enable AWS WAF
  • B. Create a Network Load Balancer Put the web layer behind the load balancer and enable AWS WAF
  • C. Create an Application Load Balancer Put the web layer behind the load balancer and enable AWS WAF
  • D. Create an Application Load Balancer Put the web layer behind the load balancer and use AWS Shield Standard

Answer: C

NEW QUESTION 21
A company currently operates a web application backed by an Amazon RDS MySQL database It has automated backups that are run daily and are not encrypted A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed The company will make at least one encrypted backup before destroying the old backups
What should be done to enable encryption for future backups''

  • A. Enable default encryption for the Amazon S3 bucket where backups are stored
  • B. Modify the backup section of the database configuration to toggle the Enable encryption check box
  • C. Create a snapshot of the database Copy it to an encrypted snapshot Restore the database from the encrypted snapshot
  • D. Enable an encrypted read replica on RDS for MySQL Promote the encrypted read replica to primary Remove the original database instance

Answer: C

NEW QUESTION 22
......

P.S. Easily pass SAA-C02 Exam with 80 Q&As Certshared Dumps & pdf Version, Welcome to Download the Newest Certshared SAA-C02 Dumps: https://www.certshared.com/exam/SAA-C02/ (80 New Questions)