SAA-C02 Online Practice Questions and Answers

A company runs multiple Amazon EC2 Linux instances in a VPC across two Availability Zones The instances host applications that use a hierarchical directory structure The applications need to read and write rapidly and concurrently to shared storage

What should a solutions architect do to meet these requirements?

A. Create an Amazon S3 bucket Allow access from all the EC2 instances in the VPC

B. Create an Amazon Elastic File System (Amazon EFS) file system Mount the EFS file system from each EC2 instance

C. Create a file system on a Provisioned IOPS SSD (io2) Amazon Elastic Block Store (Amazon EBS) volume Attach the EBS volume to all the EC2 instances

D. Create file systems on Amazon Elastic Block Store (Amazon EBS) volumes that are attached to each EC2 instance Synchronize the EBS volumes across the different EC2 instances

A company is building a website that relies on reading and writing to an Amazon DynamoDB database The website experiences high traffic during normal business hours, but the traffic declines drastically overnight and during weekends The company is concerned about operating costs

Which solution will meet the website's traffic demands MOST cost-effectively?

A. Enable DynamoDB Accelerator (DAX) to cache the data

B. Enable DynamoDB auto scaling when creating the tables.

C. Enable Multi-AZ replication for the DynamoDB database

D. Enable DynamoDB on-demand capacity allocation when creating the tables

A company hosts a three-tier web application that includes a PostgreSQL database The database stores the metadata from documents The company searches the metadata for key terms to retrieve documents that the company reviews in a report each month The documents are stored in Amazon S3 The documents are usually written only once, but they are updated frequency The reporting process takes a few hours with the use of relational queries The reporting process must not affect any document modifications or the addition of new documents.

What are the MOST operationally efficient solutions that meet these requirements? (Select TWO )

A. Set up a new Amazon DocumentDB (with MongoDB compatibility) cluster that includes a read replica Scale the read replica to generate the reports.

B. Set up a new Amazon RDS for PostgreSQL Reserved Instance and an On-Demand read replica Scale the read replica to generate the reports

C. Set up a new Amazon Aurora PostgreSQL DB cluster that includes a Reserved Instance and an Aurora Replica issue queries to the Aurora Replica to generate the reports.

D. Set up a new Amazon RDS for PostgreSQL Multi-AZ Reserved Instance Configure the reporting module to query the secondary RDS node so that the reporting module does not affect the primary node

E. Set up a new Amazon DynamoDB table to store the documents Use a fixed write capacity to support new document entries Automatically scale the read capacity to support the reports

A company has an application running on Amazon EC2 On-Demand Instances. The application does not scale, and the Instances run In one AWS Region. The company wants the flexibility to change the operating system from Windows to AWS Linux in the future. The company needs to reduce the cost of the instances without creating additional operational overhead or changes to the application What should the company purchase lo meet these requirements MOST cost-effectively?

A. Dedicated Hosts for the Instance type being used

B. A Compute Savings Plan for the instance type being used

C. An EC2 Instance Savings Plan (or the instance type being used

D. Convertible Reserved Instances tor the instance type being used

A team has an application that detects new objects being uploaded into an Amazon bucket. The upload a trigger AWS Lambda function to write metadata into an Amazon DynamoDB table and an Amazon RDS for PostgreSQL database. Which action should the team take to ensure high availability?

A. Enable Cross-Region Replication to ensure high availability

B. Create a Lambda function for each Availability Zone the application is deployed in

C. Enable Multi-AZ on the RDS PostgreSQL database.

D. Create a DynamoDB stream for the DynamoDB table

A company has a build server that is in an Auto Scaling group and often has multiple Linux instances running. The build server requires consistent shared NFS storage for jobs and configurations. Which storage option should a solution architect recommend?

A. Amazon S3

B. Amazon FSx

C. Amazon Elastic Block Store (Amazon EBS)

D. Amazon Elastic File System (Amazon EFS)

A company has created a VPC with multiple private subnets in multiple Availability Zones (AZs) and one public subnet in one of the AZs. The public subnet is used to launch a NAT gateway. There are instance in the private subnet that use a

NAT gateway to connect to the internet. In case of an AZ failure, the company wants to ensure that the instance are not all experiencing internet connectivity issues and that there is a backup plan ready.

Which solution should a solutions architect recommend that is MOST highly available?

A. Create a new public subnet with a NAT gateway in the same AZ Distribute the traffic between the two NAT gateways

B. Create an Amazon EC2 NAT instance in a now public subnet Distribute the traffic between the NAT gateway and the NAT instance

C. Create public subnets In each AZ and launch a NAT gateway in each subnet Configure the traffic from the private subnets In each A2 to the respective NAT gateway

D. Create an Amazon EC2 NAT instance in the same public subnet Replace the NAT gateway with the NAT instance and associate the instance with an Auto Scaling group with an appropriate scaling policy.

A company is concerned that two NAT instances in use will no longer be able to support the traffic needed for the company's application. A solutions architect wants to implement a solution that is highly available fault tolerant, and automatically scalable What should the solutions architect recommend?

A. Remove the two NAT instances and replace them with two NAT gateways in the same Availability Zone.

B. Use Auto Scaling groups with Network Load Balancers for the NAT instances in different Availability Zones.

C. Remove the two NAT instances and replace them with two NAT gateways in different Availability Zones.

D. Replace the two NAT instances with Spot Instances in different Availability Zones and deploy a Network Load Balancer.

A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB) The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures What should the solutions architect recommend?

A. Leverage Amazon CloudFront with the ALB endpoint as the origin

B. Deploy an appropriate managed rule for AWS WAF and associate it with the ALB

C. Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked

D. Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances

A company has an application that calls AWS Lambda functions. A recent code review found database credentials stored in the source code. The database credentials needs to be removed from the Lambda source code. The credentials must then be securely stored and rotated on a on-going basis to meet security policy requirements.

What should a solutions architect recommend meet these requirements?

A. Store the password in AWS CloudHSM Associate the Lambda function with a role that can retrieve the password from CloudHSM given its key ID

B. Store the password in AWS Secrets Manager . A associate the Lambda function with a role that can retrieve the password from secrets Manager given its secret ID.

C. Move the database password to an environment variable associated with the Lambda function Retrieve the password from the environment variable upon execution

D. Store the password in AWS Key Management Service (AWS KMS) Associate the Lambda function with a role that can retrieve the password from AWS KMS given its key ID