• Home
  • Articles
  • Latest Mar 25, 2022 SAA-C02 Brain Dump A Study Guide with Tips & Tricks for passing Exam [Q59-Q78]

Latest Mar 25, 2022 SAA-C02 Brain Dump A Study Guide with Tips & Tricks for passing Exam [Q59-Q78]

Share

Latest Mar 25, 2022 SAA-C02 Brain Dump: A Study Guide with Tips & Tricks for passing Exam

SAA-C02 Question Bank: Free PDF Download Recently Updated Questions


How to study the Amazon SAA-C02 Exam

The AWS Solutions Architect Associate SAA-C02 certification exam is not an easy one and requires long-term training. You should begin preparing for the test early so that you have an ample amount of time to cover all the domains. Benefit from the official preparation tools offered by Amazon, including training courses, hands-on labs, guides, sample questions, among others. You can also easily find the relevant study materials for this test on alternative online platforms. Besides, we strongly recommend that you use exam dumps and practice exams to get familiar with the exam questions and avoid being overwhelmed during your actual test.

According to AWS, there is no better preparation for AWS Solutions Architect Associate SAA-C02 Exam than hands-on experience. To assist you in learning additional knowledge and skills to prepare for certification, there are several related AWS training courses and other tools. For information on the skills tested during the certification test, please check the assessment guide on the official website of Amazon Web Services. All links to the resources are available in the References section, at the end of this document.

 

NEW QUESTION 59
A company has a service that produces event dat
a. The company wants to use AWS to process the event data as it is received. The data is written in a specific order that must be maintained throughout processing The company wants to implement a solution that minimizes operational overhead.
How should a solutions architect accomplish this?

  • A. Create an Amazon Simple Queue Service (Amazon SQS) FIFO queue to hold messages Set up an AWS Lambda function to process messages from the queue
  • B. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process Configure an AWS Lambda function as a subscriber.
  • C. Create an Amazon Simple Queue Service (Amazon SQS) standard queue to hold messages. Set up an AWS Lambda function to process messages from the queue independently
  • D. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process. Configure an Amazon Simple Queue Service (Amazon SQS) queue as a subscriber.

Answer: A

 

NEW QUESTION 60
A solution architect has created two IAM policies: Policy1 and Policy2. Both policies are attached to an IAM group.

A cloud engineer is added as an IAM user to the IAM group. Which action will the cloud engineer be able to perform?

  • A. Deleting IAM users
  • B. Deleting directories
  • C. Deleting Amazon EC2 instances
  • D. Deleting logs from Amazon CloudWatch Logs

Answer: C

 

NEW QUESTION 61
A solutions architect is designing storage for a high performance computing (HPC) environment based on Amazon Linux.
The workload stores and processes a large amount of engineering drawings that require shared storage and heavy computing.
Which storage option would be the optimal solution?

  • A. Amazon Elastic File System (Amazon EFS)
  • B. Amazon FSx for Lustre
  • C. Amazon EBS Provisioned IOPS SSD (io1)
  • D. Amazon EC2 instance store

Answer: B

Explanation:
https://d1.awsstatic.com/whitepapers/AWS%20Partner%20Network_HPC%20Storage%20Option s_2019_FINAL.pdf (p.8)

 

NEW QUESTION 62
A company has a dynamic web application hosted on two Amazon EC2 instances. The company has its own SSL certificate, which is on each instance to perform SSL termination.
There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit.
What should a solutions architect do to increase the application's performance?

  • A. Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.
  • B. Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.
  • C. Create an Amazon S3 bucket. Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference the bucket for SSL termination.
  • D. Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to direct connections to the existing EC2 instances.

Answer: A

 

NEW QUESTION 63
A company is performing an AWS Well-Architected Framework review of an existing workload deployed on AWS. The review identified a public-facing website running on the same Amazon EC2 instance as a Microsoft Active Directory domain controller that was install recently to support other AWS services. A solutions architect needs to recommend a new design that would improve the security of the architecture and minimize the administrative demand on IT staff.
What should the solutions architect recommend?

  • A. Use AWS Directory Service to create an Active Directory connector. Proxy Active Directory requests to the Active domain controller running on the current EC2 instance.
  • B. Enable AWS Single Sign-On (AWS SSO) with Security Assertion Markup Language (SAML) 2.0 federation with the current Active Directory controller. Modify the EC2 instance's security group to deny public access to Active Directory.
  • C. Create another EC2 instance in the same subnet and reinstall Active Directory on it. Uninstall Active Directory.
  • D. Use AWS Directory Service to create a managed Active Directory. Uninstall Active Directory on the current EC2 instance.

Answer: D

Explanation:
Explanation
AWS Managed Microsoft AD
AWS Directory Service lets you run Microsoft Active Directory (AD) as a managed service. AWS Directory Service for Microsoft Active Directory, also referred to as AWS Managed Microsoft AD, is powered by Windows Server 2012 R2. When you select and launch this directory type, it is created as a highly available pair of domain controllers connected to your virtual private cloud (VPC). The domain controllers run in different Availability Zones in a region of your choice. Host monitoring and recovery, data replication, snapshots, and software updates are automatically configured and managed for you.
https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html

 

NEW QUESTION 64
You are looking at ways to improve some existing infrastructure as it seems a lot of engineering resources are being taken up with basic management and monitoring tasks and the costs seem to be excessive. You are thinking of deploying Amazon ElasticCache to help. Which of the following statements is true in regards to ElasticCache?

  • A. You can improve load and response times to user actions and queries however the cost associated with scaling web applications will be more.
  • B. You can improve load and response times to user actions and queries however the cost associated with scaling web applications will remain the same.
  • C. You can't improve load and response times to user actions and queries but you can reduce the cost associated with scaling web applications.
  • D. You can improve load and response times to user actions and queries and also reduce the cost associated with scaling web applications.

Answer: D

Explanation:
Amazon ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud. Amazon ElastiCache improves the performance of web applications by allowing you to retrieve information from a fast, managed, in-memory caching system, instead of relying entirely on slower disk-based databases. The service simplifies and offloads the management, monitoring and operation of in-memory cache environments, enabling your engineering resources to focus on developing applications. Using Amazon ElastiCache, you can not only improve load and response times to user actions and queries, but also reduce the cost associated with scaling web applications.
Reference: https://aws.amazon.com/elasticache/faqs/

 

NEW QUESTION 65
A company runs a high performance computing (HPC) workload on AWS. The workload required low-latency network performance and high network throughput with tightly coupled node-to-node communication. The Amazon EC2 instances are properly sized for compute and storage capacity, and are launched using default options.
What should a solutions architect propose to improve the performance of the workload'?

  • A. Choose an Elastic Inference accelerator while launching Amazon EC2 instances
  • B. Choose dedicated instance tenancy while launching Amazon EC2 instances
  • C. Choose a cluster placement group while launching Amazon EC2 instances
  • D. Choose the required capacity reservation while launching Amazon EC2 instances.

Answer: C

 

NEW QUESTION 66
A company is planning to migrate a business-critical dataset to Amazon S3. The current solution design uses a single S3 bucket in the us-east-1 Region with versioning enabled to store the dataset. The company's disaster recovery policy states that all data multiple AWS Regions.
How should a solutions architect design the S3 solution?

  • A. Create an additional S3 bucket with versioning in another Region and configure cross-Region replication.
  • B. Create an additional S3 bucket in another Region and configure cross-origin resource sharing (CORS).
  • C. Create an additional S3 bucket with versioning in another Region and configure cross-origin resource (CORS).
  • D. Create an additional S3 bucket in another Region and configure cross-Region replication.

Answer: A

Explanation:
Object Versioning
Use Amazon S3 Versioning to keep multiple versions of an object in one bucket. For example, you could store my-image.jpg (version 111111) and my-image.jpg (version 222222) in a single bucket. S3 Versioning protects you from the consequences of unintended overwrites and deletions. You can also use it to archive objects so that you have access to previous versions.
You must explicitly enable S3 Versioning on your bucket. By default, S3 Versioning is disabled. Regardless of whether you have enabled Versioning, each object in your bucket has a version ID. If you have not enabled Versioning, Amazon S3 sets the value of the version ID to null. If S3 Versioning is enabled, Amazon S3 assigns a version ID value for the object. This value distinguishes it from other versions of the same key.
Enabling and suspending versioning is done at the bucket level. When you enable versioning on an existing bucket, objects that are already stored in the bucket are unchanged. The version IDs (null), contents, and permissions remain the same. After you enable S3 Versioning for a bucket, each object that is added to the bucket gets a version ID, which distinguishes it from other versions of the same key.
Cross-origin resource sharing (CORS)
Cross-origin resource sharing (CORS) defines a way for client web applications that are loaded in one domain to interact with resources in a different domain. With CORS support, you can build rich client-side web applications with Amazon S3 and selectively allow cross-origin access to your Amazon S3 resources.
https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectVersioning.html
https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html

 

NEW QUESTION 67
A company runs an application on an Amazon EC2 instance Backed by Amazon Elastic Block Store (Amazon EBS).
The instance needs to be available for 12 hours daily.
The company wants to save costs by making the instance unavailable outside the window required for the application.
However the contents of the instance's memory must be preserved whenever the instance is unavailable.
What should a solutions architect do lo meet this requirement?

  • A. Hibernate tie instance outside the application's availability window.
    Start up the instance again when required.
  • B. Stop the instance outside the application's availability window.
    Start up the Instance again when required.
  • C. Terminate the instance outside the application's availability window.
    Launch the instance by using a preconfigured Amazon Machine Image (AMI) when required.
  • D. Use Auto Scaling to scale down the instance outside the application's availability window.
    Scale up the instance when required.

Answer: A

 

NEW QUESTION 68
A company runs an internet-facing web application on AWS. The company uses Amazon Route 53 for DNS management and has a public hosted zone lo route traffic from the internet to the application. The company wants to tog DNS response codes to help system administrators perform any root cause analysis in the future.
Which solution will meet these requirements?

  • A. Use Route 53 to configure query togging
  • B. Use AWS CloudTrail lo record ail Route 53 queries
  • C. Use Amazon CloudWatch to record and process Route 53 metrics
  • D. Use AWS Trusted Advisor to perform on-demand root cause analysis

Answer: A

 

NEW QUESTION 69
A company is deploying an application that processes large quantities of data in parallel. The company plans to use Amazon EC2 instances for the workload The network architecture must be configurable to provide the lowest possible latency between nodes Which combination of network solutions will meet these requirements? (Select TWO )

  • A. Run the EC2 instances in a cluster placement group
  • B. Attach an Elastic Fabric Adapter (EFA) to each EC2 instance
  • C. Distribute the EC2 instances across multiple Availability Zones
  • D. Use Amazon Elastic Block Store (Amazon EBS) optimized instance types
  • E. Place the EC2 instances in a single Availability Zone

Answer: A,E

 

NEW QUESTION 70
A company has been storing analytics data in an Amazon RDS instance for the past few years. The company asked a solutions architect to find a solution that allows users to access this data using an API The expectation is that the application will experience periods of inactivity but could receive bursts of traffic within seconds Which solution should the solutions architect suggest?

  • A. Set up an Amazon API Gateway and use AWS Lambda functions
  • B. Set up an Amazon API Gateway and use Amazon EC2 with Auto Scaling
  • C. Set up an Amazon API Gateway and use AWS Elastic Beanstalk.
  • D. Set up an Amazon API Gateway and use Amazon ECS.

Answer: A

Explanation:
Explanation
AWS Lambda
With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app.

Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications. API Gateway supports containerized and serverless workloads, as well as web applications.
API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, CORS support, authorization and access control, throttling, monitoring, and API version management. API Gateway has no minimum fees or startup costs. You pay for the API calls you receive and the amount of data transferred out and, with the API Gateway tiered pricing model, you can reduce your cost as your API usage scales.
https://aws.amazon.com/lambda/
https://aws.amazon.com/api-gateway/

 

NEW QUESTION 71
A solutions architect is designing an architecture to run a third-party database server. The database software Is memory intensive and has a CPU-based licensing model where the cost Increases with the number of vCPU cores within the operating system. The solutions architect must select an Amazon EC2 instance with sufficient memory to run the database software, but the selected instance has a large number of vCPUs. The solutions architect must ensure that the vCPUs will not be underutilized and must minimize costs.
Which solution meets these requirements?

  • A. Select and launch a smaller EC2 instance with an appropriate number of vCPUs.
  • B. Create a new EC2 instance and ensure multithreading is enabled when configuring the instance details.
  • C. Configure the CPU cores and threads on the selected EC2 instance during instance launch
  • D. Create a new Capacity Reservation and select the appropriate instance type Launch the instance into this new Capacity Reservation

Answer: A

 

NEW QUESTION 72
A medical company is designing a new application that gathers symptoms from patients The company has decided to use Amazon Simple Queue Service (Amazon SQS) and Amazon Simple Notification Service (Amazon SNS) in the architecture
A solutions architect is reviewing the infrastructure design Data must be encrypted while at rest and in transit Only authorized personnel of the company can access the data
Which combination of steps should the solutions architect take to meet these requirements'? (Select TWO )

  • A. Turn on server-side encryption on the SNS components by using a custom CMK Apply a key policy to restrict key usage to a set of authorized principals
  • B. Turn on server-side encryption on the SQS components by using a custom CMK. Apply an 1AM policy to restrict key usage to a set of authorized principals Set a condition in the queue policy to allow only encrypted connections over TLS.
  • C. Turn on server-side encryption on the SQS components Update the default key policy to restrict key usage to a set of authorized principals
  • D. Turn on server-side encryption on the SQS components by using a custom CMK. Apply a key policy to restrict key usage to a set of authonzed pnncipals Set a condition in the queue policy to allow only encrypted connections over TLS.
  • E. Turn on encryption on the SNS components Update the default key policy to restrict key usage to a set of authorized principals Set a condition in the topic policy to allow only encrypted connections over TLS.

Answer: D,E

 

NEW QUESTION 73
A company has application running on Amazon EC2 instances in a VPC. One of the applications needs to call an Amazon S3 API to store and read objects. The company's security policies restrict any internet-bound traffic from the applications.
Which action will fulfill these requirements and maintain security?

  • A. Create an S3 bucket in the same Region as the EC2 instance.
  • B. Create an S3 bucket in a private subnet.
  • C. Configure an S3 interface endpoint.
  • D. Configure an S3 gateway endpoint.

Answer: C

Explanation:
VPC endpoints
A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network.
An interface endpoint is an elastic network interface with a private IP address from the IP address range of your subnet that serves as an entry point for traffic destined to a supported service. Interface endpoints are powered by AWS PrivateLink, a technology that enables you to privately access services by using private IP addresses. AWS PrivateLink restricts all network traffic between your VPC and services to the Amazon network. You do not need an internet gateway, a NAT device, or a virtual private gateway.
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html

 

NEW QUESTION 74
A company's web application is using multiple Linux Amazon EC2 instances and storing data on Amazon EBS volumes. The company is looking for a solution to increase the resiliency of the application in case of a failure and to provide storage that complies with atomicity, consistency, isolation, and durability (ACID).
What should a solutions architect do to meet these requirements?

  • A. Create an Application Load Balancer with Auto Scaling groups across multiple Availability Zones Mount an instance store on each EC2 instance
  • B. Launch the application on EC2 instances in each Availability Zone. Attach EBS volumes to each EC2 instance.
  • C. Create an Application Load Balancer with Auto Scaling groups across multiple Availability Zones. Store data on Amazon EFS and mount a target on each instance.
  • D. Create an Application Load Balancer with Auto Scaling groups across multiple Availability Zones Store data using Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)

Answer: C

 

NEW QUESTION 75
A solutions architect has created a new AWS account and must secure AWS account root user access Which combination of actions will accomplish this? (Select TWO.)

  • A. Add the root user to a group containing administrative permissions.
  • B. Store root user access keys in an encrypted Amazon S3 bucket
  • C. Ensure the root user uses a strong password
  • D. Apply the required permissions to the root user with an inline policy document
  • E. Enable multi-factor authentication to the root user

Answer: C,E

 

NEW QUESTION 76
A company is building its web application using containers on AWS. The company requires three instances of the web application to run at all times. The application must be able to scale to meet increases in demand.
Management is extremely sensitive to cost but agrees that the application should be highly available.
What should a solutions architect recommend?

  • A. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Fargate launch type with one container instance in three different Availability Zones. Create a task definition for the web application. Create an ECS service with a desired count of three tasks.
  • B. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Amazon EC2 launch type with one container instance in two different Availability Zones. Create a task definition for the web application. Place two tasks on one container instance and one task on the remaining container instance.
  • C. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Amazon EC2 launch type with three container instances in one Availability Zone. Create a task definition for the web application.
    Place one task for each container instance.
  • D. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Fargate launch type.
    Create a task definition for the web application. Create an ECS service with a desired count of three tasks.

Answer: D

 

NEW QUESTION 77
A company is developing a mobile game that streams score updates to a backend processor and then posts results on a leaderboard. A solutions architect needs to design a solution that can handle large traffic spikes, process the mobile game updates in order of receipt, and store the processed updates in a highly available database. The company also wants to minimize the management overhead required to maintain the solution.
What should the solutions architect do to meet these requirements?

  • A. Push score updates to Amazon Kinesis Data Streams. Process the updates in Kinesis Data Streams with AWS Lambda. Store the processed updates in Amazon DynamoDB.
  • B. Push score updates to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe an AWS Lambda function to the SNS topic to process the updates. Store the processed updates in a SOL database running on Amazon EC2.
  • C. Push score updates to an Amazon Simple Queue Service (Amazon SOS) queue. Use a fleet of Amazon EC2 instances with Auto Scaling to process the updates in the SQS queue. Store the processed updates in an Amazon RDS Multi-AZ DB instance.
  • D. Push score updates to Amazon Kinesis Data Streams. Process the updates with a fleet of Amazon EC2 instances set up for Auto Scaling. Store the processed updates in Amazon Redshifl.

Answer: D

 

NEW QUESTION 78
......


Topics of Amazon SAA-C02 Exam

For the candidates to appear in the exam, they need to know the examination contents. This overview of material contains only weightings, test regions, and targets. The content of this examination is a detailed list. The following contents will be included in the AWS Solutions Architect Associate SAA-C02 Exam:

1. Resilient Architectures Design (30%)

This section constitutes of the following subtopics:

  • Multi-tier architecture solution designing
  • Using AWS services to design decoupling mechanisms
  • Fault-tolerant/ High Availability architecture designing
  • Choosing adequate storage that is resilient

2. High-Performing Architectures Designing (28%)

This section constitutes of the following subtopics:

  • Picking high-performing workload networking solutions
  • Selecting high-performing workload database solutions
  • Picking options for high-performance and flexible storage for a workload
  • Identifying workload elastic and flexible computing solutions

3. Secure Architectures and Application Designing (24%)

This section constitutes of the following subtopics:

  • Modeling safe access to resources from AWS
  • Selecting suitable options for data security
  • Designing stable tiers of applications

4. Cost-Optimized Architectures Designing(18%)

This section constitutes of the following subtopics:

  • Identifying cost-effective options for storage
  • Building cost-optimized architectures for networks
  • Identification of cost-effective computing and database resources

 

New SAA-C02 Exam Dumps with High Passing Rate: https://passitsure.itcertmagic.com/Amazon/real-SAA-C02-exam-prep-dumps.html

Related Articles

more
Amazon SAA-C02 Certification Practice Exam