Login / Register   My Cart (0)

DumpsFree provides high-quality dumps PDF & dumps VCE for candidates who are willing to pass exams and get certifications soon. We provide dumps free download before purchasing dumps VCE. 100% pass exam!

All Products Contact now
  • Home
  • Articles
  • [Jun-2024] AWS-Solutions-Associate Exam Dumps, AWS-Solutions-Associate Practice Test Questions [Q313-Q329]

[Jun-2024] AWS-Solutions-Associate Exam Dumps, AWS-Solutions-Associate Practice Test Questions [Q313-Q329]

Share

[Jun-2024] AWS-Solutions-Associate Exam Dumps, AWS-Solutions-Associate Practice Test Questions

Attested AWS-Solutions-Associate Dumps PDF Resource [2024]


The AWS Certified Solutions Architect - Associate (SAA-C02) exam is a certification exam offered by Amazon Web Services (AWS) for professionals who want to validate their skills and knowledge in designing and deploying scalable, highly available, and fault-tolerant systems on the AWS platform. AWS-Solutions-Associate exam is intended for individuals who have experience working with AWS services and have a solid understanding of the core AWS architecture principles.


Amazon AWS-Solutions-Associate exam, also known as the AWS Certified Solutions Architect - Associate (SAA-C02), is a certification exam that validates an individual’s knowledge and skills in designing and deploying scalable, highly available, and fault-tolerant systems on the Amazon Web Services (AWS) cloud platform. AWS-Solutions-Associate exam is designed for professionals who have experience working with AWS services and are responsible for managing and designing solutions on the AWS platform.

 

NEW QUESTION # 313
A company's containerized application runs on an Amazon EC2 instance. The application needs to download security certificates before it can communicate with other business applications. The company wants a highly secure solution to encrypt and decrypt the certificates in near real time. The solution also needs to store data in highly available storage after the data is encrypted.
Which solution will meet these requirements with the LEAST operational overhead?

  • A. Create AWS Secrets Manager secrets for encrypted certificates. Manually update the certificates as needed. Control access to the data by using fine-grained 1AM access.
  • B. Create an AWS Lambda function that uses the Python cryptography library to receive and perform encryption operations. Store the function in an Amazon S3 bucket.
  • C. Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon Elastic Block Store (Amazon EBS) volumes.
  • D. Create an AWS Key Management Service (AWS KMS) customer managed key. Allow the EC2 role to use the KMS key for encryption operations. Store the encrypted data on Amazon S3.

Answer: C


NEW QUESTION # 314
A company is using an Amazon S3 bucket to store data uploaded by different departments from multiple locations During an AWS Well-Architected review the financial manager notices that 10 TB of S3 Standard storage data has been charged each month However, in the AWS Management Console for Amazon S3, using the command to select all files and folders shows a total size of 5 TB What are the possible causes for this difference? (Select TWO )

  • A. There are incomplete S3 multipart uploads
  • B. Some files are stored with deduplication
  • C. The S3 bucket has versioning enabled
  • D. The S3 bucket has AWS Key Management Service (AWS KMS) enabled
  • E. The S3 bucket has Intelligent-Tiering enabled

Answer: B,E


NEW QUESTION # 315
A media company collects and analyzes user activity data on premises. The company wants to migrate this capability to AWS. The user activity data store will continue to grow and will be petabytes in size. The company needs to build a highly available data ingestion solution that facilitates on-demand analytics of existing data and new data with SQL.
Which solution will meet these requirements with the LEAST operational overhead?

  • A. Send activity data to an Amazon Kinesis Data Firehose delivery stream. Configure the stream to deliver the data to an Amazon Redshift cluster.
  • B. Send activity data to an Amazon Kinesis data stream. Configure the stream to deliver the data to an Amazon S3 bucket.
  • C. Create an ingestion service on Amazon EC2 instances that are spread across multiple Availability Zones. Configure the service to forward data to an Amazon RDS Multi-AZ database.
  • D. Place activity data in an Amazon S3 bucket. Configure Amazon S3 to run an AWS Lambda function on the data as the data arrives in the S3 bucket.

Answer: A

Explanation:
Explanation
Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. You can start with just a few hundred gigabytes of data and scale to a petabyte or more. This allows you to use your data to gain new insights for your business and customers. The first step to create a data warehouse is to launch a set of nodes, called an Amazon Redshift cluster. After you provision your cluster, you can upload your data set and then perform data analysis queries. Regardless of the size of the data set, Amazon Redshift offers fast query performance using the same SQL-based tools and business intelligence applications that you use today.


NEW QUESTION # 316
A company is deploying a web portal. The company wants to ensure that only the web portion of the application is publicly accessible. To accomplish this, the VPC was designed with two public subnets and two private subnets. The application will run on several Amazon EC2 instances in an Auto Scaling group. SSL termination must be offloaded from the EC2 instances. What should a solutions architect do to ensure these requirements are met?

  • A. Configure the Application Load Balancer in the private subnets. Configure the Auto Scaling group in the private subnets and associate it with the Application Load Balancer
  • B. Configure the Application Load Balancer in the public subnets. Configure the Auto Scaling group in the private subnets and associate it with the Application Load Balancer
  • C. Configure the Network Load Balancer in the public subnets. Configure the Auto Scaling group in the public subnets and associate it with the Application Load Balancer
  • D. Configure the Network Load Balancer in the public subnets. Configure the Auto Scaling group in the private subnets and associate it with the Application Load Balancer

Answer: B


NEW QUESTION # 317
A Solutions Architect is designing a highly-available website that is served by multiple web servers hosted outside of AWS. If an instance becomes unresponsive, the Architect needs to remove it from the rotation.
What is the MOST efficient way to fulfill this requirement?

  • A. Use Amazon CloudWatch to monitor utilization.
  • B. Use Amazon Route 53 health checks
  • C. Use an Amazon Elastic Load Balancer
  • D. Use Amazon API Gateway to monitor availably

Answer: A


NEW QUESTION # 318
A data analytics startup company asks a Solutions Architect to recommend an AWS data store option for indexed data.
The data processing engine will generate and input more than 64 TB of processed data every day. with item sizes reaching up to 300 KB The startup is flexible with data storage models and is more interested in a database that requires minimal effort to scale with a growing dataset size.
Which AWS data store service should the Architect recommend?

  • A. Amazon RDS
  • B. Amazon DynamoDB
  • C. Amazon S3
  • D. Amazon Redshift

Answer: B


NEW QUESTION # 319
A company has a mulli-tier application that runs six front-end web servers in an Amazon EC2 Auto Scaling group in a single Availability Zone behind an Application Load Balancer (ALB). A solutions architect needs lo modify the infrastructure to be highly available without modifying the application.
Which architecture should the solutions architect choose that provides high availability?

  • A. Modify the Auto Scaling group to use three instances across each of two Availability Zones.
  • B. Create an Auto Scaling group that uses three Instances across each of tv/o Regions.
  • C. Change the ALB in front of the Amazon EC2 instances in a round-robin configuration to balance traffic to the web tier.
  • D. Create an Auto Scaling template that can be used to quickly create more instances in another Region.

Answer: A

Explanation:
High availability can be enabled for this architecture quite simply by modifying the existing Auto Scaling group to use multiple availability zones. The ASG will automatically balance the load so you don't actually need to specify the instances per AZ.


NEW QUESTION # 320
A company copies 200 TB of data from a recent ocean survey onto AWS Snowball Edge Storage Optimized devices. The company has a high performance computing (HPC) cluster that is hosted on AWS to look for oil and gas deposits. A solutions architect must provide the cluster with consistent sub-millisecond latency and high-throughput access to the data on the Snowball Edge Storage Optimized devices. The company is sending the devices back to AWS.
Which solution will meet these requirements?

  • A. Create an Amazon S3 bucket. Import the data into the S3 bucket. Configure an AWS Storage Gateway file gateway to use the S3 bucket. Access the file gateway from the HPC cluster instances.
  • B. Create an Amazon S3 bucket. Import the data into the S3 bucket. Configure an Amazon FSx for Lustre file system, and integrate it with the S3 bucket. Access the FSx for Lustre file system from the HPC cluster instances.
  • C. Create an Amazon S3 bucket and an Amazon Elastic File System (Amazon EFS) file system. Import the data into the S3 bucket. Copy the data from the S3 bucket to the EFS file system. Access the EFS file system from the HPC cluster instances.
  • D. Create an Amazon FSx for Lustre file system. Import the data directly into the FSx for Lustre file system. Access the FSx for Lustre file system from the HPC cluster instances.

Answer: B

Explanation:
To provide the HPC cluster with consistent sub-millisecond latency and high-throughput access to the data on the Snowball Edge Storage Optimized devices, a solutions architect should configure an Amazon FSx for Lustre file system, and integrate it with an Amazon S3 bucket. This solution has the following benefits:
It allows the HPC cluster to access the data on the Snowball Edge devices using a POSIX-compliant file system that is optimized for fast processing of large datasets1.
It enables the data to be imported from the Snowball Edge devices into the S3 bucket using the AWS Snow Family Console or the AWS CLI2. The data can then be accessed from the FSx for Lustre file system using the S3 integration feature3.
It supports high availability and durability of the data, as the FSx for Lustre file system can automatically copy the data to and from the S3 bucket3. The data can also be accessed from other AWS services or applications using the S3 API4.
References:
1: https://aws.amazon.com/fsx/lustre/
2: https://docs.aws.amazon.com/snowball/latest/developer-guide/using-adapter.html
3: https://docs.aws.amazon.com/fsx/latest/LustreGuide/create-fs-linked-data-repo.html
4: https://docs.aws.amazon.com/fsx/latest/LustreGuide/export-data-repo.html


NEW QUESTION # 321
A 3-tier e-commerce web application is current deployed on-premises and will be migrated to AWS for greater scalability and elasticity The web server currently shares read-only data using a network distributed file system The app server tier uses a clustering mechanism for discovery and shared session state that depends on IP multicast The database tier uses shared-storage clustering to provide database fall over capability, and uses several read slaves for scaling Data on all servers and the distributed file system directory is backed up weekly to off-site tapes
Which AWS storage and database architecture meets the requirements of the application?

  • A. Web servers, store read-only data in S3, and copy from S3 to root volume at boot time App servers snare state using a combination or DynamoDB and IP unicast Database use RDS with multi-AZ deployment and one or more Read Replicas Backup web and app servers backed up weekly via Mils database backed up via DB snapshots.
  • B. Web servers, store read-only data in an EC2 NFS server, mount to each web server at boot time App servers share state using a combination of DynamoDB and IP multicast Database use RDS with multl-AZ deployment and one or more Read Replicas Backup web and app servers backed up weekly via Mils database backed up via DB snapshots
  • C. Web servers store -read-only data in S3, and copy from S3 to root volume at boot time App servers share state using a combination of DynamoDB and IP unicast Database, use RDS with multi-AZ deployment and one or more read replicas Backup web servers app servers, and database backed up weekly to Glacier using snapshots.
  • D. Web servers store read-only data In S3 and copy from S3 to root volume at boot time App servers share state using a combination of DynamoDB and IP unicast Database use RDS with multi-AZ deployment Backup web and app servers backed up weekly via AM is. database backed up via DB snapshots

Answer: C


NEW QUESTION # 322
An application running on an Amazon EC2 instance in VPC-A needs to access files in another EC2 instance in VPC-B. Both are in separate. AWS accounts. The network administrator needs to design a solution to enable secure access to EC2 instance in VOC-B from VPC-A. The connectivity should not have a single point of failure or bandwidth concerns.
Which solution will meet these requirements?

  • A. Set up a VPC peering connection between VPC-A and VPC-B.
  • B. Set up VPC gateway endpoints for the EC2 instance running in VPC-B.
  • C. Attach a virtual private gateway to VPC-B and enable routing from VPC-A.
  • D. Create a private virtual interface (VIF) for the EC2 instance running in VPC-B and add appropriate routes from VPC-B.

Answer: D


NEW QUESTION # 323
A company that primarily runs its application servers on premises has decided to migrate to AWS. The company wants to minimize its need to scale its Internet Small Computer Systems Interface (iSCSI) storage on premises. The company wants only its recently accessed data to remain stored locally.
Which AWS solution should the company use to meet these requirements?

  • A. Amazon S3 File Gateway
  • B. AWS Storage Gateway Volume Gateway stored volumes
  • C. AWS Storage Gateway Volume Gateway cachea volumes
  • D. AWS Storage Gateway Tape Gateway

Answer: C

Explanation:
Explanation
AWS Storage Gateway Volume Gateway provides two configurations for connecting to iSCSI storage, namely, stored volumes and cached volumes. The stored volume configuration stores the entire data set on-premises and asynchronously backs up the data to AWS. The cached volume configuration stores recently accessed data on-premises, and the remaining data is stored in Amazon S3. Since the company wants only its recently accessed data to remain stored locally, the cached volume configuration would be the most appropriate. It allows the company to keep frequently accessed data on-premises and reduce the need for scaling its iSCSI storage while still providing access to all data through the AWS cloud. This configuration also provides low-latency access to frequently accessed data and cost-effective off-site backups for less frequently accessed data.
https://docs.amazonaws.cn/en_us/storagegateway/latest/vgw/StorageGatewayConcepts.html#storage-gateway-ca


NEW QUESTION # 324
A corporate web application is deployed within an Amazon Virtual Private Cloud (VPC) and is connected to the corporate data center via an iPsec VPN. The application must authenticate against the on-premises LDAP server. After authentication, each logged-in user can only access an Amazon Simple Storage Space (S3) keyspace specific to that user.
Which two approaches can satisfy these objectives? (Choose 2 answers)

  • A. Develop an identity broker that authenticates against IAM security Token service to assume a IAM role in order to get temporary AWS security credentials The application calls the identity broker to get AWS temporary security credentials with access to the appropriate S3 bucket.
  • B. The application authenticates against LDAP the application then calls the AWS identity and Access Management (IAM) Security service to log in to IAM using the LDAP credentials the application can use the IAM temporary credentials to access the appropriate S3 bucket.
  • C. The application authenticates against LDAP and retrieves the name of an IAM role associated with the user. The application then calls the IAM Security Token Service to assume that IAM role The application can use the temporary credentials to access the appropriate S3 bucket.
  • D. Develop an identity broker that authenticates against LDAP and then calls IAM Security Token Service to get IAM federated user credentials The application calls the identity broker to get IAM federated user credentials with access to the appropriate S3 bucket.
  • E. The application authenticates against IAM Security Token Service using the LDAP credentials the application uses those temporary AWS security credentials to access the appropriate S3 bucket.

Answer: C,D


NEW QUESTION # 325
What are the Amazon EC2 API tools?

  • A. Command-line tools to the Amazon EC2 web service.
  • B. They don't exist. The Amazon EC2 AMI tools, instead, are used to manage permissions.
  • C. They don't exist. The Amazon API tools are a client interface to Amazon Web Services.
  • D. They are a set of graphical tools to manage EC2 instances.

Answer: A


NEW QUESTION # 326
You are implementing a URL whitelisting system for a company that wants to restrict outbound HTTP'S connections to specific domains from their EC2-hosted applications. You deploy a single EC2 instance running proxy software and configure It to accept traffic from all subnets and EC2 instances in the VPC.
You configure the proxy to only pass through traffic to domains that you define in its whitelist configuration.
You have a nightly maintenance window or 10 minutes where all instances fetch new software updates.
Each update Is about 200MB In size and there are 500 instances In the VPC that routinely fetch updates.
After a few days you notice that some machines are failing to successfully download some, but not all of their updates within the maintenance window. The download URLs used for these updates are correctly listed in the proxy's whitelist configuration and you are able to access them manually using a web browser on the instances.
What might be happening? (Choose 2)

  • A. The route table for the subnets containing the affected EC2 instances is not configured to direct network traffic for the software update locations to the proxy.
  • B. You are running the proxy in a public subnet but have not allocated enough EIPs to support the needed network throughput through the Internet Gateway (IGW).
  • C. You are running the proxy on an undersized EC2 instance type so network throughput is not sufficient for all instances to download their updates in time.
  • D. You have not allocated enough storage to the EC2 instance running the proxy so the network buffer is filling up, causing some requests to fail.
  • E. You are running the proxy on a sufficiently-sized EC2 instance in a private subnet and its network throughput is being throttled by a NAT running on an undersized EC2 instance.

Answer: C,E


NEW QUESTION # 327
What's an ECU?

  • A. Extended Cluster User.
  • B. Elastic Compute Unit.
  • C. Elastic Computer Usage.
  • D. None of these.

Answer: D


NEW QUESTION # 328
A solutions architect is designing an architecture for a new application that requires low network latency and high network throughput between Amazon EC2 instances. Which component should be included in the architectural design?

  • A. A placement group using a partition placement strategy.
  • B. An Auto Scaling group with On-Demand instance types.
  • C. A placement group using a cluster placement strategy.
  • D. An Auto Scaling group with Spot Instance types.

Answer: D


NEW QUESTION # 329
......


Amazon AWS-Solutions-Associate (AWS Certified Solutions Architect - Associate (SAA-C02)) Certification Exam is a globally recognized certification in the field of cloud computing. AWS-Solutions-Associate exam validates the skills and knowledge necessary to design and deploy scalable, highly available, and fault-tolerant systems on the Amazon Web Services (AWS) platform. AWS Certified Solutions Architect - Associate (SAA-C02) certification exam is designed for professionals who have a minimum of one year of experience with AWS and are proficient in designing and deploying scalable, fault-tolerant, and highly available systems.

 

Latest AWS-Solutions-Associate Actual Free Exam Questions Updated 686 Questions: https://www.dumpsfree.com/AWS-Solutions-Associate-valid-exam.html

Free AWS-Solutions-Associate Exam Braindumps certification guide Q&A: https://drive.google.com/open?id=1yaaSw1Uuu3HmG_eKIK7o1NcUVUrYGSQ-

Related Articles

more
Amazon AWS-Solutions-Associate Certification Practice Exam

DumpsFree provides high-quality dumps PDF & dumps VCE for candidates who are willing to pass exams and get certifications soon. We provide dumps free download before purchasing dumps VCE. 100% pass exam!

Latest Dumps Free

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 DumpsFree NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy