This is the last time to share SAA-C02 dumps exam questions and answers.
From now on you will be required to take and pass the AWS Certified Solutions Architect – Associate exam (SAA-C03). There are two types of questions: single-choice and multiple-choice questions.
Previously Lead4Pass provided SAA-C02 exam dumps with PDF and VCE to help candidates pass the AWS Certified Solutions Architect – Associate (SAA) certification exam, now candidates only need to access the latest SAA-C03 dumps: https://www.leads4pass.com/saa-c03.html (PDF +VCE) to help you easily learn and successfully earn the AWS Certified Solutions Architect – Associate (SAA) certification
Continue to share SAA-C02 dumps exam questions and answers for the last time
| Number of exam questions | Exam name | From | Release time | Previous issue | PDF Download |
| 13 | AWS Certified Solutions Architect – Associate (SAA-C02) | Lead4Pass | Oct 27, 2022 | SAA-C02 dumps questions 1-12 | SAA-C02 PDF |
NEW QUESTION 13:
A solution architect has configured the following IAM policy.
Which action will be allowed by the policy?
A. An AWS Lambda function can be deleted from any network.
B. An AWS Lambda function can be created from any network.
C. An AWS Lambda function can be deleted from the 100.220.0.0/20 network
D. An AWS Lambda function can be deleted from the 220 100.16 0 20 network
Correct Answer: C
NEW QUESTION 14:
Some of the company\’s customers are retrieving records frequently, leading to an increase in costs for the company.
The company wants to limit retrieved requests in the future. The company also wants to ensure that if one customer reaches its retrieval limit other customers will not be affected.
Which solution will meet these requirements?
A. Set up server-side throttling limits for API Gateway.
B. Limit DynamoDB read throughput on the table loan amount that results in m the maximum cost that the company is willing to incur.
C. Set up a usage plan for API Gateway Implement throttling limits for each customer. and distribute API keys to each customer
D. Set up AWS Budgets. Monitor the usage of API Gateway and DynamoDB Configure an alarm to provide an alert when the cost exceeds a certain threshold each month
Correct Answer: D
NEW QUESTION 15:
A company recently migrated its entire IT environment to the AWS Cloud. The company discovers that users are provisioning oversized Amazon EC2 instances and modifying security group rules without using the appropriate change control process A solutions architect must devise a strategy to track and audit these inventory and configuration changes.
Which actions should the solutions architect take to meet these requirements? (Select TWO )
A. Enable AWS CloudTrail and use it for auditing
B. Use data lifecycle policies for the Amazon EC2 instances
C. Enable AWS Trusted Advisor and reference the security dashboard
D. Enable AWS Config and create rules for auditing and compliance purposes
E. Restore previous resource configurations with an AWS CloudFormation template
Correct Answer: AD
NEW QUESTION 16:
An application running on AWS Lambda requires an API key to access a third-party service. The key must
be stored securely with audited access to the Lambda function only.
What is the MOST secure way to store the key?
A. As an object in Amazon S3.
B. As a secure siring in AWS Systems Manager Parameter Store.
C. Inside a file on an Amazon EBS volume attached to the Lambda function
D. Inside a secrets file stored on Amazon EFS
Correct Answer: B
https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html
NEW QUESTION 17:
A company has an on-premises volume backup solution that has reached its end of the file. The company wants to use AWS as part of a new backup solution and wants to maintain local access to at\’ the data while is backed up on AWS.
The company wants to ensure that the data is backed up on AWS. The company automatically and securely transferred.
Which solution meets this requirement?
A. Use AWS Snowball to migrate data out of the on-premises solution to Amazon S3. Configure on-premises systems to mount the Snowball S3 endpoint to provide Weal access to the data
B. Use AWS Snowball Edge to migrate data out of the on-premises solution to Amazon S3. Use the Snowball Edge file interface to provide the on-premises system with local access to the data.
C. Use AWS Storage Gateway and configure a cached volume gateway Run the Storage Gateway software appliance on-premises and configure a percentage of data to cache locally. Mount the gateway storage volumes to provide local access to the data.
D. Use AWS Storage Gateway and configure a stored volume gateway. Run the Storage Gateway software appliance on-premises and map the gateway storage volumes to on-premises storage. Mount the gateway storage volumes to provide local access to the data.
Correct Answer: C
NEW QUESTION 18:
A company wants to design its cloud architecture so that its workloads are resilient, can consistently perform their intended functions correctly, and can recover from failure quickly
Which pillar of the AWS Well-Architected Framework does this architecture represent?
A. Security
B. Performance efficiency
C. Operational excellence
D. Reliability
Correct Answer: C
NEW QUESTION 19:
A company runs batch processes on Amazon EC2 instances that are needed only during business hours These processes must preserve the data at alt times but the speed of processing is not important The company needs to run these processes in the MOST cost-effective manner
Which solution will meet these requirements?
A. Use EC2 Reserved Instances with the All Upfront payment option
B. Use EC2 Reserved instances with the Partial Upfront payment option
C. Use Spot Fleet requests with the allocation strategy set to lowestPnce
D. Use persistent Spot Instance requests with behavior that stops interrupted instances
Correct Answer: B
NEW QUESTION 20:
A company is using a VPC peering strategy to connect its VPCs in a single Region to allow for cross-communication. A recent increase in account creation and VPCs has made it difficult to maintain the VPC peering strategy, and the company expects to grow to hundreds of VPCs. There are also new requests to create site-to-site VPNs with some of the VPCs. A solutions architect has been tasked with creating a centrally networking setup for multiple accounts, VPCs, and VPNs.
Which networking solution meets these requirements?
A. Configure shared VPCs and VPNs and share them with each other
B. Configure a hub-and-spoke and route all traffic through VPC peering.
C. Configure an AWS Direct Connect between all VPCs and VPNs.
D. Configure a transit gateway with AWS Transit Gateway and connected all VPCs and VPNs.
Correct Answer: D
NEW QUESTION 21:
A company is building a RESTful serverless web application on AWS by using Amazon API Gateway and AWS Lambda The users of this web application will be geographically disturbed, and the company wants to reduce the latency of API requests to these users.
Which type of endpoint should a solutions architect use to meet these requirements?
A. Private endpoint
B. Regional endpoint
C. Interface VPC endpoint
D. Edge-optimized endpoint
Correct Answer: A
NEW QUESTION 22:
A company is automating an order management application. The company\’s development team has
decided to use SFTP to transfer and store the business-critical information files The files must be
encrypted and must be highly available.
The files also must be automatically deleted a month after they are created.
Which solution meets these requirements with the LEAST operational overhead?
A. Configure an Amazon S3 bucket with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the S3 bucket Apply an AWS Transfer for SFTP file retention policy to delete the files after a month
B. Install an SFTP service on an Amazon EC2 instance Mount an Amazon Elastic File System (Amazon EFS) file share on the EC2 instance. Enable cron to delete the files after a month
C. Configure an Amazon Elastic File System (Amazon EFS) file system with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the EFS file system. Apply an EFS lifecycle policy to automatically delete the files after a month.
D. Configure an Amazon S3 bucket with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the S3 bucket. Apply S3 Lifecycle rules to automatically delete the files after a month.
Correct Answer: D
NEW QUESTION 23:
An application runs on Amazon EC2 instances in private subnets. The application needs to access an Amazon DynamoDB table. What is the MOST secure way to access the table while ensuring that the traffic does not leave the AWS network?
A. Use a VPC endpoint for DynamoDB.
B. Use a NAT gateway in a public subnet.
C. Use a NAT instance in a private subnet.
D. Use the internet gateway attached to the VPC.
Correct Answer: A
NEW QUESTION 24:
A company sells datasets to customers who do research in artificial intelligence and machine learning (AIMU. The datasets are large formatted files met are stored in an Amazon S3 bucket in the us-easl-1 Region. The company hosts a web application that the customers use to purchase access to a given dataset. The web application Is deployed on mutating Amazon EC2 instances behind an Application Load Balancer After a purchase is made customers receive an S3 signed URL that allows access to the files.
The customers are distributed across North America and Europe. The company wants to reduce the cost that is associated with data transfers and wants to maintain or improve performance
What should a solutions architect do to meet these requirements?
A. Configure S3 Transfer Accelerator on the existing S3 bucket Direct customer requests to the S3 Transfer
Acceleration endpoint Continue to use S3 signed URLs to access control
B. Deploy an Amazon CloudFront distribution with the existing S3 bucket as the origin Direct customer requests to the CloudFront URL Switch to CloudFront signed URLs for access control
C. Set up a second S3 Ducket in the EU-central-1 Region with S3 Cross-Region Replication between lite Duckets Direct customer requests to the closest Region. Continue to use S3-signed URLs for access control
D. Modify the web application to enable streaming of the datasets to users Configure the web application to read the data from the existing S3 bucket and implement access control directly in the application
Correct Answer: B
NEW QUESTION 25:
A company is hosting multiple websites for several lines of business under its registered parent domain. Users accessing these websites will be routed to appropriate backend Amazon EC2 instances based on the subdomain. The websites host static webpages, images, and server-side scripts like PHP and JavaScript.
Some of the websites experience peak access during the first two hours of business with constant usage throughout the rest of the day. A solutions architect needs to design a solution that will automatically adjust capacity to this traffic pattern while keeping costs low.
Which combination of AWS services or features will meet these requirements? (Select TWO.)
A. AWS Batch
B. Network Load Balancer
C. Application Load Balancer
D. Amazon EC2 Auto Scaling
E. Amazon S3 website hosting
Correct Answer: DE
…
This SAA-C02 dumps exam question is the last update! Candidates can take advantage of this update to improve themselves.
Again, from now on you will need to take and pass the AWS Certified Solutions Architect – Associate exam (SAA-C03) in order to earn the AWS Certified Solutions Architect – Associate (SAA) certification.
