Valid SAA-C02 Dumps help you earn certification with the AWS Certified Solutions Architect – Associate exam. Achieve competency in designing and implementing distributed systems on AWS.
According to the latest notification from Amazon AWS, the AWS Certified Solutions Architect – Associate certification will change on August 30, 2022, and the last date to take the latest exam is August 29, 2022.
You should take the exam before the SAA-C02 exam changes, we updated the Amazon SAA-C02 dumps question today, valid SAA-C02 Dumps are you’re taking the AWS Certified Solutions Architect – Associate certification exam the best preparation material. Amazon SAA-C02 Dumps Learn to practice question and answer using leads4pass pdf and VCE engine.
Read the SAA-C02 free dumps as part of the SAA-C02 dumps issue
QUESTION 1
A company is designing a cloud communications platform trial is driven by APIs. The application is hosted on Amazon EC2 instances behind a Network Load Balancer (NLB). The company uses Amazon API Gateway to provide external users with access to the application through APIs. The company wants to protect the platform against web exploits like SQL Injection and also wants to detect and mitigate large, sophisticated DDoS attacks Which combination of solutions provides the MOST protection? (Select TWO.)
A. Use AWS WAF to protect the NLB
B. Use AWS Shield Advanced with the NLB
C. Use AWS WAF to protect Amazon API Gateway
D. Use Amazon GuardDuty with AWS Shield Standard
E. Use AWS Shield Standard with Amazon API Gateway
Correct Answer: AD
QUESTION 2
A company that recently started using AWS establishes a Site-to-Site VPN between its on-premises data center and AWS. The company\’s security mandate states that traffic originating from on-premises should stay within the company\’s private IP space when communicating with an Amazon Elastic Container Service (Amazon ECS) cluster that is hosting a sample web application.
Which solution meets this requirement?
A. Configure a gateway endpoint for Amazon ECS. Modify the routing table to include an entry point to the ECS cluster.
B. Create a Network Load Balancer and AWS PrivateLink endpoint for Amazon ECS in the same VPC that is hosting the ECS cluster.
C. Create a Network Load Balancer in one VPC and an AWS PrivateLink endpoint for Amazon ECS in another VPC. Connect the two VPCs by using VPC peering.
D. Configure an Amazon Route 53 record with Amazon ECS as the target. Apply a server certificate to Route 53 from AWS Certificate Manager (ACM) for SSL offloading.
Correct Answer: C
QUESTION 3
A company\’s application runs on Amazon EC2 instances behind an Application Load Balancer (ALB) The instances run in an Amazon EC2 Auto Scaling group across multiple Availability Zones On the first day of every month at midnight the application becomes much slower when the month-end financial calculation batch executes This causes the CPU utilization of the EC2 instances to immediately peak to 100%. which disrupts the application What should a solutions architect recommend to ensure the application is able to handle the workload and avoid downtime?
A. Configure an Amazon CloudFront distribution in front of the ALB
B. Configure an EC2 Auto Scaling simple scaling policy based on CPU utilization
C. Configure an EC2 Auto Scaling scheduled scaling policy based on the monthly schedule.
D. Configure Amazon ElastiCache to remove some of the workloads from the EC2 instances
Correct Answer: C
Scheduled Scaling for Amazon EC2 Auto Scaling Scheduled scaling allows you to set your own scaling schedule. For example, let\’s say that every week the traffic to your web application starts to increase on Wednesday, remains high on Thursday, and starts to decrease on Friday. You can plan your scaling actions based on the predictable traffic patterns of your web application. Scaling actions are performed automatically as a function of time and date.
https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html
QUESTION 4
A customer has a service based out of Oregon. US and Paris. France. The application stores data in an Amazon S3 bucket located in Oregon. That data is updated frequently. The Pans office is experiencing slow response times when retrieving objects.
What should a solutions architect do to resolve the slow response times for the Paris office?
A. Set up an S3 bucket based in Paris, and enable Cross-Region Replication from the Oregon bucket to the Paris bucket.
B. Create an Application Load Balancer that load balances data retrieval between the Oregon S3 bucket and a new Paris S3 bucket.
C. Create an Amazon CloudFront distribution with the bucket located m Oregon as the origin and set the maximum TTL setting for the cache behavior to zero.
D. Set up an S3 bucket based in Paris, and enable a lifecycle management rule to transition data from the Oregon bucket to the Paris bucket.
Correct Answer: C
QUESTION 5
A company wants to build an immutable infrastructure for its software applications The company wants to test the software applications before sending traffic to them The company seeks an efficient solution that limits the effects of application bugs
Which combination of steps should a solutions architect recommend? {Select TWO)
A. Use AWS Cloud Formation to update the production infrastructure and roll back the stack if the update fails
B. Apply Amazon Route 53 weighted routing to test the staging environment and gradually increase the traffic as the tests pass
C. Apply Amazon Route 53 failover routing to test the staging environment and failover to the production environment if the tests pass
D. Use AWS Cloud Formation with a parameter set to the staging value in a separate environment other than the production environment
E. Use AWS Cloud Formation to deploy the staging environment with a snapshot deletion policy and reuse the resources in the production environment if the tests pass
Correct Answer: AB
QUESTION 6
A company\’s dynamic website is hosted using on-premises servers in the United States. The company is launching its product in Europe and it wants to optimize site loading times for new European users. The site\’s backend must remain in the United States. The product is being launched in a few days, and an immediate solution is needed What should the solutions architect recommend?
A. Launch an Amazon EC2 instance in us-east-1 and migrate the site to it
B. Move the website to Amazon S3 Use cross-Region replication between Regions.
C. Use Amazon CloudFront with a custom origin pointing to the on-premises servers
D. Use an Amazon Route 53 geo proximity routing policy pointing to on-premises servers
Correct Answer: C
QUESTION 7
A prediction process requires access to a trained model that is stored in an Amazon S3 bucket. The process takes a few seconds to process an image and make a prediction. The process is not overly resource-intensive, does not require any specialized hardware, and takes less than 512 MB of memory to run.
What is the MOST effective compute solution for this use case?
A. Amazon Elastic Container Service (Amazon ECS)
B. Amazon EC2 Spot instances
C. AWS Lambda functions
D. AWS Elastic Beanstalk
Correct Answer: C
QUESTION 8
A company has a service that reads and writes large amounts of data from an Amazon S3 bucket in the same AWS Region The service is deployed on Amazon EC2 instances within the private subnet of a VPC. The service communicates with Amazon S3 over a NAT gateway in the public subnet However, the company wants a solution that will reduce the data output costs.
Which solution will meet these requirements MOST cost-effectively?
A. Provision of a dedicated EC2 NAT instance in the public subnet. Configure the routing table for the private subnet to use the elastic network interface of this instance as the destination for all S3 traffic
B. Provision of a dedicated EC2 NAT instance in the private subnet. Configure the routing table for the public subnet to use the elastic network interface of this instance as the destination for all S3 traffic.
C. Provision of a VPC gateway endpoint. Configure the routing table for the private subnet to use the gateway endpoint as the route for all S3 traffic.
D. Provision of a second NAT gateway. Configure the routing table for the private subnet to use this NAT gateway as the destination for all S3 traffic.
Correct Answer: C
QUESTION 9
A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database Compliance regulations mandate that all personally identifiable information (Pll) be encrypted at rest.
Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure?
A. Deploy AWS Certificate Manager to generate certificates Use the certificates to encrypt the database volume
B. Deploy AWS CloudHSM, generate encryption keys, and use the customer master key (CMK) to encrypt database volumes
C. Configure SSL encryption using AWS Key Management Service customer master keys (AWS KMS CMKs) to encrypt database volumes.
D. Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes
Correct Answer: D
QUESTION 10
A solutions architect is designing a solution that will include a database in Amazon RDS Corporate security policy mandates that the database its logs, and its backups are all encrypted What is the MOST efficient option to fulfill the security policy using Amazon RDS?
A. Launch an Amazon RDS instance with encryption enabled Enable encryption for logs and backups
B. Launch an Amazon RDS instance Enable encryption for the database, logs, and backups
C. Launch an Amazon RDS instance with encryption enabled Logs and backups are automatically encrypted
D. Launch an Amazon RDS instance Enable encryption for backups Encrypt logs with a database- engine feature
Correct Answer: C
QUESTION 11
A team has an application that detects new objects being uploaded into an Amazon bucket. The upload triggers the AWS Lambda function to write metadata into an Amazon DynamoDB table and an Amazon RDS for the PostgreSQL database.
Which action should the team take to ensure high availability?
A. Enable Cross-Region Replication to ensure high availability
B. Create a Lambda function for each Availability Zone the application is deployed in
C. Enable Multi-AZ on the RDS PostgreSQL database.
D. Create a DynamoDB stream for the DynamoDB table
Correct Answer: C
QUESTION 12
A company is deploying a two-tier web application in a VPC. The web tier is using an Amazon EC2 Auto Scaling group with public subnets that span multiple Availability Zones. The database tier consists of an Amazon RDS for MySQL DB instance in separate private subnets. The web tier requires access to the database to retrieve product information.
The web application is not working as intended. The web application reports that it cannot connect to the database. The database is confirmed to be up and running. All configurations for the network ACLs. security groups and route tables are still in their default states.
What should a solutions architect recommend to fix the application?
A. Add an explicit rule to the private subnet\’s network ACL to allow traffic from the web tier\’s EC2 instances.
B. Add a route in the VPC route table to allow traffic between the web tier\’s EC2 instances and The database tier.
C. Deploy the web tier\’s EC2 instances and the database tier\’s RDS instance into two separate VPCs.and configure VPC peering.
D. Add an inbound rule to the security group of the database tier\’s RDS instance to allow traffic from the web tier\’s security group.
Correct Answer: D
……
Amazon SAA-C02 free dumps online download:https://drive.google.com/file/d/1luNDZPrm2E4BpYpKVbC5NIXucKcinvfB/view?usp=sharing
We know the importance of AWS Certified Solutions Architect – Associate certification, before warranting changes, use valid SAA-C02 Dumps: https://www.leads4pass.com/saa-c02.html
Helping you successfully pass the AWS Certified Solutions Architect – Associate Exam.