Amazon SAA-C03 Exam Practice Test Instant Access

Question 1

A company has a three-tier environment on AWS that ingests sensor data from its users' devices The traffic flows through a Network Load Balancer (NIB) then to Amazon EC2 instances for the web tier and finally to EC2 instances for the application tier that makes database calls

What should a solutions architect do to improve the security of data in transit to the web tier?

AConfigure a TLS listener and add the server certificate on the NLB

BConfigure AWS Shield Advanced and enable AWS WAF on the NLB

CChange the load balancer to an Application Load Balancer and attach AWS WAF to it

DEncrypt the Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instances using AWS Key Management Service (AWS KMS)

Answer : A

A: How do you protect your data in transit?

Best Practices:

Implement secure key and certificate management: Store encryption keys and certificates securely and rotate them at appropriate time intervals while applying strict access control; for example, by using a certificate management service, such as AWS Certificate Manager (ACM).

Enforce encryption in transit: Enforce your defined encryption requirements based on appropriate standards and recommendations to help you meet your organizational, legal, and compliance requirements.

Automate detection of unintended data access: Use tools such as GuardDuty to automatically detect attempts to move data outside of defined boundaries based on data classification level, for example, to detect a trojan that is copying data to an unknown or untrusted network using the DNS protocol.

Authenticate network communications: Verify the identity of communications by using protocols that support authentication, such as Transport Layer Security (TLS) or IPsec.

https://wa.aws.amazon.com/wat.question.SEC_9.en.html

Question 2

A company is planning to migrate an on-premises online transaction processing (OLTP) database that uses MySQL to an AWS managed database management system. Several reporting and analytics applications use the on-premises database heavily on weekends and at the end of each month. The cloud-based solution must be able to handle read-heavy surges during weekends and at the end of each month.

Which solution will meet these requirements?

A. Migrate the database to an Amazon Aurora MySQL cluster. Configure Aurora Auto Scaling to use replicas to handle surges. B. Migrate the database to an Amazon EC2 instance that runs MySQL. Use an EC2 instance type that has ephemeral storage. Attach Amazon EBS Provisioned IOPS SSD (io2) volumes to the instance. C. Migrate the database to an Amazon RDS for MySQL database. Configure the RDS for MySQL database for a Multi-AZ deployment, and set up auto scaling. D. Migrate from the database to Amazon Redshift. Use Amazon Redshift as the database for both OLTP and analytics applications.

AAurora MySQL: Handles OLTP workloads efficiently with built-in replication and auto-scaling capabilities.

BEC2 with MySQL: Requires heavy manual maintenance and does not scale seamlessly.

CRDS for MySQL: Limited in auto-scaling compared to Aurora.

DRedshift: Primarily for OLAP, not suitable for OLTP workloads.

Answer : A

Question 3

A solutions architect needs to implement a solution that can handle up to 5,000 messages per second. The solution must publish messages as events to multiple consumers. The messages are up to 500 KB in size. The message consumers need to have the ability to use multiple programming languages to consume the messages with minimal latency. The solution must retain published messages for more than 3 months. The solution must enforce strict ordering of the messages.

Which solution will meet these requirements?

A. Publish messages to an Amazon Kinesis Data Streams data stream. Enable enhanced fan-out. Ensure that consumers ingest the data stream by using dedicated throughput. B. Publish messages to an Amazon Simple Notification Service (Amazon SNS) topic. Ensure that consumers use an Amazon Simple Queue Service (Amazon SQS) FIFO queue to subscribe to the topic. C. Publish messages to Amazon EventBridge. Allow each consumer to create rules to deliver messages to the consumer's own target. D. Publish messages to an Amazon Simple Notification Service (Amazon SNS) topic. Ensure that consumers use Amazon Data Firehose to subscribe to the topic.

AKinesis Data Streams: Supports high throughput, strict ordering, multiple consumers, and data retention for 365 days.

BSNS + SQS FIFO: Can enforce ordering but lacks native support for 500 KB messages and retention requirements.

CEventBridge: Lacks strict ordering and message size compatibility.

DSNS + Firehose: Not designed for strict ordering or large message sizes.

Answer : A

Question 4

A company runs a Microsoft Windows SMB file share on-premises to support an application. The company wants to migrate the application to AWS. The company wants to share storage across multiple Amazon EC2 instances.

Which solutions will meet these requirements with the LEAST operational overhead? (Select TWO.)

A. Create an Amazon Elastic File System (Amazon EFS) file system with elastic throughput. B. Create an Amazon FSx for NetApp ONTAP file system. C. Use Amazon Elastic Block Store (Amazon EBS) to create a self-managed Windows file share on the instances. D. Create an Amazon FSx for Windows File Server file system. E. Create an Amazon FSx for OpenZFS file system.

AAmazon EFS: Provides a scalable, shared file storage solution with minimal operational overhead. It's ideal for Linux-based workloads.

BAmazon FSx for NetApp ONTAP: More suited for workloads requiring NetApp-specific features.

CAmazon EBS: Requires manual management of file shares, which increases operational overhead.

DAmazon FSx for Windows File Server: Best suited for Windows SMB workloads with low operational overhead.

EAmazon FSx for OpenZFS: Better for Linux and Unix-based workloads.

Answer : A, D

Question 5

How can DynamoDB data be made available for long-term analytics with minimal operational overhead?

AConfigure DynamoDB incremental exports to S3.

BConfigure DynamoDB Streams to write records to S3.

CConfigure EMR to copy DynamoDB data to S3.

DConfigure EMR to copy DynamoDB data to HDFS.

Answer : A

Option A is the most automated and cost-efficient solution for exporting data to S3 for analytics.

Option B involves manual setup of Streams to S3.

Options C and D introduce complexity with EMR.

Question 6

How can trade data from DynamoDB be ingested into an S3 data lake for near real-time analysis?

AUse DynamoDB Streams to invoke a Lambda function that writes to S3.

BUse DynamoDB Streams to invoke a Lambda function that writes to Data Firehose, which writes to S3.

CEnable Kinesis Data Streams on DynamoDB. Configure it to invoke a Lambda function that writes to S3.

DEnable Kinesis Data Streams on DynamoDB. Use Data Firehose to write to S3.

Answer : A

Option A is the simplest solution, using DynamoDB Streams and Lambda for real-time ingestion into S3.

Options B, C, and D add unnecessary complexity with Data Firehose or Kinesis.

Question 7

A company runs HPC workloads requiring high IOPS.

Which combination of steps will meet these requirements? (Select TWO)

AUse Amazon EFS as a high-performance file system.

BUse Amazon FSx for Lustre as a high-performance file system.

CCreate an Auto Scaling group of EC2 instances. Use Reserved Instances. Configure a spread placement group. Use AWS Batch for analytics.

DUse Mountpoint for Amazon S3 as a high-performance file system.

ECreate an Auto Scaling group of EC2 instances. Use mixed instance types and a cluster placement group. Use Amazon EMR for analytics.

Answer : B, E

Option B: FSx for Lustre is designed for HPC workloads with high IOPS.

Option E: A cluster placement group ensures low-latency networking for HPC analytics workloads.

Option A: Amazon EFS is not optimized for HPC.

Option D: Mountpoint for S3 does not meet high IOPS needs.

Amazon SAA-C03 AWS Certified Solutions Architect - Associate Exam Practice Test