AWS Certified Associate

[Newest Version] Easily Pass SAA-C02 Exam with Updated Real SAA-C02 Exam Materials

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your AWS Certified Associate Newest SAA-C02 vce AWS Certified Solutions Architect – Associate (SAA-C02) exam. We will assist you clear the May 23,2022 Latest SAA-C02 pdf dumps exam with AWS Certified Associate SAA-C02 actual tests. We SAA-C02 dumps are the most comprehensive ones.

We Geekcert has our own expert team. They selected and published the latest SAA-C02 preparation materials from Official Exam-Center.

The following are the SAA-C02 free dumps. Go through and check the validity and accuracy of our SAA-C02 dumps.The following questions and answers are from the latest SAA-C02 free dumps. It will help you understand the validity of the latest SAA-C02 dumps.

Question 1:

A company has created a multi-tier application for its ecommerce website. The website uses an Application Load Balancer that resides in the public subnets, a web tier in me public subnets, and a MySQL cluster hosted on Amazon EC2 instances in the private subnets. The MySQL database needs to retrieve product catalog and pricing information that is hosted on the internet by a third-party provider. A solutions architect must devise a strategy that maximizes security without increasing operational overhead.

What should the solutions architect do to meet these requirements?

A. Deploy a NAT instance in the VPC. Route all the internet-based traffic through the NAT instance.

B. Deploy a NAT gateway in the public subnets. Modify the private subnet route table to direct all internetbound traffic to the NAT gateway.

C. Configure an internet gateway and attach it to the VPC. Modify the private subnet route table to direct internet-bound traffic to the internet gateway.

D. Configure a virtual private gateway and attach it to the VPC. Modify the private subnet route table to direct internet-bound traffic to the virtual private gateway.

Correct Answer: B


Question 2:

A company has an application that is hosted on Amazon EC2 instances in two private subnets. A solutions

architect must make the application available on the public internet with the least amount of N-y

administrative effort.

What should the solutions architect recommend?

A. Create a load balancer and associate two public subnets from the same Availability Zones as the private instances. Add the private instances to the load balancer.

B. Create a load balancer and associate two private subnets from the same Availability Zones as the private instances. Add the private instances to the load balancer.

C. Create an Amazon Machine Image (AMI) of the instances in the private subnet and restore In the public subnet Create a load balancer and associate two public subnets from the same Availability Zones as the public instances.

D. Create an Amazon Machine Image (AMI) of the instances in the private subnet and restore in the public subnet.Create a load balancer and associate two private subnets from the same Availability Zones as the public instances.

Correct Answer: C


Question 3:

A solutions architect must analyze and update a company\’s existing IAM policies prior to deploying a new workload. The solutions architect created the following policy: What is the net effect of this policy?

A. Users will be allowed all actions except s3 PutObject if multi-factor authentication (MFA) is enabled

B. Users win be allowed all actions except s3 PutObject if multi-factor authentication (MFA) is not enabled

C. Users will be denied all actions except s3;PutObject if multi-factor authentication (MFA) is enabled.

D. Users win be denied all actions except s3:PutObject if multi-factor authentication (MFA) is not enabled.

Correct Answer: C


Question 4:

A company hosts its application in the AWS Cloud. The application runs on Amazon EC2 instances behind an Elastic Load Balancer in an Auto Scaling group and with an Amazon DynamoDB table. The company wants to ensure the application can be made available in another AWS Region with minimal downtime

What should a solutions architect do to meet these requirements with the LEAST amount of downtime?

A. Create an Auto Scaling group and a load balancer in the disaster recovery Region. Configure the DynamoDB table as a global table. Configure DNS failover to point to the new disaster recovery Region\’s load balancer.

B. Create an AWS CloudFormation template to create EC2 instances, load balancers, and DynamoDB tables to be launched when needed. Configure DNS failover to point to the new disaster recovery Region\’s load balancer.

C. Create an AWS CloudFormation template to create EC2 instances and a load balancer to be launched when needed. Configure the DynamoDB table as a global table. Configure DNS failover to point to the new disaster recovery Region\’s load balancer.

D. Create an Auto Scaling group and load balancer in the disaster recovery Region. Configure the DynamoDB table as a global table. Create an Amazon CloudWatch alarm to trigger an AWS Lambda function that updates Amazon Route 53 pointing to the disaster recovery load balancer.

Correct Answer: A


Question 5:

A company wants to improve the availability and performance of its hybrid application. The application consists of a stateful TCP-based workload hosted on Amazon EC2 instances in different AWS Regions and a stateless UOP-based workload hosted on premises.

Which combination of actions should a solutions architect take to improve availability and performance? (Choose two.)

A. Create an accelerator using AWS Global Accelerator. Add the load balancers as endpoints.

B. Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency- based routing to route requests to the load balancers

C. Configure two Application Load Balancers in each Region. The first will route to the EC2 endpoints and the second will route to the on-premises endpoints.

D. Configure a Network Load Balancer in each Region to address the EC2 endpoints Configure a Network Load Balancer in each Region that routes to the on-premises endpoints

E. Configure a Network Load Balancer in each Region to address the EC2 endpoints Configure an Application Load Balancer in each Region that routes to the on-premises endpoints

Correct Answer: AB


Question 6:

A company has developed a new video game as a web application. The application is in a three-tier architecture in a VPC with Amazon RDS for MySQL In the database layer Several players will compete concurrently online. The game\’s developers want to display a top-10 scoreboard in near-real time and offer the ability to stop and restore the game while preserving the current scores. What should a solutions architect do to meet these requirements?

A. Set up an Amazon ElastiCache for Memcached cluster to cache the scores for the web application to display

B. Set up an Amazon ElastiCache for Redis cluster to compute and cache the scores for the web application to display.

C. Place an Amazon CloudFront distribution in front of the web application to cache the scoreboard m a section of the application.

D. Create a read replica on Amazon RDS for MySQL to run queries to compute the scoreboard and serve the read traffic to the web application.

Correct Answer: D


Question 7:

A solutions architect is creating a data processing job that runs once daily and can take up to 2 hours to complete If the job is interrupted, it has to restart from the beginning How should the solutions architect address this issue in the MOST cost-effective manner?

A. Create a script that runs locally on an Amazon EC2 Reserved Instance that is triggered by a cron job.

B. Create an AWS Lambda function triggered by an Amazon EventBridge (Amazon CloudWatch Events} scheduled event

C. Use an Amazon Elastic Container Service (Amazon ECS) Fargate task triggered by an Amazon EventBridge (Amazon CloudWatch Events) scheduled event.

D. Use an Amazon Elastic Container Service (Amazon ECS) task running on Amazon EC2 triggered by an Amazon EventBridge (Amazon CloudWatch Events) scheduled event.

Correct Answer: C


Question 8:

A solutions architect is designing an architecture to run a third-party database server. The database software Is memory intensive and has a CPU-based licensing model where the cost Increases with the number of vCPU cores within the operating system. The solutions architect must select an Amazon EC2 instance with sufficient memory to run the database software, but the selected instance has a large number of vCPUs. The solutions architect must ensure that the vCPUs will not be underutilized and must minimize costs. Which solution meets these requirements?

A. Select and launch a smaller EC2 instance with an appropriate number of vCPUs.

B. Configure the CPU cores and threads on the selected EC2 instance during instance launch

C. Create a new EC2 instance and ensure multithreading is enabled when configuring the instance details.

D. Create a new Capacity Reservation and select the appropriate instance type Launch the instance into this new Capacity Reservation

Correct Answer: A


Question 9:

A solutions architect is redesigning a monolithic application to be a loosely coupled application composed of two microservices: Microservice A and Microservice B Microservice A places messages in a mam Amazon Simple Queue Service (Amazon SQS) queue for Microservice B to consume When Microservice B fails to process a message after four retries, the message needs to be removed from the queue and stored for further investigation.

What should the solutions architect do to meet these requirements?

A. Create an SQS dead-letter queue Microservice B adds failed messages to that queue after it receives and fails to process the message four times.

B. Create an SQS dead-letter queue Configure the main SQS queue to deliver messages to the dead-letter queue after the message has been received four times.

C. Create an SQS queue for failed messages Microservice A adds failed messages to that queue after Microservice B receives and fails to process the message four times.

D. Create an SQS queue for failed messages. Configure the SQS queue for failed messages to pull messages from the main SQS queue after the original message has been received four times.

Correct Answer: B

https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letterqueues.html#sqs-dead-letter-queues-how-they-work


Question 10:

A company uses on-premises servers to host its applications. The company is running out of storage capacity. The applications use both block storage and NFS storage. The company needs a high-performing solution that supports local caching without re-architecting its existing applications.

Which combination of actions should a solutions architect take to meet these requirements? (Select TWO.)

A. Mount Amazon S3 as a file system to the on-premises servers.

B. Deploy an AWS Storage Gateway file gateway to replace NFS storage

C. Deploy AWS Snowball Edge to provision NFS mounts to on-premises servers.

D. Deploy an AWS Storage Gateway volume gateway to replace the block storage.

E. Deploy Amazon Elastic Fife System (Amazon EFS) volumes and mount them to on-premises servers.

Correct Answer: BD


Question 11:

A company is building its web application using containers on AWS. The company requires three instances of the web application to run at all times. The application must be able to scale to meet increases in demand. Management is extremely sensitive to cost but agrees that the application should be highly available.

What should a solutions architect recommend?

A. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Fargate launch type.Create a task definition for the web application. Create an ECS service with a desired count of three tasks.

B. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Amazon EC2 launch type with three container instances in one Availability Zone. Create a task definition for the web application. Place one task for each container instance.

C. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Fargate launch type with one container instance in three different Availability Zones. Create a task definition for the web application. Create an ECS service with a desired count of three tasks.

D. Create an Amazon Elastic Container Service (Amazon ECS) cluster using the Amazon EC2 launch type with one container instance in two different Availability Zones. Create a task definition for the web application. Place two tasks on one container instance and one task on the remaining container instance.

Correct Answer: D


Question 12:

A development team stores its Amazon RDS MySQL DB instance user name and password credentials in a configuration file. The configuration file is stored as plaintext on the root device volume of the team\’s Amazon EC2 instance. When the team\’s application needs to reach the database, it reads the file and loads the credentials into the code. The team has modified the permissions of the configuration file so that only the application can read its content A solutions architect must design a more secure solution.

What should the solutions architect do to meet this requirement?

A. Store the configuration file in Amazon S3. Grant the application access to read the configuration file.

B. Create an IAM role with permission to access the database Attach this IAM role to the EC2 instance.

C. Enable SSL connections on the database instance. Alter the database user to require SSL when logging in.

D. Move the configuration file to an EC2 instance store, and create an Amazon Machine Image (AMI) of the instance. Launch new instances from this AMI.

Correct Answer: D


Question 13:

A solutions architect is creating a new VPC design. There are two public subnet for the load balancer, two private subnets for web servers, and two private subnets for MySQL. The web serves use only HTTPS. The solutions architect has already created a security group for the load Balancer allowing port 443 from

0.0 0.0/0. Company policy requires that each resource has the least access required to still be able to

perform its tasks.

Which additional configuration strategy should the solution architect use to meet these requirements?

A. Create a security group far the web servers and allow port 443 from 0.0.0.070. Create a security group tor the MySQL serve\’s aid allow port 3306 from the web servers security group.

B. Create a network ACL for the web servers and allow port 443 from 0.0.0.0/0. Create a network ACL for the MySQL servers and allow port 3306 from the web servers security group

C. Create a security group for the web servers and allow port 443 from the load balancer. Create a security group tor the MySQL servers and allow port 3306 from the web sewers security group

D. Create a network ACL for the web servers and allow port 443 from the web balancer. Create a network ACL for the MySQL servers and allow port 3306 from the web servers security group.

Correct Answer: C


Question 14:

A company runs an application on an Amazon EC2 instance Backed by Amazon Elastic Block Store (Amazon EBS). The instance needs to be available for 12 hours daily. The company wants to save costs by making the instance unavailable outside the window required for the application However the contents of the instance\’s memory must be preserved whenever the instance is unavailable.

What should a solutions architect do lo meet this requirement?

A. Stop the instance outside the application\’s availability window. Start up the Instance again when required.

B. Hibernate tie instance outside the application\’s availability window. Start up the instance again when required.

C. Use Auto Scaling to scale down the instance outside the application\’s availability window. Scale up the instance when required.

D. Terminate the instance outside the application\’s availability window Launch the instance by using a preconfigured Amazon Machine Image (AMI) when required

Correct Answer: A


Question 15:

A company Is migrating lo the AWS Cloud. A file server is the first workload to migrate. Users must be able

to access the file share using the Server Message Block (SMB) protocol.

Which AWS managed service meets these requirements?

A. Amazon EBS

B. Amazon EC2

C. Amazon FSx

D. Amazon S3

Correct Answer: C