Practice Free SAA-C03 Exam Online Questions
A company’s applications run on Amazon EC2 instances in Auto Scaling groups. The company notices that its applications experience sudden traffic increases on random days of the week. The company wants to maintain application performance during sudden traffic increases.
Which solution will meet these requirements MOST cost-effectively?
- A . Use manual scaling to change the size of the Auto Scaling group.
- B . Use predictive scaling to change the size of the Auto Scaling group.
- C . Use dynamic scaling to change the size of the Auto Scaling group.
- D . Use schedule scaling to change the size of the Auto Scaling group
C
Explanation:
Dynamic scaling is a type of autoscaling that automatically adjusts the number of EC2 instances in an Auto Scaling group based on demand or load. It uses CloudWatch alarms to trigger scaling actions when a specified metric crosses a threshold. It can scale out (add instances) or scale in (remove instances) as needed1. By using dynamic scaling, the solution can maintain application performance during sudden traffic increases most cost-effectively.
A solutions architect is investigating compute options for a critical analytics application. The application uses long-running processes to prepare and aggregate data. The processes cannot be interrupted. The application has a known baseline load. The application needs to handle occasional usage surges.
Which solution will meet these requirements MOST cost-effectively?
- A . Create an Amazon EC2 Auto Scaling group. Set the Min capacity and Desired capacity parameters to the number of instances required to handle the baseline load. Purchase Reserved Instances for the Auto Scaling group.
- B . Create an Amazon EC2 Auto Scaling group. Set the Min capacity, Max capacity, and Desired capacity parameters to the number of instances required to handle the baseline load. Use On-Demand Instances to address occasional usage surges.
- C . Create an Amazon EC2 Auto Scaling group. Set the Min capacity and Desired capacity parameters to the number of instances required to handle the baseline load. Purchase Reserved Instances for the Auto Scaling group. Use the OnDemandPercentageAboveBaseCapacity parameter to configure the launch template to launch Spot Instances.
- D . Re-architect the application to use AWS Lambda functions instead of Amazon EC2 instances. Purchase a one-year Compute Savings Plan to reduce the cost of Lambda usage.
A rapidly growing global ecommerce company is hosting its web application on AWS. The web application includes static content and dynamic content. The website stores online transaction processing (OLTP) data in an Amazon RDS database. The website’s users are experiencing slow page loads.
Which combination of actions should a solutions architect take to resolve this issue? (Select TWO.)
- A . Configure an Amazon Redshift cluster.
- B . Set up an Amazon CloudFront distribution
- C . Host the dynamic web content in Amazon S3
- D . Create a t wd replica tor the RDS DB instance.
- E . Configure a Multi-AZ deployment for the RDS DB instance
B, D
Explanation:
To resolve the issue of slow page loads for a rapidly growing e-commerce website hosted on AWS, a solutions architect can take the following two actions:
A company stores sensitive data in Amazon S3 A solutions architect needs to create an encryption solution. The company needs to fully control the ability of users to create, rotate, and disable encryption keys with minimal effort for any data that must be encrypted.
Which solution will meet these requirements?
- A . Use default server-side encryption with Amazon S3 managed encryption keys (SSE-S3) to store the sensitive data
- B . Create a customer managed key by using AWS Key Management Service (AWS KMS). Use the new key to encrypt the S3 objects by using server-side encryption with AWS KMS keys (SSE-KMS).
- C . Create an AWS managed key by using AWS Key Management Service {AWS KMS) Use the new key to encrypt the S3 objects by using server-side encryption with AWS KMS keys (SSE-KMS).
- D . Download S3 objects to an Amazon EC2 instance. Encrypt the objects by using customer managed keys. Upload the encrypted objects back into Amazon S3.
B
Explanation:
Understanding the Requirement: The company needs to control the creation, rotation, and disabling of encryption keys for data stored in S3 with minimal effort.
Analysis of Options:
SSE-S3: Provides server-side encryption using S3 managed keys but does not offer full control over key management.
Customer managed key with AWS KMS (SSE-KMS): Allows the company to fully control key creation, rotation, and disabling, providing a high level of security and compliance.
AWS managed key with AWS KMS (SSE-KMS): While it provides some control, it does not offer the same level of granularity as customer-managed keys.
EC2 instance encryption and re-upload: This approach is operationally intensive and does not leverage AWS managed services for efficient key management.
Best Solution:
Customer managed key with AWS KMS (SSE-KMS): This solution meets the requirement for full control over encryption keys with minimal operational overhead, leveraging AWS managed services for secure key management.
Reference: AWS Key Management Service (KMS)
Amazon S3 Encryption
A company has deployed a database in Amazon RDS for MySQL. Due to increased transactions, the database support team is reporting slow reads against the DB instance and recommends adding a read replica.
Which combination of actions should a solutions architect take before implementing this change? (Choose two.)
- A . Enable binlog replication on the RDS primary node.
- B . Choose a failover priority for the source DB instance.
- C . Allow long-running transactions to complete on the source DB instance.
- D . Create a global table and specify the AWS Regions where the table will be available.
- E . Enable automatic backups on the source instance by setting the backup retention period to a value other than 0.
C, E
Explanation:
"An active, long-running transaction can slow the process of creating the read replica. We recommend that you wait for long-running transactions to complete before creating a read replica. If you create multiple read replicas in parallel from the same source DB instance, Amazon RDS takes only one snapshot at the start of the first create action. When creating a read replica, there are a few things to consider. First, you must enable automatic backups on the source DB instance by setting the backup retention period to a value other than 0. This requirement also applies to a read replica that is the source DB instance for another read replica"https: //docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html
A company recently migrated its entire IT environment to the AWS Cloud. The company discovers that users are provisioning oversized Amazon EC2 instances and modifying security group rules without using the appropriate change control process A solutions architect must devise a strategy to track and audit these inventory and configuration changes.
Which actions should the solutions architect take to meet these requirements? (Select TWO)
- A . Enable AWS CloudTrail and use it for auditing
- B . Use data lifecycie policies for the Amazon EC2 instances
- C . Enable AWS Trusted Advisor and reference the security dashboard
- D . Enable AWS Config and create rules for auditing and compliance purposes
- E . Restore previous resource configurations with an AWS CloudFormation template
A, D
Explanation:
A) Enable AWS CloudTrail and use it for auditing. AWS CloudTrail provides a record of API calls and can be used to audit changes made to EC2 instances and security groups. By analyzing CloudTrail logs, the solutions architect can track who provisioned oversized instances ormodified security groups without proper approval. D) Enable AWS Config and create rules for auditing and compliance purposes. AWS Config can record the configuration changes made to resources like EC2 instances and security groups. The solutions architect can create AWS Config rules to monitor for non-compliant changes, like launching certain instance types or opening security group ports without permission. AWS Config would alert on any violations of these rules.
A company is designing a new web service that will run on Amazon EC2 instances behind an Elastic Load Balancing (ELB) load balancer. However, many of the web service clients can only reach IP
addresses authorized on their firewalls.
What should a solutions architect recommend to meet the clients’ needs?
- A . A Network Load Balancer with an associated Elastic IP address.
- B . An Application Load Balancer with an associated Elastic IP address.
- C . An A record in an Amazon Route 53 hosted zone pointing to an Elastic IP address.
- D . An EC2 instance with a public IP address running as a proxy in front of the load balancer.
A
Explanation:
A Network Load Balancer can be assigned one Elastic IP address for each Availability Zone it uses1. This allows the clients to reach the load balancer using a static IP address that can be authorized on their firewalls. An Application Load Balancer cannot be assigned an Elastic IP address2. An A record in an Amazon Route 53 hosted zone pointing to an Elastic IP address would not work because the load balancer would still use its own IP address as the source of the forwarded requests to the web service. An EC2 instance with a public IP address running as a proxy in front of the load balancer would add unnecessary complexity and cost, and would not provide the same scalability and availability as a Network Load Balancer.
Reference: 1: Network Load Balancers – Elastic Load Balancing3, IP address type section2: .
How to assign Elastic IP to Application Load Balancer in AWS?4, answer section.
A social media company is building a feature for its website. The feature will give users the ability to upload photos. The company expects significant increases in demand during large events and must ensure that the website can handle the upload traffic from users.
Which solution meets these requirements with the MOST scalability?
- A . Upload files from the user’s browser to the application servers. Transfer the files to an Amazon S3 bucket.
- B . Provision an AWS Storage Gateway file gateway. Upload files directly from the user’s browser to the file gateway.
- C . Generate Amazon S3 presigned URLs in the application. Upload files directly from the user’s browser into an S3 bucket.
- D . Provision an Amazon Elastic File System (Amazon EFS) file system Upload files directly from the user’s browser to the file system
C
Explanation:
This approach allows users to upload files directly to S3 without passing through the application servers, reducing the load on the application and improving scalability. It leverages the client-side capabilities to handle the file uploads and offloads the processing to S3.
An application allows users at a company’s headquarters to access product data. The product data is stored in an Amazon RDS MySQL DB instance. The operations team has isolated an application performance slowdown and wants to separate read traffic from write traffic. A solutions architect needs to optimize the application’s performance quickly.
What should the solutions architect recommend?
- A . Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.
- B . Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.
- C . Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.
- D . Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.
D
Explanation:
https: //docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_MySQL.Replication.ReadReplicas.html
A company runs HPC workloads requiring high IOPS.
Which combination of steps will meet these requirements? (Select TWO)
- A . Use Amazon EFS as a high-performance file system.
- B . Use Amazon FSx for Lustre as a high-performance file system.
- C . Create an Auto Scaling group of EC2 instances. Use Reserved Instances. Configure a spread placement group. Use AWS Batch for analytics.
- D . Use Mountpoint for Amazon S3 as a high-performance file system.
- E . Create an Auto Scaling group of EC2 instances. Use mixed instance types and a cluster placement group. Use Amazon EMR for analytics.
B, E
Explanation:
Option B: FSx for Lustre is designed for HPC workloads with high IOPS.
Option E: A cluster placement group ensures low-latency networking for HPC analytics workloads.
Option A: Amazon EFS is not optimized for HPC.
Option D: Mountpoint for S3 does not meet high IOPS needs.