Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. AWS Certified Solutions Architect - Associate SAA-C03

Amazon AWS Certified Solutions Architect - Associate SAA-C03 AWS Certified Solutions Architect - Associate SAA-C03 Exam Questions in PDF

Free Amazon AWS Certified Solutions Architect - Associate SAA-C03 Dumps Questions (page: 20)

AWS Certified Solutions Architect - Associate SAA-C03 PDF — 903 Questions

A company sells ringtones created from clips of popular songs. The files containing the ringtones are stored in Amazon S3 Standard and are at least 128 KB in size. The company has millions of files, but downloads are infrequent for ringtones older than 90 days. The company needs to save money on storage while keeping the most accessed files readily available for its users.
Which action should the company take to meet these requirements MOST cost-effectively?

  1. Configure S3 Standard-Infrequent Access (S3 Standard-IA) storage for the initial storage tier of the objects.
  2. Move the files to S3 Intelligent-Tiering and configure it to move objects to a less expensive storage tier after 90 days.
  3. Configure S3 inventory to manage objects and move them to S3 Standard-Infrequent Access (S3 Standard-1A) after 90 days.
  4. Implement an S3 Lifecycle policy that moves the objects from S3 Standard to S3 Standard-Infrequent Access (S3 Standard-1A) after 90 days.

Answer(s): D

Explanation:

S) D) is correct because an S3 Lifecycle policy can automatically transition objects from S3 Standard to S3 Standard-IA after 90 days, reducing storage costs for infrequently accessed files while keeping them readily available when needed. A) S3 Standard-IA applies to objects initially; not aligned with the requirement to start in Standard and transition later. B) S3 Intelligent-Tiering may incur unnecessary monitoring fees; though it automatically moves, it is not as cost-optimal for a predictable 90-day access pattern with large number of objects. C) S3 Inventory is a reporting feature, not an automatic data movement mechanism.



A company needs to save the results from a medical trial to an Amazon S3 repository. The repository must allow a few scientists to add new files and must restrict all other users to read-only access. No users can have the ability to modify or delete any files in the repository. The company must keep every file in the repository for a minimum of 1 year after its creation date.
Which solution will meet these requirements?

  1. Use S3 Object Lock in governance mode with a legal hold of 1 year.
  2. Use S3 Object Lock in compliance mode with a retention period of 365 days.
  3. Use an IAM role to restrict all users from deleting or changing objects in the S3 bucket. Use an S3 bucket policy to only allow the IAM role.
  4. Configure the S3 bucket to invoke an AWS Lambda function every time an object is added. Configure the function to track the hash of the saved object so that modified objects can be marked accordingly.

Answer(s): B

Explanation:

S3 Object Lock in compliance mode with a retention period of 365 days ensures immutability for 1 year after creation, meeting the read-only requirement for most users and preventing deletion or modification. Compliance mode enforces write-once-read-many behavior for all objects, regardless of IAM, protecting against both user and account-level changes.
A) Governance mode allows users with special permissions to override, which fails the no-modification requirement.
C) IAM role + bucket policy can block deletes but does not guarantee immutability or prevent override without Object Lock.
D) Lambda hash tracking does not enforce immutability and cannot prevent deletions or modifications.



A large media company hosts a web application on AWS. The company wants to start caching confidential media files so that users around the world will have reliable access to the files. The content is stored in Amazon S3 buckets. The company must deliver the content quickly, regardless of where the requests originate geographically.
Which solution will meet these requirements?

  1. Use AWS DataSync to connect the S3 buckets to the web application.
  2. Deploy AWS Global Accelerator to connect the S3 buckets to the web application.
  3. Deploy Amazon CloudFront to connect the S3 buckets to CloudFront edge servers.
  4. Use Amazon Simple Queue Service (Amazon SQS) to connect the S3 buckets to the web application.

Answer(s): C

Explanation:

A) CloudFront edge servers cache and deliver S3-stored media content from edge locations globally, reducing latency for users worldwide, meeting the requirement for fast, geographically distributed access.
B) Global Accelerator optimizes global application availability and performance for IP endpoints, but it does not cache or serve S3 content from edge locations.
C) CloudFront is a CDN that caches S3 content at edge locations, providing low-latency delivery worldwide.
D) SQS is a queuing service for decoupled workflows and does not provide content caching or geographic acceleration.



A company produces batch data that comes from different databases. The company also produces live stream data from network sensors and application APIs. The company needs to consolidate all the data into one place for business analytics. The company needs to process the incoming data and then stage the data in different Amazon S3 buckets. Teams will later run one-time queries and import the data into a business intelligence tool to show key performance indicators (KPIs).
Which combination of steps will meet these requirements with the LEAST operational overhead? (Choose two.)

  1. Use Amazon Athena for one-time queries. Use Amazon QuickSight to create dashboards for KPIs.
  2. Use Amazon Kinesis Data Analytics for one-time queries. Use Amazon QuickSight to create dashboards for KPIs.
  3. Create custom AWS Lambda functions to move the individual records from the databases to an Amazon Redshift cluster.
  4. Use an AWS Glue extract, transform, and load (ETL) job to convert the data into JSON format. Load the data into multiple Amazon OpenSearch Service (Amazon Elasticsearch Service) clusters.
  5. Use blueprints in AWS Lake Formation to identify the data that can be ingested into a data lake. Use AWS Glue to crawl the source, extract the data, and load the data into Amazon S3 in Apache Parquet format.

Answer(s): A,E

Explanation:

The correct answer is A and E because they provide serverless, low-management data analytics with centralized storage in S3 and efficient querying/visualization. A) Athena enables ad-hoc, one-time queries directly on S3 data, and QuickSight creates KPI dashboards without moving data. E) Lake Formation blueprints simplify data discovery and ingestion, Glue crawlers catalog and ETL into S3 in Apache Parquet, enabling cost-effective, query-optimized storage for analytics. B is higher overhead with Kinesis Data Analytics for ad-hoc queries and doesn’t directly optimize storage formats. C uses custom ETL with Redshift, increasing maintenance. D loads to OpenSearch clusters, not ideal for BI KPIs.



A company stores data in an Amazon Aurora PostgreSQL DB cluster. The company must store all the data for 5 years and must delete all the data after 5 years. The company also must indefinitely keep audit logs of actions that are performed within the database. Currently, the company has automated backups configured for Aurora.
Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)

  1. Take a manual snapshot of the DB cluster.
  2. Create a lifecycle policy for the automated backups.
  3. Configure automated backup retention for 5 years.
  4. Configure an Amazon CloudWatch Logs export for the DB cluster.
  5. Use AWS Backup to take the backups and to keep the backups for 5 years.

Answer(s): D,E

Explanation:

The correct combination ensures long-term audit logs and fixed 5-year data retention using AWS-native controls. D) Configuring an Amazon CloudWatch Logs export for the DB cluster preserves database activity logs indefinitely in CloudWatch Logs, meeting audit retention. E) Using AWS Backup to take and retain backups for 5 years enforces immutable, long-term storage beyond automated DB backups and provides centralized lifecycle management. A) Manual snapshots are not automated retention; B) Lifecycle policy for automated backups is not a defined feature; C) Automated backup retention only applies to retention period, not indefinite audit logging.



A solutions architect is optimizing a website for an upcoming musical event. Videos of the performances will be streamed in real time and then will be available on demand. The event is expected to attract a global online audience.
Which service will improve the performance of both the real-time and on-demand streaming?

  1. Amazon CloudFront
  2. AWS Global Accelerator
  3. Amazon Route 53
  4. Amazon S3 Transfer Acceleration

Answer(s): A

Explanation:

CloudFront leverages a global CDN to cache and deliver both real-time (live) streaming with low latency and on-demand video from edge locations, improving performance for a worldwide audience. It integrates with streaming services and supports adaptive bitrate for live feeds and on-demand content delivery.
A) CloudFront: Correct — global CDN reduces latency for both live and on-demand video.
B) AWS Global Accelerator: Optimizes path to applications but not specifically content caching for media; not ideal for streaming media delivery at scale.
C) Route 53: DNS routing, not content delivery or caching for media streams.
D) S3 Transfer Acceleration: Accelerates uploads/downloads to S3, not optimized streaming delivery.



A company is running a publicly accessible serverless application that uses Amazon API Gateway and AWS Lambda. The application’s traffic recently spiked due to fraudulent requests from botnets.
Which steps should a solutions architect take to block requests from unauthorized users? (Choose two.)

  1. Create a usage plan with an API key that is shared with genuine users only.
  2. Integrate logic within the Lambda function to ignore the requests from fraudulent IP addresses.
  3. Implement an AWS WAF rule to target malicious requests and trigger actions to filter them out.
  4. Convert the existing public API to a private API. Update the DNS records to redirect users to the new API endpoint.
  5. Create an IAM role for each user attempting to access the API. A user will assume the role when making the API call.

Answer(s): A,C

Explanation:

A) Implementing a usage plan with an API key helps restrict access to genuine users and controls quota for the public API, reducing exposure to unauthorized requests.
C) An AWS WAF rule targets malicious traffic (e.g., botnets) at the API Gateway level and can block or rate-limit such requests, mitigating fraudulent traffic before Lambda invocation.
B) Lambda logic to ignore fraudulent IPs is ineffective, as IP spoofing and botnets can evade simple checks and adds processing cost; defense should occur at edge/security layer.
D) Converting to a private API with DNS redirection would disrupt legitimate users and is not suitable for a public-facing service requiring controlled access.
E) Creating an IAM role per user is impractical for public APIs and does not scale; API Gateway IAM is not intended for per-user authentication in this context.



An ecommerce company hosts its analytics application in the AWS Cloud. The application generates about 300 MB of data each month. The data is stored in JSON format. The company is evaluating a disaster recovery solution to back up the data. The data must be accessible in milliseconds if it is needed, and the data must be kept for 30 days.
Which solution meets these requirements MOST cost-effectively?

  1. Amazon OpenSearch Service (Amazon Elasticsearch Service)
  2. Amazon S3 Glacier
  3. Amazon S3 Standard
  4. Amazon RDS for PostgreSQL

Answer(s): C

Explanation:

The correct answer is C) Amazon S3 Standard. It provides durable object storage with millisecond access and suits 30-day retention for JSON data at the lowest cost for frequently accessed backups. S3 Standard offers high durability and availability, meeting DR needs without retrieval delays or extra restore steps.
A) Amazon OpenSearch Service is a search/analytics service, not a cost-effective backup store for 30 days with millisecond access. It adds unnecessary compute and indexing costs.
B) Amazon S3 Glacier is archival storage with retrieval latency ranging from minutes to hours, not millisecond access, and is unsuitable for frequent access.
D) Amazon RDS for PostgreSQL is a relational database service, not a blob storage solution for backups, incurring higher cost and complexity for this use case.



Viewing page 20 of 129

Share your comments for Amazon AWS Certified Solutions Architect - Associate SAA-C03 exam with other users:

A
Amitabha Roy
10/5/2023 3:16:00 AM

planning to attempt for the exam.

Anonymous
AI Tutor 👋 I’m here to help!