Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. AWS Certified Solutions Architect - Associate

Amazon AWS Certified Solutions Architect - Associate SAA-C03 AWS Certified Solutions Architect - Associate Exam Questions in PDF

Free Amazon AWS Certified Solutions Architect - Associate Dumps Questions (page: 20)

AWS Certified Solutions Architect - Associate PDF — 903 Questions

A company sells ringtones created from clips of popular songs. The files containing the ringtones are stored in Amazon S3 Standard and are at least 128 KB in size. The company has millions of files, but downloads are infrequent for ringtones older than 90 days. The company needs to save money on storage while keeping the most accessed files readily available for its users.
Which action should the company take to meet these requirements MOST cost-effectively?

  1. Configure S3 Standard-Infrequent Access (S3 Standard-IA) storage for the initial storage tier of the objects.
  2. Move the files to S3 Intelligent-Tiering and configure it to move objects to a less expensive storage tier after 90 days.
  3. Configure S3 inventory to manage objects and move them to S3 Standard-Infrequent Access (S3 Standard-1A) after 90 days.
  4. Implement an S3 Lifecycle policy that moves the objects from S3 Standard to S3 Standard-Infrequent Access (S3 Standard-1A) after 90 days.

Answer(s): D

Explanation:

S) D) is correct because an S3 Lifecycle policy can automatically transition objects from S3 Standard to S3 Standard-IA after 90 days, reducing storage costs for infrequently accessed files while keeping them readily available when needed. A) S3 Standard-IA applies to objects initially; not aligned with the requirement to start in Standard and transition later. B) S3 Intelligent-Tiering may incur unnecessary monitoring fees; though it automatically moves, it is not as cost-optimal for a predictable 90-day access pattern with large number of objects. C) S3 Inventory is a reporting feature, not an automatic data movement mechanism.



A company needs to save the results from a medical trial to an Amazon S3 repository. The repository must allow a few scientists to add new files and must restrict all other users to read-only access. No users can have the ability to modify or delete any files in the repository. The company must keep every file in the repository for a minimum of 1 year after its creation date.
Which solution will meet these requirements?

  1. Use S3 Object Lock in governance mode with a legal hold of 1 year.
  2. Use S3 Object Lock in compliance mode with a retention period of 365 days.
  3. Use an IAM role to restrict all users from deleting or changing objects in the S3 bucket. Use an S3 bucket policy to only allow the IAM role.
  4. Configure the S3 bucket to invoke an AWS Lambda function every time an object is added. Configure the function to track the hash of the saved object so that modified objects can be marked accordingly.

Answer(s): B

Explanation:

S3 Object Lock in compliance mode with a retention period of 365 days ensures immutability for 1 year after creation, meeting the read-only requirement for most users and preventing deletion or modification. Compliance mode enforces write-once-read-many behavior for all objects, regardless of IAM, protecting against both user and account-level changes.
A) Governance mode allows users with special permissions to override, which fails the no-modification requirement.
C) IAM role + bucket policy can block deletes but does not guarantee immutability or prevent override without Object Lock.
D) Lambda hash tracking does not enforce immutability and cannot prevent deletions or modifications.



A large media company hosts a web application on AWS. The company wants to start caching confidential media files so that users around the world will have reliable access to the files. The content is stored in Amazon S3 buckets. The company must deliver the content quickly, regardless of where the requests originate geographically.
Which solution will meet these requirements?

  1. Use AWS DataSync to connect the S3 buckets to the web application.
  2. Deploy AWS Global Accelerator to connect the S3 buckets to the web application.
  3. Deploy Amazon CloudFront to connect the S3 buckets to CloudFront edge servers.
  4. Use Amazon Simple Queue Service (Amazon SQS) to connect the S3 buckets to the web application.

Answer(s): C

Explanation:

A) CloudFront edge servers cache and deliver S3-stored media content from edge locations globally, reducing latency for users worldwide, meeting the requirement for fast, geographically distributed access.
B) Global Accelerator optimizes global application availability and performance for IP endpoints, but it does not cache or serve S3 content from edge locations.
C) CloudFront is a CDN that caches S3 content at edge locations, providing low-latency delivery worldwide.
D) SQS is a queuing service for decoupled workflows and does not provide content caching or geographic acceleration.



A company produces batch data that comes from different databases. The company also produces live stream data from network sensors and application APIs. The company needs to consolidate all the data into one place for business analytics. The company needs to process the incoming data and then stage the data in different Amazon S3 buckets. Teams will later run one-time queries and import the data into a business intelligence tool to show key performance indicators (KPIs).
Which combination of steps will meet these requirements with the LEAST operational overhead? (Choose two.)

  1. Use Amazon Athena for one-time queries. Use Amazon QuickSight to create dashboards for KPIs.
  2. Use Amazon Kinesis Data Analytics for one-time queries. Use Amazon QuickSight to create dashboards for KPIs.
  3. Create custom AWS Lambda functions to move the individual records from the databases to an Amazon Redshift cluster.
  4. Use an AWS Glue extract, transform, and load (ETL) job to convert the data into JSON format. Load the data into multiple Amazon OpenSearch Service (Amazon Elasticsearch Service) clusters.
  5. Use blueprints in AWS Lake Formation to identify the data that can be ingested into a data lake. Use AWS Glue to crawl the source, extract the data, and load the data into Amazon S3 in Apache Parquet format.

Answer(s): A,E

Explanation:

The correct answer is A and E because they provide serverless, low-management data analytics with centralized storage in S3 and efficient querying/visualization. A) Athena enables ad-hoc, one-time queries directly on S3 data, and QuickSight creates KPI dashboards without moving data. E) Lake Formation blueprints simplify data discovery and ingestion, Glue crawlers catalog and ETL into S3 in Apache Parquet, enabling cost-effective, query-optimized storage for analytics. B is higher overhead with Kinesis Data Analytics for ad-hoc queries and doesn’t directly optimize storage formats. C uses custom ETL with Redshift, increasing maintenance. D loads to OpenSearch clusters, not ideal for BI KPIs.



A company stores data in an Amazon Aurora PostgreSQL DB cluster. The company must store all the data for 5 years and must delete all the data after 5 years. The company also must indefinitely keep audit logs of actions that are performed within the database. Currently, the company has automated backups configured for Aurora.
Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)

  1. Take a manual snapshot of the DB cluster.
  2. Create a lifecycle policy for the automated backups.
  3. Configure automated backup retention for 5 years.
  4. Configure an Amazon CloudWatch Logs export for the DB cluster.
  5. Use AWS Backup to take the backups and to keep the backups for 5 years.

Answer(s): D,E

Explanation:

The correct combination ensures long-term audit logs and fixed 5-year data retention using AWS-native controls. D) Configuring an Amazon CloudWatch Logs export for the DB cluster preserves database activity logs indefinitely in CloudWatch Logs, meeting audit retention. E) Using AWS Backup to take and retain backups for 5 years enforces immutable, long-term storage beyond automated DB backups and provides centralized lifecycle management. A) Manual snapshots are not automated retention; B) Lifecycle policy for automated backups is not a defined feature; C) Automated backup retention only applies to retention period, not indefinite audit logging.



A solutions architect is optimizing a website for an upcoming musical event. Videos of the performances will be streamed in real time and then will be available on demand. The event is expected to attract a global online audience.
Which service will improve the performance of both the real-time and on-demand streaming?

  1. Amazon CloudFront
  2. AWS Global Accelerator
  3. Amazon Route 53
  4. Amazon S3 Transfer Acceleration

Answer(s): A

Explanation:

CloudFront leverages a global CDN to cache and deliver both real-time (live) streaming with low latency and on-demand video from edge locations, improving performance for a worldwide audience. It integrates with streaming services and supports adaptive bitrate for live feeds and on-demand content delivery.
A) CloudFront: Correct — global CDN reduces latency for both live and on-demand video.
B) AWS Global Accelerator: Optimizes path to applications but not specifically content caching for media; not ideal for streaming media delivery at scale.
C) Route 53: DNS routing, not content delivery or caching for media streams.
D) S3 Transfer Acceleration: Accelerates uploads/downloads to S3, not optimized streaming delivery.



A company is running a publicly accessible serverless application that uses Amazon API Gateway and AWS Lambda. The application’s traffic recently spiked due to fraudulent requests from botnets.
Which steps should a solutions architect take to block requests from unauthorized users? (Choose two.)

  1. Create a usage plan with an API key that is shared with genuine users only.
  2. Integrate logic within the Lambda function to ignore the requests from fraudulent IP addresses.
  3. Implement an AWS WAF rule to target malicious requests and trigger actions to filter them out.
  4. Convert the existing public API to a private API. Update the DNS records to redirect users to the new API endpoint.
  5. Create an IAM role for each user attempting to access the API. A user will assume the role when making the API call.

Answer(s): A,C

Explanation:

A) Implementing a usage plan with an API key helps restrict access to genuine users and controls quota for the public API, reducing exposure to unauthorized requests.
C) An AWS WAF rule targets malicious traffic (e.g., botnets) at the API Gateway level and can block or rate-limit such requests, mitigating fraudulent traffic before Lambda invocation.
B) Lambda logic to ignore fraudulent IPs is ineffective, as IP spoofing and botnets can evade simple checks and adds processing cost; defense should occur at edge/security layer.
D) Converting to a private API with DNS redirection would disrupt legitimate users and is not suitable for a public-facing service requiring controlled access.
E) Creating an IAM role per user is impractical for public APIs and does not scale; API Gateway IAM is not intended for per-user authentication in this context.



An ecommerce company hosts its analytics application in the AWS Cloud. The application generates about 300 MB of data each month. The data is stored in JSON format. The company is evaluating a disaster recovery solution to back up the data. The data must be accessible in milliseconds if it is needed, and the data must be kept for 30 days.
Which solution meets these requirements MOST cost-effectively?

  1. Amazon OpenSearch Service (Amazon Elasticsearch Service)
  2. Amazon S3 Glacier
  3. Amazon S3 Standard
  4. Amazon RDS for PostgreSQL

Answer(s): C

Explanation:

The correct answer is C) Amazon S3 Standard. It provides durable object storage with millisecond access and suits 30-day retention for JSON data at the lowest cost for frequently accessed backups. S3 Standard offers high durability and availability, meeting DR needs without retrieval delays or extra restore steps.
A) Amazon OpenSearch Service is a search/analytics service, not a cost-effective backup store for 30 days with millisecond access. It adds unnecessary compute and indexing costs.
B) Amazon S3 Glacier is archival storage with retrieval latency ranging from minutes to hours, not millisecond access, and is unsuitable for frequent access.
D) Amazon RDS for PostgreSQL is a relational database service, not a blob storage solution for backups, incurring higher cost and complexity for this use case.



Viewing page 20 of 129

Share your comments for Amazon AWS Certified Solutions Architect - Associate exam with other users:

A
Ade
6/25/2023 1:14:00 PM

good questions

Anonymous
P
Praveen P
11/8/2023 5:18:00 AM

good content

UNITED STATES
A
Anastasiia
12/28/2023 9:06:00 AM

totally not correct answers. 21. you have one gcp account running in your default region and zone and another account running in a non-default region and zone. you want to start a new compute engine instance in these two google cloud platform accounts using the command line interface. what should you do? correct: create two configurations using gcloud config configurations create [name]. run gcloud config configurations activate [name] to switch between accounts when running the commands to start the compute engine instances.

Anonymous
P
Priyanka
7/24/2023 2:26:00 AM

kindly upload the dumps

Anonymous
N
Nabeel
7/25/2023 4:11:00 PM

still learning

Anonymous
G
gure
7/26/2023 5:10:00 PM

excellent way to learn

UNITED STATES
C
ciken
8/24/2023 2:55:00 PM

help so much

Anonymous
B
Biswa
11/20/2023 9:28:00 AM

understand sql col.

Anonymous
S
Saint Pierre
10/24/2023 6:21:00 AM

i would give 5 stars to this website as i studied for az-800 exam from here. it has all the relevant material available for preparation. i got 890/1000 on the test.

Anonymous
R
Rose
7/24/2023 2:16:00 PM

this is nice.

Anonymous
A
anon
10/15/2023 12:21:00 PM

q55- the ridac workflow can be modified using flow designer, correct answer is d not a

UNITED STATES
N
NanoTek3
6/13/2022 10:44:00 PM

by far this is the most accurate exam dumps i have ever purchased. all questions are in the exam. i saw almost 90% of the questions word by word.

UNITED STATES
E
eriy
11/9/2023 5:12:00 AM

i cleared the az-104 exam by scoring 930/1000 on the exam. it was all possible due to this platform as it provides premium quality service. thank you!

UNITED STATES
M
Muhammad Rawish Siddiqui
12/8/2023 8:12:00 PM

question # 232: accessibility, privacy, and innovation are not data quality dimensions.

SAUDI ARABIA
V
Venkat
12/27/2023 9:04:00 AM

looks wrong answer for 443 question, please check and update

Anonymous
V
Varun
10/29/2023 9:11:00 PM

great question

Anonymous
D
Doc
10/29/2023 9:36:00 PM

question: a user wants to start a recruiting posting job posting. what must occur before the posting process can begin? 3 ans: comment- option e is incorrect reason: as part of enablement steps, sap recommends that to be able to post jobs to a job board, a user need to have the correct permission and secondly, be associated with one posting profile at minimum

UNITED KINGDOM
I
It‘s not A
9/17/2023 5:31:00 PM

answer to question 72 is d [sys_user_role]

Anonymous
I
indira m
8/14/2023 12:15:00 PM

please provide the pdf

UNITED STATES
R
ribrahim
8/1/2023 6:05:00 AM

hey guys, just to let you all know that i cleared my 312-38 today within 1 hr with 100 questions and passed. thank you so much brain-dumps.net all the questions that ive studied in this dump came out exactly the same word for word "verbatim". you rock brain-dumps.net!!! section name total score gained score network perimeter protection 16 11 incident response 10 8 enterprise virtual, cloud, and wireless network protection 12 8 application and data protection 13 10 network défense management 10 9 endpoint protection 15 12 incident d

SINGAPORE
A
Andrew
8/23/2023 6:02:00 PM

very helpful

Anonymous
L
latha
9/7/2023 8:14:00 AM

useful questions

GERMANY
I
ibrahim
11/9/2023 7:57:00 AM

page :20 https://exam-dumps.com/snowflake/free-cof-c02-braindumps.html?p=20#collapse_453 q 74: true or false: pipes can be suspended and resumed. true. desc.: pausing or resuming pipes in addition to the pipe owner, a role that has the following minimum permissions can pause or resume the pipe https://docs.snowflake.com/en/user-guide/data-load-snowpipe-intro

FINLAND
F
Franklin Allagoa
7/5/2023 5:16:00 AM

i want hcia exam dumps

Anonymous
S
SSA
12/24/2023 1:18:00 PM

good training

Anonymous
B
BK
8/11/2023 12:23:00 PM

very useful

INDIA
D
Deepika Narayanan
7/13/2023 11:05:00 PM

yes need this exam dumps

Anonymous
B
Blessious Phiri
8/15/2023 3:31:00 PM

these questions are a great eye opener

Anonymous
J
Jagdesh
9/8/2023 8:17:00 AM

thank you for providing these questions and answers. they helped me pass my exam. you guys are great.

CANADA
T
TS
7/18/2023 3:32:00 PM

good knowledge

Anonymous
A
Asad Khan
11/1/2023 2:44:00 AM

answer 10 should be a because only a new project will be created & the organization is the same.

Anonymous
R
Raj
9/12/2023 3:49:00 PM

can you please upload the dump again

UNITED STATES
C
Christian Klein
6/23/2023 1:32:00 PM

is it legit questions from sap certifications ?

UNITED STATES
A
anonymous
1/12/2024 3:34:00 PM

question 16 should be b (changing the connector settings on the monitor) pc and monitor were powered on. the lights on the pc are on indicating power. the monitor is showing an error text indicating that it is receiving power too. this is a clear sign of having the wrong input selected on the monitor. thus, the "connector setting" needs to be switched from hdmi to display port on the monitor so it receives the signal from the pc, or the other way around (display port to hdmi).

UNITED STATES
AI Tutor 👋 I’m here to help!