Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. AWS Certified Solutions Architect - Associate

Amazon AWS Certified Solutions Architect - Associate SAA-C03 AWS Certified Solutions Architect - Associate Exam Questions in PDF

Free Amazon AWS Certified Solutions Architect - Associate Dumps Questions (page: 21)

AWS Certified Solutions Architect - Associate PDF — 903 Questions

A company has a small Python application that processes JSON documents and outputs the results to an on-premises SQL database. The application runs thousands of times each day. The company wants to move the application to the AWS Cloud. The company needs a highly available solution that maximizes scalability and minimizes operational overhead.
Which solution will meet these requirements?

  1. Place the JSON documents in an Amazon S3 bucket. Run the Python code on multiple Amazon EC2 instances to process the documents. Store the results in an Amazon Aurora DB cluster.
  2. Place the JSON documents in an Amazon S3 bucket. Create an AWS Lambda function that runs the Python code to process the documents as they arrive in the S3 bucket. Store the results in an Amazon Aurora DB cluster.
  3. Place the JSON documents in an Amazon Elastic Block Store (Amazon EBS) volume. Use the EBS Multi-Attach feature to attach the volume to multiple Amazon EC2 instances. Run the Python code on the EC2 instances to process the documents. Store the results on an Amazon RDS DB instance.
  4. Place the JSON documents in an Amazon Simple Queue Service (Amazon SQS) queue as messages. Deploy the Python code as a container on an Amazon Elastic Container Service (Amazon ECS) cluster that is configured with the Amazon EC2 launch type. Use the container to process the SQS messages. Store the results on an Amazon RDS DB instance.

Answer(s): B

Explanation:

The correct answer is B because using S3 with a Lambda function provides serverless, highly available, and scalable processing as events arrive, with minimal operational overhead; the Python code runs in managed Lambda execution environments and results can be stored in Aurora for relational queries.
A) While scalable, EC2-based processing requires managing instances and scaling, increasing operational overhead compared to Lambda.
C) EBS Multi-Attach is for shared block storage, not ideal for stateless serverless processing; EC2 management and availability concerns remain.
D) ECS with EC2 requires cluster management and scaling; SQS decoupling adds latency and operational overhead versus a direct Lambda-triggered workflow.



A company wants to use high performance computing (HPC) infrastructure on AWS for financial risk modeling. The company’s HPC workloads run on Linux. Each HPC workflow runs on hundreds of Amazon EC2 Spot Instances, is short-lived, and generates thousands of output files that are ultimately stored in persistent storage for analytics and long-term future use.
The company seeks a cloud storage solution that permits the copying of on-premises data to long-term persistent storage to make data available for processing by all EC2 instances. The solution should also be a high performance file system that is integrated with persistent storage to read and write datasets and output files.
Which combination of AWS services meets these requirements?

  1. Amazon FSx for Lustre integrated with Amazon S3
  2. Amazon FSx for Windows File Server integrated with Amazon S3
  3. Amazon S3 Glacier integrated with Amazon Elastic Block Store (Amazon EBS)
  4. Amazon S3 bucket with a VPC endpoint integrated with an Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2) volume

Answer(s): A

Explanation:

Amazon FSx for Lustre integrated with Amazon S3 provides a high-performance parallel file system (Lustre) for HPC workloads and can automatically link with S3 for persistent storage, enabling on-demand data ingest from on-premises and long-term storage with parallel read/write across hundreds of EC2 Spot Instances.
A) Correct. FSx for Lustre + S3 offers HPC-optimized throughput, Lustre metadata management, and scalable storage with durable S3 backing.
B) FSx for Windows File Server is a Windows-based file system, not optimized for Linux HPC workloads and Lustre-like performance.
C) S3 Glacier is archival storage with retrieval delays, not a high-performance file system for HPC read/write workloads.
D) S3 with EBS gp2 is not a unified HPC file system; lacks built-in parallel file system semantics and seamless on-demand data ingest from on-premises.



A company is building a containerized application on premises and decides to move the application to AWS. The application will have thousands of users soon after it is deployed. The company is unsure how to manage the deployment of containers at scale. The company needs to deploy the containerized application in a highly available architecture that minimizes operational overhead.
Which solution will meet these requirements?

  1. Store container images in an Amazon Elastic Container Registry (Amazon ECR) repository. Use an Amazon Elastic Container Service (Amazon ECS) cluster with the AWS Fargate launch type to run the containers. Use target tracking to scale automatically based on demand.
  2. Store container images in an Amazon Elastic Container Registry (Amazon ECR) repository. Use an Amazon Elastic Container Service (Amazon ECS) cluster with the Amazon EC2 launch type to run the containers. Use target tracking to scale automatically based on demand.
  3. Store container images in a repository that runs on an Amazon EC2 instance. Run the containers on EC2 instances that are spread across multiple Availability Zones. Monitor the average CPU utilization in Amazon CloudWatch. Launch new EC2 instances as needed.
  4. Create an Amazon EC2 Amazon Machine Image (AMI) that contains the container image. Launch EC2 instances in an Auto Scaling group across multiple Availability Zones. Use an Amazon CloudWatch alarm to scale out EC2 instances when the average CPU utilization threshold is breached.

Answer(s): A

Explanation:

AWS Fargate with ECS provides a serverless, highly available, and low-operational-overhead container deployment that scales automatically based on demand, without managing underlying EC2 instances. A uses ECR+ECS with Fargate and target tracking, meeting HA and scalability with minimal ops.
B uses ECS with EC2 launch type, which requires managing EC2 instances, increasing operational overhead.
C relies on self-managed EC2 scaling and manual capacity planning, increasing complexity and maintenance.
D uses traditional EC2 AMIs and Auto Scaling groups, which involves more management and less abstraction for containerized workloads.



A company has two applications: a sender application that sends messages with payloads to be processed and a processing application intended to receive the messages with payloads. The company wants to implement an AWS service to handle messages between the two applications. The sender application can send about 1,000 messages each hour. The messages may take up to 2 days to be processed: If the messages fail to process, they must be retained so that they do not impact the processing of any remaining messages.
Which solution meets these requirements and is the MOST operationally efficient?

  1. Set up an Amazon EC2 instance running a Redis database. Configure both applications to use the instance. Store, process, and delete the messages, respectively.
  2. Use an Amazon Kinesis data stream to receive the messages from the sender application. Integrate the processing application with the Kinesis Client Library (KCL).
  3. Integrate the sender and processor applications with an Amazon Simple Queue Service (Amazon SQS) queue. Configure a dead-letter queue to collect the messages that failed to process.
  4. Subscribe the processing application to an Amazon Simple Notification Service (Amazon SNS) topic to receive notifications to process. Integrate the sender application to write to the SNS topic.

Answer(s): C

Explanation:

SQS with a standard queue and a dead-letter queue meets the throughput, message retention (up to 14 days by default, configurable), and exactly-once-like processing guarantees via idempotent processing, while decoupling sender and processor for operational efficiency.
A) EC2/Redis requires managing infrastructure, does not guarantee durable retention or message processing semantics, and adds operational burden.
B) Kinesis is streaming with limited message retention (default 24 hours, extended) and higher complexity; not ideal for per-message retry/dead-letter semantics.
D) SNS is pub/sub, not a durable queue; messages may be lost if no subscribers, and it lacks robust retry/dead-letter semantics for processing failures.



A solutions architect must design a solution that uses Amazon CloudFront with an Amazon S3 origin to store a static website. The company’s security policy requires that all website traffic be inspected by AWS WAF.
How should the solutions architect comply with these requirements?

  1. Configure an S3 bucket policy to accept requests coming from the AWS WAF Amazon Resource Name (ARN) only.
  2. Configure Amazon CloudFront to forward all incoming requests to AWS WAF before requesting content from the S3 origin.
  3. Configure a security group that allows Amazon CloudFront IP addresses to access Amazon S3 only. Associate AWS WAF to CloudFront.
  4. Configure Amazon CloudFront and Amazon S3 to use an origin access identity (OAI) to restrict access to the S3 bucket. Enable AWS WAF on the distribution.

Answer(s): D

Explanation:

CloudFront with an origin access identity (OAI) ensures CloudFront is the sole requester to S3, preventing direct S3 access, while enabling WAF to inspect traffic at the CloudFront distribution.
A) S3 bucket policy with WAF ARN does not integrate WAF inspection on requests; WAF sits in front of CloudFront, not via S3 bucket policy.
B) WAF is associated with CloudFront, but you don’t forward requests to WAF before S3; WAF sits at the edge in front of CloudFront, not between CloudFront and S3.
C) Security groups and CloudFront IPs are not applicable to S3 access control; WAF attachment is on CloudFront, not via SGs.



Organizers for a global event want to put daily reports online as static HTML pages. The pages are expected to generate millions of views from users around the world. The files are stored in an Amazon S3 bucket. A solutions architect has been asked to design an efficient and effective solution.
Which action should the solutions architect take to accomplish this?

  1. Generate presigned URLs for the files.
  2. Use cross-Region replication to all Regions.
  3. Use the geoproximity feature of Amazon Route 53.
  4. Use Amazon CloudFront with the S3 bucket as its origin.

Answer(s): D

Explanation:

Using Amazon CloudFront with the S3 bucket as its origin provides a global content delivery network that caches static HTML and serves from edge locations worldwide, reducing latency and handling high request volumes efficiently.
A) Presigned URLs are for time-limited access control, not for global caching or performance of static pages.
B) Cross-Region replication copies data between buckets, not performance or global delivery for static content.
C) Route 53 geoproximity affects DNS routing, but does not optimize content delivery or caching for static hosting.
D) Correct: CloudFront edge caching and low-latency delivery from edge locations best meets the requirements.



A company runs a production application on a fleet of Amazon EC2 instances. The application reads the data from an Amazon SQS queue and processes the messages in parallel. The message volume is unpredictable and often has intermittent traffic. This application should continually process messages without any downtime.
Which solution meets these requirements MOST cost-effectively?

  1. Use Spot Instances exclusively to handle the maximum capacity required.
  2. Use Reserved Instances exclusively to handle the maximum capacity required.
  3. Use Reserved Instances for the baseline capacity and use Spot Instances to handle additional capacity.
  4. Use Reserved Instances for the baseline capacity and use On-Demand Instances to handle additional capacity.

Answer(s): D

Explanation:

Using Reserved Instances for baseline capacity provides cost savings for steady-state load, while On-Demand instances cover variable, unpredictable spikes without long-term commitment, ensuring continuous processing without downtime at the lowest overall cost for variable traffic.
A) Incorrect: Spot Instances are cost-effective but can interrupt, risking downtime for production processing.
B) Incorrect: Reserved Instances alone fix capacity and can lead to idle or insufficient capacity during spikes; not cost-optimal for variable traffic.
C) Incorrect: Mixing RI with Spot can risk interruption during spikes and adds complexity; Spot interruptions may cause downtime, not ideal for continuous processing.
D) Correct: Baseline with RI plus On-Demand for variability balances cost and reliability for unpredictable queue-driven load.



A security team wants to limit access to specific services or actions in all of the team’s AWS accounts. All accounts belong to a large organization in AWS Organizations. The solution must be scalable and there must be a single point where permissions can be maintained.
What should a solutions architect do to accomplish this?

  1. Create an ACL to provide access to the services or actions.
  2. Create a security group to allow accounts and attach it to user groups.
  3. Create cross-account roles in each account to deny access to the services or actions.
  4. Create a service control policy in the root organizational unit to deny access to the services or actions.

Answer(s): D

Explanation:

A single Service Control Policy (SCP) in the Organizations root OU provides centralized, scalable permission boundaries for all member accounts, enforcing deny/allow across the entire organization. This is the correct approach for a single-point-of-maintenance solution. A) ACLs are not applicable to AWS service permissions at scale across accounts. B) Security groups control network traffic, not IAM permissions across accounts. C) Cross-account roles would require configuring in each account and do not provide centralized policy enforcement. D) SCPs are the correct, scalable mechanism for centralized permission control in AWS Organizations.



Viewing page 21 of 129

Share your comments for Amazon AWS Certified Solutions Architect - Associate exam with other users:

D
Diran Ole
9/17/2023 5:15:00 PM

great exam prep

CANADA
V
Venkata Subbarao Bandaru
6/24/2023 8:45:00 AM

i require dump

Anonymous
D
D
7/15/2023 1:38:00 AM

good morning, could you please upload this exam again,

Anonymous
A
Ann
9/15/2023 5:39:00 PM

hi can you please upload the dumps for sap contingent module. thanks

AUSTRALIA
S
Sridhar
1/16/2024 9:19:00 PM

good questions

Anonymous
S
Summer
10/4/2023 9:57:00 PM

looking forward to the real exam

Anonymous
V
vv
12/2/2023 2:45:00 PM

good ones for exam preparation

UNITED STATES
D
Danny Zas
9/15/2023 4:45:00 AM

this is a good experience

UNITED STATES
S
SM 1211
10/12/2023 10:06:00 PM

hi everyone

UNITED STATES
A
A
10/2/2023 6:08:00 PM

waiting for the dump. please upload.

UNITED STATES
A
Anonymous
7/16/2023 11:05:00 AM

upload cks exam questions

Anonymous
J
Johan
12/13/2023 8:16:00 AM

awesome training material

NETHERLANDS
P
PC
7/28/2023 3:49:00 PM

where is dump

Anonymous
Y
YoloStar Yoloing
10/22/2023 9:58:00 PM

q. 289 - the correct answer should be b not d, since the question asks for the most secure way to provide access to a s3 bucket (a single one), and by principle of the least privilege you should not be giving access to all buckets.

Anonymous
Z
Zelalem Nega
5/14/2023 12:45:00 PM

please i need if possible h12-831,

UNITED KINGDOM
U
unknown-R
11/23/2023 7:36:00 AM

good collection of questions and solution for pl500 certification

UNITED STATES
S
Swaminathan
5/11/2023 9:59:00 AM

i would like to appear the exam.

Anonymous
V
Veenu
10/24/2023 6:26:00 AM

i am very happy as i cleared my comptia a+ 220-1101 exam. i studied from as it has all exam dumps and mock tests available. i got 91% on the test.

Anonymous
K
Karan
5/17/2023 4:26:00 AM

need this dump

Anonymous
R
Ramesh Kutumbaka
12/30/2023 11:17:00 PM

its really good to eventuate knowledge before appearing for the actual exam.

Anonymous
A
anonymous
7/20/2023 10:31:00 PM

this is great

CANADA
X
Xenofon
6/26/2023 9:35:00 AM

please i want the questions to pass the exam

UNITED STATES
D
Diego
1/21/2024 8:21:00 PM

i need to pass exam

Anonymous
V
Vichhai
12/25/2023 3:25:00 AM

great, i appreciate it.

AUSTRALIA
P
P Simon
8/25/2023 2:39:00 AM

please could you upload (isc)2 certified in cybersecurity (cc) exam questions

SOUTH AFRICA
K
Karim
10/8/2023 8:34:00 PM

good questions, wrong answers

Anonymous
I
Itumeleng
1/6/2024 12:53:00 PM

im preparing for exams

Anonymous
M
MS
1/19/2024 2:56:00 PM

question no: 42 isnt azure vm an iaas solution? so, shouldnt the answer be "no"?

Anonymous
K
keylly
11/28/2023 10:10:00 AM

im study azure

Anonymous
D
dorcas
9/22/2023 8:08:00 AM

i need this now

Anonymous
T
treyf
11/9/2023 5:13:00 AM

i took the aws saa-c03 test and scored 935/1000. it has all the exam dumps and important info.

UNITED STATES
A
anonymous
1/11/2024 4:50:00 AM

good questions

Anonymous
A
Anjum
9/23/2023 6:22:00 PM

well explained

Anonymous
T
Thakor
6/7/2023 11:52:00 PM

i got the full version and it helped me pass the exam. pdf version is very good.

INDIA
AI Tutor 👋 I’m here to help!