Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. AWS Certified Solutions Architect - Associate

Amazon AWS Certified Solutions Architect - Associate SAA-C03 AWS Certified Solutions Architect - Associate Exam Questions in PDF

Free Amazon AWS Certified Solutions Architect - Associate Dumps Questions (page: 24)

AWS Certified Solutions Architect - Associate PDF — 903 Questions

A company runs an application using Amazon ECS. The application creates resized versions of an original image and then makes Amazon S3 API calls to store the resized images in Amazon S3.
How can a solutions architect ensure that the application has permission to access Amazon S3?

  1. Update the S3 role in AWS IAM to allow read/write access from Amazon ECS, and then relaunch the container.
  2. Create an IAM role with S3 permissions, and then specify that role as the taskRoleArn in the task definition.
  3. Create a security group that allows access from Amazon ECS to Amazon S3, and update the launch configuration used by the ECS cluster.
  4. Create an IAM user with S3 permissions, and then relaunch the Amazon EC2 instances for the ECS cluster while logged in as this account.

Answer(s): B

Explanation:

A short summary: The correct answer is B because ECS tasks need an IAM role assigned via taskRoleArn to grant S3 access from within the container.
A) Incorrect: Updating an S3 role and relaunching the container is not how ECS task permissions are applied; the proper mechanism is an IAM role attached to the task, not a generic S3 role at the service level.
C) Incorrect: Security groups control network traffic, not IAM permissions to S3.
D) Incorrect: IAM users are for humans or long-lived credentials; using an IAM user and EC2 login is not scalable or appropriate for ECS task permissions.



A company has a Windows-based application that must be migrated to AWS. The application requires the use of a shared Windows file system attached to multiple Amazon EC2 Windows instances that are deployed across multiple Availability Zone:
What should a solutions architect do to meet this requirement?

  1. Configure AWS Storage Gateway in volume gateway mode. Mount the volume to each Windows instance.
  2. Configure Amazon FSx for Windows File Server. Mount the Amazon FSx file system to each Windows instance.
  3. Configure a file system by using Amazon Elastic File System (Amazon EFS). Mount the EFS file system to each Windows instance.
  4. Configure an Amazon Elastic Block Store (Amazon EBS) volume with the required size. Attach each EC2 instance to the volume. Mount the file system within the volume to each Windows instance.

Answer(s): B

Explanation:

Amazon FSx for Windows File Server provides a managed, shared Windows file system accessible concurrently from multiple EC2 Windows instances across AZs, meeting the requirement.
A) AWS Storage Gateway in volume gateway mode is for on-premises integration or hybrid storage, not a native shared file system across EC2s across AZs.
C) EFS is not optimal for Windows-native SMB workloads and has higher latency/compatibility concerns on Windows compared to FSx for Windows.
D) EBS volumes cannot be shared among multiple EC2 instances; they are block storage attached to a single instance (or via clustering, not directly shared across AZs in this scenario).
B) correct: FSx for Windows File Server is designed for this use case.



A company is developing an ecommerce application that will consist of a load-balanced front end, a container-based application, and a relational database. A solutions architect needs to create a highly available solution that operates with as little manual intervention as possible.
Which solutions meet these requirements? (Choose two.)

  1. Create an Amazon RDS DB instance in Multi-AZ mode.
  2. Create an Amazon RDS DB instance and one or more replicas in another Availability Zone.
  3. Create an Amazon EC2 instance-based Docker cluster to handle the dynamic application load.
  4. Create an Amazon Elastic Container Service (Amazon ECS) cluster with a Fargate launch type to handle the dynamic application load.
  5. Create an Amazon Elastic Container Service (Amazon ECS) cluster with an Amazon EC2 launch type to handle the dynamic application load.

Answer(s): A,D

Explanation:

A) RDS Multi-AZ provides synchronous failover and automatic backups for a relational database, delivering high availability with minimal manual intervention.
D) ECS with Fargate offers serverless compute for containers, automatic scaling, and managed orchestration, enabling a highly available, low-management container deployment.
B) While replicas in another AZ can improve read scalability, it does not guarantee automated failover of the primary and still requires management for writes.
C) EC2-based Docker cluster requires infrastructure management and does not provide the same level of managed high availability as Fargate with ECS.
E) EC2 launch type requires provisioning and managing EC2 instances, increasing management overhead and not as automated as Fargate.



A company uses Amazon S3 as its data lake. The company has a new partner that must use SFTP to upload data files. A solutions architect needs to implement a highly available SFTP solution that minimizes operational overhead.
Which solution will meet these requirements?

  1. Use AWS Transfer Family to configure an SFTP-enabled server with a publicly accessible endpoint. Choose the S3 data lake as the destination.
  2. Use Amazon S3 File Gateway as an SFTP server. Expose the S3 File Gateway endpoint URL to the new partner. Share the S3 File Gateway endpoint with the new partner.
  3. Launch an Amazon EC2 instance in a private subnet in a VPInstruct the new partner to upload files to the EC2 instance by using a VPN. Run a cron job script, on the EC2 instance to upload files to the S3 data lake.
  4. Launch Amazon EC2 instances in a private subnet in a VPC. Place a Network Load Balancer (NLB) in front of the EC2 instances. Create an SFTP listener port for the NLB. Share the NLB hostname with the new partner. Run a cron job script on the EC2 instances to upload files to the S3 data lake.

Answer(s): A

Explanation:

AWS Transfer Family provides a managed, highly available SFTP service with an S3 backend, eliminating the need to manage servers and infrastructure, meeting high availability and low operational overhead. A) uses this fully managed service with a public endpoint and S3 as the destination, delivering HA and minimal ops. B) S3 File Gateway is for on-premises file access with a cached gateway and does not support SFTP natively; not suitable for partner SFTP needs. C) and D) require managing EC2, networking, and cron-based uploads, increasing maintenance and potential failure points. Thus A is the correct, most resilient option.



A company needs to store contract documents. A contract lasts for 5 years. During the 5-year period, the company must ensure that the documents cannot be overwritten or deleted. The company needs to encrypt the documents at rest and rotate the encryption keys automatically every year.
Which combination of steps should a solutions architect take to meet these requirements with the LEAST operational overhead? (Choose two.)

  1. Store the documents in Amazon S3. Use S3 Object Lock in governance mode.
  2. Store the documents in Amazon S3. Use S3 Object Lock in compliance mode.
  3. Use server-side encryption with Amazon S3 managed encryption keys (SSE-S3). Configure key rotation.
  4. Use server-side encryption with AWS Key Management Service (AWS KMS) customer managed keys. Configure key rotation.
  5. Use server-side encryption with AWS Key Management Service (AWS KMS) customer provided (imported) keys. Configure key rotation.

Answer(s): B,D

Explanation:

S3 Object Lock in compliance mode with S3 storage ensures immutability for the 5-year retention period, and S3 managed keys with KMS customer managed keys with automatic rotation provides at-rest encryption with automated key rotation for long-term data. A is governance mode allows override and does not guarantee immutability for the full period. C uses SSE-S3 with no key rotation control by customer; no immutability guarantee. E uses imported keys which require manual rotation and key management outside AWS; higher overhead and not the best fit for automatic rotation. D provides strong encryption with automated rotation; B ensures non-erasable retention.



A company has a web application that is based on Java and PHP. The company plans to move the application from on premises to AWS. The company needs the ability to test new site features frequently. The company also needs a highly available and managed solution that requires minimum operational overhead.
Which solution will meet these requirements?

  1. Create an Amazon S3 bucket. Enable static web hosting on the S3 bucket. Upload the static content to the S3 bucket. Use AWS Lambda to process all dynamic content.
  2. Deploy the web application to an AWS Elastic Beanstalk environment. Use URL swapping to switch between multiple Elastic Beanstalk environments for feature testing.
  3. Deploy the web application to Amazon EC2 instances that are configured with Java and PHP. Use Auto Scaling groups and an Application Load Balancer to manage the website’s availability.
  4. Containerize the web application. Deploy the web application to Amazon EC2 instances. Use the AWS Load Balancer Controller to dynamically route traffic between containers that contain the new site features for testing.

Answer(s): B

Explanation:

The correct answer is B because Elastic Beanstalk provides a fully managed platform for Java/PHP apps with automated provisioning, monitoring, and scaling, enabling frequent feature testing via multiple environments and URL swapping, with minimal operational overhead.
A is incorrect because S3 static hosting with Lambda for dynamic content is not a managed Java/PHP web app solution and lacks full server runtime management and easy feature-branch testing.
C is incorrect due to higher operational overhead from managing EC2, as well as manual scaling and patching, not as suitable for rapid feature testing.
D is incorrect because routing between containers on EC2 adds complexity; Elastic Beanstalk abstracts this, offering simpler CI/CD-like environment swapping.



A company has an ordering application that stores customer information in Amazon RDS for MySQL. During regular business hours, employees run one-time queries for reporting purposes. Timeouts are occurring during order processing because the reporting queries are taking a long time to run. The company needs to eliminate the timeouts without preventing employees from performing queries.
What should a solutions architect do to meet these requirements?

  1. Create a read replica. Move reporting queries to the read replica.
  2. Create a read replica. Distribute the ordering application to the primary DB instance and the read replica.
  3. Migrate the ordering application to Amazon DynamoDB with on-demand capacity.
  4. Schedule the reporting queries for non-peak hours.

Answer(s): A

Explanation:

The correct answer is A. Creating a read replica and directing reporting queries to it offloads long-running read operations from the primary DB instance, reducing timeouts for the ordering application while still allowing staff to run reports.
B is incorrect because distributing the application to both primary and read replica is unnecessary and could complicate write consistency and routing. C is incorrect because DynamoDB migration is not addressing relational queries and introduces data model and application changes; it’s not required for this scenario. D is incorrect because scheduling during non-peak hours mitigates impact but fails to meet requirement of allowing reporting during regular business hours.



A hospital wants to create digital copies for its large collection of historical written records. The hospital will continue to add hundreds of new documents each day. The hospital’s data team will scan the documents and will upload the documents to the AWS Cloud.
A solutions architect must implement a solution to analyze the documents, extract the medical information, and store the documents so that an application can run SQL queries on the data. The solution must maximize scalability and operational efficiency.
Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)

  1. Write the document information to an Amazon EC2 instance that runs a MySQL database.
  2. Write the document information to an Amazon S3 bucket. Use Amazon Athena to query the data.
  3. Create an Auto Scaling group of Amazon EC2 instances to run a custom application that processes the scanned files and extracts the medical information.
  4. Create an AWS Lambda function that runs when new documents are uploaded. Use Amazon Rekognition to convert the documents to raw text. Use Amazon Transcribe Medical to detect and extract relevant medical information from the text.
  5. Create an AWS Lambda function that runs when new documents are uploaded. Use Amazon Textract to convert the documents to raw text. Use Amazon Comprehend Medical to detect and extract relevant medical information from the text.

Answer(s): B,E

Explanation:

B) Using S3 for storage with Athena to query the data leverages scalable, serverless analytics directly on object storage, satisfying scalability and operational efficiency.
E) Lambda triggered on upload uses Textract to extract text and Comprehend Medical to identify medical information, providing scalable, serverless OCR and NLP for medical data extraction.
A) EC2 MySQL adds management overhead and is not scalable for continuous, high-volume ingestion.
C) Auto Scaling EC2 for a custom app increases operational complexity and maintenance.
D) Rekognition is not optimal for OCR/text extraction of documents; Transcribe Medical is suited for audio, not text documents.



Viewing page 24 of 129

Share your comments for Amazon AWS Certified Solutions Architect - Associate exam with other users:

C
Chris
8/26/2023 1:10:00 AM

looking for c1000-158: ibm cloud technical advocate v4 questions

Anonymous
S
sachin
6/27/2023 1:22:00 PM

can you share the pdf

Anonymous
B
Blessious Phiri
8/13/2023 10:26:00 AM

admin ii is real technical stuff

Anonymous
L
Luis Manuel
7/13/2023 9:30:00 PM

could you post the link

UNITED STATES
V
vijendra
8/18/2023 7:54:00 AM

hello send me dumps

Anonymous
S
Simeneh
7/9/2023 8:46:00 AM

it is very nice

Anonymous
J
john
11/16/2023 5:13:00 PM

i gave the amazon dva-c02 tests today and passed. very helpful.

Anonymous
T
Tao
11/20/2023 8:53:00 AM

there is an incorrect word in the problem statement. for example, in question 1, there is the word "speci c". this is "specific. in the other question, there is the word "noti cation". this is "notification. these mistakes make this site difficult for me to use.

Anonymous
P
patricks
10/24/2023 6:02:00 AM

passed my az-120 certification exam today with 90% marks. studied using the dumps highly recommended to all.

Anonymous
A
Ananya
9/14/2023 5:17:00 AM

i need it, plz make it available

UNITED STATES
J
JM
12/19/2023 2:41:00 PM

q47: intrusion prevention system is the correct answer, not patch management. by definition, there are no patches available for a zero-day vulnerability. the way to prevent an attacker from exploiting a zero-day vulnerability is to use an ips.

UNITED STATES
R
Ronke
8/18/2023 10:39:00 AM

this is simple but tiugh as well

Anonymous
C
CesarPA
7/12/2023 10:36:00 PM

questão 4, segundo meu compilador local e o site https://www.jdoodle.com/online-java-compiler/, a resposta correta é "c" !

UNITED STATES
J
Jeya
9/13/2023 7:50:00 AM

its very useful

INDIA
T
Tracy
10/24/2023 6:28:00 AM

i mastered my skills and aced the comptia 220-1102 exam with a score of 920/1000. i give the credit to for my success.

Anonymous
J
James
8/17/2023 4:33:00 PM

real questions

UNITED STATES
A
Aderonke
10/23/2023 1:07:00 PM

very helpful assessments

UNITED KINGDOM
S
Simmi
8/24/2023 7:25:00 AM

hi there, i would like to get dumps for this exam

AUSTRALIA
J
johnson
10/24/2023 5:47:00 AM

i studied for the microsoft azure az-204 exam through it has 100% real questions available for practice along with various mock tests. i scored 900/1000.

GERMANY
M
Manas
9/9/2023 1:48:00 AM

please upload 1z0-1072-23 exam dups

UNITED STATES
S
SB
9/12/2023 5:15:00 AM

i was hoping if you could please share the pdf as i’m currently preparing to give the exam.

Anonymous
J
Jagjit
8/26/2023 5:01:00 PM

i am looking for oracle 1z0-116 exam

UNITED STATES
S
S Mallik
11/27/2023 12:32:00 AM

where we can get the answer to the questions

Anonymous
P
PiPi Li
12/12/2023 8:32:00 PM

nice questions

NETHERLANDS
D
Dan
8/10/2023 4:19:00 PM

question 129 is completely wrong.

UNITED STATES
G
gayathiri
7/6/2023 12:10:00 AM

i need dump

UNITED STATES
D
Deb
8/15/2023 8:28:00 PM

love the site.

UNITED STATES
M
Michelle
6/23/2023 4:08:00 AM

can you please upload it back?

Anonymous
A
Ajay
10/3/2023 12:17:00 PM

could you please re-upload this exam? thanks a lot!

Anonymous
H
him
9/30/2023 2:38:00 AM

great about shared quiz

Anonymous
S
San
11/14/2023 12:46:00 AM

goood helping

Anonymous
W
Wang
6/9/2022 10:05:00 PM

pay attention to questions. they are very tricky. i waould say about 80 to 85% of the questions are in this exam dump.

UNITED STATES
M
Mary
5/16/2023 4:50:00 AM

wish you would allow more free questions

Anonymous
T
thomas
9/12/2023 4:28:00 AM

great simulation

Anonymous
AI Tutor 👋 I’m here to help!