Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. AWS Certified Solutions Architect - Associate

Amazon AWS Certified Solutions Architect - Associate SAA-C03 AWS Certified Solutions Architect - Associate Exam Questions in PDF

Free Amazon AWS Certified Solutions Architect - Associate Dumps Questions (page: 8)

AWS Certified Solutions Architect - Associate PDF — 903 Questions

A company is running a popular social media website. The website gives users the ability to upload images to share with other users. The company wants to make sure that the images do not contain inappropriate content. The company needs a solution that minimizes development effort.
What should a solutions architect do to meet these requirements?

  1. Use Amazon Comprehend to detect inappropriate content. Use human review for low-confidence predictions.
  2. Use Amazon Rekognition to detect inappropriate content. Use human review for low-confidence predictions.
  3. Use Amazon SageMaker to detect inappropriate content. Use ground truth to label low-confidence predictions.
  4. Use AWS Fargate to deploy a custom machine learning model to detect inappropriate content. Use ground truth to label low-confidence predictions.

Answer(s): B

Explanation:

Amazon Rekognition provides built-in image moderation with pre-trained content classifiers suitable for user-uploaded images and minimizes development effort; low-confidence predictions can be routed to human review. A) Comprehend is for text, not image content. C) SageMaker requires building/training a model, increasing effort. D) Fargate with a custom model adds unnecessary complexity compared to managed Rekognition. A and C also misalign with image content detection scope or require more customization. B correctly uses a managed service for image moderation with optional human review for uncertain cases.



A company wants to run its critical applications in containers to meet requirements for scalability and availability. The company prefers to focus on maintenance of the critical applications. The company does not want to be responsible for provisioning and managing the underlying infrastructure that runs the containerized workload.
What should a solutions architect do to meet these requirements?

  1. Use Amazon EC2 instances, and install Docker on the instances.
  2. Use Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 worker nodes.
  3. Use Amazon Elastic Container Service (Amazon ECS) on AWS Fargate.
  4. Use Amazon EC2 instances from an Amazon Elastic Container Service (Amazon ECS)-optimized Amazon Machine Image (AMI).

Answer(s): C

Explanation:

F) The correct answer is C. Using Amazon ECS on AWS Fargate runs containers without managing underlying servers, aligning with the requirement to avoid provisioning and managing infrastructure.
A) ECS on EC2 requires managing EC2 instances and Docker runtime, increasing maintenance.
B) ECS on EC2 again delegates to EC2 hosts you must manage, not meeting the no-infrastructure-management goal.
D) ECS-optimized AMI on EC2 still requires patching and managing the EC2 instances and OS.



A company hosts more than 300 global websites and applications. The company requires a platform to analyze more than 30 TB of clickstream data each day.
What should a solutions architect do to transmit and process the clickstream data?

  1. Design an AWS Data Pipeline to archive the data to an Amazon S3 bucket and run an Amazon EMR cluster with the data to generate analytics.
  2. Create an Auto Scaling group of Amazon EC2 instances to process the data and send it to an Amazon S3 data lake for Amazon Redshift to use for analysis.
  3. Cache the data to Amazon CloudFront. Store the data in an Amazon S3 bucket. When an object is added to the S3 bucket. run an AWS Lambda function to process the data for analysis.
  4. Collect the data from Amazon Kinesis Data Streams. Use Amazon Kinesis Data Firehose to transmit the data to an Amazon S3 data lake. Load the data in Amazon Redshift for analysis.

Answer(s): D

Explanation:

Collecting with Kinesis Data Streams and delivering via Kinesis Data Firehose to an S3 data lake provides scalable, real-time ingest for large-scale clickstream data and seamless loading into Redshift for analytics.
A) Data Pipeline is deprecated for new workloads; EMR processing after archiving adds latency and complexity.
B) Auto Scaling EC2 approach lacks managed streaming and built-in real-time ingestion; Redshift requires ETL steps not streamlined here.
C) CloudFront caching is for content delivery, not durable data capture; Serverless Lambda processing is not suited for 30 TB/day streaming without complex orchestration.
D) Correct: end-to-end managed streaming with Kinesis, durable S3 lake, and Redshift analytics.



A company has a website hosted on AWS. The website is behind an Application Load Balancer (ALB) that is configured to handle HTTP and HTTPS separately. The company wants to forward all requests to the website so that the requests will use HTTPS.
What should a solutions architect do to meet this requirement?

  1. Update the ALB's network ACL to accept only HTTPS traffic.
  2. Create a rule that replaces the HTTP in the URL with HTTPS.
  3. Create a listener rule on the ALB to redirect HTTP traffic to HTTPS.
  4. Replace the ALB with a Network Load Balancer configured to use Server Name Indication (SNI).

Answer(s): C

Explanation:

A) Create a listener rule on the ALB to redirect HTTP traffic to HTTPS.
C) Correct because ALB listener rules can perform redirects from HTTP to HTTPS, ensuring all traffic uses TLS without changing clients. This keeps end-to-end encryption and uses the appropriate 301/302 redirect to the HTTPS endpoint.
B) Replacing HTTP in the URL is not a built-in ALB capability; ALB cannot modify schemes by string replacement in requests.
A) Updating network ACLs to only allow HTTPS disrupts legitimate initial connections and does not guarantee proper TLS termination or redirects at the ALB.
D) Replacing with a Network Load Balancer does not provide an application-layer redirect capability to enforce HTTPS and SNI is not relevant to this requirement.



A company is developing a two-tier web application on AWS. The company's developers have deployed the application on an Amazon EC2 instance that connects directly to a backend Amazon RDS database. The company must not hardcode database credentials in the application. The company must also implement a solution to automatically rotate the database credentials on a regular basis.
Which solution will meet these requirements with the LEAST operational overhead?

  1. Store the database credentials in the instance metadata. Use Amazon EventBridge (Amazon CloudWatch Events) rules to run a scheduled AWS Lambda function that updates the RDS credentials and instance metadata at the same time.
  2. Store the database credentials in a configuration file in an encrypted Amazon S3 bucket. Use Amazon EventBridge (Amazon CloudWatch Events) rules to run a scheduled AWS Lambda function that updates the RDS credentials and the credentials in the configuration file at the same time. Use S3 Versioning to ensure the ability to fall back to previous values.
  3. Store the database credentials as a secret in AWS Secrets Manager. Turn on automatic rotation for the secret. Attach the required permission to the EC2 role to grant access to the secret.
  4. Store the database credentials as encrypted parameters in AWS Systems Manager Parameter Store. Turn on automatic rotation for the encrypted parameters. Attach the required permission to the EC2 role to grant access to the encrypted parameters.

Answer(s): C

Explanation:

Storing credentials in AWS Secrets Manager with automatic rotation provides secure, centralized credential management and seamless rotation without hardcoding, and EC2 can access the secret via its IAM role.
A) Storing in instance metadata is insecure and not designed for credential rotation; updating metadata is not supported for secret rotation.
B) Encrypted S3 config files require custom rotation logic and risk of stale applications; not ideal for automatic, centralized rotation.
C) CORRECT: Secrets Manager supports automatic rotation and fine-grained IAM access for EC2.
D) Parameter Store rotation exists but Secrets Manager offers richer rotation and easier credential management; more suitable for automatic rotation with minimal ops.



A company is deploying a new public web application to AWS. The application will run behind an Application Load Balancer (ALB). The application needs to be encrypted at the edge with an SSL/TLS certificate that is issued by an external certificate authority (CA). The certificate must be rotated each year before the certificate expires.
What should a solutions architect do to meet these requirements?

  1. Use AWS Certificate Manager (ACM) to issue an SSL/TLS certificate. Apply the certificate to the ALB. Use the managed renewal feature to automatically rotate the certificate.
  2. Use AWS Certificate Manager (ACM) to issue an SSL/TLS certificate. Import the key material from the certificate. Apply the certificate to the ALUse the managed renewal feature to automatically rotate the certificate.
  3. Use AWS Certificate Manager (ACM) Private Certificate Authority to issue an SSL/TLS certificate from the root CA. Apply the certificate to the ALB. Use the managed renewal feature to automatically rotate the certificate.
  4. Use AWS Certificate Manager (ACM) to import an SSL/TLS certificate. Apply the certificate to the ALB. Use Amazon EventBridge (Amazon CloudWatch Events) to send a notification when the certificate is nearing expiration. Rotate the certificate manually.

Answer(s): D

Explanation:

ACM certificates cannot be imported; ACMs public certificates are issued only by ACM or public CAs managed by ACM. The correct approach is to import a externally issued certificate into ACM for use with the ALB and manually rotate before expiration, since ACM does not automatically rotate externally issued certificates. A) Incorrect because ACM cannot auto-rotate externally issued certificates. B) Incorrect because you cannot import key material to ACM-certified certificates for automatic rotation; ACM manages keys for public certificates. C) Incorrect because ACM Private CA issues privately trusted certificates, but automatic rotation still isn’t automatic for externally issued public certs and adds unnecessary complexity. D) Correct: import external certificate, attach to ALB, and set alerts for manual rotation before expiry.



A company runs its infrastructure on AWS and has a registered base of 700,000 users for its document management application. The company intends to create a product that converts large .pdf files to .jpg image files. The .pdf files average 5 MB in size. The company needs to store the original files and the converted files. A solutions architect must design a scalable solution to accommodate demand that will grow rapidly over time.
Which solution meets these requirements MOST cost-effectively?

  1. Save the .pdf files to Amazon S3. Configure an S3 PUT event to invoke an AWS Lambda function to convert the files to .jpg format and store them back in Amazon S3.
  2. Save the .pdf files to Amazon DynamoDUse the DynamoDB Streams feature to invoke an AWS Lambda function to convert the files to .jpg format and store them back in DynamoD
  3. Upload the .pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2 instances, Amazon Elastic Block Store (Amazon EBS) storage, and an Auto Scaling group. Use a program in the EC2 instances to convert the files to .jpg format. Save the .pdf files and the .jpg files in the EBS store.
  4. Upload the .pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2 instances, Amazon Elastic File System (Amazon EFS) storage, and an Auto Scaling group. Use a program in the EC2 instances to convert the file to .jpg format. Save the .pdf files and the .jpg files in the EBS store.

Answer(s): A

Explanation:

A) This serverless approach leverages S3 storage, event-driven Lambda processing, and on-demand scaling with virtually unlimited concurrency, minimizing cost for variable load and large file processing. S3 PUT events trigger Lambda to convert and store JPEGs back in S3, avoiding EC2, EBS, or managed servers.
B) DynamoDB is a NoSQL database, not suitable for storing large binary files or for file processing pipelines without additional services; using DynamoDB Streams with Lambda does not address file storage or processing efficiently.
C) Elastic Beanstalk with EC2 and EBS is scalable but requires managing servers and storage; ongoing costs are higher than a serverless solution for sporadic or growing demand.
D) EB with EFS still incurs EC2 management and higher storage costs; mixing EFS with EBS storage is inconsistent and less cost-effective for this use case.



A company has more than 5 TB of file data on Windows file servers that run on premises. Users and applications interact with the data each day.
The company is moving its Windows workloads to AWS. As the company continues this process, the company requires access to AWS and on-premises file storage with minimum latency. The company needs a solution that minimizes operational overhead and requires no significant changes to the existing file access patterns. The company uses an AWS Site-to-Site VPN connection for connectivity to AWS.
What should a solutions architect do to meet these requirements?

  1. Deploy and configure Amazon FSx for Windows File Server on AWS. Move the on-premises file data to FSx for Windows File Server. Reconfigure the workloads to use FSx for Windows File Server on AWS.
  2. Deploy and configure an Amazon S3 File Gateway on premises. Move the on-premises file data to the S3 File Gateway. Reconfigure the on-premises workloads and the cloud workloads to use the S3 File Gateway.
  3. Deploy and configure an Amazon S3 File Gateway on premises. Move the on-premises file data to Amazon S3. Reconfigure the workloads to use either Amazon S3 directly or the S3 File Gateway. depending on each workload's location.
  4. Deploy and configure Amazon FSx for Windows File Server on AWS. Deploy and configure an Amazon FSx File Gateway on premises. Move the on-premises file data to the FSx File Gateway. Configure the cloud workloads to use FSx for Windows File Server on AWS. Configure the on-premises workloads to use the FSx File Gateway.

Answer(s): D

Explanation:

The correct answer D is right because it provides a low-latency, seamless hybrid NAS solution: FSx for Windows File Server on AWS for cloud workloads and an FSx File Gateway on premises to access data locally, preserving on-premises access patterns with minimal changes and centralized management over VPN. A) would require moving all data to managed Windows shares in AWS, increasing cutover risk and latency for on-prem users. B) and C) rely on S3, which is object storage with higher latency for file semantics and insufficient OS-level file share semantics without gateways for on-prem access. D preserves NAS compatibility and hybrid performance.



Viewing page 8 of 129

Share your comments for Amazon AWS Certified Solutions Architect - Associate exam with other users:

1
1234
6/30/2023 3:40:00 AM

can you upload the cis - cpg dumps

Anonymous
D
Did
1/12/2024 3:01:00 AM

q6 = 1. download odt application 2. create a configuration file (xml) 3. setup.exe /download to download the installation files 4. setup.exe /configure to deploy the application

FRANCE
J
John
10/12/2023 12:30:00 PM

great material

Anonymous
D
Dinesh
8/1/2023 2:26:00 PM

could you please upload sap c_arsor_2302 questions? it will be very much helpful.

Anonymous
L
LBert
6/19/2023 10:23:00 AM

vraag 20c: rsa veilig voor symmtrische cryptografie? antwoord c is toch fout. rsa is voor asymmetrische cryptogafie??

NETHERLANDS
G
g
12/22/2023 1:51:00 PM

so far good

UNITED STATES
M
Milos
8/4/2023 9:33:00 AM

question 31 has obviously wrong answers. tls and ssl are used to encrypt data at transit, not at rest.

Serbia And Montenegro
D
Diksha
9/25/2023 2:32:00 AM

pls provide dump for 1z0-1080-23 planning exams

Anonymous
H
H
7/17/2023 4:28:00 AM

could you please upload the exam?

Anonymous
A
Anonymous
9/14/2023 4:47:00 AM

please upload this

UNITED STATES
N
Naveena
1/13/2024 9:55:00 AM

good material

Anonymous
W
WildWilly
1/19/2024 10:43:00 AM

lets see if this is good stuff...

Anonymous
L
Lavanya
11/2/2023 1:53:00 AM

useful information

UNITED STATES
M
Moussa
12/12/2023 5:52:00 AM

intéressant

BURKINA FASO
M
Madan
6/22/2023 9:22:00 AM

thank you for making the interactive questions

Anonymous
V
Vavz
11/2/2023 6:51:00 AM

questions are accurate

Anonymous
S
Su
11/23/2023 4:34:00 AM

i need questions/dumps for this exam.

Anonymous
L
LuvSN
7/16/2023 11:19:00 AM

i need this exam, when will it be uploaded

ROMANIA
M
Mihai
7/19/2023 12:03:00 PM

i need the dumps !

Anonymous
W
Wafa
11/13/2023 3:06:00 AM

very helpful

Anonymous
A
Alokit
7/3/2023 2:13:00 PM

good source

Anonymous
S
Show-Stopper
7/27/2022 11:19:00 PM

my 3rd test and passed on first try. hats off to this brain dumps site.

UNITED STATES
M
Michelle
6/23/2023 4:06:00 AM

please upload it

Anonymous
L
Lele
11/20/2023 11:55:00 AM

does anybody know if are these real exam questions?

EUROPEAN UNION
G
Girish Jain
10/9/2023 12:01:00 PM

are these questions similar to actual questions in the exam? because they seem to be too easy

Anonymous
P
Phil
12/8/2022 11:16:00 PM

i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.

GERMANY
B
BV
6/8/2023 4:35:00 AM

good questions

NETHERLANDS
K
krishna
12/19/2023 2:05:00 AM

valied exam dumps. they were very helpful and i got a pretty good score. i am very grateful for this service and exam questions

Anonymous
P
Pie
9/3/2023 4:56:00 AM

will it help?

INDIA
L
Lucio
10/6/2023 1:45:00 PM

very useful to verify knowledge before exam

POLAND
A
Ajay
5/17/2023 4:54:00 AM

good stuffs

Anonymous
T
TestPD1
8/10/2023 12:19:00 PM

question 17 : responses arent b and c ?

EUROPEAN UNION
N
Nhlanhla
12/13/2023 5:26:00 AM

just passed the exam on my first try using these dumps.

Anonymous
R
Rizwan
1/6/2024 2:18:00 AM

very helpful

INDIA
AI Tutor 👋 I’m here to help!