A company runs an application using Amazon ECS. The application creates resized versions of an original image and then makes Amazon S3 API calls to store the resized images in Amazon S3.How can a solutions architect ensure that the application has permission to access Amazon S3?
Answer(s): B
A short summary: The correct answer is B because ECS tasks need an IAM role assigned via taskRoleArn to grant S3 access from within the container.A) Incorrect: Updating an S3 role and relaunching the container is not how ECS task permissions are applied; the proper mechanism is an IAM role attached to the task, not a generic S3 role at the service level.C) Incorrect: Security groups control network traffic, not IAM permissions to S3.D) Incorrect: IAM users are for humans or long-lived credentials; using an IAM user and EC2 login is not scalable or appropriate for ECS task permissions.
A company has a Windows-based application that must be migrated to AWS. The application requires the use of a shared Windows file system attached to multiple Amazon EC2 Windows instances that are deployed across multiple Availability Zone:What should a solutions architect do to meet this requirement?
Amazon FSx for Windows File Server provides a managed, shared Windows file system accessible concurrently from multiple EC2 Windows instances across AZs, meeting the requirement.A) AWS Storage Gateway in volume gateway mode is for on-premises integration or hybrid storage, not a native shared file system across EC2s across AZs.C) EFS is not optimal for Windows-native SMB workloads and has higher latency/compatibility concerns on Windows compared to FSx for Windows.D) EBS volumes cannot be shared among multiple EC2 instances; they are block storage attached to a single instance (or via clustering, not directly shared across AZs in this scenario).B) correct: FSx for Windows File Server is designed for this use case.
A company is developing an ecommerce application that will consist of a load-balanced front end, a container-based application, and a relational database. A solutions architect needs to create a highly available solution that operates with as little manual intervention as possible.Which solutions meet these requirements? (Choose two.)
Answer(s): A,D
A) RDS Multi-AZ provides synchronous failover and automatic backups for a relational database, delivering high availability with minimal manual intervention.D) ECS with Fargate offers serverless compute for containers, automatic scaling, and managed orchestration, enabling a highly available, low-management container deployment.B) While replicas in another AZ can improve read scalability, it does not guarantee automated failover of the primary and still requires management for writes.C) EC2-based Docker cluster requires infrastructure management and does not provide the same level of managed high availability as Fargate with ECS.E) EC2 launch type requires provisioning and managing EC2 instances, increasing management overhead and not as automated as Fargate.
A company uses Amazon S3 as its data lake. The company has a new partner that must use SFTP to upload data files. A solutions architect needs to implement a highly available SFTP solution that minimizes operational overhead.Which solution will meet these requirements?
Answer(s): A
AWS Transfer Family provides a managed, highly available SFTP service with an S3 backend, eliminating the need to manage servers and infrastructure, meeting high availability and low operational overhead. A) uses this fully managed service with a public endpoint and S3 as the destination, delivering HA and minimal ops. B) S3 File Gateway is for on-premises file access with a cached gateway and does not support SFTP natively; not suitable for partner SFTP needs. C) and D) require managing EC2, networking, and cron-based uploads, increasing maintenance and potential failure points. Thus A is the correct, most resilient option.
A company needs to store contract documents. A contract lasts for 5 years. During the 5-year period, the company must ensure that the documents cannot be overwritten or deleted. The company needs to encrypt the documents at rest and rotate the encryption keys automatically every year.Which combination of steps should a solutions architect take to meet these requirements with the LEAST operational overhead? (Choose two.)
Answer(s): B,D
S3 Object Lock in compliance mode with S3 storage ensures immutability for the 5-year retention period, and S3 managed keys with KMS customer managed keys with automatic rotation provides at-rest encryption with automated key rotation for long-term data. A is governance mode allows override and does not guarantee immutability for the full period. C uses SSE-S3 with no key rotation control by customer; no immutability guarantee. E uses imported keys which require manual rotation and key management outside AWS; higher overhead and not the best fit for automatic rotation. D provides strong encryption with automated rotation; B ensures non-erasable retention.
A company has a web application that is based on Java and PHP. The company plans to move the application from on premises to AWS. The company needs the ability to test new site features frequently. The company also needs a highly available and managed solution that requires minimum operational overhead.Which solution will meet these requirements?
The correct answer is B because Elastic Beanstalk provides a fully managed platform for Java/PHP apps with automated provisioning, monitoring, and scaling, enabling frequent feature testing via multiple environments and URL swapping, with minimal operational overhead.A is incorrect because S3 static hosting with Lambda for dynamic content is not a managed Java/PHP web app solution and lacks full server runtime management and easy feature-branch testing.C is incorrect due to higher operational overhead from managing EC2, as well as manual scaling and patching, not as suitable for rapid feature testing.D is incorrect because routing between containers on EC2 adds complexity; Elastic Beanstalk abstracts this, offering simpler CI/CD-like environment swapping.
A company has an ordering application that stores customer information in Amazon RDS for MySQL. During regular business hours, employees run one-time queries for reporting purposes. Timeouts are occurring during order processing because the reporting queries are taking a long time to run. The company needs to eliminate the timeouts without preventing employees from performing queries.What should a solutions architect do to meet these requirements?
The correct answer is A. Creating a read replica and directing reporting queries to it offloads long-running read operations from the primary DB instance, reducing timeouts for the ordering application while still allowing staff to run reports.B is incorrect because distributing the application to both primary and read replica is unnecessary and could complicate write consistency and routing. C is incorrect because DynamoDB migration is not addressing relational queries and introduces data model and application changes; it’s not required for this scenario. D is incorrect because scheduling during non-peak hours mitigates impact but fails to meet requirement of allowing reporting during regular business hours.
A hospital wants to create digital copies for its large collection of historical written records. The hospital will continue to add hundreds of new documents each day. The hospital’s data team will scan the documents and will upload the documents to the AWS Cloud.A solutions architect must implement a solution to analyze the documents, extract the medical information, and store the documents so that an application can run SQL queries on the data. The solution must maximize scalability and operational efficiency.Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)
Answer(s): B,E
B) Using S3 for storage with Athena to query the data leverages scalable, serverless analytics directly on object storage, satisfying scalability and operational efficiency.E) Lambda triggered on upload uses Textract to extract text and Comprehend Medical to identify medical information, providing scalable, serverless OCR and NLP for medical data extraction.A) EC2 MySQL adds management overhead and is not scalable for continuous, high-volume ingestion.C) Auto Scaling EC2 for a custom app increases operational complexity and maintenance.D) Rekognition is not optimal for OCR/text extraction of documents; Transcribe Medical is suited for audio, not text documents.
Share your comments for Amazon SAA-C02 exam with other users:
very helpful
i need this exam
nice questions... are these questions the same of the exam?
need to view
highly appreciate for your sharing.
kindly share this dump. thank you
link plz for download
data quality oecd
rman is one good recovery technology
need it thx
good questions
good one nice revision
i love this thank you i need
question # 142: data governance is not one of the deliverables in the document and content management context diagram.
most answers not correct here
what % of questions do we get in the real exam?
i just want to tell you. i took my microsoft az-104 exam and passed it. your program was awesome. i especially liked your detailed questions and answers and practice tests that made me well-prepared for the exam. thanks to this website!!!
all the best
very usefull document
nice and helpful questions
i found the questions helpful
q 105 . ans is d
i have interest to get a sybase iq dba certification
want to pass exm.
are the answers correct?
good morning, could you please upload this exam again, i need it to test my knowledge in sd-wan with version 7.0.
very nice question
i have learning disability and this exam dumps allowed me to focus on the actual questions and not worry about notes and the those other study materials.
165 should be apt
please upload the dumps, real need of them
any recent feeedback?
question number 2 is indicating you are giving proper questions. observe and change properly.
passed today.40% questions were new.litwere case study,lots of new questions on afd,ratelimit,tm,lb,app gatway.got 2 set series of questions which are not present here.questions on azure cyclecloud, no.of vnet/vms required for implimentation,blueprints assignment/management group etc
practice test