A company's application integrates with multiple software-as-a-service (SaaS) sources for data collection. The company runs Amazon EC2 instances to receive the data and to upload the data to an Amazon S3 bucket for analysis. The same EC2 instance that receives and uploads the data also sends a notification to the user when an upload is complete. The company has noticed slow application performance and wants to improve the performance as much as possible.Which solution will meet these requirements with the LEAST operational overhead?
Answer(s): B
The flow-based integration reduces overhead by orchestrating data transfer from multiple SaaS sources to S3 and notifying on completion without managing EC2-based logic, providing scalability with minimal ops.A) Autoscaling focuses on scaling EC2 but does not optimize SaaS-to-S3 data transfer orchestration or reduce manual management; adds complexity for notifications. B) AppFlow handles SaaS-to-S3 data transfers natively, scales automatically, and can trigger SNS on completion with minimal configuration, meeting the low-operational overhead requirement. C) EventBridge rules for each SaaS source introduce multiple rules and custom routing logic; increases maintenance and latency. D) Migrating to ECS adds container orchestration overhead and requires managing containerized deployments, not as low-op as AppFlow.
A company runs a highly available image-processing application on Amazon EC2 instances in a single VPC. The EC2 instances run inside several subnets across multiple Availability Zones. The EC2 instances do not communicate with each other. However, the EC2 instances download images from Amazon S3 and upload images to Amazon S3 through a single NAT gateway. The company is concerned about data transfer charges.What is the MOST cost-effective way for the company to avoid Regional data transfer charges?
Answer(s): C
The correct answer is C.A) Not necessary; NAT gateway per AZ increases cost and still routes through NAT, not reducing S3 data transfer charges. B) NAT instances may save on hourly costs but require management and don’t eliminate Regional data transfer when accessing S3. C) Gateway VPC endpoint for S3 enables private S3 access over the AWS network, avoiding data transfer charges between AZs and within the VPC to S3. D) EC2 Dedicated Host has no impact on S3 data transfer costs and is unrelated to egress/ingress routing or regional data transfer.
A company has an on-premises application that generates a large amount of time-sensitive data that is backed up to Amazon S3. The application has grown and there are user complaints about internet bandwidth limitations. A solutions architect needs to design a long-term solution that allows for both timely backups to Amazon S3 and with minimal impact on internet connectivity for internal users.Which solution meets these requirements?
A) VPN plus VPC gateway endpoint is not sufficient for large, time-sensitive backups and would still use internet bandwidth, not addressing long-term scaling or internal bandwidth needs.B) Direct Connect provides a dedicated, low-latency, high-bandwidth path for backup traffic, reducing internet reliance and supporting timely S3 data transfers, meeting both latency and bandwidth goals.C) Snowball is for offline, bulk data transfer not suitable for continuous or daily time-sensitive backups and introduces operational overhead and timing gaps.D) Requesting removal of S3 limits does not address network bandwidth or backup performance; it only alters quotas without solution for data transfer path.
A company has an Amazon S3 bucket that contains critical data. The company must protect the data from accidental deletion.Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)
Answer(s): A,B
Enabling versioning preserves previous object versions, allowing recovery from accidental deletions. Enabling MFA Delete requires MFA to permanently delete object versions, adding protection against intentional or accidental deletions. A) Correct: versioning preserves data; B) Correct: MFA Delete provides an additional deletion safeguard. C) Bucket policy alone does not prevent deletions unless combined with specific deny rules; D) Default encryption protects data at rest but not deletion protection; E) Lifecycle policies manage data aging/transition, not deletion protection.
A company has a data ingestion workflow that consists of the following:• An Amazon Simple Notification Service (Amazon SNS) topic for notifications about new data deliveries• An AWS Lambda function to process the data and record metadataThe company observes that the ingestion workflow fails occasionally because of network connectivity issues. When such a failure occurs, the Lambda function does not ingest the corresponding data unless the company manually reruns the job.Which combination of actions should a solutions architect take to ensure that the Lambda function ingests all data in the future? (Choose two.)
Answer(s): B,E
The correct options B and E address decoupling and reliable processing. B ensures messages published to SNS are persisted in an SQS queue, enabling durable delivery even when the Lambda or network is temporarily unavailable. E enables the Lambda to poll and process messages from SQS, decoupling ingestion from real-time delivery and providing retries for failed invocations. A is incorrect because Lambda already runs within multiple AZs; it doesn’t guarantee ingestion retry semantics. C is not relevant to reliability under transient network failures; CPU/memory won’t guarantee retries. D is incorrect because Lambda is not provisioned throughput-based; it uses concurrency limits, not throughput units.
A company has an application that provides marketing services to stores. The services are based on previous purchases by store customers. The stores upload transaction data to the company through SFTP, and the data is processed and analyzed to generate new marketing offers. Some of the files can exceed 200 GB in size.Recently, the company discovered that some of the stores have uploaded files that contain personally identifiable information (PII) that should not have been included. The company wants administrators to be alerted if PII is shared again. The company also wants to automate remediation.What should a solutions architect do to meet these requirements with the LEAST development effort?
S3 + Macie provides scalable, low-effort PII discovery with automated remediation and alerting, minimizing development work.A) Incorrect: Inspector is for security assessments of EC2 and on-prem assets, not scalable S3 object PII scanning; lifecycle removal would be manual/configured but not aligned with PII discovery.B) Correct: Macie automatically discovers PII in S3, can alert via SNS for remediation, and requires minimal custom code.C) Incorrect: Custom Lambda requires building and maintaining scanning logic for PII, increasing development effort; lacks the built-in PII discovery capabilities of Macie.D) Incorrect: Uses SES for alerts (email) and lifecycle, but requires custom scanning; more friction and less robust alerting than Macie + SNS.
A company needs guaranteed Amazon EC2 capacity in three specific Availability Zones in a specific AWS Region for an upcoming event that will last 1 week.What should the company do to guarantee the EC2 capacity?
Answer(s): D
Creating an On-Demand Capacity Reservation (ODCR) across the specific region and all three AZs guarantees EC2 capacity for the defined time window, ensuring availability even if competing demands occur. It reserves the exact instances in the chosen AZs for the duration of the event.A) Incorrect: Reserved Instances provide discounted pricing, not guaranteed capacity or explicit AZ-level reservations for a time-bound event.B) Incorrect: ODCR in a region without specifying AZs does not guarantee multi-AZ capacity.C) Incorrect: RI region- and AZ-specific reservations exist for pricing benefits, but RIs do not guarantee capacity for a fixed period.
A company's website uses an Amazon EC2 instance store for its catalog of items. The company wants to make sure that the catalog is highly available and that the catalog is stored in a durable location.What should a solutions architect do to meet these requirements?
The correct answer is D.A) Not correct because EC2 instance store is ephemeral and does not provide durability or high availability; data is lost on stop, termination, or failure.B) Not correct; increasing instance size does not protect against instance failure or data loss in the ephemeral store, and it still lacks durable, shared storage.C) Not correct; S3 Glacier Deep Archive is for long-term archival, not high availability or low-latency access for catalog data.D) Correct because Amazon EFS provides a durable, scalable, shared file system accessible from multiple instances, enabling high availability and data durability beyond a single EC2 instance.
Share your comments for Amazon SAA-C02 exam with other users:
impressivre qustion
questions seem helpful
good content
question 21 answer is alerts
am preparing for exam
good one thanks
only got thru 5 questions, need more to evaluate
q26 should be b
the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
need to attend this
these are free brain dumps i understand, how can one get free pdf
provide access
good morning
please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys
question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5
yes i m prepared exam
my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!
great course
very good question
question: 93 which statement is true regarding the result? sales contain 6 columns and values contain 7 columns so c is not right answer.
highly recommend just passed my exam.
great practice! thanks
anyone who wrote this exam recently?
kindly share the dump
could you please upload cfe fraud prevention and deterrence questions? it will be very much helpful.
this is really very very helpful for mcd level 1
very helpful!
question #18s answer should be a, not d. this should be corrected. it should be minvalidityperiod
thanks for the exact solution
need to refer the questions and have to give the exam
i need it right now if it was possible please
i need it very much please share it in the fastest time.
correct answer is d for student.java program
q:37 c is correct