A company is running a popular social media website. The website gives users the ability to upload images to share with other users. The company wants to make sure that the images do not contain inappropriate content. The company needs a solution that minimizes development effort.What should a solutions architect do to meet these requirements?
Answer(s): B
Amazon Rekognition provides built-in image moderation with pre-trained content classifiers suitable for user-uploaded images and minimizes development effort; low-confidence predictions can be routed to human review. A) Comprehend is for text, not image content. C) SageMaker requires building/training a model, increasing effort. D) Fargate with a custom model adds unnecessary complexity compared to managed Rekognition. A and C also misalign with image content detection scope or require more customization. B correctly uses a managed service for image moderation with optional human review for uncertain cases.
A company wants to run its critical applications in containers to meet requirements for scalability and availability. The company prefers to focus on maintenance of the critical applications. The company does not want to be responsible for provisioning and managing the underlying infrastructure that runs the containerized workload.What should a solutions architect do to meet these requirements?
Answer(s): C
F) The correct answer is C. Using Amazon ECS on AWS Fargate runs containers without managing underlying servers, aligning with the requirement to avoid provisioning and managing infrastructure.A) ECS on EC2 requires managing EC2 instances and Docker runtime, increasing maintenance.B) ECS on EC2 again delegates to EC2 hosts you must manage, not meeting the no-infrastructure-management goal.D) ECS-optimized AMI on EC2 still requires patching and managing the EC2 instances and OS.
A company hosts more than 300 global websites and applications. The company requires a platform to analyze more than 30 TB of clickstream data each day.What should a solutions architect do to transmit and process the clickstream data?
Answer(s): D
Collecting with Kinesis Data Streams and delivering via Kinesis Data Firehose to an S3 data lake provides scalable, real-time ingest for large-scale clickstream data and seamless loading into Redshift for analytics.A) Data Pipeline is deprecated for new workloads; EMR processing after archiving adds latency and complexity.B) Auto Scaling EC2 approach lacks managed streaming and built-in real-time ingestion; Redshift requires ETL steps not streamlined here.C) CloudFront caching is for content delivery, not durable data capture; Serverless Lambda processing is not suited for 30 TB/day streaming without complex orchestration.D) Correct: end-to-end managed streaming with Kinesis, durable S3 lake, and Redshift analytics.
A company has a website hosted on AWS. The website is behind an Application Load Balancer (ALB) that is configured to handle HTTP and HTTPS separately. The company wants to forward all requests to the website so that the requests will use HTTPS.What should a solutions architect do to meet this requirement?
A) Create a listener rule on the ALB to redirect HTTP traffic to HTTPS.C) Correct because ALB listener rules can perform redirects from HTTP to HTTPS, ensuring all traffic uses TLS without changing clients. This keeps end-to-end encryption and uses the appropriate 301/302 redirect to the HTTPS endpoint.B) Replacing HTTP in the URL is not a built-in ALB capability; ALB cannot modify schemes by string replacement in requests.A) Updating network ACLs to only allow HTTPS disrupts legitimate initial connections and does not guarantee proper TLS termination or redirects at the ALB.D) Replacing with a Network Load Balancer does not provide an application-layer redirect capability to enforce HTTPS and SNI is not relevant to this requirement.
A company is developing a two-tier web application on AWS. The company's developers have deployed the application on an Amazon EC2 instance that connects directly to a backend Amazon RDS database. The company must not hardcode database credentials in the application. The company must also implement a solution to automatically rotate the database credentials on a regular basis.Which solution will meet these requirements with the LEAST operational overhead?
Storing credentials in AWS Secrets Manager with automatic rotation provides secure, centralized credential management and seamless rotation without hardcoding, and EC2 can access the secret via its IAM role.A) Storing in instance metadata is insecure and not designed for credential rotation; updating metadata is not supported for secret rotation.B) Encrypted S3 config files require custom rotation logic and risk of stale applications; not ideal for automatic, centralized rotation.C) CORRECT: Secrets Manager supports automatic rotation and fine-grained IAM access for EC2.D) Parameter Store rotation exists but Secrets Manager offers richer rotation and easier credential management; more suitable for automatic rotation with minimal ops.
A company is deploying a new public web application to AWS. The application will run behind an Application Load Balancer (ALB). The application needs to be encrypted at the edge with an SSL/TLS certificate that is issued by an external certificate authority (CA). The certificate must be rotated each year before the certificate expires.What should a solutions architect do to meet these requirements?
ACM certificates cannot be imported; ACMs public certificates are issued only by ACM or public CAs managed by ACM. The correct approach is to import a externally issued certificate into ACM for use with the ALB and manually rotate before expiration, since ACM does not automatically rotate externally issued certificates. A) Incorrect because ACM cannot auto-rotate externally issued certificates. B) Incorrect because you cannot import key material to ACM-certified certificates for automatic rotation; ACM manages keys for public certificates. C) Incorrect because ACM Private CA issues privately trusted certificates, but automatic rotation still isn’t automatic for externally issued public certs and adds unnecessary complexity. D) Correct: import external certificate, attach to ALB, and set alerts for manual rotation before expiry.
A company runs its infrastructure on AWS and has a registered base of 700,000 users for its document management application. The company intends to create a product that converts large .pdf files to .jpg image files. The .pdf files average 5 MB in size. The company needs to store the original files and the converted files. A solutions architect must design a scalable solution to accommodate demand that will grow rapidly over time.Which solution meets these requirements MOST cost-effectively?
Answer(s): A
A) This serverless approach leverages S3 storage, event-driven Lambda processing, and on-demand scaling with virtually unlimited concurrency, minimizing cost for variable load and large file processing. S3 PUT events trigger Lambda to convert and store JPEGs back in S3, avoiding EC2, EBS, or managed servers.B) DynamoDB is a NoSQL database, not suitable for storing large binary files or for file processing pipelines without additional services; using DynamoDB Streams with Lambda does not address file storage or processing efficiently.C) Elastic Beanstalk with EC2 and EBS is scalable but requires managing servers and storage; ongoing costs are higher than a serverless solution for sporadic or growing demand.D) EB with EFS still incurs EC2 management and higher storage costs; mixing EFS with EBS storage is inconsistent and less cost-effective for this use case.
A company has more than 5 TB of file data on Windows file servers that run on premises. Users and applications interact with the data each day.The company is moving its Windows workloads to AWS. As the company continues this process, the company requires access to AWS and on-premises file storage with minimum latency. The company needs a solution that minimizes operational overhead and requires no significant changes to the existing file access patterns. The company uses an AWS Site-to-Site VPN connection for connectivity to AWS.What should a solutions architect do to meet these requirements?
The correct answer D is right because it provides a low-latency, seamless hybrid NAS solution: FSx for Windows File Server on AWS for cloud workloads and an FSx File Gateway on premises to access data locally, preserving on-premises access patterns with minimal changes and centralized management over VPN. A) would require moving all data to managed Windows shares in AWS, increasing cutover risk and latency for on-prem users. B) and C) rely on S3, which is object storage with higher latency for file semantics and insufficient OS-level file share semantics without gateways for on-prem access. D preserves NAS compatibility and hybrid performance.
Share your comments for Amazon SAA-C02 exam with other users:
very helpful
good source
my 3rd test and passed on first try. hats off to this brain dumps site.
please upload it
does anybody know if are these real exam questions?
are these questions similar to actual questions in the exam? because they seem to be too easy
i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.
good questions
valied exam dumps. they were very helpful and i got a pretty good score. i am very grateful for this service and exam questions
will it help?
very useful to verify knowledge before exam
good stuffs
question 17 : responses arent b and c ?
just passed the exam on my first try using these dumps.
these questions look good.
this is very helpful content
please provide the dumps
it is amazing
quesion 178 about "a banking system that predicts whether a loan will be repaid is an example of the" the answer is classification. not regresion, you should fix it.
please upload apache spark dumps
q14 is b&c to reduce you will switch off mail for every single alert and you will switch on daily digest to get a mail once per day, you might even skip the empty digest mail but i see this as a part of the daily digest adjustment
i think it is good question
good for students who wish to give certification.
is there a google drive link to the images? the links in questions are not working.
very promising, looks great, so much wow!
i scored 87% on the az-204 exam. thanks! i always trust
good need more
sample questions seems good
huawei is ok
good one nice
please continue
this exam dumps just did the job. i donot want to ruffle your feathers but your exam dumps and mock test engine is amazing.
nice questions