A hospital recently deployed a RESTful API with Amazon API Gateway and AWS Lambda. The hospital uses API Gateway and Lambda to upload reports that are in PDF format and JPEG format. The hospital needs to modify the Lambda code to identify protected health information (PHI) in the reports.Which solution will meet these requirements with the LEAST operational overhead?
Answer(s): C
Using Textract for OCR and Comprehend Medical for PHI identification provides a managed, purpose-built solution with minimal operational overhead. Textract handles PDF and JPEG text extraction; Comprehend Medical specializes in PHI/PHI-like aetiology, delivering HIPAA-friendly, scalable PHI detection integrated with AWS services.A) Manual Python libraries require custom maintenance and OCR/PHI logic, increasing overhead.B) SageMaker adds operation and model management complexity; PHI detection may require custom labeling and pipelines.D) Rekognition OCR is not optimized for document-heavy PHI tasks and pairing with Comprehend Medical adds unnecessary mismatch; Textract+Comprehend Medical is a better fit.
A company has an application that generates a large number of files, each approximately 5 MB in size. The files are stored in Amazon S3. Company policy requires the files to be stored for 4 years before they can be deleted. Immediate accessibility is always required as the files contain critical business data that is not easy to reproduce. The files are frequently accessed in the first 30 days of the object creation but are rarely accessed after the first 30 days.Which storage solution is MOST cost-effective?
A) Incorrect. Glacier is not accessible for immediate retrieval; 30 days is fine, but Glacier incurs retrieval latency and may hinder access, plus not the most cost-effective for the 4-year window with frequent access in first 30 days.B) Incorrect. One Zone-IA has lower durability (Single AZ) and is less ideal for critical data; potential data loss risk and unsupported cross-region resilience.C) Correct. S3 Standard-IA offers cost savings after 30 days while maintaining immediate retrieval for infrequent access requirements; aligns with 4-year retention and immediate access needs.D) Incorrect. Moving to Glacier after 4 years adds unnecessary retrieval path and complexity; Standard-IA already provides cost savings during long-term retention with frequent access in early period.
A company hosts an application on multiple Amazon EC2 instances. The application processes messages from an Amazon SQS queue, writes to an Amazon RDS table, and deletes the message from the queue. Occasional duplicate records are found in the RDS table. The SQS queue does not contain any duplicate messages.What should a solutions architect do to ensure messages are being processed once only?
Answer(s): D
The correct answer is D. Increasing the visibility timeout with ChangeMessageVisibility ensures that once a consumer receives a message, it isn’t delivered to other consumers for the extended period while it’s being processed, reducing duplicates in RDS.A is incorrect because CreateQueue creates a new queue, not addressing duplicates. B is incorrect because AddPermission manages access rights, not processing deduplication. C is incorrect because ReceiveMessage with wait time (long polling) affects latency, not preventing concurrent processing that can cause duplicates.
A solutions architect is designing a new hybrid architecture to extend a company's on-premises infrastructure to AWS. The company requires a highly available connection with consistent low latency to an AWS Region. The company needs to minimize costs and is willing to accept slower traffic if the primary connection fails.What should the solutions architect do to meet these requirements?
Answer(s): A
A) Correct: Primary Direct Connect for low latency and high availability; VPN as backup ensures connectivity if DX fails, meeting high availability with lower cost by using VPN over the public internet during failover.B) VPN only does not provide consistent low latency or the same reliability as Direct Connect for primary; second VPN as backup is acceptable but not as cost-effective for a DX-centric design with low latency requirements.C) Two Direct Connect connections in the same region increase cost and complexity; failover still requires routing adjustments but VPN is not needed for this requirement.D) There is no AWS CLI “Direct Connect failover” automatic backup; you must configure an independent backup path (VPN) for failover.
A company is running a business-critical web application on Amazon EC2 instances behind an Application Load Balancer. The EC2 instances are in an Auto Scaling group. The application uses an Amazon Aurora PostgreSQL database that is deployed in a single Availability Zone. The company wants the application to be highly available with minimum downtime and minimum loss of data.Which solution will meet these requirements with the LEAST operational effort?
Answer(s): B
A concise explanation of the correct answer and why others are incorrect:B) Using multi-AZ Auto Scaling with a Multi-AZ database and RDS Proxy provides high availability and durability with minimal operational effort. Multi-AZ protects the database from AZ-level failures, RDS Proxy improves connection management and failover handling for applications behind an ALB. A) cross-region complexity and latency, plus Cross-Region Aurora replication adds complexity and cost for DR rather than HA within a single region. C) Single AZ and hourly snapshots offer poor availability and potential data loss. D) Multi-region writes and S3-based logging add latency, complexity, and do not ensure database durability during region failures.
A company's HTTP application is behind a Network Load Balancer (NLB). The NLB's target group is configured to use an Amazon EC2 Auto Scaling group with multiple EC2 instances that run the web service.The company notices that the NLB is not detecting HTTP errors for the application. These errors require a manual restart of the EC2 instances that run the web service. The company needs to improve the application's availability without writing custom scripts or code.What should a solutions architect do to meet these requirements?
The correct answer is C.A) Incorrect: NLB supports TCP/UDP health checks or HTTP/HTTPS using a target group, but it cannot use an application URL for health checks like an ALB can. Replacing with ALB and enabling HTTP health checks ensures application-level health checks and automatic replacement of unhealthy instances via ASG.B) Incorrect: A cron job requires custom scripts and ongoing maintenance, contradicting the requirement to avoid writing code or scripts.D) Incorrect: CloudWatch UnhealthyHostCount monitors platform health, not application-level HTTP errors. It may trigger replacements too late or inappropriately without direct app health checks.
A company runs a shopping application that uses Amazon DynamoDB to store customer information. In case of data corruption, a solutions architect needs to design a solution that meets a recovery point objective (RPO) of 15 minutes and a recovery time objective (RTO) of 1 hour.What should the solutions architect recommend to meet these requirements?
D) B) reasonB) Point-in-time recovery provides continuous backups and allows restore to any second within the last 35 days, meeting 15-minute RPO and 1-hour RTO when combined with fast restoration of the table. A) Global tables address cross-region replication, not RPO/RTO in a single-region failure. C) Daily export to S3 Glacier introduces long restore times and does not meet 15-minute RPO. D) DynamoDB uses managed backups; EBS snapshots are not applicable to DynamoDB since DynamoDB is a managed service, and backups are not tied to EBS.
A company runs a photo processing application that needs to frequently upload and download pictures from Amazon S3 buckets that are located in the same AWS Region. A solutions architect has noticed an increased cost in data transfer fees and needs to implement a solution to reduce these costs.How can the solutions architect meet this requirement?
S3 VPC endpoint provides private, region-local connectivity to S3 without data traversing the public internet, eliminating inter‑region and NAT data transfer costs between the VPC and S3.A) API Gateway does not route S3 traffic; it adds unnecessary public exposure and cost.B) NAT gateway adds egress charges and does not provide private, region‑local S3 access; endpoint is more cost-effective.C) Routing through an internet gateway uses public internet paths and incurs data transfer costs and potential exposure.D) Correct: S3 VPC endpoint with appropriate policy enables private, low‑cost access to S3 in the same region.
Share your comments for Amazon SAA-C02 exam with other users:
very useful
i purchased this exam dumps from another website with way more questions but they were all invalid and outdate. this exam dumps was right to the point and all from recent exam. it was a hard pass.
it was a good experience and i got 90% in the 200-901 exam.
hi please upload this
please upload it
really need this dump. can you please help.
really good and covers many areas explaining the answer.
yes, can you please upload the exam?
how many questions are there in these dumps?
hi team, please upload this , i need it.
question 14 - run terraform import: this is the recommended best practice for bringing manually created or destroyed resources under terraform management. you use terraform import to associate an existing resource with a terraform resource configuration. this ensures that terraform is aware of the resource, and you can subsequently manage it with terraform.
please upload dump. thanks in advance.
great great
answer 16 should be b your organizational policies require you to use virtual machines directly
the question are kind of tricky of you didnt get the hnag on it.
can anyone tell me if this is for rhel8 or rhel9?
good content
pdb and cdb are critical to the database
till 104 questions are free, lets see how it helps me in my exam today.
question # 56, answer is true not false.
i would be requiring dumps to prepare for certification exam
very helpful
control file is the heart of rman backup
hi could you please upload the ibm c2090-543 dumps
appriciate if you could upload this again
please upload the dump
i found some questions answers mismatch with explanation answers. please properly update
nothing to mention
knowable questions
very helpfull
good questions
its helpful
i just took my oracle exam and let me tell you, this exam dumps was a lifesaver! without them, iam not sure i would have passed. the questions were tricky and the answers were obscure, but the exam dumps had everything i needed. i would recommend to anyone looking to pass their oracle exams with flying colors (and a little bit of cheating) lol.
22. if you need to make sure that one computer in your hot-spot network can access the internet without hot-spot authentication, which menu allows you to do this? answer is ip binding and not wall garden. wall garden allows specified websites to be accessed with users authentication to the hotspot