Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. SAA-C03

Amazon SAA-C03 Exam (page: 22)
Amazon AWS Certified Solutions Architect - Associate SAA-C03
Updated on: 16-Feb-2026

Viewing Page 22 of 129
SAA-C03 PDF 779 Questions

A company is concerned about the security of its public web application due to recent web attacks. The application uses an Application Load Balancer (ALB). A solutions architect must reduce the risk of DDoS attacks against the application.
What should the solutions architect do to meet this requirement?

  1. Add an Amazon Inspector agent to the ALB.
  2. Configure Amazon Macie to prevent attacks.
  3. Enable AWS Shield Advanced to prevent attacks.
  4. Configure Amazon GuardDuty to monitor the ALB.

Answer(s): C



A company’s web application is running on Amazon EC2 instances behind an Application Load Balancer. The company recently changed its policy, which now requires the application to be accessed from one specific country only.
Which configuration will meet this requirement?

  1. Configure the security group for the EC2 instances.
  2. Configure the security group on the Application Load Balancer.
  3. Configure AWS WAF on the Application Load Balancer in a VP
  4. Configure the network ACL for the subnet that contains the EC2 instances.

Answer(s): C



A company provides an API to its users that automates inquiries for tax computations based on item prices. The company experiences a larger number of inquiries during the holiday season only that cause slower response times. A solutions architect needs to design a solution that is scalable and elastic.
What should the solutions architect do to accomplish this?

  1. Provide an API hosted on an Amazon EC2 instance. The EC2 instance performs the required computations when the API request is made.
  2. Design a REST API using Amazon API Gateway that accepts the item names. API Gateway passes item names to AWS Lambda for tax computations.
  3. Create an Application Load Balancer that has two Amazon EC2 instances behind it. The EC2 instances will compute the tax on the received item names.
  4. Design a REST API using Amazon API Gateway that connects with an API hosted on an Amazon EC2 instance. API Gateway accepts and passes the item names to the EC2 instance for tax computations.

Answer(s): B



A solutions architect is creating a new Amazon CloudFront distribution for an application. Some of the information submitted by users is sensitive. The application uses HTTPS but needs another layer of security. The sensitive information should.be protected throughout the entire application stack, and access to the information should be restricted to certain applications.
Which action should the solutions architect take?

  1. Configure a CloudFront signed URL.
  2. Configure a CloudFront signed cookie.
  3. Configure a CloudFront field-level encryption profile.
  4. Configure CloudFront and set the Origin Protocol Policy setting to HTTPS Only for the Viewer Protocol Policy.

Answer(s): C



A gaming company hosts a browser-based application on AWS. The users of the application consume a large number of videos and images that are stored in Amazon S3. This content is the same for all users.
The application has increased in popularity, and millions of users worldwide accessing these media files. The company wants to provide the files to the users while reducing the load on the origin.
Which solution meets these requirements MOST cost-effectively?

  1. Deploy an AWS Global Accelerator accelerator in front of the web servers.
  2. Deploy an Amazon CloudFront web distribution in front of the S3 bucket.
  3. Deploy an Amazon ElastiCache for Redis instance in front of the web servers.
  4. Deploy an Amazon ElastiCache for Memcached instance in front of the web servers.

Answer(s): B



A company has a multi-tier application that runs six front-end web servers in an Amazon EC2 Auto Scaling group in a single Availability Zone behind an Application Load Balancer (ALB). A solutions architect needs to modify the infrastructure to be highly available without modifying the application.
Which architecture should the solutions architect choose that provides high availability?

  1. Create an Auto Scaling group that uses three instances across each of two Regions.
  2. Modify the Auto Scaling group to use three instances across each of two Availability Zones.
  3. Create an Auto Scaling template that can be used to quickly create more instances in another Region.
  4. Change the ALB in front of the Amazon EC2 instances in a round-robin configuration to balance traffic to the web tier.

Answer(s): B



An ecommerce company has an order-processing application that uses Amazon API Gateway and an AWS Lambda function. The application stores data in an Amazon Aurora PostgreSQL database. During a recent sales event, a sudden surge in customer orders occurred. Some customers experienced timeouts, and the application did not process the orders of those customers.
A solutions architect determined that the CPU utilization and memory utilization were high on the database because of a large number of open connections. The solutions architect needs to prevent the timeout errors while making the least possible changes to the application.
Which solution will meet these requirements?

  1. Configure provisioned concurrency for the Lambda function. Modify the database to be a global database in multiple AWS Regions.
  2. Use Amazon RDS Proxy to create a proxy for the database. Modify the Lambda function to use the RDS Proxy endpoint instead of the database endpoint.
  3. Create a read replica for the database in a different AWS Region. Use query string parameters in API Gateway to route traffic to the read replica.
  4. Migrate the data from Aurora PostgreSQL to Amazon DynamoDB by using AWS Database Migration Service (AWS DMS). Modify the Lambda function to use the DynamoDB table.

Answer(s): B



An application runs on Amazon EC2 instances in private subnets. The application needs to access an Amazon DynamoDB table.
What is the MOST secure way to access the table while ensuring that the traffic does not leave the AWS network?

  1. Use a VPC endpoint for DynamoDB.
  2. Use a NAT gateway in a public subnet.
  3. Use a NAT instance in a private subnet.
  4. Use the internet gateway attached to the VPC.

Answer(s): A



Viewing Page 22 of 129



Share your comments for Amazon SAA-C03 exam with other users:

Palash Ghosh 9/11/2023 8:30:00 AM

easy questions
Anonymous


Yolostar Again 10/12/2023 3:02:00 PM

q.189 - answers are incorrect.
Anonymous


Sam 9/7/2023 6:51:00 AM

question 8 - can cloudtrail be used for storing jobs? based on aws - aws cloudtrail is used for governance, compliance and investigating api usage across all of our aws accounts. every action that is taken by a user or script is an api call so this is logged to [aws] cloudtrail. something seems incorrect here.
UNITED STATES


test user 9/24/2023 3:15:00 AM

thanks for the questions
AUSTRALIA


Ayushi Baria 11/7/2023 7:44:00 AM

this is very helpfull for me
Anonymous


Danny Zas 9/15/2023 4:45:00 AM

this is a good experience
UNITED STATES


YoloStar Yoloing 10/22/2023 9:58:00 PM

q. 289 - the correct answer should be b not d, since the question asks for the most secure way to provide access to a s3 bucket (a single one), and by principle of the least privilege you should not be giving access to all buckets.
Anonymous


treyf 11/9/2023 5:13:00 AM

i took the aws saa-c03 test and scored 935/1000. it has all the exam dumps and important info.
UNITED STATES


Prince 10/31/2023 9:09:00 PM

is it possible to clear the exam if we focus on only these 156 questions instead of 623 questions? kindly help!
Anonymous


Marc blue 9/15/2023 4:11:00 AM

great job. hope this helps out.
UNITED STATES