Home
Amazon
SAA-C03 Exam Info
SAA-C03 Exam Questions

Home ❯
Amazon ❯
SAA-C03 Exam Info ❯
SAA-C03 Exam Questions

Master Amazon AWS Certified Solutions Architect - Associate SAA-C03 with Confidence

Ready to conquer the cloud and skyrocket your career? Our cutting-edge Amazon AWS Certified Solutions Architect - Associate SAA-C03 practice questions are your secret weapon. Crafted by industry experts, these materials go beyond mere memorization, immersing you in real-world scenarios that mirror the exam's complexity. Whether you're a seasoned pro or a cloud novice, our adaptive learning system tailors the experience to your needs, filling knowledge gaps and boosting confidence. With thousands of satisfied learners and a 98% pass rate, you're joining a community of success. Don't let this opportunity slip away – the demand for certified AWS architects is soaring, with six-figure salaries becoming the norm. Choose from our flexible PDF, web-based, or desktop formats, and start your journey to cloud mastery today. Your future in DevOps, infrastructure design, and enterprise solutions awaits!

Page: 1 /
Total 912 questions

Want more questions? Get Premium Access.
()

Get Free Questions & Answers PDF

Question 1

A gaming company is building an application that uses a database to store user dat

a. The company wants the database to have an active-active configuration that allows data writes to a secondary AWS Region. The database must achieve a sub-second recovery point objective (RPO).

Options:

ADeploy an Amazon ElastiCache (Redis OSS) cluster. Configure a global data store for disaster recovery. Configure the ElastiCache cluster to cache data from an Amazon RDS database that is deployed in the primary Region.

BDeploy an Amazon DynamoDB table in the primary Region and the secondary Region. Configure Amazon DynamoDB Streams to invoke an AWS Lambda function to write changes from the table in the primary Region to the table in the secondary Region.

CDeploy an Amazon Aurora MySQL database in the primary Region. Configure a global database for the secondary Region.

DDeploy an Amazon DynamoDB table in the primary Region. Configure global tables for the secondary Region.

Correct : D

A . ElastiCache: Provides in-memory caching, not suitable for persistent, scalable databases.

B . DynamoDB Streams + Lambda: Manages replication manually, increasing latency and operational complexity.

C . Aurora Global Database: Provides high availability but does not support active-active configuration.

D . DynamoDB Global Tables: Provides active-active configuration and sub-second RPO.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

CDeploy an Amazon Aurora MySQL database in the primary Region. Configure a global database for the secondary Region.

DDeploy an Amazon DynamoDB table in the primary Region. Configure global tables for the secondary Region.

0 / 1500

Question 2

A company wants to implement a data lake in the AWS Cloud. The company must ensure that only specific teams have access to sensitive data in the data lake. The company must have row-level access control for the data lake.

Options:

AUse Amazon RDS to store the data. Use IAM roles and permissions for data governance and access control.

BUse Amazon Redshift to store the data. Use IAM roles and permissions for data governance and access control.

CUse Amazon S3 to store the data. Use AWS Lake Formation for data governance and access control.

DUse AWS Glue Catalog to store the data. Use AWS Glue DataBrew for data governance and access control.

Correct : C

Detailed

A . RDS: Suitable for relational databases but does not provide native support for data lakes or row-level access.

B . Redshift: Primarily for analytics, not designed for large-scale data lake governance.

C . S3 + Lake Formation: Provides native support for data lakes with granular access control, including row-level permissions.

D . Glue Catalog + DataBrew: Focused on data preparation and metadata management, not row-level access control.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AUse Amazon RDS to store the data. Use IAM roles and permissions for data governance and access control.

BUse Amazon Redshift to store the data. Use IAM roles and permissions for data governance and access control.

CUse Amazon S3 to store the data. Use AWS Lake Formation for data governance and access control.

DUse AWS Glue Catalog to store the data. Use AWS Glue DataBrew for data governance and access control.

0 / 1500

Question 3

A company hosts a multi-tier inventory reporting application on AWS. The company needs a cost-effective solution to generate inventory reports on demand. Admin users need to have the ability to generate new reports. Reports take approximately 5-10 minutes to finish. The application must send reports to the email address of the admin user who generates each report.

Options:

AUse Amazon Elastic Container Service (Amazon ECS) to host the report generation code. Use an Amazon API Gateway HTTP API to invoke the code. Use Amazon Simple Email Service (Amazon SES) to send the reports to admin users.

BUse Amazon EventBridge to invoke a scheduled AWS Lambda function to generate the reports. Use Amazon Simple Notification Service (Amazon SNS) to send the reports to admin users.

CUse Amazon Elastic Kubernetes Service (Amazon EKS) to host the report generation code. Use an Amazon API Gateway REST API to invoke the code. Use Amazon Simple Notification Service (Amazon SNS) to send the reports to admin users.

DCreate an AWS Lambda function to generate the reports. Use a function URL to invoke the function. Use Amazon Simple Email Service (Amazon SES) to send the reports to admin users.

Correct : D

Detailed

A . ECS + API Gateway: Overly complex and costly for an on-demand, intermittent workload.

B . EventBridge + SNS: EventBridge schedules are unnecessary for on-demand generation.

C . EKS + API Gateway: Overkill for this use case, with high operational overhead.

D . Lambda + SES: Most cost-effective and efficient solution for generating and emailing reports on demand.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

BUse Amazon EventBridge to invoke a scheduled AWS Lambda function to generate the reports. Use Amazon Simple Notification Service (Amazon SNS) to send the reports to admin users.

DCreate an AWS Lambda function to generate the reports. Use a function URL to invoke the function. Use Amazon Simple Email Service (Amazon SES) to send the reports to admin users.

0 / 1500

Question 4

A company that has multiple AWS accounts maintains an on-premises Microsoft Active Directory. The company needs a solution to implement Single Sign-On for its employees. The company wants to use AWS IAM Identity Center.

The solution must meet the following requirements:

Allow users to access AWS accounts and third-party applications by using existing Active Directory credentials.

Enforce multi-factor authentication (MFA) to access AWS accounts.

Centrally manage permissions to access AWS accounts and applications.

Options:

ACreate an IAM identity provider for Active Directory in each AWS account. Ensure that Active Directory users and groups access AWS accounts directly through IAM roles. Use IAM Identity Center to enforce MFA in each account for all users.

BUse AWS Directory Service to create a new AWS Managed Microsoft AD Active Directory. Configure IAM Identity Center in each account to use the new AWS Managed Microsoft AD Active Directory as the identity source. Use IAM Identity Center to enforce MFA for all users.

CUse IAM Identity Center with the existing Active Directory as the identity source. Enforce MFA for all users. Use AWS Organizations and Active Directory groups to manage access permissions for AWS accounts and application access.

DUse AWS Lambda functions to periodically synchronize Active Directory users and groups with IAM users and groups in each AWS account. Use IAM roles and policies to manage application access. Create a second Lambda function to enforce MFA.

Correct : C

Detailed

A . IAM identity provider: Does not support centralized management across multiple accounts.

B . AWS Managed AD: Unnecessary if an on-premises Active Directory already exists.

C . IAM Identity Center + Existing AD: Best approach to integrate existing Active Directory for SSO, with MFA and centralized permissions.

D . Lambda for synchronization: Adds complexity and does not leverage IAM Identity Center capabilities.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

0 / 1500

Question 5

A company runs an order management application on AWS. The application allows customers to place orders and pay with a credit card. The company uses an Amazon CloudFront distribution to deliver the application.

A security team has set up logging for all incoming requests. The security team needs a solution to generate an alert if any user modifies the logging configuration.

Options (Select TWO):

AConfigure an Amazon EventBridge rule that is invoked when a user creates or modifies a CloudFront distribution. Add the AWS Lambda function as a target of the EventBridge rule.

BCreate an Application Load Balancer (ALB). Enable AWS WAF rules for the ALB. Configure an AWS Config rule to detect security violations.

CCreate an AWS Lambda function to detect changes in CloudFront distribution logging. Configure the Lambda function to use Amazon Simple Notification Service (Amazon SNS) to send notifications to the security team.

DSet up Amazon GuardDuty. Configure GuardDuty to monitor findings from the CloudFront distribution. Create an AWS Lambda function to address the findings.

ECreate a private API in Amazon API Gateway. Use AWS WAF rules to protect the private API from common security problems.

Correct : A, C

Detailed

A . EventBridge Rule: Detects modifications to CloudFront distributions in real time and triggers the Lambda function for further action.

B . ALB + Config: Focuses on ALB security violations, not relevant for CloudFront logging changes.

C . Lambda + SNS: Provides real-time notifications about changes in logging configuration.

D . GuardDuty: Focuses on threat detection, not logging configuration changes.

E . API Gateway + WAF: Unrelated to CloudFront logging changes.

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AConfigure an Amazon EventBridge rule that is invoked when a user creates or modifies a CloudFront distribution. Add the AWS Lambda function as a target of the EventBridge rule.

BCreate an Application Load Balancer (ALB). Enable AWS WAF rules for the ALB. Configure an AWS Config rule to detect security violations.

DSet up Amazon GuardDuty. Configure GuardDuty to monitor findings from the CloudFront distribution. Create an AWS Lambda function to address the findings.

ECreate a private API in Amazon API Gateway. Use AWS WAF rules to protect the private API from common security problems.

0 / 1500

Page: 1 / 183
Total 912 questions

Unlock Full
SAA-C03 Exam Features

In Just $49 You can Access

All Official Question Types
Interactive Web-Based Practice Test Software
No Installation or 3rd Party Software Required
Customize your practice sessions (Free Demo)
24/7 Customer Support

Get Full Access Now

Marked Questions
SAA-C03 Exam

SAA-C03 Exam Question 1
SAA-C03 Exam Question 2
SAA-C03 Exam Question 3
SAA-C03 Exam Question 4
SAA-C03 Exam Question 5

Download PDF File Demo

Try Web-Based Exam Practice Software Demo

Commenting

In order to participate in the comments you need to be logged-in.
You can sign-up or login