CertsTopics Logo

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Amazon Web Services SAA-C03 Online Access

Page: 33 / 37
Total 527 questions
Get SAA-C03 Full Access Download SAA-C03 PDF

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Question 129

A company is deploying an application that processes streaming data in near-real time. The company plans to use Amazon EC2 instances for the workload. The network architecture must be configurable to provide the lowest possible latency between nodes.

Which networking solution meets these requirements?

Options:

A.

Place the EC2 instances in multiple VPCs, and configure VPC peering.

B.

Attach an Elastic Fabric Adapter (EFA) to each EC2 instance.

C.

Run the EC2 instances in a spread placement group.

D.

Use Amazon Elastic Block Store (Amazon EBS) optimized instance types.

Question 130

A developer needs to export the contents of several Amazon DynamoDB tables into Amazon S3 buckets to comply with company data regulations. The developer uses the AWS CLI to runcommands to export from each table to the proper S3 bucket. The developer sets up AWS credentials correctly and grants resources appropriate permissions. However, the exports of some tables fail.

What should the developer do to resolve this issue?

Options:

A.

Ensure that point-in-time recovery is enabled on the DynamoDB tables.

B.

Ensure that the target S3 bucket is in the same AWS Region as the DynamoDB table.

C.

Ensure that DynamoDB streaming is enabled for the tables.

D.

Ensure that DynamoDB Accelerator (DAX) is enabled.

Question 131

A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database Compliance regulations mandate that all personally identifiable information (Pll) be encrypted at rest.

Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure?

Options:

A.

Deploy AWS Certificate Manager to generate certificates Use the certificates to encrypt the database volume

B.

Deploy AWS CloudHSM. generate encryption keys, and use the keys to encrypt database volumes.

C.

Configure SSL encryption using AWS Key Management Service {AWS KMS) keys to encrypt database volumes.

D.

Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes.

Question 132

A solutions architect is configuring a VPC that has public subnets and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs). An internet gateway is attached to the VPC.

The private subnets require access to the internet to allow Amazon EC2 instances to download software updates.

Which solution will meet this requirement?

Options:

A.

Create a NAT gateway in one of the public subnets. Update the route tables that are attached to the private subnets to forward non-VPC traffic to the NAT gateway.

B.

Create three NAT instances in each private subnet. Create a private route table for each Availability Zone that forwards non-VPC traffic to the NAT instances.

C.

Attach an egress-only internet gateway in the VPC. Update the route tables of the private subnets to forward non-VPC traffic to the egress-only internet gateway.

D.

Create a NAT gateway in one of the private subnets. Update the route tables that are attached to the private subnets to forward non-VPC traffic to the NAT gateway.

Page: 33 / 37
Total 527 questions
Get SAA-C03 Full Access Download SAA-C03 PDF