CertsTopics Logo

Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

AWS Certified Associate SAA-C03 Reddit Questions

Page: 13 / 82
Total 1093 questions
Get SAA-C03 Full Access Download SAA-C03 PDF

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Question 49

A company uses Amazon RDS for PostgreSQL databases for its data tier. The company must implement password rotation for the databases.

Which solution meets this requirement with the LEAST operational overhead?

Options:

A.

Store the password in AWS Secrets Manager. Enable automatic rotation on the secret.

B.

Store the password in AWS Systems Manager Parameter Store. Enable automatic rotation on the parameter.

C.

Store the password in AWS Systems Manager Parameter Store. Write an AWS Lambda function that rotates the password.

D.

Store the password in AWS Key Management Service (AWS KMS). Enable automatic rotation on the AWS KMS key.

Question 50

A company is developing a new application that will run on Amazon EC2 instances. The application needs to access multiple AWS services.

The company needs to ensure that the application will not use long-term access keys to access AWS services.

Options:

A.

Create an IAM user. Assign the IAM user to the application. Create programmatic access keys for the IAM user. Embed the access keys in the application code.

B.

Create an IAM user that has programmatic access keys. Store the access keys in AWS Secrets Manager. Configure the application to retrieve the keys from Secrets Manager when the application runs.

C.

Create an IAM role that can access AWS Systems Manager Parameter Store. Associate the role with each EC2 instance profile. Create IAM access keys for the AWS services, and store the keys in Parameter Store. Configure the application to retrieve the keys from Parameter Store when the application runs.

D.

Create an IAM role that has permissions to access the required AWS services. Associate the IAM role with each EC2 instance profile.

Question 51

A company discovers that an Amazon DynamoDB Accelerator (DAX) cluster for the company's web application workload is not encrypting data at rest. The company needs to resolve thesecurity issue.

Which solution will meet this requirement?

Options:

A.

Stop the existing DAX cluster. Enable encryption at rest for the existing DAX cluster, and start the cluster again.

B.

Delete the existing DAX cluster. Recreate the DAX cluster, and configure the new cluster to encrypt the data at rest.

C.

Update the configuration of the existing DAX cluster to encrypt the data at rest.

D.

Integrate the existing DAX cluster with AWS Security Hub to automatically enable encryption at rest.

Question 52

A company has a large amount of data in an Amazon DynamoDB table. A large batch of data is appended to the table once each day. The company wants a solution that will make all the existing and future data in DynamoDB available for analytics on a long-term basis. Which solution meets these requirements with the LEAST operational overhead?

Options:

A.

Configure DynamoDB incremental exports to Amazon S3.

B.

Configure Amazon DynamoDB Streams to write records to Amazon S3.

C.

Configure Amazon EMR to copy DynamoDB data to Amazon S3.

D.

Configure Amazon EMR to copy DynamoDB data to Hadoop Distributed File System (HDFS).

Page: 13 / 82
Total 1093 questions
Get SAA-C03 Full Access Download SAA-C03 PDF