CertsTopics Logo

Pre-Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Complete SAA-C03 Amazon Web Services Materials

Page: 48 / 64
Total 879 questions
Get SAA-C03 Full Access Download SAA-C03 PDF

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Question 189

A company has primary and secondary data centers that are 500 miles (804.7 km) apart and interconnected with high-speed fiber-optic cable. The company needs a highly available and secure network connection between its data centers and a VPC on AWS for a mission-critical workload.

A solutions architect must choose a connection solution that provides maximum resiliency.

Which solution meets these requirements?

Options:

A.

Two AWS Direct Connect connections from the primary data center terminating at two Direct Connect locations on two separate devices

B.

A single AWS Direct Connect connection from each of the primary and secondary data centers terminating at one Direct Connect location on the same device

C.

Two AWS Direct Connect connections from each of the primary and secondary data centers terminating at two Direct Connect locations on two separate devices

D.

A single AWS Direct Connect connection from each of the primary and secondary data centers terminating at one Direct Connect location on two separate devices

Question 190

A company performs a security review of its AWS workloads and finds that all the company ' s IAM users have the AdministratorAccess IAM managed policy directly attached. The company ' s IAM users belong to either an engineering department or an operations department. Engineering users require full read and write access to all resources. Operations users require only read access to all resources.

The company must apply the principle of least privilege to user access.

Which solution will meet this requirement in the MOST operationally efficient way?

Options:

A.

Create an IAM group for each department. Add either the AdministratorAccess or ReadOnlyAccess IAM managed policy to each group as appropriate. Add each department user to the appropriate IAM group. Remove existing IAM permissions from the users.

B.

Create an IAM group named Staff. Apply both the AdministratorAccess and ReadOnlyAccess IAM managed policy to the Staff IAM group. Add all IAM users to the Staff group. Remove existing IAM permissions from the users.

C.

Add the ReadOnlyAccess IAM managed policy to IAM users that belong to the operations department. Remove existing AdministratorAccess IAM permissions from the operations department users. Add a tag of Operations to the operations department IAM users.

D.

Add the ReadOnlyAccess inline policy statement to IAM users that belong to the operations department. Remove the existing AdministratorAccess IAM permissions from operations department users. Add a tag of Operations to the operations department IAM users.

Question 191

A logistics company is creating a data exchange platform to share shipment status information with shippers. The logistics company can see all shipment information and metadata. The company distributes shipment data updates to shippers.

Each shipper should see only shipment updates that are relevant to their company. Shippers should not see the full detail that is visible to the logistics company. The company creates an Amazon Simple Notification Service (Amazon SNS) topic for each shipper to share data. Some shippers use a mobile app to submit shipment status updates.

The company needs to create a data exchange platform that provides each shipper specific access to the data that is relevant to their company.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

A.

Ingest the shipment updates from the mobile app into Amazon Simple Queue Service (Amazon SQS). Publish the updates to the SNS topic. Apply a filter policy to rewrite the body of each message.

B.

Ingest the shipment updates from the mobile app into Amazon Simple Queue Service (Amazon SQS). Use an AWS Lambda function to consume the updates from Amazon SQS and rewrite the body of each message. Publish the updates to the SNS topic.

C.

Ingest the shipment updates from the mobile app into a second SNS topic. Publish the updates to the shipper SNS topic. Apply a filter policy to rewrite the body of each message.

D.

Ingest the shipment updates from the mobile app into Amazon Simple Queue Service (Amazon SQS). Filter and rewrite the messages in Amazon EventBridge Pipes. Publish the updates to the SNS topic.

Question 192

A company is migrating its databases to Amazon RDS for PostgreSQL. The company is migrating its applications to Amazon EC2 instances. The company wants to optimize costs for long-running workloads.

Which solution will meet this requirement MOST cost-effectively?

Options:

A.

Use On-Demand Instances for the Amazon RDS for PostgreSQL workloads. Purchase a 1 year Compute Savings Plan with the No Upfront option for the EC2 instances.

B.

Purchase Reserved Instances for a 1 year term with the No Upfront option for the Amazon RDS for PostgreSQL workloads. Purchase a 1 year EC2 Instance Savings Plan with the No Upfront option for the EC2 instances.

C.

Purchase Reserved Instances for a 1 year term with the Partial Upfront option for the Amazon RDS for PostgreSQL workloads. Purchase a 1 year EC2 Instance Savings Plan with the Partial Upfront option for the EC2 instances.

D.

Purchase Reserved Instances for a 3 year term with the All Upfront option for the Amazon RDS for PostgreSQL workloads. Purchase a 3 year EC2 Instance Savings Plan with the All Upfront option for the EC2 instances.

Page: 48 / 64
Total 879 questions
Get SAA-C03 Full Access Download SAA-C03 PDF