Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free Access Amazon Web Services SAA-C03 New Release

Page: 16 / 69
Total 954 questions

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Question 61

A financial services company plans to launch a new application on AWS to handle sensitive financial transactions. The company will deploy the application on Amazon EC2 instances. The company will use Amazon RDS for MySQL as the database. The company ' s security policies mandate that data must be encrypted at rest and in transit.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

A.

Configure encryption at rest for Amazon RDS for MySQL by using AWS KMS managed keys. Configure AWS Certificate Manager (ACM) SSL/TLS certificates for encryption in transit.

B.

Configure encryption at rest for Amazon RDS for MySQL by using AWS KMS managed keys. Configure IPsec tunnels for encryption in transit

C.

Implement third-party application-level data encryption before storing data in Amazon RDS for MySQL. Configure AWS Certificate Manager (ACM) SSL/TLS certificates for encryption in transit.

D.

Configure encryption at rest for Amazon RDS for MySQL by using AWS KMS managed keys Configure a VPN connection to enable private connectivity to encrypt data in transit.

Question 62

An insurance company is creating an application to record personal user data. The data includes users’ names, ages, and health data. The company wants to run the application in a private subnet on AWS.

Because of data security requirements, the company must have access to the operating system of the compute resources that run the application tier. The company must use a low-latency NoSQL database to store the data.

Which solution will meet these requirements?

Options:

A.

Use Amazon EC2 instances for the application tier. Use an Amazon DynamoDB table for the database tier. Create a VPC endpoint for DynamoDB. Assign the instances an instance profile that has permission to access DynamoDB.

B.

Use AWS Lambda functions for the application tier. Use an Amazon DynamoDB table for the database tier. Assign a Lambda function an appropriate IAM role to access the table.

C.

Use AWS Fargate for the application tier. Create an Amazon Aurora PostgreSQL instance inside a private subnet for the database tier.

D.

Use Amazon EC2 instances for the application tier. Use an Amazon S3 bucket to store the data in JSON format. Configure the application to use Amazon Athena to read and write the data to and from the S3 bucket.

Question 63

A solutions architect is designing a system to be highly resilient. The system uses Amazon Route 53 with health checks and an Application Load Balancer (ALB). The system is critical and must have the highest availability possible.

Options:

A.

Automate failover to a healthy resource by automatically updating the value of the Route 53 A record.

B.

Configure the Route 53 health checks to perform a failover automatically.

C.

Automate failover to a healthy resource by updating the weight of the Route 53 weighted record.

D.

Create a new ALB during a failover event, and remap the target group to the new ALB.

Question 64

Question:

A company runs a mobile game app that stores session data (up to 256 KB) for up to 48 hours. The data updates frequently and must be deleted automatically after expiration. Restorability is also required.

Options:

Options:

A.

Use an Amazon DynamoDB table to store the session data. Enable point-in-time recovery (PITR) and TTL.

B.

Use Amazon MemoryDB and enable PITR and TTL.

C.

Store session data in S3 Standard. Enable Versioning and a Lifecycle rule to expire objects after 48 hours.

D.

Store data in S3 Intelligent-Tiering with Versioning and a Lifecycle rule to expire after 48 hours.

Page: 16 / 69
Total 954 questions