Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

SAA-C03 Reviews Questions

Page: 2 / 69
Total 954 questions

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Question 5

A company is moving its on-premises Oracle database to Amazon Aurora PostgreSQL. The database has several applications that write to the same tables. The applications need to be migrated one by one with a month in between each migration. Management has expressed concerns that the database has a high number of reads and writes. The data must be kept in sync across both databases throughout the migration.

What should a solutions architect recommend?

Options:

A.

Use AWS DataSync for the initial migration. Use AWS DMS to create a change data capture CDC replication task and a table mapping to select all tables.

B.

Use AWS DataSync for the initial migration. Use AWS DMS to create a full load plus change data capture CDC replication task and a table mapping to select all tables.

C.

Use the AWS SCT with AWS DMS using a memory optimized replication instance. Create a full load plus change data capture CDC replication task and a table mapping to select all tables.

D.

Use the AWS SCT with AWS DMS using a compute optimized replication instance. Create a full load plus change data capture CDC replication task and a table mapping to select the largest tables.

Question 6

A company has an application that runs only on Amazon EC2 Spot Instances. The instances run in an Amazon EC2 Auto Scaling group with scheduled scaling actions. However, the capacity does not always increase at the scheduled times, and instances terminate many times a day. A solutions architect must ensure that the instances launch on time and have fewer interruptions.

Which action will meet these requirements?

Options:

A.

Specify the capacity-optimized allocation strategy for Spot Instances. Add more instance types to the Auto Scaling group.

B.

Specify the capacity-optimized allocation strategy for Spot Instances. Increase the size of the instances in the Auto Scaling group.

C.

Specify the lowest-price allocation strategy for Spot Instances. Add more instance types to the Auto Scaling group.

D.

Specify the lowest-price allocation strategy for Spot Instances. Increase the size of the instances in the Auto Scaling group.

Question 7

A company performs a security review of its AWS workloads and finds that all the company ' s IAM users have the AdministratorAccess IAM managed policy directly attached. The company ' s IAM users belong to either an engineering department or an operations department. Engineering users require full read and write access to all resources. Operations users require only read access to all resources.

The company must apply the principle of least privilege to user access.

Which solution will meet this requirement in the MOST operationally efficient way?

Options:

A.

Create an IAM group for each department. Add either the AdministratorAccess or ReadOnlyAccess IAM managed policy to each group as appropriate. Add each department user to the appropriate IAM group. Remove existing IAM permissions from the users.

B.

Create an IAM group named Staff. Apply both the AdministratorAccess and ReadOnlyAccess IAM managed policy to the Staff IAM group. Add all IAM users to the Staff group. Remove existing IAM permissions from the users.

C.

Add the ReadOnlyAccess IAM managed policy to IAM users that belong to the operations department. Remove existing AdministratorAccess IAM permissions from the operations department users. Add a tag of Operations to the operations department IAM users.

D.

Add the ReadOnlyAccess inline policy statement to IAM users that belong to the operations department. Remove the existing AdministratorAccess IAM permissions from operations department users. Add a tag of Operations to the operations department IAM users.

Question 8

A company runs an application on Amazon EC2 instances. The instances need to access an Amazon RDS database by using specific credentials. The company uses AWS Secrets Manager to contain the credentials the EC2 instances must use.

Which solution will meet this requirement?

Options:

A.

Create an IAM role, and attach the role to each EC2 instance profile. Use an identity-based policy to grant the new IAM role access to the secret that contains the database credentials.

B.

Create an IAM user, and attach the user to each EC2 instance profile. Use a resource-based policy to grant the new IAM user access to the secret that contains the database credentials.

C.

Create a resource-based policy for the secret that contains the database credentials. Use EC2 Instance Connect to access the secret.

D.

Create an identity-based policy for the secret that contains the database credentials. Grant direct access to the EC2 instances.

Page: 2 / 69
Total 954 questions