AWS Certified Solutions Architect – Associate 온라인 연습
최종 업데이트 시간: 2021년04월05일,180문제.
당신은 온라인 연습 문제를 통해 Amazon SAA-C02 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 SAA-C02 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 65개의 시험 문제와 답을 포함하십시오.
Question No : 1
A solution architect is performing a security review of a recently migrated workload. The workload is a web application that consists of amazon EC2 instances in an Auto Scaling group behind an Application Load balancer. The solution architect must improve the security posture and minimize the impact of a DDoS attack on resources.
Which solution is MOST effective?
Question No : 2
A company is using a third-party vendor to manage its marketplace analytics. The vendor needs limited programmatic access to resources in the company's account. All the needed policies have been created to grant appropriate access.
Which additional component will provide the vendor with the MOST secure access to the account?
Question No : 3
A gaming company has multiple Amazon EC2 instances in a single Availability Zone for its multiplayer game that communicates with users on Layer 4. The chief technology officer (CTO) wants to make the architecture highly available and cost-effective
What should a solutions architect do to meet these requirements? (Select TWO.)
Question No : 4
A business application is hosted on Amazon EC2 and uses Amazon S3 for encrypted object storage. The chief information security officer has directed that no application traffic between the two services should traverse the public internet.
Which capability should the solutions architect use to meet the compliance requirements?
Question No : 5
A company recently started using Amazon Aurora as the data store for its global ecommerce application. When large reports are run, developers report that the ecommerce application is performing poorly. After reviewing metrics in Amazon CloudWatch, a solutions architect finds that the ReadlOPS and CPU Utilization metrics are spiking when monthly reports run.
What is the MOST cost-effective solution?
Question No : 6
A company that recently started using AWS establishes a Site-to-Site VPN between its on-premises data center and AWS. The company's security mandate states that traffic originating from on premises should stay within the company's private IP space when communicating with an Amazon Elastic Container Service (Amazon ECS) cluster that is hosting a sample web application.
Which solution meets this requirement?
Question No : 7
A development team stores its Amazon RDS MySQL DB instance user name and password credentials in a configuration file. The configuration file is stored as plaintext on the root device volume of the team's Amazon EC2 instance. When the team's application needs to reach the database, it reads the file and loads the credentials into the code. The team has modified the permissions of the configuration file so that only the application can read its content A solutions architect must design a more secure solution.
What should the solutions architect do to meet this requirement?
Question No : 8
The following IAM policy is attached to an IAM group.
This is the only policy applied to the group.
What are the effective IAM permissions of this policy for group members?
Question No : 9
A company has multiple applications that use Amazon RDS lor MySQL as is database. The company recently discovered that a new custom reporting application has Increased the number of Queries on the database. This is slowing down performance.
How should a solutions architect resolve this issue with the LEAST amount of application changes?
Question No : 10
A company is building applications in containers. The company wants to migrate its on-premises development and operations services from its on-premises data center to AWS. Management states that production system must be cloud agnostic and use the same configuration and administrator tools across production systems. A solutions architect needs to design a managed solution that will align open-source software.
Which solution meets these requirements?
Question No : 11
A company is. moving its on-premises applications to Amazon EC2 instances. However as a result of fluctuating compute requirements, the EC2 instances must always be ready to use between 8 AM and 5 PM in specific Availability Zones.
Which EC2 instances should the company choose to run the applications?
Question No : 12
A company uses an Amazon S3 bucket to store static images for its website. The company configured permissions to allow access to Amazon S3 objects by privileged users only.
What should a solutions architect do to protect against data loss? (Select TWO.)
Question No : 13
A solutions architect is creating a new VPC design. There are two public subnet for the load balancer, two private subnets for web servers, and two private subnets for MySQL. The web serves use only HTTPS. The solutions architect has already created a security group for the load Balancer allowing port 443 from 0.0 0.0/0. Company policy requires that each resource has the least access required to still be able to perform its tasks.
Which additional configuration strategy should the solution architect use to meet these requirements?
Question No : 14
A company is planning on deploying a newly built application on AWS in a default VPC. The application will consist of a web layer and database layer. The web server was created in public subnets, and the MySQL database was created in private subnets. All subnets are created with the default network ACL settings, and the default security group in the VPC will be replaced with new custom security groups.
The following are the key requirements:
•. The web servers must be accessible only to users on an SSL connection.
•. The database should be accessible to the web layer, which is created in a public subnet only.
• All traffic to and from the IP range 126.96.36.199/16 subnet should be blocked.
Which combination of steps meets these requirements? (Select TWO.)
Question No : 15
A company has two applications: a sender application that sends messages with payloads to be processed and a processing application intended to receive the messages with payloads. The company wants to implement an AWS service to handle messages between the two applications. The sender application can send about 1,000 messages each hour. The messages may take up to 2 days to be processed If the messages fail to process, they must be retained so that they do not impact the processing of any remaining messages.
Which solution meets these requirements and is the MOST operationally efficient?