AWS Certified Solutions Architect -
Associate (SAA-C02) Questions And
Answers 2022/2023
A Solutions Architect is developing a document sharing
... [Show More] application and needs a
storage layer. The storage should provide automatic support for versioning so that
users can easily roll back to a previous version or recover a deleted account.
What AWS service will meet the above requirements? - Correct Answer- Amazon S3
A company is planning on using the AWS Redshift service. The Redshift service and
data on it would be used continuously for the next 3 years as per the current
business plan.
What would be the most cost-effective solution in this scenario? - Correct AnswerConsider using Reserved Instances for the Redshift Cluster.
A company is using a Redshift cluster to store their data warehouse. There is a
requirement from the Internal IT Security team to encrypt data for the Redshift
database. How can this be achieved? - Correct Answer- Use AWS KMS Customer
Default master key.
A company stores its log data in an S3 bucket. There is a current need to have
search capabilities available for the data in S3. How can this be achieved in an
efficient and ongoing manner? - Correct Answer- - Load the data into Amazon
Elasticsearch.
- Use an AWS Lambda function which gets triggered whenever data is added to the
S3 bucket.
You are working on creating a mobile application for your company. This application
is being built to work with DynamoDB as the back end and JavaScript as the front
end. During application usage, you notice that there are spikes in the application,
especially in the DynamoDB area.
What will provide the most cost-effective and scalable architecture for this
application? - Correct Answer- Create a service that pulls SQS messages and writes
these to DynamoDB to handle suddenspikes in DynamoDB.
An application needs to have a messaging system in AWS. It is of the utmost
importance that the order of messages is preserved and duplicate messages are not
sent. What service can help fulfill this requirement? - Correct Answer- AWS SQS
FIFO
Which of the following is not a feature of AWS Security Token Service? - Correct
Answer- STS generates Git Credentials for IAM users.
An administrator runs a highly available application in AWS. A file storage layer is
needed that can share between instances and scale the platform more easily.
What AWS service can perform this action? - Correct Answer- Amazon EFS
You are planning on hosting a web and MySQL database application in an AWS
VPC. The database should only be accessible by the web server. What would you
change to fulfill this requirement? - Correct Answer- Security groups
You need to ensure that instances in a private subnet can access the Internet. The
solution should be highly available and ensure less maintenance overhead. What
would ideally fit this requirement? - Correct Answer- Use the NAT Gateway in the
public subnet.
Currently, you're helping design and architect a highly available application. After
building the initial environment, you discover that a part of your application does not
work correctly until port 443 is added to the security group. After adding port 443 to
the appropriate security group, how much time will it take before the changes are
applied and the application begins working correctly? - Correct Answer- Changes
apply instantly to the security group, and the application should be able to respond to
443 requests.
Your current setup in AWS consists of the following architecture: 2 public subnets,
one subnet which has web servers accessed by users across the Internet and
another subnet for the database server. What will change the architecture adds a
better security boundary to the resources hosted in this setup? - Correct AnswerConsider moving the database server to a private subnet.
A retailer exports data daily from its transnational databases into an S3 bucket in the
Sydney region. The retailer's Data Warehousing team wants to import this data into
an existing Amazon Redshift cluster in their VPC at Sydney. Corporate security
policy mandates that data can only be transported within a VPC.
What will satisfy the security policy? - Correct Answer- - Amazon Redshift Enhanced
VPC Routing provides VPC resources, the access to Redshift.
- Redshift will not be able to access the S3 VPC endpoints without enabling
Enhanced VPC routing, so one option is not going to support the scenario if another
is not selected.
There is an application which consists of EC2 Instances behind a classic ELB. An
EC2 proxy is used for content management to backend instances. The application
might not be able to scale properly. What can be used to scale the proxy and
backend instances appropriately? - Correct Answer- Use Auto Scaling for the proxy
servers and backend instances.
Continues..... [Show Less]