SAA-C03-VOL2 12th Grade Quiz

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A solutions architect is designing a VPC with public and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs) for high availability. An internet gateway is used to provide internet access for the public subnets. The private subnets require access to the internet to allow Amazon EC2 instances to download software updates. What should the solutions architect do to enable Internet access for the private subnets?

Create three NAT gateways, one for each public subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT gateway in its AZ.

Create three NAT instances, one for each private subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT instance in its AZ.

Create a second internet gateway on one of the private subnets. Update the route table for the private subnets that forward non-VPC traffic to the private internet gateway.

Create an egress-only internet gateway on one of the public subnets. Update the route table for the private subnets that forward non-VPC traffic to the egress-only Internet gateway.

2.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

A company wants to migrate an on-premises data center to AWS. The data center hosts an SFTP server that stores its data on an NFS-based file system. The server holds 200 GB of data that needs to be transferred. The server must be hosted on an Amazon EC2 instance that uses an Amazon Elastic File System (Amazon EFS) file system. Which combination of steps should a solutions architect take to automate this task? (Choose two.)

Launch the EC2 instance into the same Availability Zone as the EFS file system.

Install an AWS DataSync agent in the on-premises data center.

Create a secondary Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instance for the data.

Manually use an operating system copy command to push the data to the EC2 instance.

Use AWS DataSync to create a suitable location configuration for the on-premises SFTP server.

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company has an AWS Glue extract, transform, and load (ETL) job that runs every day at the same time. The job processes XML data that is in an Amazon S3 bucket. New data is added to the S3 bucket every day. A solutions architect notices that AWS Glue is processing all the data during each run. What should the solutions architect do to prevent AWS Glue from reprocessing old data?

Edit the job to use job bookmarks.

Edit the job to delete data after the data is processed.

Edit the job by setting the NumberOfWorkers field to 1.

Use a FindMatches machine learning (ML) transform.

4.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

A solutions architect must design a highly available infrastructure for a website. The website is powered by Windows web servers that run on Amazon EC2 instances. The solutions architect must implement a solution that can mitigate a large-scale DDoS attack that originates from thousands of IP addresses. Downtime is not acceptable for the website. Which actions should the solutions architect take to protect the website from such an attack? (Choose two.)

Use AWS Shield Advanced to stop the DDoS attack.

Configure Amazon GuardDuty to automatically block the attackers.

Configure the website to use Amazon CloudFront for both static and dynamic content.

Use an AWS Lambda function to automatically add attacker IP addresses to VPC network ACLs.

Use EC2 Spot Instances in an Auto Scaling group with a target tracking scaling policy that is set to 80% CPU utilization.

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company is preparing to deploy a new serverless workload. A solutions architect must use the principle of least privilege to configure permissions that will be used to run an AWS Lambda function. An Amazon EventBridge (Amazon CloudWatch Events) rule will invoke the function. Which solution meets these requirements?

Add an execution role to the function with lambda:InvokeFunction as the action and * as the principal.

Add an execution role to the function with lambda:InvokeFunction as the action and Service: lambda.amazonaws.com as the principal.

Add a resource-based policy to the function with lambda:* as the action and Service: events.amazonaws.com as the principal.

Add a resource-based policy to the function with lambda:InvokeFunction as the action and Service: events.amazonaws.com as the principal.

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company is preparing to store confidential data in Amazon S3. For compliance reasons, the data must be encrypted at rest. Encryption key usage must be logged for auditing purposes. Keys must be rotated every year. Which solution meets these requirements and is the MOST operationally efficient?

Server-side encryption with customer-provided keys (SSE-C)

Server-side encryption with Amazon S3 managed keys (SSE-S3)

Server-side encryption with AWS KMS keys (SSE-KMS) with manual rotation

Server-side encryption with AWS KMS keys (SSE-KMS) with automatic rotation

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A bicycle sharing company is developing a multi-tier architecture to track the location of its bicycles during peak operating hours. The company wants to use these data points in its existing analytics platform. A solutions architect must determine the most viable multi-tier option to support this architecture. The data points must be accessible from the REST API. Which action meets these requirements for storing and retrieving location data?

Use Amazon Athena with Amazon S3.

Use Amazon API Gateway with AWS Lambda.

Use Amazon QuickSight with Amazon Redshift.

Use Amazon API Gateway with Amazon Kinesis Data Analytics.

8.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company has an automobile sales website that stores its listings in a database on Amazon RDS. When an automobile is sold, the listing needs to be removed from the website and the data must be sent to multiple target systems. Which design should a solutions architect recommend?

Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS) queue for the targets to consume.

Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS) FIFO queue for the targets to consume.

Subscribe to an RDS event notification and send an Amazon Simple Queue Service (Amazon SQS) queue fanned out to multiple Amazon Simple Notification Service (Amazon SNS) topics. Use AWS Lambda functions to update the targets.

Subscribe to an RDS event notification and send an Amazon Simple Notification Service (Amazon SNS) topic fanned out to multiple Amazon Simple Queue Service (Amazon SQS) queues. Use AWS Lambda functions to update the targets.

9.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company needs to store data in Amazon S3 and must prevent the data from being changed. The company wants new objects that are uploaded to Amazon S3 to remain unchangeable for a nonspecific amount of time until the company decides to modify the objects. Only specific users in the company's AWS account can have the ability 10 delete the objects. What should a solutions architect do to meet these requirements?

Create an S3 Glacier vault. Apply a write-once, read-many (WORM) vault lock policy to the objects.

Create an S3 bucket with S3 Object Lock enabled. Enable versioning. Set a retention period of 100 years. Use governance mode as the S3 bucket’s default retention mode for new objects.

Create an S3 bucket. Use AWS CloudTrail to track any S3 API events that modify the objects. Upon notification, restore the modified objects from any backup versions that the company has.

Create an S3 bucket with S3 Object Lock enabled. Enable versioning. Add a legal hold to the objects. Add the s3:PutObjectLegalHold permission to the IAM policies of users who need to delete the objects.

10.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

A social media company allows users to upload images to its website. The website runs on Amazon EC2 instances. During upload requests, the website resizes the images to a standard size and stores the resized images in Amazon S3. Users are experiencing slow upload requests to the website. The company needs to reduce coupling within the application and improve website performance. A solutions architect must design the most operationally efficient process for image uploads. Which combination of actions should the solutions architect take to meet these requirements? (Choose two.)

Configure the application to upload images to S3 Glacier.

Configure the web server to upload the original images to Amazon S3.

Configure the application to upload images directly from each user's browser to Amazon S3 through the use of a presigned URL

Configure S3 Event Notifications to invoke an AWS Lambda function when an image is uploaded. Use the function to resize the image.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule that invokes an AWS Lambda function on a schedule to resize uploaded images.

Create a free account and access millions of resources

Similar Resources on Quizizz

Popular Resources on Quizizz

Discover more resources for Arts