Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Note! Following SAA-C02 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is SAA-C03

Verified By IT Certified Experts

CertsTopics.com Certified Safe Files

Up-To-Date Exam Study Material

99.5% High Success Pass Rate

100% Accurate Answers

Instant Downloads

Exam Questions And Answers PDF

Try Demo Before You Buy

Certification Exams with Helpful Questions And Answers

What our customers are saying

Argentina certstopics Argentina
Jennifer
Feb 10, 2025
It is with a great pleasure that I am talking about my success here. I am writing to tell you that I passed my Amazon Web Services SAA-C02 exam today with high score. Unbelievably, the miracle has happened! I am so pleased, so happy, so glad that it seems to be a dream!!!! Thank you very much certstopics.com for everything.
Angola certstopics Angola
Warren
Jan 2, 2025
Passed with 810 marks in my Amazon Web Services SAA-C02 exam today. CertsTopics Study Guide is pretty awesome and taught me exactly what I needed to know to do well. I highly recommend CertsTopics to everyone who is intrested in taking the exam. Thank you so much!!!

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Question 1

A company is designing a new multi-tier web application that consists of the following components:

• Web and application servers that run on Amazon EC2 instances as part of Auto Scaling groups

• An Amazon RDS DB instance for data storage

A solutions architect needs to limit access to the application servers so that only the web servers can access them Which solution will meet these requirements?

Options:

A.

Deploy AWS PrivateLink in front of the application servers Configure the network ACL to allow only the web servers to access the application servers

B.

Deploy a VPC endpoint in front of the application servers Configure the security group to allow only the web servers to access the application servers

C.

Deploy a Network Load Balancer with a target group that contains the application servers" Auto Scaling group. Configure the network ACL to allow only the web servers to access the application servers

D.

Deploy an Application Load Balancer with a target group that contains the application servers' Auto Scaling group Configure the security group to allow only the web servers to access the application servers.

Buy Now
Question 2

A company's website is used to sell products to the public The site runs on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB) There is also an Amazon CloudFront distribution and AWS WAF Is being used to protect against SQL injection attacks The ALB is the origin for the CloudFront distribution A recent review of security logs revealed an external malicious IP that needs to be blocked from accessing the website

What should a solutions architect do to protect the application?

Options:

A.

Modify the network ACL on the CloudFront distribution to add a deny rule for the malicious IP address

B.

Modify the configuration of AWS WAF to add an IP match condition to block the malicious IP address

C.

Modify the network ACL for the EC2 instances in the target groups behind the ALB to deny the malicious IP address

D.

Modify the security groups for the EC2 instances in the target groups behind the ALB to deny the malicious IP address

Question 3

A company is running an application on AWS to process weather sensor data that is stored in an Amazon S3 bucket. Three batch jobs run hourly to process the data in the S3 bucket for different purposes. The company wants to reduce the overall processing time by running. The three applications in parallel using an event-based approach.

What should a solutions architect do to meet these requirements?

Options:

A.

Enable S3 Event Notifications for new objects to an Amazon Simple Queue Service (Amazon SOS) FIFO queue Subscribe al applications to the queue for processing.

B.

Enable S3 Event Notifications for new objects to an Amazon Simple Queue Service (Amazon SOS) standard queue Create an additional SOS queue for all applications, and subscribe all applications to the meal queue for processing.

C.

Enable S3 Event Notifications for new objects to separate Amazon Simple Queue Service (Amazon SOS) FIFO queues Create an additional SOS queue (or each application and subscribe each queue to the initial topic for processing

D.

Enable S3 Event Notifications tor new objects to an Amazon Simple Notification Service (Amazon SNS) topic. Create an Amazon Simple Queue Service (Amazon SOS) queue for each application, and subscribe each queue to the topic for processing