Exactprep SAA-C03 Questions

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Question 57

A company is redesigning a static website. The company needs a solution to host the new website in the company's AWS account. The solution must be secure and scalable.

Which combination of solutions will meet these requirements? (Select THREE.)

Options:

Configure an Amazon CloudFront distribution. Set the Amazon S3 bucket as the origin.

Associate an AWS Certificate Manager (ACM) TLS certificate to the Amazon CloudFront distribution.

Enable static website hosting for the Amazon S3 bucket.

Create an Amazon S3 bucket to store the static website content.

Export the website's SSL/TLS certificate from AWS Certificate Manager (ACM) to the root of the Amazon S3 bucket.

Turn off Block Public Access for the Amazon S3 bucket.

Question 58

A company wants to implement a data lake in the AWS Cloud. The company must ensure that only specific teams have access to sensitive data in the data lake. The company must have row-level access control for the data lake.

Options:

Use Amazon RDS to store the data. Use IAM roles and permissions for data governance and access control.

Use Amazon Redshift to store the data. Use IAM roles and permissions for data governance and access control.

Use Amazon S3 to store the data. Use AWS Lake Formation for data governance and access control.

Use AWS Glue Catalog to store the data. Use AWS Glue DataBrew for data governance and access control.

Question 59

A company hosts an application on Amazon EC2 instances that are part of a target group behind an Application Load Balancer (ALB). The company has attached a security group to the ALB.

During a recent review of application logs, the company found many unauthorized login attempts from IP addresses that belong to countries outside the company's normal user base. The company wants to allow traffic only from the United States and Australia.

Options:

Edit the default network ACL to block IP addresses from outside of the allowed countries.

Create a geographic match rule in AWS WAF. Attach the rule to the ALB.

Configure the ALB security group to allow the IP addresses of company employees. Edit the default network ACL to block IP addresses from outside of the allowed countries.

Use a host-based firewall on the EC2 instances to block IP addresses from outside of the allowed countries. Configure the ALB security group to allow the IP addresses of company employees.

Question 60

A solutions architect is designing a system to be highly resilient. The system uses Amazon Route 53 with health checks and an Application Load Balancer (ALB). The system is critical and must have the highest availability possible.

Options:

Automate failover to a healthy resource by automatically updating the value of the Route 53 A record.

Configure the Route 53 health checks to perform a failover automatically.

Automate failover to a healthy resource by updating the weight of the Route 53 weighted record.

Create a new ALB during a failover event, and remap the target group to the new ALB.

Big 11.11 Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

AWS Certified Solutions Architect - Associate (SAA-C03) Questions and Answers

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

CompTIA

Fortinet

Microsoft

Salesforce