2020/July New Braindump2go SAA-C02 Exam Dumps with PDF and VCE Free Updated Today! Following are some SAA-C02 Real Exam Questions!
QUESTION 208
A company is designing a new service that will run on Amazon EC2 instance behind an Elastic Load Balancer.
However, many of the web service clients can only reach IP addresses whitelisted on their firewalls.
What should a solution architect recommend to meet the clients’ needs?
A. A Network Load Balancer with an associated Elastic IP address.
B. An Application Load Balancer with an a associated Elastic IP address
C. An A record in an Amazon Route 53 hosted zone pointing to an Elastic IP address
D. An EC2 instance with a public IP address running as a proxy in front of the load balancer
Answer: A
QUESTION 209
A company is investigating potential solutions that would collect, process, and store users’ service usage data.
The business objective is to create an analytics capability that will enable the company to gather operational insights quickly using standard SQL queries.
The solution should be highly available and ensure Atomicity, Consistency, Isolation, and Durability (ACID) compliance in the data tier.
Which solution should a solutions architect recommend?
A. Use Amazon DynamoDB transactions
B. Create an Amazon Neptune database in a Multi AZ design
C. Use a fully managed Amazon RDS for MySQL database in a Multi-AZ design
D. Deploy PostgreSQL on an Amazon EC2 instance that uses Amazon EBS Throughput Optimized HDD (st1) storage.
Answer: A
QUESTION 210
A company runs a web service on Amazon CC2 instances behind an Application Load Balancer.
The instances run in an Amazon EC2 Auto Scaling group across two Availability zones.
The company needs a minimum of tour instances a! all limes to meet the required service level agreement (SLA) while keeping costs low.
If an Availability Zone tails, how can the company remain compliant with the SLA?
A. Add a target tracking scaling policy with a short cooldown period
B. Change the Auto Scaling group launch configuration to use a larger instance type
C. Change the Auto Scaling group to use six servers across three Availability Zones
D. Change the Auto Scaling group to use eight servers across two Availability Zones
Answer: A
QUESTION 211
An ecommerce company has noticed performance degradation of its Amazon RDS based web application.
The performance degradation is attribute to an increase in the number of read-only SQL queries triggered by business analysts.
A solution architect needs to solve the problem with minimal changes to the existing web application.
What should the solution architect recommend?
A. Export the data to Amazon DynamoDB and have the business analysts run their queries.
B. Load the data into Amazon ElasticCache and have the business analysts run their queries.
C. Create a read replica of the primary database and have the business analysts run their queries.
D. Copy the data into an Amazon Redshift cluster and have the business analysts run their queries.
Answer: C
QUESTION 212
A company is building applications in containers.
The company wants to migrate its on-premises development and operations services from its on-premises data center to AWS.
Management states that production system must be cloud agnostic and use the same configuration and administrator tools across production systems.
A solutions architect needs to design a managed solution that will align open-source software.
Which solution meets these requirements?
A. Launch the containers on Amazon EC2 with EC2 instance worker nodes.
B. Launch the containers on Amazon Elastic Kubernetes Service (Amazon EKS) and EKS workers nodes.
C. Launch the containers on Amazon Elastic Containers service (Amazon ECS) with AWS Fargate instances.
D. Launch the containers on Amazon Elastic Container Service (Amazon EC) with Amazon EC2 instance worker nodes.
Answer: C
QUESTION 213
A company is running a two-tier ecommerce website using services.
The current architect uses a publish- facing Elastic Load Balancer that sends traffic to Amazon EC2 instances in a private subnet.
The static content is hosted on EC2 instances, and the dynamic content is retrieved from a MYSQL database.
The application is running in the United States. The company recently started selling to users in Europe and Australia.
A solution architect needs to design solution so their international users have an improved browsing experience.
Which solution is MOST cost-effective?
A. Host the entire website on Amazon S3.
B. Use Amazon CloudFront and Amazon S3 to host static images.
C. Increase the number of public load balancers and EC2 instances
D. Deploy the two-tier website in AWS Regions in Europe and Austraila.
Answer: B
QUESTION 214
A database is on an Amazon RDS MYSQL 5.6 Multi-AZ DB instance that experience highly dynamic reads.
Application developers notice a significant slowdown when testing read performance from a secondary AWS Region.
The developers want a solution that provides less than 1 second of read replication latency.
What should the solutions architect recommend?
A. Install MySQL on Amazon EC2 in (he secondary Region.
B. Migrate the database to Amazon Aurora with cross-Region replicas.
C. Create another RDS for MySQL read replica in the secondary.
D. Implement Amazon ElastiCache to improve database query performance.
Answer: B
QUESTION 215
An operations team has a standard that states IAM policies should not be applied directly to users.
Some new members have not been following this standard.
The operation manager needs a way to easily identify the users with attached policies.
What should a solutions architect do to accomplish this?
A. Monitor using AWS CloudTrail
B. Create an AWS Config rule to run daily
C. Publish 1AM user changes lo Amazon SNS
D. Run AWS Lambda when a user is modified
Answer: A
QUESTION 216
A company has established a new AWS account.
The account is newly provisioned and no changed have been made to the default settings.
The company is concerned about the security of the AWS account root user.
What should be done to secure the root user?
A. Create 1AM users for daily administrative tasks.
Disable the root user.
B. Create 1AM users for daily administrative tasks.
Enable multi-factor authentication on the root user.
C. Generate an access key for the root user.
Use the access key for daily administration tasks instead of the AWS Management Console.
D. Provide the root user credentials to the most senior solution architect.
Have the solution architect use the root user for daily administration tasks.
Answer: D
QUESTION 217
A healthcare company stores highly sensitive patient records.
Compliance requires that multiple copies be stored in different locations Each record must be stored for 7 years.
The company has a service level agreement (SLA) to provide records to government agencies immediately for the first 30 days and then within 4 hours of a request thereafter.
What should a solutions architect recommend?
A. Use Amazon S3 with cross-Region replication enabled.
After 30 days, transition the data to Amazon S3 Glacier using lifecycle policy
B. Use Amazon S3 with cross-origin resource sharing (CORS) enabled.
After 30 days, transition the data to Amazon S3 Glacier using a lifecycle policy.
C. Use Amazon S3 with cross-Region replication enabled.
After 30 days, transition the data to Amazon S3 Glacier Deep Achieve using a lifecycle policy
D. Use Amazon S3 with cross-origin resource sharing (GORS) enabled.
After 30 days, transition the data to Amazon S3 Glacier Deep Archive using a lifecycle policy
Answer: A
QUESTION 218
A solutions architect must create a highly available bastion host architecture.
The solution needs to be resilient within a single AWS Region and should require only minimal effort to maintain.
What should the solutions architect do to meet these requirements?
A. Create a Network Load Balancer backed by an Auto Scaling group with a UDP listener.
B. Create a Network Load Balancer backed by a Spot Fleet with instances in a group with instances in a partition placement group.
C. Create a Network Load Balancer backed by the existing serves in different Availability Zones as the target.
D. Create a Network Load Balancer backed by an Auto Scaling with instances in multiple Availability zones as the target
Answer: D
QUESTION 219
A solution architect is designing a hybrid application using the AWS cloud.
The network between the on- premises data center and AWS will use an AWS Direct Connect (DX) connection.
The application connectivity between AWS and the on-premises data center must be highly resilient.
Which DX configuration should be implemented to meet these requirements?
A. Configure a DX connection with a VPN on top of it.
B. Configure DX connections at multiple DX locations.
C. Configure a DX connection using the most reliable DX partner.
D. Configure multiple virtual interfaces on top of a DX connection.
Answer: B
QUESTION 220
A company plans to store sensitive user data on Amazon S3.
Internal security compliance requirement mandata encryption of data before sending it to Amazon S3.
What should a solution architect recommend to satisfy these requirements?
A. Server-side encryption with customer-provided encryption keys
B. Client-side encryption with Amazon S3 managed encryption keys
C. Server-side encryption with keys stored in AWS key Management Service (AWS KMS)
D. Client-side encryption with a master key stored in AWS Key Management Service (AWS KMS)
Answer: A
QUESTION 221
A company is using Amazon EC2 to run its big data analytics workloads.
These variable workloads run each night, and it is critical they finish by the start of business the following day.
A solutions architect has been tasked with designing the MOST cost-effective solution.
Which solution will accomplish this?
A. Spot Fleet
B. Spot Instances
C. Reserved Instances
D. On-Demand Instances
Answer: C
QUESTION 222
A company mandates that an Amazon S3 gateway endpoint must allow traffic to trusted buckets only.
Which method should a solutions architect implement to meet this requirement?
A. Create a bucket policy for each of the company’s trusted S3 buckets that allows traffic only from the company’s trusted VPCs
B. Create a bucket policy for each of the company’s trusted S3 buckets that allows traffic only from the company’s S3 gateway endpoint IDs
C. Create an S3 endpoint policy for each of the company’s S3 gateway endpoints that blocks access from any VPC other than the company’s trusted VPCs
D. Create an S3 endpoint policy for each of the company’s S3 gateway endpoints that provides access to the Amazon Resource Name (ARN) of the trusted S3 buckets
Answer: D
QUESTION 223
A company is designing a web application using AWS that processes insurance quotes Users will request quotes from the application.
Quotes must be separated by quote type must be responded to within 24 hours, and must not be lost.
The solution should be simple to set up and maintain.
Which solution meets these requirements?
A. Create multiple Amazon Kinesis data streams based on the quote type.
Configure the web application to send messages to the proper data stream.
Configure each backend group of application servers to pool messages from its own data stream using the Kinesis Client Library (KCL)
B. Create multiple Amazon Simple Notification Service (Amazon SNS) topics and register Amazon SQS queues to their own SNS topic based on the quote type.
Configure the web application to publish messages to the SNS topic queue.
Configure each backend application server to work its own SQS queue
C. Create a single Amazon Simple Notification Service (Amazon SNS) topic and subscribe the Amazon SQS queues to the SNS topic.
Configure SNS message filtering to publish messages to the proper SQS queue based on the quote type.
Configure each backend application server to work its own SQS queue.
D. Create multiple Amazon Kinesis Data Firehose delivery streams based on the quote type to deliver data streams to an Amazon Elasticsearch Service (Amazon ES) cluster.
Configure the web application to send messages to the proper delivery stream.
Configure each backend group of application servers to search for the messages from Amazon ES and process them accordingly
Answer: D
QUESTION 224
A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database Compliance regulations mandate that all personally identifiable information (Pll) be encrypted at rest.
Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure”
A. Deploy AWS Certificate Manager to generate certificates.
Use the certificates to encrypt the database volume
B. Deploy AWS CloudHSM. generate encryption keys, and use the customer master key (CMK) to encrypt database volumes.
C. Configure SSL encryption using AWS Key Management Service customer master keys (AWS KMS CMKs) to encrypt database volumes
D. Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes.
Answer: D
QUESTION 225
A company is creating an architecture for a mobile app that requires minimal latency for its users.
The company’s architecture consists of Amazon EC2 instances behind an Application Load Balancer running in an Auto Scaling group.
The EC2 instances connect to Amazon RDS. Application beta testing showed there was a slowdown when reading the data However the metrics indicate that the EC2 instances do not cross any CPU utilization thresholds
How can this issue be addressed1?
A. Reduce the threshold for CPU utilization in the Auto Scaling group
B. Replace the Application Load Balancer with a Network Load Balancer.
C. Add read replicas for the RDS instances and direct read traffic to the replica.
D. Add Multi-AZ support to the RDS instances and direct read traffic to the new EC2 instance.
Answer: C
QUESTION 226
A company recently released a new type of internet-connected sensor.
The company is expecting lo sell thousands of sensors, which are designed to stream high volumes of data each second to a central location.
A solutions architect must design a solution that ingests and stores data so that engineering teams can analyze it in near-real time with millisecond responsiveness.
Which solution should the solutions architect recommend?
A. Use an Amazon SQS queue to ingest the data.
Consume the data with an AWS Lambda function, which then stores the data in Amazon Redshift.
B. Use an Amazon SOS queue to ingest the data.
Consume the data with an AWS Lambda function, which then stores the data in Amazon DynamoDB.
C. Use Amazon Kinesis Data Streams to ingest the data.
Consume the data with an AWS Lambda function, which then stores the data in Amazon Redshift.
D. Use Amazon Kinesis Data Streams to ingest the data.
Consume the data with an AWS Lambda function, which then stores the data in Amazon DynamoDB.
Answer: A
QUESTION 227
A company is migrating a NoSQL database cluster to Amazon EC2.
The database automatically replicates data to maintain at least three copies of the data. I/O throughput of the servers is the highest priority.
Which instance type should a solutions architect recommend for the migration?
A. Storage optimized instances with instance store
B. Burstable general purpose instances with an Amazon Elastic Block Store (Amazon EBS) volume
C. Memory optimized instances with Amazon Elastic Block Store (Amazon EBS) optimization enabled
D. Compute optimized instances with Amazon Elastic Block Store (Amazon EBS) optimization enabled
Answer: A
QUESTION 228
A company operates a website on Amazon EC2 Linux instances.
Some of the instances are faring Troubleshooting points to insufficient swap space on the failed instances.
The operations team lead needs a solution to monitor this.
What should a solutions architect recommend?
A. Configure an Amazon CloudWatch SwapUsage metric dimension.
Monitor the SwapUsage dimension in the EC2 metrics in CloudWatch.
B. Use EC2 metadata to collect information, then publish it to Amazon CloudWatch custom metrics.
Monitor SwapUsage metrics in CloudWatch.
C. Install an Amazon CloudWatch agent on the instances.
Run an appropriate script on a set schedule.
Monitor SwapUtilizalion metrics in CloudWatch.
D. Enable detailed monitoring in the EC2 console.
Create an Amazon CloudWatch SwapUtilizalion custom metric.
Monitor SwapUtilization metrics in CloudWatch.
Answer: A
Resources From:
1.2020 Latest Braindump2go SAA-C02 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/saa-c02.html
2.2020 Latest Braindump2go SAA-C02 PDF and SAA-C02 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1_5IK3H_eM74C6AKwU7sKaLn1rrn8xTfm?usp=sharing
3.2020 Free Braindump2go SAA-C02 PDF Download:
https://www.braindump2go.com/free-online-pdf/SAA-C02-Dumps(241-251).pdf
https://www.braindump2go.com/free-online-pdf/SAA-C02-PDF(230-240).pdf
https://www.braindump2go.com/free-online-pdf/SAA-C02-PDF-Dumps(208-218).pdf
https://www.braindump2go.com/free-online-pdf/SAA-C02-VCE(219-229).pdf
https://www.braindump2go.com/free-online-pdf/SAA-C02-VCE-Dumps(252-262).pdf
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!