AWS Certified Solutions Architect - Associate SAA-C02
AWS Certified Solutions Architect - Associate SAA-C02
AWS Certified Solutions Architect - Associate SAA-C02
Number: SAA-C02
Passing Score: 800
Time Limit: 120 min
File Version: 1
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
Exam A
QUESTION 1
A solutions architect is designing a high performance computing (HPC) workload on Amazon EC2. The
EC2 instances need to communicate to each other frequently and require network performance with low
latency and high throughput.
A. Launch the EC2 instances in a cluster placement group in one Availability Zone.
B. Launch the EC2 instances in a spread placement group in one Availability Zone.
C. Launch the EC2 instances in an Auto Scaling group in two Regions and peer the VPCs.
D. Launch the EC2 instances in an Auto Scaling group spanning multiple Availability Zones.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 2
A company wants to host a scalable web application on AWS. The application will be accessed by users
from different geographic regions of the world. Application users will be able to download and upload unique
data up to gigabytes in size. The development team wants a cost-effective solution to minimize upload and
download latency and maximize performance.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/ec2/autoscaling/
QUESTION 3
A company is migrating from an on-premises infrastructure to the AWS Cloud. One of the company’s
applications stores files on a Windows file server farm that uses Distributed File System Replication
(DFSR) to keep data in sync. A solutions architect needs to replace the file server farm.
A. Amazon EFS
B. Amazon FSx
C. Amazon S3
D. AWS Storage Gateway
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: https://docs.aws.amazon.com/fsx/latest/WindowsGuide/migrate-files-to-fsx-datasync.html
QUESTION 4
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
A company has a legacy application that process data in two parts. The second part of the process takes
longer than the first, so the company has decided to rewrite the application as two microservices running on
Amazon ECS that can scale independently.
A. Implement code in microservice 1 to send data to an Amazon S3 bucket. Use S3 event notifications to
invoke microservice 2.
B. Implement code in microservice 1 to publish data to an Amazon SNS topic. Implement code in
microservice 2 to subscribe to this topic.
C. Implement code in microservice 1 to send data to Amazon Kinesis Data Firehose. Implement code in
microservice 2 to read from Kinesis Data Firehose.
D. Implement code in microservice 1 to send data to an Amazon SQS queue. Implement code in
microservice 2 to process messages from the queue.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 5
A company’s application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The
instances run in an Amazon EC2 Auto Scaling group across multiple Availability Zones. On the first day of
every month at midnight, the application becomes much slower when the month-end financial calculation
batch executes. This causes the CPU utilization of the EC2 instances to immediately peak to 100%, which
disrupts the application.
What should a solutions architect recommend to ensure the application is able to handle the workload and
avoid downtime?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 6
A company runs a multi-tier web application that hosts news content. The application runs on Amazon EC2
instances behind an Application Load Balancer. The instances run in an EC2 Auto Scaling group across
multiple Availability Zones and use an Amazon Aurora database. A solutions architect needs to make the
application more resilient to periodic increases in request rates.
Correct Answer: BE
Section: (none)
Explanation
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
Explanation/Reference:
QUESTION 7
A company is migrating a three-tier application to AWS. The application requires a MySQL database. In the
past, the application users reported poor application performance when creating new entries. These
performance issues were caused by users generating different real-time reports from the application during
working hours.
Which solution will improve the performance of the application when it is moved to AWS?
A. Import the data into an Amazon DynamoDB table with provisioned capacity. Refactor the application to
use DynamoDB for reports.
B. Create the database on a compute optimized Amazon EC2 instance. Ensure compute resources
exceed the on-premises database.
C. Create an Amazon Aurora MySQL Multi-AZ DB cluster with multiple read replicas. Configure the
application reader endpoint for reports.
D. Create an Amazon Aurora MySQL Multi-AZ DB cluster. Configure the application to use the backup
instance of the cluster as an endpoint for the reports.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 8
A solutions architect is deploying a distributed database on multiple Amazon EC2 instances. The database
stores all data on multiple instances so it can withstand the loss of an instance. The database requires
block storage with latency and throughput to support several million transactions per second per server.
A. Amazon EBS
B. Amazon EC2 instance store
C. Amazon EFS
D. Amazon S3
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/ebs/
QUESTION 9
A start-up company has a web application based in the us-east-1 Region with multiple Amazon EC2
instances running behind an Application Load Balancer across multiple Availability Zones. As the
company’s user base grows in the us-west-1 Region, it needs a solution with low latency and high
availability.
A. Provision EC2 instances in us-west-1. Switch the Application Load Balancer to a Network Load
Balancer to achieve cross-Region load balancing.
B. Provision EC2 instances and an Application Load Balancer in us-west-1. Make the load balancer
distribute the traffic based on the location of the request.
C. Provision EC2 instances and configure an Application Load Balancer in us-west-1. Create an
accelerator in AWS Global Accelerator that uses an endpoint group that includes the load balancer
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
endpoints in both Regions.
D. Provision EC2 instances and configure an Application Load Balancer in us-west-1. Configure Amazon
Route 53 with a weighted routing policy. Create alias records in Route 53 that point to the Application
Load Balancer.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 10
A solutions architect is designing a solution to access a catalog of images and provide users with the ability
to submit requests to customize images. Image customization parameters will be in any request sent to an
AWS API Gateway API. The customized image will be generated on demand, and users will receive a link
they can click to view or download their customized image. The solution must be highly available for viewing
and customizing images.
A. Use Amazon EC2 instances to manipulate the original image into the requested customization Store the
original and manipulated images in Amazon S3. Configure an Elastic Load Balancer in front of the EC2
instances.
B. Use AWS Lambda to manipulate the original image to the requested customization. Store the original
and manipulated images in Amazon S3. Configure an Amazon CloudFront distribution with the S3
bucket as the origin.
C. Use AWS Lambda to manipulate the original image to the requested customization. Store the original
images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an Elastic Load
Balancer in front of the Amazon EC2 instances.
D. Use Amazon EC2 instances to manipulate the original image into the requested customization. Store
the original images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an
Amazon CloudFront distribution with the S3 bucket as the origin.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 11
A company is planning to migrate a business-critical dataset to Amazon S3. The current solution design
uses a single S3 bucket in the us-east-1 Region with versioning enabled to store the dataset. The
company's disaster recovery policy states that all data multiple AWS Regions.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://medium.com/@KerrySheldon/s3-exercise-2-4-adding-objects-to-an-s3-bucket-with-
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
cross-region-replication-a78b332b7697
QUESTION 12
A company has application running on Amazon EC2 instances in a VPC. One of the applications needs to
call an Amazon S3 API to store and read objects. The company’s security policies restrict any internet-
bound traffic from the applications.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/blogs/aws/new-vpc-endpoint-for-amazon-s3/
QUESTION 13
A company’s web application uses an Amazon RDS PostgreSQL DB instance to store its application data.
During the financial closing period at the start of every month. Accountants run large queries that impact the
database's performance due to high usage. The company wants to minimize the impact that the reporting
activity has on the web application.
What should a solutions architect do to reduce the impact on the database with the LEAST amount of
effort?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 14
A company wants to migrate a high performance computing (HPC) application and data from on-premises
to the AWS Cloud. The company uses tiered storage on premises with hot high-performance parallel
storage to support the application during periodic runs of the application, and more economical cold storage
to hold the data when the application is not actively running.
Which combination of solutions should a solutions architect recommend to support the storage needs of the
application? (Choose two.)
Correct Answer: AD
Section: (none)
Explanation
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
Explanation/Reference:
QUESTION 15
A company has been storing analytics data in an Amazon RDS instance for the past few years. The
company asked a solutions architect to find a solution that allows users to access this data using an API.
The expectation is that the application will experience periods of inactivity but could receive bursts of traffic
within seconds.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 16
A solutions architect at an ecommerce company wants to back up application log data to Amazon S3. The
solutions architect is unsure how frequently the logs will be accessed or which logs will be accessed the
most. The company wants to keep costs as low as possible by using the appropriate S3 storage class.
A. S3 Glacier
B. S3 Intelligent-Tiering
C. S3 Standard-Infrequent Access (S3 Standard-IA)
D. S3 One Zone-Infrequent Access (S3 One Zone-IA)
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
S3 One Zone-IA is for data that is accessed less frequently, but requires rapid access when needed. Unlike
other S3 Storage Classes which store data in a minimum of three Availability Zones (AZs), S3 One Zone-IA
stores data in a single AZ and costs 20% less than S3 Standard-IA. S3 One Zone-IA is ideal for customers
who want a lower-cost option for infrequently accessed data but do not require the availability and resilience
of S3 Standard or S3 Standard-IA. It’s a good choice for storing secondary backup copies of on-premises
data or easily re-creatable data. You can also use it as cost-effective storage for data that is replicated from
another AWS Region using S3 Cross-Region Replication.
QUESTION 17
A solutions architect is designing an application for a two-step order process. The first step is synchronous
and must return to the user with little latency. The second step takes longer, so it will be implemented in a
separate component. Orders must be processed exactly once and in the order in which they are received.
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-
queues.html
QUESTION 18
An application runs on Amazon EC2 instances across multiple Availability Zones. The instances run in an
Amazon EC2 Auto Scaling group behind an Application Load Balancer. The application performs best when
the CPU utilization of the EC2 instances is at or near 40%.
What should a solutions architect do to maintain the desired performance across all instances in the group?
A. Use a simple scaling policy to dynamically scale the Auto Scaling group.
B. Use a target tracking policy to dynamically scale the Auto Scaling group.
C. Use an AWS Lambda function to update the desired Auto Scaling group capacity.
D. Use scheduled scaling actions to scale up and scale down the Auto Scaling group.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 19
A company runs an internal browser-based application. The application runs on Amazon EC2 instances
behind an Application Load Balancer. The instances run in an Amazon EC2 Auto Scaling group across
multiple Availability Zones. The Auto Scaling group scales up to 20 instances during work hours, but scales
down to 2 instances overnight. Staff are complaining that the application is very slow when the day begins,
although it runs well by mid-morning.
How should the scaling be changed to address the staff complaints and keep costs to a minimum?
A. Implement a scheduled action that sets the desired capacity to 20 shortly before the office opens.
B. Implement a step scaling action triggered at a lower CPU threshold, and decrease the cooldown period.
C. Implement a target tracking action triggered at a lower CPU threshold, and decrease the cooldown
period.
D. Implement a scheduled action that sets the minimum and maximum capacity to 20 shortly before the
office opens.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-purchase-options.html
QUESTION 20
A company hosts a static website on-premises and wants to migrate the website to AWS. The website
should load as quickly as possible for users around the world. The company also wants the most cost-
effective solution.
A. Copy the website content to an Amazon S3 bucket. Configure the bucket to serve static webpage
content. Replicate the S3 bucket to multiple AWS Regions.
B. Copy the website content to an Amazon S3 bucket. Configure the bucket to serve static webpage
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
content. Configure Amazon CloudFront with the S3 bucket as the origin.
C. Copy the website content to an Amazon EBS-backed Amazon EC2 instance running Apache HTTP
Server. Configure Amazon Route 53 geolocation routing policies to select the closest origin.
D. Copy the website content to multiple Amazon EBS-backed Amazon EC2 instances running Apache
HTTP Server in multiple AWS Regions. Configure Amazon CloudFront geolocation routing policies to
select the closest origin.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 21
A company’s production application runs online transaction processing (OLTP) transactions on an Amazon
RDS MySQL DB instance. The company is launching a new reporting tool that will access the same data.
The reporting tool must be highly available and not impact the performance of the production application.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/blogs/database/best-storage-practices-for-running-production-
workloads-on-hosted-databases-with-amazon-rds-or-amazon-ec2/
QUESTION 22
A data science team requires storage for nightly log processing. The size and number of logs is unknown
and will persist for 24 hours only.
A. Amazon S3 Glacier
B. Amazon S3 Standard
C. Amazon S3 Intelligent-Tiering
D. Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/s3/storage-classes/#Unknown_or_changing_access
QUESTION 23
A company is running an ecommerce application on Amazon EC2. The application consists of a stateless
web tier that requires a minimum of 10 instances, and a peak of 250 instances to support the application’s
usage. The application requires 50 instances 80% of the time.
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
A. Purchase Reserved Instances to cover 250 instances.
B. Purchase Reserved Instances to cover 80 instances. Use Spot Instances to cover the remaining
instances.
C. Purchase On-Demand Instances to cover 40 instances. Use Spot Instances to cover the remaining
instances.
D. Purchase Reserved Instances to cover 50 instances. Use On-Demand and Spot Instances to cover the
remaining instances.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 24
A solutions architect is tasked with transferring 750 TB of data from a network-attached file system located
at a branch office Amazon S3 Glacier. The solution must avoid saturating the branch office’s low-bandwidth
internet connection.
A. Create a site-to-site VPN tunnel to an Amazon S3 bucket and transfer the files directly. Create a bucket
VPC endpoint.
B. Order 10 AWS Snowball appliances and select an S3 Glacier vault as the destination. Create a bucket
policy to enforce VPC endpoint.
C. Mount the network-attached file system to Amazon S3 and copy the files directly. Create a lifecycle
policy to S3 objects to Amazon S3 Glacier.
D. Order 10 AWS Snowball appliances and select an Amazon S3 bucket as the destination. Create a
lifecycle policy to transition the S3 objects to Amazon S3 Glacier.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 25
A solutions architect is implementing a document review application using an Amazon S3 bucket for
storage. The solution must prevent an accidental deletion of the documents and ensure that all versions of
the documents are available. Users must be able to download, modify, and upload documents.
Which combination of actions should be taken to meet these requirements? (Choose two.)
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/s3/features/
QUESTION 26
A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
experimentation and agility. However, the security operations team is concerned that the developers could
attach the existing administrator policy, when would allow the developers to circumvent any other security
policies.
A. Create an Amazon SNS topic to send an alert every time a developer creates a new policy.
B. Use service control policies to disable IAM activity across all account in the organizational unit.
C. Prevent the developers from attaching any policies and assign all IAM duties to the security operations
team.
D. Set an IAM permissions boundary on the developer IAM role that explicitly denies attaching the
administrator policy.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
QUESTION 27
A company has a multi-tier application that runs six front-end web servers in an Amazon EC2 Auto Scaling
group in a single Availability Zone behind an Application Load Balancer (ALB). A solutions architect needs
to modify the infrastructure to be highly available without modifying the application.
Which architecture should the solutions architect choose that provides high availability?
A. Create an Auto Scaling group that uses three instances across each of two Regions.
B. Modify the Auto Scaling group to use three instances across each of two Availability Zones.
C. Create an Auto Scaling template that can be used to quickly create more instances in another Region.
D. Change the ALB in front of the Amazon EC2 instances in a round-robin configuration to balance traffic
to the web tier.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 28
A media streaming company collects real-time data and stores it in a disk-optimized database system. The
company is not getting the expected throughput and wants an in-memory database storage solution that
performs faster and provides high availability using data replication.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/elasticache/redis/faqs/
QUESTION 29
A company hosts its product information webpages on AWS. The existing solution uses multiple Amazon
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
C2 instances behind an Application Load Balancer in an Auto Scaling group. The website also uses a
custom DNS name and communicates with HTTPS only using a dedicated SSL certificate. The company is
planning a new product launch and wants to be sure that users from around the world have the best
possible experience on the new website.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 30
A-company has on-premises servers running a relational database. The current database serves high read
traffic for users in different locations. The company wants to migrate to AWS with the least amount of effort.
The database solution should support disaster recovery and not affect the company’s current traffic flow.
A. Use a database in Amazon RDS with Multi-AZ and at least one read replica.
B. Use a database in Amazon ROS with Multi-AZ and at least one standby replica.
C. Use databases hosted on multiple Amazon EC2 instances in different AWS Regions.
D. Use databases hosted on Amazon EC2 instances behind an Application Load Balancer in different
Availability Zones.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/blogs/database/implementing-a-disaster-recovery-strategy-with-
amazon-rds/
QUESTION 31
An Amazon EC2 administrator created the following policy associated with an IAM group containing several
users:
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
What is the effect of this policy?
A. Users can terminate an EC2 instance in any AWS Region except us-east-1.
B. Users can terminate an EC2 instance with the IP address 10.100.100.1 in the us-east-1 Region/
C. Users can terminate an EC2 instance in the us-east-1 Region when the user’s source IP is 10.100.
100.254.
D. Users cannot terminate an EC2 instance in the us-east-1 Region when the user’s source IP is 10.100.
100.254.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 32
A solutions architect is optimizing a website for an upcoming musical event. Videos of the performances will
be streamed in real time and then will be available on demand. The event is expected to attract a global
online audience.
Which service will improve the performance of both the real-time and on-demand steaming?
A. Amazon CloudFront
B. AWS Global Accelerator
C. Amazon Route S3
D. Amazon S3 Transfer Acceleration
Correct Answer: A
Section: (none)
Explanation
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
Explanation/Reference:
Reference: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/on-demand-
streaming-video.html
QUESTION 33
A company has a three-tier image-sharing application. It uses an Amazon EC2 instance for the front-end
layer, another for the backend tier, and a third for the MySQL database. A solutions architect has been
tasked with designing a solution that is highly available, and requires the least amount of changes to the
application
A. Use Amazon S3 to host the front-end layer and AWS Lambda functions for the backend layer. Move the
database to an Amazon DynamoDB table and use Amazon S3 to store and serve users’ images.
B. Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers.
Move the database to an Amazon RDS instance with multiple read replicas to store and serve users’
images.
C. Use Amazon S3 to host the front-end layer and a fleet of Amazon EC2 instances in an Auto Scaling
group for the backend layer. Move the database to a memory optimized instance type to store and serve
users’ images.
D. Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers.
Move the database to an Amazon RDS instance with a Multi-AZ deployment. Use Amazon S3 to store
and serve users’ images.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 34
A solutions architect needs to design a managed storage solution for a company’s application that includes
high-performance machine learning. This application runs on AWS Fargate, and the connected storage
needs to have concurrent access to files and deliver high performance.
A. Create an Amazon S3 bucket for the application and establish an IAM role for Fargate to communicate
with Amazon S3.
B. Create an Amazon FSx for Lustre file share and establish an IAM role that allows Fargate to
communicate with FSx for Lustre.
C. Create an Amazon Elastic File System (Amazon EFS) file share and establish an IAM role that allows
Fargate to communicate with Amazon EFS.
D. Create an Amazon Elastic Block Store (Amazon EBS) volume for the application and establish an IAM
role that allows Fargate to communicate with Amazon EBS.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: https://aws.amazon.com/efs/
QUESTION 35
A company’s managing health records on-premises. The company must keep these records indefinitely,
disable any modifications to the records once they are stored, and granularly audit access at all levels. The
chief technology officer (CTO) is concerned because there are already millions of records not being used by
any application, and the current infrastructure is running out of space. The CTO has requested a solutions
architect design a solution to move existing data and support future records.
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA
Which services can the solutions architect recommend to meet these requirements?
A. Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data.
Enable Amazon S3 object lock and enable AWS CloudTrail with data events.
B. Use AWS Storage Gateway to move existing data to AWS. Use Amazon S3 to store existing and new
data. Enable Amazon S3 object lock and enable AWS CloudTrail with management events.
C. Use AWS DataSync to move existing data to AWS. Use Amazon S3 to store existing and new data.
Enable Amazon S3 object lock and enable AWS CloudTrail with management events.
D. Use AWS Storage Gateway to move existing data to AWS. Use Amazon Elastic Block Store (Amazon
EBS) to store existing and new data. Enable Amazon S3 object lock and enable Amazon S3 server
access logging.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
https://www.vceoreteconvert.com/
8A3E48E222C4B4B15D7694BE00C90AAA