CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. SAA-C03

Free SAA-C03 Exam Braindumps (page: 27)

Page 26 of 247
PDF with 1019 Questions

A solutions architect is designing a VPC with public and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs) for high availability. An internet gateway is used to provide internet access for the public subnets. The private subnets require access to the internet to allow Amazon EC2 instances to download software updates.

What should the solutions architect do to enable Internet access for the private subnets?

  1. Create three NAT gateways, one for each public subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT gateway in its AZ.
  2. Create three NAT instances, one for each private subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT instance in its AZ.
  3. Create a second internet gateway on one of the private subnets. Update the route table for the private subnets that forward non-VPC traffic to the private internet gateway.
  4. Create an egress-only internet gateway on one of the public subnets. Update the route table for the private subnets that forward non-VPC traffic to the egress-only Internet gateway.

Answer(s): A



A company wants to migrate an on-premises data center to AWS. The data center hosts an SFTP server that stores its data on an NFS-based file system. The server holds 200 GB of data that needs to be transferred. The server must be hosted on an Amazon EC2 instance that uses an Amazon Elastic File System (Amazon EFS) file system.

Which combination of steps should a solutions architect take to automate this task? (Choose two.)

  1. Launch the EC2 instance into the same Availability Zone as the EFS file system.
  2. Install an AWS DataSync agent in the on-premises data center.
  3. Create a secondary Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instance for the data.
  4. Manually use an operating system copy command to push the data to the EC2 instance.
  5. Use AWS DataSync to create a suitable location configuration for the on-premises SFTP server.

Answer(s): A,B



A company has an AWS Glue extract, transform, and load (ETL) job that runs every day at the same time. The job processes XML data that is in an Amazon S3 bucket. New data is added to the S3 bucket every day. A solutions architect notices that AWS Glue is processing all the data during each run.

What should the solutions architect do to prevent AWS Glue from reprocessing old data?

  1. Edit the job to use job bookmarks.
  2. Edit the job to delete data after the data is processed.
  3. Edit the job by setting the NumberOfWorkers field to 1.
  4. Use a FindMatches machine learning (ML) transform.

Answer(s): A



A solutions architect must design a highly available infrastructure for a website. The website is powered by Windows web servers that run on Amazon EC2 instances. The solutions architect must implement a solution that can mitigate a large-scale DDoS attack that originates from thousands of IP addresses. Downtime is not acceptable for the website.

Which actions should the solutions architect take to protect the website from such an attack? (Choose two.)

  1. Use AWS Shield Advanced to stop the DDoS attack.
  2. Configure Amazon GuardDuty to automatically block the attackers.
  3. Configure the website to use Amazon CloudFront for both static and dynamic content.
  4. Use an AWS Lambda function to automatically add attacker IP addresses to VPC network ACLs.
  5. Use EC2 Spot Instances in an Auto Scaling group with a target tracking scaling policy that is set to 80% CPU utilization.

Answer(s): A,C






Post your Comments and Discuss Amazon SAA-C03 exam with other Community members:

SAA-C03 Discussions & Posts