CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. SAA-C03

Free SAA-C03 Exam Braindumps (page: 32)

Page 31 of 247
PDF with 1019 Questions

A company is running an online transaction processing (OLTP) workload on AWS. This workload uses an unencrypted Amazon RDS DB instance in a Multi-AZ deployment. Daily database snapshots are taken from this instance.

What should a solutions architect do to ensure the database and snapshots are always encrypted moving forward?

  1. Encrypt a copy of the latest DB snapshot. Replace existing DB instance by restoring the encrypted snapshot.
  2. Create a new encrypted Amazon Elastic Block Store (Amazon EBS) volume and copy the snapshots to it. Enable encryption on the DB instance.
  3. Copy the snapshots and enable encryption using AWS Key Management Service (AWS KMS). Restore encrypted snapshot to an existing DB instance.
  4. Copy the snapshots to an Amazon S3 bucket that is encrypted using server-side encryption with AWS Key Management Service (AWS KMS) managed keys (SSE-KMS).

Answer(s): A



A company wants to build a scalable key management infrastructure to support developers who need to encrypt data in their applications.

What should a solutions architect do to reduce the operational burden?

  1. Use multi-factor authentication (MFA) to protect the encryption keys.
  2. Use AWS Key Management Service (AWS KMS) to protect the encryption keys.
  3. Use AWS Certificate Manager (ACM) to create, store, and assign the encryption keys.
  4. Use an IAM policy to limit the scope of users who have access permissions to protect the encryption keys.

Answer(s): B



A company has a dynamic web application hosted on two Amazon EC2 instances. The company has its own SSL certificate, which is on each instance to perform SSL termination.

There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit.

What should a solutions architect do to increase the application's performance?

  1. Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.
  2. Create an Amazon S3 bucket Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference the bucket for SSL termination.
  3. Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to direct connections to the existing EC2 instances.
  4. Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.

Answer(s): D



A company has a highly dynamic batch processing job that uses many Amazon EC2 instances to complete it. The job is stateless in nature, can be started and stopped at any given time with no negative impact, and typically takes upwards of 60 minutes total to complete. The company has asked a solutions architect to design a scalable and cost-effective solution that meets the requirements of the job.

What should the solutions architect recommend?

  1. Implement EC2 Spot Instances.
  2. Purchase EC2 Reserved Instances.
  3. Implement EC2 On-Demand Instances.
  4. Implement the processing on AWS Lambda.

Answer(s): A






Post your Comments and Discuss Amazon SAA-C03 exam with other Community members:

SAA-C03 Discussions & Posts