CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. SAA-C03

Free SAA-C03 Exam Braindumps (page: 43)

Page 42 of 247
PDF with 1019 Questions

A solutions architect must design a solution that uses Amazon CloudFront with an Amazon S3 origin to store a static website. The company’s security policy requires that all website traffic be inspected by AWS WAF.

How should the solutions architect comply with these requirements?

  1. Configure an S3 bucket policy to accept requests coming from the AWS WAF Amazon Resource Name (ARN) only.
  2. Configure Amazon CloudFront to forward all incoming requests to AWS WAF before requesting content from the S3 origin.
  3. Configure a security group that allows Amazon CloudFront IP addresses to access Amazon S3 only. Associate AWS WAF to CloudFront.
  4. Configure Amazon CloudFront and Amazon S3 to use an origin access identity (OAI) to restrict access to the S3 bucket. Enable AWS WAF on the distribution.

Answer(s): D



Organizers for a global event want to put daily reports online as static HTML pages. The pages are expected to generate millions of views from users around the world. The files are stored in an Amazon S3 bucket. A solutions architect has been asked to design an efficient and effective solution.

Which action should the solutions architect take to accomplish this?

  1. Generate presigned URLs for the files.
  2. Use cross-Region replication to all Regions.
  3. Use the geoproximity feature of Amazon Route 53.
  4. Use Amazon CloudFront with the S3 bucket as its origin.

Answer(s): D



A company runs a production application on a fleet of Amazon EC2 instances. The application reads the data from an Amazon SQS queue and processes the messages in parallel. The message volume is unpredictable and often has intermittent traffic. This application should continually process messages without any downtime.

Which solution meets these requirements MOST cost-effectively?

  1. Use Spot Instances exclusively to handle the maximum capacity required.
  2. Use Reserved Instances exclusively to handle the maximum capacity required.
  3. Use Reserved Instances for the baseline capacity and use Spot Instances to handle additional capacity.
  4. Use Reserved Instances for the baseline capacity and use On-Demand Instances to handle additional capacity.

Answer(s): C



A security team wants to limit access to specific services or actions in all of the team’s AWS accounts. All accounts belong to a large organization in AWS Organizations. The solution must be scalable and there must be a single point where permissions can be maintained.

What should a solutions architect do to accomplish this?

  1. Create an ACL to provide access to the services or actions.
  2. Create a security group to allow accounts and attach it to user groups.
  3. Create cross-account roles in each account to deny access to the services or actions.
  4. Create a service control policy in the root organizational unit to deny access to the services or actions.

Answer(s): D






Post your Comments and Discuss Amazon SAA-C03 exam with other Community members:

SAA-C03 Discussions & Posts