January/2022 Latest Braindump2go SAA-C02 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SAA-C02 Real Exam Questions!

QUESTION 874
A company needs to send large amounts of data from its data center to an Amazon S3 bucket on a regular basis.
The data must be encrypted and must be transferred over a network that provides consistent bandwidth and low latency.
What should a solutions architect do to meet these requirements?

A. Use an AWS Direct Connect connection
B. Use an AWS VPN CloudHub connection
C. Use HTTPS TLS tor encryption of data in transit
D. Use a gateway VPC endpoint to access Amazon S3

Answer: B

QUESTION 875
A company is planning to deploy a business-critical application in the AWS Cloud. The application requires durable storage with consistent, low-latency performance.
Which type of storage should a solutions architect recommend to meet these requirements?

A. Instance store volume
B. Amazon ElastiCache for Memcached cluster
C. Provisioned lOPS SSD Amazon Elastic Block Store (Amazon EBS) volume
D. Throughput Optimized HDD Amazon Elastic Block Store (Amazon EBS) volume

Answer: C

QUESTION 876
A company has implemented a self-managed DNS solution on three Amazon EC2 instances behind a Network Load Balancer (NLB) in the us-west-2 Region Most of the company’s users are located in the United States and Europe. The company wants to improve the performance and availability of the solution by using an AWS Region in Europe. The company launches and configures three EC2 instances in the eu-west-1 Region and adds the EC2 instances as targets for a new NLB.
Which solutions will allow traffic to be routed to all the EC2 instances? (Select TWO )

A. Create an Amazon Route 53 geoiocatton routing policy to route requests to one of the two NLBs
Create an Amazon CloudFront distribution
Use the Route 53 record as the distribution’s origin
B. Create a standard accelerator by using AWS Global Accelerator
Create endpomt groups in us-west-2 and eu-west-1
Add the two NLBs as endpoints for the endpomt groups
C. Attach Elastic IP addresses to the six EC2 instances

Create an Amazon Route 53 geolocation routing policy to route requests to one of the six EC2 instances
Create an Amazon CloudFront distribution
Use the Route 53 record as the distribution’s ongin.
D. Create a standard accelerator by using AWS Global Accelerator
Create endpomt groups in us-west-2 and eu-west-1
Add the six EC2 instances directly as endpoints for the endpomt groups Delete the NLBs
E. Replace the two NLBs with two Application Load Balancers (ALBs)
Create an Amazon Route 53 latency routing policy to route requests to one of the two ALBs
Create an Amazon CloudFront distribution
Use the Route 53 record as the distribution’s origin

Answer: AB

QUESTION 877
An application that is hosted on Amazon EC2 instances needs to access an Amazon S3 bucket. Traffic must not traverse the internet.
How should a solutions architect configure access to meet these requirements?

A. Create a private hosted zone by using Amazon Route 53
B. Set up a gateway VPC endpoint for Amazon S3 in the VPC
C. Configure the EC2 instances to use a NAT gateway to access the S3 bucket
D. Establish an AWS Site-to-Site VPN connection between the VPC and the S3 bucket

Answer: B

QUESTION 878
A company experienced a breach that affected several applications in its on-premises data center.
The attacker took advantage of vulnerabilities in the custom applications that were running on the servers. The company is now migrating its applications to run on Amazon EC2 instances.
The company wants to implement a solution that actively scans for vulnerabilities on the EC2 instances and sends a report that details the findings.
Which solution will meet these requirements?

A. Deploy AWS Shield to scan the EC2 instances for vulnerabilities
Create an AWS Lambda function to log any findings to AWS CloudTrail.
B. Deploy Amazon Macie and AWS Lambda functions to scan the EC2 instances for vulnerabilities Log any findings to AWS CloudTrail
C. Turn on Amazon GuardDuty Deploy the GuardDuty agents to the EC2 instances
Configure an AWS Lambda function to automate the generation and distribution of reports that detail the findings
D. Turn on Amazon Inspector Deploy the Amazon Inspector agent to the EC2 instances
Configure an AWS Lambda function to automate the generation and distribution of reports that detail the findings

Answer: D

QUESTION 879
An ecommerce company is building a distributed application that involves several serverless functions and AWS services to complete order-processing tasks. These tasks require manual approvals as part of the workflow. A solutions architect needs to design an architecture for the order-processing application. The solution must be able to combine multiple AWS Lambda functions into responsive serverless applications. The solution also must orchestrate data and services that run on Amazon EC2 instances, containers, or on-premises servers.
Which solution will meet these requirements with the LEAST operational overhead?

A. Use AWS Step Functions to build the application.
B. Integrate all the application components in an AWS Glue job
C. Use Amazon Simple Queue Service (Amazon SQS) to build the application
D. Use AWS Lambda functions and Amazon EventBridge (Amazon CloudWatch Events) events to build the application

Answer: B

QUESTION 880
A company runs multiple Amazon EC2 Linux instances in a VPC across two Availability Zones. The instances host applications that use a hierarchical directory structure.
The applications need to read and write rapidly and concurrently to shared storage.
What should a solutions architect do to meet these requirements?

A. Create an Amazon S3 bucket
Allow access from all the EC2 instances in the VPC
B. Create an Amazon Elastic File System (Amazon EFS) file system
Mount the EFS file system from each EC2 instance
C. Create a file system on a Provisioned IOPS SSD (io2) Amazon Elastic Block Store (Amazon EBS) volume
Attach the EBS volume to all the EC2 instances
D. Create file systems on Amazon Elastic Block Store (Amazon EBS) volumes that are attached to each EC2 instance
Synchronize the EBS volumes across the different EC2 instances

Answer: B

QUESTION 881
A company used an Amazon RDS for MySQL DB instance during application testing. Before terminating the DB instance at the end of the test cycle a solutions architect created two backups.
The solutions architect created the first backup by using the mysqldump utility to create a database dump. The solutions architect created the second backup by enabling the final DB snapshot option on RDS termination.
The company is now planning for a new test cycle and wants to create a new DB instance from the most recent backup. The company has chosen a MySQL-compatible edition of Amazon Aurora to host the DB instance.
Which solutions will create the new DB instance? (Select TWO )

A. Import the RDS snapshot directly into Aurora
B. Upload the RDS snapshot to Amazon S3 then import the RDS snapshot into Aurora
C. Upload the database dump to Amazon S3
Then import the database dump into Aurora.
D. Use AWS Database Migration Service (AWS DMS) to import the RDS snapshot into Aurora.
E. Upload the database dump to Amazon S3
Then use AWS Database Migration Service (AWS DMS) to import the database dump into Aurora

Answer: AC

QUESTION 882
A medical company is designing a new application that gathers symptoms from patients. The company has decided to use Amazon Simple Queue Service (Amazon SQS) and Amazon Simple Notification Service (Amazon SNS) in the architecture. A solutions architect is reviewing the infrastructure design.
Data must be encrypted while at rest and in transit. Only authorized personnel of the company can access the data.
Which combination of steps should the solutions architect take to meet these requirements’? (Select TWO )

A. Turn on server-side encryption on the SQS components
Update the default key policy to restrict key usage to a set of authorized principals
B. Turn on server-side encryption on the SNS components by using a custom CMK
Apply a key policy to restrict key usage to a set of authorized principals
C. Turn on encryption on the SNS components
Update the default key policy to restrict key usage to a set of authorized principals
Set a condition in the topic policy to allow only encrypted connections over TLS.
D. Turn on server-side encryption on the SQS components by using a custom CMK.
Apply a key policy to restrict key usage to a set of authonzed pnncipals
Set a condition in the queue policy to allow only encrypted connections over TLS.
E. Turn on server-side encryption on the SQS components by using a custom CMK.
Apply an IAM policy to restrict key usage to a set of authorized principals
Set a condition in the queue policy to allow only encrypted connections over TLS.

Answer: CD

QUESTION 883
A company is building a disaster recovery (DR) solution. The company wants to rotate its primary systems between AWS Regions on a regular basis. The company’s application is geographically distributed and includes a serverless web tier. The application’s database tier runs on Amazon Aurora. A solutions architect needs to build an architecture tor the database layer to implement managed, planned failover.
Which combination of actions will meet these requirements with the LEAST downtime? (Select TWO )

A. Create an Aurora DB cluster
Configure Aurora Replicas
B. Fail over to one of the secondary DB clusters from another Region
C. Create an Aurora DB cluster snapshot
Restore from the snapshot
D. Configure an Aurora global database
Set up a secondary DB cluster
E. Promote one of the read replicas as a writer from the Amazon RDS console

Answer: CD

QUESTION 884
A company runs an application on several Amazon EC2 instances that store persistent data on an Amazon Elastic File System (Amazon EFS) file system.
The company needs to replicate the data to another AWS Region by using an AWS managed service solution.
Which solution will meet these requirements MOST cost-effectively?

A. Use the EFS-to-EFS backup solution to replicate the data to an EFS file system in another Region
B. Run a nightly script to copy data from the EFS file system to an Amazon S3 bucket
Enable S3 Cross-Region Replication on the S3 bucket
C. Create a VPC in another Region Establish a cross-Region VPC peer
Run a nightly rsync to copy data from the original Region to the new Region.
D. Use AWS Backup to create a backup plan with a rule that takes a daily backup and replicates it to another Region
Assign the EFS file system resource to the backup plan

Answer: D

QUESTION 885
A doctor’s office is moving all of its patient data to the AWS Cloud. The office needs to retain all the data indefinitely, but the data is rarely accessed after a year.
The data must be immediately available during the first year. However, to minimize cost, the office is willing to wait a day for data that is more than 1 year old to become available.
Which combination of actions should a solutions architect take to meet these requirements MOST cost-effectively? (Select TWO )

A. Create an Amazon S3 Lifecycle transition rule to move the data to S3 Glacier after a year
B. Create an Amazon S3 Lifecycle transition rule to move the data to S3 Glacier Deep Archive after a year
C. Create an Amazon S3 bucket for the data.
Store data in the S3 bucket by using the S3 Glacier storage class
D. Create an Amazon S3 bucket for the data.
Store data in the bucket by using the S3 Standard storage class.
E. Create an Amazon S3 bucket for the data.
Store data in the bucket by using the S3 Intelligent-Tiering storage class

Answer: AD

QUESTION 886
A social media company wants to allow its users to upload images in an application that is hosted in the AWS Cloud. The company needs a solution that automatically resizes the images so that the images can be displayed on multiple device types. The application experiences unpredictable traffic patterns throughout the day. The company is seeking a highly available solution that maximizes scalability.
What should a solutions architect do to meet these requirements?

A. Create a static website hosted in Amazon S3 that invokes AWS Lambda functions to resize the images and store the images in an Amazon S3 bucket
B. Create a static website hosted in Amazon CloudFront that invokes AWS Step Functions to resize the images and store the images in an Amazon RDS database
C. Create a dynamic website hosted on a web server that runs on an Amazon EC2 instance
Configure a process that runs on the EC2 instance to resize the images and store the images in an Amazon S3 bucket.
D. Create a dynamic website hosted on an automatically scaling Amazon Elastic Container Service (Amazon ECS) cluster that creates a resize job in Amazon Simple Queue Service (Amazon SQS)
Set up an image-resizing program that runs on an Amazon EC2 instance to process the resize jobs.

Answer: A

QUESTION 887
A company runs batch processes on Amazon EC2 instances that are needed only during business hours. These processes must preserve the data at alt times but the speed of processing is not important. The company needs to run these processes in the MOST cost-effective manner. Which solution will meet these requirements?

A. Use EC2 Reserved Instances with the All Upfront payment option
B. Use EC2 Reserved instances with the Partial Upfront payment option
C. Use Spot Fleet requests with the allocation strategy set to lowestPnce
D. Use persistent Spot Instance requests with behaviour that stops interrupted instances

Answer: B

QUESTION 888
A company recently migrated its entire IT environment to the AWS Cloud. The company discovers that users are provisioning oversized Amazon EC2 instances and modifying security group rules without using the appropriate change control process. A solutions architect must devise a strategy to track and audit these inventory and configuration changes.
Which actions should the solutions architect take to meet these requirements? (Select TWO )

A. Enable AWS CloudTrail and use it for auditing
B. Use data lifecycie policies for the Amazon EC2 instances
C. Enable AWS Trusted Advisor and reference the security dashboard
D. Enable AWS Config and create rules for auditing and compliance purposes
E. Restore previous resource configurations with an AWS CloudFormation template

Answer: AD

QUESTION 889
A company currently operates a web application backed by an Amazon RDS MySQL database. It has automated backups that are run daily and are not encrypted.
A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed. The company will make at least one encrypted backup before destroying the old backups.
What should be done to enable encryption for future backups?

A. Enable default encryption for the Amazon S3 bucket where backups are stored
B. Modify the backup section of the database configuration to toggle the
Enable encryption check box
C. Create a snapshot of the database
Copy it to an encrypted snapshot
Restore the database from the encrypted snapshot
D. Enable an encrypted read replica on RDS for MySQL
Promote the encrypted read replica to primary
Remove the original database instance

Answer: C

QUESTION 890
A company is developing an API that mobile apps will use to retneve weather information.
During beta testing the company ran the API on Amazon EC2 instances and used an Application Load Balancer (ALB) to route requests to a single Auto Scaling group.
The company used an Amazon DynamoDB table for persistent data storage.
The company wants to move to an architecture that can scale easily with the least possible operational overhead.
What should a solutions architect do to meet these requirements?

A. Use separate Auto Scaling groups for each API request type
Change the ALB to route requests to the appropriate Auto Scaling group
B. Implement an Amazon API Gateway API to replace the ALB
Configure each API request method with an AWS Lambda function to process the request
C. Migrate the API to containers
Use an Amazon Elastic Container Service (Amazon ECS) cluster that has services for each API request
Configure each service with its own Auto Scaling group
D. Configure the API to publish to an Amazon Simple Notification Service (Amazon SNS) topic for each API request method
Subscribe an Amazon Simple Queue Service (Amazon SQS) queue to the SNS topic
Subscribe an AWS Lambda function to the SQS queue to process a request

Answer: B

QUESTION 891
An online gaming company is designing a game that is expected to be popular all over the world.
A solutions architect needs to define an AWS Cloud architecture that supports near-real-time recording and displaying of current game statistics for each player along with the names of the top 25 players in the world at any given time.
Which AWS database solution and configuration should the solutions architect use to meet these requirements?

A. Use Amazon RDS for MySQL as the data store for player activity
Configure the RDS DB instance for Multi-AZ support
B. Use Amazon DynamoDB as the data store for player activity
Configure DynamoDB Accelerator (DAX) for the player data
C. Use Amazon DynamoDB as the data store for player activity
Configure global tables in each required AWS Region for the player data
D. Use Amazon RDS for MySQL as the data store for player activity
Configure cross-Region read replicas in each required AWS Region based on player proximity

Answer: B

QUESTION 892
A company is creating a three-tier web application consisting of a web server an application server and a database server. The application will track GPS coordinates of packages as they are being delivered. The application will update the database every 0-5 seconds. The tracking will need to be read as fast as possible for users to check the status of their packages. Only a few packages might be tracked on some days whereas millions of packages might be tracked on other days. Tracking will need to be searchable by tracking ID customer ID and order ID Orders older than 1 month no longer need to be tracked.
What should a solutions architect recommend to accomplish this with minimal total cost of ownership?

A. Use Amazon DynamoDB Enable Auto Scaling on the DynamoDB table
Schedule an automatic deletion script for items older than 1 month
B. Use Amazon DynamoDB with global secondary indexes
Enable Auto Scaling on the DynamoDB table and the global secondary indexes
Enable TTL on the DynamoDB table
C. Use an Amazon RDS On-Demand Instance with Provisioned IOPS (PlOPS)
Enable Amazon CloudWatch alarms to send notifications when PIOPS are exceeded
Increase and decrease PIOPS as needed
D. Use an Amazon RDS Reserved Instance with Provisioned IOPS (PIOPS)
Enable Amazon CloudWatch alarms to send notifications when PIOPS are exceeded
Increase and decrease PIOPS as needed

Answer: B

QUESTION 893
A company has a remote factory that has unreliable connectivity. The factory needs to gather and process machine data and sensor data so that it can sense products on its conveyor belts and initiate a robotic movement to direct the products to the right location. Predictable low-latency compute processing is essential for the on-premises control systems.
Which solution should the factory use to process the data?

A. Amazon CloudFront lambda怦dge functions
B. An Amazon EC2 instance that has enhanced networking enabled
C. An Amazon EC2 instance that uses an AWS Global Accelerator endpoint
D. An Amazon Elastic Block Store (Amazon EBS) volume on an AWS Snowball Edge cluster

Answer: A

QUESTION 894
A company has a serverless website with millions of objects in an Amazon S3 bucket. The company uses tie S3 bucket as the origin tor an Amazon CloudFront distribution. The company did not set encryption on the S3 bucket before the objects were loaded. A solutions architect needs to enable encryption for all existing objects and for all objects that are added to the S3 bucket in the future.
Which solution will meet these requirements with the LEAST amount of effort?

A. Create a new S3 bucket Turn on the default encryption settings for the new S3 bucket
Download all existing objects to temporary local storage
Upload the objects to the new S3 bucket
B. Turn on the default encryption settings for the S3 bucket
Use the S3 Inventory feature to create a csv file that lists the unencrypted objects
Run an S3 Batch Operations job that uses the copy command to encrypt those objects
C. Create a new encryption key by using AWS Key Management Service (AWS KMS)
Change the settings on the S3 bucket to use server-side encryption with AWS KMS managed encryption keys (SSE-KMS)
Turn on versioning for the S3 bucket
D. Navigate to Amazon S3 in the AWS Management Console
Browse the S3 bucket’s objects
Sort by the encryption field
Select each unencrypted object
Use the Modify button to apply default encryption settings to every unencrypted object in the S3 bucket

Answer: C

QUESTION 895
A company is using Amazon CloudFront with lis website. The company has enabled logging on the CloudFront distribution, and togs are saved in one of the company’s Amazon S3 buckets.
The company needs to perform advanced analyses on the logs and build visualizations.
What should a solutions architect do to meet these requirements’?

A. Use standard SQL queries in Amazon Athena to analyze the CloudFront togs in the S3 bucket Vrsualize the results with AWS Glue
B. Use standard SQL queries in Amazon Athena to analyze the CloudFront togs in the S3 bucket Visualize the results with Amazon QuickSighl
C. Use standard SQL queries in Amazon DynamoDB to analyze the CloudFront logs m the S3 bucket Visualize the results with AWS Glue
D. Use standard SQL queries in Amazon DynamoOB to analyze the CtoudFront logs m the S3 bucket Visualize the results with Amazon QuickSight

Answer: B

QUESTION 896
A company is planning to migrate to AWS. The network layout will include more than 1.000 VPCs in a single AWS Region. The resources in the VPCs need to communicate with each other.
What should a solutions architect recommend to meet these requirements?

A. Create VPN tunnels from all the VPCs to each other
Enable route propagation
B. Create an AWS Direct Connect gateway and attach a public virtual interface (VIF) to each VPC
Enable route propagation
C. Peer all the VPCs together by creating and accepting peering requests
Update route tables with the new routes
D. Create a transit gateway and place attachments m subnets of all the VPCs
Configure a transit gateway route table with the new routes

Answer: A

QUESTION 897
A company is hosting a high-traffic static website on Amazon S3 with an Amazon CloudFront distribution that has a default TTL of 0 seconds.
The company wants to implement caching to improve performance for the website. However the company also wants to ensure that stale content is not served for more than a few minutes after a deployment.
Which combination of caching methods should a solutions architect implement to meet these requirements? (Select TWO )

A. Set the CloudFront default TTL to 2 minutes
B. Set a default TTL of 2 minutes on the S3 bucket
C. Add a Cache-Control private directive to the objects in Amazon S3
D. Create an AWS LambdaQEdge function to add an Expires header to HTTP responses
Configure the function to run on viewer response
E. Add a Cache-Control max-age directive of 24 hours to the objects in Amazon S3.
On deployment create a CloudFront invalidation to purge any changed files from edge caches

Answer: BD


Resources From:

1.2022 Latest Braindump2go SAA-C02 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/saa-c02.html

2.2022 Latest Braindump2go SAA-C02 PDF and SAA-C02 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1_5IK3H_eM74C6AKwU7sKaLn1rrn8xTfm?usp=sharing

3.2021 Free Braindump2go SAA-C02 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/SAA-C02-Dumps(874-897).pdf

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!