SAA-C03 Free Practice Test

- (Exam Topic 3)
A company is using a content management system that runs on a single Amazon EC2 instance. The EC2 instance contains both the web server and the database software. The company must make its website platform highly available and must enable the website to scale to meet user demand. What should a solutions architect recommend to meet these requirements?

1. A. Move the database to Amazon RDS, and enable automatic backup
2. B. Manually launch another EC2 instance in the same Availability Zon
3. C. Configure an Application Load Balancer in the Availability Zone, and set the two instances as targets.
4. D. Migrate the database to an Amazon Aurora instance with a read replica in the same Availability Zone as the existing EC2 instanc
5. E. Manually launch another EC2 instance in the same Availability Zon
6. F. Configure an Application Load Balancer, and set the two EC2 instances as targets.
7. G. Move the database to Amazon Aurora with a read replica in another Availability Zon
8. H. Create an Amazon Machine Image (AMI) from the EC2 instanc
9. I. Configure an Application Load Balancer in two Availability Zone
10. J. Attach an Auto Scaling group that uses the AMI across two Availability Zones.
11. K. Move the database to a separate EC2 instance, and schedule backups to Amazon S3. Create an Amazon Machine Image (AMI) from the original EC2 instanc
12. L. Configure an Application Load Balancer in two Availability Zone
13. M. Attach an Auto Scaling group that uses the AMI across two Availability Zones.

Correct Answer: C
This approach will provide both high availability and scalability for the website platform. By moving the database to Amazon Aurora with a read replica in another availability zone, it will provide a failover option for the database. The use of an Application Load Balancer and an Auto Scaling group across two availability zones allows for automatic scaling of the website to meet increased user demand. Additionally, creating an AMI from the original EC2 instance allows for easy replication of the instance in case of failure.

- (Exam Topic 3)
A company runs an application that receives data from thousands of geographically dispersed remote devices that use UDP The application processes the data immediately and sends a message back to the device if necessary No data is stored.
The company needs a solution that minimizes latency for the data transmission from the devices. The solution also must provide rapid failover to another AWS Region
Which solution will meet these requirements?

1. A. Configure an Amazon Route 53 failover routing policy Create a Network Load Balancer (NLB) in each of the two Regions Configure the NLB to invoke an AWS Lambda function to process the data
2. B. Use AWS Global Accelerator Create a Network Load Balancer (NLB) in each of the two Regions as an endpoin
3. C. Create an Amazon Elastic Container Service (Amazon ECS) cluster with the Fargate launch type Create an ECS service on the cluster Set the ECS service as the target for the NLB Process the data in Amazon ECS.
4. D. Use AWS Global Accelerator Create an Application Load Balancer (ALB) in each of the two Regions as an endpoint Create an Amazon Elastic Container Service (Amazon ECS) cluster with the Fargate launch type Create an ECS service on the cluste
5. E. Set the ECS service as the target for the ALB Process the data in Amazon ECS
6. F. Configure an Amazon Route 53 failover routing policy Create an Application Load Balancer (ALB) in each of the two Regions Create an Amazon Elastic Container Service (Amazon ECS) cluster with the Fargate launch type Create an ECS service on the cluster Set the ECS service as the target for the ALB Process the data in Amazon ECS

Correct Answer: C

- (Exam Topic 1)
A company is running a business-critical web application on Amazon EC2 instances behind an Application Load Balancer. The EC2 instances are in an Auto Scaling group. The application uses an Amazon Aurora PostgreSQL database that is deployed in a single Availability Zone. The company wants the application to be highly available with minimum downtime and minimum loss of data.
Which solution will meet these requirements with the LEAST operational effort?

1. A. Place the EC2 instances in different AWS Region
2. B. Use Amazon Route 53 health checks to redirect traffi
3. C. Use Aurora PostgreSQL Cross-Region Replication.
4. D. Configure the Auto Scaling group to use multiple Availability Zone
5. E. Configure the database as Multi-A
6. F. Configure an Amazon RDS Proxy instance for the database.
7. G. Configure the Auto Scaling group to use one Availability Zon
8. H. Generate hourly snapshots of the databas
9. I. Recover the database from the snapshots in the event of a failure.
10. J. Configure the Auto Scaling group to use multiple AWS Region
11. K. Write the data from the application to Amazon S3. Use S3 Event Notifications to launch an AWS Lambda function to write the data to the database.

Correct Answer: B

- (Exam Topic 3)
A company hosts its application on AWS The company uses Amazon Cognito to manage users When users log in to the application the application fetches required data from Amazon DynamoDB by using a REST API that is hosted in Amazon API Gateway. The company wants an AWS managed solution that will control access to the REST API to reduce
development efforts
Which solution will meet these requirements with the LEAST operational overhead?

1. A. Configure an AWS Lambda function to be an authorize! in API Gateway to validate which user made the request
2. B. For each user, create and assign an API key that must be sent with each request Validate the key by using an AWS Lambda function
3. C. Send the user's email address in the header with every request Invoke an AWS Lambda function tovalidate that the user with that email address has proper access
4. D. Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request

Correct Answer: D

- (Exam Topic 1)
A solutions architect is designing a two-tier web application The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet Security is a high priority for the company
How should security groups be configured in this situation? (Select TWO )

1. A. Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0.
2. B. Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.
3. C. Configure the security group for the database tier to allow inbound traffic on port 1433 from the securitygroup for the web tier.
4. D. Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.
5. E. Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.

Correct Answer: AC
"Security groups create an outbound rule for every inbound rule." Not completely right. Statefull does NOT mean that if you create an inbound (or outbound) rule, it will create an outbound (or inbound) rule. What it does mean is: suppose you create an inbound rule on port 443 for the X ip. When a request enters on port 443 from X ip, it will allow traffic out for that request in the port 443. However, if you look at the outbound rules, there will not be any outbound rule on port 443 unless explicitly create it. In ACLs, which are stateless, you would have to create an inbound rule to allow incoming requests and an outbound rule to allow your application responds to those incoming requests.
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#SecurityGroupRules