SAA-C03 Free Practice Test

- (Exam Topic 2)
A company's web application is running on Amazon EC2 instances behind an Application Load Balancer. The company recently changed its policy, which now requires the application to be accessed from one specific country only.
Which configuration will meet this requirement?

1. A. Configure the security group for the EC2 instances.
2. B. Configure the security group on the Application Load Balancer.
3. C. Configure AWS WAF on the Application Load Balancer in a VPC.
4. D. Configure the network ACL for the subnet that contains the EC2 instances.

Correct Answer: C
https://aws.amazon.com/about-aws/whats-new/2017/10/aws-waf-now-supports-geographic-match/

- (Exam Topic 3)
A company is deploying a two-tier web application in a VPC. The web tier is using an Amazon EC2 Auto Scaling group with public subnets that span multiple Availability Zones. The database tier consists of an Amazon RDS for MySQL DB instance in separate private subnets. The web tier requires access to the database to retrieve product information.
The web application is not working as intended. The web application reports that it cannot connect to the database. The database is confirmed to be up and running. All configurations for the network ACLs. Security groups, and route tables are still in their default states.
What should a solutions architect recommend to fix the application?

1. A. Add an explicit rule to the private subnet's network ACL to allow traffic from the web tier's EC2 instances.
2. B. Add a route in the VPC route table to allow traffic between the web tier's EC2 instances and Ihe database tier.
3. C. Deploy the web tier's EC2 instances and the database tier's RDS instance into two separate VPC
4. D. and configure VPC peering.
5. E. Add an inbound rule to the security group of the database tier's RDS instance to allow traffic from the web tier's security group.

Correct Answer: D

- (Exam Topic 2)
A company wants to measure the effectiveness of its recent marketing campaigns. The company performs batch processing on csv files of sales data and stores the results «i an Amazon S3 bucket once every hour. The S3 bi petabytes of objects. The company runs one-time queries in Amazon Athena to determine which products are most popular on a particular date for a particular region Queries sometimes fail or take longer than expected to finish.
Which actions should a solutions architect take to improve the query performance and reliability? (Select TWO.)

1. A. Reduce the S3 object sizes to less than 126 MB
2. B. Partition the data by date and region n Amazon S3
3. C. Store the files as large, single objects in Amazon S3.
4. D. Use Amazon Kinosis Data Analytics to run the Queries as pan of the batch processing operation
5. E. Use an AWS duo extract, transform, and load (ETL) process to convert the csv files into Apache Parquet format.

Correct Answer: CE

- (Exam Topic 2)
A solutions architect is creating a new Amazon CloudFront distribution for an application. Some of the information submitted by users is sensitive. The application uses HTTPS but needs another layer of security. The sensitive information should be protected throughout the entire application stack, and access to the information should be restricted to certain applications.
Which action should the solutions architect take?

1. A. Configure a CloudFront signed URL.
2. B. Configure a CloudFront signed cookie.
3. C. Configure a CloudFront field-level encryption profile.
4. D. Configure CloudFront and set the Origin Protocol Policy setting to HTTPS Only for the Viewer Protocol Policy.

Correct Answer: C
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html
"With Amazon CloudFront, you can enforce secure end-to-end connections to origin servers by using HTTPS. Field-level encryption adds an additional layer of security that lets you protect specific data throughout system processing so that only certain applications can see it."

- (Exam Topic 3)
A company needs to migrate a legacy application from an on-premises data center to the AWS Cloud because of hardware capacity constraints. The application runs 24 hours a day. & days a week,. The application database storage continues to grow over time.
What should a solution architect do to meet these requirements MOST cost-affectivity?

1. A. Migrate the application layer to Amazon FC2 Spot Instances Migrate the data storage layer to Amazon S3.
2. B. Migrate the application layer to Amazon EC2 Reserved Instances Migrate the data storage layer to Amazon RDS On-Demand Instances.
3. C. Migrate the application layer to Amazon EC2 Reserved instances Migrate the data storage layer to Amazon Aurora Reserved Instances.
4. D. Migrate the application layer to Amazon EC2 On Demand Amazon Migrate the data storage layer to Amazon RDS Reserved instances.

Correct Answer: C