Amazon Exam, SAA-C02 Exam Dumps, SAA-C02 Exam Questions, SAA-C02 PDF Dumps, SAA-C02 VCE Dumps

[February-2021]Latest Braindump2go SAA-C02 PDF Dumps and SAA-C02 VCE Dumps[Q595-Q615]

2021/January Latest Braindump2go SAA-C02 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SAA-C02 Real Exam Questions!

QUESTION 595
A company sells ringtones created from clips of popular songs. The files containing the ringtones are stored in Amazon S3 Standard and are at least 123 KB m size.
The company has millions of files but downloads are infrequent for ringtones older than 90 days. The company needs to save money on storage while keeping the most accessed files readily available for its users.
Which action should the company take to meet hese requirements MOST cost-effectively?

A. Configure S3 Standard-infrequent Access (S3 Standard-IA) storage for the initial storage tier of the objects
B. Move the files to S3 Intelligent-Tiering and configure it to move objects to a less expensive storage tier after 90 days
C. Configure S3 inventory to manage objects and move them to S3 Standard-infrequent Access (S3 Standard-IA) after 90 days
D. Implement an S3 Lifecycle policy that moves the objects from S3 Standard to S3 Standard- Infrequent Access (S3 Standard-IA) after 90 days

Answer: A

QUESTION 596
A company’s security policy requires that alt AWS API activity in its AWS accounts be recorded tor periodic auditing. The company needs to ensure that AWS CloudTrail is enabled on all of its current and future AWS accounts using AWS Organizations.
Which solution is MOST secure?

A. At the organization’s root define and attach a service control policy (SCP) that permits enabling CloudTrail only
B. Create IAM groups in the organization’s master account as needed Define and attach an IAM policy to the groups that prevents users from disabling CloudTrail
C. Organize accounts into organizational units (OUs) At the organization’s root, define and attach a service control policy (SCP) that prevents users from disabling CloudTrail
D. Add all existing accounts under the organization’s root Define and attach a service control policy (SCP) to every account that prevents users from disabling CloudTrail

Answer: D

QUESTION 597
An application running on AWS generates audit logs of operational activities Compliance requirements mandate that the application retain the logs for 5 years.
How can these requirements be met?

A. Save the togs in an Amazon S3 bucket and enable MFA Delete on the bucket
B. Save the togs In an Amazon Elastic File System (Amazon EFS) volume and use Network File System version 4 (NFSv4) locking with the volume
C. Save the togs in an Amazon S3 Glacier vault and define a vault lock policy
D. Save the logs in an Amazon Elastic Block Store (Amazon EBS) volume and take monthly snapshots

Answer: A

QUESTION 598
A company needs to use its on-premises LDAP directory service to authenticate its users to the AWS Management Console.
The directory service is not compatible with Security Assertion Markup Language (SAML)
Which solution meets these requirements?

A. Enable AWS Single Sign-On between AWS and the on-premises LDAP
B. Create an 1AM policy mat uses AWS credentials and integrate the policy into LDAP
C. Set up a process that rotates the IAM credentials whenever LDAP credentials are updated.
D. Develop an on-premises custom identity broker application of process mat uses AWS Security Token Service (AWS STS) to get short-lived credentials

Answer: A

QUESTION 599
A company receives data from different sources and implements multiple applications to consume this data. There are many short-running jobs that run only on the weekend.
The data arrives in batches rather than throughout the entire weekend.
The company needs an environment on AWS to ingest and process this data while maintaining the order of the transactions.
Which combination of AWS services meets these requirements in the MOST cost-effective manner?

A. Amazon Kinesis Data Streams with AWS Lambda
B. Amazon Kinesis Data Streams with Amazon EC2 Auto Scaling
C. Amazon Simple Queue Service (Amazon SQS) with AWS Lambda
D. Amazon Simple Queue Service (Amazon SQS) with Amazon EC2 Auto Scaling

Answer: A

QUESTION 600
A company is designing a cloud communications platform trial is driven by APIs.
The application is hosted on Amazon EC2 instances behind a Network Load Balancer (NLB).
The company uses Amazon API Gateway to provide external users with access to the application through APIs. The company wants to protect the platform against web exploits like SQL Injection and also wants to detect and mitigate large, sophisticated DDoS attacks.
Which combination of solutions provides the MOST protection? (Select TWO.)

A. Use AWS WAF to protect the NLB
B. Use AWS Shield Advanced with the NLB
C. Use AWS WAF to protect Amazon API Gateway
D. Use Amazon GuardDuty with AWS Shield Standard
E. Use AWS Shield Standard with Amazon API Gateway

Answer: AD

QUESTION 601
A company has multiple AWS accounts with applications deployed in the us-west-2 Region Application togs are stored within Amazon S3 buckets in each account. The company wants to build a centralized log analysts solution that uses a single S3 bucket Logs must not leave us-west-2T and the company wants to incur minimal operational overhead.
Which solution meets these requirements and is MOST cost-effective?

A. Create an S3 Lifecycle policy that copies the objects from one of the application S3 buckets to the centralized S3 bucket
B. Use S3 Same-Region Replication to replicate togs from the S3 buckets to another S3 bucket in us-west-2 Use this S3 bucket for log analysis
C. Write a script that uses the PutObject API operation every day to copy the entire contents of the buckets to another S3 bucket in us-west-2 Use this S3 bucket for log analysis
D. Write AWS Lambda functions in these accounts that are triggered every time logs ate delivered to the S3 buckets (s3 ObjectCreated. * event)
Copy the logs to another S3 bucket in us-west-2 Use this S3 bucket for log analysis

Answer: A

QUESTION 602
A company slops a cluster of Amazon EC2 instances over a weekend.
The costs decrease, but they do not drop to zero.
Which resources could still be generating costs? (Select TWO.)

A. Elastic IP addresses
B. Data transfer out
C. Regional data transfers
D. Amazon Elastic Block Store (Amazon EBS) volumes
E. AWS Auto Scaling

Answer: AE

QUESTION 603
A customer has a service based out of Oregon. US and Paris. France. The application stores data in an Amazon S3 bucket located in Oregon. That data is updated frequently.
The Pans office is experiencing slow response times when retrieving objects.
What should a solutions architect do to resolve the slow response times for the Paris office?

A. Set up an S3 bucket based in Paris, and enable Cross-Region Replication from the Oregon bucket to the Paris bucket.
B. Create an Application Load Balancer that load balances data retrieval between the Oregon S3 bucket and a new Paris S3 bucket.
C. Create an Amazon CloudFront distribution with the bucket located m Oregon as the origin and set the maximum TTL setting for the cache behavior to er
D. Set up an S3 bucket based in Paris, and enable a lifecycle management rule to transition data from the Oregon bucket to the Paris bucket.

Answer: C

QUESTION 604
A prediction process requires access to a trained model that is stored in an Amazon S3 bucket. The process takes a few seconds to process an image and make a prediction.
The process is not overly resource-intensive does not require any specialized hardware, and takes less than 512 MB of memory to run.
What is the MOST effective compute solution for this use case?

A. Amazon Elastic Container Service (Amazon ECS)
B. Amazon EC2 Spot instances
C. AWS Lambda functions
D. AWS Elastic Beanstalk

Answer: C

QUESTION 605
A solutions architect is designing a solution for a dynamic website, “example.com,” that is deployed in two AWS Regions: Tokyo. Japan and Sydney. Australia.
The architect wants to ensure that users located in Australia are directed to the website deployed in the Sydney AWS Region and users located in Japan are directed to the website in the Tokyo AWS Region when they browse to “example.com.”
Which service should the architect use to achieve this goal with the LEAST administrative effort?

A. Amazon CloudFront with geolocation routing
B. Amazon Route 53
C. Application Load Balancer
D. Network Load Balancer deployed across multiple regions

Answer: A

QUESTION 606
A development team is deploying a new product on AWS and Is using AWS Lambda as part of the deployment. The team allocates 512 MB of memory for one of the Lambda functions.
With this memory allocation, the function is completed in 2 minutes. The function runs millions of times monthly, and the development team is concerned about cost.
The eam conducts tests to see how different Lambda memory allocations affect the cost of the function.
Which steps will reduce the Lambda costs for the product? (Select TWO.)

A. Increase the memory allocation for this Lambda function to 1,024 MB if this change causes the execution time of each function to be less than 1 minute
B. Increase the memory allocation for this Lambda function to 1.024 MB If this change causes the execution time of each function to be less than 90 seconds.
C. Reduce the memory allocation for this ambda function to 256 MB if this change causes the execution time of each function to be less than 4 minutes.
D. Increase the memory allocation for this Lambda function to 2,048 MB If this change causes the execution time of each function to be less than 1 minute.
E. Reduce the memory allocation for this Lambda function to 256 MB if this change causes the execution time of each function to be less than 5 minutes.

Answer: AE

QUESTION 607
An 1AM user made several configuration changes to AWS resources in their company’s account during a production deployment last week. A solutions architect learned that a couple of security group rules are not configured as desired. The solutions architect wants to confirm which 1AM user was responsible for making changes.
Which service should the solutions architect use to find the desired information?

A. Amazon GuardDuty
B. Amazon Inspector
C. AWS CloudTrail
D. AWS Config

Answer: A

QUESTION 608
A company manages its own Amazon EC2 instances that run MySQL databases.
The company is manually managing replication and scaling as demand increases or decreases.
The company needs a new solution that simplifies the process of adding or removing compute capacity to or from its database tier as needed .
The solution also must offer improved performance, scaling and durability with minimal effort from operations.
Witch solution meets these requirements?

A. Migrate thee databases to Amazon Aurora Serverless for Aurora MySQL
B. Migrate tie databases to Amazon Aurora Serverless tor Aurora PostgreSQL
C. Combine the databases into one larger MySQL database
Run the larger database on larger EC2 instances
D. Create an EC2 Auto Scaling group for the database tier
Migrate the existing databases to the new environment.

Answer: C

QUESTION 609
A company is developing a new mobile app. The company must implement proper traffic filtering to protect its Application Load Balanacer (ALB) against common application-level attacks, such as cross-site scripting or SQL injection. The company has minimal infrastructure and operational staff. The company needs to reduce its share of the responsibility in managing, updating and securing servers for its AWS environment.
What should a solutions architect recommend to meet these requirements?

A. Configure AWS WAF rules and associate them with the ALB
B. Deploy the application using Amazon S3 with public hosting enabled.
C. Deploy AWS shield Advanced and add the ALB as protected resources
D. Create a new ALB that directs traffic to an Amazon EC2 instance running a third-party firewall, which then passes the traffic to the current ALB

Answer: D

QUESTION 610
A company has an AWS account used for software engineering.
The AWS account has access to the company’s on-premises data center through a pair of AWS Direct Connect connections All non-VPC traffic routes to the virtual private gateway.
A development team recently created an AWS Lambada function through the console.
The development team needs to allow the function to access a database that runs in a private subnet in the company’s data center.
Which solution will meet these requirements?

A. Configure the Lambda function to run in the VPC with the appropriate security group.
B. Set up a VPN connection from AWS to the data center.
Route the traffic from the Lambda function through the VPN
C. Update the route tables in the VPC to allow the Lambda function to access the on-premises data center through direct connect.
D. Create an Elastic IP address.
Configure the Lambda function to send traffic through the Elastic IP address without an elastic network interface.

Answer: C

QUESTION 611
A solution architect is designing an application that will allow business users to upload objects to Amazon S3. The solution needs to maximize object durability. Objects also must be readily available at any time and for any length of time. Users will access objects frequently within the first 30 days after the objects are uploaded, but users are much less likely to access objects that are older than 30 days.
Which solution meets these requirements Most cost-effectively?

A. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Giacier after 30 days.
B. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Standard- infrequent Access (S3 Standard-IA) after 30 days.
C. Store all the objects in S3 Standard with an S3 Lifecycle rule to transition the object to S3 Zone-infrequent Access (S3 Zone-IA) after 30 days.
D. Store all the objects in S3 intelligent-Tiering with an S3 Lifecycle rule to transition the object to S3 Standard-infrequent Access (S3 Standard-IA) after 30 days.

Answer: D

QUESTION 612
A developer has an application that uses an AWS Lambda function to upload files to Amazon S3 and needs the required permissions to perform the task.
The developer already has an IAM user with valid IAM credentials required for Amazon S3.
What should a solutions architect do to grant the permissions?

A. Add required IAM permissions in the resource policy of the Lambda function.
B. Create a signed request using the existing IAM credential in the Lambda function.
C. Create a new IAM user and use the existing IAM credentials in the Lambda function
D. Create an IAM execution role with the required permissions and attach the IAM role to the Lambda function

Answer: C

QUESTION 613
A solutions architect needs to design a centralized logging solution for a group of web applications running on Amazon EC2 instances.
The solution requires min mal development effort due to budget containts.
What should the architect recommend?

A. Create a crontab job script in each instance t regularly push the logs to Amazon S3
B. Install and configure Amazon CloudWatch Logs agent in the Amazon EC2 instances
C. Enable Amazon EventBridge (Amazon CloudWatch Events) in the AWS Management Console.
D. Enable AWS Cloud Trail to map all API Calls invoked by the applications

Answer: B

QUESTION 614
A developer has a script to generate daily reports that users previous. The script consistently complete in under 10 minutes. The developer needs to automate the process in a cost effective manner.
Which combination of services should the developer use? (Select two)

A. AWS Lambda
B. AWS CloudTrail
C. Cron on an Amazon EC2 instance
D. Amazon EC2 On-Demand instance with user data
E. Amazon EventBridge (Amazon CloudWatch Event)

Answer: AB

QUESTION 615
A development team runs monthly resource-intensive tests on its general purpose Amazon RDS (or MySQL DB instance with Performance insights enabled. The testing lasts for 48 hours once a month and is the only process that uses the database. The team wants to reduce the cost of running the tests without reducing the compute and memory attributes of the DB instance.
Which solution meets these requirements MOST cost-effectively?

A. Stop the DB instance when tests are completed Restart the DB instance when required
B. Use an Auto Scaling policy with me DB instance to automatically scale when tests are completed
C. Create a snapshot when tests are completed Terminate the DB instance and restore the snapshot when required
D. Modify the DB instance to a low-capacity instance when tests are completed Modify the DB instance again when required

Answer: C


Resources From:

1.2021 Latest Braindump2go SAA-C02 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/saa-c02.html

2.2021 Latest Braindump2go SAA-C02 PDF and SAA-C02 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1_5IK3H_eM74C6AKwU7sKaLn1rrn8xTfm?usp=sharing

3.2020 Free Braindump2go SAA-C02 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/SAA-C02-PDF-Dumps(595-615).pdf

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!