Amazon Web Services braindumps aws Certified Associate Saa-c03 Exam Dumps by Mitchell q201 vce pdf

Page: 35 / 71

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	981 Q&A's	Shared By:	mitchell

Question 140

A company's web application is running on Amazon EC2 instances behind an Application Load Balancer. The company recently changed its policy, which now requires the application to be accessed from one specific country only.

Which configuration will meet this requirement?

Options:

Configure the security group for the EC2 instances.

Configure the security group on the Application Load Balancer.

Configure AWS WAF on the Application Load Balancer in a VPC.

Configure the network ACL for the subnet that contains the EC2 instances.

Discussion

Sam

Can I get help from these dumps and their support team for preparing my exam?

Audrey Aug 29, 2024

Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!

Teddie

yes, I passed my exam with wonderful score, Accurate and valid dumps.

Isla-Rose Aug 18, 2024

Absolutely! The questions in the dumps were almost identical to the ones that appeared in the actual exam. I was able to answer almost all of them correctly.

Ernest

That's amazing. I think I'm going to give Cramkey Dumps a try for my next exam. Thanks for telling me about them! CramKey admin please share more questions……You guys are amazing.

Nate Sep 15, 2024

I failed last week, I never know this site , but amazed to see all these questions were in my exam week before. I feel bad now, why I didn’t bother this site. Thanks Cramkey, Excellent Job.

Ivan

I tried these dumps for my recent certification exam and I found it pretty helpful.

Elis Sep 17, 2024

Agree!!! The questions in the dumps were quite similar to what came up in the actual exam. It gave me a good idea of the types of questions to expect and helped me revise efficiently.

Ava-Rose

Yes! Cramkey Dumps are amazing I passed my exam…Same these questions were in exam asked.

Ismail Sep 18, 2024

Wow, that sounds really helpful. Thanks, I would definitely consider these dumps for my certification exam.

Question 141

A company uses a three-tier web application to provide training to new employees. The application is accessed for only 12 hours every day. The company is using an Amazon RDS for MySQL DB instance to store information and wants to minimize costs.

What should a solutions architect do to meet these requirements?

Options:

Configure an IAM policy for AWS Systems Manager Session Manager. Create an IAM role for the policy. Update the trust relationship of the role. Set up automatic start and stop for the DB instance.

Create an Amazon ElastiCache for Redis cache cluster that gives users the ability to access the data from the cache when the DB instance is stopped. Invalidate the cache after the DB instance is started.

Launch an Amazon EC2 instance. Create an IAM role that grants access to Amazon RDS. Attach the role to the EC2 instance. Configure a cron job to start and stop the EC2 instance on the desired schedule.

Create AWS Lambda functions to start and stop the DB instance. Create Amazon EventBridge (Amazon CloudWatch Events) scheduled rules to invoke the Lambda functions. Configure the Lambda functions as event targets for the rules

Discussion

Question 142

A company wants to implement a backup strategy for Amazon EC2 data and multiple Amazon S3 buckets. Because of regulatory requirements, the company must retain backup files for a specific time period. The company must not alter the files for the duration of the retention period.

Which solution will meet these requirements?

Options:

Use AWS Backup to create a backup vault that has a vault lock in governance mode. Create the required backup plan.

Use Amazon Data Lifecycle Manager to create the required automated snapshot policy.

Use Amazon S3 File Gateway to create the backup. Configure the appropriate S3 Lifecycle management.

Use AWS Backup to create a backup vault that has a vault lock in compliance mode. Create the required backup plan.

Discussion

Question 143

A company uses AWS Organizations with all features enabled and runs multiple Amazon EC2 workloads in the ap-southeast-2 Region. The company has a service control policy (SCP) that prevents any resources from being created in any other Region. A security policy requires the company to encrypt all data at rest.

An audit discovers that employees have created Amazon Elastic Block Store (Amazon EBS) volumes for EC2 instances without encrypting the volumes. The company wants any new EC2 instances that any 1AM user or root user launches in ap-southeast-2 to use encrypted EBS volumes. The company wants a solution that will have minimal effect on employees who create EBS volumes.

Which combination of steps will meet these requirements? (Select TWO.)

Options:

In the Amazon EC2 console, select the EBS encryption account attribute and define a default encryption key.

Create an 1AM permission boundary. Attach the permission boundary to the root organizational unit (OU). Define the boundary to deny the ec2:CreateVolume action when the ec2:Encrypted condition equals false.

Create an SCR Attach the SCP to the root organizational unit (OU). Define the SCP to deny the ec2:CreateVolume action when the ec2:Encrypted condition equals false.

Update the 1AM policies for each account to deny the ec2:CreateVolume action when the ec2:Encrypted condition equals false.

In the Organizations management account, specify the Default EBS volume encryption setting.