Amazon Web Services exactexam saa-c03 Questions Bank by Rosanna q401 vce pdf

Page: 8 / 56

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	879 Q&A's	Shared By:	rosanna

Question 32

A data science team requires storage for nightly log processing. The size and number of logs is unknown and the logs will persist for 24 hours only.

What is the MOST cost-effective solution?

Options:

Amazon S3 Glacier Deep Archive

Amazon S3 Standard

Amazon S3 Intelligent-Tiering

Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)

Discussion

Question 33

A global company is migrating its workloads from an on-premises data center to AWS. The AWS environment includes multiple AWS accounts. IAM roles. AWS Config rules, and a VPC.

The company wants an automated process to provision new accounts on demand when the company ' s business units require new accounts.

Which solution will meet these requirements with LEAST effort?

Options:

Use AWS Control Tower to set up an organization in AWS Organizations. Use AWS Control Tower Account Factory for Terraform (AFT) to provision new AWS accounts.

Create an organization in AWS Organizations. Use the AWS CLI CreateAccount API action to provision new AWS accounts. Organize the business units with organizational units (OUs).

Create an AWS Lambda function that uses the AWS Organizations API to create new accounts. Invoke the Lambda function from an AWS CloudFormation template in AWS Service Catalog.

Create an organization in AWS Organizations. Use AWS Step Functions to orchestrate the account creation process. Send account creation requests to an Amazon API Gateway API endpoint to invoke an AWS Lambda function that creates new accounts.

Discussion

Question 34

A solutions architect is building an Amazon S3 data lake for a company. The company uses Amazon Kinesis Data Firehose to ingest customer personally identifiable information (PII) and transactional data in near real-time to an S3 bucket. The company needs to mask all PII data before storing thedata in the data lake.

Which solution will meet these requirements?

Options:

Create an AWS Lambda function to detect and mask PII. Invoke the function from Kinesis Data Firehose.

Use Amazon Macie to scan the S3 bucket. Configure Macie to detect and mask PII.

Enable server-side encryption (SSE) on the S3 bucket.

Create an AWS Lambda function that integrates with AWS CloudHSM. Configure the function to detect and mask PII.

Discussion

Ilyas

Definitely. I felt much more confident and prepared because of the Cramkey Dumps. I was able to answer most of the questions with ease and I think that helped me to score well on the exam.

Saoirse Mar 15, 2026

That's amazing. I'm glad you found something that worked for you. Maybe I should try them out for my next exam.

Laila

They're such a great resource for anyone who wants to improve their exam results. I used these dumps and passed my exam!! Happy customer, always prefer. Yes, same questions as above I know you guys are perfect.

Keira Mar 17, 2026

100% right….And they're so affordable too. It's amazing how much value you get for the price.

Pippa

I was so happy to see that almost all the questions on the exam were exactly what I found in their Dumps.

Anastasia Mar 6, 2026

You are right…It was amazing! The Cramkey Dumps were so comprehensive and well-organized, it made studying for the exam a breeze.

Nia

Why are these Dumps so important for students these days?

Mary Mar 23, 2026

With the constantly changing technology and advancements in the industry, it's important for students to have access to accurate and valid study material. Cramkey Dumps provide just that. They are constantly updated to reflect the latest changes and ensure that the information is up-to-date.

Hendrix

Great website with Great Exam Dumps. Just passed my exam today.

Luka Mar 13, 2026

Absolutely. Cramkey Dumps only provides the latest and most updated exam questions and answers.

Question 35

A solutions architect needs to secure an Amazon API Gateway REST API. Users need to be able to log in to the API by using common external social identity providers (IdPs). The social IdPs must use standard authentication protocols such as SAML or OpenID Connect (OIDC). The solutions architect needs to protect the API against attempts to exploit application vulnerabilities.

Which combination of steps will meet these security requirements? (Select TWO.)

Options:

Create an AWS WAF web ACL that is associated with the REST API. Add the appropriate managed rules to the ACL.

Subscribe to AWS Shield Advanced. Enable DDoS protection. Associate Shield Advanced with the REST API.

Create an Amazon Cognito user pool with a federation to the social IdPs. Integrate the user pool with the REST API.

Create an API key in API Gateway. Associate the API key with the REST API.

Create an IP address filter in AWS WAF that allows only the social IdPs. Associate the filter with the web ACL and the API.