Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Amazon Web Services Updated SAP-C02 Exam Questions and Answers by omari

Page: 2 / 50

Amazon Web Services SAP-C02 Exam Overview :

Exam Name: AWS Certified Solutions Architect - Professional
Exam Code: SAP-C02 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Professional
Questions: 683 Q&A's Shared By: omari
Question 8

A company has an organization in AWS Organizations that has a large number of AWS accounts. One of the AWS accounts is designated as a transit account and has a transit gateway that is shared with all of the other AWS accounts AWS Site-to-Site VPN connections are configured between ail of the company ' s global offices and the transit account The company has AWS Config enabled on all of its accounts.

The company ' s networking team needs to centrally manage a list of internal IP address ranges thatbelong to the global offices Developers Will reference this list to gain access to applications securely.

Which solution meets these requirements with the LEAST amount of operational overhead?

Options:

A.

Create a JSON file that is hosted in Amazon S3 and that lists all of the internal IP address ranges Configure an Amazon Simple Notification Service (Amazon SNS) topic in each of the accounts that can be involved when the JSON file is updated. Subscribe an AWS Lambda function to the SNS topic to update all relevant security group rules with Vie updated IP address ranges.

B.

Create a new AWS Config managed rule that contains all of the internal IP address ranges Use the rule to check the security groups in each of the accounts to ensure compliance with the list of IP address ranges. Configure the rule to automatically remediate any noncompliant security group that is detected.

C.

In the transit account, create a VPC prefix list with all of the internal IP address ranges. Use AWS Resource Access Manager to share the prefix list with all of the other accounts. Use the shared prefix list to configure security group rules is the other accounts.

D.

In the transit account create a security group with all of the internal IP address ranges. Configure the security groups in me other accounts to reference the transit account ' s securitygroup by using a nested security group reference of * < transit-account-id > ./sg-1a2b3c4d " .

Discussion
Victoria
Hey, guess what? I passed the certification exam! I couldn't have done it without Cramkey Dumps.
Isabel Jun 7, 2026
Same here! I was so surprised when I saw that almost all the questions on the exam were exactly what I found in their study materials.
River
Hey, I used Cramkey Dumps to prepare for my recent exam and I passed it.
Lewis Jun 12, 2026
Yeah, I used these dumps too. And I have to say, I was really impressed with the results.
Nylah
I've been looking for good study material for my upcoming certification exam. Need help.
Dolly Jun 8, 2026
Then you should definitely give Cramkey Dumps a try. They have a huge database of questions and answers, making it easy to study and prepare for the exam. And the best part is, you can be sure the information is accurate and relevant.
Melody
My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.
Colby Jun 13, 2026
Yes, In fact, I got a score of above 85%. And I attribute a lot of my success to Cramkey's dumps.
Question 9

An application is using an Amazon RDS for MySQL Multi-AZ DB instance in the us-east-1 Region. After a failover test, the application lost the connections to the database and could not re-establish the connections. After a restart of the application, the application re-established the connections.

A solutions architect must implement a solution so that the application can re-establish connections to the database without requiring a restart.

Which solution will meet these requirements?

Options:

A.

Create an Amazon Aurora MySQL Serverless v1 DB instance. Migrate the RDS DB instance to the Aurora Serverless v1 DB instance. Update the connection settings in the application to point to the Aurora reader endpoint.

B.

Create an RDS proxy. Configure the existing RDS endpoint as a target. Update the connection settings in the application to point to the RDS proxy endpoint.

C.

Create a two-node Amazon Aurora MySQL DB cluster. Migrate the RDS DB instance to the Aurora DB cluster. Create an RDS proxy. Configure the existing RDS endpoint as a target. Update the connection settings in the application to point to the RDS proxy endpoint.

D.

Create an Amazon S3 bucket. Export the database to Amazon S3 by using AWS Database Migration Service (AWS DMS). Configure Amazon Athena to use the S3 bucket as a data store. Install the latest Open Database Connectivity (ODBC) driver for the application. Update the connection settings in the application to point to the Athena endpoint

Discussion
Question 10

A company uses an organization in AWS Organizations with all features enabled to manage AWS accounts. For each new project, the company creates a new linked account. After the creation of a new account, the root user signs in to the new account and creates a service request to increase the service quota for Amazon EC2 instances.

The company needs to automate this process.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

A.

Create an Amazon EventBridge rule to detect the creation of a new account. Send the event to an Amazon SNS topic that invokes an AWS Lambda function. Configure the Lambda function to request a quota increase.

B.

Create a Service Quotas request template in the organization’s management account. Configure the request template to request a quota increase. Associate the request template with the organization.

C.

Create an AWS Config rule in the organization’s management account to check the quota. Create an AWS Lambda function. Configure the Lambda function to request a quota increase.

D.

Create an automatic quota remediation action for AWS Trusted Advisor in the organization’s management account. Create an AWS Step Functions workflow for the remediation action. Configure the Step Functions step to request a quota increase.

Discussion
Question 11

A company is updating an application that customers use to make online orders. The number of attacks on the application by bad actors has increased recently.

The company will host the updated application on an Amazon Elastic Container Service (Amazon ECS) cluster. The company will use Amazon DynamoDB to store application data. A public Application Load Balancer (ALB) will provide end users with access to the application. The company must prevent prevent attacks and ensure business continuity with minimal service interruptions during an ongoing attack.

Which combination of steps will meet these requirements MOST cost-effectively? (Select TWO.)

Options:

A.

Create an Amazon CloudFront distribution with the ALB as the origin. Add a custom header and random value on the CloudFront domain. Configure the ALB to conditionally forward traffic if the header and value match.

B.

Deploy the application in two AWS Regions. Configure Amazon Route 53 to route to both Regions with equal weight.

C.

Configure auto scaling for Amazon ECS tasks. Create a DynamoDB Accelerator (DAX) cluster.

D.

Configure Amazon ElastiCache to reduce overhead on DynamoDB.

E.

Deploy an AWS WAF web ACL that includes an appropriate rule group. Associate the web ACL with the Amazon CloudFront distribution.

Discussion
Page: 2 / 50
Title
Questions
Posted

SAP-C02
PDF

$36.75  $104.99

SAP-C02 Testing Engine

$43.75  $124.99

SAP-C02 PDF + Testing Engine

$57.75  $164.99