Amazon Web Services nwexams ace Your Saa-c03 Aws Certified Associate Exam by Thalia q80 vce pdf

Page: 7 / 84

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	1130 Q&A's	Shared By:	thalia

Question 28

A company is deploying a new application on Amazon EC2 instances. The application writes data to Amazon Elastic Block Store (Amazon EBS) volumes. The company needs to ensure that all data that is written to the EBS volumes is encrypted at rest.

Which solution will meet this requirement?

Options:

Create an IAM role that specifies EBS encryption. Attach the role to the EC2 instances.

Create the EBS volumes as encrypted volumes. Attach the EBS volumes to the EC2 instances

Create an EC2 instance tag that has a key of Encrypt and a value of True. Tag all instances that require encryption at the EBS level.

Create an AWS Key Management Service (AWS KMS) key policy that enforces EBS encryption in the account. Ensure that the key policy is active

Discussion

Question 29

A company uses Amazon API Gateway to run a private gateway with two REST APIs in the same VPC. The BuyStock RESTful web service calls the CheckFunds RESTful

web service to ensure that enough funds are available before a stock can be purchased. The company has noticed in the VPC flow logs that the BuyStock RESTful web

service calls the CheckFunds RESTful web service over the internet instead of through the VPC. A solutions architect must implement a solution so that the APIs

communicate through the VPC.

Which solution will meet these requirements with the FEWEST changes to the code?

(Select Correct Option/s and give detailed explanation from AWS Certified Solutions Architect - Associate (SAA-C03) Study Manual or documents)

Options:

Add an X-APl-Key header in the HTTP header for authorization.

Use an interface endpoint.

Use a gateway endpoint.

Add an Amazon Simple Queue Service (Amazon SQS) queue between the two REST APIs.

Discussion

Question 30

The customers of a finance company request appointments with financial advisors by sending text messages. A web application that runs on Amazon EC2 instances accepts the appointmentrequests. The text messages are published to an Amazon Simple Queue Service (Amazon SQS) queue through the web application. Another application that runs on EC2 instances then sends meeting invitations and meeting confirmation email messages to the customers. After successful scheduling, this application stores the meeting information in an Amazon DynamoDB database.

As the company expands, customers report that their meeting invitations are taking longer to arrive.

What should a solutions architect recommend to resolve this issue?

Options:

Add a DynamoDB Accelerator (DAX) cluster in front of the DynamoDB database.

Add an Amazon API Gateway API in front of the web application that accepts the appointment requests.

Add an Amazon CloudFront distribution. Set the origin as the web application that accepts the appointment requests.

Add an Auto Scaling group for the application that sends meeting invitations. Configure the Auto Scaling group to scale based on the depth of the SQS queue.

Discussion

Question 31

A company has a workload in an AWS Region. Customers connect to and access the workload by using an Amazon API Gateway REST API. The company uses Amazon Route 53 as its DNS provider. The company wants to provide individual and secure URLs for all customers.

Which combination of steps will meet these requirements with the MOST operational efficiency? (Select THREE.)

Options:

Register the required domain in a registrar. Create a wildcard custom domain name in a Route 53 hosted zone and record in the zone that points to the API Gateway endpoint.

Request a wildcard certificate that matches the domains in AWS Certificate Manager (ACM) in a different Region.

Create hosted zones for each customer as required in Route 53. Create zone records that point to the API Gateway endpoint.

Request a wildcard certificate that matches the custom domain name in AWS Certificate Manager (ACM) in the same Region.

Create multiple API endpoints for each customer in API Gateway.

Create a custom domain name in API Gateway for the REST API. Import the certificate from AWS Certificate Manager (ACM).

Discussion

Answer:

A, D, F

Explanation:

To provide individual and secure URLs for all customers using an API Gateway REST API, you need to do the following steps:

A. Register the required domain in a registrar. Create a wildcard custom domain name in a Route 53 hosted zone and record in the zone that points to the API Gateway endpoint. This step will allow you to use a custom domain name for your API instead of the default one generated by API Gateway. A wildcard custom domain name means that you can use any subdomain under your domain name (such as customer1.example.com or customer2.example.com) to access your API. You need to register your domain name with a registrar (such as Route 53 or a third-party registrar) and create a hosted zone in Route 53 for your domain name. You also need to create a record in the hosted zone that points to the API Gateway endpoint using an alias record.

D. Request a wildcard certificate that matches the custom domain name in AWS Certificate Manager (ACM) in the same Region. This step will allow you to secure your API with HTTPS using a certificate issued by ACM. A wildcard certificate means that it can match any subdomain under your domain name (such as *.example.com). You need to request or import a certificate in ACM that matches your custom domain name and verify that you own the domain name. You also need to request the certificate in the same Region as your API.

F. Create a custom domain name in API Gateway for the REST API. Import the certificate from AWS Certificate Manager (ACM). This step will allow you to associate your custom domain name with your API and use the certificate fromACM to enable HTTPS. You need to create a custom domain name in API Gateway for the REST API and specify the certificate ARN from ACM. You also need to create a base path mapping that maps a path from your custom domain name to your API stage.

[References: https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.htmlhttps://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request.html, , , , ]

Cody

I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.

Eric Sep 13, 2024

Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.

Anya

I must say they're considered the best dumps available and the questions are very similar to what you'll see in the actual exam. Recommended!!!

Cassius Nov 2, 2024

Yes, they offer a 100% success guarantee. And many students who have used them have reported passing their exams with flying colors.

Conor

I recently used these dumps for my exam and I must say, I was impressed with their authentic material.

Yunus Sep 13, 2024

Exactly…….The information in the dumps is so authentic and up-to-date. Plus, the questions are very similar to what you'll see on the actual exam. I felt confident going into the exam because I had studied using Cramkey Dumps.

Peyton

Hey guys. Guess what? I passed my exam. Thanks a lot Cramkey, your provided information was relevant and reliable.

Coby Sep 6, 2024

Thanks for sharing your experience. I think I'll give Cramkey a try for my next exam.

Reeva

Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.

Amari Sep 1, 2024

Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.

Page: 7 / 84

Title

Questions

Posted