Amazon Web Services passguide aws Certified Associate Saa-c03 Passing Score by Tomas q361 vce pdf

Page: 43 / 50

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	649 Q&A's	Shared By:	tomas

Question 172

A company hosts a video streaming web application in a VPC. The company uses a Network Load Balancer (NLB) to handle TCP traffic for real-time data processing. There have been unauthorized attempts to access the application.

The company wants to improve application security with minimal architectural change to prevent unauthorized attempts to access the application.

Which solution will meet these requirements?

Options:

Implement a series of AWS WAF rules directly on the NLB to filter out unauthorized traffic.

Recreate the NLB with a security group to allow only trusted IP addresses.

Deploy a second NLB in parallel with the existing NLB configured with a strict IP address allow list.

Use AWS Shield Advanced to provide enhanced DDoS protection and prevent unauthorized access attempts.

Discussion

Question 173

A media publishing company is building an application that allows users to print custom books. The frontend runs in a Docker container. Incoming order volume is highly variable and can exceed the throughput of the physical printing machines. Order-processing payloads can be up to 4 MB.

The company needs a scalable solution for handling incoming orders.

Which solution will meet this requirement?

Options:

Use Amazon SQS to queue incoming orders. Use Lambda@Edge to process orders. Deploy the frontend on Amazon EKS.

Use Amazon SNS to queue incoming orders. Use a Lambda function to process orders. Deploy the frontend on AWS Fargate.

Use Amazon SQS to queue incoming orders. Use a Lambda function to process orders. Deploy the frontend on Amazon ECS with the Fargate launch type.

Use Amazon SNS to queue incoming orders. Use Lambda@Edge to process orders. Deploy the frontend on Amazon EC2 instances.

Discussion

Cody

I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.

Eric Jan 17, 2026

Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.

Syeda

I passed, Thank you Cramkey for your precious Dumps.

Stella Jan 10, 2026

That's great. I think I'll give Cramkey Dumps a try.

Melody

My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.

Colby Jan 3, 2026

Yes, In fact, I got a score of above 85%. And I attribute a lot of my success to Cramkey's dumps.

Hendrix

Great website with Great Exam Dumps. Just passed my exam today.

Luka Jan 14, 2026

Absolutely. Cramkey Dumps only provides the latest and most updated exam questions and answers.

Lennie

I passed my exam and achieved wonderful score, I highly recommend it.

Emelia Jan 3, 2026

I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Question 174

A company needs to provide a team of contractors with temporary access to the company's AWS resources for a short-term project. The contractors need different levels of access to AWS services. The company needs to revoke permissions for all the contractors when the project is finished.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

Use AWS IAM to create a user account for each contractor. Attach policies that define access levels for the contractors to the user accounts. Manually deactivate the accounts when the project is finished.

Use AWS Security Token Service (AWS STS) to generate temporary credentials for the contractors. Provide the contractors access based on predefined roles. Set the access to automatically expire when the project is finished.

Configure AWS Config rules to monitor the contractors' access patterns. Use AWS Config rules to automatically revoke permissions that are not in use or that are too permissive.

Use AWS CloudTrail and custom Amazon EventBridge triggers to audit the contractors' actions. Adjust the permissions for each contractor based on activity logs.

Discussion

Question 175

A company wants to provide a third-party system that runs in a private data center with access to its AWS account. The company wants to call AWS APIs directly from the third-party system. The company has an existing process for managing digital certificates. The company does not want to use SAML or OpenID Connect (OIDC) capabilities and does not want to store long-term AWS credentials.

Which solution will meet these requirements?

Options:

Configure mutual TLS to allow authentication of the client and server sides of the communication channel.

Configure AWS Signature Version 4 to authenticate incoming HTTPS requests to AWS APIs.

Configure Kerberos to exchange tickets for assertions that can be validated by AWS APIs.

Configure AWS Identity and Access Management (IAM) Roles Anywhere to exchange X.509 certificates for AWS credentials to interact with AWS APIs.