← Back to exam page

AWS-Certified-Solutions-Architect-Associate-SAA-C01 AWS Certified Solutions Architect - Associate (SAA-C01)

Loading demo links...

Showing 1–3 of 15 questions

Question 1

Legacy applications currently send messages through a single Amazon EC2 instance, which then routes the messages to the appropriate destinations. The Amazon EC2 instance is a bottleneck and single point of failure, so the company would like to address these issues.

Which services could address this architectural use case? (Choose two.)

Select all that apply, then click Submit answer.

  • Amazon SNS

  • AWS STS

  • Amazon SQS

  • Amazon Route 53

  • AWS Glue
Question 2

A Solutions Architect is about to deploy an API on multiple EC2 instances in an Auto Scaling group behind an ELB. The support team has the following operational requirements: 1 They get an alert when the requests per second go over 50,000

2 They get an alert when latency goes over 5 seconds

3 They can validate how many times a day users call the API requesting highly-sensitive data

Which combination of steps does the Architect need to take to satisfy these operational requirements? (Choose two.)

Select all that apply, then click Submit answer.

  • Ensure that CloudTrail is enabled.

  • Create a custom CloudWatch metric to monitor the API for data access.

  • Configure CloudWatch alarms for any metrics the support team requires.

  • Ensure that detailed monitoring for the EC2 instances is enabled.

  • Create an application to export and save CloudWatch metrics for longer term trending analysis.
Question 3

A company hosts a two-tier application that consists of a publicly accessible web server that communicates with a private database. Only HTTPS port 443 traffic to the web server must be allowed from the Internet.

Which of the following options will achieve these requirements? (Choose two.)

Select all that apply, then click Submit answer.

  • Security group rule that allows inbound Internet traffic for port 443.

  • Security group rule that denies all inbound Internet traffic except port 443.

  • Network ACL rule that allows port 443 inbound and all ports outbound for Internet traffic.

  • Security group rule that allows Internet traffic for port 443 in both inbound and outbound.

  • Network ACL rule that allows port 443 for both inbound and outbound for all Internet traffic.