Amazon AWS

AWS Certified Solutions Architect – Associate

SAA-C03
Popular Trending

The AWS Certified Solutions Architect – Associate (SAA-C03) exam tests your ability to design distributed systems on AWS. It is one of the most sought-after certifications in the cloud domain.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 121–130 of 483

Q121

Which AWS service allows for isolated resources within a VPC?

  • A Subnets
  • B EC2 Instances
  • C Gateways
  • D Load Balancers
Explanation Subnets provide isolation of resources in a VPC, while other options represent various functions and not isolation.
Q122

A company needs to securely manage access to AWS resources. What should they use?

  • A IAM Roles
  • B Amazon S3
  • C CloudFormation
  • D AWS CloudTrail
Explanation IAM Roles are designed for managing secure access, while the other options serve different purposes.
Q123

You are configuring an auto-scaling group. What happens if the desired capacity is set to 0?

  • A Instances terminate immediately.
  • B No instances run.
  • C Costs reduce by half.
  • D Load balancer spins down.
Explanation Setting desired capacity to 0 means no instances will run, rather than immediate termination or loss of cost.
Q124

Which service converts and processes real-time streaming data?

  • A Amazon Kinesis
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon DynamoDB
Explanation Amazon Kinesis is designed for real-time data processing, while the other options serve different purposes such as database management or serverless computing.
Q125

A company needs to secure S3 buckets so that they are only accessible via CloudFront. What should you implement?

  • A AWS IAM roles
  • B Bucket policy allowing only CloudFront
  • C S3 Transfer Acceleration
  • D Cross-Origin Resource Sharing
Explanation A bucket policy allows CloudFront access while blocking direct S3 access, unlike IAM roles or CORS which do not restrict access as required.
Q126

What happens when a resource-defined tag is applied to an AWS resource?

  • A Tag affects billing and cost allocation
  • B Tag cannot be edited or removed
  • C Tag restricts access to resources
  • D Tag is globally unique to all accounts
Explanation Tags are used for cost allocation and tracking, while other options are incorrect because tags can be edited, do not restrict access, and are not globally unique.
Q127

A company needs to ensure that its EC2 instances are protected from Distributed Denial-of-Service (DDoS) attacks. Which AWS service should they use?

  • A AWS Shield
  • B AWS Firewall Manager
  • C Amazon GuardDuty
  • D Amazon Inspector
Explanation AWS Shield specifically provides DDoS protection, while the others focus on different security aspects.
Q128

You are configuring an S3 bucket to host a static website. Which permissions must you ensure are granted?

  • A Read and Write to AWS
  • B Public Read Access
  • C Private Access Only
  • D S3 Full Control
Explanation Public Read Access is required to serve a static website publicly; others do not allow for public access.
Q129

What happens when an AWS Lambda function execution reaches its timeout limit?

  • A Function resumes after timeout
  • B Function stops execution immediately
  • C Function logs the error
  • D Function retries automatically
Explanation When a Lambda function times out, it stops execution immediately; it does not resume or retry automatically.
Q130

Which service can be used for serverless computing?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D Amazon S3
Explanation AWS Lambda allows you to run code without provisioning servers. Other options require server management.