Amazon AWS

AWS Certified Solutions Architect – Associate

SAA-C03
Popular Trending

The AWS Certified Solutions Architect – Associate (SAA-C03) exam tests your ability to design distributed systems on AWS. It is one of the most sought-after certifications in the cloud domain.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 221–230 of 483

Q221

A company needs to authenticate users based on their corporate credentials without managing user accounts in AWS. What would be the best solution?

  • A AWS IAM
  • B AWS Cognito
  • C SAML Federation
  • D AWS Directory Service
Explanation SAML Federation allows authentication against existing corporate credentials, while IAM and Cognito require AWS user management.
Q222

You are configuring a VPC with public and private subnets. What happens if you add a route for 0.0.0.0/0 to a private subnet's route table?

  • A Traffic routes to the internet.
  • B Traffic routes to the VPC.
  • C Traffic drops to zero.
  • D Traffic requires IGW attachment.
Explanation Adding this route to a private subnet will have no effect since there is no IGW attached, causing traffic to drop.
Q223

Which service provides notifications based on events in AWS resources?

  • A Amazon SNS
  • B AWS Lambda
  • C Amazon CloudWatch
  • D Amazon SQS
Explanation Amazon SNS is specifically designed for sending notifications based on events; the others serve different purposes.
Q224

A company needs to store and analyze log data securely. Which solution should they choose?

  • A Amazon S3 with Lifecycle Policies
  • B AWS Redshift for Log Analysis
  • C Amazon RDS for log storage
  • D Amazon EFS for file sharing
Explanation Amazon S3 is best for secure log storage with analysis capabilities using additional services, while the others are not suitable.
Q225

What happens when an EC2 instance is terminated?

  • A Data on local storage persists
  • B Elastic IP is retained automatically
  • C Instance state changes to stopped
  • D Instance cannot be restarted
Explanation Terminated instances cannot be restarted; the other options suggest incorrect retention or state behavior.
Q226

Which AWS service allows for event-driven computing?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D AWS CloudFormation
Explanation AWS Lambda executes code in response to events; EC2 and RDS are compute and database services, respectively, while CloudFormation is for resource management.
Q227

A company needs a cost-effective solution for long-term storage of data that is infrequently accessed. Which service should they use?

  • A Amazon S3 Standard
  • B Amazon S3 Glacier
  • C Amazon EBS
  • D AWS Backup
Explanation S3 Glacier is optimized for infrequent access at lower cost; S3 Standard is for frequently accessed data, EBS is for block storage, and AWS Backup is for backup management.
Q228

What happens when an IAM user's permissions do not explicitly allow an action?

  • A Action is allowed by default
  • B Action is denied by default
  • C User is logged out
  • D Permissions are inherited from the group
Explanation By default, IAM denies actions that are not explicitly permitted; options A and D are incorrect as IAM does not allow by default and has no automatic logout, respectively.
Q229

Which service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C AWS Elastic Beanstalk
  • D Amazon RDS
Explanation AWS Lambda runs code in response to events without server management, whereas the others require server provisioning or management.
Q230

A company needs to enforce multi-factor authentication for IAM users. What should they do?

  • A Enable AWS CloudTrail
  • B Use IAM policies only
  • C Implement Virtual MFA devices
  • D Increase IAM user permissions
Explanation Implementing Virtual MFA devices enforces multi-factor authentication, unlike the other options which don’t enforce MFA directly.