Amazon Web Services exactexam saa-c03 Questions Bank by Rosanna q401 vce pdf

Page: 8 / 56

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	758 Q&A's	Shared By:	rosanna

Question 32

A data science team requires storage for nightly log processing. The size and number of logs is unknown and the logs will persist for 24 hours only.

What is the MOST cost-effective solution?

Options:

Amazon S3 Glacier Deep Archive

Amazon S3 Standard

Amazon S3 Intelligent-Tiering

Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)

Discussion

Question 33

A global company is migrating its workloads from an on-premises data center to AWS. The AWS environment includes multiple AWS accounts. IAM roles. AWS Config rules, and a VPC.

The company wants an automated process to provision new accounts on demand when the company ' s business units require new accounts.

Which solution will meet these requirements with LEAST effort?

Options:

Use AWS Control Tower to set up an organization in AWS Organizations. Use AWS Control Tower Account Factory for Terraform (AFT) to provision new AWS accounts.

Create an organization in AWS Organizations. Use the AWS CLI CreateAccount API action to provision new AWS accounts. Organize the business units with organizational units (OUs).

Create an AWS Lambda function that uses the AWS Organizations API to create new accounts. Invoke the Lambda function from an AWS CloudFormation template in AWS Service Catalog.

Create an organization in AWS Organizations. Use AWS Step Functions to orchestrate the account creation process. Send account creation requests to an Amazon API Gateway API endpoint to invoke an AWS Lambda function that creates new accounts.

Discussion

Anaya

I found so many of the same questions on the real exam that I had already seen in the Cramkey Dumps. Thank you so much for making exam so easy for me. I passed it successfully!!!

Nina Feb 20, 2026

It's true! I felt so much more confident going into the exam because I had already seen and understood the questions.

Josie

I just passed my certification exam using their dumps and I must say, I was thoroughly impressed.

Fatimah Feb 10, 2026

You’re right. The dumps were authentic and covered all the important topics. I felt confident going into the exam and it paid off.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun Feb 23, 2026

That sounds really useful. I'll definitely check it out.

Faye

Yayyyy. I passed my exam. I think all students give these dumps a try.

Emmeline Feb 10, 2026

Definitely! I have no doubt new students will find them to be just as helpful as I did.

River

Hey, I used Cramkey Dumps to prepare for my recent exam and I passed it.

Lewis Feb 24, 2026

Yeah, I used these dumps too. And I have to say, I was really impressed with the results.

Question 34

A solutions architect is building an Amazon S3 data lake for a company. The company uses Amazon Kinesis Data Firehose to ingest customer personally identifiable information (PII) and transactional data in near real-time to an S3 bucket. The company needs to mask all PII data before storing thedata in the data lake.

Which solution will meet these requirements?

Options:

Create an AWS Lambda function to detect and mask PII. Invoke the function from Kinesis Data Firehose.

Use Amazon Macie to scan the S3 bucket. Configure Macie to detect and mask PII.

Enable server-side encryption (SSE) on the S3 bucket.

Create an AWS Lambda function that integrates with AWS CloudHSM. Configure the function to detect and mask PII.

Discussion

Question 35

A solutions architect needs to secure an Amazon API Gateway REST API. Users need to be able to log in to the API by using common external social identity providers (IdPs). The social IdPs must use standard authentication protocols such as SAML or OpenID Connect (OIDC). The solutions architect needs to protect the API against attempts to exploit application vulnerabilities.

Which combination of steps will meet these security requirements? (Select TWO.)

Options:

Create an AWS WAF web ACL that is associated with the REST API. Add the appropriate managed rules to the ACL.

Subscribe to AWS Shield Advanced. Enable DDoS protection. Associate Shield Advanced with the REST API.

Create an Amazon Cognito user pool with a federation to the social IdPs. Integrate the user pool with the REST API.

Create an API key in API Gateway. Associate the API key with the REST API.

Create an IP address filter in AWS WAF that allows only the social IdPs. Associate the filter with the web ACL and the API.