Amazon Web Services exams4sure pass Saa-c03 Exam Guide by Kyla q281 vce pdf

Page: 28 / 68

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	911 Q&A's	Shared By:	kyla

Question 112

A company is developing an application using Amazon Aurora MySQL. The team will frequently make schema changes to test new features without affecting production. After testing, changes must be promoted to production with minimal downtime.

Which solution meets these requirements?

Options:

Create a staging Aurora cluster based on the existing cluster. Test schema changes on the staging cluster.

Create a read replica, modify its schema, and then promote it to primary.

Create an Aurora MySQL blue/green deployment. Make schema changes in the staging environment and switch traffic after testing.

Replicate the Aurora database to DynamoDB, apply schema changes, and switch the application to DynamoDB.

Discussion

Question 113

A company hosts an application on Amazon EC2 instances that are part of a target group behind an Application Load Balancer (ALB). The company has attached a security group to the ALB.

During a recent review of application logs, the company found many unauthorized login attempts from IP addresses that belong to countries outside the company ' s normal user base. The company wants to allow traffic only from the United States and Australia.

Options:

Edit the default network ACL to block IP addresses from outside of the allowed countries.

Create a geographic match rule in AWS WAF. Attach the rule to the ALB.

Configure the ALB security group to allow the IP addresses of company employees. Edit the default network ACL to block IP addresses from outside of the allowed countries.

Use a host-based firewall on the EC2 instances to block IP addresses from outside of the allowed countries. Configure the ALB security group to allow the IP addresses of company employees.

Discussion

Peyton

Hey guys. Guess what? I passed my exam. Thanks a lot Cramkey, your provided information was relevant and reliable.

Coby May 22, 2026

Thanks for sharing your experience. I think I'll give Cramkey a try for my next exam.

Syeda

I passed, Thank you Cramkey for your precious Dumps.

Stella May 2, 2026

That's great. I think I'll give Cramkey Dumps a try.

Esmae

I highly recommend Cramkey Dumps to anyone preparing for the certification exam.

Mollie May 26, 2026

Absolutely. They really make it easier to study and retain all the important information. I'm so glad I found Cramkey Dumps.

Neve

Will I be able to achieve success after using these dumps?

Rohan May 16, 2026

Absolutely. It's a great way to increase your chances of success.

Question 114

A company has a web application that stores user transactions in an Amazon DynamoDB table. To comply with regulations, the company must retain a copy of user transaction data for 7 years.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

Use DynamoDB point-in-time recovery to back up the table continuously.

Use AWS Backup to create backup schedules and retention policies for the table.

Create an on-demand backup of the table by using DynamoDB. Store the backup in an Amazon S3 bucket. Set an S3 Lifecycle configuration for the S3 bucket.

Create an Amazon EventBridge rule to invoke an AWS Lambda function. Configure the Lambda function to back up the table and to store the backup in an Amazon S3 bucket. Set an S3 Lifecycle configuration for the S3 bucket.

Discussion

Question 115

A company needs to give a globally distributed development team secure access to the company ' s AWS resources in a way that complies with security policies.

The company currently uses an on-premises Active Directory for internal authentication. The company uses AWS Organizations to manage multiple AWS accounts that support multiple projects.

The company needs a solution to integrate with the existing infrastructure to provide centralized identity management and access control.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

Set up AWS Directory Service to create an AWS managed Microsoft Active Directory on AWS. Establish a trust relationship with the on-premises Active Directory. Use IAM roles that are assigned to Active Directory groups to access AWS resources within the company ' s AWS accounts.

Create an IAM user for each developer. Manually manage permissions for each IAM user based on each user ' s involvement with each project. Enforce multi-factor authentication (MFA) as an additional layer of security.

Use AD Connector in AWS Directory Service to connect to the on-premises Active Directory. Integrate AD Connector with AWS IAM Identity Center. Configure permissions sets to give each AD group access to specific AWS accounts and resources.

Use Amazon Cognito to deploy an identity federation solution. Integrate the identity federation solution with the on-premises Active Directory. Use Amazon Cognito to provide access tokens for developers to access AWS accounts and resources.