Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Amazon Web Services Updated SAA-C03 Exam Questions and Answers by tillie

Page: 38 / 68

Amazon Web Services SAA-C03 Exam Overview :

Exam Name: AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code: SAA-C03 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Associate
Questions: 923 Q&A's Shared By: tillie
Question 152

A company uses an organization in AWS Organizations to manage a multi-account landing zone. The company requires all users who access AWS accounts in the organization to use a centralized identity system that follows the principle of least privilege for operational tasks. The company currently uses an external identity provider (IdP).

Which combination of solutions will meet these requirements? (Select TWO.)

Options:

A.

Use AWS Identity and Access Management (IAM) to create IAM users and IAM user groups in each AWS account.

B.

Create permission sets in AWS IAM Identity Center. Assign the appropriate permission sets to the IAM users and IAM user groups in the accounts.

C.

Assign each IAM user to an IAM role by using an inline IAM policy based on operational duties. Assign each role to the appropriate AWS account in the organization.

D.

Configure a SAML identity provider in AWS Identity and Access Management (IAM) in each AWS account to establish a trust relationship with the company ' s external IdP.

E.

Enable AWS IAM Identity Center in the organization management account. Create user accounts and user groups.

Discussion
Question 153

A company is building new learning management applications on AWS. The company is using Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 to host the applications. The company must ensure that container images are secure. Company administrators must receive notifications of any security vulnerabilities in the images.

Which combination of solutions will meet these requirements? (Select TWO.)

Options:

A.

Modify the ECS cluster properties to use privileged mode. Enable host-based logging.

B.

Use the AWS Config conformance pack for Amazon ECS. Use AWS Config to notify administrators if any security vulnerabilities are detected.

C.

Configure AWS WAF to invoke an Amazon CloudWatch alarm when a new security vulnerability is detected.

D.

Use Amazon Inspector to scan container images in Amazon Elastic Container Registry (Amazon ECR).

E.

Use AWS Systems Manager Parameter Store to encrypt container images.

Discussion
Question 154

A finance company has a web application that generates credit reports for customers. The company hosts the frontend of the web application on a fleet of Amazon EC2 instances that is associated with an Application Load Balancer ALB. The application generates reports by running queries on an Amazon RDS for SQL Server database.

The company recently discovered that malicious traffic from around the world is abusing the application by submitting unnecessary requests. The malicious traffic is consuming significant compute resources. The company needs to address the malicious traffic.

Which solution will meet this requirement?

Options:

A.

Use AWS WAF to create a web ACL. Associate the web ACL with the ALB. Update the web ACL to block IP addresses that are associated with malicious traffic.

B.

Use AWS WAF to create a web ACL. Associate the web ACL with the ALB. Use the AWS WAF Bot Control managed rule feature.

C.

Set up AWS Shield to protect the ALB and the database.

D.

Use AWS WAF to create a web ACL. Associate the web ACL with the ALB. Configure the AWS WAF IP reputation rule.

Discussion
Question 155

A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB). The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures.

What should the solutions architect recommend?

Options:

A.

Leverage Amazon CloudFront with the ALB endpoint as the origin.

B.

Deploy an appropriate managed rule for AWS WAF and associate it with the ALB.

C.

Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked.

D.

Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances.

Discussion
Fatima
Hey I passed my exam. The world needs to know about it. I have never seen real exam questions on any other exam preparation resource like I saw on Cramkey Dumps.
Niamh Jun 4, 2026
That's true. Cramkey Dumps are simply the best when it comes to preparing for the certification exam. They have all the key information you need and the questions are very similar to what you'll see on the actual exam.
Billy
It was like deja vu! I was confident going into the exam because I had already seen those questions before.
Vincent Jun 22, 2026
Definitely. And the best part is, I passed! I feel like all that hard work and preparation paid off. Cramkey is the best resource for all students!!!
Cody
I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.
Eric Jun 16, 2026
Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.
Ayra
How these dumps are necessary for passing the certification exam?
Damian Jun 15, 2026
They give you a competitive edge and help you prepare better.
Josephine
I want to ask about their study material and Customer support? Can anybody guide me?
Zayd Jun 24, 2026
Yes, the dumps or study material provided by them are authentic and up to date. They have a dedicated team to assist students and make sure they have a positive experience.
Page: 38 / 68
Title
Questions
Posted

SAA-C03
PDF

$36.75  $104.99

SAA-C03 Testing Engine

$43.75  $124.99

SAA-C03 PDF + Testing Engine

$57.75  $164.99