Amazon Web Services pass4test saa-c03 Premium Exam Questions by Teddie q120 vce pdf

Page: 10 / 41

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	557 Q&A's	Shared By:	teddie

Question 40

A company collects data from sensors. The company needs a cloud-based solution to store and transform the sensor data to make critical decisions. The solution must store the data for up to 2 days. After 2 days, the solution must delete the data. The company needs to use the transformeddata in an automated workflow that has manual approval steps.

Which solution will meet these requirements?

Options:

Load the data into an Amazon Simple Queue Service (Amazon SQS) queue that has a retention period of 2 days. Use an Amazon EventBridge pipe to retrieve data from the queue, transform the data, and pass the data to an AWS Step Functions workflow.

Load the data into AWS DataSync. Delete the DataSync task after 2 days. Invoke an AWS Lambda function to retrieve the data, transform the data, and invoke a second Lambda function that performs the remaining workflow steps.

Load the data into an Amazon Simple Notification Service (Amazon SNS) topic. Use an Amazon EventBridge pipe to retrieve the data from the topic, transform the data, and send the data to Amazon EC2 instances to perform the remaining workflow steps.

Load the data into an Amazon Simple Notification Service (Amazon SNS) topic. Use an Amazon EventBridge pipe to retrieve the data from the topic and transform the data into an appropriate format for an Amazon SQS queue. Use an AWS Lambda function to poll the queue to perform the remaining workflow steps.

Discussion

Kingsley

Do anyone guide my how these dumps would be helpful for new students like me?

Haris Oct 24, 2025

Absolutely! They are highly recommended for anyone looking to pass their certification exam. The dumps are easy to understand and follow, making it easier for you to study and retain the information.

Ayra

How these dumps are necessary for passing the certification exam?

Damian Oct 6, 2025

They give you a competitive edge and help you prepare better.

Syeda

I passed, Thank you Cramkey for your precious Dumps.

Stella Oct 15, 2025

That's great. I think I'll give Cramkey Dumps a try.

Conor

I recently used these dumps for my exam and I must say, I was impressed with their authentic material.

Yunus Oct 23, 2025

Exactly…….The information in the dumps is so authentic and up-to-date. Plus, the questions are very similar to what you'll see on the actual exam. I felt confident going into the exam because I had studied using Cramkey Dumps.

Atlas

What are these Dumps? Would anybody please explain it to me.

Reign Oct 18, 2025

These are exam dumps for a variety of IT certifications. They have a vast collection of updated questions and answers, which are very helpful in preparing for the exams.

Question 41

A company is using AWS DataSync to migrate millions of files from an on-premises system to AWS. The files are 10 KB in size on average.

The company wants to use Amazon S3 for file storage. For the first year after the migration the files will be accessed once or twice and must be immediately available. After 1 year the files must be archived for at least 7 years.

Which solution will meet these requirements MOST cost-effectively?

Options:

Use an archive tool lo group the files into large objects. Use DataSync to migrate the objects. Store the objects in S3 Glacier Instant Retrieval for the first year. Use a lifecycle configuration to transition the files to S3 Glacier Deep Archive after 1 year with a retention period of 7 years.

Use an archive tool to group the files into large objects. Use DataSync to copy the objects to S3 Standard-Infrequent Access (S3 Standard-IA). Use a lifecycle configuration to transition the files to S3 Glacier Instant Retrieval after 1 year with a retention period of 7 years.

Configure the destination storage class for the files as S3 Glacier Instant. Retrieval Use a lifecycle policy to transition the files to S3 Glacier Flexible Retrieval after 1 year with a retention period of 7 years.

Configure a DataSync task to transfer the files to S3 Standard-Infrequent Access (S3 Standard-IA) Use a lifecycle configuration to transition the files to S3. Deep Archive after 1 year with a retention period of 7 years.

Discussion

Question 42

A company needs to create a compliance management solution. The company wants to use a combination of AWS services to achieve the fine-grained visibility that the solution requires. The compliance management solution must provide a centralized method for company employees to review security findings and out-of-compliance findings.

Which solution will meet these requirements with the LEAST ongoing maintenance?

Options:

Configure AWS Security Hub to centralize findings. Use conformance packs in Amazon Inspector to check for compliance framework misalignment.

Use AWS Marketplace to purchase a security tool. Install the tool on an Amazon EC2 instance. Assign an EC2 Instance Profile for the tool to gather data from AWS resources.

Configure AWS Security Hub to centralize findings. Use conformance packs in AWS Config to check for compliance framework misalignment.

Configure AWS Systems Manager to provide a centralized dashboard. Use conformance packs in AWS Config to check for compliance framework misalignment.

Discussion

Question 43

A solutions architect is designing a three-tier web application. The architecture consists of an internet-facing Application Load Balancer (ALB) and a web tier that is hosted on Amazon EC2 instances in private subnets. The application tier with the business logic runs on EC2 instances in private subnets. The database tier consists of Microsoft SQL Server that runs on EC2 instances in private subnets. Security is a high priority for the company. Which combination of security group configurations should the solutions architect use? (Select THREE.)

Options:

Configure the security group for the web tier to allow inbound HTTPS traffic from the security group for the ALB.

Configure the security group for the web tier to allow outbound HTTPS traffic to 0.0.0.0/0.

Configure the security group for the database tier to allow inbound Microsoft SQL Server traffic from the security group for the application tier.

Configure the security group for the database tier to allow outbound HTTPS traffic and Microsoft SQL Server traffic to the security group for the web tier.

Configure the security group for the application tier to allow inbound HTTPS traffic from the security group for the web tier.

Configure the security group for the application tier to allow outbound HTTPS traffic and Microsoft SQL Server traffic to the security group for the web tier.

Discussion

Answer:

A, C, E

Explanation:

According to AWS best practices, each tier’s security group must restrict inbound traffic to only the upstream trusted source. For the web tier, the Application Load Balancer must be the only entity allowed to send traffic. AWS documentation specifies: “Restrict the security groups associated with your targets to accept traffic only from the load balancer.” This confirms that the web tier security group should allow inbound HTTPS from the ALB security group (A).

For communication between the web and application tiers, AWS states: “You can specify a security group as the source or destination in a rule” and “Create rules only for the protocols and ports required by your application.” Therefore, the application tier security group must allow inbound HTTPS traffic from the web tier security group (E).

For the database tier, AWS guidance says: “Allow only the necessary ports for database communication.” Microsoft SQL Server listens on port 1433 by default, so the database tier security group must allow inbound SQL Server traffic from the application tier security group (C).

Outbound rules (options B, D, and F) are unnecessary because AWS specifies that “Security groups are stateful. Return traffic is automatically allowed.” This means once inbound rules are defined, the return path is automatically permitted without extra outbound configurations.

This combination (A, C, E) applies the principle of least privilege, ensures end-to-end secure communication across tiers, and follows AWS recommendations for ALB-to-target security group setups.

[References:• Elastic Load Balancing User Guide — Application Load Balancers: Security groups for your load balancer, Target security groups• Amazon VPC User Guide: Security groups for your VPC, Security group rules• AWS Well-Architected Framework — Security Pillar: Apply the principle of least privilege, , , ]

Page: 10 / 41

Title

Questions

Posted

amazon web services.dumpspedia.pearson saa-c03 new attempt.by ryder.q40.vce.pdf

2025-09-11

amazon web services.certification-questions.online saa-c03 questions video.by philip.q241.vce.pdf

241

2025-09-16

amazon web services.udemy.selected saa-c03 aws certified associate questions answers.by alaia.q120.vce.pdf

120

2025-09-25