Amazon Web Services prepway aws Certified Associate Saa-c03 Release Date by Israel q160 vce pdf

Page: 15 / 65

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	879 Q&A's	Shared By:	israel

Question 60

A company is planning to migrate multiple workloads to Amazon EC2 instances and needs to determine an appropriate AWS account structure. The workloads must be isolated from one another and belong to separate business units. The company needs to be able to perform chargeback to the business units by using a consolidated monthly view.

Which solution will meet these requirements with the LEAST administrative overhead?

Options:

Create a separate standalone AWS account for each business unit. Create a script to call AWS Cost Explorer APIs from each account to perform chargeback.

Create a single organization in AWS Organizations. Create a member account for each business unit. Use the bill from the organization management account to perform chargeback.

Create a single AWS account for all the business units. Assign tags to the EC2 instances that correspond with the business units. Activate the tags for cost allocation to perform chargeback by using AWS Cost Explorer.

Create a separate organization in AWS Organizations for each business unit. Use the bill in each organization management account to perform chargeback.

Discussion

Question 61

Question:

A company wants to deploy an internal web application on AWS. The web application must be accessible only from the company ' s office. The company needs to download security patches for the web application from the internet. The company has created a VPC and has configured an AWS Site-to-Site VPN connection to the company ' s office. A solutions architect must design a secure architecture for the web application. Which solution will meet these requirements?

Options:

Options:

Deploy the web application on Amazon EC2 instances in public subnets behind a public Application Load Balancer (ALB). Attach an internet gateway to the VPC. Set the inbound source of the ALB ' s security group to 0.0.0.0/0.

Deploy the web application on Amazon EC2 instances in private subnets behind an internal Application Load Balancer (ALB). Deploy NAT gateways in public subnets. Attach an internet gateway to the VPC. Set the inbound source of the ALB ' s security group to the company ' s office network CIDR block.

Deploy the web application on Amazon EC2 instances in public subnets behind an internal Application Load Balancer (ALB). Deploy NAT gateways in private subnets. Attach an internet gateway to the VPC. Set the outbound destination of the ALB ' s security group to the company ' s office network CIDR block.

Deploy the web application on Amazon EC2 instances in private subnets behind a public Application Load Balancer (ALB). Attach an internet gateway to the VPC. Set the outbound destination of the ALB ' s security group to 0.0.0.0/0.

Discussion

Question 62

An ecommerce company runs a multi-tier application on AWS. The frontend and backend tiers run on Amazon EC2 instances. The database tier runs on an Amazon RDS for MySQL DB instance.

The application makes frequent calls to return identical datasets from the database. These frequent calls cause performance slowdowns. A solutions architect must improve the performance of the application backend.

Which solution will meet this requirement?

Options:

Configure an Amazon Simple Notification Service (Amazon SNS) topic between the EC2 instances and the RDS DB instance.

Configure an Amazon ElastiCache (Redis OSS) cache. Configure the backend EC2 instances to read from the cache.

Configure an Amazon DynamoDB Accelerator (DAX) cluster. Configure the backend EC2 instances to read from the cluster.

Configure Amazon Data Firehose to stream the calls to the database.

Discussion

Nylah

I've been looking for good study material for my upcoming certification exam. Need help.

Dolly May 28, 2026

Then you should definitely give Cramkey Dumps a try. They have a huge database of questions and answers, making it easy to study and prepare for the exam. And the best part is, you can be sure the information is accurate and relevant.

Elise

I've heard that Cramkey is one of the best websites for exam dumps. They have a high passing rate and the questions are always up-to-date. Is it true?

Cian May 4, 2026

Definitely. The dumps are constantly updated to reflect the latest changes in the certification exams. And I also appreciate how they provide explanations for the answers, so I could understand the reasoning behind each question.

Vienna

I highly recommend them. They are offering exact questions that we need to prepare our exam.

Jensen May 26, 2026

That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Freddy

I passed my exam with flying colors and I'm confident who will try it surely ace the exam.

Aleksander May 15, 2026

Thanks for the recommendation! I'll check it out.

Question 63

A company uses an organization in AWS Organizations to manage multiple AWS accounts. The company is migrating users from IAM to AWS IAM Identity Center.

The company wants to ensure that no new IAM users can be created in any of the member accounts. The company wants to allow only existing IAM users to have access to the accounts.

Which solution will meet these requirements?

Options:

Create a service control policy SCP that denies the iam:CreateUser action. Apply the SCP to all the member accounts in the organization.

Create an IAM policy that denies all IAM write operations. Attach the policy to all the users.

Create an IAM group in each account. Attach a policy that denies the iam:CreateAccessKey action to the IAM group. Add the existing IAM users to the IAM group.

Create a permissions boundary that denies the iam:CreateAccessKey action. Attach the permissions boundary to all IAM users and IAM groups in the organization.