Advertisement

Follow Us

Basic & Fundamentals

Advertisement

Recent Posts

Advertisement
Advertisement

Most Read

AWS Certified Solutions Architect Associate (SAA02) – Free Practice Tests

HomeCertificationsAWS Certified Solutions Architect Associate (SAA02) - Free Practice Tests

This AWS practice test helps you to pass the following AWS exams and can also helps you to revise the AWS concepts if you are preparing for AWS interviews.

Advertisement
  • AWS Certified Solutions Architect Associate
  • AWS Certified Cloud Practitioner

Below AWS practice tests has two different Modes

  • Learning Mode: 25 questions per test with answers and explanation, no time limit, repeat tests
  • Exam Mode: 65 questions per test (similar to real AWS exam), 130 minutes, repeat tests

AWS Certified Solutions Architect Associate (SAA) – Learning Mode

/25
10 votes, 4.5 avg
334

1 / 25

You have been placed in charge of your company’s existing AWS cloud environment. Your company is very large and you have a team of 5 engineers. You are managing IAM with one of your team members as a backup. You will assign two team members to manage the RDS databases and will need two team members managing the VPC and the EC2 instances within it. How can you give your team members the ability to administer the EC2 instances? (Choose 2 answers)

2 / 25

You are setting up some EBS volumes for a customer who has requested a setup which includes a RAID (redundant array of inexpensive disks). AWS has some recommendations for RAID setups. Which RAID setup is not recommended for Amazon EBS?

3 / 25

Amazon S3 allows you to set per-file permissions to grant read and/or write access. However, you have decided that you want an entire bucket with 100 files already in it to be accessible to the public. You don’t want to go through 100 files individually and set permissions. What would be the best way to do this?

4 / 25

You have recently configured an AWS VPC for a new client. The VPC consists of several EC2 instances in a public subnet. An IT administrator for one of your clients has called you about an inability to connect to an EC2 instance. He is trying to connect from a Windows laptop using Putty for Windows and the .pem file you provided him along with instructions for using PuTTY and PuTTYgen. What could be the problem?

5 / 25

A user has launched an EC2 instance into a VPC with several private and public subnets. The VPC and EC2 instance have the following configurations in place:

  • A database server is hosted on a Linux EC2 instance located in a private subnet.
  • A hardened bastion host is launched in a separate public subnet. You have enabled SSH-agent forwarding, and the bastion host’s security group has been configured to allows traffic via Port 22.
  • A custom security group has been added and associated with the Linux EC2 instance in the private subnet. The custom security group has not updated from its default settings.

With these configurations in place, the user is not able to access the database instance in the private subnet via the bastion host.

What can be the possible reason for this failure?

6 / 25

Which statements regarding VPC subnets are correct? (Choose 2 answers)

7 / 25

You are the lead architect for an online educational content streaming service. You currently have hundreds of Apple HLS video files formated and packaged using AWS Elemental MediaConvert, and hosted in Amazon S3 buckets. You are streaming content via HTTPS. After an extended loss of availability due to a regional Amazon S3 outage, you need to optimize your CloudFront distributions using origin groups. Which types of origin servers could you configure as your secondary origins, in case another Amazon S3 outage occurs? (Choose 3 answers)

8 / 25

You configured a VPC with web servers hosted on EC2 instances in an EC2 Auto Scaling group in a public subnet. You then create a private subnet and deploy your Amazon RDS database servers in it.

You grant a database administrator access to the RDS database instance, but she is unable to connect to it.

What steps can you take to resolve the issue?

9 / 25

You have been storing massive amounts of data on Amazon Glacier for the past 2 years and now start to wonder if there are any limitations on this. What is the correct answer to your question?

10 / 25

What is the default maximum number of Access Keys per user?

11 / 25

You are setting up your company’s Virtual Private Cloud (VPC). It is time to select the virtual hardware and the software to be provisioned for the instances you will launch within the VPC. You will do this by selecting the Instance Types and Amazon Machine Images (AMI). Which item is not defined by the AMI?

12 / 25

You run a stateless web application with the following components:

  • An Application Load Balancer (ALB)
  • A two-tier application with frontend instances processing user requests, and backend RDS MySQL instances
  • The MySQL RDS database offers a maximum of 3000 IOPS with Provisioned IOPS

You notice that the average response time for users is increasing. Looking at CloudWatch, you observe 85% CPU usage on the web and application servers and 20% CPU usage on the database. The average number of database disk operations varies between 1000 and 1500. How would you improve performance? (Choose 2 answers)

13 / 25

While monitoring your application servers hosted behind an elastic load balancer, you discover that the servers always operate at between 75 and 80% of their capacity after five minutes of operation. Also, there is a constant number of servers being marked as unhealthy very early in their initial lifecycle. Upon further analysis, you also discover that your servers are taking between three and four minutes to become operational after launch. What two tasks should you complete as soon as possible? (Choose 2 answers)

14 / 25

A user is currently building a website that will require a large number of instances in six months, when a demonstration of the new site will be given upon launch.
Which of the choices below allows the user to obtain the resources beforehand, and not worry about infrastructure availability during the demonstration?

15 / 25

Your company allows technical personnel to manage their own S3 buckets. But there have been too many instances of users deleting important project related data. What additional steps can you take to prevent accidental deletion or overwriting of data? (Choose 3 answers)

16 / 25

A national auto parts chain contracted your firm to design and implement their AWS environment. It is a very large-scale system that handles order processing, accounting, stocking, and logistics. This system spans multiple availability zones and requires a multi-AZ environment for high availability. The system has been implemented and you need to test the database failover mechanism. It is imperative that the failover occurs within the specified RTO. How can you consistently test database failover?

17 / 25

You are pulled in on a redesign of a client’s AWS VPC. The client was an early adopter of AWS but wants to improve their overall security in the VPC. The budget allocated for this redesign is very limited and you need to optimize your time. You’ve created new security groups for the VPC. What’s the most expedient way to associate these new security groups with the instances in the VPC?

18 / 25

Your developers have created a sales application that works in tandem with the no SQL database. To ensure the fastest response for the application in production, the developers wish to remove the need to wait for acknowledgments from the database to the application after data have been sent. The acknowledgments can be stored and accessed asynchronously.  Which managed application would be the best choice for their design?

19 / 25

You are in the process of planning your backup strategy between an on-premises data center and AWS cloud. You are considering Storage Gateway technology for backup and restore in your hybrid environment. What are the primary factors that affect Backup and Recovery times when using Storage Gateways? (Choose 2 answers)

20 / 25

Which statement regarding Elastic Load Balancing is incorrect?

21 / 25

You are an engineer at a large bank, responsible for managing your firm’s AWS infrastructure. Your finance team has approached you, indicating their concern over the growing EC2 budget. They have asked you to identify strategies to reduce the EC2 spend by at least 25% before the next monthly billing cycle. How choices below could assist in accomplishing this? (Choose 3 answers)

22 / 25

A client has contracted you to design and implement their Amazon Virtual Private Cloud (VPC). The design called for several web servers in an auto scaling group behind an Application Load Balancer (ALB) in a public subnet. The database tier is in a private subnet. The client has sensitive data and would like to have it encrypted. You’ve decided to configure a public key on the ALB to handle SSL encryption but the public key authentication is failing. What is a possible cause?

23 / 25

You are migrating on-premise legal files to the AWS Cloud in Amazon S3 buckets. The corporate audit team will review all legal files within the next year, but until that review is completed, you need to ensure that the legal files are neither updated or deleted in the next 18 months. What steps will ensure the files can be uploaded efficiently but have the required protection for the specific time period of 18 months? (Choose 2 answers)

24 / 25

You are an engineer at a large bank, responsible for managing your firm’s AWS infrastructure. The finance team has approached you, indicating their concern over the growing AWS budget, and has asked you to investigate ways to lower it. Since your firm has enterprise-level support, you decide to use the AWS Trusted Advisor tool for this effort. What are some of the cost optimization checks that Trusted Advisor will perform? (Choose 3 answers)

25 / 25

You have a lot of data stored in the AWS Storage Gateway and your manager has come to you asking about how the billing is calculated, specifically the Virtual Tape Shelf usage. What would be a correct response to this?

Your score is

The average score is 54%

Please rate your experience to help us improve !

Ready to take AWS Certified Solutions Architect Associate (SAA) – Exam mode ?

AWS Certified Solutions Architect Associate (SAA) – Exam Mode

/65
5 votes, 4.8 avg
149

Click Start button to start exam !

Time Out !


1 / 65

Your team is setting up DynamoDB for a client. You need to explain to them how DynamoDB tables are partitioned. Which calculations are used to determine the number of partitions that will be created? (Choose 2 answers)

2 / 65

You are preparing a proposal for a prospective new client. They would like their cloud application environment to be highly scalable. Your proposal includes the benefits of scalability on AWS. Which statements regarding scaling are correct? (Choose 2 answers)

3 / 65

You have been placed in charge of your company’s existing AWS cloud environment. Your company is very large and you have a team of 5 engineers. You are managing IAM with one of your team members as a backup. You will assign two team members to manage the RDS databases and will need two team members managing the VPC and the EC2 instances within it. How can you give your team members the ability to administer the EC2 instances? (Choose 2 answers)

4 / 65

You are looking for a simple way to configure high availability for your EC2 instances. You need to create a plan for replacing unhealthy or failed instances. It is acceptable to have a short amount of downtime to keep costs down. Which process is appropriate for achieving this?

5 / 65

Which of the four storage options on Amazon S3 and Amazon Glacier charges per GB retrieval fees? (Choose 2 answers)

6 / 65

A user has launched an EC2 instance into a VPC with several private and public subnets. The VPC and EC2 instance have the following configurations in place:

  • A database server is hosted on a Linux EC2 instance located in a private subnet.
  • A hardened bastion host is launched in a separate public subnet. You have enabled SSH-agent forwarding, and the bastion host’s security group has been configured to allows traffic via Port 22.
  • A custom security group has been added and associated with the Linux EC2 instance in the private subnet. The custom security group has not updated from its default settings.

With these configurations in place, the user is not able to access the database instance in the private subnet via the bastion host.

What can be the possible reason for this failure?

7 / 65

You have been assigned as a technical lead to a client that has their own development team. The team is relatively new to developing in the cloud. In a design meeting the developers begin discussing developing a messaging queue for data that does not need processed immediately. You begin telling them about the merits of Amazon SQS. What are the benefits of SQS over an in-house developed messaging queue? (Choose 3 answers)

8 / 65

A gaming company comes to you and asks you to build infrastructure for their site. They are not sure how big they will be because, as with all startups, they have limited money and big ideas. What they do tell you is that if the game becomes successful, like one of their previous games, it may rapidly grow to millions of users and generate tens (or even hundreds) of thousands of writes and reads per second.  After considering all of this, you decide that they need a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability and persistent storage. Which of the following databases do you think would best fit their needs?

9 / 65

You notice that your administrator has not created a security group. He created 3 EC2 instances and they were launched into the default security group. No changes were made to the default security group.  What characteristics will the default security group provide? (Choose 3 answers)

10 / 65

Which one of the below is not an AWS Storage Service?

11 / 65

A user wants to use an EBS-backed Amazon EC2 instance for a temporary job. Based on the input data, the job is most likely to finish within a week. Which one of the following is the best way to terminate the instance automatically once the job is finished?

12 / 65

You are managing a VPC environment that is spread across two Availability Zones, and contains EC2 instances in an auto scaling group. CloudWatch monitoring shows the following data on EC2 utilization.

  • Only two servers are needed during low-utilization off hours.
  • During normal business hours, four additional servers are needed.
  • During a five-day end of the year processing period, you may need for an additional 10 servers.

Which choices will best meet the needs of these three scenarios while providing high availability and cost control? (Choose 2 answers)

13 / 65

After setting up an EC2 security group with a cluster of 20 EC2 instances, you find an error in the security group settings. You quickly make changes to the security group settings. When will the changes to the settings be effective?

14 / 65

You need to measure the performance of your EBS volumes as they seem to be under performing. You have come up with a measurement of 1,024 KB I/O but your colleague tells you that EBS volume performance is measured in IOPS. How many IOPS is equal to 1,024 KB I/O?

15 / 65

Your web-based application has been launched publicly. Your design has implemented auto scaling and classic load balancing and your design is responding to the changes in demand as expected. Over the next few months, during the holiday season, demand is expected to be quite robust. You estimate that 100 EC2 instances will be required to meet your customers’ demand. How should you plan properly for growth? (Choose 2 answers)

16 / 65

Which IAM role do you use to grant AWS Lambda permission to access a DynamoDB Stream?

17 / 65

You have taken on a client that has been configured for AWS cloud and is fully operational. Your investigation of the environment reveals that your predecessor was a highly skilled AWS Architect. You view one instance that handles Internet traffic but also handles back end database traffic in a private subnet. This one instance is configured as a full management network attached to both a public subnet and a private subnet. What AWS device will enable such a configuration for a single instance?

18 / 65

Which choice below accurately describes the ‘warm standby’ disaster recovery method?

19 / 65

A user is making a scalable web application with compartmentalization. The user wants the log module to be accessible by all the application functionalities in an asynchronous way. Each module of the application sends data to the log module, and based on the resource availability it will process the logs. Which AWS service helps achieving this functionality?

20 / 65

You are designing a VPC for a small legal firm. The firm only has 6 users who will need instances, and the firm does not expect any growth. When creating the VPC, you will need to specify an IPv4 address range by choosing a CIDR block. What is the smallest size CIDR block that could be used for this network?

21 / 65

Your team is developing an application using Elastic Beanstalk and discussing the most appropriate environment for deployment. What two types of environments can be created when using Elastic Beanstalk? (Choose 2 answers)

22 / 65

You need to provide a small group of users in one AWS account access to another AWS account. How would you enable this access to a second AWS account?

23 / 65

You are designing an Amazon RDS database solution for a new medical supply company. This is a brand new company and they do not have an existing on-premises database. They would like to use Oracle for their new database. With a brand new database, which licensing model will you use for Oracle?

24 / 65

You’ve been assigned to a client that has an auto scaling group behind an Application Load Balancer. The autoscaling group is handling traffic spikes well, but the client is concerned about cost. After reviewing statistics, you find that a large number of instances are being launched for just a short time period (15 – 30 minutes) and you know that Amazon charges per second for the time these instances are running.

You’re concerned that when these bursts occur, instances that scale out in a larger number than required and actually outlive the short bursts of increased workload.

What steps can you take to maintain performance but reduce costs? (Choose 2 answers)

25 / 65

Your new client is a federal agency utilizing a hybrid cloud environment. The agency distributes large amounts of sensitive data throughout the world. Your task is to ensure that the data is secure using various encryption techniques as well as security groups and access control lists.

One of the requirements is to distribute content utilizing CloudFront for optimal performance but to completely restrict access from within certain blacklisted countries. What service can you use with CloudFront to fulfill this requirement?

26 / 65

In which of the following scenarios will data be deleted from an EC2 instance store? (Choose 2 answers)

27 / 65

Your account has 3 VPCs deployed in the same region.

The IPv4 address ranges of the VPCs are:

VPC A 172.22.0.0/16

VPC B 10.3.0.0/16

VPC C 10.4.0.0/16

VPC B and VPC C are already connected through VPC peering connection (PCX) named pcx-abcxyz. VPC A has resources that VPC B and VPC C must access. Which of the options below best achieves the objective of allowing VPC B and VPC C to access VPC A?

28 / 65

Do you need to shutdown your EC2 instance when you create a snapshot of EBS volumes that serve as root devices?

29 / 65

You are deploying a two-tiered web application with web servers in a public subnet of your VPC and your database isolated in a private subnet. Your requirements call for the web tier to be highly available. Which services listed will be needed to make the web-tier highly available? (Choose 3 answers)

30 / 65

A user is uploading a backup of data to S3 Glacier for the purpose of disaster recovery (DR). The data stored in S3 Glacier is part of a larger data recovery plan that involves other AWS services. There is a relatively small set of data (100 MB) that needs to be restored immediately when a DR plan is executed, and the organization is planning RTO of 1 hour.  Assuming the data size meets the requirements for any of the given retrieval options below, which S3 Glacier data retrieval option would you plan in a DR situation?

31 / 65

You are designing a cloud implementation for a client. They have requested a database that will serve data to a website as well as perform some complex reporting in a Data Warehouse. They are also looking for a durable location to store session state. Which design choices would meet the client’s requirements? (Choose 3 answers)

32 / 65

Having set up a website to automatically be redirected to a backup website if it fails, you realize that there are different types of failovers that are possible. You need all your resources to be available the majority of the time. Using Amazon Route 53 which configuration would best suit this requirement?

33 / 65

A client of yours has a huge amount of data stored on Amazon S3, but is concerned about someone stealing it while it is in transit. You know that all data is encrypted in transit on AWS, but which of the following is wrong when describing server-side encryption on AWS?

34 / 65

Which use cases would be best served by an S3 bucket ACL? (Choose 2 answers)

35 / 65

When you force a failover of your DB instance in RDS, which of the following things does RDS do? (Choose 2 answers)

36 / 65

You’ve been assigned to assist a client in the creation of their AWS Virtual Private Cloud (VPC). You are shadowing their IT admin to allow the admin to create the VPC, learn, and benefit from your guidance. Which VPC components come automatically upon creation of a default VPC? (Choose 3 answers)

37 / 65

In which circumstance would a bucket owner pay for the data transfers instead of the Requester Pays bucket?

38 / 65

A national auto parts chain contracted your firm to design and implement their AWS environment. It is a very large-scale system that handles order processing, accounting, stocking, and logistics. This system spans multiple availability zones and requires a multi-AZ environment for high availability. The system has been implemented and you need to test the database failover mechanism. It is imperative that the failover occurs within the specified RTO. How can you consistently test database failover?

39 / 65

You are developing a new application in which you need to transfer files over long distances between client-side storage and an S3 bucket. You decide to try sending data to the S3 bucket using S3 Transfer Acceleration. What must you do to achieve this? (Choose 2 answers)

40 / 65

Select a true statement about Amazon EC2 Security Groups (EC2-Classic).

41 / 65

An EC2 instance has one additional EBS volume attached to it. How can a user attach the same volume to another running instance in the same availability zone?

42 / 65

A client contacts you to troubleshoot an issue with their company’s VPC. An initial review of an architectural diagram appears to call for an Internet-facing load balancer, and two auto scaling groups within a VPC. After logging in, you recognize that health checks are not reaching the EC2 instances launched in the VPC because the front-end connection (client to load balancer) has timed out.

What series of AWS recommended troubleshooting steps would likely resolve this issue? (Choose 3 answers)

43 / 65

What is the Total Cost of Ownership (TCO) calculator?

44 / 65

A root account owner has created an S3 bucket named ‘testmycloud’. The account owner wants to allow separate AWS accounts to upload objects, and require the separate accounts to manage permissions for their uploaded objects.

Which choice is the easiest way to achieve this?

45 / 65

You have been asked to perform some penetration testing on your company’s AWS infrastructure. However, you are not sure who is responsible for this. Which statement describing the AWS policy regarding penetration testing is correct?

46 / 65

Your company decided to create AWS Account and start moving some workloads to the cloud. The security team would like to utilize the existing identity and access management system which is based on Active Directory to manage access to the new AWS Account. For that reason you decided to use SAML federation to allow users in local identity and access management system access to AWS Services.

Which of the following are primary components in SAML Federation configuration for the new AWS account? (Choose 2 answers)

47 / 65

In Amazon EC2, if your EBS volume stays in the detaching state, you can force the detachment by clicking

48 / 65

Amazon S3 allows you to set per-file permissions to grant read and/or write access. However, you have decided that you want an entire bucket with 100 files already in it to be accessible to the public. You don’t want to go through 100 files individually and set permissions. What would be the best way to do this?

49 / 65

You have been assigned to work with a manufacturing company that wants to migrate to a Virtual Private Cloud. Their technical lead is very proactive and and would like to use EC2 Spot instances wherever possible for cost efficiency. He also wants to use Instance Stored volumes where possible. You need to educate the technical lead about EBS backed volumes versus Instance Stored volumes. What are some of the advantages of EBS volumes? (Choose 3 answers)

50 / 65

Your company uses multiple Amazon VPCs and is setting up a new office. The company is deciding on the best way to connect this new, remote office network with the company’s Amazon VPC environment.  Due to the fact it is a new office, no VPN equipment or internet connections exist yet, so this office can design any network connection type it desires. The highest priorities are: A predictable network performance A private connection avoiding the public internet Reduced bandwidth costs Minimal administration required to maintain the high availability of network endpoints Which VPC connection option best fits your requirements to connect your new office to one of your VPCs?

51 / 65

Which type of IAM role is pre-defined, and can only be edited in a limited number of cases?

52 / 65

You’ve been assigned to assist a client in the creation of their AWS Virtual Private Cloud (VPC). You are shadowing their IT admin to allow the admin to create the VPC, learn, and benefit from your guidance. Which VPC components are optional and should be created at the discretion of the customer? (Choose 3 answers)

53 / 65

Making use of a(n) ____ when creating instances in Amazon EC2 is your best solution for providing the lowest latency network communication between multiple instances in EC2.

54 / 65

You want to configure DNS failover in Route 53 so that all of your resources are available for the majority of the time. Which of the following failover configurations would be most suited for this?

55 / 65

An organization has set up an application on AWS. The organization wants to achieve scalability and high availability for the application, which should scale up and down to address workload changes on the application.

Which configuration step is not required in this scenario?

56 / 65

A user has created an application which will be hosted on EC2. The application makes calls to DynamoDB to fetch certain data. The application is using the DynamoDB SDK to connect with from the EC2 instance. Which of the below mentioned statements is true with respect to the best practice for security in this scenario?

57 / 65

Your company uses multiple Amazon VPCs and is setting up a new office. The company is deciding on the best way to connect this new, remote office network with the company’s Amazon VPC environment.

Due to the fact it is a new office, no VPN equipment or internet connections exist yet, so this office can design any connection design it desires. The highest priorities are:

  • A predictable network performance
  • A private connection avoiding the public internet
  • Reduced bandwidth costs
  • Minimal administration required to maintain the high availability of network endpoints

Which VPC connection option best fit your requirements to connect your new office to one of your VPCs?

58 / 65

You have been assigned to a client with an existing AWS cloud environment. They have a VPC with multiple web servers in a public subnet and database servers in a private subnet. They purchased reserved Linux instances up-front but are finding they underestimated their workload and would like to scale now. What can you do with these instances to scale them without violating the term agreement of these instances?

59 / 65

A user has launched a large EBS-backed instance with AWS. The only other storage associated with it is ephemeral storage on instance store. What will happen if the user stops the instance?

60 / 65

Which of the following accurately describes Elastic Load Balancing? (Choose 3 answers)

61 / 65

You are designing monitoring and operation management for your environment on AWS and in the process of deciding which metrics to start with for your monitoring. Which of the following metrics should be included in your initial monitoring plan at a minimum? (Choose 3 answers)

62 / 65

Your organization is thinking of running parts of their workload on AWS while keeping the critical and sensitive servers on-premises with continuous connectivity between instances in AWS and corporate data center. In such a hybrid cloud environment what are the minimum requirements to maintain resilient continuous connectivity between AWS and corporate data center?

63 / 65

You are an AWS Solutions Architect helping a client plan a migration to the AWS cloud. The client is very cost-conscious and needs to understand the budget implications of any design decisions prior to signing off. Now that you’ve identified the resources that must be created in the AWS environment to support the migration, what tool could you use to help project future costs given this information?

64 / 65

You are in a company meeting serving as Lead Architect. Your company wants to expand into the cloud by creating an area for low latency and high throughput of up to 10 Gbps. You recommend using a cluster placement group. What features in your design should be in place to take full advantage of a cluster placement group? (Choose 2 answers)

65 / 65

A user wants to use an EBS-backed Amazon EC2 instance for a temporary job. Based on the input data, the job is most likely to finish within a week. Which one of the following is the best way to terminate the instance automatically once the job is finished?

Your score is

The average score is 44%

0%

Please rate your experience to help us improve !

Need more practice ? take the AWS Certified Solutions Architect Associate (SAA) – Learning mode 

Sponsored Links

You might also like to read

MyCloudWiki
MyCloudWikihttps://mycloudwiki.com/
Admin of MyCloudWiki.com, creates & publishes important and useful articles about Cloud Computing Technology

LEAVE A REPLY

Please enter your comment!
Please enter your name here

AWS Certified Solutions Architect Professional – Free Practice Tests

This AWS practice test helps you to pass the following AWS exams and can also helps you to revise the AWS concepts if you...