Pass the Amazon Web Services AWS Solutions Architect Associate SAA-C03 Questions and answers with ValidTests

Create a now route table that excludes the route to the public subnets' CIDR blocks. Associate the route table to the database subnets.

Create a security group that denies ingress from the security group used by instances in the public subnets. Attach the security group to an Amazon RDS DB instance.

Create a security group that allows ingress from the security group used by instances in the private subnets. Attach the security group to an Amazon RDS DB instance.

Create a new peering connection between the public subnets and the private subnets. Create a different peering connection between the private subnets and the database subnets.

Configure an S3 interface endpoint.

Configure an S3 gateway endpoint.

Create an S3 bucket in a private subnet.

Create an S3 bucket in the same Region as the EC2 instance.

Use the CreateQueue API call to create a new queue

Use the Add Permission API call to add appropriate permissions

Use the ReceiveMessage API call to set an appropriate wail time

Use the ChangeMessageVisibility APi call to increase the visibility timeout

Enable Amazon S3 Transfer Acceleration on the destination bucket. Use multipart uploads to directly upload site data to the destination bucket.

Upload site data to an Amazon S3 bucket in the closest AWS Region. Use S3 cross-Region replication to copy objects to the destination bucket.

Schedule AWS Snowball jobs daily to transfer data to the closest AWS Region. Use S3 cross-Region replication to copy objects to the destination bucket.

Upload the data to an Amazon EC2 instance in the closest Region. Store the data in an Amazon Elastic Block Store (Amazon EBS) volume. Once a day take an EBS snapshot and copy it to the centralized Region. Restore the EBS volume in the centralized Region and run an analysis on the data daily.

Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.

Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.

Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.

Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.

Use Amazon Comprehend to detect inappropriate content. Use human review for low-confidence predictions.

Use Amazon Rekognition to detect inappropriate content. Use human review for low-confidence predictions.

Use Amazon SageMaker to detect inappropriate content. Use ground truth to label low-confidence predictions.

Use AWS Fargate to deploy a custom machine learning model to detect inappropriate content. Use ground truth to label low-confidence predictions.

Configure the application to send the data to Amazon Kinesis Data Firehose.

Use Amazon Simple Email Service (Amazon SES) to format the data and to send the report by email.

Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that invokes an AWS Glue job to query the application's API for the data.

Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that invokes an AWS Lambda function to query the application's API for the data.

Store the application data in Amazon S3. Create an Amazon Simple Notification Service (Amazon SNS) topic as an S3 event destination to send the report by

Copy the data so both EBS volumes contain all the documents.

Configure the Application Load Balancer to direct a user to the server with the documents

Copy the data from both EBS volumes to Amazon EFS Modify the application to save new documents to Amazon EFS

Configure the Application Load Balancer to send the request to both servers Return each document from the correct server.

Use AWS Certificate Manager (ACM) to issue an SSL/TLS certificate. Apply the certificate to the ALB. Use the managed renewal feature to automatically rotate the certificate.

Use AWS Certificate Manager (ACM) to issue an SSL/TLS certificate. Import the key material from the certificate. Apply the certificate to the ALB. Use the managed renewal feature to automatically rotate the certificate.

Use AWS Certificate Manager (ACM) Private Certificate Authority to issue an SSL/TLS certificate from the root CA. Apply the certificate to the ALB. Use the managed renewal feature to automatically rotate the certificate.

Use AWS Certificate Manager (ACM) to import an SSL/TLS certificate. Apply the certificate to the ALB. Use Amazon EventBridge (Amazon CloudWatch Events) to send a notification when the certificate is nearing expiration. Rotate the certificate manually.

Store the database credentials in the instance metadata. Use Amazon EventBridge (Amazon CloudWatch Events) rules to run a scheduled AWS Lambda function that updates the RDS credentials and instance metadata at the same time.

Store the database credentials in a configuration file in an encrypted Amazon S3 bucket. Use Amazon EventBridge (Amazon CloudWatch Events) rules to run a scheduled AWS Lambda function that updates the RDS credentials and the credentials in the configuration file at the same time. Use S3 Versioning to ensure the ability to fall back to previous values.

Store the database credentials as a secret in AWS Secrets Manager. Turn on automatic rotation for the secret. Attach the required permission to the EC2 role to grant access to the secret.

Store the database credentials as encrypted parameters in AWS Systems Manager Parameter Store. Turn on automatic rotation for the encrypted parameters. Attach the required permission to the EC2 role to grant access to the encrypted parameters.