Amazon AWS Solution Architect Associate Exam SAA-C02

AWS Certified Solutions Architect – Associate
Learn more about this certification and AWS resources that can help you prepare

This credential helps organizations identify and develop talent with critical skills for implementing cloud initiatives. Earning AWS Certified Solutions Architect – Associate validates the ability to design and implement distributed systems on AWS.

Who should take this exam?
AWS Certified Solutions Architect – Associate is intended for anyone with one or more years of hands-on experience designing available, cost-efficient, fault-tolerant, and scalable distributed systems on AWS. Before you take this exam, we recommend you have:

One year of hands-on experience with AWS technology, including using compute, networking, storage, and database AWS services as well as AWS deployment and management services
Experience deploying, managing, and operating workloads on AWS as well as implementing security controls and compliance requirements
Familiarity with using both the AWS Management Console and the AWS Command Line Interface (CLI)
Understanding of the AWS Well-Architected Framework, AWS networking, security services, and the AWS global infrastructure
Ability to identify which AWS services meet a given technical requirement and to define technical requirements for an AWS-based application

What does it take to earn this certification?
To earn this certification, you’ll need to take and pass the AWS Certified Solutions Architect – Associate exam (SAA-C02). The exam features a combination of two question formats: multiple choice and multiple response. Additional information, such as the exam content outline and passing score, is in the exam guide.

Review sample questions that demonstrate the format of the questions used on this exam and include rationales for the correct answers.

Introduction
The AWS Certified Solutions Architect – Associate (SAA-C02) exam is intended for individuals who perform in a solutions architect role. The exam validates a candidate’s ability to design secure and robust solutions by using AWS technologies.
The exam also validates a candidate’s ability to complete the following tasks:
 Design a solution by using appropriate AWS services and by following architectural principles based on requirements
 Provide implementation guidance based on best practices to the organization throughout the workload lifecycle

Target candidate description
The target candidate should have at least 1 year of hands-on experience designing secure, high-performing, cost-effective, highly available, and scalable systems by using AWS services.

Recommended AWS knowledge

The target candidate should have the following knowledge:
 Hands-on experience using compute, networking, storage, management, and database AWS services
 The ability to identify and define technical requirements for a solution that involves AWS technology
 The ability to identify which AWS services meet a given technical requirement
 An understanding of best practices for building well-architected solutions on AWS
 An understanding of the AWS global infrastructure
 An understanding of AWS security services and features in relation to traditional services

What is considered out of scope for the target candidate?
The following is a non-exhaustive list of related job tasks that the target candidate is not expected to be able to perform. These items are out of scope for the exam:
 Design a complex, hybrid network architecture
 Design identity federation within multiple accounts
 Design an architecture that meets compliance requirements
 Incorporate specialized services in a design
 Develop deployment strategies
 Create a migration strategy for complex multi-tier applications

For a detailed list of specific tools and technologies that might be covered on the exam, as well as a list of in-scope AWS services, refer to the Appendix.

Exam content Response types
There are two types of questions on the exam:
 Multiple choice: Has one correct response and three incorrect responses (distractors)
 Multiple response: Has two or more correct responses out of five or more response options

Select one or more responses that best complete the statement or answer the question. Distractors, or incorrect answers, are response options that a candidate with incomplete knowledge or skill might choose. Distractors are generally plausible responses that match the content area.

Unanswered questions are scored as incorrect; there is no penalty for guessing. The exam includes 50 questions that will affect your score.

Unscored content
The exam includes 15 unscored questions that do not affect your score. AWS collects information about candidate performance on these unscored questions to evaluate these questions for future use as scored questions. These unscored questions are not identified on the exam.

Exam results
The AWS Certified Solutions Architect – Associate exam is a pass or fail exam. The exam is scored against a minimum standard established by AWS professionals who follow certification industry best practices and guidelines.
Your results for the exam are reported as a scaled score of 100–1,000. The minimum passing score is 720. Your score shows how you performed on the exam as a whole and whether or not you passed. Scaled scoring models help equate scores across multiple exam forms that might have slightly different difficulty levels.

Your score report could contain a table of classifications of your performance at each section level. This information provides general feedback about your exam performance. The exam uses a compensatory scoring model, which means that you do not need to achieve a passing score in each section. You need to pass only the overall exam.

Each section of the exam has a specific weighting, so some sections have more questions than other sections have. The table contains general information that highlights your strengths and weaknesses. Use caution when interpreting section-level feedback.

Content outline

This exam guide includes weightings, test domains, and objectives for the exam. It is not a comprehensive listing of the content on the exam. However, additional context for each of the objectives is available to help guide your preparation for the exam. The following table lists the main content domains and their weightings. The table precedes the complete exam content outline, which includes the additional context. The percentage in each domain represents only scored content.

Domain % of Exam
Domain 1: Design Resilient Architectures 30%
Domain 2: Design High-Performing Architectures 28%
Domain 3: Design Secure Applications and Architectures 24%
Domain 4: Design Cost-Optimized Architectures 18%
TOTAL 100%

Domain 1: Design Resilient Architectures
1.1 Design a multi-tier architecture solution
 Determine a solution design based on access patterns.
 Determine a scaling strategy for components used in a design.
 Select an appropriate database based on requirements.
 Select an appropriate compute and storage service based on requirements.

1.2 Design highly available and/or fault-tolerant architectures
 Determine the amount of resources needed to provide a fault-tolerant architecture across Availability Zones.
 Select a highly available configuration to mitigate single points of failure.
 Apply AWS services to improve the reliability of legacy applications when application changes are not possible.
 Select an appropriate disaster recovery strategy to meet business requirements.
 Identify key performance indicators to ensure the high availability of the solution.

1.3 Design decoupling mechanisms using AWS services
 Determine which AWS services can be leveraged to achieve loose coupling of components.
 Determine when to leverage serverless technologies to enable decoupling.

1.4 Choose appropriate resilient storage
 Define a strategy to ensure the durability of data.
 Identify how data service consistency will affect the operation of the application.
 Select data services that will meet the access requirements of the application.
 Identify storage services that can be used with hybrid or non-cloud-native applications.

Domain 2: Design High-Performing Architectures
2.1 Identify elastic and scalable compute solutions for a workload

 Select the appropriate instance(s) based on compute, storage, and networking requirements.
 Choose the appropriate architecture and services that scale to meet performance requirements.
 Identify metrics to monitor the performance of the solution.

2.2 Select high-performing and scalable storage solutions for a workload
 Select a storage service and configuration that meets performance demands.
 Determine storage services that can scale to accommodate future needs.

2.3 Select high-performing networking solutions for a workload

 Select appropriate AWS connectivity options to meet performance demands.
 Select appropriate features to optimize connectivity to AWS public services.
 Determine an edge caching strategy to provide performance benefits.
 Select appropriate data transfer service for migration and/or ingestion.

2.4 Choose high-performing database solutions for a workload
 Select an appropriate database scaling strategy.
 Determine when database caching is required for performance improvement.
 Choose a suitable database service to meet performance needs.
Domain 3: Design Secure Applications and Architectures
3.1 Design secure access to AWS resources

 Determine when to choose between users, groups, and roles.
 Interpret the net effect of a given access policy.
 Select appropriate techniques to secure a root account.
 Determine ways to secure credentials using features of AWS IAM.
 Determine the secure method for an application to access AWS APIs.
 Select appropriate services to create traceability for access to AWS resources.

3.2 Design secure application tiers
 Given traffic control requirements, determine when and how to use security groups and network ACLs.
 Determine a network segmentation strategy using public and private subnets.
 Select the appropriate routing mechanism to securely access AWS service endpoints or internet-based resources from Amazon VPC.
 Select appropriate AWS services to protect applications from external threats.

3.3 Select appropriate data security options
 Determine the policies that need to be applied to objects based on access patterns.
 Select appropriate encryption options for data at rest and in transit for AWS services.
 Select appropriate key management options based on requirements.

Domain 4: Design Cost-Optimized Architectures
4.1 Identify cost-effective storage solutions
 Determine the most cost-effective data storage options based on requirements.
 Apply automated processes to ensure that data over time is stored on storage tiers that minimize costs.

4.2 Identify cost-effective compute and database services
 Determine the most cost-effective Amazon EC2 billing options for each aspect of the workload.
 Determine the most cost-effective database options based on requirements.
 Select appropriate scaling strategies from a cost perspective.
 Select and size compute resources that are optimally suited for the workload.
 Determine options to minimize total cost of ownership (TCO) through managed services and serverless architectures.

4.3 Design cost-optimized network architectures

 Identify when content delivery can be used to reduce costs.
 Determine strategies to reduce data transfer costs within AWS.
 Determine the most cost-effective connectivity options between AWS and on-premises environments.

Appendix
Which key tools, technologies, and concepts might be covered on the exam?
The following is a non-exhaustive list of the tools and technologies that could appear on the exam. This list is subject to change and is provided to help you understand the general scope of services, features, or technologies on the exam. The general tools and technologies in this list appear in no particular order. AWS services are grouped according to their primary functions. While some of these technologies will likely be covered more than others on the exam, the order and placement of them in this list is no indication of relative weight or importance:
 Compute
 Cost management
 Database
 Disaster recovery
 High availability
 Management and governance
 Microservices and component decoupling
 Migration and data transfer
 Networking, connectivity, and content delivery
 Security
 Serverless design principles
 Storage


AWS services and features Analytics:
 Amazon Athena
 Amazon Elasticsearch Service (Amazon ES)
 Amazon EMR
 AWS Glue
 Amazon Kinesis
 Amazon QuickSight

AWS Billing and Cost Management:

 AWS Budgets
 Cost Explorer

Application Integration:
 Amazon Simple Notification Service (Amazon SNS)
 Amazon Simple Queue Service (Amazon SQS)

Compute:
 Amazon EC2
 AWS Elastic Beanstalk
 Amazon Elastic Container Service (Amazon ECS)
 Amazon Elastic Kubernetes Service (Amazon EKS)
 Elastic Load Balancing
 AWS Fargate
 AWS Lambda

Database:

 Amazon Aurora
 Amazon DynamoDB
 Amazon ElastiCache
 Amazon RDS
 Amazon Redshift

Management and Governance:
 AWS Auto Scaling
 AWS Backup
 AWS CloudFormation
 AWS CloudTrail
 Amazon CloudWatch
 AWS Config
 Amazon EventBridge (Amazon CloudWatch Events)
 AWS Organizations
 AWS Resource Access Manager
 AWS Systems Manager
 AWS Trusted Advisor
Migration and Transfer:
 AWS Database Migration Service (AWS DMS)
 AWS DataSync
 AWS Migration Hub
 AWS Server Migration Service (AWS SMS)
 AWS Snowball
 AWS Transfer Family

Networking and Content Delivery:

 Amazon API Gateway
 Amazon CloudFront
 AWS Direct Connect
 AWS Global Accelerator
 Amazon Route 53
 AWS Transit Gateway
 Amazon VPC (and associated features)

Security, Identity, and Compliance:
 AWS Certificate Manager (ACM)
 AWS Directory Service
 Amazon GuardDuty
 AWS Identity and Access Management (IAM)
 Amazon Inspector
 AWS Key Management Service (AWS KMS)
 Amazon Macie
 AWS Secrets Manager
 AWS Shield
 AWS Single Sign-On
 AWS WAF

Storage:

 Amazon Elastic Block Store (Amazon EBS)
 Amazon Elastic File System (Amazon EFS)
 Amazon FSx
 Amazon S3
 Amazon S3 Glacier
 AWS Storage Gateway

QUESTION 1
A solutions architect is designing a solution where users will be directed to a backup static error page if the
primary website is unavailable. The primary website’s DNS records are hosted in Amazon Route 53 where
their domain is pointing to an Application Load Balancer (ALB).
Which configuration should the solutions architect use to meet the company’s needs while minimizing changes
and infrastructure overhead?

A. Point a Route 53 alias record to an Amazon CloudFront distribution with the ALB as one of its origins.
Then, create custom error pages for the distribution.
B. Set up a Route 53 active-passive failover configuration. Direct traffic to a static error page hosted within an
Amazon S3 bucket when Route 53 health checks determine that the ALB endpoint is unhealthy.
C. Update the Route 53 record to use a latency-based routing policy. Add the backup static error page hosted
within an Amazon S3 bucket to the record so the traffic is sent to the most responsive endpoints.
D. Set up a Route 53 active-active configuration with the ALB and an Amazon EC2 instance hosting a static
error page as endpoints. Route 53 will only send requests to the instance if the health checks fail for the ALB.

Answer: B

QUESTION 2
A solutions architect is designing a high performance computing (HPC) workload on Amazon EC2. The EC2
instances need to communicate to each other frequently and require network performance with low latency and high throughput.
Which EC2 configuration meets these requirements?

A. Launch the EC2 instances in a cluster placement group in one Availability Zone.
B. Launch the EC2 instances in a spread placement group in one Availability Zone.
C. Launch the EC2 instances in an Auto Scaling group in two Regions and peer the VPCs.
D. Launch the EC2 instances in an Auto Scaling group spanning multiple Availability Zones.

Answer: A

QUESTION 3
A company wants to host a scalable web application on AWS. The application will be accessed by users from
different geographic regions of the world. Application users will be able to download and upload unique data
up to gigabytes in size. The development team wants a cost-effective solution to minimize upload and
download latency and maximize performance.
What should a solutions architect do to accomplish this?

A. Use Amazon S3 with Transfer Acceleration to host the application.
B. Use Amazon S3 with CacheControl headers to host the application.
C. Use Amazon EC2 with Auto Scaling and Amazon CloudFront to host the application.
D. Use Amazon EC2 with Auto Scaling and Amazon ElastiCache to host the application.

Answer: C

QUESTION 4
A company is migrating from an on-premises infrastructure to the AWS Cloud. One of the company’s
applications stores files on a Windows file server farm that uses Distributed File System Replication (DFSR) to
keep data in sync. A solutions architect needs to replace the file server farm.
Which service should the solutions architect use?

A. Amazon Elastic File System (Amazon EFS)
B. Amazon FSx
C. Amazon S3
D. AWS Storage Gateway

Answer: B

QUESTION 5
A company has a legacy application that processes data in two parts. The second part of the process takes
longer than the first, so the company has decided to rewrite the application as two microservices running on
Amazon ECS that can scale independently.
How should a solutions architect integrate the microservices?

A. Implement code in microservice 1 to send data to an Amazon S3 bucket. Use S3 event notifications to
invoke microservice 2.
B. Implement code in microservice 1 to publish data to an Amazon SNS topic. Implement code in microservice
2 to subscribe to this topic.
C. Implement code in microservice 1 to send data to Amazon Kinesis Data Firehose. Implement code in
microservice 2 to read from Kinesis Data Firehose.
D. Implement code in microservice 1 to send data to an Amazon SQS queue. Implement code in microservice
2 to process messages from the queue.

Answer: D

QUESTION 6
A company captures clickstream data from multiple websites and analyzes it using batch processing. The data
is loaded nightly into Amazon Redshift and is consumed by business analysts. The company wants to move
towards near-real-time data processing for timely insights. The solution should process the streaming data with
minimal effort and operational overhead.
Which combination of AWS services are MOST cost-effective for this solution? (Choose two.)

A. Amazon EC2
B. AWS Lambda
C. Amazon Kinesis Data Streams
D. Amazon Kinesis Data Firehose
E. Amazon Kinesis Data Analytics

Answer: B,D

QUESTION 7
A company’s application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The
instances run in an Amazon EC2 Auto Scaling group across multiple Availability Zones. On the first day of
every month at midnight, the application becomes much slower when the month-end financial calculation batch
executes. This causes the CPU utilization of the EC2 instances to immediately peak to 100%, which disrupts
the application.
What should a solutions architect recommend to ensure the application is able to handle the workload and
avoid downtime?

A. Configure an Amazon CloudFront distribution in front of the ALB.
B. Configure an EC2 Auto Scaling simple scaling policy based on CPU utilization.
C. Configure an EC2 Auto Scaling scheduled scaling policy based on the monthly schedule.
D. Configure Amazon ElastiCache to remove some of the workload from the EC2 instances.

Answer: C

QUESTION 8
A company runs a multi-tier web application that hosts news content. The application runs on Amazon EC2
instances behind an Application Load Balancer. The instances run in an EC2 Auto Scaling group across
multiple Availability Zones and use an Amazon Aurora database. A solutions architect needs to make the
application more resilient to periodic increases in request rates.
Which architecture should the solutions architect implement? (Choose two.)

A. Add AWS Shield.
B. Add Aurora Replica.
C. Add AWS Direct Connect.
D. Add AWS Global Accelerator.
E. Add an Amazon CloudFront distribution in front of the Application Load Balancer.

Answer: D,E

QUESTION 9
An application running on AWS uses an Amazon Aurora Multi-AZ deployment for its database. When
evaluating performance metrics, a solutions architect discovered that the database reads are causing high I/O
and adding latency to the write requests against the database.
What should the solutions architect do to separate the read requests from the write requests?

A. Enable read-through caching on the Amazon Aurora database.
B. Update the application to read from the Multi-AZ standby instance.
C. Create a read replica and modify the application to use the appropriate endpoint.
D. Create a second Amazon Aurora database and link it to the primary database as a read replica.

Answer: C

Examkingdom AWS Solution Architect Associate Exam SAA-C02 Exam pdf, Certkingdom AWS Solution Architect Associate Exam SAA-C02 PDF

MCTS Training, MCITP Trainnig

Best AWS Solution Architect Associate Exam SAA-C02 Certification, AWS Solution Architect Associate Exam SAA-C02 Training at certkingdom.com

Click to rate this post!
[Total: 0 Average: 0]