How can this be accomplished?

2026-04-07
By:
In: SAP-C01
With: 2 Comments

A company has a serverless application comprised of Amazon CloudFront, Amazon API Gateway, and AWS Lambda functions.The current deployment process of the application code is to create a new version number of the Lambda function and run an AWS CLI script to update.If the new function version has errors, another CLI script reverts by deploying the previous working version of the function.The company would like to decrease the time to deploy new versions of the application logic provided by the Lambda functions, and also reduce the time to detect and revert when errors are identified.How can this be accomplished?Read More →

Which combination of steps should the solutions architect take to meet these requirements?

2026-04-07
By:
In: SAA-C02
With: 2 Comments

A hospital is designing a new application that gathers symptoms from patients.The hospital has decided to use Amazon Simple Queue Service (Amazon SQS) and Amazon Simple Notification Service (Amazon SNS) in the architecture.A solutions architect is reviewing the infrastructure design.Data must be encrypted at rest and in transit.Only authorized personnel of the hospital should be able to access the data.Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)Read More →

How can this company achieve these new security requirements while minimizing the administrative burden on the Operations team?

2026-04-07
By:
In: SAP-C01
With: 2 Comments

A large company experienced a drastic increase in its monthly AWS spend.This is after Developers accidentally launched Amazon EC2 instances in unexpected regions.The company has established practices around least privileges for Developers and controls access to on-premises resources using Active Directory groups.The company now want to control costs by restricting the level of access that Developers have to the AWS Management Console without impacting their productivity.The company would also like to allow Developers to launch Amazon EC2 in only one region, without limiting access to other services in any region.How can this company achieve these new security requirements while minimizing the administrative burden on the Operations team?Read More →

Which combination of actions should the solutions architect take to ensure that the system can scale to meet demand?

2026-04-07
By:
In: SAA-C02
With: 2 Comments

A solutions architect is designing the architecture for a software demonstration environment.The environment will run on Amazon EC2 instances in an AutoScaling group behind an Application Load Balancer (ALB).The system will experience significant increases in traffic during working hours but is not required to operate on weekends.Which combination of actions should the solutions architect take to ensure that the system can scale to meet demand? (Choose two.)Read More →

What can the Solutions Architect do to improve the cache hit rate for this distribution without causing the SSL/TLS handshake between CloudFront and theApplication Load Balancer to fail?

2026-04-07
By:
In: SAP-C01
With: 2 Comments

A company is using an Amazon CloudFront distribution to distribute both static and dynamic content from a web application running behind an Application LoadBalancer.The web application requires user authorization and session tracking for dynamic content.The CloudFront distribution has a single cache behavior configured to forward the Authorization, Host, and User-Agent HTTP whitelist headers and a session cookie to the origin.All other cache behavior settings are set to their default value.A valid ACM certificate is applied to the CloudFront distribution with a matching CNAME in the distribution settings.The ACM certificate is also applied to theHTTPS listener for the Application Load Balancer.The CloudFront origin protocol policy is set to HTTPS only.Analysis of the cache statistics report shows that the miss rate for this distribution is very high.What can the Solutions Architect do to improve the cache hit rate for this distribution without causing the SSL/TLS handshake between CloudFront and theApplication Load Balancer to fail?Read More →

Which action would make it easier to manage multiple Regions?

2026-04-07
By:
In: SOA-C01
With: 2 Comments

A company is planning to expand into an additional AWS Region for disaster recovery purposes.The company uses AWS CloudFormation, and its infrastructure is well-defined as code.The company would like to reuse as much of its existing code as possible when deploying resources to additional Regions.A SysOps Administrator is reviewing how Amazon Machine Images (AMIs) are selected in AWS CloudFormation, but is having trouble making the same stack work in the new Region.Which action would make it easier to manage multiple Regions?Read More →

Which solution meets these requirements?

2026-04-07
By:
In: SAA-C02
With: 2 Comments

A solutions architect must secure a VPC network that hosts Amazon EC2 instances.The EC2 instances contain highly sensitive data and run in a private subnet.According to company policy, the EC2 instances that run in the VPC can access only approved third-party software repositories on the internet for software product updates that use the third party’s URL.Other internet traffic must be blocked.Which solution meets these requirements?Read More →