ExpertAWS Solutions Architect Associate (SAA-C03)
AWS SAA-C03 Practice Exam 1
65 free questions · No sign-up required to browse
Comprehensive practice exam for the AWS Certified Solutions Architect - Associate (SAA-C03) certification. Covers Design Secure Architectures, Resilient Architectures, High-Performing Architectures, and Cost-Optimized Architectures.
65
Questions
Mixed
Difficulty
72%
Pass mark
Difficulty breakdown
Easy(14)
Medium(38)
Hard(13)
Topics covered
Browse all topics →Domain 1.1: Secure AccessDomain 1.2: Secure WorkloadsDomain 1.3: Data SecurityDomain 2.1: Scalable ArchitecturesDomain 2.2: Highly Available ArchitecturesDomain 2.3: Decoupling MechanismsDomain 2.4: Resilient StorageDomain 3.1: Storage PerformanceDomain 3.2: Compute PerformanceDomain 3.3: Database PerformanceDomain 3.4: Network PerformanceDomain 3.5: Data IngestionDomain 4.1: Storage Cost OptimizationDomain 4.2: Compute Cost OptimizationDomain 4.3: Database Cost OptimizationDomain 4.4: Network Cost Optimization
Sample questions
Q01Medium1 mark
A company has multiple AWS accounts in an AWS Organizations organization. The security team wants to ensure that no user or role in any member account can disable AWS CloudTrail. What is the MOST efficient way to enforce this requirement?
Q02Easy1 mark
A solutions architect is designing an application that will run on Amazon EC2 instances. The application needs to access an Amazon S3 bucket to read configuration files. What is the MOST secure way to grant the EC2 instances access to the S3 bucket?
Q03Medium1 mark
A company wants to implement a federated identity solution for its employees to access the AWS Management Console. The company already uses an on-premises Microsoft Active Directory. Which TWO solutions will meet this requirement? (Select TWO.)
Q04Hard1 mark
A mobile application needs to access Amazon DynamoDB directly to read user-specific data. The application uses a third-party identity provider (IdP) like Google or Facebook for user authentication. What is the MOST secure way to grant the mobile app access to DynamoDB?
Q05Medium1 mark
A company is hosting a web application on Amazon EC2 instances. The application connects to an Amazon RDS for MySQL database. The security team mandates that database credentials must not be stored in the application code or configuration files. Which solution meets this requirement with the LEAST operational overhead?
Ready to Practice the full exam?
All 65 questions with worked answers, mark schemes, and AI tutoring.
All questions (65)
Free to browse · no sign-up requiredQ01A company has multiple AWS accounts in an AWS Organizations organization. The security team wants to ensure that no u...MediumQ02A solutions architect is designing an application that will run on Amazon EC2 instances. The application needs to acc...EasyQ03A company wants to implement a federated identity solution for its employees to access the AWS Management Console. Th...MediumQ04A mobile application needs to access Amazon DynamoDB directly to read user-specific data. The application uses a thir...HardQ05A company is hosting a web application on Amazon EC2 instances. The application connects to an Amazon RDS for MySQL d...MediumQ06A solutions architect is reviewing the security of an AWS account. The architect notices that the AWS account root us...EasyQ07A company wants to enforce strict security controls on its AWS environment. They want to ensure that all IAM users ar...MediumQ08A company is hosting a public-facing web application on an Application Load Balancer (ALB). The security team wants t...EasyQ09A company has a strict compliance requirement that Amazon EC2 instances in a private subnet must only be able to acce...HardQ10A company wants to improve its threat detection and response capabilities in AWS. They need a solution that continuou...MediumQ11A solutions architect is configuring network security for a VPC. The architect needs to explicitly deny traffic from ...EasyQ12A company has built a serverless application using Amazon API Gateway and AWS Lambda. The company wants to authorize ...MediumQ13A company uses AWS CloudTrail to log all API activity in its AWS account. The security team needs to ensure that the ...MediumQ14A company is designing a multi-tier web application in a VPC. The web servers are in public subnets, and the database...HardQ15A financial institution needs to store regulatory records in Amazon S3. The records must not be deleted or overwritte...MediumQ16A company requires that all data stored in Amazon EBS volumes be encrypted at rest. The company also requires the abi...EasyQ17A company has an application that connects to an Amazon RDS database. The company wants to store the database credent...MediumQ18A solutions architect wants to ensure that all new Amazon EBS volumes created in a specific AWS Region are encrypted ...MediumQ19A company has an unencrypted Amazon RDS for MySQL database. The security team has mandated that the database must be ...HardQ20A company wants to store sensitive documents in Amazon S3. The security policy requires that the data is encrypted at...MediumQ21A company is designing a highly scalable web application. The application will receive HTTP and HTTPS traffic and nee...MediumQ22An application runs on Amazon EC2 instances in an Auto Scaling group. The application experiences unpredictable traff...MediumQ23A company is building a decoupled application where a producer sends messages to a queue, and a consumer processes th...EasyQ24A serverless application uses Amazon API Gateway, AWS Lambda, and Amazon DynamoDB. During a marketing campaign, traff...HardQ25A company is migrating a containerized application to AWS. The company wants to run the containers without having to ...MediumQ26A company runs a critical database on Amazon RDS for PostgreSQL. The company requires high availability and automatic...MediumQ27A company has a primary web application hosted in the us-east-1 Region and a disaster recovery (DR) site in the us-we...MediumQ28A company stores critical documents in an Amazon S3 bucket. To meet disaster recovery requirements, the documents mus...EasyQ29A global application requires a relational database that can span multiple AWS Regions. The database must provide sub...HardQ30A company is implementing a disaster recovery strategy. They want to keep a scaled-down version of their core infrast...MediumQ31An application processes messages from an Amazon SQS queue. Occasionally, a message causes the processing application...MediumQ32A company wants to build an event-driven architecture. When a new file is uploaded to Amazon S3, an event should trig...MediumQ33A developer is building an application that requires a complex sequence of AWS Lambda functions to execute in a speci...EasyQ34A company is receiving thousands of IoT sensor readings per second. The data needs to be ingested in real-time, buffe...HardQ35A company has a fleet of Amazon EC2 instances running Linux across multiple Availability Zones. The instances need to...MediumQ36A company has an on-premises data center and wants to integrate its existing applications with AWS storage. They need...MediumQ37A research institution is running a high-performance computing (HPC) workload on AWS. The workload requires a shared ...HardQ38A global media company allows users to upload large video files to an Amazon S3 bucket located in the us-east-1 Regio...MediumQ39A database running on an Amazon EC2 instance requires a block storage volume that can provide 15,000 IOPS. The worklo...EasyQ40A company has a read-heavy application backed by Amazon DynamoDB. The application is experiencing high latency during...MediumQ41A company is deploying a tightly coupled High Performance Computing (HPC) application on Amazon EC2. The application ...MediumQ42A developer has written an AWS Lambda function that processes images. The function is taking too long to execute, and...MediumQ43A company needs to run hundreds of thousands of batch computing jobs. The jobs are packaged as Docker containers. The...EasyQ44A media company is rendering high-resolution 3D animations. The rendering software runs on Amazon EC2 instances and r...HardQ45A company uses Amazon DynamoDB to store user activity logs. The partition key is the `UserID`, and the sort key is th...MediumQ46A data analytics team needs to run complex SQL queries against petabytes of structured and semi-structured data store...MediumQ47A company is developing a new SaaS application. The database workload is highly unpredictable, with periods of zero a...HardQ48A multiplayer gaming company has users worldwide connecting to game servers hosted in the eu-central-1 Region. Users ...MediumQ49A company has 50 VPCs across multiple AWS Regions. The company needs to establish network connectivity between all VP...EasyQ50A company is migrating a large database from its on-premises data center to AWS. The migration requires a dedicated, ...MediumQ51A company wants to collect application logs from hundreds of EC2 instances and load them into Amazon Redshift for ana...MediumQ52A data engineering team needs to perform complex Extract, Transform, Load (ETL) operations on large datasets stored i...HardQ53A company stores millions of images in an Amazon S3 bucket. The access patterns for the images are highly unpredictab...MediumQ54A hospital needs to retain patient records for 10 years to meet regulatory compliance. The records are rarely accesse...EasyQ55A company takes daily snapshots of its Amazon EBS volumes. The company has noticed that its AWS bill for EBS snapshot...MediumQ56A company runs a steady-state web application on Amazon EC2 instances. The compute requirements are consistent and pr...MediumQ57A data science team needs to run a massive data processing job that will take approximately 4 hours to complete. The ...EasyQ58A company has hundreds of Amazon EC2 instances. The finance team suspects that many instances are over-provisioned (e...MediumQ59A company has a serverless application using Amazon API Gateway and AWS Lambda. The application is invoked millions o...HardQ60A startup is launching a new mobile app backed by Amazon DynamoDB. The marketing team expects the app to go viral, bu...MediumQ61A company has an internal reporting application that uses an Amazon RDS for MySQL database. The application is only u...MediumQ62A company is migrating a legacy application to AWS. The application requires a relational database. The database will...EasyQ63A company has a fleet of Amazon EC2 instances in a private subnet that process large amounts of data and upload the r...MediumQ64A company hosts a popular public website on Amazon EC2 instances behind an Application Load Balancer (ALB). The websi...MediumQ65A solutions architect is reviewing a company's AWS architecture to identify cost optimization opportunities. The arch...Hard