Free AWS SAP-C02 Actual Exam Questions
Dumps Box (DumpsBox) offers up-to-date practice exam questions for SAP-C02 certification exam which are developed and validated by Amazon – AWS subject domain experts certified in AWS SAP-C02 . These practice questions are update regularly as we keep an eye on any recent changes in SAP-C02 syllabus, and when there is update our team quickly adjusts the questions. This commitment to providing the best quality exam prep material to certification aspirants is what makes DumpsBox.com the best certification exam prep website. On top of that, our strong, yet strictly moderated, community based feedback keeps the content clean and current. Each question has helpful community discussion that provides it extra perspective and introduces helpful resources for better exam preparation. This also saves students from other outdated practice questions or illicit exam dumps that can have adverse affects on career. Browse through our AWS SAP-C02 exam questions and pass your exam on first try.
data to the website, have the data processed, and have the data sent back to them in an email Data
is stored in a MySQL database running on an Amazon EC2 instance The database is running in a VPC
with two private subnets The website is running on Apache Tomcat in a single EC2 instance in a
different VPC with one public subnet There is a single VPC peering connection between the database
and website VPC.
The website has suffered several outages during the last month due to high traffic
Which actions should a solutions architect take to increase the reliability of the application? (Select
THREE.)
Makes sense to add Auto Scaling for traffic spikes, so A.
Probably F, adding AZ diversity helps if one zone fails.
new AWS account in the same AWS Region. Both accounts are members of the same organization in
AWS Organizations.
The company must minimize database service interruption before the company performs DNS
cutover to the new database.
Which migration strategy will meet this requirement?
Makes sense that snapshots in A and C would cause downtime since they’re point-in-time copies. B with DMS is better for keeping things synced until the cutover happens. So I’d go with B.
B. Using DMS lets you keep both clusters in sync until cutover, which really helps reduce downtime. The snapshot methods (A and C) are more of a one-time copy, so they might cause longer interruptions.
application layer consists of a single server running a stateful application. The application connects to
a PostgreSQL database running on a separate server. The application’s user base is expected to grow
significantly, so the company is migrating the application and database to AWS. The solution will use
Amazon Aurora PostgreSQL, Amazon EC2 Auto Scaling, and Elastic Load Balancing.
Which solution will provide a consistent user experience that will allow the application and database
tiers to scale?
It’s A. Sticky sessions are key, and the least outstanding requests algorithm helps balance load better. Using Aurora replicas scales reads without touching the writer, so it’s more reliable for growth.
B tbh, the app needs consistent handling of session state since it's stateful, so sticky sessions are a must. Aurora writers scaling is tricky because usually only one writer is active, so auto scaling writers might not be realistic. Using an Application Load Balancer makes sense here since it supports HTTP and sticky sessions better than a Network Load Balancer. Round robin routing combined with sticky sessions should distribute load while keeping user sessions consistent. So option B fits the requirements for stateful app scaling and consistent UX better than the others.
an Application Load Balancer (ALB) with an Amazon RDS for MySQL database The company hosts the
DNS records for the application in Amazon Route 53 A solutions architect must recommend a
solution to improve the resiliency of the application
The solution must meet the following objectives:
• Application tier RPO of 2 minutes. RTO of 30 minutes
• Database tier RPO of 5 minutes RTO of 30 minutes
The company does not want to make significant changes to the existing application architecture The
company must ensure optimal latency after a failover
Which solution will meet these requirements?
What about option D? Snapshots seem slow for a 2-minute RPO on app state.
Global Accelerator with Elastic Disaster Recovery sounds best for quick app failover, so A.
application that runs on Apache Tomcat with a PostgreSQL database.
The company does not have access to the source code but can deploy the application Java Archive
(JAR) files. The application has increased traffic at the end of each month.
Which solution will meet these requirements with the LEAST operational overhead?
B tbh, running everything in EKS seems like overkill here, plus managing containers and multiple regions adds complexity. A is too manual with EC2 deployment and scaling via Step Functions, which is a lot of overhead. C is out since it requires refactoring the app into Python and switching to DynamoDB, which isn’t feasible without source code. D lines up well because Elastic Beanstalk supports Java/Tomcat apps using JARs, handles autoscaling, and RDS for PostgreSQL is a managed service, reducing ops. So, D really fits the “least operational overhead” goal best despite the DB migration question
D, Elastic Beanstalk handles deployment and autoscaling without needing code changes.
Linux VM. Uploaded files are made available to downstream applications through an NFS share.
As part of the migration to AWS, a solutions architect must implement high availability. The solution
must provide external vendors with a set of static public IP addresses that the vendors can allow. The
company has set up an AWS Direct Connect connection between its on-premises data center and its
VPC.
Which solution will meet these requirements with the least operational overhead?
Maybe C is worth considering since migrating the existing VM to EC2 with an Elastic IP gives a fixed public IP and lets you keep a familiar Linux environment. It might be simpler than setting up multiple VPC endpoints with Elastic IPs.
It’s A, since static Elastic IPs per subnet fit the static IP need better than B’s public endpoint.
application runs in an Amazon Elastic Container Service (Amazon ECS) cluster in an Auto Scaling
group behind an Application Load Balancer (ALB). A system administrator detected a weekly spike in
the number of failed logic attempts. Which overwhelm the application’s authentication service. All
the failed login attempts originate from about 500 different IP addresses that change each week. A
solutions architect must prevent the failed login attempts from overwhelming the authentication
service.
Which solution meets these requirements with the MOST operational efficiency?
Maybe D could work since it blocks known bad IPs outright, but given the IPs change weekly, it might need constant updates which isn’t very operationally efficient. That makes B more attractive since rate-based rules automatically handle traffic spikes without manual intervention. Still, if the question emphasizes preventing overload with minimal ops work, B feels like the better fit because you don’t have to manage changing IP lists all the time.
B seems best since it auto-blocks based on traffic rate, no manual IP updates needed.
org. This service requires the partner company to have access to AWS resources in a customer
account, which is in a separate organization named org2 The company must establish least privilege
security access using an API or command line tool to the customer account
What is the MOST secure way to allow org1 to access resources h org2?
C/D? Both suggest using an IAM role, which is good. D’s extra external ID makes sense for security, but the question doesn’t say it’s required. C might still be acceptable if external ID isn’t specified.
Maybe D is best because the external ID helps confirm the partner’s identity and avoids unauthorized access. C misses that extra security step, so D seems safer overall.
from logistics centers to calculate a sustainability index The company has millions of devices in
logistics centers that are spread across Europe The devices send information to the processing engine
through a RESTful API
The API experiences unpredictable bursts of traffic The company must implement a solution to
process all data that the devices send to the processing engine Data loss is unacceptable
Which solution will meet these requirements?
I doubt C because EC2 instances might struggle with unpredictable spikes without a buffer, risking data loss. Does the question exclude streaming solutions like Kinesis, or is that still viable?
It’s A for me. Using an ALB directly with an SQS queue as a target group is not really supported—you can’t add an SQS queue as a target to an ALB. That alone rules out A. Between B and D, B makes more sense since the API Gateway to SQS integration is designed exactly for buffering bursty REST API traffic with zero data loss. Kinesis in D is better for streaming large volumes of data continuously, but the question focuses on RESTful API calls, so B fits better. C lacks a decoupling buffer layer, so riskier with unpredictable bursts.
website that runs on two Amazon EC2 instances behind an Application Load Balancer (ALB). The
application backend is a Python application that runs on three EC2 instances behind another ALB.
The EC2 instances are large, general purpose On-Demand Instances that were sized to meet the on-
premises specifications for peak usage of the application.
The application averages hundreds of thousands of requests each month. However, the application is
used mainly during lunchtime and receives minimal traffic during the rest of the day.
A solutions architect needs to optimize the infrastructure cost of the application without negatively
affecting the application availability.
Which combination of steps will meet these requirements? (Choose two.)
B imo for sure, moving the frontend to S3 cuts costs a lot since it’s just static content and no need for EC2 there. For the backend, E makes sense because burstable instances can handle the peaks but save money during low-traffic times. Spot instances (D) are risky here since interruptions might cause downtime, which they want to avoid. Also, switching instance families (A) won’t necessarily save money if the usage pattern is uneven like this. So yeah, B and E feels like the best combo to optimize cost without losing availability.
Makes sense to offload the static frontend to S3 for cost savings, so B fits. For the backend, switching to burstable instances (E) helps with low off-peak demand without risking interruptions like Spot instances would.
single Availability Zone. Because of additional load on the system, the solutions architect attempts to
add new instances to the placement group. However, the solutions architect receives an insufficient
capacity error.
What should the solutions architect do to troubleshoot this issue?
D Dedicated Hosts reserve capacity just for you, so launching new instances there avoids the general AZ capacity issue. Stopping and starting instances (B) might not help if the capacity is genuinely full.
B tbh, stopping and starting instances might free up some capacity in the placement group. If the issue is just a temporary capacity shortage, this could help since instances will be relaunched possibly on different hardware. A new placement group (C) can't be merged anyway, so that’s out. Dedicated Hosts (D) seem like a bigger change and more expensive, so definitely last resort. A spread placement group (A) isn’t relevant here since it focuses on spreading instances across hardware, not solving capacity errors within a cluster placement group.
EC2 instances behind an Application Load Balancer (ALB). The company uses an Amazon RDS DB
instance as the database backend. Amazon CloudFront is configured with one origin that points to
the ALB. Static content is cached. Amazon Route 53 is used to host all public zones.
After an update of the application, the ALB occasionally returns a 502 status code (Bad Gateway)
error. The root cause is malformed HTTP headers that are returned to the ALB. The webpage returns
successfully when a solutions architect reloads the webpage immediately after the error occurs.
While the company is working on the problem, the solutions architect needs to provide a custom
error page instead of the standard ALB error page to visitors.
Which combination of steps will meet this requirement with the LEAST amount of operational
overhead? (Choose two.)
A imo, S3 is the easiest place to host a static custom error page with zero maintenance. E is good since CloudFront can serve the error page without changing ALB settings, so both make sense together.
A/E seems simplest to me, using S3 and CloudFront custom error pages.
references static assets in an Amazon S3 bucket in the us-east-1 Region. The company needs
resiliency across multiple AWS Regions. The company already has created an S3 bucket in a second
Region.
Which solution will meet these requirements with the LEAST operational overhead?
C, because built-in S3 replication plus CloudFront origin groups automate failover smoothly.
C seems simplest—S3 replication plus CloudFront origin groups handle failover automatically.
on-premises identity provider (IdP) to authenticate users' access to the AWS environment. When the
solutions architect tests authentication through the federated identity web portal, access to the AWS
environment is granted However when test users attempt to authenticate through the federated
identity web portal, they are not able to access the AWS environment
Which items should the solutions architect check to ensure identity federation isproperly configured?
(Select THREE)
Maybe C is worth checking since if test users aren’t in the right IdP group, they won’t get mapped to AWS roles properly. Also, E seems less relevant because AWS doesn’t need to reach the IdP’s DNS for SAML assertions.
Maybe D too, since the portal has to correctly call AssumeRoleWithSAML with the right ARNs and assertion for this to work. Without that step, users won’t get proper role access despite valid tokens.
a. The company integrated the Lambda functions with API Gateway to use several shared libraries
and custom classes.
A solutions architect needs to simplify the deployment of the solution and optimize for code reuse.
Which solution will meet these requirements?
Makes sense to keep shared libs separate, so a Lambda layer seems better than a full container—B.
D makes sense since deploying everything in one container simplifies reuse and deployment.