Braindump2goGuarantee All Exams 100%Pass One Time!SAA-C02 Exam Dumps SAA-C02 Exam Questions SAA-C02 PDF Dumps SAA-C02 VCE Dumps Vendor: Amazon Exam Code: SAA-C02 Exam Name: AWS Certified Solutions Architect - Associate (SAA-C02) Exam New Updated Questions from Braindump2go (Updated in May/2020)Visit Braindump2go and Download Full Version SAA-C02 Exam Dumps QUESTION 23 A Solutions Architect is creating an application running in an Amazon VPC that needs to access AWS Systems Manager Parameter Store. Network security rules prohibit any route table entry with a 0.0.0.0/0 destination. What infrastructure addition will allow access to the AWS service while meeting the requirements? A. VPC peering B. NAT instance C. NAT gateway D. AWS PrivateLink Answer: Explanation: You can privately access AWS Systems Manager APIs from your VPC (created using Amazon Virtual Private Cloud) by creating VPC Endpoints. With VPC Endpoints, the routing between the VPC and AWS Systems Manager is handled by the AWS network without the need for an internet gateway, NAT gateway, or VPN connection. The latest generation of VPC Endpoints used by AWS Systems Manager are powered by AWS PrivateLink, a technology that enables private connectivity between AWS services using Elastic Network Interfaces (ENIs) with private IP addresses in your VPCs. To learn more about PrivateLink, visit the PrivateLink documentation.
QUESTION 24 A photo-sharing website running on AWS allows users to generate thumbnail images of photos stored in Amazon S3. An Amazon DynamoDB table maintains the locations of photos, and thumbnails are easily re- created from the originals if they are accidentally deleted. How should the thumbnail images be stored to ensure the LOWEST cost?
B QUESTION 25 A company is implementing a data lake solution on Amazon S3. Its security policy mandates that the data stored in Amazon S3 should be encrypted at rest. Which options can achieve this? (Select TWO.)