Online Access Free Amazon.SAP-C02.v2026-03-31.q262 Practice Test (Page 2)

SAP-C02 Exam Question 1

A company uses a load balancer to distribute traffic to Amazon EC2 instances in a single Availability Zone.
The company is concerned about security and wants a solutions architect to re-architect the solution to meet the following requirements:
* Inbound requests must be filtered for common vulnerability attacks.
* Rejected requests must be sent to a third-party auditing application.
* All resources should be highly available.
Which solution meets these requirements?

A.Configure a Multi-AZ Auto Scaling group using the application's AMI. Create an Application Load Balancer (ALB) and select the previously created Auto Scaling group as the target. Use Amazon Inspector to monitor traffic to the ALB and EC2 instances. Create a web ACL in WAF. Create an AWS WAF using the web ACL and ALB. Use an AWS Lambda function to frequently push the Amazon Inspector report to the third-party auditing application.

B.Configure an Application Load Balancer (ALB) and add the EC2 instances as targets Create a web ACL in WAF. Create an AWS WAF using the web ACL and ALB name and enable logging with Amazon CloudWatch Logs. Use an AWS Lambda function to frequently push the logs to the third-party auditing application.

C.Configure an Application Load Balancer (ALB) along with a target group adding the EC2 instances as targets. Create an Amazon Kinesis Data Firehose with the destination of the third-party auditing application. Create a web ACL in WAF. Create an AWS WAF using the web ACL and ALB then enable logging by selecting the Kinesis Data Firehose as the destination. Subscribe to AWS Managed Rules in AWS Marketplace, choosing the WAF as the subscriber.

D.Configure a Multi-AZ Auto Scaling group using the application's AMI. Create an Application Load Balancer (ALB) and select the previously created Auto Scaling group as the target. Create an Amazon Kinesis Data Firehose with a destination of the third-party auditing application. Create a web ACL in WAF. Create an AWS WAF using the WebACL and ALB then enable logging by selecting the Kinesis Data Firehose as the destination. Subscribe to AWS Managed Rules in AWS Marketplace, choosing the WAF as the subscriber.

SAP-C02 Exam Question 2

A financial services company runs a complex, multi-tier application on Amazon EC2 instances and AWS Lambda functions. The application stores temporary data in Amazon S3. The S3 objects are valid for only 45 minutes and are deleted after 24 hours.
The company deploys each version of the application by launching an AWS CloudFormation stack. The stack creates all resources that are required to run the application. When the company deploys and validates a new application version, the company deletes the CloudFormation stack of the old version.
The company recently tried to delete the CloudFormation stack of an old application version, but the operation failed. An analysis shows that CloudFormation failed to delete an existing S3 bucket. A solutions architect needs to resolve this issue without making major changes to the application's architecture.
Which solution meets these requirements?

A.Implement a Lambda function that deletes all files from a given S3 bucket. Integrate this Lambda function as a custom resource into the CloudFormation stack. Ensure that the custom resource has a DependsOn attribute that points to the S3 bucket's resource.

B.Modify the CloudFormation template to provision an Amazon Elastic File System (Amazon EFS) file system to store the temporary files there instead of in Amazon S3. Configure the Lambda functions to run in the same VPC as the file system. Mount the file system to the EC2 instances and Lambda functions.

C.Modify the CloudFormation stack to create an S3 Lifecycle rule that expires all objects 45 minutes after creation. Add a DependsOn attribute that points to the S3 bucket's resource.

D.Modify the CloudFormation stack to attach a DeletionPolicy attribute with a value of Delete to the S3 bucket.

SAP-C02 Exam Question 3

A company's interactive web application uses an Amazon CloudFront distribution to serve images from an Amazon S3 bucket. Occasionally, third-party tools ingest corrupted images into the S3 bucket. This image corruption causes a poor user experience in the application later. The company has successfully implemented and tested Python logic to detect corrupt images.
A solutions architect must recommend a solution to integrate the detection logic with minimal latency between the ingestion and serving.
Which solution will meet these requirements?

A.Use a Lambda@Edge function that is invoked by a viewer-response event.

B.Use a Lambda@Edge function that is invoked by an origin-response event.

C.Use an S3 event notification that invokes an AWS Lambda function.

D.Use an S3 event notification that invokes an AWS Step Functions state machine.

SAP-C02 Exam Question 4

Question:
A company has an application that uses AWS Key Management Service (AWS KMS) to encrypt and decrypt data. The application stores data in an Amazon S3 bucket in an AWS Region. Company security policies require that the data is encryptedbeforebeing uploaded to S3, and decryptedwhen read. The S3 bucket isreplicated to other AWS Regions.
A solutions architect must design a solution so that the application canencrypt and decrypt data across Regionsusingthe same key.
Options:

A.Create a KMS multi-Region primary key. Use it to create KMS multi-Region replica keys in each Region. Update application code to use the replica key in each Region.

B.Create a new customer-managed KMS key in each additional Region. Update application code to use the key in each Region.

C.Use AWS Private CA to issue TLS certificates and replicate them with AWS RAM.

D.Export the KMS key material to Systems Manager Parameter Store in each Region. Update the app to use those.

SAP-C02 Exam Question 5

A company is running an application that uses an Amazon ElastiCache for Redis cluster as a caching layer A recent security audit revealed that the company has configured encryption at rest for ElastiCache However the company did not configure ElastiCache to use encryption in transit Additionally, users can access the cache without authentication A solutions architect must make changes to require user authentication and to ensure that the company is using end-to-end encryption Which solution will meet these requirements?

A.Create an AUTH token Store the token in AWS System Manager Parameter Store, as an encrypted parameter Create a new cluster with AUTH and configure encryption in transit Update the application to retrieve the AUTH token from Parameter Store when necessary and to use the AUTH token for authentication

B.Create an AUTH token Store the token in AWS Secrets Manager Configure the existing cluster to use the AUTH token and configure encryption in transit Update the application to retrieve the AUTH token from Secrets Manager when necessary and to use the AUTH token for authentication.

C.Create an SSL certificate Store the certificate in AWS Secrets Manager Create a new cluster and configure encryption in transit Update the application to retrieve the SSL certificate from Secrets Manager when necessary and to use the certificate for authentication.

D.Create an SSL certificate Store the certificate in AWS Systems Manager Parameter Store, as an encrypted advanced parameter Update the existing cluster to configure encryption in transit Update the application to retrieve the SSL certificate from Parameter Store when necessary and to use the certificate for authentication

Other Version: 511Amazon.SAP-C02.v2026-05-26.q273; 379Amazon.SAP-C02.v2026-05-12.q316; 667Amazon.SAP-C02.v2026-04-06.q271; 2194Amazon.SAP-C02.v2025-09-26.q250; 6865Amazon.SAP-C02.v2025-06-02.q210; 1759Amazon.SAP-C02.v2024-09-24.q208; 1965Amazon.SAP-C02.v2024-06-22.q419; 1983Amazon.SAP-C02.v2024-04-22.q355; 1056Amazon.SAP-C02.v2023-12-22.q145; 1374Amazon.SAP-C02.v2023-12-15.q186; 1148Amazon.SAP-C02.v2023-11-20.q171; 1192Amazon.SAP-C02.v2023-11-10.q169; 913Amazon.SAP-C02.v2023-09-29.q103; 1816Amazon.SAP-C02.v2023-07-24.q211; 1043Amazon.SAP-C02.v2023-07-21.q91; 1733Amazon.SAP-C02.v2023-05-20.q185; 1844Amazon.SAP-C02.v2023-05-04.q198; 1639Amazon.SAP-C02.v2023-04-29.q159; 1758Amazon.SAP-C02.v2023-04-17.q149; 1571Amazon.SAP-C02.v2023-04-10.q185; 1672Amazon.SAP-C02.v2023-04-10.q164

Latest Upload: 135Oracle.1D0-1057-25-D.v2026-06-03.q29; 268NAHQ.CPHQ.v2026-06-03.q396; 251CompTIA.220-1201.v2026-06-03.q196; 152GIAC.GCFE.v2026-06-03.q78; 145HIMSS.CPHIMS.v2026-06-03.q45; 229Google.Professional-Cloud-Architect.v2026-06-03.q165; 143HP.HPE7-A09.v2026-06-02.q48; 151ACDIS.CCDS-O.v2026-06-02.q56; 132Microsoft.AB-730.v2026-06-02.q31; 208ASQ.CSSBB.v2026-06-02.q130

SAP-C02 Exam Question 1

SAP-C02 Exam Question 2

SAP-C02 Exam Question 3

SAP-C02 Exam Question 4

SAP-C02 Exam Question 5

Download PDF File