Design Secure Applications and Architectures

/15

AWS Certified Solutions Architect – Associate (SAA-C03) – Design Secure Applications and Architectures

Prepare for the AWS Certified Solutions Architect – Associate (SAA-C03) exam with our quizzes designed to cover critical areas in designing secure applications and architectures.

1 / 15

1) How can you implement a secure strategy for managing application secrets in your AWS environment?

A) Use AWS Secrets Manager

B) Store secrets in Amazon S3

C) Store secrets in environment variables

D) Use IAM policies

2 / 15

2) To implement a zero-trust security model, which AWS service can you use to control access to your applications based on the principle of least privilege?

A) AWS WAF

B) Amazon Cognito

C) AWS Shield

D) AWS IAM

3 / 15

3) How can you securely manage access to EC2 instances in a production environment?

A) Use AWS CloudTrail

B) Use EC2 key pairs and IAM roles

C) Use Amazon CloudWatch

D) Use AWS Shield

4 / 15

4) You need to implement a secure, multi-account AWS environment and enforce compliance across all accounts. Which combination of services should you use?

A) AWS IAM and Amazon Inspector

B) AWS Shield and AWS WAF

C) AWS CloudTrail and AWS Systems Manager

D) AWS Organizations and AWS Config

5 / 15

5) How can you manage access to your applications without managing user credentials directly?

A) Use AWS Shield

B) Use Amazon Cognito

C) Use IAM users and groups

D) Use AWS CloudHSM

6 / 15

6) How can you ensure that your VPC is securely configured to prevent unauthorized access?

A) Use NACLs and Security Groups

B) Use AWS Shield

C) Use AWS CloudTrail

D) Use Amazon RDS

7 / 15

7) Which AWS service allows you to create custom compliance checks for your AWS resources?

A) AWS Shield

B) AWS WAF

C) AWS CloudTrail

D) AWS Config

8 / 15

8) You need to secure API endpoints for a web application. Which combination of services should you use?

A) Amazon CloudFront and AWS Shield

B) AWS Lambda and AWS Secrets Manager

C) Amazon API Gateway and AWS WAF

D) Amazon S3 and AWS IAM

9 / 15

9) Which service can you use to monitor and protect your AWS accounts from malicious activity and unauthorized behavior?

A) Amazon Macie

B) AWS Secrets Manager

C) Amazon GuardDuty

D) AWS CloudHSM

10 / 15

10) Which AWS service should you use to store and rotate database credentials securely?

A) AWS KMS

B) AWS Directory Service

C) AWS CloudTrail

D) AWS Secrets Manager

11 / 15

11) Which AWS service should you use to manage encryption keys for your applications?

A) AWS KMS

B) AWS Secrets Manager

C) AWS CloudHSM

D) AWS WAF

12 / 15

12) Which AWS service should you use to secure network traffic to and from your VPC?

A) AWS CloudHSM

B) AWS Shield

C) AWS VPN

D) AWS Direct Connect

13 / 15

13) Which AWS service provides DDoS protection for your applications?

A) AWS Shield

B) AWS WAF

C) AWS IAM

D) Amazon GuardDuty

14 / 15

14) How can you ensure secure communication between microservices running in a Kubernetes cluster on AWS?

A) Use AWS Direct Connect

B) Use AWS App Mesh

C) Use AWS Shield

D) Use IAM roles and policies

15 / 15

15) Which service should you use to enforce encryption for data at rest in Amazon S3?

A) AWS KMS

B) AWS IAM

C) AWS WAF

D) AWS Secrets Manager

Your score is

The average score is 25%

Exit