🖥️ Amazon Elastic Compute Cloud (EC2) - SAA-C03 Practice Questions

EC2 provides resizable compute capacity in the cloud. Master instance types, pricing models, placement groups, Auto Scaling, and launch configurations for the SAA-C03 exam.

80Questions Available
4Exam Domains

Practice EC2 Questions Now

Start a timed practice session focusing on Amazon Elastic Compute Cloud (EC2) topics from the SAA-C03 question bank.

Start SAA-C03 Practice Quiz →

How EC2 Is Really Tested in SAA-C03

EC2 questions in SAA-C03 are rarely about definitions alone. Most of them force you to choose the best compute shape under multiple constraints at once: latency, fault tolerance, patching overhead, and cost.

The exam also tests whether you can separate compute decisions from storage and network decisions. A correct answer usually combines EC2 with the right EBS layout, load balancing pattern, and scaling policy rather than treating EC2 in isolation.

When two answers both seem valid, the winning choice is usually the one that removes operational risk over time, not just the one that works today.

EC2 architecture decisions that SAA-C03 repeatedly tests

Decision PointOption AOption BExam Takeaway
Baseline workload patternBurstable family (T class) for variable CPU profiles with long idle periodsGeneral/compute-optimized family (M/C class) for sustained and predictable demandIf the scenario says frequent sustained load, avoid burst-credit risk and choose a non-burst instance family.
Data persistence on instance failureEBS-backed volumes with snapshots and Multi-AZ recovery workflowInstance store for ephemeral scratch/cache data onlyIf data must survive stop/terminate or AZ events, instance store is almost always a trap.
Resilience modelAuto Scaling group spread across multiple Availability ZonesSingle instance with vertical scaling in one Availability ZoneSAA-C03 rewards multi-AZ fault tolerance first, then performance and cost tuning.

Black Friday checkout API scaling scenario

A checkout API has unpredictable spikes, strict availability requirements, and stateful session data stored outside the instance tier.

  • Use an ALB + Auto Scaling group across at least two Availability Zones.
  • Keep instance boot time low with launch templates and pre-baked AMIs.
  • Store state in managed services so instances remain disposable during scale events.
  • Apply mixed purchase options only when interruption tolerance is clearly acceptable.

Common Exam Trap: Choosing Spot instances for critical synchronous checkout traffic without interruption mitigation is a common wrong answer pattern.

SAA-C03 EC2 Question Bank (80 Questions)

Browse all 80 practice questions covering Amazon Elastic Compute Cloud (EC2) for the SAA-C03 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Design Cost-Optimized Architectures

    A company currently uses Standard Reserved Instances (RIs) for their EC2 fleet. They plan to change the instance family from `m5` to `c5` to improve performance. Can they modify their current RIs?

    AYes, Standard RIs allow changing instance families.
    BNo, Standard RIs are inflexible. They should have purchased Convertible RIs or Savings Plans.
    CYes, but only if the instance size remains the same.
    DYes, if they pay a modification fee.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  2. Question 2Design Cost-Optimized Architectures

    A company has predictable EC2 usage but wants flexibility to change instance families and regions as their application evolves. Which purchasing option provides the best cost savings with maximum flexibility?

    AStandard Reserved Instances for 3 years with all upfront payment.
    BConvertible Reserved Instances with the ability to exchange instance characteristics.
    CCompute Savings Plans with 1-year term for flexibility across instance families and regions.
    DEC2 Instance Savings Plans for specific instance family commitments.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  3. Question 3Design High-Performing Architectures

    A high-performance computing application requires very low network latency between instances for tight coupling of parallel processing tasks. Which EC2 placement strategy minimizes inter-instance latency?

    ACluster Placement Group within a single Availability Zone.
    BSpread Placement Group across multiple Availability Zones.
    CPartition Placement Group with instances distributed across partitions.
    DNo placement group with Enhanced Networking enabled.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  4. Question 4Mixed

    For a fleet of EC2 instances with flexible start and end times, which pricing model can provide significant savings compared to On-Demand, without the commitment of a Reserved Instance?

    ASpot Instances
    BSavings Plans
    CDedicated Hosts
    DOn-Demand Capacity Reservations

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  5. Question 5Design Cost-Optimized Architectures

    A data processing job runs daily for 4-6 hours and can tolerate interruptions by resuming from checkpoints. Cost optimization is the primary concern. Which EC2 purchasing strategy minimizes costs?

    AOn-Demand instances for guaranteed completion.
    BSpot instances with checkpointing for interruption handling.
    CReserved instances with scheduled reserved capacity.
    DDedicated hosts for consistent pricing.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  6. Question 6Design Secure Architectures

    A fleet of EC2 instances in a private subnet requires administrative access for troubleshooting. The security team prohibits the use of bastion hosts or opening port 22 (SSH) or 3389 (RDP) to the internet or the corporate network. Which solution provides secure console access?

    AUse EC2 Instance Connect with a temporary SSH key pushed via API.
    BConfigure AWS Systems Manager (SSM) Session Manager. Ensure the instances have the AmazonSSMManagedInstanceCore policy attached.
    CSet up a Site-to-Site VPN and access the instances using their private IP addresses.
    DUse a Transit Gateway to route traffic from a dedicated management VPC.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  7. Question 7Mixed

    A financial services application processes transactions that must not be lost. The application runs on EC2 instances behind an Application Load Balancer. Which solution ensures in-flight requests are preserved during deployments?

    AUse EC2 Auto Scaling with instance scale-in protection and connection draining enabled.
    BDisable health checks during deployments.
    CReplace the Application Load Balancer with a Network Load Balancer.
    DDeploy the application on AWS Lambda with reserved concurrency.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  8. Question 8Design Secure Architectures

    A company must ensure that EC2 instances can only be launched with approved AMIs and specific instance types. Which solution enforces these requirements?

    AUse IAM policies to restrict instance launches
    BUse AWS Config rules to detect non-compliant instances
    CUse Service Control Policies (SCPs) in AWS Organizations
    DUse AWS Systems Manager to manage instances

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  9. Question 9Design Secure Architectures

    A company must ensure that all EC2 instances are launched with approved AMIs and specific instance types across all accounts. Which solution enforces this requirement?

    AUse IAM policies
    BUse AWS Config rules
    CUse Service Control Policies (SCPs)
    DUse AWS Systems Manager

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  10. Question 10Design High-Performing Architectures

    An application running on an EC2 instance needs to put objects into an S3 bucket. What is the most secure way to grant these permissions?

    ACreate an IAM User with S3 permissions, generate Access Keys, and run `aws configure` on the instance.
    BCreate an IAM Role with S3 permissions and attach it to the EC2 instance as an Instance Profile.
    CStore the AWS credentials in the User Data script.
    DAllow the EC2 instance's public IP in the S3 bucket policy.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  11. Question 11Design Resilient Architectures

    A critical EC2 instance running a legacy app becomes unresponsive due to hardware degradation. How can you automatically recover it while keeping the same Public IP, Private IP, and Instance ID?

    AConfigure an Auto Scaling Group with min/max = 1.
    BCreate a CloudWatch Alarm monitoring `StatusCheckFailed_System` with an EC2 Recover action.
    CUse AWS Systems Manager to reboot the instance.
    DEnable Termination Protection.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  12. Question 12Design Resilient Architectures

    A critical single-instance application runs on EC2 with an Elastic IP and needs to maintain the same instance ID and network configuration if hardware fails. The application cannot be redesigned for multi-instance deployment. Which recovery strategy preserves the instance identity?

    AConfigure an Auto Scaling Group with min/max capacity of 1 and health checks.
    BCreate a CloudWatch alarm for `StatusCheckFailed_System` with an EC2 Auto Recovery action.
    CUse AWS Systems Manager to automatically restart the instance on failure.
    DCreate an AMI snapshot every hour and restore manually when needed.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  13. Question 13Mixed

    A company wants all Amazon EC2 instances to automatically join its AWS Directory Service managed Active Directory domain at launch. The solution must minimize manual configuration. What should the solutions architect recommend?

    AConfigure an AWS Systems Manager State Manager association that joins instances to the domain by using the AWS-JoinDirectoryServiceDomain document.
    BCreate a cron job on each instance that runs the netdom command at startup.
    CLaunch instances in a public subnet and use AWS Client VPN to join the domain.
    DUse IAM roles attached to the instances to request temporary credentials for the domain join.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  14. Question 14Mixed

    A company needs to inspect outbound web traffic from Amazon EC2 instances to identify malicious domains. The solution must be centrally managed and scalable. Which AWS service should the solutions architect recommend?

    AAWS WAF
    BAWS Network Firewall
    CAWS Shield Standard
    DAWS Firewall Manager with AWS Shield Advanced

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  15. Question 15Mixed

    An enterprise must ensure that all data transmitted between Amazon EC2 instances and on-premises workloads is encrypted without modifying application code. Which solution meets the requirement with minimal changes?

    AUse AWS Client VPN with mutual TLS authentication for all traffic.
    BConfigure an IPsec VPN connection between AWS and on-premises networks.
    CImplement AWS Direct Connect with MACsec encryption.
    DEnable TLS termination at the internet gateway.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  16. Question 16Select All That ApplyMixed

    A multi-tier application runs on Amazon EC2 instances. The company wants to reduce inter-service latency and offload static content. Which combination of actions meets the requirement? (Select TWO.)

    APlace static assets in Amazon S3 and serve them through Amazon CloudFront.
    BUse Amazon ElastiCache for Redis as a caching layer for frequently accessed data.
    CMove static content to Amazon EFS mounted across all instances.
    DUse AWS Batch to process static assets on a schedule.
    EReplace the Application Load Balancer with a Network Load Balancer.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  17. Question 17Mixed

    A company has a stateful application running on EC2 instances that cannot be easily refactored. The application must achieve high availability within a single Region. What should the solutions architect do?

    ADeploy the instances in an Auto Scaling group across multiple Availability Zones with one standby instance per zone and shared storage.
    BUse a single EC2 instance with Multi-Attach EBS volumes.
    CPlace the instance in one Availability Zone and rely on frequent snapshots for recovery.
    DHost the application on AWS Lambda with provisioned concurrency.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  18. Question 18Mixed

    A company maintains a fleet of EC2 instances that power a high-throughput API. The company wants to optimize cost without sacrificing availability. Usage is predictable and steady. What is the MOST cost-effective approach?

    APurchase Convertible Reserved Instances for the baseline load and use On-Demand Instances for spikes.
    BRun all instances as Spot Instances with capacity-optimized allocation.
    CUse Savings Plans for compute usage and rely solely on On-Demand Instances.
    DUse Dedicated Hosts for all instances to leverage license mobility.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  19. Question 19Mixed

    An enterprise runs batch jobs on EC2 instances nightly. The jobs run for 3 hours and require up to 200 instances, but during the day compute demand is minimal. The company wants to optimize cost. Which purchasing option should the solutions architect recommend?

    AUse Spot Instances with capacity-optimized allocation for the batch fleet.
    BPurchase Reserved Instances for the entire batch fleet.
    CUse Dedicated Hosts for night jobs.
    DRun jobs on On-Demand Instances only.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  20. Question 20Mixed

    A company needs to back up hundreds of Amazon EC2 instances and on-premises VMware VMs. Backups must support granular restore and centralized management. Which service should the solutions architect choose?

    AAWS Backup
    BAWS DataSync
    CAWS Storage Gateway tape gateway
    DAmazon S3 Glacier Deep Archive

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  21. Question 21Mixed

    A company needs to grant an IAM role to an Amazon EC2 instance so that an application can read from an Amazon S3 bucket. Which IAM feature should be used to avoid storing long-term access keys on the instance?

    AIAM Groups
    BIAM Users
    CIAM Roles
    DIAM Policies

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  22. Question 22Mixed

    A web application is hosted on an Auto Scaling group of EC2 instances. The Security Team mandates that all instances must be patched for a specific CVE immediately. What is the MOST secure and efficient method to achieve this?

    ALog in to each instance and run the operating system's update command.
    BCreate a new, patched AMI and launch a new Auto Scaling group, then terminate the old instances.
    CUse AWS Systems Manager Run Command to execute a patch script on all instances.
    DUse AWS Lambda to patch the instances during off-peak hours.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  23. Question 23Mixed

    You are storing secrets for an application in AWS Secrets Manager. An EC2 instance needs to retrieve these secrets at launch. How should you grant the instance the necessary permissions?

    AStore an IAM user's access keys in the EC2 instance's user data.
    BAttach an IAM role to the EC2 instance with a policy allowing secretsmanager:GetSecretValue.
    CCreate an IAM policy that allows all actions on Secrets Manager and attach it to the instance.
    DUse the Key Management Service (KMS) to encrypt the secrets.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  24. Question 24Mixed

    You need to ensure that all EBS volumes attached to EC2 instances in your VPC are encrypted. What is the most efficient way to enforce this?

    AWrite a script to check for unencrypted volumes daily.
    BEnable EBS encryption by default for your AWS account and region.
    CUse an IAM policy to prevent the CreateVolume API call without an encryption parameter.
    DUse AWS Config to monitor for non-compliant resources.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  25. Question 25Mixed

    Which service can be used to assess the security and compliance of your EC2 instances by analyzing the running operating system against defined best practices?

    AAWS Trusted Advisor
    BAWS Shield
    CAmazon Inspector
    DAWS Config

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  26. Question 26Select All That ApplyMixed

    An application on an EC2 instance must write encrypted logs to an S3 bucket. The solution must ensure the data is encrypted in transit and at rest. Which combination is necessary? (Select TWO.)

    AUse the HTTPS endpoint for S3.
    BUse S3 Default Encryption with SSE-S3 or a KMS key.
    CUse an S3 Gateway endpoint.
    DUse an IAM role with write permissions.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  27. Question 27Mixed

    A stateless web application is currently running on a single EC2 instance. The architecture must be modified to be highly available. Which is the MOST resilient approach?

    AUse a larger EC2 instance type.
    BDeploy the application across multiple instances in an Auto Scaling group behind an Application Load Balancer across two Availability Zones.
    CCreate an AMI of the instance for faster recovery.
    DIncrease the EBS volume size and IOPS.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  28. Question 28Mixed

    A legacy application requires a shared file system accessible from multiple EC2 instances across different Availability Zones. Which storage service should be used?

    AAmazon EBS
    BAmazon EFS
    CAmazon S3
    DInstance Store

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  29. Question 29Mixed

    A company has several unused EBS volumes attached to stopped EC2 instances. What should be done to reduce costs?

    AEncrypt the volumes.
    BDelete the volumes.
    CTake a snapshot and then delete the volumes.
    DChange the volume type to st1.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  30. Question 30Mixed

    You are running a .NET application on a c5.2xlarge EC2 instance. The utilization is high, but you need to save costs. The application cannot be interrupted. What is a potential solution?

    AMigrate to a Spot Instance.
    BPurchase a Reserved Instance for the c5.2xlarge instance.
    CMigrate to a c5.xlarge instance.
    DUse AWS Lambda instead.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  31. Question 31Design High-Performing Architectures

    A company is running a web application on Amazon EC2 instances in multiple Availability Zones behind an Application Load Balancer. The application experiences variable traffic patterns with sudden spikes during business hours. The company wants to optimize costs while maintaining high availability. Which solution will meet these requirements MOST cost-effectively?

    AUse Reserved Instances for the baseline capacity and On-Demand Instances for peak traffic
    BUse Spot Instances for all EC2 instances with a Spot Fleet configuration
    CUse Auto Scaling with a mix of On-Demand and Spot Instances, setting the base capacity with On-Demand
    DUse Dedicated Hosts for all instances to reduce costs

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  32. Question 32Design High-Performing Architectures

    A company's application stores session data that needs to be shared across multiple EC2 instances. The session data must be available with microsecond latency and persist even if an instance fails. Which solution provides the BEST performance?

    AAmazon ElastiCache for Redis with cluster mode enabled
    BAmazon DynamoDB with DynamoDB Accelerator (DAX)
    CAmazon RDS with read replicas
    DAmazon EFS mounted on all EC2 instances

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  33. Question 33Design Secure Architectures

    An application running on EC2 instances needs to access objects in an S3 bucket. The security team requires that credentials should never be stored on the instances. What is the MOST secure solution?

    AStore AWS credentials in the EC2 instance user data
    BCreate an IAM role with S3 permissions and attach it to the EC2 instances
    CUse AWS Systems Manager Parameter Store to store credentials
    DEmbed access keys in the application code

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  34. Question 34Design Cost-Optimized Architectures

    A company's application experiences predictable traffic patterns with a baseline of 10 instances and peaks requiring 50 instances during business hours (9 AM - 5 PM on weekdays). What is the MOST cost-effective EC2 purchasing strategy?

    APurchase 50 Reserved Instances
    BPurchase 10 Reserved Instances and use Auto Scaling with On-Demand Instances for peaks
    CUse only Spot Instances with Auto Scaling
    DPurchase 25 Reserved Instances and use Spot Instances for the rest

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  35. Question 35Design Secure Architectures

    A solutions architect needs to design a solution that allows developers to access EC2 instances without exposing SSH ports to the internet. Which solution is MOST secure?

    AUse a bastion host in a public subnet
    BUse AWS Systems Manager Session Manager
    CUse VPN to connect to the VPC
    DUse Security Groups to restrict SSH access to specific IP addresses

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  36. Question 36Design High-Performing Architectures

    An application requires a file system that can be accessed concurrently by thousands of EC2 instances across multiple Availability Zones with consistent performance. Which storage solution should be used?

    AAmazon EBS with Multi-Attach
    BAmazon EFS
    CAmazon S3
    DAmazon FSx for Windows File Server

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  37. Question 37Design Resilient Architectures

    A company wants to implement a solution that automatically patches EC2 instances during maintenance windows without manual intervention. Which AWS service should be used?

    AAWS Systems Manager Patch Manager
    BAWS Config
    CAWS CloudFormation
    DAWS OpsWorks

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  38. Question 38Design Secure Architectures

    A company needs to ensure that EC2 instances in a private subnet can download software updates from the internet without being directly accessible from the internet. Which solution should be implemented?

    AUse an Internet Gateway
    BUse a NAT Gateway in a public subnet
    CUse VPC Peering
    DUse AWS PrivateLink

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  39. Question 39Design High-Performing Architectures

    A company runs a web application that stores user session data. The session data must be shared across multiple EC2 instances and persist if an instance fails. Which solution provides the BEST performance and reliability?

    AStore session data in Amazon EBS volumes
    BStore session data in Amazon ElastiCache for Redis with Multi-AZ
    CStore session data in Amazon RDS
    DStore session data in Amazon S3

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  40. Question 40Design Resilient Architectures

    A company wants to implement a backup strategy for EC2 instances that includes automated backups, retention policies, and cross-region backup copies. Which solution provides these capabilities with minimal management?

    AUse EBS snapshots with Lambda for automation
    BUse AWS Backup
    CUse AWS Storage Gateway
    DUse CloudFormation to automate snapshots

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  41. Question 41Design High-Performing Architectures

    A company needs to run a Windows-based application that requires SMB file shares accessible from multiple EC2 instances. Which storage solution should be used?

    AAmazon EFS
    BAmazon FSx for Windows File Server
    CAmazon S3
    DAmazon EBS with Multi-Attach

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  42. Question 42Design High-Performing Architectures

    An application requires a file system that supports POSIX permissions, can be accessed from thousands of EC2 instances, and automatically scales storage. Which solution should be used?

    AAmazon EBS with Multi-Attach
    BAmazon EFS
    CAmazon FSx for Lustre
    DAmazon S3 with S3FS

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  43. Question 43Design Secure Architectures

    A solutions architect must design a solution that encrypts data in transit between an Application Load Balancer and EC2 instances. Which solution meets this requirement?

    AUse HTTPS listeners on the ALB only
    BUse HTTPS listeners on the ALB and HTTPS on EC2 instances
    CUse Network Load Balancer with TLS termination
    DUse Security Groups to encrypt traffic

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  44. Question 44Design Secure Architectures

    A company wants to implement a solution that automatically responds to security threats by isolating compromised EC2 instances. Which solution should be implemented?

    AUse AWS Config to detect threats and Lambda to modify Security Groups
    BUse Amazon GuardDuty with EventBridge and Lambda to modify Security Groups
    CUse AWS WAF to block threats
    DUse VPC Flow Logs with CloudWatch alarms

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  45. Question 45Design Secure Architectures

    A solutions architect must design a solution that ensures EC2 instances in private subnets can download software updates from the internet without being directly accessible. Which solution should be implemented?

    AUse an Internet Gateway
    BUse a NAT Gateway in a public subnet
    CUse VPC Peering
    DUse AWS PrivateLink

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  46. Question 46Design Resilient Architectures

    A company wants to implement a solution that automatically patches EC2 instances during maintenance windows without manual intervention. Which AWS service should be used?

    AAWS Systems Manager Patch Manager
    BAWS Config
    CAWS CloudFormation
    DAWS OpsWorks

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  47. Question 47Design High-Performing Architectures

    A company wants to run a Windows-based application that requires SMB file shares accessible from multiple EC2 instances with Active Directory integration. Which storage solution should be used?

    AAmazon EFS
    BAmazon FSx for Windows File Server
    CAmazon S3
    DAmazon EBS with Multi-Attach

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  48. Question 48Design High-Performing Architectures

    A company runs a web application that stores user session data. The session data must be shared across multiple EC2 instances and persist if an instance fails. Which solution provides the BEST performance and reliability?

    AStore session data in Amazon EBS volumes
    BStore session data in Amazon ElastiCache for Redis with Multi-AZ
    CStore session data in Amazon RDS
    DStore session data in Amazon S3

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  49. Question 49Design Resilient Architectures

    A solutions architect must design a backup strategy for EC2 instances that includes automated backups, retention policies, and cross-region backup copies. Which solution provides these capabilities with minimal management?

    AUse EBS snapshots with Lambda for automation
    BUse AWS Backup
    CUse AWS Storage Gateway
    DUse CloudFormation to automate snapshots

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  50. Question 50Design Secure Architectures

    A company must ensure that EC2 instances can only communicate with approved AWS services and cannot access the internet. Which solution enforces this requirement?

    AUse Security Groups to restrict outbound traffic
    BUse Network ACLs to block internet access
    CUse VPC endpoints for AWS services and remove NAT Gateway/Internet Gateway
    DUse AWS PrivateLink for all services

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  51. Question 51Design High-Performing Architectures

    An application requires a file system that can be accessed from both Linux and Windows EC2 instances with SMB and NFS protocols. Which storage solution should be used?

    AAmazon EFS
    BAmazon FSx for Windows File Server
    CAmazon FSx for Lustre
    DAmazon S3

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  52. Question 52Design Secure Architectures

    A company wants to implement automated security threat detection and response for EC2 instances. Which solution should be implemented?

    AAWS Config with Lambda
    BAmazon GuardDuty with EventBridge and Lambda
    CAWS WAF
    DVPC Flow Logs with CloudWatch

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  53. Question 53Design Secure Architectures

    A solutions architect must ensure EC2 instances in private subnets can download updates without internet exposure. Which solution should be implemented?

    AInternet Gateway
    BNAT Gateway in public subnet
    CVPC Peering
    DAWS PrivateLink

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  54. Question 54Design Resilient Architectures

    A company wants automated EC2 instance patching during maintenance windows. Which service should be used?

    AAWS Systems Manager Patch Manager
    BAWS Config
    CAWS CloudFormation
    DAWS OpsWorks

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  55. Question 55Design High-Performing Architectures

    A web application stores user session data that must be shared across EC2 instances and persist if instances fail. Which solution provides BEST performance and reliability?

    AAmazon EBS volumes
    BElastiCache for Redis with Multi-AZ
    CAmazon RDS
    DAmazon S3

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  56. Question 56Design Secure Architectures

    A company must ensure EC2 instances only communicate with approved AWS services, not the internet. Which solution enforces this?

    ASecurity Groups
    BNetwork ACLs
    CVPC endpoints and remove NAT/Internet Gateway
    DAWS PrivateLink

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  57. Question 57Design Secure Architectures

    A Solution Architect is designing a multi-tier application. The application tier runs on EC2 instances in private subnets and needs to download software patches from the internet. However, the security policy mandates that no inbound internet connectivity is allowed to these instances, and the source IP address for outbound traffic must remain static for allow-listing by the software vendor. Which architecture satisfies these requirements?

    ADeploy a NAT Gateway in a private subnet. Route outbound traffic from the application subnet to the NAT Gateway.
    BDeploy a NAT Gateway in a public subnet. Route outbound traffic from the application subnet to the NAT Gateway. Assign an Elastic IP to the NAT Gateway.
    CDeploy an Egress-Only Internet Gateway in the VPC. Update the route table for the private subnets to point to the gateway.
    DUse a Proxy Server on an EC2 instance in a public subnet with a dynamic Public IP address.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  58. Question 58Design Secure Architectures

    An application uses a Lambda function to query a legacy database running on an EC2 instance in a private subnet. The database security group allows traffic only from the security group of the Lambda function. The Lambda function is configured to connect to the VPC. However, the Lambda function times out when trying to connect to the database. What is the most likely cause?

    AThe Lambda function execution role lacks the `AWSLambdaVPCAccessExecutionRole` permissions.
    BThe Lambda function needs a NAT Gateway to communicate with the private EC2 instance.
    CThe security group attached to the Lambda function does not allow outbound traffic to the database on the database port.
    DThe Lambda function is running in a public subnet and cannot route to the private subnet.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  59. Question 59Design Secure Architectures

    An e-commerce application running on an Application Load Balancer (ALB) and EC2 instances is facing a distributed denial-of-service (DDoS) attack (HTTP floods) and SQL injection attempts. Which combination of services provides the MOST secure and operational efficient defense?

    AEnable AWS Shield Standard. Use Security Groups to block the attacking IP addresses.
    BEnable AWS Shield Advanced. Deploy AWS WAF on the ALB with managed rules for SQL injection and rate-based rules for the flood.
    CDeploy CloudFront in front of the ALB. Configure OAI (Origin Access Identity) to restrict access.
    DUse Route 53 Geolocation routing to block traffic from countries where the attack originates.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  60. Question 60Design Secure Architectures

    A web application deployed on EC2 instances requires database credentials to access an Amazon Aurora database. A security audit flagged that the credentials are hardcoded in the application source code. The solution must rotate the credentials automatically every 30 days. What should the Solution Architect recommend?

    AStore credentials in AWS Systems Manager Parameter Store as a SecureString. Use a CloudWatch Event to trigger a Lambda function to rotate the password.
    BStore credentials in AWS Secrets Manager. Configure automatic rotation using the built-in support for Amazon Aurora.
    CEnable IAM Database Authentication for Aurora. Modify the application to use an IAM role attached to the EC2 instance.
    DSave the credentials in an encrypted S3 bucket. Update the application to read the file at startup.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  61. Question 61Design Secure Architectures

    A company wants to authenticate users accessing an internal web application hosted on Amazon EC2 instances behind an Application Load Balancer (ALB). The users are authenticated via a corporate OIDC (OpenID Connect) identity provider. The solution must minimize code changes on the application side. Which strategy should be implemented?

    AConfigure the ALB with an HTTPS listener and an authentication rule to authenticate users using Amazon Cognito user pools. Connect Cognito to the OIDC provider.
    BUse AWS IAM Identity Center (successor to AWS SSO) to handle authentication and pass the JWT token to the backend instances.
    CImplement the OIDC client logic directly on the EC2 instances using the provider's SDK.
    DUse API Gateway in front of the ALB and configure a Lambda Custom Authorizer.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  62. Question 62Design Secure Architectures

    A company wants to identify if any of their EC2 instances are communicating with known malicious IP addresses or are being used for cryptocurrency mining. The solution requires no agents to be installed and must provide findings centrally. Which service should be enabled?

    AAmazon Inspector
    BAmazon GuardDuty
    CAWS Shield Advanced
    DAWS Macie

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  63. Question 63Design High-Performing Architectures

    A research lab runs a tightly coupled High Performance Computing (HPC) workload on EC2 instances. The application relies on very low network latency and high internal bandwidth between nodes for MPI (Message Passing Interface) communication. Which network configuration is required?

    ALaunch instances in a Cluster Placement Group and use an Elastic Fabric Adapter (EFA).
    BLaunch instances in a Spread Placement Group and use an Elastic Network Adapter (ENA).
    CLaunch instances in a Partition Placement Group in a single Availability Zone.
    DUse a Transit Gateway to interconnect the instances with high bandwidth.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  64. Question 64Design High-Performing Architectures

    An application runs on an EC2 instance and requires a storage volume that supports 20,000 IOPS and substantial throughput for a high-performance database. The database administrator wants to be able to adjust the IOPS independently of the volume size to save costs on storage capacity. Which EBS volume type should be selected?

    AGeneral Purpose SSD (gp3)
    BGeneral Purpose SSD (gp2)
    CProvisioned IOPS SSD (io2)
    DThroughput Optimized HDD (st1)

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  65. Question 65Design High-Performing Architectures

    A video processing application runs in an Auto Scaling Group (ASG) of EC2 instances. The workload involves processing messages from an SQS queue. The processing time per video varies significantly (from 1 minute to 1 hour). The current "Target Tracking" policy based on CPU utilization is causing the ASG to scale in prematurely, terminating instances that are still processing long videos. How should the architecture be improved?

    AUse a Step Scaling policy based on the SQS `ApproximateNumberOfMessagesVisible` metric.
    BEnable "Scale-In Protection" on instances that are actively processing a job.
    CIncrease the Connection Draining timeout on the Load Balancer.
    DUse a Simple Scaling policy with a longer cooldown period.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  66. Question 66Design High-Performing Architectures

    A machine learning team needs a shared file system to access training datasets concurrently from multiple EC2 instances. The dataset is currently stored in an S3 bucket. The file system must provide sub-millisecond latencies and high throughput for the training phase, and changes should be written back to S3. Which service is best suited?

    AAmazon EFS (Elastic File System)
    BAmazon FSx for Windows File Server
    CAmazon FSx for Lustre
    DAmazon EBS Multi-Attach volumes

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  67. Question 67Design High-Performing Architectures

    A big data application using Apache Cassandra runs on 30 EC2 instances. The architecture requires that hardware failure of a single rack should not impact the availability of the application. Which placement strategy should be used?

    ASpread Placement Group
    BPartition Placement Group
    CCluster Placement Group
    DAuto Scaling Group spanning multiple Regions

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  68. Question 68Design High-Performing Architectures

    A media processing application uses up to 2,000 EC2 instances in parallel to process video files stored on Amazon EFS. The application is hitting the throughput limit of the file system, causing delays. What configuration change can alleviate this?

    AChange the EFS Performance Mode to "Max I/O".
    BChange the EFS Throughput Mode to "Provisioned".
    CImplement EFS Lifecycle Management to move files to Infrequent Access.
    DUse EBS Provisioned IOPS volumes instead.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  69. Question 69Design High-Performing Architectures

    A security engineer wants to prevent traffic from the suspicious IP address 203.0.113.5 from reaching an EC2 instance. They review the inbound rules of the instance’s Security Group and confirm that no rule explicitly allows traffic from this IP. However, application logs still show incoming traffic from 203.0.113.5. What is the most likely explanation?

    ASecurity Groups are stateful; if a connection was already established, it is tracked and allowed.
    BSecurity Groups cannot block traffic—they only permit it—so a broad allow rule (e.g., 0.0.0.0/0) is permitting the traffic.
    CThe Network ACL has an explicit allow rule that overrides the Security Group.
    DThe instance’s public IP bypasses Security Group rules.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  70. Question 70Design Cost-Optimized Architectures

    A three-tier application has a Web Tier, App Tier, and DB Tier. The App Tier instances scale automatically. The DB Tier (on EC2) should only accept traffic from the App Tier instances. How should the Database Security Group be configured?

    AAllow inbound on port 3306 from the CIDR block of the App Tier subnet.
    BAllow inbound on port 3306 from the Security Group ID of the App Tier.
    CAllow inbound on port 3306 from the specific IP addresses of the App instances.
    DAllow inbound on port 3306 from 0.0.0.0/0 but use NACLs to restrict subnets.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  71. Question 71Design Secure Architectures

    An application running on EC2 instances in a private subnet needs to access and download objects from an S3 bucket. For security reasons, the data transfer must not traverse the public internet. Which solution provides the required private connectivity?

    AConfigure a NAT Gateway in a public subnet and route traffic from the private subnet to it.
    BCreate a VPC Gateway Endpoint for S3 and associate it with the route table of the private subnet.
    CInstall a proxy server on an EC2 instance in a public subnet to forward requests to S3.
    DUse AWS Direct Connect to establish a private connection from the VPC to S3.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  72. Question 72Design Secure Architectures

    A company has a data processing application running on EC2 instances within a VPC. The application needs to access a specific S3 bucket. The security team has mandated that the S3 bucket must only be accessible from within that VPC. How can this be enforced?

    AUse an S3 bucket policy with a condition that checks for the `aws:SourceVpc`.
    BConfigure the VPC's Network ACL to only allow traffic to the S3 bucket's IP range.
    CCreate an IAM role with S3 access and assign it to all users in the company.
    DUse an S3 Access Control List (ACL) to grant read/write permissions to the VPC's CIDR range.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  73. Question 73Design Secure Architectures

    An application running on EC2 instances retrieves database credentials from AWS Secrets Manager. A new security mandate requires that these credentials be rotated every 30 days automatically, without any manual intervention or application downtime. How can this be achieved?

    AWrite a custom script that runs on a cron schedule on an EC2 instance to change the password in the database and update the secret in Secrets Manager.
    BManually update the password in the database and in Secrets Manager every 30 days.
    CConfigure a rotation schedule directly within AWS Secrets Manager using a Lambda function template provided by AWS.
    DStore the credentials in the application's source code and redeploy the application every 30 days with a new password.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  74. Question 74Design Secure Architectures

    Your organization wants to limit privilege escalation risk from within EC2 instances. You must prevent users from retrieving instance profile credentials via IMDS unless the instance has a specific tag set by automation. Which approach accomplishes this?

    AEnforce IMDSv2 and use an instance metadata service hop limit of 1; use an IAM permission boundary on instance roles that denies `sts:AssumeRole`.
    BUse EC2 instance profile policies to deny `iam:PassRole` and require a condition that checks `ec2:ResourceTag/ManagedBy` equals `Automation` before granting access to certain actions; enforce IMDSv2.
    CDisable IMDS entirely and place all credentials in user data.
    DUse local files on the instance to store credentials.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  75. Question 75Design Secure Architectures

    An attacker obtained temporary credentials that allowed `DescribeInstances` and `DescribeVolumes` but should not be able to copy EBS snapshots. Which control prevents snapshot copying even if the IAM role has `ec2:CreateSnapshot`?

    AUse a KMS key with a key policy that requires creation requests to include the principal in a key policy whitelist; only allow `kms:CreateGrant` for approved roles and restrict `ec2:CopySnapshot` via condition that checks `kms:ViaService`.
    BRemove EBS permissions from the role.
    CDisable EBS entirely in the account.
    DRely on CloudTrail to detect misuse after it happens.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  76. Question 76Design Secure Architectures

    A site uses ALB with multiple EC2 instance types. Sessions must remain sticky for certain user workflows and latency must remain under 150 ms. Which ALB configuration best meets goals while maintaining resilience?

    AEnable ALB sticky sessions (target group stickiness) with a reasonable duration and ensure health checks and autoscaling policies keep instance capacity to meet latency targets; avoid sticky session dependence for write operations by storing session state in ElastiCache or DynamoDB for failover.
    BUse NLB for stickiness and use local session files on instance disks.
    CTurn off health checks to keep instances registered.
    DHardcode user-to-instance routing in DNS.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  77. Question 77Design Secure Architectures

    An application runs on an Auto Scaling group of EC2 instances in a single region. The application maintains session state on the local disk of each instance. You need to design a solution that can automatically fail over to another region with minimal data loss. What is the most resilient architecture?

    AUse an Application Load Balancer with sticky sessions enabled.
    BRe-architect the application to store session state in a replicated, external data store like Amazon ElastiCache for Redis or Amazon DynamoDB. Use Cross-Region Replication for the data store.
    CTake nightly EBS snapshots and copy them to the secondary region.
    DIncrease the size of the EC2 instances to reduce the chance of failure.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  78. Question 78Design Secure Architectures

    A company needs secure shell access to EC2 instances in private subnets. Security policies prohibit SSH key management and inbound internet connectivity. Which access method meets these requirements?

    ADeploy a bastion host in a public subnet with strict security groups.
    BUse AWS Systems Manager Session Manager with no inbound ports or SSH keys required.
    CConfigure AWS Client VPN for secure remote access.
    DUse EC2 Instance Connect with temporary SSH keys via the console.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  79. Question 79Design High-Performing Architectures

    A batch processing application runs on EC2 instances that process jobs for 2-6 hours each. The Auto Scaling Group should not terminate instances currently processing jobs during scale-in events. How should the application prevent premature termination?

    AIncrease the Auto Scaling termination grace period to 6 hours.
    BEnable scale-in protection programmatically when instances start processing jobs.
    CUse Spot instances with interruption handling for cost optimization.
    DConfigure CloudWatch custom metrics to prevent scaling during processing.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz
  80. Question 80Design High-Performing Architectures

    A machine learning workload requires a high-performance shared file system with sub-millisecond latencies for training data access across multiple EC2 instances. Which file system service provides optimal performance?

    AAmazon EFS with General Purpose performance mode.
    BAmazon EFS with Max I/O performance mode.
    CAmazon FSx for Lustre with persistent storage.
    DAmazon FSx for Windows File Server.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SAA-C03 Quiz

Key EC2 Concepts for SAA-C03

ec2instanceamilaunch templateplacement groupspotreservedon-demanddedicated host

SAA-C03 EC2 Exam Tips

Amazon Elastic Compute Cloud (EC2) questions in SAA-C03 are typically scenario-based. Focus on architecture trade-offs, resilience, and secure-by-default design choices. Priority concepts: ec2, instance, ami, launch template, placement group, spot.

What SAA-C03 Expects

  • Anchor your answer in choose the most reliable and cost-aware architecture pattern, not just a feature match.
  • EC2 scenarios for SAA-C03 are frequently mapped to Domain 1 (30%), Domain 2 (26%), Domain 3 (24%), Domain 4 (20%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where EC2 interacts with IAM, networking, storage, or observability patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value EC2 Concepts

  • Know the core EC2 building blocks cold: ec2, instance, ami, launch template.
  • Review the edge-case features and limits for placement group, spot; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how EC2 pairs with Auto Scaling, EBS, ELB, VPC in real deployment patterns.
  • For SAA-C03, explain why the chosen EC2 design meets reliability, security, and cost expectations better than the alternatives.

Common SAA-C03 Traps

  • Watch for answers that solve today's issue but do not scale across multiple AZs.
  • Questions in Design Secure Architectures often include distractors that look correct for EC2 but violate least-privilege, durability, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two EC2 implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Design Secure Architectures (30%) outcomes for SAA-C03?
  • Can you explain security and access boundaries for EC2 without relying on default-open assumptions?
  • Can you describe how EC2 integrates with Auto Scaling and EBS during failure, scaling, and monitoring events?

Exam Domains Covering EC2

Domain 1Design Secure Architectures30%Domain 2Design Resilient Architectures26%Domain 3Design High-Performing Architectures24%Domain 4Design Cost-Optimized Architectures20%

Related Resources

🎯 Free SAA-C03 Mock Exam Auto Scaling Questions EBS Questions ELB Questions VPC Questions

More SAA-C03 Study Resources

← SAA-C03 Study Hub30-Day Study PlanFull Practice Exam