AWS Solutions Architect - Associate (SAA-
C03) UPDATED Exam Questions and
CORRECT Answers
What is AWS trusted Advisor? - CORRECT ANSWER - A fully managed best-practice
auditing tool. Looks in five areas. Cost Optimization, Performance, Security, Fault Tolerance,
and service limits. Automate a response. Free. Doesn't fix problem. Use with event bridge.
What is AWS Control Tower? - CORRECT ANSWER - Easy way to set up and govern
an AWS multi-account environment. Automates account creation and security controls via other
AWS services. Extends AWS Organizations to prevent governance drift and leverages different
guardrails. User can provision new AWS account quickly, using central admin established
compliance policies
What is a landing zone? - CORRECT ANSWER - Well-architected, muti-account
environment based on compliance and security best practices.
What are Guardrails? - CORRECT ANSWER - High-Level rules in plain language
providing governance. Preventative and Detective. Preventative is supported in all regions and
leverages service control policies(SCPs), Statuses of enforced or not enables. Detective only
applies to certain regions, leverages AWS Config rules, statuses of clear, in violation, or not
enabled
What is Account Factory? - CORRECT ANSWER - Configurable account template for
standardizing pre-approved configs of new accounts.
What is a CloudFormation StackSet? - CORRECT ANSWER - Automated deployments
of templates deploying repeated resources for governance
What are the shared accounts in reguards to AWS Control Tower? - CORRECT
ANSWER - Three accounts used by control tower created during landing zone creation.
Management account, Archive account, and Audit account
, What is the AWS License manager? - CORRECT ANSWER - AWS service which makes
license management simpler and more efficient with different vendors (Microsoft, Oracle, etc..)
What is AWS Health? - CORRECT ANSWER - Gain visibility of resource performance
and availability. Look out for questions about checking alerts for service health and automating
the reboot of EC2 instances for AWS maintenance. Automate actions based on events using
Amazon EventBridge
What is AWS service Catalog and AWS Proton? - CORRECT ANSWER - A services
which allows organizations to create and manage catalogs of approved IT services. Benefits -
Standardize, self-service, access Control, Versioning. Proton offer IaC provisioning and
deployment of serverless/container architecture
What are the Six Pillars of AWS Well-Architected Framework Review - CORRECT
ANSWER - Operational Excellence
Reliability
Security
Performance Efficiency
Cost Optimization
Sustainability
What is the AWS Well Architected Tool - CORRECT ANSWER - A Tool for measuring
current workload established AWS best practices. Aids in documentation and architecture
decisions
What are special about Service control policies (SCPs)? - CORRECT ANSWER - have
the ultimate say as to whether an API call goes through. They are the only way to restrict what
the root account can do.
What is Storage Gateway and which is best for what situation? - CORRECT ANSWER -
Storage Gateway is Hybrid Storage, built to merge on prem and cloud. File Gateway - NFS or
C03) UPDATED Exam Questions and
CORRECT Answers
What is AWS trusted Advisor? - CORRECT ANSWER - A fully managed best-practice
auditing tool. Looks in five areas. Cost Optimization, Performance, Security, Fault Tolerance,
and service limits. Automate a response. Free. Doesn't fix problem. Use with event bridge.
What is AWS Control Tower? - CORRECT ANSWER - Easy way to set up and govern
an AWS multi-account environment. Automates account creation and security controls via other
AWS services. Extends AWS Organizations to prevent governance drift and leverages different
guardrails. User can provision new AWS account quickly, using central admin established
compliance policies
What is a landing zone? - CORRECT ANSWER - Well-architected, muti-account
environment based on compliance and security best practices.
What are Guardrails? - CORRECT ANSWER - High-Level rules in plain language
providing governance. Preventative and Detective. Preventative is supported in all regions and
leverages service control policies(SCPs), Statuses of enforced or not enables. Detective only
applies to certain regions, leverages AWS Config rules, statuses of clear, in violation, or not
enabled
What is Account Factory? - CORRECT ANSWER - Configurable account template for
standardizing pre-approved configs of new accounts.
What is a CloudFormation StackSet? - CORRECT ANSWER - Automated deployments
of templates deploying repeated resources for governance
What are the shared accounts in reguards to AWS Control Tower? - CORRECT
ANSWER - Three accounts used by control tower created during landing zone creation.
Management account, Archive account, and Audit account
, What is the AWS License manager? - CORRECT ANSWER - AWS service which makes
license management simpler and more efficient with different vendors (Microsoft, Oracle, etc..)
What is AWS Health? - CORRECT ANSWER - Gain visibility of resource performance
and availability. Look out for questions about checking alerts for service health and automating
the reboot of EC2 instances for AWS maintenance. Automate actions based on events using
Amazon EventBridge
What is AWS service Catalog and AWS Proton? - CORRECT ANSWER - A services
which allows organizations to create and manage catalogs of approved IT services. Benefits -
Standardize, self-service, access Control, Versioning. Proton offer IaC provisioning and
deployment of serverless/container architecture
What are the Six Pillars of AWS Well-Architected Framework Review - CORRECT
ANSWER - Operational Excellence
Reliability
Security
Performance Efficiency
Cost Optimization
Sustainability
What is the AWS Well Architected Tool - CORRECT ANSWER - A Tool for measuring
current workload established AWS best practices. Aids in documentation and architecture
decisions
What are special about Service control policies (SCPs)? - CORRECT ANSWER - have
the ultimate say as to whether an API call goes through. They are the only way to restrict what
the root account can do.
What is Storage Gateway and which is best for what situation? - CORRECT ANSWER -
Storage Gateway is Hybrid Storage, built to merge on prem and cloud. File Gateway - NFS or
