The AWS Certified Solutions Architect – Associate (SAA-C03) exam isn't a vocabulary test — it's scenario reasoning. Below are 10 questions in the exam's style. Try each before opening the answer.
Format reminder: 65 questions, 130 minutes, pass ≈ 720/1000, ~$150. Domains: Secure Architectures (30%), Resilient Architectures (26%), High-Performing Architectures (24%), Cost-Optimized Architectures (20%).
1. A web app must store session state so any instance behind an ALB can serve any user. Lowest-latency managed option?
Answer*ElastiCache for Redis.* DynamoDB works but Redis is the lowest-latency session store; "any instance" rules out local/sticky sessions.
2. You need to give an EC2 app access to S3 without storing credentials. How?
Answer*IAM role attached to the instance (instance profile).* Never embed access keys.
3. Cross-region disaster recovery with RPO of seconds for an RDS database. Best fit?
Answer*Amazon Aurora Global Database* (sub-second cross-region replication). Read replicas have higher lag; snapshots are minutes/hours.
4. A fleet must scale to zero at night and handle spiky daytime traffic with no server management. Compute?
Answer*AWS Lambda* (or Fargate if containers). "Scale to zero, no server management" = serverless.
5. Static site must be globally fast and cheap, served from S3. What in front?
Answer*CloudFront* with an Origin Access Control to a private S3 bucket.
6. Decouple a burst-prone order service from a slower fulfillment service, guaranteeing no message loss.
Answer*Amazon SQS* between them. Buffers bursts; fulfillment polls at its own pace.
7. Block SQL-injection and common web exploits at the edge for an ALB-fronted app.
Answer*AWS WAF* (managed rule groups) on the ALB/CloudFront.
8. Petabyte-scale analytics over data sitting in S3, queried occasionally, no clusters to manage.
Answer*Amazon Athena* (serverless, query-in-place on S3). Redshift = always-on cluster.
9. Private, non-internet connectivity from a VPC to S3 to avoid data-transfer charges and exposure.
Answer*Gateway VPC endpoint for S3* (free; keeps traffic off the public internet).
10. Reduce cost for steady, predictable EC2 baseline running 24/7 for 3 years.
Answer*Compute Savings Plans / Standard Reserved Instances* (up to ~72% off). Spot is for fault-tolerant, interruptible workloads — not steady baseline.
The pattern behind the answers
Almost every SAA-C03 question is really asking one of: managed > self-managed, decouple with a queue, least-privilege IAM roles not keys, the right storage/redundancy tier for the stated RPO/RTO, and cheapest option that still meets the requirement. Once you internalize those, the wording stops tricking you.
Where to drill more
The only way to get fast at these is volume under time pressure. I used a free SAA-C03 question bank to find weak domains, then re-drilled:
- Free AWS SAA-C03 practice test: https://www.examcert.app/exams/aws-saa-c03/free-practice-test/
- Full SAA-C03 exam guide & domains: https://www.examcert.app/exams/aws-saa-c03/
Aim for a steady 85%+ across all four domains before you book. Post your score in the comments.
Top comments (0)