Question 1hardmulti select
Full question →hardmulti selectObjective-mapped
A serverless checkout API uses AWS Lambda behind API Gateway. Every weekday at 09:00 UTC, marketing triggers a predictable surge. The first few minutes after each surge show cold-start latency, but traffic volume is forecastable and the business wants stable p95 latency. Which two changes should the team implement? Select two.
Answer choices
Why each option matters
Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.
A
Best answer
Publish a Lambda version and attach provisioned concurrency to an alias that points to that version.
Provisioned concurrency keeps execution environments initialized and ready to serve requests, which is the correct way to reduce cold starts. Using an alias tied to a published version is the standard deployment pattern for managing that setting safely. This directly improves p95 latency during predictable bursts.
B
Best answer
Use Application Auto Scaling scheduled actions to raise provisioned concurrency before 09:00 UTC and lower it afterward.
Because the traffic spike is predictable, scheduled scaling lets the team pre-warm enough Lambda capacity before the busy period begins. Scaling down later avoids paying for unused concurrency for the entire day. This is both performant and cost-aware for a known recurring pattern.
C
Distractor review
Increase the Lambda timeout so the function has more time to initialize during the spike.
A longer timeout does not remove cold starts or pre-initialize execution environments. It only changes how long a function may run before timing out. The user-facing latency issue would remain, so this does not solve the core problem.
D
Distractor review
Double the memory size during the spike without changing the concurrency model.
More memory can improve CPU allocation and sometimes reduce execution duration, but it does not guarantee that the environment is already warm. Without provisioned concurrency, the first requests can still incur cold-start penalties. The scenario specifically calls for stable p95 latency.
E
Distractor review
Move the function into more Availability Zones so the platform can spread cold starts across regions.
Lambda already runs as a managed regional service and does not need the customer to place individual functions across AZs. Spreading across AZs does not eliminate cold starts. The issue is initialization time, not geographic distribution.
Common exam trap
Common exam trap: NAT rules depend on direction and matching traffic
NAT is not only about the public address. The inside/outside interface roles and the ACL or rule that matches traffic are just as important.
Technical deep dive
How to think about this question
NAT questions usually test address translation, overload/PAT behaviour, static mappings and whether the right traffic is being translated. Read the interface direction and address terms carefully.
KKey Concepts to Remember
- Static NAT maps one inside address to one outside address.
- PAT allows many inside hosts to share one public address using ports.
- Inside local and inside global describe the private and translated addresses.
- NAT ACLs identify traffic for translation, not always security filtering.
TExam Day Tips
- Identify inside and outside interfaces first.
- Check whether the scenario needs static NAT, dynamic NAT or PAT.
- Do not confuse NAT matching ACLs with normal packet-filtering intent.
Related practice questions
Related SAA-C03 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
SAA-C03 VPC practice questions
Practise SAA-C03 questions linked to SAA-C03 VPC.
SAA-C03 S3 lifecycle policy questions
Practise SAA-C03 questions linked to SAA-C03 S3 lifecycle policy questions.
SAA-C03 RDS Multi-AZ questions
Practise SAA-C03 questions linked to SAA-C03 RDS Multi-AZ questions.
SAA-C03 IAM policy practice questions
Practise SAA-C03 questions linked to SAA-C03 IAM policy.
SAA-C03 Route 53 failover questions
Practise SAA-C03 questions linked to SAA-C03 Route 53 failover questions.
SAA-C03 CloudFront practice questions
Practise SAA-C03 questions linked to SAA-C03 CloudFront.
SAA-C03 NAT gateway questions
Practise SAA-C03 questions linked to SAA-C03 NAT gateway questions.
SAA-C03 VPC endpoint questions
Practise SAA-C03 questions linked to SAA-C03 VPC endpoint questions.
SAA-C03 Auto Scaling practice questions
Practise SAA-C03 questions linked to SAA-C03 Auto Scaling.
SAA-C03 disaster recovery questions
Practise SAA-C03 questions linked to SAA-C03 disaster recovery questions.
SAA-C03 high availability questions
Practise SAA-C03 questions linked to SAA-C03 high availability questions.
SAA-C03 cost optimization questions
Practise SAA-C03 questions linked to SAA-C03 cost optimization questions.
More questions from this exam
Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.
Question 1
A team needs to distribute TCP traffic (not HTTP) across multiple services. The services must see the original client source IP for auditing. Which AWS load balancer is the best fit?
Question 2
A team wants to run containerized services with AWS-managed orchestration and autoscaling. They do NOT require Kubernetes compatibility. Which AWS service choice is most appropriate to meet these goals?
Question 3
A solutions architect is designing an S3 bucket for a IoT ingestion API. The objects must never be publicly accessible, even if a developer later adds an overly broad bucket policy. What should the architect configure? The design must avoid adding custom operational scripts.
Question 4
A solutions architect is designing an S3 bucket for a claims portal. The objects must never be publicly accessible, even if a developer later adds an overly broad bucket policy. What should the architect configure?
Question 5
A team wants to delegate IAM management to developers, but must ensure developers can never grant themselves permissions beyond a specific limit. Which AWS mechanism best matches this requirement?
Question 6
A solutions architect is designing an S3 bucket for a healthcare document service. The objects must never be publicly accessible, even if a developer later adds an overly broad bucket policy. What should the architect configure?
FAQ
Questions learners often ask
What does this SAA-C03 question test?
Static NAT maps one inside address to one outside address.
What is the correct answer to this question?
The correct answer is: Publish a Lambda version and attach provisioned concurrency to an alias that points to that version. — The correct solution is to use provisioned concurrency and schedule it ahead of the known burst. Provisioned concurrency keeps Lambda environments warm, which removes most cold-start delays, and scheduled scaling ensures enough capacity exists before traffic arrives at 09:00 UTC. This combination matches the predictable workload pattern and gives the team stable latency without keeping excess concurrency running all day. Timeout changes, memory increases, and AZ-related ideas do not remove cold starts. They may affect how long or how fast a function runs once it is executing, but they do not pre-initialize the runtime. The scenario explicitly says the surge is predictable, which makes scheduled provisioned concurrency the right operational fit.
What should I do if I get this SAA-C03 question wrong?
Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.
Discussion
Loading comments…
Sign in to join the discussion.