Courseiva
SAA-C03
Full test
mediummultiple choiceObjective-mapped

A stateless web API runs on EC2 instances behind an Application Load Balancer (ALB). The Auto Scaling group (ASG) currently uses subnets from only one Availability Zone, even though the ALB spans two Availability Zones. During maintenance of that single AZ, the ALB remains up but clients see timeouts because there are no healthy targets. Which change most directly improves resilience against an AZ failure?

Question 1mediummultiple choice
Full question →

A stateless web API runs on EC2 instances behind an Application Load Balancer (ALB). The Auto Scaling group (ASG) currently uses subnets from only one Availability Zone, even though the ALB spans two Availability Zones. During maintenance of that single AZ, the ALB remains up but clients see timeouts because there are no healthy targets. Which change most directly improves resilience against an AZ failure?

Full question →

Answer choices

Why each option matters

Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.

A

Distractor review

Keep the ASG in one subnet/AZ, but enable ALB stickiness to reduce session interruption.

Stickiness affects session routing but does not create targets in a second AZ during an AZ outage.

B

Best answer

Update the ASG to launch instances across subnets in at least two Availability Zones and ensure ALB health checks target an application-ready path.

Spreading instances across multiple AZs ensures the ALB can route to healthy targets even when one AZ fails.

C

Distractor review

Add a NAT gateway in the public subnets so instances can reach the internet during maintenance events.

NAT affects outbound connectivity, not target placement or health during an AZ outage.

D

Distractor review

Create a second ALB in the same Availability Zone and route traffic using DNS failover.

DNS failover adds complexity and still depends on healthy targets; without multi-AZ instances, failover won’t help much.

Common exam trap

Common exam trap: usable hosts are not the same as total addresses

Subnetting questions often tempt you into counting all addresses. In normal IPv4 subnets, the network and broadcast addresses are not usable host addresses.

Technical deep dive

How to think about this question

Subnetting questions test whether you can identify the network, broadcast address, usable range, mask and correct subnet. Slow down enough to calculate the block size correctly.

KKey Concepts to Remember

  • CIDR notation defines the prefix length.
  • Block size helps identify subnet boundaries.
  • Network and broadcast addresses are not usable hosts in normal IPv4 subnets.
  • The required host count determines the smallest suitable subnet.

TExam Day Tips

  • Write the block size before choosing the subnet.
  • Check whether the question asks for hosts, subnets or a specific address range.
  • Do not confuse /24, /25, /26 and /27 host counts.

Related practice questions

Related SAA-C03 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

SAA-C03 VPC practice questions

Practise SAA-C03 questions linked to SAA-C03 VPC.

SAA-C03 S3 lifecycle policy questions

Practise SAA-C03 questions linked to SAA-C03 S3 lifecycle policy questions.

SAA-C03 RDS Multi-AZ questions

Practise SAA-C03 questions linked to SAA-C03 RDS Multi-AZ questions.

SAA-C03 IAM policy practice questions

Practise SAA-C03 questions linked to SAA-C03 IAM policy.

SAA-C03 Route 53 failover questions

Practise SAA-C03 questions linked to SAA-C03 Route 53 failover questions.

SAA-C03 CloudFront practice questions

Practise SAA-C03 questions linked to SAA-C03 CloudFront.

SAA-C03 NAT gateway questions

Practise SAA-C03 questions linked to SAA-C03 NAT gateway questions.

SAA-C03 VPC endpoint questions

Practise SAA-C03 questions linked to SAA-C03 VPC endpoint questions.

SAA-C03 Auto Scaling practice questions

Practise SAA-C03 questions linked to SAA-C03 Auto Scaling.

SAA-C03 disaster recovery questions

Practise SAA-C03 questions linked to SAA-C03 disaster recovery questions.

SAA-C03 high availability questions

Practise SAA-C03 questions linked to SAA-C03 high availability questions.

SAA-C03 cost optimization questions

Practise SAA-C03 questions linked to SAA-C03 cost optimization questions.

More questions from this exam

Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.

Question 1

A team needs to distribute TCP traffic (not HTTP) across multiple services. The services must see the original client source IP for auditing. Which AWS load balancer is the best fit?

Question 2

A team wants to run containerized services with AWS-managed orchestration and autoscaling. They do NOT require Kubernetes compatibility. Which AWS service choice is most appropriate to meet these goals?

Question 3

A solutions architect is designing an S3 bucket for a IoT ingestion API. The objects must never be publicly accessible, even if a developer later adds an overly broad bucket policy. What should the architect configure? The design must avoid adding custom operational scripts.

Question 4

A solutions architect is designing an S3 bucket for a claims portal. The objects must never be publicly accessible, even if a developer later adds an overly broad bucket policy. What should the architect configure?

Question 5

A team wants to delegate IAM management to developers, but must ensure developers can never grant themselves permissions beyond a specific limit. Which AWS mechanism best matches this requirement?

Question 6

A solutions architect is designing an S3 bucket for a healthcare document service. The objects must never be publicly accessible, even if a developer later adds an overly broad bucket policy. What should the architect configure?

FAQ

Questions learners often ask

What does this SAA-C03 question test?

CIDR notation defines the prefix length.

What is the correct answer to this question?

The correct answer is: Update the ASG to launch instances across subnets in at least two Availability Zones and ensure ALB health checks target an application-ready path. — To survive an Availability Zone failure, the stateless compute tier must exist in more than one AZ. An ALB spanning two AZs only improves availability if it has healthy targets in those AZs. By configuring the ASG with subnets in at least two Availability Zones and aligning ALB health checks with an application readiness endpoint, the system can keep serving requests when one AZ becomes unavailable. Why others are wrong: Option A focuses on session behavior rather than infrastructure placement; stickiness cannot restore missing targets in the failed AZ. Option C addresses outbound internet access, but the observed issue is lack of healthy targets caused by single-AZ placement. Option D may provide another load balancer, but without compute redundancy in multiple AZs, there’s still nothing healthy to serve, so timeouts persist.

What should I do if I get this SAA-C03 question wrong?

Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.

Discussion

Loading comments…

Sign in to join the discussion.