Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 141–150 of 486

Q141

What happens when you detach an EBS volume from an EC2 instance?

  • A Data is permanently deleted
  • B Instance is terminated
  • C Volume remains in 'available' state
  • D Volume is reattached automatically
Explanation The detached volume becomes available for other instances, whereas the other options indicate incorrect effects.
Q142

Which service allows you to create and manage VPC peering connections?

  • A AWS Transit Gateway
  • B Amazon VPC
  • C AWS Direct Connect
  • D Amazon Route 53
Explanation Amazon VPC is specifically designed for VPC management including peering; the other options serve different networking functions.
Q143

A company needs to migrate its on-premises applications to AWS. What is the most suitable service for handling this task?

  • A AWS Lambda
  • B Amazon EC2
  • C AWS WAF
  • D Amazon CloudFront
Explanation Amazon EC2 provides compute resources needed for migrating applications; other options serve different purposes.
Q144

What happens when an IAM user tries to access a resource without necessary permissions?

  • A Access is granted at user’s request
  • B Access is denied by default
  • C Access is granted with a warning
  • D Access is granted temporarily
Explanation Access is denied by default due to the principle of least privilege; the other options violate IAM fundamental security principles.
Q145

Which service allows monitoring and observability of AWS resources?

  • A AWS CloudTrail
  • B Amazon CloudWatch
  • C AWS Config
  • D AWS X-Ray
Explanation Amazon CloudWatch provides monitoring for AWS resources, while the others serve different purposes.
Q146

A company needs to restrict IAM user actions based on resource tags. What is the best approach?

  • A Use SCPs from AWS Organizations
  • B Implement resource-based policies
  • C Attach a custom IAM policy
  • D Enable MFA for all users
Explanation A custom IAM policy can be written to restrict actions based on tags, while the others do not focus on tagging criteria.
Q147

What happens when an AWS Lambda function exceeds the allocated memory?

  • A The function continues to run
  • B It automatically scales up memory
  • C The function will timeout
  • D It throws an OutOfMemory error
Explanation AWS Lambda functions will timeout if they exceed the allocated memory, the other options are inaccurate regarding Lambda behavior.
Q148

Which AWS service simplifies resource management?

  • A AWS CloudFormation
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon EC2
Explanation AWS CloudFormation simplifies resource management through templates. RDS and EC2 manage specific resources, but not in a templated manner. Lambda is for serverless computing.
Q149

A company needs to enforce multi-factor authentication (MFA) for all users. Which service should they implement?

  • A AWS Identity and Access Management
  • B AWS Lambda
  • C Amazon S3
  • D Amazon CloudFront
Explanation AWS Identity and Access Management (IAM) supports MFA enforcement for user accounts. Lambda and CloudFront do not manage user authentication directly. S3 is object storage, not an auth service.
Q150

What happens when an EC2 instance is stopped versus terminated?

  • A Stopped instance data is lost
  • B Terminated instance can be recovered
  • C Stopped instance remains in EBS
  • D Terminated instance still incurs charges
Explanation A stopped instance retains its EBS data for future use. Terminated instances lose data and can't be recovered; they're also no longer charged.