Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 11–20 of 486

Q11

You are configuring a CloudFormation stack to deploy a VPC. What happens if you change the VPC's CIDR block after the initial creation?

  • A The stack updates automatically.
  • B You need to delete and recreate.
  • C The change triggers a rollback.
  • D All resources are preserved.
Explanation Changing a VPC's CIDR requires recreating it; stacks don’t automatically update on changes that conflict with existing resources.
Q12

A company needs to monitor AWS resources and track changes. Which AWS service should they use?

  • A AWS CloudTrail
  • B Amazon S3
  • C AWS Lambda
  • D Amazon Redshift
Explanation AWS CloudTrail tracks API calls and changes; S3 is for storage, Lambda for compute, and Redshift for data warehousing.
Q13

A company needs to ensure that data is automatically replicated to multiple AWS regions for disaster recovery. Which AWS service should they use?

  • A AWS Global Accelerator
  • B Amazon S3 Cross-Region Replication
  • C Amazon EC2 Auto Scaling
  • D AWS Lambda
Explanation Amazon S3 Cross-Region Replication automatically replicates data to multiple regions; the other options are unrelated to data replication.
Q14

What happens when an EC2 instance's security group rules are modified?

  • A Changes apply immediately
  • B Instance needs to be restarted
  • C Traffic is logged only
  • D No changes are ever permanent
Explanation Changes to security group rules apply immediately; instances do not need to restart, and traffic logging isn't an effect of the change.
Q15

You are configuring an AWS CloudFormation stack and want to ensure that resources are only created if all previous resources are created successfully. Which attribute should you use?

  • A DependsOn
  • B Resources
  • C Outputs
  • D Mappings
Explanation The DependsOn attribute ensures resources are created only after specified resources; others do not control creation order.
Q16

Which service automatically provisions infrastructure for applications?

  • A AWS Elastic Beanstalk
  • B Amazon S3
  • C AWS CloudTrail
  • D Amazon CloudWatch
Explanation Elastic Beanstalk handles automatic provisioning, while S3 is for storage, CloudTrail logs actions, and CloudWatch monitors services.
Q17

A company needs to deploy a multi-region application that is resilient to failure. What should they primarily utilize?

  • A Multi-Availability Zone deployments
  • B CloudFormation templates
  • C S3 Cross-Region Replication
  • D Route 53 Health Checks
Explanation Multi-Availability Zone deployments provide failover support; the others offer limited or unrelated resilience features.
Q18

You are configuring an IAM policy to allow access to S3 but it denies access to certain users. What is a potential reason for this?

  • A Explicit deny takes priority
  • B S3 bucket is private
  • C User session is expired
  • D S3 policy is misconfigured
Explanation In IAM policies, an explicit deny always takes precedence over allows; the other options do not directly cause policy denial.
Q19

Which service can automatically scale your applications based on demand?

  • A AWS Elastic Load Balancing
  • B AWS Auto Scaling
  • C AWS CloudFormation
  • D AWS Direct Connect
Explanation AWS Auto Scaling adjusts resources based on demand, while the other services serve different purposes.
Q20

A company needs to provide temporary permissions to an application running on Amazon EC2. Which feature should they use?

  • A IAM User Policies
  • B IAM Roles
  • C Security Groups
  • D VPC Endpoints
Explanation IAM Roles grant temporary permissions to AWS resources, unlike IAM User Policies which are static.