Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 201–210 of 486

Q201

What happens when you set EC2 instance termination protection to 'enabled'?

  • A Instance can’t be started
  • B Instance can’t be stopped
  • C Instance can’t be terminated
  • D Instance becomes more expensive
Explanation Termination protection prevents accidental deletions, while it does not hinder starting or stopping the instance.
Q202

Which service enables automated server management in AWS?

  • A AWS OpsWorks
  • B Amazon S3
  • C AWS Config
  • D AWS Lambda
Explanation AWS OpsWorks is designed for configuration management, while others serve different purposes like storage, compliance, or compute.
Q203

A company needs a solution to regularly back up its RDS databases. Which service should they use?

  • A AWS Backup
  • B Amazon S3
  • C AWS CloudFormation
  • D Amazon EC2
Explanation AWS Backup is specifically designed for automating backups across services, while others do not provide backup capabilities.
Q204

What happens when you configure an IAM policy with a non-existent resource ARN?

  • A Access is denied
  • B Policy is ignored
  • C Access is granted
  • D Error generated during request
Explanation AWS IAM will deny access when referencing an invalid resource, protecting against unintended access.
Q205

Which service provides monitoring and observability for AWS resources?

  • A Amazon CloudWatch
  • B AWS Inspector
  • C AWS Trusted Advisor
  • D AWS Config
Explanation Amazon CloudWatch monitors resources, while others focus on security or compliance.
Q206

A company needs to secure sensitive data stored in S3. What is the best practice for encrypting this data at rest?

  • A Use SSE-S3 encryption
  • B Rely on bucket policies only
  • C Encrypt data in transit only
  • D Use IAM roles for access management
Explanation SSE-S3 provides server-side encryption; policies alone do not encrypt data.
Q207

You are configuring a Lambda function to run based on events from an S3 bucket. What happens if the function fails to process an event?

  • A Event is deleted instantly
  • B Event is retried based on Lambda settings
  • C The Lambda function auto-scales
  • D No action is taken
Explanation Lambda automatically retries failed events, while the other options are incorrect responses to failures.
Q208

Which service is best for serverless compute?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon Lightsail
  • D Amazon ECS
Explanation AWS Lambda allows you to run code without provisioning servers, unlike the other options, which require server management.
Q209

A company needs to allow its development team access to some AWS resources while restricting access to production resources. How can this be achieved?

  • A Use IAM groups and roles.
  • B Utilize CloudFormation templates.
  • C Create VPC peering connections.
  • D Use AWS Single Sign-On.
Explanation Using IAM groups and roles allows granular access control over specific resources, whereas the other options do not directly address permissions management.
Q210

What happens when you terminate an EC2 instance in a non-persistent storage setting?

  • A Data in instance store is saved.
  • B Data is lost when terminated.
  • C Instance automatically restarts.
  • D Data is replicated to S3.
Explanation In non-persistent (instance store) configurations, data is lost upon termination, whereas other options do not accurately describe EC2 behavior.