Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 211–220 of 486

Q211

Which AWS service provides a managed Kubernetes environment?

  • A Amazon EKS
  • B AWS Lambda
  • C Amazon ECS
  • D AWS Fargate
Explanation Amazon EKS is specifically designed for Kubernetes management, while others serve different container orchestration needs.
Q212

A company needs to distribute static content globally with low latency. Which service should they use?

  • A Amazon S3
  • B Amazon CloudFront
  • C AWS Global Accelerator
  • D Amazon Route 53
Explanation Amazon CloudFront is a content delivery network designed to reduce latency, while the others have different core functions.
Q213

What happens when you exceed your EC2 instance limits in AWS?

  • A Instances stop automatically
  • B Select instance types become unavailable
  • C You encounter an error on launch
  • D Billing rate increases dramatically
Explanation Exceeding EC2 instance limits results in an error preventing new instances from being launched, while others are misleading.
Q214

You are configuring a VPC with public and private subnets. Which AWS service allows you to control access to the VPC?

  • A AWS Security Token Service
  • B AWS Network ACLs
  • C AWS IAM Roles
  • D AWS Route 53
Explanation Network ACLs control inbound and outbound traffic in a VPC, while the others do not directly manage VPC access.
Q215

A company needs to securely transfer files between their on-premise data center and AWS. Which service should they use?

  • A AWS Direct Connect
  • B AWS Snowball
  • C AWS DataSync
  • D AWS Transfer Family
Explanation AWS DataSync facilitates secure and automated data transfer, whereas others are either for physical transport or not designed for continuous transfer.
Q216

What happens when an IAM policy grants insufficient permission to access a resource but is attached to a user?

  • A The resource is accessible
  • B The user is denied access
  • C The user is granted full access
  • D The policy overrides default permissions
Explanation Insufficient permissions result in denial of access as IAM policies operate on an explicit deny basis.
Q217

Which service allows you to automate infrastructure provisioning?

  • A AWS CloudFormation
  • B AWS CodeDeploy
  • C AWS OpsWorks
  • D AWS Elastic Beanstalk
Explanation AWS CloudFormation allows automation of infrastructure provisioning, while others focus on deployment or application management.
Q218

A company needs to analyze real-time streaming data. Which AWS service should they use?

  • A Amazon RDS
  • B Amazon S3
  • C Amazon Kinesis
  • D AWS Glue
Explanation Amazon Kinesis is designed for real-time streaming data analysis, unlike the other options which focus on storage or batch processing.
Q219

You are configuring an IAM policy. What will happen if you deny access and allow access in the same policy?

  • A Access granted based on allow
  • B Access denied based on deny
  • C Access is always granted
  • D Policy has no effect
Explanation In IAM, explicit deny always overrides allow, making option B correct and others incorrect as they misrepresent policy evaluation.
Q220

Which AWS service allows you to automate the deployment and management of applications?

  • A AWS CloudFormation
  • B AWS CodeBuild
  • C AWS EC2
  • D AWS Lambda
Explanation AWS CloudFormation automates application deployment, unlike the others.