Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 251–260 of 486

Q251

A company needs to ensure scalability and availability for its application running on EC2. Which service should it implement?

  • A Elastic Load Balancing
  • B Amazon S3
  • C CloudTrail
  • D CloudFormation
Explanation Elastic Load Balancing distributes traffic across multiple EC2 instances to ensure high availability; S3 is for storage, CloudTrail is for logging, and CloudFormation is for infrastructure as code.
Q252

You are configuring an S3 bucket to allow public access to certain files. What happens when you enable Block Public Access on this bucket?

  • A Public access settings are overridden.
  • B Public access is denied for all.
  • C Files can still be shared publicly.
  • D Access depends on IAM policies.
Explanation Enabling Block Public Access on an S3 bucket denies all public access regardless of object-level permissions; public access settings can only override without this block.
Q253

Which service provides a hybrid cloud storage solution?

  • A AWS Storage Gateway
  • B Amazon S3
  • C Amazon EBS
  • D AWS Snowball
Explanation AWS Storage Gateway connects on-premises applications to cloud storage, unlike others.
Q254

A company needs to automate its CI/CD pipeline for AWS Lambda deployments. Which service should they use?

  • A AWS CodeBuild
  • B AWS CloudFormation
  • C AWS CodePipeline
  • D AWS CodeDeploy
Explanation AWS CodePipeline orchestrates CI/CD pipelines for Lambda.
Q255

You are configuring an EC2 instance with security groups. What happens when a security group is associated with an instance?

  • A Outbound rules allow all traffic
  • B Inbound rules restrict all traffic
  • C Security group changes are instant
  • D You can bypass security rules
Explanation Changes to security group rules take effect immediately.
Q256

Which AWS service provides event-driven computing?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon S3
  • D AWS CloudFormation
Explanation AWS Lambda enables automatic running of code in response to events, whereas the others serve different purposes like computing or storage.
Q257

A company needs to enforce strict permissions at the API level. Which AWS service should they use?

  • A AWS IAM
  • B AWS WAF
  • C Amazon CloudFront
  • D AWS CloudTrail
Explanation AWS IAM manages user permissions; others do not focus solely on API permissions.
Q258

What happens when you set an S3 bucket policy to 'deny' access to all principals?

  • A Access is completely blocked.
  • B Public access remains unaffected.
  • C Only specific users can access.
  • D Resources inside can still be accessed.
Explanation Denying access in a bucket policy overrides any other permissions set, blocking access entirely.
Q259

Which service should you use to monitor AWS application health?

  • A CloudWatch
  • B AWS X-Ray
  • C AWS Config
  • D AWS CloudTrail
Explanation CloudWatch is specifically designed for monitoring application health, while the others serve different purposes related to tracing and compliance.
Q260

A company needs to securely share data between two AWS accounts. Which service should they use?

  • A AWS Direct Connect
  • B S3 Bucket Policies
  • C VPC Peering
  • D IAM Roles
Explanation S3 Bucket Policies allow secure data sharing between accounts, whereas IAM Roles and VPC Peering have different focus areas.