Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 471–480 of 486

Q471

What happens when an AWS IAM user’s access key is deleted?

  • A Access key is recreated automatically
  • B User loses all permissions
  • C User can still use existing sessions
  • D Access key can never be restored
Explanation The user retains permissions during active sessions; the key is just disabled.
Q472

Which service allows you to run managed Kubernetes clusters?

  • A Amazon EKS
  • B Amazon S3
  • C AWS Batch
  • D Amazon RDS
Explanation Amazon EKS is specifically designed for Kubernetes management, while the other options serve different purposes.
Q473

A company needs to implement encryption in transit for their data. Which AWS service offers SSL/TLS capabilities directly?

  • A AWS Certificate Manager
  • B Amazon S3
  • C AWS IAM
  • D Amazon EC2
Explanation AWS Certificate Manager provisions and manages SSL/TLS certificates, while the others offer different functions.
Q474

What happens when you create an Auto Scaling group without defining a launch configuration?

  • A Error due to missing settings
  • B Defaults to t2.micro instance
  • C Uses last created configuration
  • D No instances will launch
Explanation An Auto Scaling group requires a launch configuration, so it will throw an error; others imply incorrect assumptions about default behavior.
Q475

Which AWS service can automatically distribute incoming application traffic?

  • A Elastic Load Balancing
  • B Amazon EC2
  • C AWS Lambda
  • D Amazon RDS
Explanation Elastic Load Balancing distributes incoming traffic; other options do not provide load distribution.
Q476

A company needs to ensure high availability for their database. What should they implement?

  • A Multi-AZ deployment
  • B Single-AZ deployment
  • C Read replicas only
  • D Manual snapshots
Explanation Multi-AZ deployments provide high availability; other options do not ensure failover capability.
Q477

What happens when you attach an IAM policy with full access to a user and a more restrictive policy is attached to a group they are in?

  • A The user has full access
  • B The more restrictive policy applies
  • C Access permissions conflict
  • D Only group permissions are effective
Explanation IAM operates under the principle that explicit allow overrides any deny, so full access applies.
Q478

Which service allows you to run code without managing servers?

  • A AWS Lambda
  • B Amazon EC2
  • C AWS RDS
  • D Amazon S3
Explanation AWS Lambda executes code without server management; others require infrastructure management.
Q479

A company needs to analyze streaming logs in real-time. Which AWS service should they use?

  • A Amazon Kinesis
  • B AWS Batch
  • C AWS Glue
  • D AWS Snowball
Explanation Amazon Kinesis is designed for real-time data streaming; others are not suited for streaming analysis.
Q480

You are configuring an IAM policy for a user. Which policy element allows specifying conditions for access?

  • A Version
  • B Action
  • C Resource
  • D Condition
Explanation The Condition element specifies conditions for allowing or denying access; the others define different aspects of the policy.