Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 41–50 of 486

Q41

A company needs to reduce AWS costs for infrequently accessed data. What should be implemented?

  • A S3 Standard Storage
  • B S3 Glacier
  • C EBS Provisioned IOPS
  • D S3 Intelligent-Tiering
Explanation S3 Glacier is designed specifically for infrequent access with lower costs, while the others do not meet this requirement effectively.
Q42

What happens when you change the security group of an EC2 instance?

  • A Current connections are dropped
  • B All inbound access is blocked
  • C Traffic is immediately affected
  • D Instance is restarted for updates
Explanation Traffic is immediately affected by security group changes without requiring a restart, while others imply a disruption that doesn't occur.
Q43

Which service provides automated scaling for EC2 instances?

  • A AWS Auto Scaling
  • B Amazon S3
  • C AWS Lambda
  • D AWS CloudFormation
Explanation AWS Auto Scaling automatically manages EC2 instance scaling, while others do not serve this purpose.
Q44

A company needs to restrict IAM user permissions to specific actions on a resource. Which IAM feature should they use?

  • A Policies
  • B Roles
  • C Groups
  • D Tags
Explanation IAM Policies define specific permissions; roles and groups do not control actions directly.
Q45

What happens when you disable CloudTrail on an account?

  • A Logs are permanently deleted
  • B API activity stops recording
  • C Billing continues without impact
  • D Events are replayable later
Explanation Disabling CloudTrail stops logging API activity, while the other options are false regarding logging and billing.
Q46

Which service allows you to automate infrastructure deployments?

  • A AWS CloudFormation
  • B AWS Inspector
  • C AWS Well-Architected Tool
  • D AWS CloudWatch
Explanation AWS CloudFormation automates infrastructure deployment; others are unrelated.
Q47

A company needs to ensure only authorized API access to their Lambda functions. What should they implement?

  • A API Gateway usage plans
  • B IAM roles and policies
  • C VPC security groups
  • D CloudTrail logging
Explanation IAM roles and policies secure access; others do not effectively restrict access.
Q48

What happens when you delete a KMS symmetric key?

  • A All data is unrecoverable
  • B It becomes inactive but recoverable
  • C The key still functions for decryption
  • D Nothing changes, remains available
Explanation Deleting a KMS key unrecoverably deletes the key and its data; others are incorrect as they imply accessibility.
Q49

Which service provides serverless event-driven architecture?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D AWS CodeCommit
Explanation AWS Lambda is designed for serverless execution, while the others require infrastructure management.
Q50

A company needs to automate deployments across multiple AWS regions. Which tool is most appropriate?

  • A AWS CloudFormation
  • B AWS Lambda
  • C Amazon S3
  • D AWS CodeDeploy
Explanation AWS CloudFormation can automate resource management across regions effectively, while the others serve different purposes.