Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 486

Q51

What happens when a subnet is set to "Auto-assign Public IP"?

  • A Instances get public IPs automatically.
  • B No instances will receive public IPs.
  • C VPC becomes publicly accessible.
  • D Only NAT instances can assign IPs.
Explanation Setting "Auto-assign Public IP" allows instances to receive public IPs; the other statements misinterpret how public accessibility works.
Q52

Which service allows for container orchestration in AWS?

  • A Amazon ECS
  • B AWS Fargate
  • C AWS Lambda
  • D Amazon Lightsail
Explanation Amazon ECS is specifically designed for container orchestration, while others serve different purposes.
Q53

A company needs to ensure high availability of their web application. What should be configured?

  • A Multi-AZ deployments
  • B Auto Scaling Groups
  • C Elastic Load Balancer
  • D VPC Peering
Explanation An Elastic Load Balancer distributes traffic for high availability, whereas others support but do not ensure availability alone.
Q54

You are configuring AWS IAM policies. What happens when two conflicting policies are applied to a user?

  • A All actions are denied
  • B All actions are allowed
  • C Deny takes precedence
  • D Allow takes precedence
Explanation In IAM policy evaluation, explicit deny always takes precedence over allow, regardless of the source.
Q55

Which AWS service allows you to run containers without managing servers?

  • A AWS Fargate
  • B Amazon EC2
  • C AWS Lambda
  • D Amazon EKS
Explanation AWS Fargate runs containers without managing servers, while EC2 and EKS require server management, and Lambda is for serverless functions.
Q56

A company needs to store sensitive user data securely in AWS. Which service offers built-in encryption at rest?

  • A Amazon S3
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon DynamoDB
Explanation Amazon RDS provides built-in encryption at rest for databases, while S3 and DynamoDB can also be encrypted, but RDS is specifically aimed at relational databases.
Q57

You are configuring a Route 53 health check. What happens if the endpoint fails two consecutive checks?

  • A Route 53 stops all DNS queries
  • B Route 53 considers endpoint unhealthy
  • C Route 53 increases TTL automatically
  • D Route 53 switches to another region
Explanation Route 53 marks the endpoint unhealthy after two consecutive failed health checks, while the other options are incorrect regarding Route 53 behavior.
Q58

Which service is used for container orchestration in AWS?

  • A Amazon EKS
  • B AWS Lambda
  • C Amazon S3
  • D Amazon RDS
Explanation Amazon EKS is specifically designed for Kubernetes orchestration; other options serve different purposes.
Q59

A company needs to automate EC2 instance management based on CPU usage. Which service should they use?

  • A AWS CloudFormation
  • B Amazon CloudWatch
  • C AWS Auto Scaling
  • D AWS IAM
Explanation AWS Auto Scaling adjusts EC2 instances based on metrics set in CloudWatch; the other options don't handle automated instance management.
Q60

What happens when you delete a version of an object in an S3 bucket with versioning enabled?

  • A Object is permanently deleted
  • B Previous version is restored
  • C Object becomes inaccessible
  • D Latest version remains
Explanation Deleting a versioned object doesn't remove earlier versions; it only adds a delete marker.