Amazon AWS

AWS Certified CloudOps Engineer – Associate

SOA-C03

The AWS Certified CloudOps Engineer – Associate (SOA-C03) exam tests your skills in operating and managing AWS environments. It is ideal for those looking to enhance their operational expertise on AWS.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 61–70 of 486

Q61

Which AWS service allows you to deploy applications without managing servers?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D Amazon VPC
Explanation AWS Lambda is a serverless compute service, while EC2 requires server management, RDS is for databases, and VPC is for networking.
Q62

A company needs to securely share data with external partners. Which service would allow controlled access to data?

  • A AWS Glue
  • B Amazon S3 Pre-signed URLs
  • C AWS IAM Roles
  • D Amazon DynamoDB
Explanation Amazon S3 Pre-signed URLs allow time-limited access to objects, while Glue is for ETL, IAM roles manage permissions, and DynamoDB is a database service.
Q63

What happens when you enable versioning on an S3 bucket?

  • A S3 creates a replica of each object.
  • B Previous versions are permanently deleted.
  • C All objects become read-only.
  • D All objects keep a history of versions.
Explanation Enabling versioning keeps all versions of an object, while A is incorrect because it doesn't create replicas, B contradicts versioning, and C is not true.
Q64

Which service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C AWS Elastic Beanstalk
  • D Amazon ECS
Explanation AWS Lambda enables event-driven execution without server management, while the others require server provisioning or management.
Q65

A company needs to provide temporary security credentials to its mobile application users. Which service should they implement?

  • A AWS IAM
  • B AWS Cognito
  • C AWS Secrets Manager
  • D Amazon EC2
Explanation AWS Cognito is designed for managing user identities and providing temporary credentials, unlike the other options.
Q66

What happens when an S3 bucket policy allows 's3:PutObject' permission without a 's3:ListBucket' permission?

  • A Users can list objects
  • B Users can upload objects only
  • C Users can delete objects
  • D No permission granted
Explanation Without 's3:ListBucket', users cannot list objects but can upload due to 'PutObject' permission.
Q67

Which service provides a managed distributed database?

  • A Amazon DynamoDB
  • B Amazon RDS
  • C Amazon Aurora
  • D Amazon Redshift
Explanation DynamoDB is fully managed and highly scalable, while others serve different database needs.
Q68

A company needs to securely authenticate API users without storing credentials. What should they use?

  • A AWS VPC Peering
  • B AWS IAM Roles
  • C AWS Cognito
  • D AWS RDS Security Group
Explanation AWS Cognito offers user authentication without credentials storage, unlike IAM Roles, which serve different purposes.
Q69

What happens when you terminate an EC2 instance that has an attached EBS volume?

  • A EBS volume is deleted
  • B EBS volume remains, data intact
  • C EC2 instance checks for data loss
  • D EBS volume automatically backed up
Explanation Terminating an EC2 instance keeps the attached EBS volume unless specified for deletion.
Q70

Which service is used to manage AWS resources programmatically?

  • A AWS SDK
  • B Amazon CloudWatch
  • C AWS CLI
  • D AWS CloudFormation
Explanation AWS CLI allows command-line management of resources; others serve different purposes.