Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 91–100 of 485

Q91

Which service automatically scales based on demand?

  • A AWS Elastic Beanstalk
  • B AWS Lambda
  • C Amazon EC2 Auto Scaling
  • D Amazon RDS
Explanation Amazon EC2 Auto Scaling scales instances automatically, while the others either require manual intervention or do not directly handle scaling.
Q92

A company needs to ensure that their application can withstand DDoS attacks. Which AWS service should they implement?

  • A AWS Shield
  • B AWS WAF
  • C Amazon CloudFront
  • D AWS Config
Explanation AWS Shield specifically protects against DDoS attacks, while the other options serve different security purposes.
Q93

You are configuring a DynamoDB table for read-heavy applications. What setting can be adjusted to improve performance?

  • A Increase Auto Scaling limits
  • B Increase Read Capacity Units
  • C Change primary key structure
  • D Add Global Secondary Index
Explanation Increasing Read Capacity Units directly improves read performance, unlike adjusting the key or adding an index which may not solely enhance performance.
Q94

Which service provides temporary AWS credentials to applications running on EC2 instances?

  • A AWS IAM Role
  • B AWS Cognito
  • C AWS Secrets Manager
  • D AWS Systems Manager
Explanation IAM Roles provide temporary credentials; Cognito is for user sign-in, Secrets Manager manages sensitive data, and Systems Manager aids configuration and management.
Q95

A company needs to perform real-time log analysis on AWS. Which service should they use given a requirement for serverless architecture?

  • A Amazon Kinesis
  • B Amazon EC2
  • C AWS Glue
  • D AWS Batch
Explanation Amazon Kinesis allows serverless real-time processing; EC2 is compute-focused, Glue is for orchestrating ETL, and Batch is for job scheduling.
Q96

What happens when an Amazon S3 bucket policy allows public access but IAM policies deny it?

  • A Public access is granted
  • B Access is denied based on IAM
  • C Bucket policy takes precedence
  • D Access is granted only to IAM users
Explanation IAM policies override bucket policies; public access is denied, as IAM policies are more specific for user authentication.
Q97

A company needs to analyze large datasets stored in Amazon S3. Which service should they use to query this data directly?

  • A Amazon Athena
  • B Amazon EMR
  • C Amazon RDS
  • D AWS Glue
Explanation Amazon Athena allows direct querying of data in S3, while EMR and RDS are for processing and relational databases, respectively; AWS Glue is for ETL tasks.
Q98

You are configuring a DynamoDB table with provisioned capacity. What happens if the provisioned throughput is exceeded?

  • A Requests are throttled
  • B Data is deleted
  • C Load balancer fails
  • D DynamoDB scales automatically
Explanation When throughput is exceeded, requests are throttled to prevent overload; data is not deleted, and scaling does not occur automatically.
Q99

Which AWS service can help to identify security threats across your AWS accounts and resources?

  • A AWS Inspector
  • B AWS GuardDuty
  • C AWS CloudTrail
  • D AWS Config
Explanation AWS GuardDuty specifically identifies security threats, whereas Inspector assesses vulnerabilities and CloudTrail logs API calls; Config monitors resource compliance.
Q100

Which service allows you to run containers on AWS?

  • A ECS
  • B CloudFormation
  • C Lambda
  • D S3
Explanation ECS (Elastic Container Service) is specifically designed for container orchestration, while the others serve different purposes.