Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 161–170 of 485

Q161

A company needs to store frequently accessed data with low latency. Which storage option should they choose?

  • A Amazon S3
  • B Amazon EBS
  • C Amazon Glacier
  • D Amazon RDS
Explanation Amazon EBS is optimized for low-latency access, unlike S3 or Glacier which are intended for other use cases.
Q162

You are configuring Security Groups for your EC2 instances. What happens when you add a new inbound rule?

  • A Current rules are deleted
  • B Only the new rule applies
  • C New rule is appended to existing rules
  • D All rules are disabled
Explanation Adding a rule appends it without affecting existing rules; the others incorrectly suggest rules are overridden or disabled.
Q163

Which AWS service allows you to deploy Docker containers?

  • A Amazon ECS
  • B Amazon S3
  • C AWS RDS
  • D AWS Lambda
Explanation Amazon ECS is specifically designed for container orchestration, while others serve different purposes.
Q164

A company needs to securely connect its on-premises network to AWS. What AWS service should they use?

  • A VPN Gateway
  • B AWS Direct Connect
  • C AWS Transit Gateway
  • D Amazon CloudFront
Explanation AWS Direct Connect provides a dedicated connection, unlike the other options which don't guarantee private connections.
Q165

What happens when an IAM policy allows a user to perform 's3:*' actions on a bucket but denies 's3:DeleteObject'?

  • A User can delete objects.
  • B User can read but not delete.
  • C User can only list objects.
  • D User cannot access the bucket.
Explanation In IAM policies, explicit deny takes precedence over allow, so the user can perform all actions except delete.
Q166

Which service provides managed Kubernetes on AWS?

  • A Amazon EKS
  • B Amazon ECS
  • C AWS Fargate
  • D Amazon Lambda
Explanation Amazon EKS is designed specifically for Kubernetes management, while others are not.
Q167

A company needs to analyze data stored in multiple AWS services. What should they use?

  • A AWS CloudFormation
  • B AWS Glue
  • C AWS CodePipeline
  • D Amazon CloudWatch
Explanation AWS Glue specializes in ETL processes for data from various sources, whereas others focus on different functionalities.
Q168

You are configuring VPC peering between two VPCs. What should you ensure?

  • A Both VPCs are in same region
  • B Both VPCs have same CIDR
  • C VPCs need to belong to same account
  • D There are no overlapping CIDR blocks
Explanation Non-overlapping CIDR blocks are required for successful peering, unlike other options.
Q169

Which service is used for managed Kubernetes?

  • A EKS
  • B EC2
  • C RDS
  • D Lambda
Explanation EKS is specifically designed for Kubernetes; EC2, RDS, and Lambda serve different purposes.
Q170

A company needs to provide secure access to S3 buckets. Which should they use?

  • A IAM Policies
  • B CloudTrail
  • C EC2 Key Pairs
  • D S3 Transfer Acceleration
Explanation IAM Policies control access to S3; the others do not provide direct access control.