Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 201–210 of 485

Q201

What happens when you delete a CloudFormation stack that has a 'DeletionPolicy' attribute set to 'Retain'?

  • A All resources are deleted
  • B Resources are retained
  • C Only IAM roles are retained
  • D Stack remains intact with resources
Explanation Resources marked with 'Retain' are not deleted; other options incorrectly assume different behaviors during stack deletion.
Q202

You are setting up a VPC peering connection between two VPCs. Which of the following must be true for it to be established?

  • A Both VPCs must have non-overlapping CIDR blocks.
  • B Both VPCs must be in the same region.
  • C Both VPCs must use the same routing table.
  • D Both VPCs must have the same security group.
Explanation VPC peering requires non-overlapping CIDR blocks, while region, routing tables, and security groups can differ.
Q203

A company wants to optimize its Amazon S3 costs and has objects that are infrequently accessed. Which storage class should they use?

  • A S3 Standard
  • B S3 Intelligent-Tiering
  • C S3 Glacier Deep Archive
  • D S3 Standard-IA
Explanation S3 Standard-IA is designed for infrequent access, providing lower costs compared to Standard.
Q204

What happens when you mistakenly assign an IAM policy that denies all permissions to a user who also has an explicit allow policy for S3 access?

  • A User can access S3 without restrictions.
  • B User cannot access S3 at all.
  • C User has conditional access to S3.
  • D User's access is limited to certain objects.
Explanation In AWS IAM, explicit deny policies take precedence over allow policies, preventing access completely.
Q205

Which AWS service can automatically scale EC2 instances based on demand?

  • A Elastic Load Balancer
  • B Auto Scaling
  • C Amazon CloudFront
  • D AWS Lambda
Explanation Auto Scaling adjusts EC2 instances based on demand, while others do not.
Q206

A company needs to provide users with temporary access to S3 buckets. Which service should they implement?

  • A IAM roles
  • B S3 Access Points
  • C AWS Lake Formation
  • D AWS Config
Explanation IAM roles allow temporary access, while others focus on different functionalities.
Q207

You are configuring a VPC with public and private subnets. What happens if you assign an Elastic IP to an instance in a private subnet?

  • A Instance can be accessed from the internet
  • B Instance cannot be accessed externally
  • C Elastic IP is released automatically
  • D VPC routing fails
Explanation Instances in private subnets cannot be accessed unless through a NAT Gateway, making the EIP pointless.
Q208

Which service can automatically scale a database based on load?

  • A Amazon RDS
  • B Amazon S3
  • C Amazon CloudFront
  • D AWS Lambda
Explanation Amazon RDS can enable read replicas to scale databases based on load, while others do not focus on database scaling.
Q209

A company needs to ensure their EC2 instances can only be accessed over SSH from specific IP addresses. Which AWS feature should they use?

  • A EC2 Instance Metadata
  • B Security Groups
  • C Network ACLs
  • D IAM Roles
Explanation Security Groups control inbound and outbound traffic at the instance level, while the others do not primarily restrict access based on IP addresses.
Q210

What happens when an organization does not configure a lifecycle policy for their S3 bucket?

  • A Data is deleted automatically
  • B Data cannot be uploaded
  • C Data remains in the bucket indefinitely
  • D Bucket is inaccessible
Explanation Without a lifecycle policy, objects remain in S3 until manually deleted, unlike others which suggest automatic changes.