Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 211–220 of 485

Q211

Which service allows automatic scaling for applications based on demand?

  • A AWS Auto Scaling
  • B AWS CloudFormation
  • C Amazon RDS
  • D AWS Lambda
Explanation AWS Auto Scaling adjusts capacity based on demand, while others do not provide this automatic feature.
Q212

A company needs to store sensitive data securely while retaining low-latency access. Which service should they choose?

  • A Amazon S3 Glacier
  • B Amazon RDS
  • C Amazon S3 with SSE
  • D Amazon EBS
Explanation Amazon S3 with Server-Side Encryption (SSE) offers secure, low-latency access, unlike Glacier, which is for archival storage.
Q213

What happens when you configure an EC2 instance with an IAM role?

  • A Instance gains permissions immediately
  • B Permissions apply at next reboot
  • C IAM role is ignored
  • D Requires manual permission adjustments
Explanation Attaching an IAM role grants the instance permissions immediately, while others imply delays or manual efforts which are incorrect.
Q214

Which service provides serverless compute for containers?

  • A AWS Fargate
  • B Amazon EC2
  • C AWS Lambda
  • D Amazon ECS
Explanation AWS Fargate allows running containers without managing servers; EC2 requires server management, Lambda is for functions, ECS is a container orchestration service.
Q215

A company needs to control access to S3 buckets based on user attributes. Which service should they use?

  • A AWS IAM
  • B Amazon CloudWatch
  • C AWS Organizations
  • D Amazon Cognito
Explanation AWS IAM allows fine-grained access control including user attributes; CloudWatch does monitoring, Organizations is for account management, Cognito is for user authentication.
Q216

What happens when a CloudFormation stack is updated with an invalid template?

  • A Stack updates successfully
  • B Nothing happens, no changes applied
  • C Stack rolls back to previous state
  • D CloudFormation deletes the stack
Explanation CloudFormation attempts to roll back to the last stable state upon failure; successful updates do not occur, nothing remains unchanged, and deletion does not happen unless specified.
Q217

Which service allows you to decouple application components using message queues?

  • A Amazon SQS
  • B AWS Lambda
  • C Amazon RDS
  • D Amazon CloudFront
Explanation Amazon SQS provides reliable message queuing, decoupling components; others do not serve this purpose directly.
Q218

A company needs to manage fine-grained access controls for its S3 bucket. What should they use?

  • A Bucket Policies
  • B IAM Roles
  • C ACLs
  • D S3 Batch Operations
Explanation Bucket Policies are designed for fine-grained permissions; IAM Roles and ACLs do not provide the same level of control for S3.
Q219

What happens when an EC2 instance is stopped and then started again?

  • A It retains the EBS volumes
  • B It loses all data on EBS
  • C It gets a new instance ID
  • D It changes the private IP address
Explanation The EC2 instance receives a new instance ID but retains the EBS volumes and manages IP addresses based on networking configurations.
Q220

Which service can be used to automate deployment operations on AWS?

  • A AWS CloudFormation
  • B AWS Secrets Manager
  • C AWS Elastic Beanstalk
  • D AWS CloudWatch
Explanation CloudFormation enables automation of infrastructure deployment, while the others serve different purposes.