Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 221–230 of 485

Q221

A company needs to enforce IAM password policies. What should you do?

  • A Set minimum password length
  • B Enable MFA
  • C Create access keys
  • D Use roles for applications
Explanation Setting a minimum password length is a core aspect of IAM password policies; the others do not enforce password requirements.
Q222

You are configuring an EC2 Auto Scaling Group. What happens if the desired capacity is set to zero?

  • A Instances will be terminated immediately
  • B Instances will remain running
  • C No new instances will launch
  • D Only health checks will stop
Explanation Setting desired capacity to zero results in the termination of all instances for that group, while others do not reflect this action accurately.
Q223

Which service provides a set of tools to deploy, manage, and monitor Amazon EC2 instances?

  • A AWS Systems Manager
  • B AWS Lambda
  • C Amazon S3
  • D AWS CloudFormation
Explanation AWS Systems Manager enables management of EC2 instances while others do not fulfill this role.
Q224

You are configuring an AWS Lambda function for performance. What resource setting can optimize spin-up time?

  • A Increase memory allocation
  • B Assign more timeout duration
  • C Deploy using an alias
  • D Use provisioned concurrency
Explanation Provisioned concurrency keeps function instances warm, reducing spin-up time, while others do not affect this.
Q225

A company needs to ensure that S3 buckets are private and accessible only by specific IAM roles. What should they implement?

  • A Use bucket versioning
  • B Enable public access block
  • C Use bucket policies
  • D Apply lifecycle rules
Explanation Bucket policies provide detailed access control, while others do not restrict access appropriately.
Q226

A company needs to ensure high availability for their SQL database on AWS. Which service should they choose?

  • A Amazon RDS with Multi-AZ deployment
  • B Amazon S3 for database backups
  • C AWS Lambda for database queries
  • D Amazon EC2 with single-instance setup
Explanation Amazon RDS with Multi-AZ deployment provides automatic failover for high availability, while the others do not meet high availability requirements.
Q227

What happens when an S3 bucket policy grants public read access to all objects?

  • A All users can upload files.
  • B The bucket becomes public.
  • C All objects are encrypted.
  • D Bucket versioning is enabled.
Explanation Granting public read access makes the S3 bucket public, allowing anyone to view objects.
Q228

You are configuring an AWS VPC with subnets. What is the impact of having two subnets in different Availability Zones?

  • A Enhanced security configuration only.
  • B Improved latency between resources.
  • C Increased fault tolerance for resources.
  • D No impact on resource availability.
Explanation Having subnets in different AZs provides redundancy and fault tolerance in case of an AZ failure.
Q229

Which service would you use to create a secure connection to a VPC?

  • A AWS VPN
  • B AWS Lambda
  • C AWS CloudFormation
  • D AWS S3
Explanation AWS VPN establishes secure site-to-site connections, while the others serve different purposes.
Q230

A company needs to deploy a multi-region architecture for their application. Which AWS service helps in managing global resources?

  • A Amazon CloudFront
  • B AWS Global Accelerator
  • C AWS CloudTrail
  • D AWS Config
Explanation AWS Global Accelerator optimizes traffic globally; others are not designed for global resource management.