Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 351–360 of 485

Q351

You are configuring an EC2 instance's security group. What happens if you remove an inbound rule?

  • A Traffic is blocked for that rule
  • B Traffic is allowed by default
  • C Only outbound traffic is affected
  • D No effect on security group
Explanation Removing inbound rules blocks corresponding traffic; others misrepresent security group behavior.
Q352

Which service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon ECS
  • D AWS Batch
Explanation AWS Lambda executes code in response to events without server management; EC2 and ECS require server provisioning, while AWS Batch schedules jobs but doesn't run code directly without servers.
Q353

A company needs to restrict access to specific S3 buckets. Which service should they use?

  • A IAM Policies
  • B S3 Bucket Policies
  • C Security Groups
  • D VPC Peering
Explanation S3 Bucket Policies define permissions directly on the bucket; IAM Policies control access to AWS services globally, while Security Groups are not applicable to S3.
Q354

What happens when you try to delete an IAM user that has attached policies?

  • A User is deleted successfully
  • B Can't delete, no attached policies
  • C Policies are deleted automatically
  • D Need to detach policies first
Explanation You can delete an IAM user regardless of attached policies, as the policies remain available; however, detaching policies is best practice.
Q355

Which AWS service is best for automated backups of EC2 instances?

  • A AWS Backup
  • B Amazon RDS
  • C Amazon Glacier
  • D AWS Data Pipeline
Explanation AWS Backup is designed for automated backups, while others serve different purposes.
Q356

A company needs a solution to share files privately among multiple AWS accounts. Which service should they use?

  • A Amazon S3
  • B AWS Transfer Family
  • C AWS Lake Formation
  • D Amazon WorkDocs
Explanation Amazon WorkDocs provides secure file sharing across accounts, while others are not specifically designed for that purpose.
Q357

You are configuring an application with an Amazon RDS Multi-AZ deployment. What happens if the primary DB instance fails?

  • A Data is deleted
  • B Failover to standby DB instance
  • C NO data loss
  • D Must restore manually
Explanation In Multi-AZ, failover to the standby instance occurs automatically to enhance availability, ensuring service continuity.
Q358

Which service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D AWS Elastic Beanstalk
Explanation AWS Lambda runs code in response to events without server management, while others require server provisioning.
Q359

A company needs to ensure data is quickly recoverable in case of accidental deletion. What S3 feature should be enabled?

  • A S3 Versioning
  • B S3 Replication
  • C S3 Glacier
  • D S3 Lifecycle Policies
Explanation S3 Versioning keeps multiple copies of objects, enabling recovery from deletions, while others do not provide this functionality.
Q360

What happens when you assign an IAM role to an EC2 instance?

  • A Instance automatically gains permissions.
  • B Instance is terminated immediately.
  • C Role is discarded after 5 minutes.
  • D Instance will lose existing roles.
Explanation Assigning IAM roles grants the instance permissions for AWS services, while the other options are inaccurate.