Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 31–40 of 485

Q31

Which service allows you to execute code in response to events without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon S3
  • D Amazon RDS
Explanation AWS Lambda executes code based on events, while EC2, S3, and RDS require server management.
Q32

A company needs to securely manage permissions for its AWS resources. Which AWS service should they use?

  • A AWS Identity and Access Management (IAM)
  • B Amazon CloudWatch
  • C Amazon VPC
  • D AWS CloudTrail
Explanation AWS IAM is specifically designed for managing permissions, while the others serve different functions.
Q33

What happens if an EC2 instance is stopped and started again?

  • A Public IP address changes
  • B Elastic IP remains unchanged
  • C Instance store data is preserved
  • D Instance retains all settings
Explanation Stopping and starting an EC2 instance changes its public IP unless it has an Elastic IP, while instance store data is lost.
Q34

Which AWS service provides an origin for CloudFront?

  • A S3 Bucket
  • B EC2 Instance
  • C Lambda Function
  • D RDS Database
Explanation An S3 Bucket can serve static content as the origin for CloudFront, while the others are incorrect types of origins.
Q35

A company needs to ensure that all IAM keys are rotated every 90 days without manual intervention. What solution should they implement?

  • A Schedule Lambda function
  • B Use IAM policies
  • C Implement CloudTrail monitoring
  • D Set up AWS Config rules
Explanation A scheduled Lambda function can automate key rotation, while other options do not ensure automatic key management.
Q36

You are configuring a VPC with multiple subnets. What happens if you launch an EC2 instance in a subnet without a route to the internet?

  • A Instance can connect to the internet
  • B Instance cannot connect to the internet
  • C Instance has public IP by default
  • D Instance uses VPN for access
Explanation Without a route to the internet, the instance cannot reach the internet; the other choices describe incorrect behaviors.
Q37

Which service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D AWS Batch
Explanation AWS Lambda lets you run code without server management, while the others require server provisioning.
Q38

A company needs low-latency access to data across multiple regions. Which service should they use?

  • A Amazon CloudFront
  • B Amazon S3
  • C AWS Global Accelerator
  • D Amazon RDS Multi-AZ
Explanation AWS Global Accelerator optimizes latency for multi-region applications; the others serve different purposes.
Q39

You are configuring an S3 bucket policy to allow public read access to objects. What happens if you specify 'Deny' for a specific IAM user?

  • A Public access is always denied.
  • B User can still access publicly.
  • C User access overrides bucket policy.
  • D Specific user access denied.
Explanation A specific 'Deny' in a bucket policy will always take precedence, regardless of public access settings.
Q40

Which service provides a managed container orchestration?

  • A ECS
  • B EC2
  • C Lambda
  • D RDS
Explanation ECS (Elastic Container Service) manages Docker containers, while EC2 is a compute service.