Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 401–410 of 485

Q401

A company needs to ensure that only authorized users can access their S3 buckets. Which service should they use?

  • A AWS Trusted Advisor
  • B AWS IAM
  • C AWS CloudTrail
  • D AWS Config
Explanation AWS IAM handles permissions; others track or audit resources without direct access control.
Q402

What happens when you enable versioning on an S3 bucket?

  • A Duplicates files when uploaded
  • B Deletes old versions automatically
  • C Retains all versions of an object
  • D Disables access to old files
Explanation Versioning retains every version; others don't represent this functionality.
Q403

You are configuring a multi-Region redundancy for your S3 storage. Which features should you enable to enhance durability?

  • A Versioning
  • B Cross-Region Replication
  • C Lifecycle Policies
  • D Event Notifications
Explanation Cross-Region Replication automatically copies data across regions, enhancing durability; versioning is for data recovery, not redundancy.
Q404

A company needs to implement a secure way to manage API keys for a microservices architecture. Which AWS service is best suited for this?

  • A AWS Secrets Manager
  • B AWS Lambda
  • C Amazon S3
  • D Amazon EC2
Explanation AWS Secrets Manager allows secure key management, while EC2, S3, and Lambda are not designed for this purpose.
Q405

What happens when a CloudFront distribution is invalidated?

  • A Caches are deleted inaccessible
  • B Old content is immediately removed
  • C New content is fetched from origin
  • D Distribution is temporarily disabled
Explanation When invalidated, CloudFront fetches the new content from the origin, rather than removing caches directly.
Q406

Which service provides managed Redis in AWS?

  • A Amazon ElastiCache
  • B Amazon S3
  • C AWS Lambda
  • D Amazon RDS
Explanation Amazon ElastiCache provides fully managed Redis services, while S3 is for object storage, Lambda is serverless compute, and RDS is for relational databases.
Q407

A company needs to ensure that its data in S3 is immutable for compliance purposes. What should they implement?

  • A S3 Versioning
  • B S3 Object Lock
  • C S3 Cross-Region Replication
  • D Bucket Policies
Explanation S3 Object Lock allows you to create immutable storage for compliance, while versioning and replication do not prevent deletions, and bucket policies do not enforce immutability.
Q408

What happens when an Amazon EC2 instance is terminated in a subnet utilizing an Auto Scaling Group?

  • A Instance data is saved.
  • B Another instance is launched.
  • C All network settings are deleted.
  • D The Auto Scaling Group is paused.
Explanation An Auto Scaling Group will automatically launch another instance to maintain the desired capacity when one is terminated; instance data is lost unless saved elsewhere, and the network settings are not impacted.
Q409

Which service is best for event-driven computing?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D AWS CloudFormation
Explanation AWS Lambda automatically runs code in response to events, while the others are not specifically designed for event-driven execution.
Q410

A company needs to connect its on-premises data center to AWS securely. What is the most suitable solution?

  • A AWS Direct Connect
  • B AWS VPN
  • C Amazon Route 53
  • D AWS Global Accelerator
Explanation AWS Direct Connect provides a dedicated network connection to AWS, while AWS VPN is a secure connection over the Internet, making Direct Connect more suitable for on-premises data centers.