Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 461–470 of 485

Q461

What happens when a security group rule allows all outbound traffic?

  • A Inbound traffic is blocked
  • B All outbound traffic is allowed
  • C No effects on security
  • D Only specific IPs can connect
Explanation Allowing all outbound traffic means any destination can be reached.
Q462

Which service allows real-time data processing on AWS?

  • A Amazon Kinesis
  • B AWS Glue
  • C Amazon S3
  • D AWS Lambda
Explanation Amazon Kinesis enables real-time data processing, while the others focus on data storage or batch processing.
Q463

A company needs to create a private network in AWS. Which service should they use?

  • A AWS Direct Connect
  • B Amazon VPC
  • C AWS CloudFormation
  • D Elastic Load Balancing
Explanation Amazon VPC allows the creation of a private network, unlike the other services which serve different purposes.
Q464

What happens when an AWS IAM permission is denied?

  • A Access is granted.
  • B Access is logged.
  • C Access is replaced by another permission.
  • D Access is explicitly denied.
Explanation In AWS IAM, if permission is denied, access is explicitly denied, not granted or logged without specific configuration.
Q465

Which AWS service provides secure access to your services without a single password?

  • A AWS Single Sign-On
  • B AWS Secrets Manager
  • C AWS IAM
  • D AWS Cognito
Explanation AWS Single Sign-On enables seamless secure access without password fatigue, unlike the others.
Q466

A company needs to process real-time data streams. Which AWS service is best suited for this?

  • A AWS Lambda
  • B Amazon Kinesis
  • C Amazon S3
  • D AWS Glue
Explanation Amazon Kinesis is specifically designed for real-time data stream processing, unlike the others.
Q467

You are configuring a multi-AZ RDS deployment. What happens if an instance in one AZ fails?

  • A It automatically scales up resources.
  • B Traffic reroutes to the standby instance.
  • C Database performance degrades significantly.
  • D It requires a manual reboot from the admin.
Explanation In a multi-AZ deployment, traffic is automatically routed to the standby instance in case of a failure, unlike the other options.
Q468

A company needs to encrypt data at rest in S3. Which service should they implement?

  • A S3 Server-Side Encryption
  • B AWS Key Management Service
  • C AWS CloudHSM
  • D AWS WAF
Explanation S3 Server-Side Encryption automates data encryption, while others address different needs.
Q469

What happens when you set an IAM user policy but do not allow for any actions?

  • A User can perform some actions
  • B User can perform all actions
  • C User is denied all actions
  • D User has access to S3 only
Explanation Denying all actions in a policy results in no permissions.
Q470

You are configuring an Auto Scaling group. Which setting ensures it scales down efficiently during low demand?

  • A Health Check Type
  • B Cooldown Period
  • C Scaling Adjustment
  • D Minimum Size
Explanation Cooldown periods prevent immediate scaling actions after a scale down event.