Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 471–480 of 485

Q471

Which service provides cost-effective data archiving?

  • A Amazon S3 Glacier
  • B Amazon RDS
  • C Amazon EFS
  • D Amazon CloudFront
Explanation Amazon S3 Glacier is designed specifically for data archiving and long-term storage, while the others serve different purposes.
Q472

A company needs to deploy a multi-region application. Which AWS service helps with this?

  • A AWS CloudFormation
  • B Amazon Route 53
  • C AWS Batch
  • D Amazon CloudWatch
Explanation Amazon Route 53 provides global DNS routing to manage a multi-region application, while the others focus on different functionalities.
Q473

You are configuring an IAM policy for S3 access. What happens when you add a Deny statement?

  • A It grants access if conditions met
  • B It overrides Allow rules
  • C It adds additional buckets
  • D It only affects admins
Explanation In IAM policies, Deny statements take precedence and override any Allow rules, impacting access control fundamentally.
Q474

Which AWS service provides orchestration for containers?

  • A ECS
  • B S3
  • C RDS
  • D CloudFront
Explanation ECS is specifically designed for container orchestration, while S3 handles object storage, RDS is for databases, and CloudFront is a CDN.
Q475

A company needs to manage access to AWS services tightly. Which service should you use?

  • A IAM
  • B S3
  • C Lambda
  • D CloudTrail
Explanation IAM is directly used for access management, whereas S3 is for storage, Lambda for computing, and CloudTrail for logging activities.
Q476

What happens when you delete an EBS volume that is still attached to an instance?

  • A Volume deletion fails
  • B Instance is terminated
  • C Data is permanently lost
  • D Volume remains available
Explanation The deletion fails because the volume is in use; termination of instances and data loss do not occur immediately and availability is not maintained on deletion.
Q477

A company needs to store sensitive data with strict compliance requirements. Which AWS service can best ensure data encryption and compliance?

  • A AWS S3 with server-side encryption
  • B AWS EC2 instance storage
  • C AWS RDS without encryption options
  • D AWS Lambda temporary storage
Explanation AWS S3 supports server-side encryption for compliance, while EC2 storage, RDS without encryption, and Lambda storage do not fully meet compliance needs.
Q478

What happens when you configure an Elastic Load Balancer with HTTP listeners on multiple AZs?

  • A Traffic is load balanced only in one AZ.
  • B Traffic is distributed across all AZs.
  • C It fails if one AZ goes down.
  • D Only health-checked instances receive traffic.
Explanation An ELB distributes traffic across all AZs for high availability, unlike the other options which misrepresent ELB behavior.
Q479

You are configuring IAM policies for users who require different permissions based on their job functions. Which approach is best?

  • A Create one policy for all users.
  • B Assign separate policies per user.
  • C Use groups to manage permissions.
  • D Avoid using IAM for permissions.
Explanation Using groups simplifies permission management, whereas the other options complicate or bypass IAM best practices.
Q480

Which service provides a fully managed NoSQL database?

  • A Amazon DynamoDB
  • B Amazon RDS
  • C Amazon Redshift
  • D Amazon S3
Explanation DynamoDB is a fully managed NoSQL database; RDS and Redshift are for relational and analytics databases, respectively.