Amazon AWS

AWS Certified Solutions Architect – Professional

SAP-C02
Popular

The AWS Certified Solutions Architect – Professional (SAP-C02) exam validates advanced skills in designing distributed systems on AWS. It is ideal for experienced architects looking to demonstrate their expertise.

485 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 81–90 of 485

Q81

You are configuring an IAM policy for a corporate application. What happens if the policy uses an explicit deny?

  • A Access is granted.
  • B Access is denied.
  • C Access requests are logged.
  • D Policy has no effect.
Explanation In IAM, an explicit deny overrides any allow, which blocks access regardless of other permissions.
Q82

Which service enables infrastructure as code in AWS?

  • A AWS CloudFormation
  • B AWS Lambda
  • C AWS Systems Manager
  • D AWS CodeBuild
Explanation AWS CloudFormation provides infrastructure as code capabilities, while the others focus on application management or build processes.
Q83

A company needs to restrict access to AWS resources based on user attributes. Which service is best suited for this requirement?

  • A AWS Directory Service
  • B AWS Organizations
  • C AWS IAM with Policies
  • D AWS Cognito
Explanation AWS IAM with Policies can restrict access based on user attributes effectively, which is not the primary role of the other services listed.
Q84

What happens when you delete an Amazon S3 bucket with versioning enabled?

  • A All versions are permanently deleted.
  • B Bucket becomes inactive but preserved.
  • C Only latest version gets deleted.
  • D No deletion occurs, bucket exists.
Explanation All versions of the objects in a versioned bucket are deleted when deleting the bucket itself.
Q85

Which service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D AWS Elastic Beanstalk
Explanation AWS Lambda enables serverless execution of code, while the others require server management or configurations.
Q86

A company needs a managed NoSQL database solution that scales horizontally. Which AWS service should they choose?

  • A Amazon RDS
  • B Amazon DynamoDB
  • C Amazon Aurora
  • D Amazon Redshift
Explanation Amazon DynamoDB provides a fully managed NoSQL database with seamless horizontal scaling, unlike the relational options which are not NoSQL.
Q87

What happens when you use a Security Group to restrict ingress to your EC2 instances?

  • A Access is completely blocked.
  • B Permissions are ignored.
  • C Access restricts to specific IPs.
  • D Security Groups don't affect ingress.
Explanation Security Groups control ingress according to defined rules, meaning only allowed IPs can access instances, whereas the others misinterpret the Security Group behavior.
Q88

Which service would you use to automate EC2 instance management?

  • A AWS Lambda
  • B AWS CloudFormation
  • C AWS Systems Manager
  • D AWS CodeDeploy
Explanation AWS Systems Manager automates operational tasks for EC2 instances; Lambda is for event-driven tasks, CloudFormation is for infrastructure provisioning, and CodeDeploy is for application deployment.
Q89

A company needs to encrypt sensitive data at rest in S3. What should they implement?

  • A S3 Transfer Acceleration
  • B IAM Policies
  • C S3 Server-Side Encryption
  • D S3 Object Lock
Explanation S3 Server-Side Encryption protects data at rest; Transfer Acceleration speeds up data transfer, IAM Policies control access, and Object Lock is for compliance retention, not encryption.
Q90

What happens when a Lambda function exceeds its execution timeout?

  • A Execution completes successfully
  • B Lambda retries the execution
  • C Execution is abruptly terminated
  • D Function reverts to previous state
Explanation When a Lambda function exceeds its timeout, the execution is abruptly terminated without any cleanup; it does not retry nor revert to a previous state, and it won't complete successfully.