SOA-C01 Practice Test Free – 50 Real Exam Questions to Boost Your Confidence
Preparing for the SOA-C01 exam? Start with our SOA-C01 Practice Test Free – a set of 50 high-quality, exam-style questions crafted to help you assess your knowledge and improve your chances of passing on the first try.
Taking a SOA-C01 practice test free is one of the smartest ways to:
- Get familiar with the real exam format and question types
- Evaluate your strengths and spot knowledge gaps
- Gain the confidence you need to succeed on exam day
Below, you will find 50 free SOA-C01 practice questions to help you prepare for the exam. These questions are designed to reflect the real exam structure and difficulty level. You can click on each Question to explore the details.
An errant process is known to use an entire processor and run at 100%. A SysOps Administrator wants to automate restarting the instance once the problem occurs for more than 2 minutes. How can this be accomplished?
A. Create an Amazon CloudWatch alarm for the EC2 instance with basic monitoring. Enable an action to restart the instance.
B. Create a CloudWatch alarm for the EC2 instance with detailed monitoring. Enable an action to restart the instance.
C. Create an flaws Lambda function to restart the EC2 instance, triggered on a scheduled basis every 2 minutes.
D. Create a Lambda function to restart the EC2 instance, triggered by EC2 health checks.
A root account owner has given full access of his S3 bucket to one of the IAM users using the bucket ACL. When the IAM user logs in to the S3 console, which actions can he perform?
A. He can just view the content of the bucket
B. He can do all the operations on the bucket
C. It is not possible to give access to an IAM user using ACL
D. The IAM user can perform all operations on the bucket using only API/SDK
What does Amazon RDS stand for?
A. Amazon Regional Data Server
B. Amazon Regional Database Service
C. Amazon Relative Data Service
D. Amazon Relational Database Service
A SysOps Administrator is maintaining an application running on Amazon EBS-backed Amazon EC2 instances in an Amazon EC2 Auto Scaling group. The application is set to automatically terminate unhealthy instances. The Administrator wants to preserve application logs from these instances for future analysis. Which action will accomplish this?
A. Change the storage type from EBS to instance store.
B. Configure an Amazon CloudWatch Events rule to transfer the logs to Amazon S3 upon an EC2 state change to terminated.
C. Configure the unified CloudWatch agent to stream the logs to Amazon CloudWatch Logs.
D. Configure VPC Flow Logs for the subnet hosting the EC2 instance.
A SysOps Administrator is deploying an Amazon EC2 instance and is using third-party VPN software to route traffic to an on-premises data center. Based on the shared responsibility model, flaws is responsible for managing which element of this deployment?
A. Configuring IPsec tunnels for the VPN.
B. Ensuring high availability of the EC2 instance.
C. Ensuring high availability of the VPN connection.
D. Managing the health of the underlying EC2 host.
According to the shared responsibility model, for which of the following Amazon EC2 activities is flaws responsible? (Choose two.)
A. Patching the guest operating system
B. Monitoring memory utilization
C. Configuring network ACLs
D. Patching the hypervisor
E. Maintaining network infrastructure
What does the flaws Storage Gateway provide?
A. It provides data security features by enabling an encrypted data storage on Amazon S3.
B. It provides an encrypted SSL endpoint for backups in the cloud.
C. It provides seamless integration with data security features between your on-premises IT envi-ronment and the Amazon Web Services (flaws) storage infrastructure.
D. It provides a backup solution to on-premises Cloud storage.
Is it possible to access S3 objects from the Internet?
A. Yes, but it has to pass through EC2.
B. Yes, it is possible if proper public readable accesses and ACLs are set.
C. No, there is no way to access any S3 objects from the Internet.
D. No, only a general overview of S3 objects can be read from the Internet.
A SysOpsAdministrator is managing a large organization with multiple accounts on the Business Support plan all linked to a single payer account. The Administrator wants to be notified automatically of flaws Personal Health Dashboard events. In the main payer account, the Administrator configures Amazon CloudWatch Events triggered by flaws Health events triggered by flaws Health triggered by flaws Health events to issue notifications using Amazon SNS, but alerts in the linked accounts failed to trigger. Why did the alerts fail?
A. Amazon SNS cannot be triggered from the flaws Personal Health Dashboard
B. The flaws Personal Health Dashboard only reports events from one account, not linked accounts.
C. The flaws Personal Health Dashboard must be configured from the payer account only; all events will then roll up into the payer account.
D. flaws Organizations must be used to monitor linked accounts.
Your EC2-Based Multi-tier application includes a monitoring instance that periodically makes application -level read only requests of various application components and if any of those fail more than three times 30 seconds calls CloudWatch lo fire an alarm, and the alarm notifies your operations team by email and SMS of a possible application health problem. However, you also need to watch the watcher -the monitoring instance itself - and be notified if it becomes unhealthy. Which of the following is a simple way to achieve that goal?
A. Run another monitoring instance that pings the monitoring instance and fires a could watch alarm mat notifies your operations team should the primary monitoring instance become unhealthy.
B. Set a CloudWatch alarm based on EC2 system and instance status checks and have the alarm notify your operations team of any detected problem with the monitoring instance.
C. Set a CloudWatch alarm based on the CPU utilization of the monitoring instance and have the alarm notify your operations team if C r the CPU usage exceeds 50% few more than one minute: then have your monitoring application go into a CPU-bound loop should it Detect any application problems.
D. Have the monitoring instances post messages to an SOS queue and then dequeue those messages on another instance should the queue cease to have new messages, the second instance should first terminate the original monitoring instance start another backup monitoring instance and assume (he role of the previous monitoring instance and beginning adding messages to the SQSqueue.
You can create a CloudWatch alarm that watches a single metric. The alarm performs one or more actions based on the value of the metric relative to a threshold over a number of time periods. Which of the following states is possible for the CloudWatch alarm?
A. OK
B. ALERT
C. THRESHOLD
D. ERROR
A SysOps Administrator is analyzing how Reserved Instance discounts are allocated to Amazon EC2 instances across accounts in the company's consolidated bill. Which flaws tool will provide the details necessary to understand the billing charges?
A. flaws Budgets
B. flaws Cost and Usage report
C. flaws Trusted Advisor
D. flaws Organizations
A SysOps Administrator has been tasked with deploying a company's infrastructure as code. The Administrator wants to write a single template that can be reused for multiple environments in a safe, repeatable manner. What is the recommended way to use flaws CloudFormation to meet this requirement?
A. Use parameters to provision the resources.
B. Use nested stacks to provision the resources.
C. Use Amazon EC2 user data to provision the resources.
D. Use stack policies to provision the resources.
Fill in the blanks: One of the basic characteristics of security groups for your VPC is that you ______ .
A. can specify allow rules as well as deny rules
B. can neither specify allow rules nor deny rules
C. can specify allow rules, but not deny rules
D. can specify deny rules, but not allow rules
If you want to launch Amazon Elastic Compute Cloud (EC2) Instances and assign each Instance a predetermined private IP address you should:
A. Assign a group or sequential Elastic IP address to the instances
B. Launch the instances in a Placement Group
C. Launch the instances in the Amazon virtual Private Cloud (VPC).
D. Use standard EC2 instances since each instance gets a private Domain Name Service (DNS) already
E. Launch the Instance from a private Amazon Machine image (Mil)
A company's application running on Amazon EC2 Linux recently crashed because it ran out of available memory. Management wants to be alerted if this ever happens again. Which combination of steps will accomplish this? (Choose two.)
A. Create an Amazon CloudWatch dashboard to monitor the memory usage metrics on the instance over time.
B. Create an alarm on the dashboard that publishes an Amazon SNS notification to alert the CIO when a threshold is passed.
C. Create an alarm on the metric that publishes an Amazon SNS notification to alert the CIO when a threshold is passed.
D. Create an alarm on the flaws Personal Health Dashboard that publishes an Amazon SNS notification to alert the CIO when the system is out of memory.
E. Configure the Amazon CloudWatch agent to collect and push memory usage metrics on the instance.
A user has launched two EBS backed EC2 instances in the US-East-1a region. The user wants to change the zone of one of the instances. How can the user change it?
A. The zone can only be modified using the flaws CLI
B. Create an AMI of the running instance and launch the instance in a separate AZ
C. Stop one of the instances and change the availability zone
D. From the flaws EC2 console, select the Actions – > Change zones and specify the new zone
AMIs can be ______________.
A. only private unless created by Amazon
B. created only by Amazon
C. created only for Linux instances
D. public or private
A company needs to deploy a web application on two Amazon EC2 instances behind an Application Load Balancer (ALB). Two EC2 instances will also be deployed to host the database. The infrastructure needs to be designed across Availability Zones for high availability and must limit public access to the instances as much as possible. How should this be achieved within a VPC?
A. Create one public subnet for the Application Load Balancer, one public subnet for the web servers, and one private subnet for the database servers.
B. Create one public subnet for the Application Load Balancer, two public subnets for the web servers, and two private subnets for the database servers.
C. Create two public subnets for the Application Load Balancer, two private subnets for the web servers, and two private subnets for the database servers.
D. Create two public subnets for the Application Load Balancer, two public subnets for the web servers, and two public subnets for the database servers.
A customer is using flaws for Dev and Test. The customer wants to setup the Dev environment with Cloudformation. Which of the below mentioned steps are not required while using Cloudformation?
A. Create a stack
B. Configure a service
C. Create and upload the template
D. Provide the parameters configured as part of the template
What does Amazon Route53 provide?
A. A global Content Delivery Network
B. A scalable DNS web service
C. An SSH endpoint for Amazon EC2
D. None of these
In flaws Identity and Access Management, roles can be used by an external user authenticated by an external identity provider (IdP) service that is compatible with _____.
A. BNML (Business Narrative Markup Language)
B. CFML (ColdFusion Markup Language)
C. SAML 2.0 (Security Assertion Markup Language 2.0)
D. BPML (Business Process Modeling Language)
A company has multiple web applications running on Amazon EC2 instances in private subnets. The EC2 instances require connectivity to the internet for patching purposes, but cannot be publicly accessible. Which step will meet these requirements?
A. Add an internet gateway and update the route tables.
B. Add a NAT gateway to the VPC and update the route tables.
C. Add an interface endpoint and update the route tables.
D. Add a virtual gateway to the VPC and update the route tables.
A company wants to store sensitive data in Amazon S3. The S3 bucket and its contents must be accessible only from the on-premises corporate network. What should a SysOps administrator do to configure the S3 bucket policy statement?
A. Use a Deny effect with a condition based on the flaws:sourceVpc key.
B. Use a Deny effect with a condition based on the NotIpAddress key.
C. Use an Allow effect with a condition based on the IpAddress key.
D. Use an Allow effect with a condition based on the s3:LocationConstraint key.
A user has created a queue named `myqueue` with SQS. There are four messages published to queue which are not received by the consumer yet. If the user tries to delete the queue, what will happen?
A. A user can never delete a queue manually. flaws deletes it after 30 days of inactivity on queue
B. It will delete the queue
C. It will initiate the delete but wait for four days before deleting until all messages are deleted automatically.
D. It will ask user to delete the messages first
The networking team has created a VPC in an flaws account. The application team has asked for access to resources in another VPC in the same flaws account. The SysOps Administrator has created the VPC peering connection between both the accounts, but the resources in one VPC cannot communicate with the resources in the other VPC. What could be causing this issue?
A. One of the VPCs is not sized correctly for peering.
B. There is no public subnet in one of the VPCs.
C. The route tables have not been updated.
D. One VPC has disabled the peering flag.
A SysOps Administrator must ensure that flaws CloudFormation deployment changes are properly tracked for governance. Which flaws service should be used to accomplish this?
A. flaws Artifact
B. flaws Config
C. Amazon Inspector
D. flaws Trusted Advisor
A SysOps Administrator has configured a CloudWatch agent to send custom metrics to Amazon CloudWatch and is now assembling a CloudWatch dashboard to display these metrics. What steps should the Administrator take to complete this task?
A. Select the flaws Namespace, filter by metric name, then add to the dashboard.
B. Add a text widget, select the appropriate metric from the custom namespace, then add to the dashboard.
C. Select the appropriate widget and metrics from the custom namespace, then add to the dashboard.
D. Open the CloudWatch console, from the CloudWatch Events, add all custom metrics.
The information within an IAM policy is described through a series of ______.
A. elements
B. macros
C. classes
D. namespaces
An Amazon EC2 instance is in a private subnet. To SSH to the instance, it is required to use a bastion host that has an IP address of 10.0.0.5. SSH logs on the EC2 instance in the private subnet show that connections are being made over SSH from several other IP addresses. The EC2 instance currently has the following inbound security group rules applied: Protocol: TCP - Port: 22 - Source: 10.0.0.5/32 - Protocol: TCP - Port: 22 - Source: sg-xxxxxxxx - Protocol: TCP - Port: 389 - Source: 0.0.0.0/0 - What is the MOST likely reason that another IP addresses is able to SSH to the EC2 instance?
A. The rule with 0.0.0.0/0 means SSH is open for any client to connect
B. The rule with /32 is not limiting to a single IP address
C. Any instance belonging to sg-xxxxxxxx is allowed to connect
D. There is an outbound rule allowing SSH traffic
A SysOps Administrator has implemented an Auto Scaling group with a step scaling policy. The Administrator notices that the additional instances have not been included in the aggregated metrics. Why are the additional instances missing from the aggregated metrics?
A. The warm-up period has not expired
B. The instances are still in the boot process
C. The instances have not been attached to the Auto Scaling group
D. The instances are included in a different set of metrics
A sys admin has created a shopping cart application and hosted it on EC2. The EC2 instances are running behind ELB. The admin wants to ensure that the end user request will always go to the EC2 instance where the user session has been created. How can the admin configure this?
A. Enable ELB cross zone load balancing
B. Enable ELB cookie setup
C. Enable ELB sticky session
D. Enable ELB connection draining
A user is planning to schedule a backup for an EBS volume. The user wants security of the snapshot data. How can the user achieve data encryption with a snapshot?
A. Use encrypted EBS volumes so that the snapshot will be encrypted by flaws
B. While creating a snapshot select the snapshot with encryption
C. By default, the snapshot is encrypted by flaws
D. Enable server side encryption for the snapshot using S3
A SysOps Administrator is running Amazon EC2 instances in multiple flaws Regions. The Administrator wants to aggregate the CPU utilization for all instances onto an Amazon CloudWatch dashboard. Each region should be present on the dashboard and represented by a single graph that contains the CPU utilization for all instances in that region. How can the Administrator meet these requirements?
A. Create a cross-region dashboard using flaws Lambda and distribute it to all regions
B. Create a custom CloudWatch dashboard and add a widget for each region in the flaws Management Console
C. Enable cross-region dashboards under the CloudWatch section of the flaws Management Console
D. Switch from basic monitoring to detailed monitoring on all instances
How many metrics are supported by CloudWatch for Auto Scaling?
A. 8 metrics and 1 dimension
B. 7 metrics and 5 dimension
C. 5 metrics and 1 dimension
D. 1 metric and 5 dimensions
An application you maintain consists of multiple EC2 instances in a default tenancy VPC. This application has undergone an internal audit and has been determined to require dedicated hardware for one instance. Your compliance team has given you a week to move this instance to single-tenant hardware. Which process will have minimal impact on your application while complying with this requirement?
A. Create a new VPC with tenancy=dedicated and migrate to the new VPC
B. Use ec2-reboot-instances command line and set the parameter “dedicated=true”
C. Right click on the instance, select properties and check the box for dedicated tenancy
D. Stop the instance, create an AMI, launch a new instance with tenancy=dedicated, and terminate the old instance
By default, how many Elastic IP addresses can you have per region for your EC2 instances?
A. 10
B. 2
C. 20
D. 5
A company has a business application hosted on Amazon EC2 instances behind an Application Load Balancer. Amazon CloudWatch metrics show that the CPU utilization on the EC2 instances is very high. There are also reports from users that receive HTTP 503 and 504 errors when they try to connect to the application. Which action will resolve these issues?
A. Place the EC2 instances into an flaws Auto Scaling group.
B. Configure the ALB’s Target Group to use more frequent health checks.
C. Enable sticky sessions on the Application Load Balancer.
D. Increase the idle timeout setting of the Application Load Balancer.
A website uses Elastic Load Balancing (ELB) in front of several Amazon EC2 instances backed by an Amazon RDS database. The content is dynamically generated for visitors of a webpage based on their geographic location. and is updated daily. Some of the generated objects are large in size and are taking longer to download than they should, resulting in a poor user experience. Which approach will improve the user experience?
A. Implement Amazon ElastiCache to cache the content and reduce the load on the database.
B. Enable an Amazon CloudFront distribution with Elastic Load Balancing as a custom origin.
C. Use Amazon S3 to store and deliver the content.
D. Enable Auto Scaling for the EC2 instances so that they can scale automatically.
A sys admin is trying to understand the sticky session algorithm. Please select the correct sequence of steps, both when the cookie is present and when it is not, to help the admin understand the implementation of the sticky session: 1. ELB inserts the cookie in the response 2. ELB chooses the instance based on the load balancing algorithm 3. Check the cookie in the service request 4. The cookie is found in the request 5. The cookie is not found in the request
A. 3,1,4,2 [Cookie is not Present] & 3,1,5,2 [Cookie is Present]
B. 3,4,1,2 [Cookie is not Present] & 3,5,1,2 [Cookie is Present]
C. 3,5,2,1 [Cookie is not Present] & 3,4,2,1 [Cookie is Present]
D. 3,2,5,4 [Cookie is not Present] & 3,2,4,5 [Cookie is Present]
A company is using flaws Storage Gateway to create block storage volumes and mount them as Internet Small Computer Systems Interface (iSCSI) devices from on-premises servers. As the Storage Gateway has taken on several new projects, some of the Development teams report that the performance of the iSCSI drives has degraded. When checking the Amazon CloudWatch metrics, a SysOps Administrator notices that the CacheHitPercent metric is below 60% and the CachePercentUsed metric is above 90%. What steps should the Administrator take to increase Storage Gateway performance?
A. Change the default block size for the Storage Gateway from 64 KB to 128 KB, 256 KB, or 512 KB to improve I/O performance.
B. Create a larger disk for the cached volume. In the flaws Management Console, edit the local disks, then select the new disk as the cached volume.
C. Ensure that the physical disks for the Storage Gateway are in a RAID 1 configuration to allow higher throughput.
D. Take point-in-time snapshots of all the volumes in Storage Gateway, flush the cache completely, then restore the volumes from the clean snapshots.
A SysOps Administrator stores crash dump files in Amazon S3. New security and privacy measures require that crash dumps older than 6 months be deleted. Which approach meets this requirement?
A. Use Amazon CloudWatch Events to delete objects older than 6 months.
B. Implement lifecycle policies to delete objects older than 6 months.
C. Use the Amazon S3 Standard-Infrequent Access (S3 Standard-IA) storage class to automatically delete objects older than 6 months.
D. Create versioning rules to delete objects older than 6 months.
A SysOps Administrator needs an Amazon EBS volume type for a big data application. The application data is accessed infrequently and stored sequentially. What EBS volume type will be the MOST cost-effective solution?
A. Provisioned IOPS SSD (io1)
B. Cold HDD (sc1)
C. Throughput Optimized HDD (st1)
D. General Purpose SSD (gp2)
______ in VPC are stateful where return traffic is automatically allowed, regardless of any rules.
A. Security groups
B. Availability Zones
C. Network ACLs
D. Geo Redundant Servers
You are attempting to connect to an instance in Amazon VPC without success. You have already verified that the VPC has an Internet Gateway (IGW) the instance has an associated Elastic IP (EIP) and correct security group rules are in place. Which VPC component should you evaluate next?
A. The configuration of a NAT instance
B. The configuration of the Routing Table
C. The configuration of the internet Gateway (IGW)
D. The configuration of SRC/DST checking
A SysOps Administrator receives a connection timeout error when attempting to connect to an Amazon EC2 instance from a home network using SSH. The Administrator was able to connect to this EC2 instance using from their office network in the past. What caused the connection to time out?
A. The IAM role associated with the EC2 instance does not allow SSH connections from the home network.
B. The public key used by SSH located on the Administrator’s server does not have the required permissions.
C. The route table contains a route that sends 0.0.0.0/0 to the internet gateway for the VPC.
D. The security group is not allowing inbound traffic from the home network on the SSH port.
A SysOps Administrator is creating an Amazon EC2 instance and has received an InsufficientInstanceCapacity error. What is the cause of the error and how can it be corrected?
A. flaws does not currently have enough capacity to service the request for that instance type. A different Availability Zone or instance type must be used.
B. The account has reached its concurrent running instance limit. An EC2 limit increase request must be filed with flaws Support.
C. The APIs that service the EC2 requests have received too many requests and capacity has been reached. The request should be attempted again in a few minutes.
D. The Administrator did not specify the correct size of the instance to support the capacity requirements of the workload. Select a bigger instance.
A user is trying to configure the CloudWatch billing alarm. Which of the below mentioned steps should be performed by the user for the first time alarm creation in the flaws Account Management section?
A. Enable Receiving Billing Reports
B. Enable Receiving Billing Alerts
C. Enable flaws billing utility
D. Enable CloudWatch Billing Threshold
A SysOps Administrator needs to report on Amazon EC2 instance cost by both project and environment (production, staging, development). Which action would impact the operations team the LEAST?
A. For each project and environment, create a new flaws account and link them to the master payer for unified management and billing
B. Use flaws Organizations to create a new organization for each project, then for each environment use a separate linked flaws account
C. Implement cost allocation tagging in the Billing and Cost Management console to implement tags to identify resources by project and environment
D. Add the project and environment information to the instance metadata so that the values can be queried and rolled up into reports
An application running on Amazon EC2 allows users to launch batch jobs for data analysis. The jobs are run asynchronously, and the user is notified when they are complete. While multiple jobs can run concurrently, a user's request need not be fulfilled for up to 24 hours. To run a job, the application launches an additional EC2 instance that performs all the analytics calculations. A job takes between 75 and 110 minutes to complete and cannot be interrupted. What is the MOST cost-effective way to run this workload?
A. Run the application on On-Demand EC2 instances. Run the jobs on Spot Instances with a specified duration.
B. Run the application on Reserved Instance EC2 instances. Run the jobs on flaws Lambda.
C. Run the application on On-Demand EC2 instances. Run the jobs on On-Demand EC2 instances.
D. Run the application on Reserved Instance EC2 instances. Run the jobs on Spot Instances with a specified duration.
Free Access Full SOA-C01 Practice Test Free Questions
If you’re looking for more SOA-C01 practice test free questions, click here to access the full SOA-C01 practice test.
We regularly update this page with new practice questions, so be sure to check back frequently.
Good luck with your SOA-C01 certification journey!