SOA-C03 Exam Details

  • Exam Code
    :SOA-C03
  • Exam Name
    :AWS Certified CloudOps Engineer - Associate (SOA-C03)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :263 Q&As
  • Last Updated
    :Jul 14, 2026

Amazon SOA-C03 Online Questions & Answers

  • Question 221:

    A company's CloudOps engineer is troubleshooting communication between the components of an application. The company configured VPC flow logs to be published to Amazon CloudWatch Logs. However, there are no logs in CloudWatch Logs.

    What could be blocking the VPC flow logs from being published to CloudWatch Logs?

    A. The IAM policy attached to the IAM role for the flow log is missing the logs:CreateLogGroup permission.
    B. The IAM policy attached to the IAM role for the flow log is missing the logs:CreateExportTask permission.
    C. The VPC is configured for IPv6 addresses.
    D. The VPC is peered with another VPC in the AWS account.

  • Question 222:

    A CloudOps engineer configures an application to run on Amazon EC2 instances behind an Application Load Balancer (ALB) in a simple scaling Auto Scaling group with the default settings. The Auto Scaling group is configured to use the RequestCountPerTarget metric for scaling. The CloudOps engineer notices that the RequestCountPerTarget metric exceeded the specified limit twice in 180 seconds.

    How will the number of EC2 instances in this Auto Scaling group be affected in this scenario?

    A. The Auto Scaling group will launch an additional EC2 instance every time the RequestCountPerTarget metric exceeds the predefined limit.
    B. The Auto Scaling group will launch one EC2 instance and will wait for the default cooldown period before launching another instance.
    C. The Auto Scaling group will send an alert to the ALB to rebalance the traffic and not add new EC2 instances until the load is normalized.
    D. The Auto Scaling group will try to distribute the traffic among all EC2 instances before launching another instance.

  • Question 223:

    A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances. A CloudOps engineer needs to keep the EC2 instances and their data even if the stack is deleted.

    Which solution will meet these requirements?

    A. Set the DeletionPolicy attribute to Snapshot .
    B. Use Amazon Data Lifecycle Manager (DLM).
    C. Create an AWS Backup plan.
    D. Set the DeletionPolicy attribute to Retain .

  • Question 224:

    A CloudOps engineer is using AWS Compute Optimizer to generate recommendations for a fleet of Amazon EC2 instances. Some of the instances use newly released instance types, while other instances use older instance types.

    After the analysis is complete, the CloudOps engineer notices that some of the EC2 instances are missing from the Compute Optimizer dashboard.

    What is the likely cause of this issue?

    A. The missing instances have insufficient historical Amazon CloudWatch metric data for analysis.
    B. Compute Optimizer does not support the instance types of the missing instances.
    C. Compute Optimizer already considers the missing instances to be optimized.
    D. The missing instances are running a Windows operating system.

  • Question 225:

    A CloudOps engineer wants to ensure that future EC2 instances automatically receive patching without manual scheduling.

    Which Systems Manager feature should be used?

    A. Patch Manager with maintenance windows
    B. Default Host Management Configuration
    C. Run Command documents
    D. Automation runbooks

  • Question 226:

    A multinational company uses an organization in AWS Organizations to manage over 200 member accounts across multiple AWS Regions. The company must ensure that all AWS resources meet specific security requirements.

    The company must not deploy any EC2 instances in the ap-southeast-2 Region. The company must completely block root user actions in all member accounts. The company must prevent any user from deleting AWS CloudTrail logs, including administrators.

    The company requires a centrally managed solution that the company can automatically apply to all existing and future accounts.

    Which solution will meet these requirements?

    A. Create AWS Config rules with remediation actions in each account to detect policy violations. Implement IAM permissions boundaries for the account root users.
    B. Enable AWS Security Hub across the organization. Create custom security standards to enforce the security requirements. Use AWS CloudFormation StackSets to deploy the standards to all the accounts in the organization. Set up Security Hub automated remediation actions.
    C. Use AWS Control Tower for account governance. Configure Region deny controls. Use Service Control Policies (SCPs) to restrict root user access.
    D. Configure AWS Firewall Manager with security policies to meet the security requirements. Use an AWS Config aggregator with organization-wide conformance packs to detect security policy violations.

  • Question 227:

    A company wants to prevent accidental deletion of CloudFormation stacks.

    Which feature should be enabled?

    A. Stack policies
    B. Termination protection
    C. Rollback configuration
    D. Change sets

  • Question 228:

    A company uses Amazon EC2 instances for a stateful application. The company needs a disaster recovery plan that can restore the application environment in a different AWS Region with minimal manual steps.

    Which solution will meet these requirements?

    A. Use AWS CloudFormation to define the infrastructure and use AMIs and snapshots copied to the DR Region.
    B. Use AWS Trusted Advisor to generate a DR report.
    C. Use Amazon CloudWatch dashboards to rebuild the environment in the DR Region.
    D. Use VPC Flow Logs to replicate the application state across Regions.

  • Question 229:

    A company is using an Amazon Aurora MySQL DB cluster that has point-in-time recovery backtracking, and automatic backup enabled. A CloudOps engineer needs to roll back the DB cluster to a specific recovery point within the previous 72 hours. Restores must be completed in the same production DB cluster.

    Which solution will meet these requirements?

    A. Create an Aurora Replica. Promote the replica to replace the primary DB instance.
    B. Create an AWS Lambda function to restore an automatic backup to the existing DB cluster.
    C. Use backtracking to rewind the existing DB cluster to the desired recovery point.
    D. Use point-in-time recovery to restore the existing DB cluster to the desired recovery point.

  • Question 230:

    A company needs to ensure that an Application Load Balancer is protected against common web exploits and that rules can be centrally managed across multiple accounts.

    Which solution will meet these requirements?

    A. Deploy AWS WAF on each ALB and manage rules individually per account.
    B. Use AWS Firewall Manager to centrally manage AWS WAF policies across accounts and apply them to ALBs.
    C. Enable AWS Shield Standard and configure SQL injection rules.
    D. Use Security Groups to block SQL injection strings.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C03 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.