Free Practice Questions for AWS Certified CloudOps Engineer - Associate (SOA-C03) Certification

• Configure AWS monitoring and logging by using AWS services (for example, Amazon CloudWatch, AWS CloudTrail, Amazon Managed Service for Prometheus) • Configure and manage the CloudWatch agent to collect metrics and logs from Amazon EC2 instances, Amazon Elastic Container Service (Amazon ECS) clusters, or Amazon Elastic Kubernetes Service (Amazon EKS) clusters • Configure, identify, and troubleshoot CloudWatch alarms that can invoke AWS services directly or through Amazon EventBridge (for example, by creating composite alarms and identifying their invokable actions) • Create, implement, and manage customizable and shareable CloudWatch dashboards that display metrics and alarms for AWS resources across multiple accounts and AWS Regions • Configure AWS services to send notifications to Amazon Simple Notification Service (Amazon SNS) and to invoke alarms that send notifications to Amazon SNS

• Analyze performance metrics and automate remediation strategies by using AWS services and functionality (for example, CloudWatch, AWS User Notifications, AWS Lambda, AWS Systems Manager, CloudTrail, auto scaling) • Use EventBridge to route, enrich, and deliver events, and troubleshoot any issues with event bus rules • Create or run custom and predefined Systems Manager Automation runbooks (for example, by using AWS SDKs or custom scripts) to automate tasks and streamline processes on AWS

• Optimize compute resources and remediate performance problems by using performance metrics, resource tags, and AWS tools • Analyze Amazon Elastic Block Store (Amazon EBS) performance metrics, troubleshoot issues, and optimize volume types to improve performance and reduce cost • Implement and optimize Amazon S3 performance strategies (for example, AWS DataSync, S3 Transfer Acceleration, multipart uploads, S3 Lifecycle policies) to enhance data transfer, storage efficiency, and access patterns • Evaluate and select shared storage solutions (for example, Amazon Elastic File System [Amazon EFS], Amazon FSx), and optimize the solutions (for example, EFS lifecycle policies) for specific use cases and requirements • Monitor Amazon RDS metrics (for example, Amazon RDS Performance Insights, CloudWatch alarms), and modify configurations to increase performance efficiency (for example, Performance Insights proactive recommendations, RDS Proxy) • Implement, monitor, and optimize EC2 instances and their associated storage and networking capabilities (for example, EC2 placement groups)

• Configure and manage scaling mechanisms in compute environments • Implement caching by using AWS services to enhance dynamic scalability (for example, Amazon CloudFront, Amazon ElastiCache) • Configure and manage scaling in AWS managed databases (for example, Amazon RDS, Amazon DynamoDB)

• Configure and troubleshoot Elastic Load Balancing (ELB) and Amazon Route 53 health checks • Configure fault-tolerant systems (for example, Multi-AZ deployments)

• Automate snapshots and backups for AWS resources (for example, Amazon EC2 instances, RDS DB instances, Amazon Elastic Block Store [Amazon EBS] volumes, Amazon S3 buckets, DynamoDB tables) by using AWS services (for example, AWS Backup) • Use various methods to restore databases (for example, point-in-time restore) to meet recovery time objective (RTO), recovery point objective (RPO), and cost requirements • Implement versioning for storage services (for example, Amazon S3, Amazon FSx) • Follow disaster recovery procedures

• Create and manage AMIs and container images (for example, Amazon EC2 Image Builder) • Create and manage stacks of resources by using AWS CloudFormation and the AWS Cloud Development Kit (AWS CDK) • Identify and remediate deployment issues (for example, subnet sizing issues, CloudFormation errors, permissions issues) • Provision and share resources across multiple AWS Regions and accounts (for example, AWS Resource Access Manager [AWS RAM], CloudFormation StackSets) • Implement deployment strategies and services • Use and manage third-party tools to automate resource deployment (for example, Terraform, Git)

• Use AWS services to automate operational processes (for example, AWS Systems Manager) • Implement event-driven automation by using AWS services and features (for example, AWS Lambda, Amazon S3 Event Notifications)

• Implement AWS Identity and Access Management (IAM) features (for example, password policies, multi-factor authentication [MFA], roles, federated identity, resource policies, policy conditions) • Troubleshoot and audit access issues by using AWS tools (for example, AWS CloudTrail, IAM Access Analyzer, IAM policy simulator) • Implement multi-account strategies securely • Implement remediation based on the results of AWS Trusted Advisor security checks • Enforce compliance requirements (for example, AWS Region and service selections)

• Implement and enforce a data classification scheme • Implement, configure, and troubleshoot encryption at rest (for example, AWS Key Management Service [AWS KMS]) • Implement, configure, and troubleshoot encryption in transit (for example, AWS Certificate Manager [ACM]) • Securely store secrets by using AWS services • Configure reports and remediate findings from AWS services (for example, AWS Security Hub, Amazon GuardDuty, AWS Config, Amazon Inspector)

• Configure a VPC (for example, subnets, route tables, network ACLs, security groups, NAT gateways, internet gateway, egress-only internet gateway) • Configure private networking connectivity • Audit AWS network protection services (for example, Amazon Route 53 Resolver DNS Firewall, AWS WAF, AWS Shield, AWS Network Firewall) in a single account • Optimize the cost of network architectures

• Configure DNS (for example, Route 53 Resolver) • Implement Route 53 routing policies, configurations, and query logging • Configure content and service distribution (for example, Amazon CloudFront, AWS Global Accelerator)

• Troubleshoot VPC configurations (for example, subnets, route tables, network ACLs, security groups, transit gateways, NAT gateways) • Collect and interpret networking logs to troubleshoot issues (for example, VPC flow logs, Elastic Load Balancing [ELB] access logs, AWS WAF web ACL logs, CloudFront logs, container logs) • Identify and remediate CloudFront caching issues • Identify and troubleshoot hybrid connectivity issues and private connectivity issues • Configure and analyze Amazon CloudWatch network monitoring services