Free Practice Questions for AWS Certified CloudOps Engineer - Associate (SOA-C03) Certification

- Skill 1.1.1: Configure AWS monitoring and logging by using AWS services (for example, Amazon CloudWatch, AWS CloudTrail, Amazon Managed Service for Prometheus) - Skill 1.1.2: Configure and manage the CloudWatch agent to collect metrics and logs from Amazon EC2 instances, Amazon Elastic Container Service (Amazon ECS) clusters, or Amazon Elastic Kubernetes Service (Amazon EKS) clusters - Skill 1.1.3: Configure, identify, and troubleshoot CloudWatch alarms that can invoke AWS services directly or through Amazon EventBridge (for example, by creating composite alarms and identifying their invokable actions) - Skill 1.1.4: Create, implement, and manage customizable and shareable CloudWatch dashboards that display metrics and alarms for AWS resources across multiple accounts and AWS Regions - Skill 1.1.5: Configure AWS services to send notifications to Amazon Simple Notification Service (Amazon SNS) and to invoke alarms that send notifications to Amazon SNS

- Skill 1.2.1: Analyze performance metrics and automate remediation strategies by using AWS services and functionality (for example, CloudWatch, AWS User Notifications, AWS Lambda, AWS Systems Manager, CloudTrail, auto scaling) - Skill 1.2.2: Use EventBridge to route, enrich, and deliver events, and troubleshoot any issues with event bus rules - Skill 1.2.3: Create or run custom and predefined Systems Manager Automation runbooks (for example, by using AWS SDKs or custom scripts) to automate tasks and streamline processes on AWS

- Skill 1.3.1: Optimize compute resources and remediate performance problems by using performance metrics, resource tags, and AWS tools - Skill 1.3.2: Analyze Amazon Elastic Block Store (Amazon EBS) performance metrics, troubleshoot issues, and optimize volume types to improve performance and reduce cost - Skill 1.3.3: Implement and optimize Amazon S3 performance strategies (for example, AWS DataSync, S3 Transfer Acceleration, multipart uploads, S3 Lifecycle policies) to enhance data transfer, storage efficiency, and access patterns - Skill 1.3.4: Evaluate and select shared storage solutions (for example, Amazon Elastic File System [Amazon EFS], Amazon FSx), and optimize the solutions (for example, EFS lifecycle policies) for specific use cases and requirements - Skill 1.3.5: Monitor Amazon RDS metrics (for example, Amazon RDS Performance Insights, CloudWatch alarms), and modify configurations to increase performance efficiency (for example, Performance Insights proactive recommendations, RDS Proxy) - Skill 1.3.6: Implement, monitor, and optimize EC2 instances and their associated storage and networking capabilities (for example, EC2 placement groups)

- Skill 2.1.1: Configure and manage scaling mechanisms in compute environments - Skill 2.1.2: Implement caching by using AWS services to enhance dynamic scalability (for example, Amazon CloudFront, Amazon ElastiCache) - Skill 2.1.3: Configure and manage scaling in AWS managed databases (for example, Amazon RDS, Amazon DynamoDB)

- Skill 2.2.1: Configure and troubleshoot Elastic Load Balancing (ELB) and Amazon Route 53 health checks - Skill 2.2.2: Configure fault-tolerant systems (for example, Multi-AZ deployments)

- Skill 2.3.1: Automate snapshots and backups for AWS resources (for example, Amazon EC2 instances, RDS DB instances, Amazon Elastic Block Store [Amazon EBS] volumes, Amazon S3 buckets, DynamoDB tables) by using AWS services (for example, AWS Backup) - Skill 2.3.2: Use various methods to restore databases (for example, point-in-time restore) to meet recovery time objective (RTO), recovery point objective (RPO), and cost requirements - Skill 2.3.3: Implement versioning for storage services (for example, Amazon S3, Amazon FSx) - Skill 2.3.4: Follow disaster recovery procedures

- Skill 3.1.1: Create and manage AMIs and container images (for example, Amazon EC2 Image Builder) - Skill 3.1.2: Create and manage stacks of resources by using AWS CloudFormation and the AWS Cloud Development Kit (AWS CDK) - Skill 3.1.3: Identify and remediate deployment issues (for example, subnet sizing issues, CloudFormation errors, permissions issues) - Skill 3.1.4: Provision and share resources across multiple AWS Regions and accounts (for example, AWS Resource Access Manager [AWS RAM], CloudFormation StackSets) - Skill 3.1.5: Implement deployment strategies and services - Skill 3.1.6: Use and manage third-party tools to automate resource deployment (for example, Terraform, Git)

- Skill 3.2.1: Use AWS services to automate operational processes (for example, AWS Systems Manager) - Skill 3.2.2: Implement event-driven automation by using AWS services and features (for example, AWS Lambda, Amazon S3 Event Notifications)

- Skill 4.1.1: Implement AWS Identity and Access Management (IAM) features (for example, password policies, multi-factor authentication [MFA], roles, federated identity, resource policies, policy conditions) - Skill 4.1.2: Troubleshoot and audit access issues by using AWS tools (for example, AWS CloudTrail, IAM Access Analyzer, IAM policy simulator) - Skill 4.1.3: Implement multi-account strategies securely - Skill 4.1.4: Implement remediation based on the results of AWS Trusted Advisor security checks - Skill 4.1.5: Enforce compliance requirements (for example, AWS Region and service selections)

- Skill 4.2.1: Implement and enforce a data classification scheme - Skill 4.2.2: Implement, configure, and troubleshoot encryption at rest (for example, AWS Key Management Service [AWS KMS]) - Skill 4.2.3: Implement, configure, and troubleshoot encryption in transit (for example, AWS Certificate Manager [ACM]) - Skill 4.2.4: Securely store secrets by using AWS services - Skill 4.2.5: Configure reports and remediate findings from AWS services (for example, AWS Security Hub, Amazon GuardDuty, AWS Config, Amazon Inspector)

- Skill 5.1.1: Configure a VPC (for example, subnets, route tables, network ACLs, security groups, NAT gateways, internet gateway, egress-only internet gateway) - Skill 5.1.2: Configure private networking connectivity - Skill 5.1.3: Audit AWS network protection services (for example, Amazon Route 53 Resolver DNS Firewall, AWS WAF, AWS Shield, AWS Network Firewall) in a single account - Skill 5.1.4: Optimize the cost of network architectures

- Skill 5.2.1: Configure DNS (for example, Route 53 Resolver) - Skill 5.2.2: Implement Route 53 routing policies, configurations, and query logging - Skill 5.2.3: Configure content and service distribution (for example, Amazon CloudFront, AWS Global Accelerator)

- Skill 5.3.1: Troubleshoot VPC configurations (for example, subnets, route tables, network ACLs, security groups, transit gateways, NAT gateways) - Skill 5.3.2: Collect and interpret networking logs to troubleshoot issues (for example, VPC flow logs, Elastic Load Balancing [ELB] access logs, AWS WAF web ACL logs, CloudFront logs, container logs) - Skill 5.3.3: Identify and remediate CloudFront caching issues - Skill 5.3.4: Identify and troubleshoot hybrid connectivity issues and private connectivity issues - Skill 5.3.5: Configure and analyze Amazon CloudWatch network monitoring services