Free Practice Questions for AWS Certified CloudOps Engineer - Associate (SOA-C03) Certification
Study with 364 exam-style practice questions designed to help you prepare for the AWS Certified CloudOps Engineer - Associate (SOA-C03).
Start Practicing
All Domains
Practice with randomly mixed questions from all topics
Domain Mode
Practice questions from a specific topic area
Quiz History
Exam Details
Key information about AWS Certified CloudOps Engineer - Associate (SOA-C03)
- Multiple choice
associate (intermediate)
Multiple choice, multiple response
720 out of 1000
1 year of experience with deployment, management, troubleshooting, networking, and security on AWS; 1 year in a related operations role (e.g., system administrator)
CloudOps engineers
50 scored questions (plus 15 unscored)
Exam Topics & Skills Assessed
Skills measured (from the official study guide)
Domain 1: Monitoring, Logging, Analysis, Remediation, and Performance Optimization
Subdomain 1.1: Implement metrics, alarms, and filters by using AWS monitoring and logging services.
- Skill 1.1.1: Use AWS services (for example, Amazon CloudWatch, AWS CloudTrail, Amazon Managed Service for Prometheus) to configure monitoring and logging for workloads (for example, serverless, compute, AI). - Skill 1.1.2: Configure and manage the CloudWatch agent to collect metrics and logs from EC2 instances, Amazon ECS clusters, or Amazon EKS clusters. - Skill 1.1.3: Configure, identify, and troubleshoot CloudWatch alarms that can invoke AWS services directly or through Amazon EventBridge (for example, by creating composite alarms and identifying their invokable actions). - Skill 1.1.4: Create, implement, and manage customizable and shareable CloudWatch dashboards that display metrics and alarms for AWS resources across multiple accounts and AWS Regions. - Skill 1.1.5: Configure AWS services to send notifications to Amazon SNS and to invoke alarms that send notifications to Amazon SNS.
Subdomain 1.2: Identify and remediate issues by using monitoring and availability metrics.
- Skill 1.2.1: Analyze performance metrics and automate remediation strategies by using AWS services and functionality (for example, CloudWatch, Lambda, AWS Systems Manager, CloudTrail, Kiro, AWS DevOps Agent). - Skill 1.2.2: Use EventBridge to route, enrich, and deliver events, and troubleshoot any issues with event bus rules. - Skill 1.2.3: Create or run custom and predefined Systems Manager Automation runbooks (for example, by using AWS SDKs or custom scripts) to automate tasks and streamline processes on AWS.
Subdomain 1.3: Implement performance optimization strategies for compute, storage, and database resources.
- Skill 1.3.1: Optimize compute resources and remediate performance problems by using performance metrics, resource tags, and AWS tools. - Skill 1.3.2: Analyze Amazon EBS performance metrics, troubleshoot issues, and optimize volume types to improve performance and reduce cost. - Skill 1.3.3: Implement and optimize S3 performance strategies (for example, AWS DataSync, S3 Transfer Acceleration, multipart uploads, S3 Lifecycle policies) to enhance data transfer, storage efficiency, and access patterns. - Skill 1.3.4: Evaluate and select shared storage solutions (for example, Amazon EFS, Amazon FSx, Amazon S3 Files), and optimize the solutions (for example, EFS lifecycle policies) for specific use cases and requirements. - Skill 1.3.5: Monitor Amazon RDS metrics (for example, Amazon RDS Performance Insights, CloudWatch alarms) and modify configurations to increase performance efficiency (for example, Performance Insights proactive recommendations, RDS Proxy). - Skill 1.3.6: Implement, monitor, and optimize EC2 instances and their associated storage and networking capabilities (for example, EC2 placement groups).
Domain 2: Reliability and Business Continuity
Subdomain 2.1: Implement scalability and elasticity.
- Skill 2.1.1: Configure and manage scaling mechanisms in compute environments. - Skill 2.1.2: Implement caching by using AWS services to enhance dynamic scalability (for example, Amazon CloudFront, Amazon ElastiCache). - Skill 2.1.3: Configure and manage scaling in AWS managed databases (for example, Amazon RDS, DynamoDB).
Subdomain 2.2: Implement highly available and resilient environments.
- Skill 2.2.1: Configure and troubleshoot Elastic Load Balancing (ELB) and Amazon Route 53 health checks. - Skill 2.2.2: Configure fault-tolerant systems (for example, Multi-AZ deployments).
Subdomain 2.3: Implement backup and restore strategies.
- Skill 2.3.1: Automate snapshots and backups for AWS resources (for example, EC2 instances, RDS DB instances, EBS volumes, S3 buckets, DynamoDB tables) by using AWS services (for example, AWS Backup). - Skill 2.3.2: Use various methods to restore databases (for example, point-in-time restore) to meet recovery time objective (RTO), recovery point objective (RPO), and cost requirements. - Skill 2.3.3: Implement versioning for storage services (for example, Amazon S3, Amazon FSx). - Skill 2.3.4: Follow disaster recovery procedures and best practices (for example, backup and restore, pilot light, warm standby, active/active).
Domain 3: Deployment, Provisioning, and Automation
Subdomain 3.1: Provision and maintain cloud resources.
- Skill 3.1.1: Create and manage AMIs and container images (for example, EC2 Image Builder). - Skill 3.1.2: Create and manage AWS resources by using CloudFormation and the AWS CDK. - Skill 3.1.3: Identify and remediate deployment issues (for example, subnet sizing issues, CloudFormation errors, permissions issues). - Skill 3.1.4: Provision and share resources across multiple Regions and accounts (for example, AWS Resource Access Manager [AWS RAM], CloudFormation StackSets). - Skill 3.1.5: Implement deployment strategies and services. - Skill 3.1.6: Use and manage third-party tools to automate resource deployment (for example, Terraform, Git).
Subdomain 3.2: Automate the management of existing resources.
- Skill 3.2.1: Use AWS services to automate operational processes (for example, Systems Manager). - Skill 3.2.2: Implement event-driven automation by using AWS services and features (for example, Lambda, S3 Event Notifications, EventBridge, AWS DevOps Agent).
Domain 4: Security and Compliance
Subdomain 4.1: Implement and manage security and compliance tools and policies.
- Skill 4.1.1: Implement IAM features (for example, password policies, multi-factor authentication [MFA], roles, federated identity, resource policies, policy conditions). - Skill 4.1.2: Troubleshoot and audit access issues by using AWS tools (for example, CloudTrail, IAM Access Analyzer, IAM policy simulator). - Skill 4.1.3: Implement multi-account strategies securely (for example, AWS Organizations, service control policies, IAM Identity Center). - Skill 4.1.4: Implement remediation based on the results of AWS Trusted Advisor security checks. - Skill 4.1.5: Enforce compliance requirements and continuous monitoring (for example, Region and service selections, AWS Config conformance packs).
Subdomain 4.2: Implement strategies to protect data and infrastructure.
- Skill 4.2.1: Implement and enforce a data classification scheme. - Skill 4.2.2: Implement, configure, and troubleshoot encryption at rest (for example, AWS KMS). - Skill 4.2.3: Implement, configure, and troubleshoot encryption in transit (for example, AWS Certificate Manager [ACM]). - Skill 4.2.4: Securely store secrets by using AWS services. - Skill 4.2.5: Configure reports and remediate findings from AWS services (for example, AWS Security Hub, Amazon GuardDuty, AWS Config, Amazon Inspector, AWS Security Agent).
Domain 5: Networking and Content Delivery
Subdomain 5.1: Implement and optimize networking features and connectivity.
- Skill 5.1.1: Configure a VPC (for example, subnets, route tables, network ACLs, security groups, NAT gateways, internet gateway, egress-only internet gateway). - Skill 5.1.2: Configure private networking connectivity (for example, VPC endpoints, AWS PrivateLink, VPC peering). - Skill 5.1.3: Audit AWS network protection services (for example, Route 53 Resolver DNS Firewall, AWS WAF, AWS Shield, AWS Network Firewall) in a single account. - Skill 5.1.4: Optimize the cost of network architectures.
Subdomain 5.2: Configure domains, DNS services, and content delivery.
- Skill 5.2.1: Configure DNS (for example, Route 53 Resolver). - Skill 5.2.2: Implement Route 53 routing policies, configurations, and query logging. - Skill 5.2.3: Configure content and service distribution (for example, CloudFront, AWS Global Accelerator).
Subdomain 5.3: Troubleshoot network connectivity issues.
- Skill 5.3.1: Troubleshoot VPC configurations (for example, subnets, route tables, network ACLs, security groups, transit gateways, NAT gateways). - Skill 5.3.2: Collect and interpret networking logs to troubleshoot issues (for example, VPC flow logs, ELB access logs, AWS WAF web ACL logs, CloudFront logs, container logs). - Skill 5.3.3: Identify and remediate CloudFront caching issues. - Skill 5.3.4: Identify and troubleshoot hybrid connectivity issues and private connectivity issues. - Skill 5.3.5: Configure and analyze CloudWatch network monitoring services.
Techniques & products