Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS Certified CloudOps Engineer - Associate SOA-C03

Amazon AWS Certified CloudOps Engineer - Associate SOA-C03 Exam Questions
AWS Certified CloudOps Engineer - Associate SOA-C03 (Page 3 )

Updated On: 24-Mar-2026
Page 3 of 34
PDF with 165 Questions

A company's AWS accounts are in an organization in AWS Organizations. The organization has all features enabled. The accounts use Amazon EC2 instances to host applications. The company manages the EC2 instances manually by using the AWS Management Console. The company applies updates to the EC2 instances by using an SSH connection to each EC2 instance.

The company needs a solution that uses AWS Systems Manager to manage all the organization's current and future EC2 instances. The latest version of Systems Manager Agent (SSM Agent) is running on the EC2 instances.

Which solution will meet these requirements?

  1. Configure a home AWS Region in Systems Manager Quick Setup in the organization's management account. Deploy the Systems Manager Default Host Management Configuration Quick Setup from the management account.
  2. Configure a home AWS Region in Systems Manager Quick Setup in the organization's management account. Create a Systems Manager Run Command that attaches the AmazonSSMServiceRolePolicy IAM policy to every IAM role that the EC2 instances use. Invoke the command in every account in the organization.
  3. Create an AWS CloudFormation stack set that contains a Systems Manager parameter to define the Default Host Management Configuration role. Use the organization's management account to deploy the stack set to every account in the organization.
  4. Create an AWS CloudFormation stack set that contains an EC2 instance profile with the
    AmazonSSMManagedEC2InstanceDefaultPolicy IAM policy attached. Use the organization's management account to deploy the stack set to every account in the organization.

Answer(s): A

Explanation:

AWS CloudOps automation best practices recommend using AWS Systems Manager Quick Setup for organization-wide management and configuration of EC2 instances. The Default Host Management Configuration Quick Setup automatically enables Systems Manager capabilities such as Patch Manager, Inventory, Session Manager, and Automation across all managed instances within the organization.

When deployed from the management account, Quick Setup automatically integrates with AWS Organizations to propagate configuration and permissions to existing and future accounts. This meets the requirement for organization-wide management with no manual configuration or SSH access.
AWS documentation notes:

"You can use Quick Setup in the management account of an organization in AWS Organizations to configure Systems Manager capabilities for all accounts and Regions. Quick Setup automatically keeps configurations up to date."

Options B, C, and D require custom deployments or manual IAM updates, lacking centralized automation. Therefore, Option A fully satisfies CloudOps standards for automated provisioning and ongoing management of EC2 instances across an organization.


Reference:

· AWS Certified CloudOps Engineer ­ Associate (SOA-C03) Exam Guide ­ Domain 3: Deployment, Provisioning and Automation

· AWS Systems Manager ­ Quick Setup and Default Host Management Configuration

· AWS Organizations Integration with Systems Manager

· AWS Well-Architected Framework ­ Operational Excellence Pillar



A CloudOps engineer creates an AWS CloudFormation template to define an application stack that can be deployed in multiple AWS Regions. The CloudOps engineer also creates an Amazon CloudWatch dashboard by using the AWS Management Console. Each deployment of the application requires its own CloudWatch dashboard.

How can the CloudOps engineer automate the creation of the CloudWatch dashboard each time the application is deployed?

  1. Create a script by using the AWS CLI to run the aws cloudformation put-dashboard command with the name of the dashboard. Run the command each time a new CloudFormation stack is created.
  2. Export the existing CloudWatch dashboard as JSON. Update the CloudFormation template to define an AWS::CloudWatch::Dashboard resource. Include the exported JSON in the resource's DashboardBody property.
  3. Update the CloudFormation template to define an AWS::CloudWatch::Dashboard resource. Use the intrinsic Ref function to reference the ID of the existing CloudWatch dashboard.
  4. Update the CloudFormation template to define an AWS::CloudWatch::Dashboard resource.
    Specify the name of the existing dashboard in the DashboardName property.

Answer(s): B

Explanation:

According to CloudOps automation and monitoring best practices, CloudWatch dashboards should be provisioned as infrastructure-as-code (IaC) resources using AWS CloudFormation to ensure consistency, repeatability, and version control. AWS CloudFormation supports the AWS::CloudWatch::Dashboard resource, where the DashboardBody property accepts a JSON object describing widgets, metrics, and layout.

By exporting the existing dashboard configuration as JSON and embedding it into the CloudFormation template, every deployment of the application automatically creates its corresponding dashboard. This method aligns with the CloudOps requirement for automated deployment and operational visibility within the same stack lifecycle.

AWS documentation explicitly states:

"Use the AWS::CloudWatch::Dashboard resource to create a dashboard from your template. You can include the same JSON you use to define a dashboard in the console."

Option A requires manual execution. Options C and D incorrectly reference or reuse existing dashboards, failing to produce unique, deployment-specific dashboards.


Reference:

· AWS Certified CloudOps Engineer ­ Associate (SOA-C03) Exam Guide ­ Domain 1: Monitoring and Logging

· AWS CloudFormation User Guide ­ Resource Type: AWS::CloudWatch::Dashboard

· AWS Well-Architected Framework ­ Operational Excellence Pillar

· Amazon CloudWatch ­ Automating Dashboards with Infrastructure as Code



A CloudOps engineer needs to ensure that AWS resources across multiple AWS accounts are tagged consistently. The company uses an organization in AWS Organizations to centrally manage the accounts. The company wants to implement cost allocation tags to accurately track the costs that are allocated to each business unit.

Which solution will meet these requirements with the LEAST operational overhead?

  1. Use Organizations tag policies to enforce mandatory tagging on all resources. Enable cost allocation tags in the AWS Billing and Cost Management console.
  2. Configure AWS CloudTrail events to invoke an AWS Lambda function to detect untagged resources and to automatically assign tags based on predefined rules.
  3. Use AWS Config to evaluate tagging compliance. Use AWS Budgets to apply tags for cost allocation.
  4. Use AWS Service Catalog to provision only pre-tagged resources. Use AWS Trusted Advisor to enforce tagging across the organization.

Answer(s): A

Explanation:

Tagging is essential for governance, cost management, and automation in CloudOps operations. The AWS Organizations tag policies feature allows centralized definition and enforcement of required tag keys and accepted values across all accounts in an organization. According to the AWS CloudOps study guide under Deployment, Provisioning, and Automation, tag policies enable automatic validation of tags, ensuring consistency with minimal manual overhead.

Once tagging consistency is enforced, enabling cost allocation tags in the AWS Billing and Cost Management console allows accurate cost distribution per business unit. AWS documentation states:

"Use AWS Organizations tag policies to standardize tags across accounts. You can activate cost allocation tags in the Billing console to track and allocate costs."

Option B introduces unnecessary complexity with Lambda automation. Option C detects but does not enforce tagging. Option D limits flexibility to Service Catalog resources only. Therefore, Option A provides a centrally managed, automated, and low-overhead solution that meets CloudOps tagging and cost-tracking requirements.


Reference:

· AWS Certified CloudOps Engineer ­ Associate (SOA-C03) Exam Guide ­ Domain 3: Deployment, Provisioning and Automation

· AWS Organizations ­ Tag Policies

· AWS Billing and Cost Management ­ Cost Allocation Tags

· AWS Well-Architected Framework ­ Operational Excellence and Cost Optimization Pillars



A user working in the Amazon EC2 console increased the size of an Amazon Elastic Block Store

(Amazon EBS) volume attached to an Amazon EC2 Windows instance. The change is not reflected in the file system.

What should a CloudOps engineer do to resolve this issue?

  1. Extend the file system with operating system-level tools to use the new storage capacity.
  2. Reattach the EBS volume to the EC2 instance.
  3. Reboot the EC2 instance that is attached to the EBS volume.
  4. Take a snapshot of the EBS volume. Replace the original volume with a volume that is created from the snapshot.

Answer(s): A

Explanation:

When an Amazon EBS volume is resized, the new storage capacity is immediately available to the attached EC2 instance. However, EBS does not automatically extend the file system. The CloudOps engineer must manually extend the file system within the operating system to utilize the additional space.

AWS documentation for EC2 and EBS specifies:

"After you increase the size of an EBS volume, use file system­specific tools to extend the file system so that the operating system can use the new storage capacity."

On Windows instances, this can be achieved through Disk Management or diskpart commands. On Linux systems, utilities such as growpart and resize2fs are used.

Options B and C do not modify file system metadata and are ineffective. Option D unnecessarily replaces the volume, which adds risk and downtime. Thus, Option A aligns with the Monitoring and Performance Optimization practices of AWS CloudOps by properly extending the file system to recognize the new capacity.


Reference:

· AWS Certified CloudOps Engineer ­ Associate (SOA-C03) Exam Guide ­ Domain 1

· Amazon EBS ­ Modifying EBS Volumes

· Amazon EC2 User Guide ­ Extending a File System After Resizing a Volume · AWS Well-Architected Framework ­ Performance Efficiency Pillar



Optimization]

A company has a workload that is sending log data to Amazon CloudWatch Logs. One of the fields includes a measure of application latency. A CloudOps engineer needs to monitor the p90 statistic of this field over time.

What should the CloudOps engineer do to meet this requirement?

  1. Create an Amazon CloudWatch Contributor Insights rule on the log data.
  2. Create a metric filter on the log data.
  3. Create a subscription filter on the log data.
  4. Create an Amazon CloudWatch Application Insights rule for the workload.

Answer(s): B

Explanation:

To analyze and visualize custom statistics such as the p90 latency (90th percentile), a CloudWatch metric must be generated from the log data. The correct method is to create a metric filter that extracts the latency value from each log event and publishes it as a CloudWatch metric. Once the metric is published, percentile statistics (p90, p95, etc.) can be displayed in CloudWatch dashboards or alarms.

AWS documentation states:

"You can use metric filters to extract numerical fields from log events and publish them as metrics in CloudWatch. CloudWatch supports percentile statistics such as p90 and p95 for these metrics."

Contributor Insights (Option A) is for analyzing frequent contributors, not numeric distributions. Subscription filters (Option C) are used for log streaming, and Application Insights (Option D)

provides monitoring of application health but not custom p90 statistics. Hence, Option B is the CloudOps-aligned, minimal-overhead solution for percentile latency monitoring.


Reference:

· AWS Certified CloudOps Engineer ­ Associate (SOA-C03) Exam Guide ­ Domain 1: Monitoring and Logging

· Amazon CloudWatch Logs ­ Metric Filters

· AWS Well-Architected Framework ­ Operational Excellence Pillar



Viewing page 3 of 34
Viewing questions 11 - 15 out of 165 questions



Post your Comments and Discuss Amazon AWS Certified CloudOps Engineer - Associate SOA-C03 exam dumps with other Community members:

AWS Certified CloudOps Engineer - Associate SOA-C03 Exam Discussions & Posts

AI Tutor 👋 I’m here to help!