🎯 Free SOA-C03 Mock Exam

Simulate the AWS Certified CloudOps Engineer - Associate exam with 65 questions, a 130-minute timer, and instant scoring across the current five SOA-C03 domains.

65Questions
130Minutes
720Passing Score
FreePrice

Real exam simulation with countdown timer.

65 questions · 130-minute exam format · opens existing quiz flow

SOA-C03 Mock Exam Questions (Page 1 of 7)

Preview the questions first, then start in timed or study mode.

  1. Question #1Domain 1

    A SysOps administrator notices that an Amazon EC2 instance's CPU utilization has been spiking unpredictably over the past week. The administrator needs to be alerted only when the CPU stays above 85% for at least three consecutive 5-minute evaluation periods, to avoid false alarms from brief spikes. Which approach should the administrator take?

    ACreate a CloudWatch alarm with a threshold of 85%, a period of 5 minutes, and set the datapoints to alarm to 3 out of 3.
    BCreate a CloudWatch alarm with a threshold of 85%, a period of 15 minutes, and set the datapoints to alarm to 1 out of 1.
    CCreate a CloudWatch anomaly detection alarm on CPU utilization and set the band width to 2.
    DCreate a CloudWatch composite alarm that combines three separate CPU alarms each with a different evaluation period.
  2. Question #2Domain 1

    A company runs a microservices application on Amazon ECS. The operations team needs to identify which downstream service call is causing intermittent latency increases in the order-processing service. The team needs a visual map of service dependencies and per-segment timing data. Which AWS service should the team use?

    AAmazon CloudWatch Logs Insights with a query filtering on latency fields
    BAWS X-Ray with service map and trace analysis
    CAWS CloudTrail event history filtered by API response times
    DAmazon EventBridge with custom latency events published by each service
  3. Question #3Domain 1Select 2 answers

    A SysOps administrator must ensure that all API activity across a 12-account AWS Organization is logged centrally, that log files cannot be tampered with, and that logs are retained for 7 years in a cost-effective manner. (Select TWO.)

    ACreate an organization trail in CloudTrail with log file integrity validation enabled and deliver logs to a central S3 bucket in the management account.
    BCreate individual CloudTrail trails in each account and use S3 Cross-Region Replication to copy logs to the management account.
    CConfigure an S3 Lifecycle policy on the central logging bucket to transition objects to S3 Glacier Deep Archive after 90 days.
    DEnable CloudTrail Insights on each individual account trail to detect tampering events.
    EUse an S3 bucket policy that denies `s3:DeleteObject` and `s3:PutObject` for all principals except the CloudTrail service.
  4. Question #4Domain 1

    An application writes custom business metrics to Amazon CloudWatch using the `PutMetricData` API. The operations team wants to create a dashboard that shows the p99 latency of these custom metrics at 1-second granularity. The team discovers the data is only available at 1-minute resolution. What should the team do to achieve 1-second granularity?

    APublish the metrics using the `StorageResolution` parameter set to 1 (high-resolution metrics).
    BEnable detailed monitoring on the EC2 instances running the application.
    CChange the CloudWatch agent collection interval to 1 second.
    DUse CloudWatch Metric Streams to send data to a Kinesis Data Firehose at 1-second intervals.
  5. Question #5Domain 1

    A SysOps administrator needs to automatically remediate Amazon EC2 instances that have a specific required tag missing. The administrator wants to use AWS Config to detect non-compliant resources and automatically add the missing tag. Which combination of AWS Config features should the administrator use?

    AUse the `required-tags` managed rule and configure automatic remediation with an SSM Automation document that calls the `ec2:CreateTags` API.
    BUse a custom AWS Config rule backed by a Lambda function, and have the Lambda function directly tag the instance within the evaluation logic.
    CUse the `required-tags` managed rule and configure an EventBridge rule that triggers an SNS notification to the operations team.
    DUse AWS Config conformance packs with a custom remediation script embedded in the conformance pack template.
  6. Question #6Domain 1

    A company uses Amazon CloudWatch Logs to store application logs from several EC2 instances. The operations team needs to create a metric that counts the number of `ERROR` log entries per minute and triggers an alarm when the count exceeds 50. Which approach should the team use?

    ACreate a CloudWatch Logs metric filter that matches the pattern `ERROR`, publish it as a custom metric, and create a CloudWatch alarm on that metric.
    BUse CloudWatch Logs Insights to run a scheduled query every minute that counts ERROR entries and sends the results to an SNS topic.
    CConfigure the CloudWatch agent to parse ERROR entries and publish them as EMF (Embedded Metric Format) logs, then create an alarm on the extracted metric.
    DEnable CloudWatch Logs anomaly detection on the log group and set the anomaly threshold to 50.
  7. Question #7Domain 1

    A SysOps administrator manages a production environment and needs to be alerted when BOTH the application's error rate exceeds 5% AND the backend database CPU exceeds 80%. The administrator does not want to receive alerts if only one condition is true. What is the most operationally efficient solution?

    ACreate two separate CloudWatch alarms and configure both to publish to the same SNS topic, relying on the operations team to correlate them.
    BCreate a CloudWatch composite alarm that requires both the error-rate alarm and the database-CPU alarm to be in ALARM state simultaneously.
    CCreate a single CloudWatch alarm using a metric math expression that combines both metrics into one calculated metric.
    DCreate an EventBridge rule with an event pattern that matches both alarm state-change events within a 5-minute window.
  8. Question #8Domain 1Select 2 answers

    A SysOps administrator is troubleshooting an issue where an EC2 instance's custom memory and disk metrics are not appearing in CloudWatch. The CloudWatch agent is installed and running on the instance. (Select TWO.)

    AThe EC2 instance's IAM role is missing the `cloudwatch:PutMetricData` permission.
    BThe CloudWatch agent configuration file does not include the `metrics` section for memory and disk.
    CDetailed monitoring has not been enabled on the EC2 instance.
    DThe CloudWatch agent is configured to send metrics to a different AWS Region than the one being viewed.
    EThe EC2 instance does not have the `AmazonSSMManagedInstanceCore` policy attached.
  9. Question #9Domain 1

    A SysOps administrator receives an alert from AWS Config showing that an S3 bucket has public read access enabled. The administrator wants to set up automatic remediation so that any S3 bucket that becomes publicly accessible is immediately made private. Which solution meets this requirement?

    ACreate an AWS Config rule using the `s3-bucket-public-read-prohibited` managed rule with automatic remediation linked to an SSM Automation document that calls `s3:PutPublicAccessBlock`.
    BCreate an EventBridge rule that matches S3 bucket policy changes and triggers a Lambda function to remove public access.
    CEnable Amazon Macie on the account and configure it to automatically remediate public buckets.
    DConfigure S3 Block Public Access at the account level and remove all existing bucket policies.
  10. Question #10Domain 1

    A company needs to centrally view AWS Config compliance data from all accounts in their AWS Organization. A SysOps administrator must set up a single dashboard showing compliance status across all accounts and regions. Which AWS Config feature should the administrator use?

    AAWS Config conformance packs deployed via StackSets to all accounts
    BAWS Config aggregator configured in a central account with organization-wide authorization
    CAWS Config rules replicated manually to each account with results sent to a central S3 bucket
    DAWS Systems Manager Explorer with OpsData sources for each AWS Config rule
Page 1 of 7

What's Included

65 questions matching the real exam length
130-minute countdown timer
Randomized question order from the SOA-C03 question bank
Instant pass/fail scoring (720/1000 to pass)
Detailed explanations for every question
Coverage across all 5 SOA-C03 domains
Unlimited retakes with different questions each time

Domain Coverage

Our mock exam covers all 5 SOA-C03 domains in proportions that match the real exam.

Domain 1: Monitoring, Logging, Analysis, Remediation, and Performance Optimization22%
Domain 2: Reliability and Business Continuity22%
Domain 3: Deployment, Provisioning, and Automation22%
Domain 4: Security and Compliance16%
Domain 5: Networking and Content Delivery18%

Frequently Asked Questions

How many questions are on the SOA-C03 exam?

The SOA-C03 exam has 65 questions to be completed in 130 minutes.

What is the passing score for SOA-C03?

The passing score is 720 out of 1000 on a scaled scoring system (100–1000 range).

Is this mock exam free?

Yes, this mock exam is completely free with unlimited retakes. Each attempt draws from our 500+ question bank with randomized order.

How realistic is this practice exam?

Our mock exam mirrors the real SOA-C03 experience: same question count (65), same time limit (130 min), same passing threshold (720/1000), and coverage across all 5 domains.

Prepare for the Mock Exam