⚖️ Elastic Load Balancing - SOA-C03 Practice Questions

Compare ALB, NLB, Gateway Load Balancer, health checks, target groups, listener rules, TLS, stickiness, and cross-zone load balancing.

28Questions Available
2Exam Domains

Practice Load Balancing Questions Now

Start a timed practice session focusing on Elastic Load Balancing topics from the SOA-C03 question bank.

Start SOA-C03 Practice Quiz →

SOA-C03 Load Balancing Question Bank (28 Questions)

Browse all 28 practice questions covering Elastic Load Balancing for the SOA-C03 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Networking & Content Delivery

    A SysOps administrator is configuring an Application Load Balancer (ALB) to route traffic to different target groups based on the URL path. Requests to `/api/*` should go to the API target group, and all other requests should go to the web target group. What should the administrator configure?

    ACreate two listener rules on the ALB: one with a path condition of `/api/*` forwarding to the API target group, and a default rule forwarding to the web target group.
    BCreate two ALBs—one for API traffic and one for web traffic—and use Route 53 weighted routing to send traffic to the appropriate ALB.
    CConfigure the ALB's default action to forward to both target groups with weighted routing of 50/50.
    DUse an NLB instead, as path-based routing requires Layer 4 processing.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  2. Question 2Networking & Content Delivery

    A company wants to perform a blue/green deployment at the load balancer level. They have two target groups: "blue" (current version) and "green" (new version). They want to gradually shift traffic from blue to green — starting with 10% to green and increasing over time. Which ALB feature supports this?

    AALB path-based routing rules with different paths pointing to each target group.
    BALB weighted target groups in a forward action, assigning weight 90 to blue and weight 10 to green, and adjusting weights over time.
    CALB host-based routing with different subdomains for blue and green.
    DALB sticky sessions that pin 10% of users to the green target group.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  3. Question 3Networking & Content Delivery

    A SysOps Administrator manages an Application Load Balancer serving two applications: `app1.example.com` and `app2.example.com`. Each application has its own target group. The administrator wants to route traffic based on the requested hostname. Which ALB feature should be configured?

    ACreate listener rules with host-based routing conditions that match the `Host` header and forward to the respective target groups.
    BCreate two ALBs — one for each application — and use Route 53 to direct traffic.
    CConfigure path-based routing rules using the URL path to distinguish between applications.
    DUse the ALB's default action to inspect the `User-Agent` header for routing.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  4. Question 4Reliability & Business Continuity

    A company uses Amazon Route 53 with an alias record pointing to an Application Load Balancer. The team wants Route 53 to stop routing traffic to the ALB if all targets behind it become unhealthy. How does Route 53 alias health checking work in this scenario?

    ARoute 53 automatically evaluates the health of the alias target (ALB). If all ALB targets are unhealthy, Route 53 considers the alias record unhealthy and stops returning it in DNS responses (if other records exist in a failover or weighted policy).
    BAn explicit Route 53 health check must be created for the ALB's DNS name and associated with the alias record.
    CRoute 53 alias records do not support health checking; the administrator must use a CNAME record instead.
    DRoute 53 queries the ALB's `/health` path directly to determine health status.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  5. Question 5Networking & Content Delivery

    A company migrates to a new Application Load Balancer. After adding existing EC2 instances to the target group, the team observes that the new targets immediately receive full traffic and some requests are failing due to cold caches. Which ALB feature gradually increases traffic to newly registered targets?

    AConnection draining (deregistration delay).
    BALB slow start mode, which linearly increases the share of requests sent to a newly registered target over a configured duration (30-900 seconds).
    CTarget group stickiness.
    DCross-zone load balancing.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  6. Question 6Networking & Content Delivery

    A SysOps administrator notices that an Application Load Balancer (ALB) is returning HTTP 502 (Bad Gateway) errors. The target group contains healthy EC2 instances. What is the MOST LIKELY cause?

    AThe security group on the ALB does not allow inbound traffic from the internet
    BThe target instances are returning responses larger than the ALB maximum response size
    CThe target instances are closing the connection to the ALB before sending a response, or the response is malformed
    DThe ALB's idle timeout is set too high

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  7. Question 7Reliability and Business Continuity

    A SysOps administrator uses an Application Load Balancer. The ALB's health checks are too sensitive, causing unnecessary instance replacements. How should the health check be tuned?

    AIncrease the HealthyThresholdCount to require more consecutive successes before marking as healthy
    BIncrease the UnhealthyThresholdCount and interval to require more consecutive failures before marking as unhealthy
    CDisable health checks on the target group
    DSwitch to NLB which has less sensitive health checks

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  8. Question 8Reliability & Business Continuity

    A SysOps administrator is configuring an Auto Scaling group that uses an Application Load Balancer. The administrator wants instances to be replaced only when they fail to respond to application-level health checks, not just EC2 status checks. What must the administrator configure?

    ASet the Auto Scaling group health check type to `ELB` and ensure the ALB target group health check path returns HTTP 200 for healthy instances.
    BSet the Auto Scaling group health check type to `EC2` and configure a custom CloudWatch alarm to terminate unhealthy instances.
    CConfigure a Route 53 health check pointing to each instance and associate it with the Auto Scaling group.
    DAdd a lifecycle hook that runs a health check script before marking the instance as healthy.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  9. Question 9Deployment, Provisioning & Automation

    A SysOps Administrator's Elastic Beanstalk environment has become corrupted — the underlying EC2 instances are failing health checks and cannot be repaired through rolling updates. The administrator wants to recreate all the environment's resources (instances, load balancer, security groups) from scratch while keeping the environment name, URL, and configuration. Which action should the administrator take?

    ATerminate the environment and create a new one with the same name and saved configuration.
    BUse the Elastic Beanstalk "Rebuild Environment" action, which terminates all existing resources and recreates them using the current configuration.
    CPerform a blue/green deployment by cloning the environment and swapping URLs.
    DManually terminate all EC2 instances through the EC2 console and let Elastic Beanstalk auto-heal.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  10. Question 10Deployment, Provisioning, and Automation

    A SysOps administrator uses EC2 Auto Scaling and wants instances to register with a load balancer only after passing a custom health check (e.g., application started). Which lifecycle hook is used?

    AEC2_INSTANCE_TERMINATING lifecycle hook
    BEC2_INSTANCE_LAUNCHING lifecycle hook with a wait period for the application to start
    CALB health check with a longer health check grace period
    DAuto Scaling warm pools

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  11. Question 11Reliability & Business Continuity

    A SysOps administrator manages an Auto Scaling group that frequently launches instances, but the instances consistently fail the ELB health check and are terminated shortly after launch. The application takes approximately 5 minutes to fully initialize. What should the administrator do?

    AIncrease the Auto Scaling group's health check grace period to at least 300 seconds.
    BIncrease the ALB target group deregistration delay to 300 seconds.
    CAdd a lifecycle hook on instance launch that pauses the instance for 5 minutes.
    DChange the health check type on the Auto Scaling group from ELB to EC2.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  12. Question 12Deployment, Provisioning & Automation

    An EC2 instance launched by an Auto Scaling group repeatedly fails the ELB health check and is terminated, causing a cycle of launch-fail-terminate. The administrator needs to troubleshoot. Which action should the administrator take FIRST?

    ATemporarily suspend the `ReplaceUnhealthy` process on the Auto Scaling group to keep the failing instance for investigation
    BIncrease the health check grace period to give the instance more time to become healthy
    CChange the Auto Scaling group health check type from ELB to EC2
    DRemove the instance from the target group and investigate manually

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  13. Question 13Networking & Content Delivery

    A SysOps administrator needs to configure an Application Load Balancer to authenticate users via the company's OpenID Connect (OIDC) identity provider before allowing access to the application. Which ALB feature should the administrator configure?

    AALB listener rules with IP-based access control
    BALB authentication action on the listener rule configured with the OIDC provider's issuer, authorization, and token endpoints
    CAWS WAF web ACL attached to the ALB with authentication rule
    DConfigure Amazon Cognito User Pool and attach it as the authentication backend for the ALB

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  14. Question 14Networking & Content Delivery

    A company needs to expose a Network Load Balancer endpoint that accepts TCP traffic on a static IP address in each Availability Zone. How does the NLB provide static IP addresses?

    AThe NLB is assigned static IPs automatically—one per AZ—when created; optionally, Elastic IP addresses can be associated
    BThe administrator must create DNS records pointing to the NLB; static IPs are not supported
    CThe NLB uses a single Elastic IP address shared across all Availability Zones
    DStatic IP addresses must be configured using Global Accelerator in front of the NLB

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  15. Question 15Monitoring, Logging & Remediation

    A SysOps Administrator needs to create a CloudWatch alarm that triggers when the ratio of HTTP 5xx errors to total requests exceeds 5% on an Application Load Balancer. The ALB publishes `HTTPCode_Target_5XX_Count` and `RequestCount` as separate metrics. Which approach should the administrator use to build this alarm?

    ACreate two separate CloudWatch alarms (one for 5xx count and one for request count) and combine them using a Composite Alarm.
    BCreate a single CloudWatch alarm using a Metric Math expression that divides `HTTPCode_Target_5XX_Count` by `RequestCount` and sets a threshold of 0.05.
    CCreate a CloudWatch Logs Insights query that calculates the error ratio and configure it to trigger an SNS notification.
    DEnable ALB access logging to S3 and use Amazon Athena to query the error ratio on a schedule.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  16. Question 16Reliability & Business Continuity

    A SysOps Administrator has configured Route 53 failover routing with a primary record pointing to an ALB in us-east-1 and a secondary record pointing to a static S3 website in us-west-2. The Route 53 health check for the primary ALB fails, but DNS is not failing over. What is the MOST likely cause?

    AThe health check interval is set to 30 seconds, which is too slow to detect the failure.
    BThe primary alias record does not have "Evaluate Target Health" enabled, so Route 53 does not consider the health check status.
    CThe secondary record has a higher TTL than the primary, causing DNS resolvers to cache the primary record.
    DRoute 53 failover routing requires that both records be in the same hosted zone, and they are in different hosted zones.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  17. Question 17Reliability & Business Continuity

    A SysOps Administrator configures Route 53 health checks for a multi-region active-passive failover setup. The primary region runs an ALB, and the secondary is an S3 static website. The administrator needs a health check that evaluates the primary ALB and fails over to S3 only when both the ALB endpoint AND a CloudWatch alarm for backend health are in a failure state. Which Route 53 health check type should be used?

    AAn HTTP health check against the ALB endpoint.
    BA TCP health check against the ALB on port 443.
    CA calculated health check that combines an HTTP health check for the ALB and a CloudWatch alarm health check, treating the endpoint as unhealthy only when both child checks fail.
    DA CloudWatch alarm health check only, which monitors the ALB's `HealthyHostCount` metric.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  18. Question 18Reliability & Business Continuity

    After an Auto Scaling group scales out and launches a new EC2 instance, the instance fails the ELB health check after 60 seconds but the ASG does not terminate it. The ASG uses ELB health checks. What is the MOST LIKELY reason the unhealthy instance is not being replaced?

    AThe ASG health check grace period is set to a value greater than 60 seconds, so the ASG ignores health check failures during the grace period.
    BELB health checks are not supported with Auto Scaling groups.
    CThe instance is in a `Standby` state and ASG does not perform health checks on standby instances.
    DThe ASG has suspended the `ReplaceUnhealthy` process.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  19. Question 19Networking & Content Delivery

    A company uses a Network Load Balancer (NLB) for a high-throughput TCP application. Each NLB node only distributes traffic to targets in its own Availability Zone. One AZ has fewer targets than others, causing uneven load distribution. What is the cause, and how can it be fixed?

    ANLB has cross-zone load balancing disabled by default. Enable cross-zone load balancing on the NLB so traffic is distributed evenly across all targets in all AZs.
    BNLB does not support cross-zone load balancing; move all targets to a single AZ.
    CThe target group health check is failing for targets in the underloaded AZ.
    DThe NLB listener is misconfigured to forward traffic only to specific AZs.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  20. Question 20Networking & Content Delivery

    A SysOps administrator needs to configure a Network Load Balancer (NLB) to preserve the client's source IP address when forwarding traffic to target EC2 instances. Which target type and configuration should be used?

    AUse instance ID targets — NLB preserves the client source IP by default for instance targets
    BUse IP address targets — NLB always preserves the client source IP regardless of target type
    CEnable the `X-Forwarded-For` header on the NLB to pass the client IP
    DConfigure proxy protocol v2 on the NLB and targets to pass client IP information

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  21. Question 21Reliability & Business Continuity

    A company has Route 53 health checks configured for a primary ALB in us-east-1 and a failover record pointing to a secondary ALB in us-west-2. During a simulated failure, Route 53 does not failover because the health check still reports healthy. The ALB returns HTTP 200 from its default health check path, but the application behind it is not functioning. What should the administrator change?

    AConfigure the Route 53 health check to monitor a dedicated deep health check endpoint that validates application dependencies
    BSwitch from an alias record to a CNAME record so Route 53 health checks can evaluate the ALB directly
    CEnable Route 53 latency-based routing instead of failover routing
    DConfigure the ALB target group health check to use TCP instead of HTTP

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  22. Question 22Networking & Content Delivery

    A SysOps administrator needs to expose an internal Network Load Balancer (NLB) in a VPC to another company's VPC in a different AWS account using AWS PrivateLink. What must the administrator configure?

    ACreate a VPC endpoint service backed by the NLB, then share the service name with the consumer account, which creates an interface VPC endpoint to connect
    BCreate a VPC peering connection between the two accounts and configure route tables to direct traffic to the NLB
    CCreate a Transit Gateway and attach both VPCs, then configure routing to the NLB
    DCreate an interface VPC endpoint in the provider account and share it with the consumer account using RAM

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  23. Question 23Networking & Content Delivery

    A SysOps administrator deployed a Network Load Balancer (NLB) in two Availability Zones. Partners require static IP addresses for firewall whitelisting. The administrator wants each AZ to have a predictable, fixed IP address. How should this be configured?

    ANLBs automatically assign static IP addresses per AZ; no additional configuration is needed
    BAllocate Elastic IP addresses and assign one to each AZ subnet mapping during NLB creation
    CCreate a Global Accelerator endpoint group pointing to the NLB to obtain static IPs
    DAssign an Elastic IP to the NLB's DNS name using a Route 53 alias record

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  24. Question 24Monitoring, Logging & Remediation

    An operations team wants to create a CloudWatch alarm that triggers when the ratio of HTTP 5xx errors to total requests exceeds 5% for an Application Load Balancer. The team wants to use existing ALB CloudWatch metrics without publishing custom metrics. Which approach should they use?

    ACreate a CloudWatch composite alarm that combines separate 5xx and RequestCount alarms
    BCreate a CloudWatch alarm based on a metric math expression dividing HTTPCode_ELB_5XX_Count by RequestCount
    CCreate a CloudWatch anomaly detection alarm on the HTTPCode_ELB_5XX_Count metric
    DCreate a CloudWatch Logs metric filter to calculate the ratio from ALB access logs

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  25. Question 25Reliability and Business Continuity

    A SysOps administrator configures an ALB with multiple EC2 instances. A health check is failing for one instance. What does the ALB do?

    ASends all traffic to the healthy instances and stops sending traffic to the unhealthy one
    BTerminates the unhealthy instance
    CReturns 503 to all requests
    DRoutes a reduced percentage of traffic to the unhealthy instance

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  26. Question 26Reliability and Business Continuity

    A SysOps administrator wants to configure an Auto Scaling Group to replace instances when they fail EC2 status checks (not just ELB health checks). What must be enabled?

    ASet the health check type to EC2 (default) — it already monitors status checks
    BChange the ASG health check type from EC2 to ELB
    CAdd a CloudWatch alarm to terminate unhealthy instances
    DEnable detailed monitoring on the ASG

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  27. Question 27Networking and Content Delivery

    A SysOps administrator wants to route 10% of traffic to a new ALB target group for A/B testing. Which ALB feature enables weighted routing?

    AALB host-based routing
    BALB listener rules with forward action and target group weights
    CRoute 53 weighted routing
    DALB path-based routing

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  28. Question 28Networking and Content Delivery

    A SysOps administrator uses an NLB and target EC2 instances fail health checks even though the application is running. What is the likely cause?

    ANLB health checks always fail for Linux instances
    BThe security group on the EC2 instances blocks NLB health check traffic from the NLB's IP addresses or VPC CIDR
    CNLB requires HTTPS health checks
    DThe NLB's cross-zone load balancing is disabled

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz

Key Load Balancing Concepts for SOA-C03

load balancerelbalbnlbgateway load balancertarget grouplistenerhealth checkstickiness

SOA-C03 Load Balancing Exam Tips

Elastic Load Balancing questions in SOA-C03 are typically scenario-based. Focus on operations, observability, incident response, and automated remediation. Priority concepts: load balancer, elb, alb, nlb, gateway load balancer, target group.

What SOA-C03 Expects

  • Anchor your answer in prioritize operational visibility and repeatable runbook-ready automation.
  • Load Balancing scenarios for SOA-C03 are frequently mapped to Domain 2 (22%), Domain 5 (18%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where Load Balancing interacts with IAM, networking, storage, or observability patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value Load Balancing Concepts

  • Know the core Load Balancing building blocks cold: load balancer, elb, alb, nlb.
  • Review the edge-case features and limits for gateway load balancer, target group; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how Load Balancing pairs with Auto Scaling, VPC, Route 53, CloudFront in real deployment patterns.
  • For SOA-C03, explain why the chosen Load Balancing design meets reliability, security, and cost expectations better than the alternatives.

Common SOA-C03 Traps

  • Watch for answers that deploy quickly but are hard to monitor or recover.
  • Questions in Reliability and Business Continuity often include distractors that look correct for Load Balancing but violate least-privilege, durability, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two Load Balancing implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Reliability and Business Continuity (22%) outcomes for SOA-C03?
  • Can you explain security and access boundaries for Load Balancing without relying on default-open assumptions?
  • Can you describe how Load Balancing integrates with Auto Scaling and VPC during failure, scaling, and monitoring events?

Exam Domains Covering Load Balancing

Domain 2Reliability and Business Continuity22%Domain 5Networking and Content Delivery18%

Related Resources

🎯 Free SOA-C03 Mock Exam Auto Scaling Questions VPC Questions Route 53 Questions CloudFront Questions

More SOA-C03 Study Resources

← SOA-C03 Study Hub30-Day Study PlanFull Practice Exam