🕸️ AWS Networking and Content Delivery Operations - SOA-C03 Practice Questions

Compare VPC, Route 53, CloudFront, Direct Connect, VPN, Transit Gateway, PrivateLink, and load balancing for SOA-C03 scenarios.

7Questions Available
1Exam Domains

Practice Networking Questions Now

Start a timed practice session focusing on AWS Networking and Content Delivery Operations topics from the SOA-C03 question bank.

Start SOA-C03 Practice Quiz →

SOA-C03 Networking Question Bank (7 Questions)

Browse all 7 practice questions covering AWS Networking and Content Delivery Operations for the SOA-C03 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Select All That ApplyNetworking & Content Delivery

    A company runs a SaaS application behind a Network Load Balancer in their VPC. They want to securely expose this service to 50 customer VPCs across different AWS accounts, without requiring VPC peering, Transit Gateway, or public internet exposure. Which architecture should be used? (Select TWO.)

    ACreate a VPC Endpoint Service (AWS PrivateLink) backed by the NLB in the provider's VPC.
    BEach customer creates an interface VPC endpoint in their VPC pointing to the provider's endpoint service, and the provider approves the connection.
    CShare the NLB using AWS Resource Access Manager (RAM) with the customer accounts.
    DCreate a public-facing ALB and restrict access using security groups referencing the customer VPC CIDR ranges.
    EConfigure VPC peering between the provider VPC and each of the 50 customer VPCs.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  2. Question 2Networking & Content Delivery

    A SysOps administrator needs to expose an internal Network Load Balancer (NLB) in a VPC to another company's VPC in a different AWS account using AWS PrivateLink. What must the administrator configure?

    ACreate a VPC endpoint service backed by the NLB, then share the service name with the consumer account, which creates an interface VPC endpoint to connect
    BCreate a VPC peering connection between the two accounts and configure route tables to direct traffic to the NLB
    CCreate a Transit Gateway and attach both VPCs, then configure routing to the NLB
    DCreate an interface VPC endpoint in the provider account and share it with the consumer account using RAM

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  3. Question 3Networking & Content Delivery

    A company operates two Transit Gateways — one in us-east-1 and one in eu-west-1 — each with multiple VPCs attached. The company wants to enable direct connectivity between VPCs attached to the us-east-1 Transit Gateway and VPCs attached to the eu-west-1 Transit Gateway. What must the administrator configure?

    ACreate a VPC peering connection between one VPC in each Region and enable transit routing through the peered VPCs
    BCreate a Transit Gateway peering attachment between the two Transit Gateways and configure static routes in each Transit Gateway route table pointing to the peering attachment
    CCreate a Site-to-Site VPN connection between the two Transit Gateways
    DTransit Gateways in different Regions cannot communicate; the VPCs must be migrated to a single Region

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  4. Question 4Networking and Content Delivery

    A SysOps administrator wants to accelerate content delivery for a web application hosted on an ALB. The content includes both static and dynamic elements. Which CloudFront configuration handles both?

    AUse CloudFront only for static content; the ALB handles dynamic content directly
    BConfigure CloudFront with the ALB as the origin; use separate cache behaviors for static (high TTL) and dynamic (TTL=0) paths
    CUse two CloudFront distributions — one for static, one for dynamic
    DDynamic content cannot go through CloudFront

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  5. Question 5Networking & Content Delivery

    A company has an on-premises data center connected to AWS via an AWS Site-to-Site VPN. The team experiences latency inconsistency and wants to improve network performance over the VPN connection without migrating to Direct Connect. Which feature can improve VPN performance?

    AEnable VPN CloudHub to create a hub-and-spoke topology.
    BEnable accelerated Site-to-Site VPN, which routes traffic through the AWS Global Accelerator network instead of the public internet.
    CIncrease the number of VPN tunnels from 2 to 4 by creating a second VPN connection.
    DEnable Equal-Cost Multi-Path (ECMP) routing on the existing VPN tunnels.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  6. Question 6Networking and Content Delivery

    A SysOps administrator uses AWS Transit Gateway Connect. What does Transit Gateway Connect enable compared to standard VPN attachments?

    ATransit Gateway Connect provides a dedicated fiber link between VPCs
    BTransit Gateway Connect uses GRE tunnels over existing VPC or Direct Connect attachments for higher bandwidth SD-WAN connectivity
    CTransit Gateway Connect replaces VPC peering
    DTransit Gateway Connect provides cross-region replication

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  7. Question 7Networking and Content Delivery

    A SysOps administrator uses AWS Direct Connect with a backup Site-to-Site VPN. Both are connected via a Virtual Private Gateway. How is failover achieved?

    AAWS automatically fails over from Direct Connect to VPN when DX fails
    BConfigure BGP with higher preference (lower MED or AS path prepend) for Direct Connect; if DX fails, BGP routes traffic through the VPN automatically
    CManual route table update when Direct Connect fails
    DUse separate VGWs for each connection

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz

Key Networking Concepts for SOA-C03

networkingcontent deliverytransit gatewayprivatelinkvpndirect connectload balancercloudfront

SOA-C03 Networking Exam Tips

AWS Networking and Content Delivery Operations questions in SOA-C03 are typically scenario-based. Focus on operations, observability, incident response, and automated remediation. Priority concepts: networking, content delivery, transit gateway, privatelink, vpn, direct connect.

What SOA-C03 Expects

  • Anchor your answer in prioritize operational visibility and repeatable runbook-ready automation.
  • Networking scenarios for SOA-C03 are frequently mapped to Domain 5 (18%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where Networking interacts with IAM, networking, storage, or observability patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value Networking Concepts

  • Know the core Networking building blocks cold: networking, content delivery, transit gateway, privatelink.
  • Review the edge-case features and limits for vpn, direct connect; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how Networking pairs with VPC, Route 53, CloudFront, Load Balancing in real deployment patterns.
  • For SOA-C03, explain why the chosen Networking design meets reliability, security, and cost expectations better than the alternatives.

Common SOA-C03 Traps

  • Watch for answers that deploy quickly but are hard to monitor or recover.
  • Questions in Networking and Content Delivery often include distractors that look correct for Networking but violate least-privilege, durability, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two Networking implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Networking and Content Delivery (18%) outcomes for SOA-C03?
  • Can you explain security and access boundaries for Networking without relying on default-open assumptions?
  • Can you describe how Networking integrates with VPC and Route 53 during failure, scaling, and monitoring events?

Exam Domains Covering Networking

Domain 5Networking and Content Delivery18%

Related Resources

🎯 Free SOA-C03 Mock Exam VPC Questions Route 53 Questions CloudFront Questions Load Balancing Questions

More SOA-C03 Study Resources

← SOA-C03 Study Hub30-Day Study PlanFull Practice Exam