🪣 Amazon Simple Storage Service (S3) - SOA-C03 Practice Questions

Practice S3 operations, encryption, versioning, lifecycle policies, replication, event notifications, access logging, and storage analytics.

15Questions Available
4Exam Domains

Practice S3 Questions Now

Start a timed practice session focusing on Amazon Simple Storage Service (S3) topics from the SOA-C03 question bank.

Start SOA-C03 Practice Quiz →

SOA-C03 S3 Question Bank (15 Questions)

Browse all 15 practice questions covering Amazon Simple Storage Service (S3) for the SOA-C03 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Select All That ApplyReliability & Business Continuity

    A SysOps administrator must configure S3 cross-region replication (CRR) for a bucket containing compliance documents. The requirement states that existing objects must also be replicated, delete markers should NOT be replicated, and objects encrypted with SSE-KMS must be supported. Which configurations are required? (Select TWO)

    AEnable S3 Batch Replication to replicate existing objects
    BUse S3 Inventory to list existing objects and copy them manually with the AWS CLI
    CIn the replication rule, enable "Delete marker replication" to prevent delete marker propagation
    DIn the replication rule, specify the KMS key in the destination Region and enable replication of KMS-encrypted objects
    EDisable delete marker replication in the replication rule configuration

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  2. Question 2Reliability & Business Continuity

    A company needs to replicate S3 objects from a source bucket to a destination bucket in the SAME region to maintain a secondary copy for compliance purposes. The destination bucket must be in a different AWS account. Cross-region replication is not acceptable due to data residency requirements. Which S3 feature should be configured?

    AS3 Cross-Region Replication (CRR) with the destination bucket in the same region (override the default cross-region behavior).
    BS3 Same-Region Replication (SRR) with the destination bucket in the other account, configured with proper bucket policies and IAM roles.
    CS3 Batch Operations to periodically copy objects from the source to the destination bucket.
    DAn S3 event notification triggering a Lambda function that copies each new object to the destination bucket.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  3. Question 3Security & Compliance

    A company stores critical audit logs in an S3 bucket with versioning enabled. Regulations require that no one — including administrators — can permanently delete any object version for a minimum of 3 years. The company also wants an additional layer of protection requiring MFA for any delete operation. Which S3 features should be configured?

    AEnable S3 Object Lock in Compliance mode with a 3-year retention period, and enable MFA Delete on the bucket versioning configuration.
    BApply an S3 bucket policy that denies `s3:DeleteObject` for all principals, and enable MFA Delete.
    CEnable S3 Object Lock in Governance mode with a 3-year retention period, which prevents any deletion.
    DEnable S3 versioning with lifecycle rules that prevent deletion for 3 years.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  4. Question 4Cost & Performance Optimization

    A company wants a comprehensive, organization-wide view of their S3 storage across 20 AWS accounts, including total storage by storage class, object count trends, and identification of buckets with incomplete multipart uploads or non-current object versions consuming storage. Which S3 feature provides this analysis?

    AS3 Inventory reports configured on each bucket.
    BS3 Storage Lens with an organization-level dashboard, which provides aggregated metrics and actionable recommendations across all accounts.
    CS3 Analytics storage class analysis on individual buckets.
    DAWS Cost Explorer with S3 usage type filters.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  5. Question 5Select All That ApplySecurity & Compliance

    A company wants to enable S3 server access logging to track all requests made to a production bucket. Which configuration is required for the logging to work correctly? (Select TWO.)

    AThe target logging bucket must be in the same AWS Region as the source bucket.
    BThe target logging bucket must have a bucket policy (or ACL) granting the S3 logging delivery group (`logging.s3.amazonaws.com`) write permissions.
    CCloudTrail must be enabled for S3 data events on the source bucket.
    DThe source bucket and target logging bucket must be the same bucket.
    EServer access logging must be enabled via the source bucket's properties, specifying the target bucket and an optional prefix.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  6. Question 6Cost & Performance Optimization

    A SysOps Administrator wants to determine if objects in an S3 bucket would benefit from transitioning to S3 Infrequent Access or S3 Glacier storage classes. Which S3 feature provides data-driven recommendations based on actual object access patterns?

    AS3 Inventory reports, which list all objects and their storage classes.
    BS3 Storage Class Analysis, which monitors access patterns for a bucket or prefix over time and provides recommendations on when to transition objects to a different storage class.
    CS3 Intelligent-Tiering, which automatically moves objects between tiers.
    DCloudWatch S3 request metrics, which show GET and PUT request counts.

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  7. Question 7Reliability & Business Continuity

    A company stores critical documents in Amazon S3 with Cross-Region Replication (CRR) enabled to a destination bucket in another region. The administrator discovers that delete markers created in the source bucket are not being replicated to the destination bucket. What is the reason?

    ACRR does not support replication of versioned objects
    BBy default, S3 CRR does not replicate delete markers
    CThe destination bucket does not have versioning enabled
    DThe IAM role for replication does not have `s3:DeleteObject` permission on the destination bucket

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  8. Question 8Reliability & Business Continuity

    A company uses S3 Cross-Region Replication (CRR) from us-east-1 to eu-west-1 for disaster recovery. After enabling CRR on an existing bucket, the team notices that objects uploaded before CRR was enabled are not replicated. What should the administrator do?

    ADelete and recreate the replication rule with the "Replicate existing objects" option enabled using S3 Batch Replication
    BEnable versioning on both buckets and re-upload all existing objects to trigger replication
    CCreate an S3 Batch Operations job to copy the existing objects to the destination bucket
    DContact AWS Support to request a one-time retroactive replication of existing objects

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  9. Question 9Security & Compliance

    A company requires that all S3 objects in a legal-hold bucket cannot be deleted, but the retention period varies per object and a legal administrator must be able to extend or remove the hold. Which S3 Object Lock configuration meets this requirement?

    AEnable S3 Object Lock in governance mode with legal hold enabled per object
    BEnable S3 Object Lock with legal hold on individual objects; the legal administrator's IAM policy grants `s3:PutObjectLegalHold`
    CEnable S3 Object Lock in compliance mode with different retention periods per object
    DUse S3 bucket policies to deny delete operations and create an IAM role for the legal administrator to manage the policy

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  10. Question 10Reliability & Business Continuity

    A company stores critical financial documents in an S3 bucket with versioning enabled. The compliance team requires that no object version can be permanently deleted, even by the root user, without providing an MFA token. Which configuration meets this requirement?

    AEnable S3 Object Lock in Governance mode on the bucket
    BEnable MFA delete on the versioned bucket, which requires MFA authentication to permanently delete object versions or change the bucket's versioning state
    CApply an S3 bucket policy that denies `s3:DeleteObject` for all principals
    DEnable S3 Object Lock in Compliance mode, which prevents any deletion including by the root user without MFA

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  11. Question 11Reliability & Business Continuity

    A SysOps administrator manages an S3 bucket with versioning enabled. A user accidentally deleted an important object. The administrator sees that a delete marker has been placed on the object. How does the administrator restore the object?

    AUse the S3 console to delete the delete marker, which restores the previous version as the current version
    BCreate a new object with the same key by uploading the file again
    CDisable versioning on the bucket, which automatically removes all delete markers
    DUse the `s3:RestoreObject` API to restore the object from the delete marker

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  12. Question 12Cost & Performance Optimization

    A SysOps administrator manages an S3 bucket that stores a mix of frequently accessed data and data that becomes infrequent after 30 days. The administrator wants a data-driven recommendation on the optimal storage class transition policy. Which AWS feature provides this analysis?

    AS3 Intelligent-Tiering, which automatically moves objects between access tiers
    BS3 Storage Class Analysis, which monitors access patterns and provides recommendations on when to transition objects to a different storage class
    CAWS Cost Explorer's S3 cost breakdown report
    DS3 Inventory report filtered by last modified date

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  13. Question 13Reliability & Business Continuity

    A SysOps administrator has enabled S3 Object Lock on a bucket containing regulatory data. The compliance team requires that NO user, including the root account, can delete or overwrite the objects for 7 years. Which Object Lock configuration should be applied?

    AObject Lock in governance mode with a 7-year retention period
    BObject Lock in compliance mode with a 7-year retention period
    CObject Lock in governance mode with legal hold enabled
    DObject Lock in compliance mode with a legal hold only

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  14. Question 14Reliability & Business Continuity

    A SysOps administrator configures an S3 bucket with Object Lock in governance mode. A developer reports they cannot delete an object version even though they need to replace a corrupted file. The developer has the `s3:PutObject` permission. What additional permission does the developer need to bypass the governance mode retention?

    A`s3:DeleteObjectVersion`
    B`s3:BypassGovernanceRetention`
    C`s3:PutObjectLegalHold`
    D`s3:PutObjectRetention`

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz
  15. Question 15Reliability and Business Continuity

    A SysOps administrator uses S3 MRR (Multi-Region Replication). An object is deleted in the source bucket. Is the delete replicated?

    AYes — deletes are always replicated
    BBy default, delete markers are NOT replicated; delete marker replication must be explicitly enabled
    CVersioned deletes (delete markers) are replicated; permanent deletes are not
    DS3 replication never replicates deletes

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start SOA-C03 Quiz

Key S3 Concepts for SOA-C03

s3bucketversioninglifecyclereplicationstorage classobject lockaccess logstorage lens

SOA-C03 S3 Exam Tips

Amazon Simple Storage Service (S3) questions in SOA-C03 are typically scenario-based. Focus on operations, observability, incident response, and automated remediation. Priority concepts: s3, bucket, versioning, lifecycle, replication, storage class.

What SOA-C03 Expects

  • Anchor your answer in prioritize operational visibility and repeatable runbook-ready automation.
  • S3 scenarios for SOA-C03 are frequently mapped to Domain 1 (22%), Domain 2 (22%), Domain 4 (16%), Domain 5 (18%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where S3 interacts with IAM, networking, storage, or observability patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value S3 Concepts

  • Know the core S3 building blocks cold: s3, bucket, versioning, lifecycle.
  • Review the edge-case features and limits for replication, storage class; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how S3 pairs with CloudFront, Backup & Recovery, IAM in real deployment patterns.
  • For SOA-C03, explain why the chosen S3 design meets reliability, security, and cost expectations better than the alternatives.

Common SOA-C03 Traps

  • Watch for answers that deploy quickly but are hard to monitor or recover.
  • Questions in Monitoring, Logging, Analysis, Remediation, and Performance Optimization often include distractors that look correct for S3 but violate least-privilege, durability, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two S3 implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Monitoring, Logging, Analysis, Remediation, and Performance Optimization (22%) outcomes for SOA-C03?
  • Can you explain security and access boundaries for S3 without relying on default-open assumptions?
  • Can you describe how S3 integrates with CloudFront and Backup & Recovery during failure, scaling, and monitoring events?

Exam Domains Covering S3

Domain 1Monitoring, Logging, Analysis, Remediation, and Performance Optimization22%Domain 2Reliability and Business Continuity22%Domain 4Security and Compliance16%Domain 5Networking and Content Delivery18%

Related Resources

🎯 Free SOA-C03 Mock Exam CloudFront Questions Backup & Recovery Questions IAM Questions

More SOA-C03 Study Resources

← SOA-C03 Study Hub30-Day Study PlanFull Practice Exam