ExpertAWS Solutions Architect Professional (SAP-C02)
AWS Solutions Architect Professional SAP-C02 Practice Exam 4
75 free questions · No sign-up required to browse
Comprehensive practice exam for AWS Certified Solutions Architect - Professional (SAP-C02), focusing on enterprise-scale architectures, multi-account strategies, and complex migrations.
75
Questions
Mixed
Difficulty
75%
Pass mark
Difficulty breakdown
Easy(12)
Medium(37)
Hard(26)
Topics covered
Browse all topics →Domain 1.1: Network ConnectivityDomain 1.2: Security ControlsDomain 1.3: Reliable ArchitecturesDomain 1.4: Multi-Account EnvironmentDomain 1.5: Cost OptimizationDomain 2.1: Deployment StrategyDomain 2.2: Business ContinuityDomain 2.3: Security ControlsDomain 2.4: Reliability RequirementsDomain 2.5: Performance ObjectivesDomain 3.1: Operational ExcellenceDomain 3.2: Security ImprovementDomain 3.3: Performance ImprovementDomain 3.4: Reliability ImprovementDomain 3.5: Cost OptimizationDomain 4.1: Select Workloads for MigrationDomain 4.2: New Architecture DesignDomain 4.3: Migration StrategyDomain 4.4: Modernization Requirements
Sample questions
Q01Hard1 mark
A global enterprise is redesigning its network architecture across 50 AWS accounts. They require transitive routing between all VPCs and three on-premises data centers. The solution must support up to 10 Gbps of encrypted traffic per data center, minimize operational overhead, and ensure that traffic between VPCs in the same region does not traverse the internet. Which architecture meets these requirements MOST cost-effectively?
Q02Medium1 mark
A financial services company uses AWS Organizations to manage 100+ accounts. The security team mandates that no Amazon S3 buckets can be made public, and all EBS volumes must be encrypted. Developers must still be able to create resources freely within these constraints. Which combination of actions should the Solutions Architect take to enforce these requirements with the LEAST operational overhead? (Select TWO)
Q03Medium1 mark
An e-commerce company requires a multi-region active-active architecture for its critical order processing system. The database layer uses Amazon Aurora PostgreSQL. The application must tolerate a complete region failure with an RPO of less than 1 second and an RTO of less than 1 minute. How should the architect design the database layer?
Q04Hard1 mark
A company is setting up a new AWS environment using AWS Control Tower. They need to ensure that all VPC flow logs across all member accounts are centralized into a single Amazon S3 bucket in a dedicated Log Archive account. The solution must prevent member account administrators from modifying or deleting the flow logs. What is the MOST operationally efficient solution?
Q05Medium1 mark
An enterprise has 50 AWS accounts under AWS Organizations. They want to implement a chargeback model where each business unit (BU) pays for its own AWS usage. However, some resources like Transit Gateway and central databases are shared. How can the architect provide accurate cost visibility and chargeback capabilities?
Ready to Practice the full exam?
All 75 questions with worked answers, mark schemes, and AI tutoring.
All questions (75)
Free to browse · no sign-up requiredQ01A global enterprise is redesigning its network architecture across 50 AWS accounts. They require transitive routing b...HardQ02A financial services company uses AWS Organizations to manage 100+ accounts. The security team mandates that no Amazo...MediumQ03An e-commerce company requires a multi-region active-active architecture for its critical order processing system. Th...MediumQ04A company is setting up a new AWS environment using AWS Control Tower. They need to ensure that all VPC flow logs acr...HardQ05An enterprise has 50 AWS accounts under AWS Organizations. They want to implement a chargeback model where each busin...MediumQ06A company is designing a hybrid network architecture. They have two on-premises data centers and three AWS Regions. T...HardQ07An organization uses AWS IAM Identity Center (AWS SSO) integrated with an on-premises Active Directory. Users are com...MediumQ08A healthcare company is designing a disaster recovery strategy for a critical application. The application uses EC2 i...MediumQ09A company is setting up a shared services VPC in a central networking account. This VPC will host Active Directory do...HardQ10A large enterprise has a predictable baseline of EC2 usage and a highly variable spike in usage during end-of-month p...EasyQ11A company is deploying a new microservices architecture using Amazon EKS. The security team requires that all pod-to-...HardQ12An enterprise is migrating its on-premises data lake to Amazon S3. They have 5 PB of data. The data must be encrypted...HardQ13A company has a multi-tier application running in a single AWS Region. The database tier uses Amazon Aurora MySQL. Th...MediumQ14An enterprise is using AWS Control Tower to manage its multi-account environment. They need to implement a custom sec...HardQ15A company has a massive data lake in Amazon S3. They use Amazon Athena for querying. Over time, query performance has...MediumQ16A global media company is designing a new content delivery architecture. They have users worldwide uploading large vi...MediumQ17An enterprise is migrating a legacy monolithic application to AWS. The application hardcodes IP addresses for its dat...HardQ18A company requires that all IAM users authenticate using MFA before assuming any cross-account roles. They have a cen...MediumQ19A financial institution is building a highly resilient payment processing system. The system uses Amazon API Gateway,...HardQ20An enterprise has a central logging account where all AWS CloudTrail logs from 100 member accounts are stored in a si...MediumQ21A development team is building a new CI/CD pipeline using AWS CodePipeline, CodeBuild, and CodeDeploy. They are deplo...HardQ22A company is designing a new document management system on AWS. Documents uploaded to Amazon S3 must be retained for ...MediumQ23A financial application requires end-to-end encryption. The application runs on EC2 instances behind an Application L...MediumQ24A company is designing an event-driven architecture. An Amazon API Gateway receives orders and triggers an AWS Lambda...HardQ25A gaming company is launching a new multiplayer game. The backend uses Amazon DynamoDB. The game requires microsecond...EasyQ26A company is designing a multi-region deployment strategy for a critical web application. The application uses Amazon...MediumQ27An enterprise is designing a backup strategy for its AWS environment. They have hundreds of EC2 instances, RDS databa...MediumQ28A company is deploying a highly sensitive application on Amazon EC2. The application processes PII and requires that ...HardQ29A retail company is designing a serverless order processing system. Orders are received via API Gateway and placed in...HardQ30A data analytics company runs heavy machine learning workloads on Amazon EC2 instances. The workloads require massive...MediumQ31A company is building a new application using AWS CDK. The application requires a database password to connect to Ama...EasyQ32An enterprise is designing a multi-account architecture. They need to ensure that developers in the 'Sandbox' account...MediumQ33A company is building a serverless application using AWS Step Functions to orchestrate a complex workflow. One of the...MediumQ34A media streaming company delivers content globally. They are using Amazon CloudFront with an S3 origin. Users in cer...MediumQ35A company is migrating a legacy application to AWS. The application requires a shared file system that supports the S...MediumQ36A company is using AWS Organizations. They want to ensure that any new EC2 instance launched in any account automatic...HardQ37A security team is conducting an audit of their AWS environment. They want to identify any IAM roles that have been g...EasyQ38A company runs a high-traffic web application on EC2 instances behind an ALB. They are experiencing performance bottl...MediumQ39A microservices architecture uses Amazon ECS and Amazon RDS. Occasionally, the RDS database experiences brief failove...HardQ40A company has a large fleet of Amazon EBS volumes. The finance team has noticed that EBS costs are steadily increasin...EasyQ41An enterprise is planning a massive migration of 1,000 on-premises virtual machines to AWS. They need to perform a di...EasyQ42A company has a monolithic legacy application running on-premises. They want to migrate to AWS and modernize the appl...HardQ43An enterprise is migrating a 50 TB Oracle database to Amazon Aurora PostgreSQL. The migration must have near-zero dow...MediumQ44A company is modernizing a batch processing application. The application currently runs on a single large EC2 instanc...HardQ45A global enterprise uses AWS Transit Gateway to connect 100 VPCs across two AWS Regions (us-east-1 and eu-west-1). Th...HardQ46A company uses Amazon Cognito User Pools for customer authentication. They want to implement a custom security requir...HardQ47A global logistics company is designing a tracking system. IoT devices on trucks send location updates every 5 second...MediumQ48An enterprise has a strict compliance requirement: no Amazon EC2 instances can be launched without a specific set of ...MediumQ49A company is running a large fleet of Amazon EC2 instances. They want to optimize costs without impacting performance...EasyQ50A development team uses AWS CloudFormation to manage their infrastructure. They want to implement a CI/CD pipeline th...MediumQ51A company is designing a disaster recovery plan for an Amazon RDS for MySQL database. The database is 5 TB in size. T...HardQ52A healthcare organization is building a data lake on Amazon S3 to store patient records. They must comply with HIPAA ...HardQ53A popular news website experiences massive, unpredictable spikes in traffic during breaking news events. The site is ...MediumQ54A company is running a high-performance computing (HPC) workload on AWS. The workload consists of thousands of EC2 in...EasyQ55An enterprise wants to improve its operational excellence by automating incident response. When an EC2 instance fails...MediumQ56A company has a strict security policy that all Amazon S3 buckets must be encrypted with AWS KMS. They have hundreds ...MediumQ57A microservices application runs on Amazon EKS. Developers are complaining that requests between services are occasio...MediumQ58A company wants to implement Chaos Engineering to test the resilience of their AWS infrastructure. They want to simul...MediumQ59A company has a large Amazon S3 bucket storing millions of images. They want to optimize storage costs. Some images a...EasyQ60A company is migrating a portfolio of 500 applications to AWS. They need a strategy to evaluate each application and ...MediumQ61An enterprise is modernizing a legacy application that relies on a massive, monolithic relational database. They want...MediumQ62A company is migrating a critical application to AWS. The application consists of 50 VMs running on VMware. The busin...EasyQ63A development team is modernizing a legacy application by breaking it into event-driven microservices. They need a ce...EasyQ64A global financial company is designing a multi-region active-active architecture for their core trading platform. Th...MediumQ65An enterprise is migrating its on-premises data center to AWS. They have a legacy mainframe application that cannot b...HardQ66A company is using AWS Control Tower. They want to ensure that all EBS volumes created in any member account are encr...HardQ67A data engineering team is building a data pipeline. Data is uploaded to Amazon S3, which triggers an AWS Lambda func...MediumQ68A company is designing a multi-tenant SaaS application on AWS. They need to isolate the data of each tenant. The appl...HardQ69A company is migrating a legacy application that uses a proprietary UDP-based protocol. The application will be hoste...EasyQ70A company is building a data analytics platform. They have petabytes of data in Amazon S3. They want to allow their d...MediumQ71An enterprise is migrating its Active Directory to AWS. They want to use AWS Managed Microsoft AD. They have a strict...MediumQ72A company is using AWS CodePipeline for CI/CD. The pipeline deploys an application to an Amazon EKS cluster. The secu...HardQ73A company is migrating a large-scale data warehouse to Amazon Redshift. The on-premises data warehouse is 100 TB. The...MediumQ74An enterprise is building a centralized network egress architecture. All internet-bound traffic from 50 VPCs must be ...HardQ75A company is modernizing a monolithic application into microservices. They have chosen Amazon ECS on AWS Fargate. The...Medium