ExpertAWS Solutions Architect Professional (SAP-C02)
AWS Solutions Architect Professional SAP-C02 Practice Exam 7
75 free questions · No sign-up required to browse
Comprehensive practice exam for the AWS Certified Solutions Architect - Professional (SAP-C02) certification. Covers enterprise-scale architectures, multi-account strategies, complex migrations, and advanced networking.
75
Questions
Mixed
Difficulty
75%
Pass mark
Difficulty breakdown
Easy(12)
Medium(38)
Hard(25)
Topics covered
Browse all topics →Domain 1.1: Network ConnectivityDomain 1.2: Security ControlsDomain 1.3: Reliability and ResilienceDomain 1.4: Multi-Account EnvironmentDomain 1.5: Cost OptimizationDomain 2.1: Deployment StrategyDomain 2.2: Business ContinuityDomain 2.3: Security ControlsDomain 2.4: ReliabilityDomain 2.5: PerformanceDomain 3.1: Operational ExcellenceDomain 3.2: Security ImprovementDomain 3.3: Performance ImprovementDomain 3.5: Cost OptimizationDomain 4.1: Migration StrategyDomain 4.1: Select Workloads for MigrationDomain 4.2: New Architecture DesignDomain 4.3: Migration StrategyDomain 4.4: Modernization Requirements
Sample questions
Q01Hard1 mark
A global enterprise is designing a multi-region network architecture connecting 50 AWS accounts across 3 AWS Regions and 4 on-premises data centers. The company requires transitive routing between all VPCs and on-premises networks. Traffic between AWS Regions must be encrypted and traverse the AWS global network. The solution must minimize operational overhead and support up to 50 Gbps of bandwidth per region. Which architecture meets these requirements MOST cost-effectively?
Q02Hard1 mark
A company is migrating its hybrid network to AWS. They have two 10 Gbps AWS Direct Connect connections in a Link Aggregation Group (LAG). They need to ensure that traffic between their on-premises data center and their Amazon VPCs is encrypted in transit. The solution must support at least 5 Gbps of encrypted throughput. Which combination of steps should the Solutions Architect take? (Select TWO)
Q03Medium1 mark
An enterprise has 100 AWS accounts in AWS Organizations. The security team mandates that all Amazon S3 buckets across all accounts must block public access. If a bucket is created without this setting, it must be automatically remediated within minutes. Which solution meets these requirements with the LEAST operational overhead?
Q04Easy1 mark
A financial company requires that all EBS volumes, S3 buckets, and RDS databases be encrypted using customer-managed keys. The company has a strict requirement that the cryptographic material must be generated and stored in a single-tenant hardware appliance under their exclusive control. Which AWS service should the architect use?
Q05Hard1 mark
An enterprise is designing a disaster recovery strategy for a critical application running on Amazon EC2 and Amazon Aurora PostgreSQL. The business requires an RPO of 5 minutes and an RTO of 15 minutes. The DR site is in a different AWS Region. Which combination of actions will meet these requirements? (Select THREE)
Ready to Practice the full exam?
All 75 questions with worked answers, mark schemes, and AI tutoring.
All questions (75)
Free to browse · no sign-up requiredQ01A global enterprise is designing a multi-region network architecture connecting 50 AWS accounts across 3 AWS Regions ...HardQ02A company is migrating its hybrid network to AWS. They have two 10 Gbps AWS Direct Connect connections in a Link Aggr...HardQ03An enterprise has 100 AWS accounts in AWS Organizations. The security team mandates that all Amazon S3 buckets across...MediumQ04A financial company requires that all EBS volumes, S3 buckets, and RDS databases be encrypted using customer-managed ...EasyQ05An enterprise is designing a disaster recovery strategy for a critical application running on Amazon EC2 and Amazon A...HardQ06A company is setting up a multi-account AWS environment using AWS Control Tower. They need to ensure that developers ...MediumQ07An organization uses AWS Organizations with consolidated billing. The central IT team wants to allocate costs back to...MediumQ08A company is designing a CI/CD pipeline for a microservices application deployed on Amazon EKS. The pipeline must sup...HardQ09A healthcare company is building a new patient portal on AWS. The application uses an Application Load Balancer (ALB)...MediumQ10A media company is designing a video streaming platform. The architecture uses Amazon S3 for storage, Amazon CloudFro...HardQ11A company has a legacy monolithic application running on a single large EC2 instance. The application frequently cras...MediumQ12A security audit reveals that several Amazon EC2 instances in a VPC have unrestricted outbound internet access. The s...HardQ13A company is running a high-traffic e-commerce website on AWS. The database tier uses Amazon Aurora MySQL. During fla...MediumQ14A company is evaluating its AWS bill and notices high costs associated with Amazon S3. They have petabytes of data st...EasyQ15An enterprise is planning a mass migration of 500 on-premises VMware virtual machines to AWS. The business requires t...MediumQ16A company wants to modernize a legacy batch processing system. The current system runs on a single on-premises server...HardQ17A global financial institution is designing a multi-region active-active architecture for its core transaction proces...HardQ18A company is migrating a large on-premises data warehouse to Amazon Redshift. The data size is 500 TB. The company ha...MediumQ19An enterprise uses AWS Organizations. The security team wants to ensure that no IAM user or role in any member accoun...MediumQ20A company is designing a serverless application using Amazon API Gateway, AWS Lambda, and Amazon DynamoDB. The applic...HardQ21An architecture uses Amazon Kinesis Data Streams to ingest telemetry data from IoT devices. An AWS Lambda function pr...MediumQ22A company requires a hybrid DNS resolution strategy. On-premises servers must resolve AWS private hosted zones, and A...MediumQ23An enterprise is migrating its Active Directory to AWS. They want to use AWS Managed Microsoft AD. They have a requir...MediumQ24A company is designing a data lake on Amazon S3. Data is ingested from various sources and processed by AWS Glue. The...HardQ25A company has a multi-tier application running on AWS. The web tier is in a public subnet, and the application and da...MediumQ26An architecture relies on an Amazon SQS queue to decouple a web frontend from a backend processing tier running on EC...HardQ27A company is migrating a critical Oracle database to Amazon RDS for Oracle. The database is 10 TB and supports a high...HardQ28A company wants to implement a blue/green deployment strategy for a containerized application running on Amazon ECS w...MediumQ29An enterprise has a strict compliance requirement that all Amazon EBS volumes must be encrypted. They want to ensure ...EasyQ30A company is designing a multi-region architecture for a critical API. The API is hosted on Amazon API Gateway and AW...MediumQ31A data engineering team uses Amazon EMR for big data processing. The clusters are transient; they are spun up daily, ...EasyQ32A company is building a machine learning pipeline. Data scientists need to access sensitive datasets stored in Amazon...MediumQ33A company is migrating a legacy application to AWS. The application uses a proprietary file system that requires a PO...MediumQ34An enterprise is adopting AWS Control Tower to manage its multi-account environment. The security team wants to autom...MediumQ35A company is designing an event-driven architecture. An Amazon API Gateway receives orders and places them in an Amaz...MediumQ36A company has a web application hosted on Amazon EC2 instances behind an Application Load Balancer (ALB). The applica...MediumQ37An organization is migrating its on-premises data center to AWS. They have a legacy application hardcoded to use spec...MediumQ38A company is designing a disaster recovery plan for a critical application. The application uses Amazon EC2, Amazon R...HardQ39A security team wants to automate the response to compromised Amazon EC2 instances. If Amazon GuardDuty detects that ...HardQ40A company is designing a highly available architecture for a stateful legacy application. The application runs on a s...HardQ41A media company stores petabytes of video archives in Amazon S3 Glacier Deep Archive. They receive a legal request to...MediumQ42A company is building a serverless data ingestion pipeline. Data is sent to an Amazon API Gateway, which triggers an ...HardQ43A global gaming company uses Amazon DynamoDB for player profiles. Players are distributed worldwide. The company want...EasyQ44An enterprise is migrating 1,000 applications to AWS. They want to track the progress of the migration, discover on-p...EasyQ45A company is designing a hybrid cloud architecture. They have an AWS Direct Connect connection. They want to use AWS ...HardQ46A company has a microservices architecture deployed on Amazon EKS. They want to implement a service mesh to handle mu...MediumQ47A financial services company is building a data lake on Amazon S3. They need to query the data using Amazon Athena. T...MediumQ48A company is experiencing performance issues with an application running on Amazon EC2 instances. The application con...MediumQ49A company wants to migrate a 50 TB on-premises NFS file share to Amazon EFS. The migration must be done securely over...MediumQ50An architecture uses AWS Step Functions to orchestrate a complex order fulfillment process. One of the steps invokes ...MediumQ51A company is designing a multi-account strategy using AWS Organizations. They want to isolate their production enviro...HardQ52A company has a fleet of Amazon EC2 instances running a legacy application. The application logs are written to local...EasyQ53A company is migrating a large PostgreSQL database to Amazon Aurora PostgreSQL. The database is currently 15 TB. The ...HardQ54A company is designing a highly available, multi-region architecture for a web application. The application uses Amaz...HardQ55A company is using AWS Cost Explorer and notices a significant increase in data transfer costs. Upon investigation, t...MediumQ56An enterprise is building a centralized network inspection architecture using AWS Transit Gateway. They have a dedica...HardQ57A company is migrating a legacy monolithic application to a microservices architecture on AWS. The legacy application...HardQ58A company requires that all IAM users authenticate using Multi-Factor Authentication (MFA) before they can access any...MediumQ59A data analytics company processes large volumes of data using AWS Lambda. The Lambda functions are packaged as conta...HardQ60A company is designing a highly secure environment on AWS. They need to store sensitive database credentials. The cre...MediumQ61A company has a multi-account environment managed by AWS Organizations. They want to ensure that all Amazon EBS snaps...MediumQ62An enterprise is migrating a legacy application that uses a hardcoded IP address for its database connection. The dat...HardQ63A company is designing a serverless application using AWS AppSync and Amazon DynamoDB. The application requires real-...MediumQ64A company wants to migrate its on-premises Apache Kafka cluster to AWS. They want a fully managed service that is hig...EasyQ65An architecture includes an Amazon API Gateway, AWS Lambda, and Amazon RDS. The Lambda function frequently exhausts t...MediumQ66A company is designing a disaster recovery strategy for an Amazon Aurora MySQL database. The requirement is an RPO of...HardQ67A company wants to securely connect its on-premises data center to an Amazon VPC. They require an encrypted connectio...EasyQ68An organization is using AWS CloudFormation to manage its infrastructure. They want to ensure that any manual changes...EasyQ69A company is migrating a large-scale web application to AWS. The application requires a shared file system that can b...MediumQ70A company wants to optimize its AWS costs. They have steady-state, predictable EC2 workloads that will run continuous...EasyQ71An architecture uses Amazon SQS and AWS Lambda. The Lambda function processes messages from the SQS queue and writes ...MediumQ72A company is designing a secure network architecture. They have a VPC with public and private subnets. EC2 instances ...MediumQ73A company is migrating a large MySQL database to Amazon Aurora MySQL. The application requires high availability and ...MediumQ74A company wants to implement continuous compliance monitoring for their AWS environment. They want to be alerted if a...EasyQ75A company is migrating its data analytics platform to AWS. The platform requires a data warehouse that can query peta...Medium