Practice Free SOA-C03 Exam Online Questions
Question #11
A company hosts a critical legacy application on two Amazon EC2 instances that are in one Availability Zone. The instances run behind an Application Load Balancer (ALB). The company uses Amazon CloudWatch alarms to send Amazon Simple Notification Service (Amazon SNS) notifications when the ALB health checks detect an unhealthy instance. After a notification, the company’s engineers manually restart the unhealthy instance. A CloudOps engineer must configure the application to be highly available and more resilient to failures.
Which solution will meet these requirements?
- A . Create an Amazon Machine Image (AMI) from a healthy instance. Launch additional instances from the AMI in the same Availability Zone. Add the new instances to the ALB target group.
- B . Increase the size of each instance. Create an Amazon EventBridge rule. Configure the EventBridge
rule to restart the instances if they enter a failed state. - C . Create an Amazon Machine Image (AMI) from a healthy instance. Launch an additional instance from the AMI in the same Availability Zone. Add the new instance to the ALB target group. Create an AWS Lambda function that runs when an instance is unhealthy. Configure the Lambda function to stop and restart the unhealthy instance.
- D . Create an Amazon Machine Image (AMI) from a healthy instance. Create a launch template that uses the AMI. Create an Amazon EC2 Auto Scaling group that is deployed across multiple Availability Zones. Configure the Auto Scaling group to add instances to the ALB target group.
Correct Answer: D
D
Explanation:
High availability requires removing single-AZ risk and eliminating manual recovery. The AWS Reliability best practices state to design for multi-AZ and automatic healing: Auto Scaling “helps maintain application availability and allows you to automatically add or remove EC2 instances” (AWS Auto Scaling User Guide). The Reliability Pillar recommends to “distribute workloads across multiple Availability Zones” and to “automate recovery from failure” (AWS Well-Architected Framework C Reliability Pillar). Attaching the Auto Scaling group to an ALB target group enables health-based replacement: instances failing load balancer health checks are replaced and traffic is routed only to healthy targets. Using an AMI in a launch template ensures consistent, repeatable instance configuration (AWS EC2 Launch Templates).
Options A and C keep all instances in a single Availability Zone and rely on manual or ad-hoc restarts, which do not meet high-availability or resiliency goals.
Option B only scales vertically and adds a restart rule; it neither removes the single-AZ failure domain nor provides automated replacement. Therefore, creating a multi-AZ EC2 Auto Scaling group with a launch template and attaching it to the ALB target group (Option D) is the CloudOps-aligned solution for resilience and business continuity.
References (AWS CloudOps Documents / Study Guide):
• AWS Certified CloudOps Engineer C Associate (SOA-C03) Exam Guide: Domain 2 C Reliability and Business Continuity
• AWS Well-Architected Framework C Reliability Pillar
• Amazon EC2 Auto Scaling User Guide C Health checks and replacement
• Elastic Load Balancing User Guide C Target group health checks and ALB integration
• Amazon EC2 Launch Templates C Reproducible instance configuration
D
Explanation:
High availability requires removing single-AZ risk and eliminating manual recovery. The AWS Reliability best practices state to design for multi-AZ and automatic healing: Auto Scaling “helps maintain application availability and allows you to automatically add or remove EC2 instances” (AWS Auto Scaling User Guide). The Reliability Pillar recommends to “distribute workloads across multiple Availability Zones” and to “automate recovery from failure” (AWS Well-Architected Framework C Reliability Pillar). Attaching the Auto Scaling group to an ALB target group enables health-based replacement: instances failing load balancer health checks are replaced and traffic is routed only to healthy targets. Using an AMI in a launch template ensures consistent, repeatable instance configuration (AWS EC2 Launch Templates).
Options A and C keep all instances in a single Availability Zone and rely on manual or ad-hoc restarts, which do not meet high-availability or resiliency goals.
Option B only scales vertically and adds a restart rule; it neither removes the single-AZ failure domain nor provides automated replacement. Therefore, creating a multi-AZ EC2 Auto Scaling group with a launch template and attaching it to the ALB target group (Option D) is the CloudOps-aligned solution for resilience and business continuity.
References (AWS CloudOps Documents / Study Guide):
• AWS Certified CloudOps Engineer C Associate (SOA-C03) Exam Guide: Domain 2 C Reliability and Business Continuity
• AWS Well-Architected Framework C Reliability Pillar
• Amazon EC2 Auto Scaling User Guide C Health checks and replacement
• Elastic Load Balancing User Guide C Target group health checks and ALB integration
• Amazon EC2 Launch Templates C Reproducible instance configuration
Question #12
An ecommerce company uses Amazon ElastiCache (Redis OSS) for caching product queries. The CloudOps engineer observes a large number of cache evictions in Amazon CloudWatch metrics and needs to reduce evictions while retaining popular data in cache.
Which solution meets these requirements with the least operational overhead?
- A . Add another node to the ElastiCache cluster.
- B . Increase the ElastiCache TTL value.
- C . Decrease the ElastiCache TTL value.
- D . Migrate to a new ElastiCache cluster with larger nodes.
Correct Answer: D
D
Explanation:
According to the AWS Cloud Operations and ElastiCache documentation, cache evictions occur when the cache runs out of memory and must remove items to make space for new data.
To reduce evictions and retain frequently accessed items, AWS recommends increasing the total available memory ― either by scaling up to larger node types or scaling out by adding shards/nodes. Migrating to a cluster with larger nodes is the simplest and most efficient solution because it immediately expands capacity without architectural changes.
Adjusting TTL (Options B and C) controls expiration timing, not memory allocation. Adding a single node (Option A) may help, but redistributing data requires resharding, introducing more complexity.
Thus, Option D provides the lowest operational overhead and ensures high cache hit rates by increasing total cache memory.
Reference: AWS Cloud Operations & Performance Optimization Guide C Reducing Evictions and Scaling Amazon ElastiCache Clusters
D
Explanation:
According to the AWS Cloud Operations and ElastiCache documentation, cache evictions occur when the cache runs out of memory and must remove items to make space for new data.
To reduce evictions and retain frequently accessed items, AWS recommends increasing the total available memory ― either by scaling up to larger node types or scaling out by adding shards/nodes. Migrating to a cluster with larger nodes is the simplest and most efficient solution because it immediately expands capacity without architectural changes.
Adjusting TTL (Options B and C) controls expiration timing, not memory allocation. Adding a single node (Option A) may help, but redistributing data requires resharding, introducing more complexity.
Thus, Option D provides the lowest operational overhead and ensures high cache hit rates by increasing total cache memory.
Reference: AWS Cloud Operations & Performance Optimization Guide C Reducing Evictions and Scaling Amazon ElastiCache Clusters
Question #13
A company uses AWS Organizations to manage multiple AWS accounts. A CloudOps engineer must identify all IPv4 ports open to 0.0.0.0/0 across the organization’s accounts.
Which solution will meet this requirement with the LEAST operational effort?
- A . Use the AWS CLI to print all security group rules for review.
- B . Review AWS Trusted Advisor findings in an organizational view for the Security Groups C Specific Ports Unrestricted check.
- C . Create an AWS Lambda function to gather security group rules from all accounts. Aggregate the findings in an Amazon S3 bucket.
- D . Enable Amazon Inspector in each account. Run an automated workload discovery job.
Correct Answer: B
B
Explanation:
According to AWS Cloud Operations and Governance documentation, AWS Trusted Advisor provides automated checks for security group rules across all accounts, including identifying ports open to 0.0.0.0/0.
When viewed in organizational mode, Trusted Advisor integrates with AWS Organizations, allowing administrators to access organization-wide security findings from a central management account. This approach requires no custom code, additional infrastructure, or manual inspection, providing immediate visibility and the lowest operational overhead.
AWS CLI scripts (Option A) or Lambda automation (Option C) introduce additional maintenance, and Amazon Inspector (Option D) is focused on instance-level vulnerabilities, not network access rules.
Therefore, Option B is the AWS-recommended CloudOps best practice for centralized and low-effort open-port auditing.
Reference: AWS Cloud Operations & Governance Guide C Using Trusted Advisor Organizational View for Security Group Port Checks
B
Explanation:
According to AWS Cloud Operations and Governance documentation, AWS Trusted Advisor provides automated checks for security group rules across all accounts, including identifying ports open to 0.0.0.0/0.
When viewed in organizational mode, Trusted Advisor integrates with AWS Organizations, allowing administrators to access organization-wide security findings from a central management account. This approach requires no custom code, additional infrastructure, or manual inspection, providing immediate visibility and the lowest operational overhead.
AWS CLI scripts (Option A) or Lambda automation (Option C) introduce additional maintenance, and Amazon Inspector (Option D) is focused on instance-level vulnerabilities, not network access rules.
Therefore, Option B is the AWS-recommended CloudOps best practice for centralized and low-effort open-port auditing.
Reference: AWS Cloud Operations & Governance Guide C Using Trusted Advisor Organizational View for Security Group Port Checks
Question #14
A financial services company stores customer images in an Amazon S3 bucket in the us-east-1 Region. To comply with regulations, the company must ensure that all existing objects are replicated to an S3 bucket in a second AWS Region. If an object replication fails, the company must be able to retry replication for the object.
What solution will meet these requirements?
- A . Configure Amazon S3 Cross-Region Replication (CRR). Use Amazon S3 live replication to replicate existing objects.
- B . Configure Amazon S3 Cross-Region Replication (CRR). Use S3 Batch Replication to replicate existing objects.
- C . Configure Amazon S3 Cross-Region Replication (CRR). Use S3 Replication Time Control (S3 RTC) to replicate existing objects.
- D . Use S3 Lifecycle rules to move objects to the destination bucket in a second Region.
Correct Answer: B
B
Explanation:
Per the AWS Cloud Operations and S3 Data Management documentation, Cross-Region Replication (CRR) automatically replicates new objects between S3 buckets across Regions. However, CRR alone does not retroactively replicate existing objects created before replication configuration. To include such objects, AWS introduced S3 Batch Replication.
S3 Batch Replication scans the source bucket and replicates all existing objects that were not copied previously. Additionally, it can retry failed replication tasks automatically, ensuring regulatory compliance for complete dataset replication.
S3 Replication Time Control (S3 RTC) guarantees predictable replication times for new objects only― it does not cover previously stored data. S3 Lifecycle rules (Option D) move or transition objects between storage classes or buckets, but not in a replication context.
Therefore, the correct solution is to use S3 Cross-Region Replication (CRR) combined with S3 Batch Replication to ensure all current and future data is synchronized across Regions with retry capability.
Reference: AWS Cloud Operations and S3 Guide C Section: Cross-Region Replication and Batch Replication for Existing Objects
B
Explanation:
Per the AWS Cloud Operations and S3 Data Management documentation, Cross-Region Replication (CRR) automatically replicates new objects between S3 buckets across Regions. However, CRR alone does not retroactively replicate existing objects created before replication configuration. To include such objects, AWS introduced S3 Batch Replication.
S3 Batch Replication scans the source bucket and replicates all existing objects that were not copied previously. Additionally, it can retry failed replication tasks automatically, ensuring regulatory compliance for complete dataset replication.
S3 Replication Time Control (S3 RTC) guarantees predictable replication times for new objects only― it does not cover previously stored data. S3 Lifecycle rules (Option D) move or transition objects between storage classes or buckets, but not in a replication context.
Therefore, the correct solution is to use S3 Cross-Region Replication (CRR) combined with S3 Batch Replication to ensure all current and future data is synchronized across Regions with retry capability.
Reference: AWS Cloud Operations and S3 Guide C Section: Cross-Region Replication and Batch Replication for Existing Objects
Question #15
A global gaming company is preparing to launch a new game on AWS. The game runs in multiple AWS Regions on a fleet of Amazon EC2 instances. The instances are in an Auto Scaling group behind an Application Load Balancer (ALB) in each Region. The company plans to use Amazon Route 53 for DNS services. The DNS configuration must direct users to the Region that is closest to them and must provide automated failover.
Which combination of steps should a CloudOps engineer take to configure Route 53 to meet these requirements? (Select TWO.)
- A . Create Amazon CloudWatch alarms that monitor the health of the ALB in each Region. Configure Route 53 DNS failover by using a health check that monitors the alarms.
- B . Create Amazon CloudWatch alarms that monitor the health of the EC2 instances in each Region.
Configure Route 53 DNS failover by using a health check that monitors the alarms. - C . Configure Route 53 DNS failover by using a health check that monitors the private IP address of an EC2 instance in each Region.
- D . Configure Route 53 geoproximity routing. Specify the Regions that are used for the infrastructure.
- E . Configure Route 53 simple routing. Specify the continent, country, and state or province that are used for the infrastructure.
Correct Answer: A, D
A, D
Explanation:
The combination of geoproximity routing and DNS failover health checks provides global low-latency routing with high availability.
Geoproximity routing in Route 53 routes users to the AWS Region closest to their geographic location, optimizing latency. For automatic failover, Route 53 health checks can monitor CloudWatch alarms tied to the health of the ALB in each Region. When a Region becomes unhealthy, Route 53 reroutes traffic to the next available Region automatically.
AWS documentation states:
“Use geoproximity routing to direct users to resources based on geographic location, and configure health checks to provide DNS failover for high availability.”
Option B incorrectly monitors EC2 instances directly, which is not efficient at scale.
Option C uses private IPs, which cannot be globally health-checked.
Option E (simple routing) does not support geographic or failover routing. Hence, A and D together meet both the proximity and failover requirements.
References (AWS CloudOps Documents / Study Guide):
• AWS Certified CloudOps Engineer C Associate (SOA-C03) Exam Guide C Domain 5: Networking and Content Delivery
• Amazon Route 53 Developer Guide C Geoproximity Routing and DNS Failover
• AWS Well-Architected Framework C Reliability Pillar
• Amazon CloudWatch Alarms C Integration with Route 53 Health Checks
A, D
Explanation:
The combination of geoproximity routing and DNS failover health checks provides global low-latency routing with high availability.
Geoproximity routing in Route 53 routes users to the AWS Region closest to their geographic location, optimizing latency. For automatic failover, Route 53 health checks can monitor CloudWatch alarms tied to the health of the ALB in each Region. When a Region becomes unhealthy, Route 53 reroutes traffic to the next available Region automatically.
AWS documentation states:
“Use geoproximity routing to direct users to resources based on geographic location, and configure health checks to provide DNS failover for high availability.”
Option B incorrectly monitors EC2 instances directly, which is not efficient at scale.
Option C uses private IPs, which cannot be globally health-checked.
Option E (simple routing) does not support geographic or failover routing. Hence, A and D together meet both the proximity and failover requirements.
References (AWS CloudOps Documents / Study Guide):
• AWS Certified CloudOps Engineer C Associate (SOA-C03) Exam Guide C Domain 5: Networking and Content Delivery
• Amazon Route 53 Developer Guide C Geoproximity Routing and DNS Failover
• AWS Well-Architected Framework C Reliability Pillar
• Amazon CloudWatch Alarms C Integration with Route 53 Health Checks
Question #16
A company has an application running on EC2 that stores data in an Amazon RDS for MySQL Single-AZ DB instance. The application requires both read and write operations, and the company needs failover capability with minimal downtime.
Which solution will meet these requirements?
- A . Modify the DB instance to be a Multi-AZ DB instance deployment.
- B . Add a read replica in the same Availability Zone where the DB instance is deployed.
- C . Add the DB instance to an Auto Scaling group that has a minimum capacity of 2 and a desired capacity of 2.
- D . Use RDS Proxy to configure a proxy in front of the DB instance.
Correct Answer: A
A
Explanation:
According to the AWS Cloud Operations and Database Reliability documentation, Amazon RDS Multi-AZ deployments provide high availability and automatic failover by maintaining a synchronous standby replica in a different Availability Zone.
In the event of instance failure, planned maintenance, or Availability Zone outage, Amazon RDS automatically promotes the standby to primary with minimal downtime (typically less than 60 seconds). The failover is transparent to applications because the DB endpoint remains the same.
By contrast, read replicas (Option B) are asynchronous and do not provide automated failover. Auto Scaling (Option C) applies to EC2, not RDS. RDS Proxy (Option D) improves connection management but does not add redundancy.
Thus, Option A ― converting the RDS instance into a Multi-AZ deployment ― delivers the required high availability and business continuity with minimal operational effort.
Reference: AWS Cloud Operations & Database Continuity Guide C Implementing Multi-AZ Deployments for Automatic RDS Failover
A
Explanation:
According to the AWS Cloud Operations and Database Reliability documentation, Amazon RDS Multi-AZ deployments provide high availability and automatic failover by maintaining a synchronous standby replica in a different Availability Zone.
In the event of instance failure, planned maintenance, or Availability Zone outage, Amazon RDS automatically promotes the standby to primary with minimal downtime (typically less than 60 seconds). The failover is transparent to applications because the DB endpoint remains the same.
By contrast, read replicas (Option B) are asynchronous and do not provide automated failover. Auto Scaling (Option C) applies to EC2, not RDS. RDS Proxy (Option D) improves connection management but does not add redundancy.
Thus, Option A ― converting the RDS instance into a Multi-AZ deployment ― delivers the required high availability and business continuity with minimal operational effort.
Reference: AWS Cloud Operations & Database Continuity Guide C Implementing Multi-AZ Deployments for Automatic RDS Failover
Question #17
A company’s architecture team must receive immediate email notifications whenever new Amazon EC2 instances are launched in the company’s main AWS production account.
What should a CloudOps engineer do to meet this requirement?
- A . Create a user data script that sends an email message through a smart host connector. Include the architecture team’s email address in the user data script as the recipient. Ensure that all new EC2 instances include the user data script as part of a standardized build process.
- B . Create an Amazon Simple Notification Service (Amazon SNS) topic and a subscription that uses the email protocol. Enter the architecture team’s email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched. Specify the SNS topic as the rule’s target.
- C . Create an Amazon Simple Queue Service (Amazon SQS) queue and a subscription that uses the email protocol. Enter the architecture team’s email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched. Specify the SQS queue as the rule’s target.
- D . Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure AWS Systems Manager to publish EC2 events to the SNS topic. Create an AWS Lambda function to poll the SNS topic. Configure the Lambda function to send any messages to the architecture team’s email address.
Correct Answer: B
B
Explanation:
As per the AWS Cloud Operations and Event Monitoring documentation, the most efficient method for event-driven notification is to use Amazon EventBridge to detect specific EC2 API events and trigger a Simple Notification Service (SNS) alert.
EventBridge continuously monitors AWS service events, including RunInstances, which signals the creation of new EC2 instances. When such an event occurs, EventBridge sends it to an SNS topic, which then immediately emails subscribed recipients ― in this case, the architecture team.
This combination provides real-time, serverless notifications with minimal management. SQS (Option C) is designed for queue-based processing, not direct user alerts. User data scripts (Option A) and custom polling with Lambda (Option D) introduce unnecessary operational complexity and latency.
Hence, Option B is the correct and AWS-recommended CloudOps design for immediate launch notifications.
Reference: AWS Cloud Operations & Monitoring Guide C Section: EventBridge and SNS Integration for EC2 Event Notifications
B
Explanation:
As per the AWS Cloud Operations and Event Monitoring documentation, the most efficient method for event-driven notification is to use Amazon EventBridge to detect specific EC2 API events and trigger a Simple Notification Service (SNS) alert.
EventBridge continuously monitors AWS service events, including RunInstances, which signals the creation of new EC2 instances. When such an event occurs, EventBridge sends it to an SNS topic, which then immediately emails subscribed recipients ― in this case, the architecture team.
This combination provides real-time, serverless notifications with minimal management. SQS (Option C) is designed for queue-based processing, not direct user alerts. User data scripts (Option A) and custom polling with Lambda (Option D) introduce unnecessary operational complexity and latency.
Hence, Option B is the correct and AWS-recommended CloudOps design for immediate launch notifications.
Reference: AWS Cloud Operations & Monitoring Guide C Section: EventBridge and SNS Integration for EC2 Event Notifications
Question #18
A company uses Amazon ElastiCache (Redis OSS) to cache application data. A CloudOps engineer must implement a solution to increase the resilience of the cache. The solution also must minimize the recovery time objective (RTO).
Which solution will meet these requirements?
- A . Replace ElastiCache (Redis OSS) with ElastiCache (Memcached).
- B . Create an Amazon EventBridge rule to initiate a backup every hour. Restore the backup when necessary.
- C . Create a read replica in a second Availability Zone. Enable Multi-AZ for the ElastiCache (Redis OSS) replication group.
- D . Enable automatic backups. Restore the backups when necessary.
Correct Answer: C
C
Explanation:
Comprehensive and Detailed Explanation From Exact Extract of AWS CloudOps Doocuments:
For high availability and fast failover, ElastiCache for Redis supports replication groups with Multi-AZ and automatic failover. CloudOps guidance states that a primary node can be paired with one or more replicas across multiple Availability Zones; if the primary fails, Redis automatically promotes a replica to primary in seconds, thereby minimizing RTO. This architecture maintains in-memory data continuity without waiting for backup restore operations. Backups (Options B and D) provide durability but require restore and re-warm procedures that increase RTO and may impact application latency. Switching engines (Option A) to Memcached does not provide Redis replication/failover
semantics and would not inherently improve resilience for this use case. Therefore, creating a read replica in a different AZ and enabling Multi-AZ with automatic failover is the prescribed CloudOps pattern to increase resilience and achieve the lowest practical RTO for Redis caches.
References (AWS CloudOps Documents / Study Guide):
• AWS Certified CloudOps Engineer C Associate (SOA-C03) Exam Guide C Reliability and Business Continuity
• Amazon ElastiCache for Redis C Replication Groups, Multi-AZ, and Automatic Failover
• AWS Well-Architected Framework C Reliability Pillar
C
Explanation:
Comprehensive and Detailed Explanation From Exact Extract of AWS CloudOps Doocuments:
For high availability and fast failover, ElastiCache for Redis supports replication groups with Multi-AZ and automatic failover. CloudOps guidance states that a primary node can be paired with one or more replicas across multiple Availability Zones; if the primary fails, Redis automatically promotes a replica to primary in seconds, thereby minimizing RTO. This architecture maintains in-memory data continuity without waiting for backup restore operations. Backups (Options B and D) provide durability but require restore and re-warm procedures that increase RTO and may impact application latency. Switching engines (Option A) to Memcached does not provide Redis replication/failover
semantics and would not inherently improve resilience for this use case. Therefore, creating a read replica in a different AZ and enabling Multi-AZ with automatic failover is the prescribed CloudOps pattern to increase resilience and achieve the lowest practical RTO for Redis caches.
References (AWS CloudOps Documents / Study Guide):
• AWS Certified CloudOps Engineer C Associate (SOA-C03) Exam Guide C Reliability and Business Continuity
• Amazon ElastiCache for Redis C Replication Groups, Multi-AZ, and Automatic Failover
• AWS Well-Architected Framework C Reliability Pillar
Question #19
A CloudOps engineer has created an AWS Service Catalog portfolio and shared it with a second AWS account in the company, managed by a different CloudOps engineer.
Which action can the CloudOps engineer in the second account perform?
- A . Add a product from the imported portfolio to a local portfolio.
- B . Add new products to the imported portfolio.
- C . Change the launch role for the products contained in the imported portfolio.
- D . Customize the products in the imported portfolio.
Correct Answer: A
A
Explanation:
Per the AWS Cloud Operations and Service Catalog documentation, when a portfolio is shared across AWS accounts, the recipient account imports the shared portfolio.
The recipient CloudOps engineer cannot modify the original products or their configurations but can:
Add products from the imported portfolio into their local portfolios for deployment, Control end-user access in the recipient account, and Manage local constraints or permissions.
However, the recipient cannot edit, delete, or reconfigure the shared products (Options B, C, and D). The source (owner) account retains full administrative control over products, launch roles, and lifecycle policies.
This model aligns with AWS CloudOps principles of centralized governance with distributed self-service deployment across multiple accounts.
Thus, Option A is correct―imported portfolios allow the recipient to add products to a local portfolio but not alter the shared configuration.
Reference: AWS Cloud Operations & Governance Guide C Managing Shared AWS Service Catalog Portfolios Across Multiple Accounts
A
Explanation:
Per the AWS Cloud Operations and Service Catalog documentation, when a portfolio is shared across AWS accounts, the recipient account imports the shared portfolio.
The recipient CloudOps engineer cannot modify the original products or their configurations but can:
Add products from the imported portfolio into their local portfolios for deployment, Control end-user access in the recipient account, and Manage local constraints or permissions.
However, the recipient cannot edit, delete, or reconfigure the shared products (Options B, C, and D). The source (owner) account retains full administrative control over products, launch roles, and lifecycle policies.
This model aligns with AWS CloudOps principles of centralized governance with distributed self-service deployment across multiple accounts.
Thus, Option A is correct―imported portfolios allow the recipient to add products to a local portfolio but not alter the shared configuration.
Reference: AWS Cloud Operations & Governance Guide C Managing Shared AWS Service Catalog Portfolios Across Multiple Accounts
Question #20
A company runs custom statistical analysis software on a cluster of Amazon EC2 instances. The software is highly sensitive to network latency between nodes, although network throughput is not a
limitation.
Which solution will minimize network latency?
- A . Place all the EC2 instances into a cluster placement group.
- B . Configure and assign two Elastic IP addresses for each EC2 instance.
- C . Configure jumbo frames on all the EC2 instances in the cluster.
- D . Place all the EC2 instances into a spread placement group in the same AWS Region.
Correct Answer: A
A
Explanation:
The AWS Cloud Operations and Compute documentation explains that placement groups control how EC2 instances are physically arranged within AWS data centers to optimize network performance.
Among the available placement strategies:
Cluster placement groups place instances physically close together within a single Availability Zone, connected through high-bandwidth, low-latency networking (ideal for tightly coupled, HPC, or distributed workloads).
Spread placement groups distribute instances across distinct racks or Availability Zones for fault tolerance, increasing latency.
Partition placement groups separate instances into partitions for isolation, not latency reduction.
Therefore, to minimize latency for workloads such as computational clusters, the CloudOps engineer should use a cluster placement group. This placement ensures single-digit microsecond latency and enhanced packet rate performance between instances.
Elastic IPs (Option B) do not influence internal networking. Jumbo frames (Option C) can marginally improve throughput but do not reduce propagation latency. Spread placement (Option D) increases distance, worsening latency.
Hence, Option A ― using a cluster placement group ― delivers the lowest possible network latency and is AWS’s best-practice design for HPC-style clusters.
Reference: AWS Cloud Operations & Compute Optimization Guide C Optimizing EC2 Networking with Cluster Placement Groups for Low Latency Workloads
A
Explanation:
The AWS Cloud Operations and Compute documentation explains that placement groups control how EC2 instances are physically arranged within AWS data centers to optimize network performance.
Among the available placement strategies:
Cluster placement groups place instances physically close together within a single Availability Zone, connected through high-bandwidth, low-latency networking (ideal for tightly coupled, HPC, or distributed workloads).
Spread placement groups distribute instances across distinct racks or Availability Zones for fault tolerance, increasing latency.
Partition placement groups separate instances into partitions for isolation, not latency reduction.
Therefore, to minimize latency for workloads such as computational clusters, the CloudOps engineer should use a cluster placement group. This placement ensures single-digit microsecond latency and enhanced packet rate performance between instances.
Elastic IPs (Option B) do not influence internal networking. Jumbo frames (Option C) can marginally improve throughput but do not reduce propagation latency. Spread placement (Option D) increases distance, worsening latency.
Hence, Option A ― using a cluster placement group ― delivers the lowest possible network latency and is AWS’s best-practice design for HPC-style clusters.
Reference: AWS Cloud Operations & Compute Optimization Guide C Optimizing EC2 Networking with Cluster Placement Groups for Low Latency Workloads
1 2