This AWS practice test helps you to pass the following AWS exams and can also helps you to revise the AWS concepts if you are preparing for AWS interviews.

  • AWS Certified Solutions Architect Professional
  • AWS Certified Solutions Architect Associate
  • AWS Certified Cloud Practitioner

Below AWS practice tests has two different Modes

  • Learning Mode: 25 questions per test with answers and explanation, no time limit, repeat tests
  • Exam Mode: 75 questions per test (similar to real AWS exam), 180 minutes, repeat tests


2. AWS Certified Solutions Architect Professional – Exam Mode

0 votes, 0 avg

Click Start button to start exam !

Time Out !

1 / 75

Your team has found that a client's load balancer needs to be configured with support for SSL offload using the default security policy. When negotiating the SSL connections between the client and the load balancer, you want the load balancer to determine which cipher is used for the SSL connection. Which actions perform this process on the load balancer? (Choose 3 answers)

2 / 75

One of your customers is a large multi-national company whose infrastructure on AWS has grown significantly over the past year. The CIO has come to you asking how the huge amount of data that is being generated can be accessed in real-time which would give them a significant edge over all of their competitors. You know that AWS can provide a range of analytics but which of the following would be best to try and accomplish this?

3 / 75

Your company allows technical personnel to manage their own S3 buckets. But there have been too many instances of users deleting important project related data. What additional steps can you take to prevent accidental deletion or overwriting of data? (Choose 3 answers)

4 / 75

You are working as a Solutions Architect for a civil engineering company. You’ve been tasked with creating a Virtual Private Cloud to support a hybrid cloud solution. The cloud environment will need to connect to an on-premises application that cannot be migrated to the VPC. Your requirements are to get the connection setup as quickly as possible. Which option can you use to connect the VPC to the on-premise environment as quickly as possible?

5 / 75

You are an engineer at a large bank, responsible for managing your firm’s AWS infrastructure. As the environment and number of active resources continue to grow, your finance team is having a difficult time attributing your AWS costs to the various business units. How can you help the finance team assign costs to the correct business units? (Choose 2 answers)

6 / 75

To provide adequate computer resources for your company portal during busy sales cycles, you have your instances assigned to an EC2 auto scaling group associated with an application load balancer. You are now configuring the health checks for the auto scaling group.

What statement regarding health check configuration options for your auto scaling group is correct?

7 / 75

You have been charged with investigating cloud security options for your company in light of recent suspected threats. You are aware that certain AWS services can help mitigate DDoS attacks, and you are specifically looking for a service that provides protection from counterfeit requests (Layer 7) or SYN floods (Layer 4). Which services provide this protection? (Choose 2 answers)

8 / 75

You have created an S3 bucket where project managers can upload their projects' files. Project files change frequently, so retaining multiple copies of files when changes occur is essential. Each project is also considered confidential, each project file must be encrypted at rest when stored in S3.

How could you meet these requirements for your bucket and contents?

9 / 75

Due to compliance rules and regulations, your company's workload has to run on dedicated instances. How can you make sure that all EC2 instances created for your workload now and in the future are dedicated instances? (Choose 2 answers)

10 / 75

You have begun your migration into Amazon Web Services using the AWS Database Migration Service. You are pleased that there are no errors; however, the migration tasks are running slowly. You review the resources that have been assigned to the AWS DMS replication instance, and they seem to be adequate. Which other task could you perform to help speed up the initial migration tasks?

11 / 75

You need to design secure administrative access to application servers residing in private subnets in multiple availability zones. You require a select group of administrators to have access from specific IP addresses. You also want the solution to be automated and repeatable. Which of the following options could achieve your goals? (Choose 2 answers)

12 / 75

You are in the process of planning your backup strategy between an on-premises data center and AWS cloud. You are considering Storage Gateway technology for backup and restore in your hybrid environment. What are the primary factors that affect Backup and Recovery times when using Storage Gateways? (Choose 2 answers)

13 / 75

You have configured an AWS cloud environment for an ecommerce company. This environment is heavily reliant upon being highly available as downtime will lose the company a great deal of money. You monitor this environment very closely with numerous CloudWatch alarms. Recently you are seeing 'InsufficientInstanceCapacity' errors during auto scaling attempts during peak hours from 4:00 - 9:00 pm EST. This is causing costly downtime. Which option will best handle this situation?

14 / 75

You have a lot of data stored in the AWS Storage Gateway and your manager has come to you asking about how the billing is calculated, specifically the Virtual Tape Shelf usage. What would be a correct response to this?

15 / 75

You are responsible for maintaining an RDS database deployed in a Multi-AZ deployment architecture. What would be the downtime and/or failover cycle associated with maintenance events on your database? (Choose 2 answers)

16 / 75

After monitoring your online sales application for the last two weeks of holiday sales, it is apparent that your database tier’s current architectural design is not sufficient. Your database is currently managed within Amazon RDS. The decision is made to scale your instance to a greater size based on database recommendations from the vendor. Your current database storage type is magnetic, and storage usage is currently at 70%.

Which modifications could potentially improve the performance of your database? (Choose 2 answers)

17 / 75

You are an AWS Solutions Architect helping a client plan a migration to the AWS Cloud. The client has provided you with a detailed inventory of their current on-premises compute infrastructure, including metrics related to storage and bandwidth. What tool would you use to estimate the amount of money they will save by migrating to the AWS Cloud?

18 / 75

Your account has 3 VPCs deployed in the same region.

The IPv4 address ranges of the VPCs are:




VPC B and VPC C are already connected through VPC peering connection (PCX) named pcx-abcxyz. VPC A has resources that VPC B and VPC C must access. Which of the options below best achieves the objective of allowing VPC B and VPC C to access VPC A?

19 / 75

Your company is migrating into Amazon Web Services and has selected the US East region in which to operate. The majority of your work involves interfacing with government departments in the United States and Germany. Your company expects the deployment into the cloud to be up and running in a minimum of time. Before deploying any resources in the European region, what should be your first consideration?

20 / 75

You wish to perform detailed monitoring on servers that are marked as unhealthy before they are terminated. After researching the issue, you find that lifecycle hooks can be deployed as necessary. Which strategies could you use to perform detailed monitoring? (Choose 2 answers)

21 / 75

If your AWS data must meet specific regulations such as the EU Data protection laws, what must you do?

22 / 75

Which statements below correctly describe how a security group functions in the AWS cloud? (Choose 2 answers)

23 / 75

You have determined specific instances will need to be resized by either scaling the instance(s) up or down.

What basic rules apply when resizing EC2 instances?  (Choose 2 answers

24 / 75

Your company is concerned with EBS volume backup on Amazon EC2 and wants to ensure they have proper backups that are scheduled once a day and that the data is durable. Which of the following options would be best for this? (Choose 2 answers)

25 / 75

You are designing an Amazon RDS database solution for a new medical supply company. This is a brand new company and they do not have an existing on-premises database. They would like to use Oracle for their new database. With a brand new database, which licensing model will you use for Oracle?

26 / 75

You are architecting for a hybrid cloud solution that will require continuous connectivity between on-premises servers and instances on AWS. You found that the connectivity between on-premises and AWS does not require high bandwidth for now so you decided to go with resilient VPN connectivity. Which of the following services are part of establishing a resilient VPN connection between on-premises networks and AWS? (Choose 3 answers)

27 / 75

Your new client is a federal agency utilizing a hybrid cloud environment. The agency distributes large amounts of sensitive data throughout the world. Your task is to ensure that the data is secure using various encryption techniques as well as security groups and access control lists.

One of the requirements is to distribute content utilizing CloudFront for optimal performance but to completely restrict access from within certain blacklisted countries. What service can you use with CloudFront to fulfill this requirement?

28 / 75

Your company has decided to use cloud methods for disaster recovery. The company is most concerned with RTO and RPO and is willing to accept the extra cost of Warm Standby over Pilot Light. When a disaster occurs, your top priority is to increase the processing capacity of your scaled-down environment. Once that is accomplished, you can then increase the environment's resilience and self-management capabilities.

What steps will help you accomplish your top priority when a disaster occurs? (Choose 2 answers)

29 / 75

You are an engineer at a large bank, responsible for managing your firm’s AWS infrastructure. Your finance team has approached you, indicating their concern over the growing EC2 budget. They have asked you to identify strategies to reduce the EC2 spend by at least 25% before the next monthly billing cycle. How choices below could assist in accomplishing this? (Choose 3 answers)

30 / 75

One of your developers is creating an application that must upload large files to an S3 bucket. You suggest that they use the multipart upload feature. Which actions are required from the developer to complete a multipart upload? (Choose 2 answers)

31 / 75

You are creating an application that stores extremely sensitive financial information. All information in the system must be encrypted at rest and in transit. Which of these is a violation of this policy?

32 / 75

You have been checking some Amazon EC2 Auto Scaling events that you previously configured. You notice that an application is scaling up and down multiple times within the hour. Which of the following design changes could optimize cost while preserving elasticity? (Choose 2 answers)

33 / 75

Your client wants to implement scalable but cost-effective storage while maintaining data security. You recommend using AWS Storage Gateway and set up an instance as a cached volume gateway for low latency. You immediately realize that you need to access the storage on the gateway. Which method would you use?

34 / 75

You are an engineer at a large bank, responsible for managing your firm’s AWS infrastructure. The finance team has approached you, indicating their concern over the growing AWS budget, and has asked you to investigate ways to lower it. Since your firm has enterprise-level support, you decide to use the AWS Trusted Advisor tool for this effort. What are some of the cost optimization checks that Trusted Advisor will perform? (Choose 3 answers)

35 / 75

You have 4 Direct Connect (DX) connections to your VPC from your Chicago, Boston, Houston, and Orlando offices. Your VPC’s address range is You are using BGP routing. You would like to ensure AWS uses the Chicago connection to reach the IP addresses ranging from on your network. The other three locations are currently advertising the following routes:

Boston: AS 65000

Houston: AS 65000 65000

Orlando: AS 65000 65000  65000

Which of the following routes could you advertise from your Chicago connection to ensure AWS uses it to access IP addresses ranging from

36 / 75

You have started your own consulting business and have been contracted by a doctors office to help move their outdated scheduling and billing system to the cloud. One feature you have offered at low cost is a disaster recovery solution that will keep their offices operational with minimal downtime. You've configured a standby EC2 instance that can be spun up in minutes. What feature can be quickly attached to the standby EC2 instance in a failover situation, to get the standby operational as quickly as possible?

37 / 75

You have deployed an application hosted on both a primary instance and a secondary standby instance. The instances are in the same subnet within a VPC.

If the primary instance fails, you would like to failover to the secondary instance without having to reconfigure the application. How can you accomplish this? (Choose 3 answers)

38 / 75

Your organization is migrating applications to AWS. Your new security policy mandates that all user accounts be created and managed through IAM. Currently, your corporation is using Active Directory as their on-premise LDAP service. Once applications go live at AWS, all users must access applications using temporary access credentials, and all IAM users must have passwords that are rotated on a set schedule. Which of the following actions will allow you to enforce this security policy? (Choose 3 answers)

39 / 75

A client has contracted you to review their existing AWS cloud environment and recommend and implement best practice changes. You begin by reviewing existing users and Identity Access Management. You immediately notice improvements that can be made with the use of the root account and Identity Access Management. What are the best practice guidelines for use of the root account?

40 / 75

You work for a company that automatically tags photographs using artificial neural networks (ANNs), which run on GPUs using C++. You receive millions of images in one batch, with an average of 3 batches per day. These images are loaded into an Amazon S3 bucket you control for you in a batch, and then the customer publishes a JSON-formatted manifest into another S3 bucket you control as well. Each image takes 10 milliseconds to process using a full GPU. Your neural network software requires 5 minutes to bootstrap. Image tags are JSON objects, and you must publish them to an S3 bucket.

Which of these is the best system architectures for this system?

41 / 75

You have been contracted to start building the latest and greatest mobile chat app. The schedule for this development and delivery is time critical. What correct mix of AWS services and components should you consider to ensure that your mobile chat app can be produced on time, ensuring that the mobile chat app can authenticate and authorize users?

42 / 75

While monitoring your application servers hosted behind an elastic load balancer, you discover that the servers always operate at between 75 and 80% of their capacity after five minutes of operation. Also, there is a constant number of servers being marked as unhealthy very early in their initial lifecycle. Upon further analysis, you also discover that your servers are taking between three and four minutes to become operational after launch. What two tasks should you complete as soon as possible? (Choose 2 answers)

43 / 75

You create a two-tiered web application for a client with Elastic Load Balancer, two Web Servers, and a MySQL database. You begin getting complaints of poor response times and notice that the requests to the database are increasing weekly. The result is queries that are taking longer and longer. What steps can you take to speed up database performance? (Choose 2 answers)

44 / 75

You have just set up a large site for a client which involved a huge database which you set up with Amazon RDS to run as a Multi-AZ deployment. You now start to worry about what will happen if the database instance fails. Which statement best describes how this database will function if there is a database failure?

45 / 75

A MySQL database currently contains 2 million records. Approximately 2000 new records are added every day, with an average of 80 queries per second. The database is running on a 4 core, 4 GB dedicated system in the local data center. Once a week, on average, the system has issues and resets. It is next on the list to be moved to the cloud. What step should be taken first before it is migrated?

46 / 75

What does Amazon DynamoDB provide?

47 / 75

Your web-based application has been launched publicly. Your design has implemented auto scaling and classic load balancing and your design is responding to the changes in demand as expected. Over the next few months, during the holiday season, demand is expected to be quite robust. You estimate that 100 EC2 instances will be required to meet your customers’ demand. How should you plan properly for growth? (Choose 2 answers)

48 / 75

You are an administrator managing Windows File Servers in Amazon Web Services. You need to set up a fault-tolerant system to protect your shared files. You decide to use DFS Namespaces and DFS Replication.

Which of the following are prerequisites? (Choose 2 answers)

49 / 75

You are configuring your application's compute layer using AWS EC2 Auto Scaling. When configuring the group's capacity, you have set the auto scaling group's minimum capacity to four, the desired capacity to 8, and the maximum capacity to 16. When you deploy your auto scaling group, and the instances have completely deployed, how many instances will there be within your group?

50 / 75

A customer needs to migrate several hundred terabytes of data into AWS. You typically use Amazon Snowball for these types of requests. What method does AWS recommend regarding data upload to the Snowball appliance? (Choose 2 answers)

51 / 75

You are tasked with configuring Route 53 for use with EC2 instances across multiple regions that are used for a customer’s website. The customer would like to route traffic based upon the location of the website’s visitors so visitors from specific regions can be presented with specific content. Which of the following would be best suited to meet the requirement?

52 / 75

Your team is developing an application using Elastic Beanstalk and discussing the most appropriate environment for deployment. What two types of environments can be created when using Elastic Beanstalk? (Choose 2 answers)

53 / 75

Your company is planning to deploy a hybrid environment linking their on-premise database to an application hosted at AWS. When considering performance rather than security, what are key concerns when designing a network between AWS and the on-site database? (Choose 2 answers)

54 / 75

You have been assigned as a technical lead to a client that has their own development team. The team is relatively new to developing in the cloud. In a design meeting the developers begin discussing developing a messaging queue for data that does not need processed immediately. You begin telling them about the merits of Amazon SQS. What are the benefits of SQS over an in-house developed messaging queue? (Choose 3 answers)

55 / 75

You are managing cloud storage for your company, which wants the technical staff to have some latitude in managing the buckets under your supervision. In an effort to increase visibility and accountability on bucket management, you'd like to know who is accessing the buckets and to be notified of delete actions.

What features can provide this information for S3 buckets? (Choose 2 answers)

56 / 75

You have been asked to create a new S3 Bucket that will be used by the financial auditing team to store and share some files. There are a lot of different permissions between listing only, read-only and read-write access. You have decided to use resource-based permissions for the flexibility of it. Which statements below are correct with regards to resource-based permissions on your S3 bucket? (Choose 2 answers)

57 / 75

Your client has contacted you about an existing AWS cloud environment that they have. They have a large number of T2 large instances in a VPC but have statistics indicating they may need larger instances soon. Another consideration is the company's limited budget to add new instances and/or upgrade its current instances. However, they need to do something and are relying on you to provide a solution. This company has used its existing instances for over 3 years and expects a similar lifespan for any new solution.

What changes would best address the issues with their compute resources? (Choose 2 answers)

58 / 75

Regarding Amazon Route 53, if your application is running on Amazon EC2 instances in two or more Amazon EC2 regions and if you have more than one Amazon EC2 instance in one or more regions, you can use _______ to route traffic to the correct region for fastest response and then use ________to route traffic to instances within the region, based on weights that you specify.

59 / 75

You are involved in the design of a client's AWS cloud environment. A requirements meeting regarding storage leads to the need for EBS volumes in the design. Much of the design will require standard storage but there is a critical business application, which requires sustained IOPs performance. Which EBS storage option is best for critical apps that need high performance?

60 / 75

Your company uses an on-premise identity system such as Active Directory to authenticate users locally. You would like to grant the same users access into the AWS console without requiring them to authenticate again. What possible solution below can be used to provide this type of access:

61 / 75

You are configuring Amazon Route 53 to route traffic destined for to an Application Load Balancer that is configured to distribute traffic in two availability zones in the same AWS region. Which record set should you edit to point traffic for to your Application Load Balancer? Select the answer that is the most cost-effective and scalable.

62 / 75

You are a DBA at a rapidly growing company and you want to shorten failover time for your Amazon RDS SQL Server database. Which strategies will shorten failover time? (Choose 2 answers)

63 / 75

You are the lead architect for an online educational content streaming service. You currently have hundreds of Apple HLS video files formated and packaged using AWS Elemental MediaConvert, and hosted in Amazon S3 buckets. You are streaming content via HTTPS. After an extended loss of availability due to a regional Amazon S3 outage, you need to optimize your CloudFront distributions using origin groups. Which types of origin servers could you configure as your secondary origins, in case another Amazon S3 outage occurs? (Choose 3 answers)

64 / 75

You must configure a number of CloudWatch alarms to terminate and/or recover EC2 instances based on their performance metrics, and to receive an alert when such an action is triggered. Which of the following services will you need to integrate with CloudWatch to configure the alarms and alerts? (Choose 2 answers)

65 / 75

You are designing monitoring and operation management for your environment on AWS and in the process of deciding which metrics to start with for your monitoring. Which of the following metrics should be included in your initial monitoring plan at a minimum? (Choose 3 answers)

66 / 75

You are working as a Solutions Architect for a healthcare company. You’ve been tasked with creating a Virtual Private Cloud to create a hybrid cloud solution. The cloud environment will need to connect to on-premises applications which can not be migrated to the VPC. Your requirements are to use the most reliable connection with the highest throughput possible. Which option can you use to get the hybrid environment operational to meet these requirements?

67 / 75

You need to change a deployed Elastic Beanstalk environment to provide additional performance for EC2 instances that a client is currently running on their application. To change your instance count for Elastic Beanstalk, select the necessary steps (in any order). (Choose 3 answers)

68 / 75

A scope has been handed to you to set up a super-fast gaming server and you decide that you will use Amazon DynamoDB as your database. For efficient access to data in a table, Amazon DynamoDB creates and maintains indexes for the primary key attributes. A secondary index is a data structure that contains a subset of attributes from a table, along with an alternate key to support Query operations. How many types of secondary indexes does DynamoDB support?

69 / 75

Your team is setting up DynamoDB for a client. You need to explain to them how DynamoDB tables are partitioned. Which calculations are used to determine the number of partitions that will be created? (Choose 2 answers)

70 / 75

An organization has launched five instances: two for production and three for testing. The organization wants a particular group of IAM users to access only the test instances and not the production ones. They want to deploy the instances in various locations based on the factors that will change from time to time, especially in the test group. They expect instances will often be deleted and replaced, especially in the testing group.  This means the five instances they have created now will soon be replaced by a different set of five instances. The members of each group, production, and testing will not change in the foreseeable future.

Given the situation, what choice below is the most efficient and time-saving strategy to define the IAM policy? (Choose 2 answers)

71 / 75

You are migrating your Oracle database using the AWS Database Migration Service. Due to a large amount of data being replicated, you need the replication process to be continuous. What must be changed on your replication instance to use ongoing replication?

72 / 75

You are configuring a new VPC for one of your clients for a cloud migration project, and only a public VPN will be in place. After you created your VPC, you created a new subnet, a new Internet gateway, and attached your internet gateway to your VPC. When you launched your first instance into your VPC, you realized that you aren't able to connect to the instance, even if it is configured with an elastic IP. What should be done to access the instance?

73 / 75

True or False: In Amazon Route 53, you can create a hosted zone for a top-level domain (TLD).

74 / 75

An organization is planning to implement a scalable web application with Amazon EC2. The organization is planning to achieve high availability with Multi-AZ features. A single deployment of your application requires 8 vCPUs and 16 GiB total memory. The application workload is very stable, and does not experience spikes in activity. It is possible to divide the workload across separate instances.

Which configuration is the best choice for high availability, disaster recovery, and cost-effectiveness in this scenario?

75 / 75

Your team is setting up DynamoDB for a client. You need to explain to them how DynamoDB tables are partitioned. Which calculations are used to determine the number of partitions that will be created? (Choose 2 answers)

Your score is

The average score is 2%


Please rate your experience to help us improve !


Previous articleAWS Certified Solutions Architect Associate (SAA02) – Free Practice Tests
Cloud Solutions Architect with more than 10 years of experience in designing & deploying application in multiple cloud platforms. Owner of and tech blogs. Email me if you are interested in writing tech articles.

Leave a Reply