Back to AWS Certified Solutions Architect Professional SAP-C02 questions

Scenario-based practice

Select Two (Multi-Select) Questions

Practise AWS Certified Solutions Architect Professional SAP-C02 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

20
scenario questions
SAP-C02
exam code
Amazon Web Services
vendor

Scenario guide

How to approach select two (multi-select) questions

Multi-select questions tell you to 'Choose TWO' or 'Choose THREE'. Getting partial credit is not a thing — you must select all correct answers with no incorrect ones. The stem always states how many to choose, so trust it. These questions require precision, not best-guess elimination.

Quick answer

Select Two (Multi-Select) Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related SAP-C02 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1mediummulti select
Full question →

A company is implementing AWS Control Tower to manage a multi-account environment. The security team needs to ensure that all accounts in the organization follow the principle of least privilege for IAM roles. Which TWO actions should the team take?

Question 2mediummulti select
Full question →

A company is using AWS Organizations with multiple accounts. The central IT team wants to deploy a set of common VPCs in each account using AWS CloudFormation StackSets. The StackSets must be managed from the management account. Which THREE permissions are required for the StackSets to successfully deploy stacks into member accounts?

Question 3mediummulti select
Full question →

A company is designing a new application that will process sensitive financial data. They need to ensure encryption at rest and in transit. Which of the following should they use? (Select TWO.)

Question 4easymulti select
Full question →

A company is using AWS Organizations with multiple accounts. The security team wants to ensure that all Amazon S3 buckets across the organization are encrypted at rest. Which TWO steps should the security team take to enforce this requirement?

Question 5easymulti select
Full question →

A company is using an AWS Lambda function to process records from an Amazon Kinesis stream. The function stores results in an Amazon DynamoDB table. The team notices that the Lambda function sometimes fails due to throttling from DynamoDB. Which TWO actions should the team take to improve the continuous processing of records? (Choose TWO.)

Question 6mediummulti select
Full question →

A company is migrating a multi-tier application to AWS and wants to modernize by using containers and serverless technologies. The application consists of a Node.js frontend, a Java backend, and a PostgreSQL database. The company wants to reduce operational overhead and improve scalability. Which TWO strategies should the company use? (Choose two.)

Question 7hardmulti select
Full question →

A company has multiple AWS accounts managed via AWS Organizations. The security team wants to restrict the use of specific instance types across all accounts. Which TWO methods can be used to enforce this restriction?

Question 8easymulti select
Full question →

A company is migrating to a multi-account AWS environment using AWS Control Tower. The security team must ensure that all accounts have AWS Config enabled and that logs are delivered to a central S3 bucket. Which THREE steps should the security team take?

Question 9mediummulti select
Full question →

A company is designing a new application on AWS that requires a highly available and scalable web tier. The web servers must be stateless and scale automatically based on CPU utilization. Which TWO actions should the company take to meet these requirements?

Question 10mediummulti select
Read the full NAT/PAT explanation →

A company is designing a disaster recovery solution for a critical application that runs on Amazon EC2 instances in a single AWS Region. The application uses an Amazon RDS for MySQL database. The recovery time objective (RTO) is 1 hour and the recovery point objective (RPO) is 15 minutes. Which combination of steps should the company take to meet these requirements? (Choose THREE.)

Question 11hardmulti select
Read the full NAT/PAT explanation →

A company is designing a serverless data processing pipeline using AWS Step Functions, AWS Lambda, and Amazon DynamoDB. The pipeline must process incoming JSON records from an Amazon Kinesis Data Stream. Each record must be processed exactly once and in order. The company expects a throughput of up to 1,000 records per second. Which combination of services and configurations should the company use to meet these requirements? (Choose TWO.)

Question 12hardmulti select
Full question →

A company is designing a new containerized application on Amazon EKS. The application must be able to access secrets (e.g., database credentials) securely. The company requires that secrets be automatically rotated and audited. Which THREE actions should the company take to meet these requirements?

Question 13hardmulti select
Read the full NAT/PAT explanation →

A company is deploying a microservices architecture on Amazon ECS with Fargate. They need to enable service-to-service communication with mutual TLS (mTLS) and service discovery. Which combination of services should they use? (Select THREE.)

Question 14mediummulti select
Full question →

A company is running a critical application on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. The application needs to process a large batch job that runs once per month and takes 2 hours. The company wants to optimize costs while ensuring the batch job has sufficient capacity. Which THREE steps should a solutions architect recommend?

Question 15mediummulti select
Full question →

A company is running a web application on EC2 instances in an Auto Scaling group behind an ALB. The application uses an Amazon RDS for MySQL database. Recently, the application has become slow, and the operations team identifies that the database is the bottleneck due to a high number of read queries. Which TWO actions should a solutions architect take to improve read performance? (Choose two.)

Question 16hardmulti select
Full question →

A company is deploying a new application on AWS and wants to implement a least-privilege IAM policy for an EC2 instance that needs to read from an S3 bucket (my-bucket) and write logs to CloudWatch Logs. Which THREE statements should be included in the IAM policy? (Choose three.)

Question 17mediummulti select
Full question →

An e-commerce company runs its application on Amazon EC2 instances behind an Application Load Balancer (ALB). The application uses an Amazon Aurora MySQL DB cluster with one writer and two reader instances. During a sales event, the database CPU utilization is high, and read replicas show high replica lag. The company needs to improve the read scalability and reduce replica lag. Which THREE actions should the company take? (Choose THREE.)

Question 18hardmulti select
Full question →

A company is planning to modernize a legacy Java application that runs on a single on-premises server. The application uses a proprietary file-based storage system. The company wants to migrate to AWS with the following goals: reduce operational overhead, improve availability, and minimize code changes. Which THREE strategies should the company use? (Choose three.)

Question 19mediummulti select
Full question →

A company is planning to migrate a legacy application to AWS. The application runs on a single server with a monolithic architecture and uses an Oracle database. The migration team wants to reduce licensing costs and improve scalability. Which TWO strategies should the team consider?

Question 20hardmulti select
Full question →

A company is migrating a large e-commerce platform to AWS using a lift-and-shift approach. The application consists of a web tier, application tier, and a MySQL database. After migration, users report intermittent slow page loads. The operations team notices high CPU utilization on the application tier instances. Which THREE steps should the team take to address the performance issues?

These SAP-C02 practice questions are part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style SAP-C02 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.