Back to AWS Certified SAP on AWS Specialty PAS-C01 questions

Scenario-based practice

Hard Difficulty Questions

Practise AWS Certified SAP on AWS Specialty PAS-C01 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

20
scenario questions
PAS-C01
exam code
Amazon Web Services
vendor

Scenario guide

How to approach hard difficulty questions

These are the questions most candidates get wrong. They require connecting multiple concepts, reading tricky output, or knowing edge-case behaviour that isn't on most study cards. Practising them trains you to operate under uncertainty — a necessary skill on the real exam.

Quick answer

Hard Difficulty Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related PAS-C01 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1hardmulti select
Read the full NAT/PAT explanation →

A company is using AWS Systems Manager Patch Manager to patch a fleet of EC2 instances. The instances are in a patch group and have the SSM Agent installed. After a patching operation, the operations team notices that some instances did not apply the patches. The instances show a status of 'Failed' in the Patch Manager console. Which TWO steps should the team take to troubleshoot and resolve the issue? (Choose TWO.)

Question 2hardmulti select
Full question →

Which THREE of the following are valid considerations when designing an SAP HANA backup strategy on AWS?

Question 3hardmultiple choice
Review the full subnetting walkthrough →

A company runs a containerized application on Amazon ECS with Fargate launch type. The application needs to access an Amazon RDS database that is in a private subnet. The ECS tasks are also in private subnets. The security group for the RDS instance allows inbound traffic on port 3306 from the security group attached to the ECS tasks. However, the application cannot connect to the database. Which solution should the company implement to resolve this issue?

Question 4hardmultiple choice
Full question →

A company runs a stateful web application on EC2 instances in an Auto Scaling group with a dynamic scaling policy based on CPU utilization. The application maintains session state in memory on each instance. Users report that they are frequently logged out and lose their session data during scaling events. What should the company do to resolve this issue?

Question 5hardmulti select
Full question →

A company is migrating a 10 TB SQL Server database to Amazon RDS for SQL Server using AWS DMS. The migration is taking longer than expected. Which TWO actions can improve the migration speed? (Choose two.)

Question 6hardmultiple choice
Full question →

A company is migrating a multi-tier application to AWS. The application includes a load balancer, web servers, and an Oracle database. The migration plan includes using AWS DMS for the database. During the initial full load, the DMS task fails with an error indicating insufficient memory. The source database is on an EC2 instance with 4 GB RAM. What should the migration team do to resolve this issue?

Question 7hardmultiple choice
Full question →

A company is migrating a critical application to AWS using a lift-and-shift strategy. The application has a legacy licensing model tied to specific hardware IDs. The company has already migrated the application to an Amazon EC2 instance but the license validation fails because the hardware ID changed. What is the MOST cost-effective and least disruptive solution?

Question 8hardmultiple choice
Full question →

A company is migrating a multi-tier application to AWS and wants to ensure high availability. The application has a web tier, application tier, and database tier. The database is currently running on a single on-premises server. Which migration strategy minimizes downtime and provides the HIGHEST availability for the database tier?

Question 9hardmulti select
Full question →

A company is migrating a critical application to AWS using a phased approach. The application uses a custom Linux distribution that is not supported by AWS Application Migration Service. Which THREE steps should the company take to migrate the application? (Choose THREE)

Question 10hardmultiple choice
Full question →

A team is migrating an Oracle database to Amazon RDS for MySQL using AWS DMS with ongoing replication (CDC). The initial load succeeded, but the CDC task fails with the error shown in the exhibit. The source Oracle database is on-premises. Which action should the team take to resolve the issue?

Exhibit

Refer to the exhibit.

Error from AWS DMS task:
"Last Error: Failed to start change data capture for table 'sales.orders'.
Details: The source database is not configured for full supplemental logging. To enable full supplemental logging, run: ALTER DATABASE ADD SUPPLEMENTAL LOG DATA (ALL) COLUMNS;"
Question 11hardmulti select
Full question →

A company is migrating a legacy application to AWS. The application requires a static IP address that does not change during instance stop/start. The application also needs to be highly available across two Availability Zones. Which THREE actions should the company take to meet these requirements?

Question 12hardmulti select
Full question →

A company runs a production web application on EC2 instances behind an ALB. The operations team receives an alert that the application is returning HTTP 503 errors. Which THREE steps should be taken to diagnose the issue?

Question 13hardmultiple choice
Read the full DNS explanation →

A company runs a critical workload on Amazon RDS for PostgreSQL with Multi-AZ. The operations team notices that during a recent failover test, the DNS record updated in about 60 seconds. However, the application experienced a 2-minute downtime because some connections were not re-established quickly. What should the team do to reduce downtime during failover?

Question 14hardmultiple choice
Full question →

A company uses AWS Config to record resource changes and evaluate rules. Recently, the compliance status of an S3 bucket rule changed from COMPLIANT to NON_COMPLIANT. The operations team investigates and finds that the bucket policy was modified. What is the MOST efficient way to identify who made the change and the exact time?

Question 15hardmultiple choice
Full question →

A company runs a critical application on an EC2 instance that uses a large EBS volume for database storage. The volume is not encrypted at rest. To meet compliance requirements, the company must enable encryption on the volume with minimal downtime. Which solution meets these requirements?

Question 16hardmulti select
Full question →

A company runs a web application on Amazon ECS with Fargate launch type. The application's memory utilization spikes periodically, causing tasks to be killed. The operations team wants to automatically scale the service based on memory usage. Which THREE steps are necessary to implement this?

Question 17hardmultiple choice
Full question →

A company uses AWS Lambda functions with reserved concurrency to process messages from an SQS queue. The operations team notices that the Lambda function sometimes throttles, causing messages to remain in the queue. What is the MOST likely cause and solution?

Question 18hardmultiple choice
Full question →

A company uses AWS CloudFormation to manage infrastructure. During an update, a stack fails to roll back and is left in UPDATE_ROLLBACK_FAILED state. The stack contains a DynamoDB table and a Lambda function. The operations team needs to fix the stack with minimal disruption. What should they do?

Question 19hardmultiple choice
Read the full NAT/PAT explanation →

An administrator is migrating an on-premises application to AWS. The application stores persistent data on a separate disk. The administrator launched an EC2 instance as a test and attached an additional EBS volume for the persistent data. The above exhibit shows the block device mapping for the test instance. Later, the administrator terminates the test instance, but the persistent data must be retained. However, after termination, the persistent data volume is also deleted. What is the most likely cause?

Network Topology
$ aws ec2 describe-instancesinstance-ids i-0abcd1234efgh5678query 'Reservations[0].Instances[0].BlockDeviceMappings'Refer to the exhibit."DeviceName": "/dev/xvda","Ebs": {"AttachTime": "2023-08-01T10:00:00.000Z","DeleteOnTermination": true,"Status": "attached","VolumeId": "vol-0a1b2c3d4e5f67890"},"DeviceName": "/dev/sdf","AttachTime": "2023-08-01T11:00:00.000Z","DeleteOnTermination": false,"VolumeId": "vol-0f1e2d3c4b5a67890"
Question 20hardmulti select
Full question →

A company is migrating a large-scale SAP environment to AWS. Which THREE AWS services can be used to optimize storage costs for SAP workloads? (Choose three.)

These PAS-C01 practice questions are part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style PAS-C01 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.