ANSWERED: Amazon Web Services (AWS) Certified Solutions Architect (CSA) – Associate Level, Sample Exam Questions (SAA-C00)

There are many posts with various accounts from the AWS CSA exam, so I will try to keep mine concise and to the point. The exam requires a foundational understanding of all AWS services. Questions are situational and focused on technical nuances. Rather than a test of deep systems architecture, it is largely a test of your familiarity with the AWS product ecosystem.

Historical Perspective: This post reflects the original SAA-C00 exam version. I originally passed on March 11, 2014, and completed the recertification on July 30, 2015. While concepts like S3 and EC2 are evergreen, modern exams like SAA-C03 now prioritize serverless and managed services.

My studies began with the sample exam questions provided by AWS. Since AWS does not provide the answers to those samples, I've documented my research and answers for them below.

Sample Exam Question Deep Dive

  1. Amazon Glacier is designed for (Choose 2 answers)

    • Answer(s): B - Infrequently accessed data, C - Data archives.
    • Explanation: Glacier is an archival storage service. You are charged for data retrieval, so it's intended for data you don't expect to need more than once a month.

  2. If an instance fails a health check behind an ELB, what happens?

    • Answer(s): C - The ELB stops sending traffic to the instance that failed its health check.
    • Explanation: ELBs dynamically forward traffic only to healthy instances. Once a failure is detected, the ELB pulls the instance out of the rotation until it passes again.

  3. How can you serve confidential training videos in S3 via CloudFront without making S3 public?

    • Answer(s): A - Create an Origin Access Identity (OAI) for CloudFront and grant it access to the S3 objects.
    • Explanation: An OAI acts as a virtual user for your CloudFront distribution. By granting access to the OAI and blocking public access to the bucket, you ensure users must go through CloudFront.

  4. What occurs when an EC2 instance in a VPC with an Elastic IP is stopped and started? (Choose 2 answers)

    • Answer(s): B - All data on instance-store devices will be lost; E - The underlying host for the instance is changed.
    • Explanation: Because instance storage is physically attached to the host, that data is volatile. Stopping the instance releases the hardware reservation; starting it again provisions it on a new physical host.

  5. In the basic monitoring package for EC2, what metrics does CloudWatch provide?

    • Answer(s): D - Hypervisor visible metrics such as CPU utilization.
    • Explanation: AWS respects the guest OS boundary. Without an agent installed, CloudWatch can only see what the hypervisor sees—like CPU, Disk I/O, and Network I/O.

Reference: For the latest exam requirements, visit the Official AWS CSA Certification Page.

Labels: , , , , ,

Author’s Note: This article reflects my personal professional experience and opinions. While my insights are informed by my professional history, these views are my own and do not represent the official position of my former employer.

About the Author: Jacob Marks is an engineering leader with over 20 years of experience, including a decade at Amazon Web Services (AWS) where he led teams in EC2 Core Platform and the development of the AWS Payment Cryptography service.

Labels

.NET .NET 10 .NET 3.5 Active Directory AD DS Adoption AI AI coding AI Ethics AI Hype Alerts Amazon Cognito Amazon DLM Amazon Q Anthropic AppDomain Architecture Artificial Intelligence Asia Pacific Sydney ASP.net ASPxGridView Audit Readiness Auto Recovery Automation AWS AWS Certified AWS Lambda AWS Payment Cryptography AWS SDK AWS Security Specialty Azure Azure DevOps Server Backup BIG-IP C# Career Growth Cartes Bancaires CB Certificate Bundle Certification Claude Cloud Cloud Certification Cloud Hosting Cloud Security CloudWatch CLR Content Query Cost Optimization Credentials CyberChef Database Defense Industry Deloitte Developer Tools Developers DevEx DevExpress DevOps DISA Disk Space DISM Distributed Systems DoD DoD CC SRG DUKPT EBS EC2 Engineering Engineering Leadership Engineering Management EnPasFltV2 Enterprise Event Receiver Exam F5 Federal IT FedRAMP Fintech FISMA GAC Generative AI GitHub gMSA GovCloud Government Compliance GridView Hardware Security Modules HSM IAM Identity Management IIS Infra Infrastructure as Code IT Tools Jacob Marks JavaScript jQuery Lambda Leadership Linqpad LLM lsass.exe LTM Memory Optimization Mentorship Microsoft Migration Multi-Region Keys NACL Native AOT Network Architecture Networking NIST ODBC Open Source Payment Cryptography Payments PCI Compliance Performance Platform Platform Architecture Power Tools PowerShell Python re:Invent Reachability Analyzer Redshift Relationships List Replace Root Volume SAA-C00 SAP-C00 Security Security Group Serverless SES SharePoint SharePoint 2010 Site Reliability SMTP Snapshot Software Engineering Solutions Architect Solutions Architect Professional SP 2007 SPAWAR SSL STIG Storage Strategy Sydney SysAdmin Team Foundation Server Team Utilities Tech Industry Technical Depth Technology TFS Tools Troubleshooting Upgrade Visual Studio VPC VPC Flow Logs Web Development WebPart WinDirStat Windows Server Windows Server 2025 WinForms