Home / cloud-computing / AWS Certified SysOps Administrator - Associate / Cheat Sheet
AWS Certified SysOps Administrator - Associate· Exam reference card · 2026 · Edureify AI
AWS Certified SysOps Administrator - Associate

AWS Certified SysOps Administrator - Associate Cheat Sheet

AWS SysOps (SOA-C02) Tests Operational Judgment, Not Just Configuration Knowledge

The exam tests whether you can monitor, troubleshoot, and optimize AWS workloads in production — not just deploy them.

Check Your Readiness →
Among the harder certs
Avg: Approximately 62–67%
Pass: 750 / 1000
Most candidates understand AWS Certified SysOps Administrator - Associate concepts — and still fail. This exam tests how you apply knowledge under pressure.
Core Framework

SOA-C02 Operational Decision Framework

SOA-C02 includes a hands-on exam component (lab tasks) in addition to multiple-choice questions. Operational troubleshooting scenarios dominate — you need to diagnose failures from CloudWatch metrics and logs, not just know what services exist.

  1. 01
    Monitoring & Reporting — CloudWatch metrics, alarms, dashboards, and log analysis
  2. 02
    Reliability — Multi-AZ, Auto Scaling, backup, and disaster recovery
  3. 03
    Performance — Right-sizing, caching, and network optimization
  4. 04
    Security — IAM policies, Security Hub, GuardDuty, and Config rules
  5. 05
    Cost — Reserved Instances, Spot, rightsizing, and Cost Explorer
  6. 06
    Automation — CloudFormation, Systems Manager, and operational runbooks
Scenario Traps

Wrong instinct vs correct approach

An EC2 instance is not accessible via SSH
✕ Wrong instinct

Rebuild the instance from an AMI

✓ Correct approach

Diagnose systematically: check Security Group inbound rules (port 22), NACL rules, route table (IGW attached), instance state, and key pair — SSH access issues are almost always configuration, not hardware

Application performance degrades at predictable peak times
✕ Wrong instinct

Upgrade to a larger EC2 instance type

✓ Correct approach

Implement scheduled or target-tracking Auto Scaling to match capacity to demand; upgrading instance size is more expensive and doesn't scale down during off-peak hours

Cost anomalies are detected in the monthly AWS bill
✕ Wrong instinct

Manually review all services in the console

✓ Correct approach

Use Cost Explorer with cost allocation tags to identify anomalies by service, account, or tag; set AWS Budgets alerts for threshold-based notifications going forward

Quick Rules

Know these cold

  • CloudWatch Metrics = numerical data; CloudWatch Logs = text/event data
  • Systems Manager replaces SSH/RDP for operational access — use SSM Session Manager
  • AMIs for instance replication; EBS snapshots for data backup — don't confuse these
  • Auto Scaling target tracking is the default; step scaling for more precise control
  • EC2 connectivity diagnosis — G → NACL → Route Table → IGW → IAM
  • AWS Config tracks configuration compliance; GuardDuty detects threats; Security Hub aggregates both
  • Patch Manager (SSM) automates OS patching — don't manage patches manually at scale
Self Check

Can you answer these without checking your notes?

In this scenario: "An EC2 instance is not accessible via SSH" — what should you do first?
Diagnose systematically: check Security Group inbound rules (port 22), NACL rules, route table (IGW attached), instance state, and key pair — SSH access issues are almost always configuration, not hardware
In this scenario: "Application performance degrades at predictable peak times" — what should you do first?
Implement scheduled or target-tracking Auto Scaling to match capacity to demand; upgrading instance size is more expensive and doesn't scale down during off-peak hours
In this scenario: "Cost anomalies are detected in the monthly AWS bill" — what should you do first?
Use Cost Explorer with cost allocation tags to identify anomalies by service, account, or tag; set AWS Budgets alerts for threshold-based notifications going forward
Failure Patterns

Common Exam Mistakes — What candidates get wrong

Confusing CloudWatch Metrics with CloudWatch Logs

CloudWatch Metrics are numerical performance data (CPU utilization, request count). CloudWatch Logs are text-based log data from applications and AWS services. They require different analysis approaches and tools.

Misidentifying the correct Auto Scaling policy type

Target tracking policies maintain a specific metric value (e.g., 70% CPU). Step scaling responds to specific thresholds with defined scaling actions. Simple scaling has a cooldown period. Target tracking is the recommended default for most use cases.

Treating AMIs as backups for EC2 data recovery

AMIs capture the root volume snapshot and configuration — they're for instance replication, not data backup. For data backup, use EBS snapshots (for volumes) or AWS Backup. Using AMIs for data recovery is architecturally incorrect.

Misdiagnosing EC2 connectivity failures

EC2 connectivity issues require systematic diagnosis: Security Group rules, NACL rules, route tables, Internet Gateway attachment, and IAM permissions — in that order. Candidates jump to security groups when the issue may be the route table or IGW.

Not understanding Systems Manager's role in instance management

Systems Manager (SSM) is the correct tool for running commands, patching, and managing EC2 instances without SSH or RDP access. Candidates who reach for direct instance access miss the operational best practice.

SysOps tests operational instincts, not configuration memory. Test whether you can troubleshoot AWS in production.

Start Diagnostic Test → View all exams