ExamGecko
Login
Home / Amazon / SOA-C02 / List of questions
Ask Question

Amazon SOA-C02 Practice Test - Questions Answers, Page 7

List of questions

Question 61

Report
Export
Collapse

A SysOps administrator has used AWS CloudFormation to deploy a serverless application into a production VPC. The application consists of an AWS Lambda function, an Amazon DynamoDB table, and an Amazon API Gateway API. The SysOps administrator must delete the AWS CloudFormation stack without deleting the DynamoDB table.

Which action should the SysOps administrator take before deleting the AWS CloudFormation stack?

Add a Retain deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
Add a Retain deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
Add a Snapshot deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
Add a Snapshot deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
Enable termination protection on the AWS CloudFormation stack.
Enable termination protection on the AWS CloudFormation stack.
Update the application's IAM policy with a Deny statement for the dynamodb:DeleteTable action.
Update the application's IAM policy with a Deny statement for the dynamodb:DeleteTable action.
Suggested answer: A
asked 16/09/2024
Sebrena Adkins
42 questions

Question 62

Report
Export
Collapse

A company is running a serverless application on AWS Lambda. The application stores data in an Amazon RDS for MySQL DB instance. Usage has steadily increased, and recently there have been numerous "too many connections" errors when the Lambda function attempts to connect to the database. The company already has configured the database to use the maximum max_connections value that is possible. What should a SysOps administrator do to resolve these errors?

Create a read replica of the database. Use Amazon Route 53 to create a weighted DNS record that contains both databases.
Create a read replica of the database. Use Amazon Route 53 to create a weighted DNS record that contains both databases.
Use Amazon RDS Proxy to create a proxy. Update the connection string in the Lambda function.
Use Amazon RDS Proxy to create a proxy. Update the connection string in the Lambda function.
Increase the value in the max_connect_errors parameter in the parameter group that the database uses.
Increase the value in the max_connect_errors parameter in the parameter group that the database uses.
Update the Lambda function's reserved concurrency to a higher value.
Update the Lambda function's reserved concurrency to a higher value.
Suggested answer: A
asked 16/09/2024
Ricardo Rodrigues
26 questions

Question 63

Report
Export
Collapse

A company has multiple Amazon EC2 instances that run a resource-intensive application in a development environment. A SysOps administrator is implementing a solution to stop these EC2 instances when they are not in use. Which solution will meet this requirement?

Assess AWS CloudTrail logs to verify that there is no EC2 API activity. Invoke an AWS lambda function to stop the EC2 instances.
Assess AWS CloudTrail logs to verify that there is no EC2 API activity. Invoke an AWS lambda function to stop the EC2 instances.
Create an Amazon CloudWatch alarm to stop the EC2 instances when the average CPU utilization is lower than 5% for a 30-minute period.
Create an Amazon CloudWatch alarm to stop the EC2 instances when the average CPU utilization is lower than 5% for a 30-minute period.
Create an Amazon CloudWatch metric to stop the EC2 instances when the VolumeReadBytes metric is lower than 500 for a 30-minute period.
Create an Amazon CloudWatch metric to stop the EC2 instances when the VolumeReadBytes metric is lower than 500 for a 30-minute period.
Use AWS Config to invoke an AWS Lambda function to stop the EC2 instances based on resource configuration changes.
Use AWS Config to invoke an AWS Lambda function to stop the EC2 instances based on resource configuration changes.
Suggested answer: A
asked 16/09/2024
Sergio Monsegur Torralba
31 questions

Question 64

Report
Export
Collapse

A company uses Amazon Elasticsearch Service (Amazon ES) to analyze sales and customer usage data. Members of the company's geographically dispersed sales team are traveling. They need to log in to Kibana by using their existing corporate credentials that are stored in Active Directory. The company has deployed Active Directory Federation Services (AD FS) to enable authentication to cloud services. Which solution will meet these requirements?

Configure Active Directory as an authentication provider in Amazon ES. Add the Active Directory server's domain name to Amazon ES. Configure Kibana to use Amazon ES authentication.
Configure Active Directory as an authentication provider in Amazon ES. Add the Active Directory server's domain name to Amazon ES. Configure Kibana to use Amazon ES authentication.
Deploy an Amazon Cognito user pool. Configure Active Directory as an external identity provider for the user pool. Enable Amazon Cognito authentication for Kibana on Amazon ES.
Deploy an Amazon Cognito user pool. Configure Active Directory as an external identity provider for the user pool. Enable Amazon Cognito authentication for Kibana on Amazon ES.
Enable Active Directory user authentication in Kibana. Create an IP-based custom domain access policy in Amazon ES that includes the Active Directory server's IP address.
Enable Active Directory user authentication in Kibana. Create an IP-based custom domain access policy in Amazon ES that includes the Active Directory server's IP address.
Establish a trust relationship with Kibana on the Active Directory server. Enable Active Directory user authentication in Kibana. Add the Active Directory server's IP address to Kibana.
Establish a trust relationship with Kibana on the Active Directory server. Enable Active Directory user authentication in Kibana. Add the Active Directory server's IP address to Kibana.
Suggested answer: B

Explanation:

Reference: https://aws.amazon.com/blogs/security/how-to-enable-secure-access-to-kibana-using-aws-single-sign-on/

Amazon SOA-C02 image Question 64 explanation 8099 09162024010005000000

asked 16/09/2024
Flamur Kapaj
44 questions

Question 65

Report
Export
Collapse

A company wants to track its expenditures for Amazon EC2 and Amazon RDS within AWS. The company decides to implement more rigorous tagging requirements for resources in its AWS accounts. A SysOps administrator needs to identify all noncompliant resources.

What is the MOST operationally efficient solution that meets these requirements?

Create a rule in Amazon EventBridge (Amazon CloudWatch Events) that invokes a custom AWS Lambda function that will evaluate all created or updated resources for the specified tags.
Create a rule in Amazon EventBridge (Amazon CloudWatch Events) that invokes a custom AWS Lambda function that will evaluate all created or updated resources for the specified tags.
Create a rule in AWS Config that invokes a custom AWS Lambda function that will evaluate all resources for the specified tags.
Create a rule in AWS Config that invokes a custom AWS Lambda function that will evaluate all resources for the specified tags.
Create a rule in AWS Config with the required-tags managed rule to evaluate all resources for the specified tags.
Create a rule in AWS Config with the required-tags managed rule to evaluate all resources for the specified tags.
Create a rule in Amazon EventBridge (Amazon CloudWatch Events) with a managed rule to evaluate all created or updated resources for the specified tags.
Create a rule in Amazon EventBridge (Amazon CloudWatch Events) with a managed rule to evaluate all created or updated resources for the specified tags.
Suggested answer: C

Explanation:

Reference: https://docs.aws.amazon.com/config/latest/developerguide/required-tags.html

Amazon SOA-C02 image Question 65 explanation 8100 09162024010005000000

asked 16/09/2024
Alper Atar
43 questions

Question 66

Report
Export
Collapse


A company has a stateless application that runs on four Amazon EC2 instances. The application requires four instances at all times to support all traffic. A SysOps administrator must design a highly available, fault-tolerant architecture that continually supports all traffic if one Availability Zone becomes unavailable.

Which configuration meets these requirements?

Deploy two Auto Scaling groups in two Availability Zones with a minimum capacity of two instances in each group.
Deploy two Auto Scaling groups in two Availability Zones with a minimum capacity of two instances in each group.
Deploy an Auto Scaling group across two Availability Zones with a minimum capacity of four instances.
Deploy an Auto Scaling group across two Availability Zones with a minimum capacity of four instances.
Deploy an Auto Scaling group across three Availability Zones with a minimum capacity of four instances.
Deploy an Auto Scaling group across three Availability Zones with a minimum capacity of four instances.
Deploy an Auto Scaling group across three Availability Zones with a minimum capacity of six instances.
Deploy an Auto Scaling group across three Availability Zones with a minimum capacity of six instances.
Suggested answer: C
asked 16/09/2024
Ronald DeCastro
32 questions

Question 67

Report
Export
Collapse

The security team is concerned because the number of AWS Identity and Access Management (IAM) policies being used in the environment is increasing. The team tasked a SysOps administrator to report on the current number of IAM policies in use and the total available IAM policies.

Which AWS service should the administrator use to check how current IAM policy usage compares to current service limits?

AWS Trusted Advisor
AWS Trusted Advisor
Amazon Inspector
Amazon Inspector
AWS Config
AWS Config
AWS Organizations
AWS Organizations
Suggested answer: A

Explanation:

Reference: https://docs.aws.amazon.com/awssupport/latest/user/trusted-advisor-check-reference.html#iam-policies

asked 16/09/2024
laurence peterson
42 questions

Question 68

Report
Export
Collapse

A SysOps administrator is responsible for a legacy, CPU-heavy application. The application can only be scaled vertically. Currently, the application is deployed on a single t2. large Amazon EC2 instance. The system is showing 90% CPU usage and significant performance latency after a few minutes. What change should be made to alleviate the performance problem?

Change the Amazon EBS volume to Provisioned IOPs.
Change the Amazon EBS volume to Provisioned IOPs.
Upgrade to a compute-optimized instance.
Upgrade to a compute-optimized instance.
Add additional t2.large instances to the application.
Add additional t2.large instances to the application.
Purchase Reserved Instances
Purchase Reserved Instances
Suggested answer: B
asked 16/09/2024
Memo Albah
24 questions

Question 69

Report
Export
Collapse

A company has launched a social media website that gives users the ability to upload images directly to a centralized Amazon S3 bucket. The website is popular in areas that are geographically distant from the AWS Region where the S3 bucket is located. Users are reporting that uploads are slow. A SysOps administrator must improve the upload speed. What should the SysOps administrator do to meet these requirements?

Create S3 access points in Regions that are closer to the users.
Create S3 access points in Regions that are closer to the users.
Create an accelerator in AWS Global Accelerator for the S3 bucket.
Create an accelerator in AWS Global Accelerator for the S3 bucket.
Enable S3 Transfer Acceleration on the S3 bucket.
Enable S3 Transfer Acceleration on the S3 bucket.
Enable cross-origin resource sharing (CORS) on the S3 bucket.
Enable cross-origin resource sharing (CORS) on the S3 bucket.
Suggested answer: A
asked 16/09/2024
Mercedes Gonzalez Riera
39 questions

Question 70

Report
Export
Collapse

A company is testing Amazon Elasticsearch Service (Amazon ES) as a solution for analyzing system logs from a fleet of Amazon EC2 instances. During the test phase, the domain operates on a singlenode cluster. A SysOps administrator needs to transition the test domain into a highly available production-grade deployment.

Which Amazon ES configuration should the SysOps administrator use to meet this requirement?

Use a cluster of four data nodes across two AWS Regions. Deploy four dedicated master nodes in each Region.
Use a cluster of four data nodes across two AWS Regions. Deploy four dedicated master nodes in each Region.
Use a cluster of six data nodes across three Availability Zones. Use three dedicated master nodes.
Use a cluster of six data nodes across three Availability Zones. Use three dedicated master nodes.
Use a cluster of six data nodes across three Availability Zones. Use six dedicated master nodes.
Use a cluster of six data nodes across three Availability Zones. Use six dedicated master nodes.
Use a cluster of eight data nodes across two Availability Zones. Deploy four master nodes in a failover AWS Region.
Use a cluster of eight data nodes across two Availability Zones. Deploy four master nodes in a failover AWS Region.
Suggested answer: B
asked 16/09/2024
Mustafa Hussien
41 questions
Total 450 questions
Go to page: of 45
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The company needs a shared file solution for EC2 Windows instances in a Multi-AZ deployment that uses native Windows storage capabilities and maximizes consistency.
After creating a presigned URL for an S3 object, users can no longer access the file after a few days.
A company has an AWS Site-to-Site VPN connection between on-premises resources and resources that are hosted in a VPC. A SysOps administrator launches an Amazon EC2 instance that has only a private IP address into a private subnet in the VPC. The EC2 instance runs Microsoft Windows Server. A security group for the EC2 instance has rules that allow inbound traffic from the on-premises network over the VPN connection. The on-premises environment contains a third-party network firewall. Rules in the third-party network firewall allow Remote Desktop Protocol (RDP) traffic to flow between the on-premises users over the VPN connection. The on-premises users are unable to connect to the EC2 instance and receive a timeout error. What should the SysOps administrator do to troubleshoot this issue?
The SysOps administrator needs to complete the KMS key policy for least privilege read access for the DataEngineer role to decrypt S3 objects encrypted with a KMS key.
The SysOps administrator needs to deploy auditing software on all existing and new EC2 instances across multiple Regions, using AWS Systems Manager.
A company recently migrated its application to a VPC on AWS. An AWS Site-to-Site VPN connection connects the company's on-premises network to the VPC. The application retrieves customer data from another system that resides on premises. The application uses an on-premises DNS server to resolve domain records. After the migration, the application is not able to connect to the customer data because of name resolution errors. Which solution will give the application the ability to resolve the internal domain names?
A SysOps administrator is responsible for a legacy, CPU-heavy application. The application can only be scaled vertically. Currently, the application is deployed on a single t2. large Amazon EC2 instance. The system is showing 90% CPU usage and significant performance latency after a few minutes. What change should be made to alleviate the performance problem?
A SysOps administrator needs to share a new AMI with all accounts within an organization managed through AWS Organizations.
ASysOps administrator configures an application to run on Amazon EC2 instances behind an Application Load Balancer (ALB) in a simple scaling Auto Scaling group with the default settings. The Auto Scaling group is configured to use the RequestCountPerTarget metric for scaling. The SysOps administrator notices that the RequestCountPerTarget metric exceeded the specified limit twice in 180 seconds. How will the number of EC2 instances in this Auto Scaling group be affected in this scenario?
A SysOps administrator needs EC2 instances in a VPC to resolve DNS names for hosts in an on-premises data center.