Amazon SOA-C02 Practice Test - Questions Answers, Page 12
List of questions
Question 111
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company monitors its account activity using AWS CloudTrail, and is concerned that some log files are being tampered with after the logs have been delivered to the account's Amazon S3 bucket. Moving forward, how can the SysOps Administrator confirm that the log files have not been modified after being delivered to the S3 bucket?
Explanation:
When you enable log file integrity validation, CloudTrail creates a hash for every log file that it delivers. Every hour, CloudTrail also creates and delivers a file that Reference the log files for the last hour and contains a hash of each. This file is called a digest file. CloudTrail signs each digest file using the private key of a public and private key pair. After delivery, you can use the public key to validate the digest file. CloudTrail uses different key pairs for each AWS regionhttps://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-file-validation- intro.html
Question 112
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company is trying to connect two applications. One application runs in an on-premises data center that has a hostname of host1.onprem.private. The other application runs on an Amazon EC2 instance that has a hostname of host1.awscloud.private. An AWS Site-to-Site VPN connection is in place between the on-premises network and AWS. The application that runs in the data center tries to connect to the application that runs on the EC2 instance, but DNS resolution fails. A SysOps administrator must implement DNS resolution between onpremises and AWS resources. Which solution allows the on-premises application to resolve the EC2 instance hostname?
Explanation:
Reference: https://aws.amazon.com/premiumsupport/knowledge-center/route53-resolve-with-inbound-endpoint/
Question 113
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company uses AWS Organizations to manage multiple AWS accounts with consolidated billing enabled. Organization member account owners want the benefits of Reserved Instances (RIs) but do not want to share RIs with other accounts.
Which solution will meet these requirements?
Question 114
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
An Amazon EC2 instance needs to be reachable from the internet. The EC2 instance is in a subnet with the following route table:
Which entry must a SysOps administrator add to the route table to meet this requirement?
Explanation:
Reference: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html
Question 115
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A SysOps administrator is provisioning an Amazon Elastic File System (Amazon EFS) file system to provide shared storage across multiple Amazon EC2 instances. The instances all exist in the same VPC across multiple Availability
Zones. There are two instances in each Availability Zone. The SysOps administrator must make the file system accessible to each instance with the lowest possible latency.
Which solution will meet these requirements?
Explanation:
Reference: https://docs.aws.amazon.com/efs/latest/ug/accessing-fs.html
Question 116
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A SysOps administrator is investigating why a user has been unable to use RDP to connect over the internet from their home computer to a bastion server running on an Amazon EC2 Windows instance. Which of the following are possible causes of this issue? (Choose two.)
Question 117
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company's customers are reporting increased latency while accessing static web content from Amazon S3 A SysOps administrator observed a very high rate of read operations on a particular S3 bucket What will minimize latency by reducing load on the S3 bucket?
Question 118
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company's SysOps administrator deploys four new Amazon EC2 instances by using the standard Amazon Linux 2 Amazon Machine Image (AMI). The company needs to be able to use AWS Systems Manager to manage the instances The SysOps administrator notices that the instances do not appear in the Systems Manager console What must the SysOps administrator do to resolve this issue?
Question 119
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A SysOps administrator uses AWS Systems Manager Session Manager to connect to instances After the SysOps administrator launches a new Amazon EC2 instance the EC2 instance does not appear in the Session Manager list of systems that are available for connection. The SysOps administrator verities that Systems Manager Agent is installed updated and running on the EC2 instance What is the reason for this issue?
Question 120
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company has an organization in AWS Organizations. The company uses shared VPCs to provide networking resources across accounts A SysOps administrator has been able to successfully launch and manage Amazon EC2 instances in a participant account However the SysOps administrator is now receiving an InstanceLimitExceeded error when the SysOps administrator tries to launch a new EC2 instance What should the SysOps administrator do to resolve this error')
Question