ExamGecko
Home / Amazon / SOA-C02 / List of questions
Ask Question

Amazon SOA-C02 Practice Test - Questions Answers, Page 14

List of questions

Question 131

Report
Export
Collapse

A development team recently deployed a new version of a web application to production. After the release penetration testing revealed a cross-site scripting vulnerability that could expose user data. Which AWS service will mitigate this issue?

AWS Shield Standard
AWS Shield Standard
AWS WAF
AWS WAF
Elastic Load Balancing
Elastic Load Balancing
Amazon Cognito
Amazon Cognito
Suggested answer: B
asked 16/09/2024
Pablo Hilario
38 questions

Question 132

Report
Export
Collapse

A SysOps administrator must configure a resilient tier of Amazon EC2 instances for a high performance computing (HPC) application. The HPC application requires minimum latency between nodes Which actions should the SysOps administrator take to meet these requirements? (Select TWO.)

Create an Amazon Elastic File System (Amazon EPS) file system Mount the file system to the EC2 instances by using user data
Create an Amazon Elastic File System (Amazon EPS) file system Mount the file system to the EC2 instances by using user data
Create a Multi-AZ Network Load Balancer in front of the EC2 instances
Create a Multi-AZ Network Load Balancer in front of the EC2 instances
Place the EC2 instances in an Auto Scaling group within a single subnet
Place the EC2 instances in an Auto Scaling group within a single subnet
Launch the EC2 instances into a cluster placement group
Launch the EC2 instances into a cluster placement group
Launch the EC2 instances into a partition placement group
Launch the EC2 instances into a partition placement group
Suggested answer: A, D
asked 16/09/2024
AN KANGWOOK
46 questions

Question 133

Report
Export
Collapse

A SysOps administrator is unable to authenticate an AWS CLI call to an AWS service Which of the following is the cause of this issue?

The IAM password is incorrect
The IAM password is incorrect
The server certificate is missing
The server certificate is missing
The SSH key pair is incorrect
The SSH key pair is incorrect
There is no access key
There is no access key
Suggested answer: C
asked 16/09/2024
Grant Taylor
58 questions

Question 134

Report
Export
Collapse

A company is expanding its use of AWS services across its portfolios The company wants to provision AWS accounts for each team to ensure a separation of business processes for security compliance and billing Account creation and bootstrapping should be completed m a scalable and efficient way so new accounts are created with a defined baseline and governance guardrails in place A SysOps administrator needs to design a provisioning process that saves time and resources Which action should be taken to meet these requirements?

Automate using AWS Elastic Beanstalk to provision the AWS accounts set up infrastructure and integrate with AWS Organizations
Automate using AWS Elastic Beanstalk to provision the AWS accounts set up infrastructure and integrate with AWS Organizations
Create bootstrapping scripts in AWS OpsWorks and combine them with AWS CloudFormation templates to provision accounts and infrastructure
Create bootstrapping scripts in AWS OpsWorks and combine them with AWS CloudFormation templates to provision accounts and infrastructure
Use AWS Config to provision accounts and deploy instances using AWS Service Catalog
Use AWS Config to provision accounts and deploy instances using AWS Service Catalog
Use AWS Control Tower to create a template in Account Factory and use the template to provision new accounts
Use AWS Control Tower to create a template in Account Factory and use the template to provision new accounts
Suggested answer: D
asked 16/09/2024
Angela Stevens
59 questions

Question 135

Report
Export
Collapse

A SysOps administrator is unable to launch Amazon EC2 instances into a VPC because there are no available private IPv4 addresses in the VPC. Which combination of actions must the SysOps administrator take to launch the instances? (Select TWO.)

Associate a secondary IPv4 CIDR block with the VPC
Associate a secondary IPv4 CIDR block with the VPC
Associate a primary IPv6 CIDR block with the VPC
Associate a primary IPv6 CIDR block with the VPC
Create a new subnet for the VPC
Create a new subnet for the VPC
Modify the CIDR block of the VPC
Modify the CIDR block of the VPC
Modify the CIDR block of the subnet that is associated with the instances
Modify the CIDR block of the subnet that is associated with the instances
Suggested answer: A, D
asked 16/09/2024
Jessy Kevin NGANE OBAME
32 questions

Question 136

Report
Export
Collapse

A SysOps administrator needs to develop a solution that provides email notification and inserts a record into a database every time a file is put into an Amazon S3 bucket. What is the MOST operationally efficient solution that meets these requirements?

Set up an S3 event notification that targets an Amazon Simple Notification Service (Amazon SNS) topic Create two subscriptions for the SNS topic Use one subscription to send the email notification Use the other subscription to invoke an AWS Lambda function that inserts the record into the database
Set up an S3 event notification that targets an Amazon Simple Notification Service (Amazon SNS) topic Create two subscriptions for the SNS topic Use one subscription to send the email notification Use the other subscription to invoke an AWS Lambda function that inserts the record into the database
Set up an Amazon CloudWatch alarm that enters ALARM state whenever an object is created in the S3 bucket Configure the alarm to invoke an AWS Lambda (unction that sends the email notification and inserts the record into the database
Set up an Amazon CloudWatch alarm that enters ALARM state whenever an object is created in the S3 bucket Configure the alarm to invoke an AWS Lambda (unction that sends the email notification and inserts the record into the database
Create an AWS Lambda function to send the email notification and insert the record into the database whenever a new object is detected in the S3 bucket invoke the function every minute with an Amazon EventBridge (Amazon CloudWatch Events) scheduled rule
Create an AWS Lambda function to send the email notification and insert the record into the database whenever a new object is detected in the S3 bucket invoke the function every minute with an Amazon EventBridge (Amazon CloudWatch Events) scheduled rule
Set up two S3 event notifications Target a separate AWS Lambda function with each notification Configure one function to send the email notification Configure the other function to insert the record into the database
Set up two S3 event notifications Target a separate AWS Lambda function with each notification Configure one function to send the email notification Configure the other function to insert the record into the database
Suggested answer: C
asked 16/09/2024
Solange Castro
32 questions

Question 137

Report
Export
Collapse

A company needs to upload gigabytes of files every day. The company need to achieve higher throughput and upload speeds to Amazon S3 Which action should a SysOps administrator take to meet this requirement?

Create an Amazon CloudFront distribution with the GET HTTP method allowed and the S3 bucketas an origin.
Create an Amazon CloudFront distribution with the GET HTTP method allowed and the S3 bucketas an origin.
Create an Amazon ElastiCache duster and enable caching for the S3 bucket
Create an Amazon ElastiCache duster and enable caching for the S3 bucket
Set up AWS Global Accelerator and configure it with the S3 bucket
Set up AWS Global Accelerator and configure it with the S3 bucket
Enable S3 Transfer Acceleration and use the acceleration endpoint when uploading files
Enable S3 Transfer Acceleration and use the acceleration endpoint when uploading files
Suggested answer: D

Explanation:

Enable Amazon S3 Transfer Acceleration Amazon S3 Transfer Acceleration can provide fast and secure transfers over long distances between your client and Amazon S3. Transfer Acceleration uses Amazon CloudFront's globally distributed edge locations.

https://aws.amazon.com/premiumsupport/knowledge-center/s3-upload-large-files/

asked 16/09/2024
Timothy Smith
38 questions

Question 138

Report
Export
Collapse

A company requires that all IAM user accounts that have not been used for 90 days or more must have their access keys and passwords immediately disabled A SysOps administrator must automate the process of disabling unused keys using the MOST operationally efficient method.

How should the SysOps administrator implement this solution?

Create an AWS Step Functions workflow to identify IAM users that have not been active for 90 days Run an AWS Lambda function when a scheduled Amazon EventBridge (Amazon CloudWatch Events) rule is invoked to automatically remove the AWS access keys and passwords for these IAM users
Create an AWS Step Functions workflow to identify IAM users that have not been active for 90 days Run an AWS Lambda function when a scheduled Amazon EventBridge (Amazon CloudWatch Events) rule is invoked to automatically remove the AWS access keys and passwords for these IAM users
Configure an AWS Config rule to identify IAM users that have not been active for 90 days Set up an automatic weekly batch process on an Amazon EC2 instance to disable the AWS access keys and passwords for these IAM users
Configure an AWS Config rule to identify IAM users that have not been active for 90 days Set up an automatic weekly batch process on an Amazon EC2 instance to disable the AWS access keys and passwords for these IAM users
Develop and run a Python script on an Amazon EC2 instance to programmatically identify IAM users that have not been active for 90 days Automatically delete these 1AM users
Develop and run a Python script on an Amazon EC2 instance to programmatically identify IAM users that have not been active for 90 days Automatically delete these 1AM users
Set up an AWS Config managed rule to identify IAM users that have not been active for 90 days Set up an AWS Systems Manager automation runbook to disable the AWS access keys for these IAM users
Set up an AWS Config managed rule to identify IAM users that have not been active for 90 days Set up an AWS Systems Manager automation runbook to disable the AWS access keys for these IAM users
Suggested answer: D
asked 16/09/2024
Joe Mon
27 questions

Question 139

Report
Export
Collapse

A company plans to run a public web application on Amazon EC2 instances behind an Elastic Load Balancer (ELB). The company's security team wants to protect the website by using AWS Certificate Manager (ACM) certificates The ELB must automatically redirect any HTTP requests to HTTPS Which solution will meet these requirements?

Create an Application Load Balancer that has one HTTPS listener on port 80 Attach an SSLTLScertificate to listener port 80 Create a rule to redirect requests from HTTP to HTTPS
Create an Application Load Balancer that has one HTTPS listener on port 80 Attach an SSLTLScertificate to listener port 80 Create a rule to redirect requests from HTTP to HTTPS
Create an Application Load Balancer that has one HTTP listener on port 80 and one HTTPS protocollistener on port 443 Attach an SSL TLS certificate to listener port 443 Create a rule to redirect requestsfrom port 80 to port 443
Create an Application Load Balancer that has one HTTP listener on port 80 and one HTTPS protocollistener on port 443 Attach an SSL TLS certificate to listener port 443 Create a rule to redirect requestsfrom port 80 to port 443
Create an Application Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
Create an Application Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
Create a Network Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
Create a Network Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
Suggested answer: B
asked 16/09/2024
Ibrahim mazou Ismael
45 questions

Question 140

Report
Export
Collapse

A company is planning to host its stateful web-based applications on AWS A SysOps administrator is using an Auto Scaling group of Amazon EC2 instances The web applications will run 24 hours a day 7 days a week throughout the year The company must be able to change the instance type within the same instance family later in the year based on the traffic and usage patterns Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

Convertible Reserved Instances
Convertible Reserved Instances
On-Demand instances
On-Demand instances
Spot instances
Spot instances
Standard Reserved instances
Standard Reserved instances
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-convertible-exchange.html

asked 16/09/2024
André Batista
39 questions
Total 450 questions
Go to page: of 45
Search

Related questions