ExamGecko
Login
Home / Amazon / SOA-C02 / List of questions
Ask Question

Amazon SOA-C02 Practice Test - Questions Answers, Page 15

List of questions

Question 141

Report
Export
Collapse

A SysOps administrator is setting up a fleet of Amazon EC2 instances in an Auto Scaling group for an application. The fleet should have 50% CPU available at that times to accommodate bursts of traffic. The load will increase significantly between the hours of 09:00 and 17:00,7 days a week How should the SysOps administrator configure the scaling of the EC2 instances to meet these requirements?

Create a target tracking scaling policy that runs when the CPU utilization is higher than 90%
Create a target tracking scaling policy that runs when the CPU utilization is higher than 90%
Create a target tracking scaling policy that runs when the CPU utilization is higher than 50%.Create a scheduled scaling policy that ensures that the fleet is available at 09:00 Create a second scheduled scaling policy that scales in the fleet at 17:00
Create a target tracking scaling policy that runs when the CPU utilization is higher than 50%.Create a scheduled scaling policy that ensures that the fleet is available at 09:00 Create a second scheduled scaling policy that scales in the fleet at 17:00
Set the Auto Scaling group to start with 2 instances by setting the desired instances maximum instances, and minimum instances to 2 Create a scheduled scaling policy that ensures that the fleet is available at 09:00
Set the Auto Scaling group to start with 2 instances by setting the desired instances maximum instances, and minimum instances to 2 Create a scheduled scaling policy that ensures that the fleet is available at 09:00
Create a scheduled scaling policy that ensures that the fleet is available at 09.00. Create a second scheduled scaling policy that scales in the fleet at 17:00
Create a scheduled scaling policy that ensures that the fleet is available at 09.00. Create a second scheduled scaling policy that scales in the fleet at 17:00
Suggested answer: B
asked 16/09/2024
Bill Skadden
31 questions

Question 142

Report
Export
Collapse

A SysOps administrator receives an alert from Amazon GuardDuty about suspicious network activity on an Amazon FC2 instance. The GuardDuty finding lists a new external IP address as a traffic destination. The SysOps administrator does not recognize the external IP address. The SysOps administrator must block traffic to the external IP address that GuardDuty identified Which solution will meet this requirement?

Create a new security group to block traffic to the external IP address. Assign the new security group to the EC2 instance
Create a new security group to block traffic to the external IP address. Assign the new security group to the EC2 instance
Use VPC flow logs with Amazon Athena to block traffic to the external IP address
Use VPC flow logs with Amazon Athena to block traffic to the external IP address
Create a network ACL Add an outbound deny rule tor traffic to the external IP address
Create a network ACL Add an outbound deny rule tor traffic to the external IP address
Create a new security group to block traffic to the external IP address Assign the new security group to the entire VPC
Create a new security group to block traffic to the external IP address Assign the new security group to the entire VPC
Suggested answer: A
asked 16/09/2024
Shane Cook
33 questions

Question 143

Report
Export
Collapse

A SysOps administrator is designing a solution for an Amazon RDS for PostgreSQL DB instance.

Database credentials must be stored and rotated monthly. The applications that connect to the DB instance send write-intensive traffic with variable client connections that sometimes increase significantly in a short period of time. Which solution should a SysOps administrator choose to meet these requirements?

Configure AWS Key Management Service (AWS KMS) to automatically rotate the keys for the DB instance. Use RDS Proxy to handle the increases in database connections.
Configure AWS Key Management Service (AWS KMS) to automatically rotate the keys for the DB instance. Use RDS Proxy to handle the increases in database connections.
Configure AWS Key Management Service (AWS KMS) to automatically rotate the keys for the DB instance. Use RDS read replicas to handle the increases in database connections.
Configure AWS Key Management Service (AWS KMS) to automatically rotate the keys for the DB instance. Use RDS read replicas to handle the increases in database connections.
Configure AWS Secrets Manager to automatically rotate the credentials for the DB instance. Use RDS Proxy to handle the increases in database connections.
Configure AWS Secrets Manager to automatically rotate the credentials for the DB instance. Use RDS Proxy to handle the increases in database connections.
Configure AWS Secrets Manager to automatically rotate the credentials for the DB instance. Use RDS read replicas to handle the increases in database connections.
Configure AWS Secrets Manager to automatically rotate the credentials for the DB instance. Use RDS read replicas to handle the increases in database connections.
Suggested answer: A
asked 16/09/2024
Salman Hashmi
39 questions

Question 144

Report
Export
Collapse

An ecommerce company uses an Amazon ElastiCache for Memcached cluster for in-memory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the SysOps administrator notices a large number of evictions.

Which of the following actions will reduce these evictions? (Choose two.)

Add an additional node to the ElastiCache cluster.
Add an additional node to the ElastiCache cluster.
Increase the ElastiCache time to live (TTL).
Increase the ElastiCache time to live (TTL).
Increase the individual node size inside the ElastiCache cluster.
Increase the individual node size inside the ElastiCache cluster.
Put an Elastic Load Balancer in front of the ElastiCache cluster.
Put an Elastic Load Balancer in front of the ElastiCache cluster.
Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster.
Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster.
Suggested answer: A, C

Explanation:

https://d1.awsstatic.com/training-and-certification/docs-sysops-associate/AWS-Certified-SysOps- Administrator-Associate_Sample-Questions_C02.pdf

asked 16/09/2024
Aubrey Oliver Jr
34 questions

Question 145

Report
Export
Collapse

A company is deploying a third-party unit testing solution that is delivered as an Amazon EC2 Amazon Machine Image (AMI). All system configuration data is stored in Amazon DynamoDB. The testing results are stored in Amazon S3. A minimum of three EC2 instances are required to operate the product. The company's testing team wants to use an additional three EC2 Instances when the Spot Instance prices are at a certain threshold. A SysOps administrator must Implement a highly available solution that provides this functionality.

Which solution will meet these requirements with the LEAST operational overhead?

Define an Amazon EC2 Auto Scaling group by using a launch configuration. Use the provided AMI In the launch configuration. Configure three On-Demand Instances and three Spot Instances. Configure a maximum Spot Instance price In the launch configuration.
Define an Amazon EC2 Auto Scaling group by using a launch configuration. Use the provided AMI In the launch configuration. Configure three On-Demand Instances and three Spot Instances. Configure a maximum Spot Instance price In the launch configuration.
Define an Amazon EC2 Auto Scaling group by using a launch template. Use the provided AMI in the launch template. Configure three On-Demand Instances and three Spot Instances. Configure a maximum Spot Instance price In the launch template.
Define an Amazon EC2 Auto Scaling group by using a launch template. Use the provided AMI in the launch template. Configure three On-Demand Instances and three Spot Instances. Configure a maximum Spot Instance price In the launch template.
Define two Amazon EC2 Auto Scaling groups by using launch configurations. Use the provided AMI in the launch configurations. Configure three On-Demand Instances for one Auto Scaling group. Configure three Spot Instances for the other Auto Scaling group. Configure a maximum Spot Instance price in the launch configuration for the Auto Scaling group that has Spot Instances.
Define two Amazon EC2 Auto Scaling groups by using launch configurations. Use the provided AMI in the launch configurations. Configure three On-Demand Instances for one Auto Scaling group. Configure three Spot Instances for the other Auto Scaling group. Configure a maximum Spot Instance price in the launch configuration for the Auto Scaling group that has Spot Instances.
Define two Amazon EC2 Auto Scaling groups by using launch templates. Use the provided AMI in the launch templates. Configure three On-Demand Instances for one Auto Scaling group. Configure three Spot Instances for the other Auto Scaling group. Configure a maximum Spot Instance price in the launch template for the Auto Scaling group that has Spot Instances.
Define two Amazon EC2 Auto Scaling groups by using launch templates. Use the provided AMI in the launch templates. Configure three On-Demand Instances for one Auto Scaling group. Configure three Spot Instances for the other Auto Scaling group. Configure a maximum Spot Instance price in the launch template for the Auto Scaling group that has Spot Instances.
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/autoscaling/ec2/userguide/LaunchTemplates.html https://docs.aws.amazon.com/autoscaling/ec2/userguide/LaunchConfiguration.html

asked 16/09/2024
Damir Stojsic
33 questions

Question 146

Report
Export
Collapse

A company stores sensitive data in an Amazon S3 bucket. The company must log all access attempts to the S3 bucket. The company's risk team must receive immediate notification about any delete events. Which solution will meet these requirements?

Enable S3 server access logging for audit logs. Set up an Amazon Simple Notification Service(Amazon SNSJ notification for the S3 bucket. Select DeleteObject tor the event type for the alert system.
Enable S3 server access logging for audit logs. Set up an Amazon Simple Notification Service(Amazon SNSJ notification for the S3 bucket. Select DeleteObject tor the event type for the alert system.
Enable S3 server access logging for audit logs. Launch an Amazon EC2 instance for the alert system. Run a cron job on the EC2 instance to download the access logs each day and to scan for a DeleteObject event.
Enable S3 server access logging for audit logs. Launch an Amazon EC2 instance for the alert system. Run a cron job on the EC2 instance to download the access logs each day and to scan for a DeleteObject event.
Use Amazon CloudWatch Logs for audit logs. Use Amazon CloudWatch alarms with an Amazon Simple Notification Service (Amazon SNS) notification for the alert system.
Use Amazon CloudWatch Logs for audit logs. Use Amazon CloudWatch alarms with an Amazon Simple Notification Service (Amazon SNS) notification for the alert system.
Use Amazon CloudWatch Logs for audit logs. Launch an Amazon EC2 instance for The alert system.Run a cron job on the EC2 Instance each day to compare the list of the items with the list from the previous day. Configure the cron job to send a notification if an item is missing.
Use Amazon CloudWatch Logs for audit logs. Launch an Amazon EC2 instance for The alert system.Run a cron job on the EC2 Instance each day to compare the list of the items with the list from the previous day. Configure the cron job to send a notification if an item is missing.
Suggested answer: A

Explanation:

To meet the requirements of logging all access attempts to the S3 bucket and receiving immediate notification about any delete events, the company can enable S3 server access logging and set up an Amazon Simple Notification Service (Amazon SNS) notification for the S3 bucket. The S3 server access logs will record all access attempts to the bucket, including delete events, and the SNS notification can be configured to send an alert when a DeleteObject event occurs.

asked 16/09/2024
JEAN-MARIE HERMANT
30 questions

Question 147

Report
Export
Collapse

A compliance learn requites all administrator passwords for Amazon RDS DB instances to be changed at least annually. Which solution meets this requirement in the MOST operationally efficient manner?

Store the database credentials in AWS Secrets Manager. Configure automatic rotation for the secret every 365 days.
Store the database credentials in AWS Secrets Manager. Configure automatic rotation for the secret every 365 days.
Store the database credentials as a parameter In the RDS parameter group. Create a database trigger to rotate the password every 365 days.
Store the database credentials as a parameter In the RDS parameter group. Create a database trigger to rotate the password every 365 days.
Store the database credentials in a private Amazon S3 bucket. Schedule an AWS Lambda function to generate a new set of credentials every 365 days.
Store the database credentials in a private Amazon S3 bucket. Schedule an AWS Lambda function to generate a new set of credentials every 365 days.
Store the database credentials in AWS Systems Manager Parameter Store as a secure string parameter. Configure automatic rotation for the parameter every 365 days.
Store the database credentials in AWS Systems Manager Parameter Store as a secure string parameter. Configure automatic rotation for the parameter every 365 days.
Suggested answer: A
asked 16/09/2024
Avtandili Tsagareishvili
43 questions

Question 148

Report
Export
Collapse

A company runs workloads on 90 Amazon EC2 instances in the eu-west-1 Region in an AWS account.

In 2 months, the company will migrate the workloads from eu-west-1 to the eu-west-3 Region.

The company needs to reduce the cost of the EC2 instances. The company is willing to make a 1-year commitment that will begin next week. The company must choose an EC2 Instance purchasing option that will provide discounts for the 90 EC2 Instances regardless of Region during the 1-year period.

Which solution will meet these requirements?

Purchase EC2 Standard Reserved Instances.
Purchase EC2 Standard Reserved Instances.
Purchase an EC2 Instance Savings Plan.
Purchase an EC2 Instance Savings Plan.
Purchase EC2 Convertible Reserved Instances.
Purchase EC2 Convertible Reserved Instances.
Purchase a Compute Savings Plan.
Purchase a Compute Savings Plan.
Suggested answer: B
asked 16/09/2024
Josh Davis
36 questions

Question 149

Report
Export
Collapse

A company wants to archive sensitive data on Amazon S3 Glacier. The company's regulatory and compliance requirements do not allow any modifications to the data by any account. Which solution meets these requirements?

Attach a vault lock policy to an S3 Glacier vault that contains the archived data. Use the lock ID to validate the vault lock policy after 24 hours.
Attach a vault lock policy to an S3 Glacier vault that contains the archived data. Use the lock ID to validate the vault lock policy after 24 hours.
Attach a vault lock policy to an S3 Glacier vault that contains the archived data. Use the lock ID to validate the vault lock policy within 24 hours.
Attach a vault lock policy to an S3 Glacier vault that contains the archived data. Use the lock ID to validate the vault lock policy within 24 hours.
Configure S3 Object Lock in governance mode. Upload all files after 24 hours.
Configure S3 Object Lock in governance mode. Upload all files after 24 hours.
Configure S3 Object Lock in governance mode. Upload all files within 24 hours.
Configure S3 Object Lock in governance mode. Upload all files within 24 hours.
Suggested answer: B
asked 16/09/2024
Aamir Muhammad
36 questions

Question 150

Report
Export
Collapse

A global company handles a large amount of personally identifiable information (Pll) through an internal web portal. The company's application runs in a corporate data center that is connected to AWS through an AWS Direct Connect connection. The application stores the Pll in Amazon S3.

According to a compliance requirement, traffic from the web portal to Amazon S3 must not travel across the internet. What should a SysOps administrator do to meet the compliance requirement?

Provision an interface VPC endpoint for Amazon S3. Modify the application to use the interface endpoint.
Provision an interface VPC endpoint for Amazon S3. Modify the application to use the interface endpoint.
Configure AWS Network Firewall to redirect traffic to the internal S3 address.
Configure AWS Network Firewall to redirect traffic to the internal S3 address.
Modify the application to use the S3 path-style endpoint.
Modify the application to use the S3 path-style endpoint.
Set up a range of VPC network ACLs to redirect traffic to the Internal S3 address.
Set up a range of VPC network ACLs to redirect traffic to the Internal S3 address.
Suggested answer: A

Explanation:

Using the interface endpoint, applications in your on-premises data center can easily query S3buckets over AWS Direct Connect or Site-to-Site VPN.https://aws.amazon.com/blogs/architecture/choosing-your-vpc-endpoint-strategy-for-amazon-s3/

asked 16/09/2024
Sairam Emmidishetti
36 questions
Total 450 questions
Go to page: of 45
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The company needs a shared file solution for EC2 Windows instances in a Multi-AZ deployment that uses native Windows storage capabilities and maximizes consistency.
After creating a presigned URL for an S3 object, users can no longer access the file after a few days.
A company has an AWS Site-to-Site VPN connection between on-premises resources and resources that are hosted in a VPC. A SysOps administrator launches an Amazon EC2 instance that has only a private IP address into a private subnet in the VPC. The EC2 instance runs Microsoft Windows Server. A security group for the EC2 instance has rules that allow inbound traffic from the on-premises network over the VPN connection. The on-premises environment contains a third-party network firewall. Rules in the third-party network firewall allow Remote Desktop Protocol (RDP) traffic to flow between the on-premises users over the VPN connection. The on-premises users are unable to connect to the EC2 instance and receive a timeout error. What should the SysOps administrator do to troubleshoot this issue?
The SysOps administrator needs to complete the KMS key policy for least privilege read access for the DataEngineer role to decrypt S3 objects encrypted with a KMS key.
The SysOps administrator needs to deploy auditing software on all existing and new EC2 instances across multiple Regions, using AWS Systems Manager.
A company recently migrated its application to a VPC on AWS. An AWS Site-to-Site VPN connection connects the company's on-premises network to the VPC. The application retrieves customer data from another system that resides on premises. The application uses an on-premises DNS server to resolve domain records. After the migration, the application is not able to connect to the customer data because of name resolution errors. Which solution will give the application the ability to resolve the internal domain names?
A SysOps administrator is responsible for a legacy, CPU-heavy application. The application can only be scaled vertically. Currently, the application is deployed on a single t2. large Amazon EC2 instance. The system is showing 90% CPU usage and significant performance latency after a few minutes. What change should be made to alleviate the performance problem?
A SysOps administrator needs to share a new AMI with all accounts within an organization managed through AWS Organizations.
ASysOps administrator configures an application to run on Amazon EC2 instances behind an Application Load Balancer (ALB) in a simple scaling Auto Scaling group with the default settings. The Auto Scaling group is configured to use the RequestCountPerTarget metric for scaling. The SysOps administrator notices that the RequestCountPerTarget metric exceeded the specified limit twice in 180 seconds. How will the number of EC2 instances in this Auto Scaling group be affected in this scenario?
A SysOps administrator needs EC2 instances in a VPC to resolve DNS names for hosts in an on-premises data center.