ExamGecko
Home / Amazon / SOA-C02 / List of questions
Ask Question

Amazon SOA-C02 Practice Test - Questions Answers, Page 20

List of questions

Question 191

Report
Export
Collapse

A company uses an Amazon S3 bucket to store data files. The S3 bucket contains hundreds of objects. The company needs to replace a tag on all the objects in the S3 bucket with another tag.

What is the MOST operationally efficient way to meet this requirement?

Use S3 Batch Operations. Specify the operation to replace all object tags.
Use S3 Batch Operations. Specify the operation to replace all object tags.
Use the AWS CLI to get the tags for each object. Save the tags in a list. Use S3 Batch Operations. Specify the operation to delete all object tags. Use the AWS CLI and the list to retag the objects.
Use the AWS CLI to get the tags for each object. Save the tags in a list. Use S3 Batch Operations. Specify the operation to delete all object tags. Use the AWS CLI and the list to retag the objects.
Use the AWS CLI to get the tags for each object. Save the tags in a list. Use the AWS CLI and the list to remove the object tags. Use the AWS CLI and the list to retag the objects.
Use the AWS CLI to get the tags for each object. Save the tags in a list. Use the AWS CLI and the list to remove the object tags. Use the AWS CLI and the list to retag the objects.
Use the AWS CLI to copy the objects to another S3 bucket. Add the new tag to the copied objects. Delete the original objects.
Use the AWS CLI to copy the objects to another S3 bucket. Add the new tag to the copied objects. Delete the original objects.
Suggested answer: A

Explanation:

Ref. https://aws.amazon.com/es/blogs/storage/adding-and-removing-object-tags-with-s3-batch- operations/

asked 16/09/2024
Khalid Hamid
39 questions

Question 192

Report
Export
Collapse

A company runs several workloads on AWS. The company identifies five AWS Trusted Advisor service quota metrics to monitor in a specific AWS Region. The company wants to receive email notification each time resource usage exceeds 60% of one of the service quotas.

Which solution will meet these requirements?

Create five Amazon CloudWatch alarms, one for each Trusted Advisor service quota metric.Configure an Amazon Simple Notification Service (Amazon SNS) topic for email notification each time that usage exceeds 60% of one of the service quotas.
Create five Amazon CloudWatch alarms, one for each Trusted Advisor service quota metric.Configure an Amazon Simple Notification Service (Amazon SNS) topic for email notification each time that usage exceeds 60% of one of the service quotas.
Create five Amazon CloudWatch alarms, one for each Trusted Advisor service quota metric.Configure an Amazon Simple Queue Service (Amazon SQS) queue for email notification each time that usage exceeds 60% of one of the service quotas.
Create five Amazon CloudWatch alarms, one for each Trusted Advisor service quota metric.Configure an Amazon Simple Queue Service (Amazon SQS) queue for email notification each time that usage exceeds 60% of one of the service quotas.
Use the AWS Service Health Dashboard to monitor each Trusted Advisor service quota metric.Configure an Amazon Simple Queue Service (Amazon SQS) queue for email notification each time that usage exceeds 60% of one of the service quotas.
Use the AWS Service Health Dashboard to monitor each Trusted Advisor service quota metric.Configure an Amazon Simple Queue Service (Amazon SQS) queue for email notification each time that usage exceeds 60% of one of the service quotas.
Use the AWS Service Health Dashboard to monitor each Trusted Advisor service quota metric.Configure an Amazon Simple Notification Service (Amazon SNS) topic for email notification each time that usage exceeds 60% of one of the service quotas.
Use the AWS Service Health Dashboard to monitor each Trusted Advisor service quota metric.Configure an Amazon Simple Notification Service (Amazon SNS) topic for email notification each time that usage exceeds 60% of one of the service quotas.
Suggested answer: A
asked 16/09/2024
Aline Oliveira
40 questions

Question 193

Report
Export
Collapse

A company runs its entire suite of applications on Amazon EC2 instances. The company plans to move the applications to containers and AWS Fargate. Within 6 months, the company plans to retire its EC2 instances and use only Fargate. The company has been able to estimate its future Fargate costs.

A SysOps administrator needs to choose a purchasing option to help the company minimize costs.

The SysOps administrator must maximize any discounts that are available and must ensure that there are no unused reservations. Which purchasing option will meet these requirements?

Compute Savings Plans for 1 year with the No Upfront payment option
Compute Savings Plans for 1 year with the No Upfront payment option
Compute Savings Plans for 1 year with the Partial Upfront payment option
Compute Savings Plans for 1 year with the Partial Upfront payment option
EC2 Instance Savings Plans for 1 year with the All Upfront payment option
EC2 Instance Savings Plans for 1 year with the All Upfront payment option
EC2 Reserved Instances for 1 year with the Partial Upfront payment option
EC2 Reserved Instances for 1 year with the Partial Upfront payment option
Suggested answer: C
asked 16/09/2024
ESSIS MAXIME-ALPHONSE SELLY
29 questions

Question 194

Report
Export
Collapse

A company creates a new member account by using AWS Organizations. A SysOps administrator needs to add AWS Business Support to the new account Which combination of steps must the SysOps administrator take to meet this requirement? (Select TWO.)

Sign in to the new account by using 1AM credentials. Change the support plan.
Sign in to the new account by using 1AM credentials. Change the support plan.
Sign in to the new account by using root user credentials. Change the support plan.
Sign in to the new account by using root user credentials. Change the support plan.
Use the AWS Support API to change the support plan.
Use the AWS Support API to change the support plan.
Reset the password of the account root user.
Reset the password of the account root user.
Create an 1AM user that has administrator privileges in the new account.
Create an 1AM user that has administrator privileges in the new account.
Suggested answer: B, E

Explanation:

The best combination of steps to meet this requirement is to sign in to the new account by using root user credentials and change the support plan, and to create an IAM user that has administrator privileges in the new account.Signing in to the new account by using root user credentials will allow the SysOps administrator to access the account and change the support plan to AWS Business Support. Additionally, creating an IAM user that has administrator privileges in the new account will ensure that the SysOps administrator has the necessary access to manage the account and make changes to the support plan if necessary.Reference:[1] https://docs.aws.amazon.com/organizations/latest/userguide/ orgs_manage_accounts_access.ht ml#orgs_manage_accounts_access_signin-root

asked 16/09/2024
Ibiyemi Araoye
39 questions

Question 195

Report
Export
Collapse

A company needs to automatically monitor an AWS account for potential unauthorized AWS Management Console logins from multiple geographic locations. Which solution will meet this requirement?

Configure Amazon Cognito to detect any compromised 1AM credentials.
Configure Amazon Cognito to detect any compromised 1AM credentials.
Set up Amazon Inspector. Scan and monitor resources for unauthorized logins.
Set up Amazon Inspector. Scan and monitor resources for unauthorized logins.
Set up AWS Config. Add the iam-policy-blacklisted-check managed rule to the account.
Set up AWS Config. Add the iam-policy-blacklisted-check managed rule to the account.
Configure Amazon GuardDuty to monitor the UnauthorizedAccess:IAMUser/ConsoleLoginSuccess finding.
Configure Amazon GuardDuty to monitor the UnauthorizedAccess:IAMUser/ConsoleLoginSuccess finding.
Suggested answer: D
asked 16/09/2024
asdf asdf
38 questions

Question 196

Report
Export
Collapse

Application A runs on Amazon EC2 instances behind a Network Load Balancer (NLB). The EC2 instances are in an Auto Scaling group and are in the same subnet that is associated with the NLB. Other applications from an on-premises environment cannot communicate with Application A on port 8080.

To troubleshoot the issue, a SysOps administrator analyzes the flow logs. The flow logs include the following records:

Amazon SOA-C02 image Question 196 8231 09162024010005000000

What is the reason for the rejected traffic?

The security group of the EC2 instances has no Allow rule for the traffic from the NLB.
The security group of the EC2 instances has no Allow rule for the traffic from the NLB.
The security group of the NLB has no Allow rule for the traffic from the on-premises environment.
The security group of the NLB has no Allow rule for the traffic from the on-premises environment.
The ACL of the on-premises environment does not allow traffic to the AWS environment.
The ACL of the on-premises environment does not allow traffic to the AWS environment.
The network ACL that is associated with the subnet does not allow outbound traffic for the ephemeral port range.
The network ACL that is associated with the subnet does not allow outbound traffic for the ephemeral port range.
Suggested answer: A
asked 16/09/2024
Hendrik Woldhuis
50 questions

Question 197

Report
Export
Collapse

A company's SysOps administrator deploys a public Network Load Balancer (NLB) in front of the company's web application. The web application does not use any Elastic IP addresses. Users must access the web application by using the company's domain name. The SysOps administrator needs to configure Amazon Route 53 to route traffic to the NLB. Which solution will meet these requirements MOST cost-effectively?

Create a Route 53 AAAA record for the NLB.
Create a Route 53 AAAA record for the NLB.
Create a Route 53 alias record for the NLB.
Create a Route 53 alias record for the NLB.
Create a Route 53 CAA record for the NLB.
Create a Route 53 CAA record for the NLB.
Create a Route 53 CNAME record for the NLB.
Create a Route 53 CNAME record for the NLB.
Suggested answer: B
asked 16/09/2024
Simon Tam
35 questions

Question 198

Report
Export
Collapse

SIMULATION

If your AWS Management Console browser does not show that you are logged in to an AWS account, close the browser and relaunch the console by using the AWS Management Console shortcut from the VM desktop.

If the copy-paste functionality is not working in your environment, refer to the instructions file on the VM desktop and use Ctrl+C, Ctrl+V or Command-C , Command-V.

Configure Amazon EventBridge to meet the following requirements.

1. use the us-east-2 Region for all resources,

2. Unless specified below, use the default configuration settings.

3. Use your own resource naming unless a resource name is specified below.

4. Ensure all Amazon EC2 events in the default event bus are replayable for the past 90 days.

5. Create a rule named RunFunction to send the exact message every 1 5 minutes to an existing AWS Lambda function named LogEventFunction.

6. Create a rule named SpotWarning to send a notification to a new standard Amazon SNS topic named TopicEvents whenever an Amazon EC2

Spot Instance is interrupted. Do NOT create any topic subscriptions. The notification must match the following structure:

Amazon SOA-C02 image Question 198 8233 09162024010005000000

Input Path:

{“instance” : “$.detail.instance-id”}

Input template:

“ The EC2 Spot Instance <instance> has been on account.

See the for solution.
See the for solution.
Suggested answer: A

Explanation:

Amazon SOA-C02 image Question 198 explanation 8233 09162024010005000000

Amazon SOA-C02 image Question 198 explanation 8233 09162024010005000000Amazon SOA-C02 image Question 198 explanation 8233 09162024010005000000

Amazon SOA-C02 image Question 198 explanation 8233 09162024010005000000

Amazon SOA-C02 image Question 198 explanation 8233 09162024010005000000

Amazon SOA-C02 image Question 198 explanation 8233 09162024010005000000

Amazon SOA-C02 image Question 198 explanation 8233 09162024010005000000

Here are the steps to configure Amazon EventBridge to meet the above requirements:

Log in to the AWS Management Console by using the AWS Management Console shortcut from the VM desktop. Make sure that you are logged in to the desired AWS account.

Go to the EventBridge service in the us-east-2 Region.

In the EventBridge service, navigate to the "Event buses" page.

Click on the "Create event bus" button.

Give a name to your event bus, and select "default" as the event source type.

Navigate to "Rules" page and create a new rule named "RunFunction"

In the "Event pattern" section, select "Schedule" as the event source and set the schedule to run every 15 minutes.

In the "Actions" section, select "Send to Lambda" and choose the existing AWS Lambda function named "LogEventFunction"

Create another rule named "SpotWarning"

In the "Event pattern" section, select "EC2" as the event source, and filter the events on "EC2 Spot Instance interruption"

In the "Actions" section, select "Send to SNS topic" and create a new standard Amazon SNS topic named "TopicEvents"

In the "Input Transformer" section, set the Input Path to {“instance” : “$.detail.instance-id”} and Input template to “The EC2 Spot Instance <instance> has been interrupted on account.

Now all Amazon EC2 events in the default event bus will be replayable for past 90 days.

Note:

You can use the AWS Management Console, AWS CLI, or SDKs to create and manage EventBridge resources.

You can use CloudTrail event history to replay events from the past 90 days.

You can refer to the AWS EventBridge documentation for more information on how to configure and use the service: https://aws.amazon.com/eventbridge/

asked 16/09/2024
Angela Stevens
59 questions

Question 199

Report
Export
Collapse

SIMULATION

A webpage is stored in an Amazon S3 bucket behind an Application Load Balancer (ALB). Configure the SS bucket to serve a static error page in the event of a failure at the primary site.

1. Use the us-east-2 Region for all resources.

2. Unless specified below, use the default configuration settings.

3. There is an existing hosted zone named lab751906329398-26023898.com that contains an A record with a simple routing policy that routes traffic to an existing ALB.

4. Configure the existing S3 bucket named lab-751906329398-26023898.com as a static hosted website using the object named index.html as the index document

5. For the index-html object, configure the S3 ACL to allow for public read access. Ensure public access to the S3 bucketjs allowed.

6. In Amazon Route 53, change the A record for domain lab-751906329398-26023898.com to a primary record for a failover routing policy. Configure the record so that it evaluates the health of the ALB to determine failover.

7. Create a new secondary failover alias record for the domain lab-751906329398-26023898.com that routes traffic to the existing 53 bucket.

See the for solution
See the for solution
Suggested answer: A

Explanation:

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

Amazon SOA-C02 image Question 199 explanation 8234 09162024010005000000

asked 16/09/2024
ACHILLE CARROLL
43 questions

Question 200

Report
Export
Collapse

A company is creating a new multi-account architecture. A Sysops administrator must implement a login solution to centrally manage user access and permissions across all AWS accounts. The solution must be integrated with AWS Organizations and must be connected to a third-party Security Assertion Markup Language (SAML) 2.0 identity provider (IdP). What should the SysOps administrator do to meet these requirements?

Configure an Amazon Cognito user pool. Integrate the user pool with the third-party IdP.
Configure an Amazon Cognito user pool. Integrate the user pool with the third-party IdP.
Enable and configure AWS Single Sign-On with the third-party IdP.
Enable and configure AWS Single Sign-On with the third-party IdP.
Federate the third-party IdP with AWS Identity and Access Management (IAM) for each AWS account in the organization.
Federate the third-party IdP with AWS Identity and Access Management (IAM) for each AWS account in the organization.
Integrate the third-party IdP directly with AWS Organizations.
Integrate the third-party IdP directly with AWS Organizations.
Suggested answer: A
asked 16/09/2024
dion alken
40 questions
Total 450 questions
Go to page: of 45
Search

Related questions