ExamGecko
Search Search Login
Home Home / Amazon / SOA-C02

Amazon SOA-C02 Practice Test - Questions Answers, Page 14

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company's application on EC2 instances relies on a Single-AZ RDS for MySQL DB instance. The SysOps administrator needs to ensure failover to minimize downtime.
A SysOps administrator creates two VPCs, VPC1 and VPC2, in a company's AWS account The SysOps administrator deploys a Linux Amazon EC2 instance in VPC1 and deploys an Amazon RDS for MySQL DB instance in VPC2. The DB instance is deployed in a private subnet. An application that runs on the EC2 instance needs to connect to the database. What should the SysOps administrator do to give the EC2 instance the ability to connect to the database?
A company needs to monitor the disk utilization of Amazon Elastic Block Store (Amazon EBS) volumes The EBS volumes are attached to Amazon EC2 Linux Instances A SysOps administrator must set up an Amazon CloudWatch alarm that provides an alert when disk utilization increases to more than 80%. Which combination of steps must the SysOps administrator lake lo meet these requirements? (Select THREE.)
A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances on AWS. A SysOps administrator needs to keep the instances and all of the instances' data, even if someone deletes the stack. Which solution will meet these requirements?
A SysOps administrator is optimizing the cost of a workload. The workload is running in multiple AWS Regions and is using AWS Lambda with Amazon EC2 On-Demand Instances for the compute. The overall usage is predictable. The amount of compute that is consumed in each Region varies, depending on the users' locations. Which approach should the SysOps administrator use to optimize this workload?
The SysOps administrator must dynamically reference the latest AMI ID from Systems Manager Parameter Store in CloudFormation templates for new AMI versions.
A company has an application that collects notifications from thousands of alarm systems. The notifications include alarm notifications and information notifications. The information notifications include the system arming processes, disarming processes, and sensor status. All notifications are kept as messages in an Amazon Simple Queue Service (Amazon SQS) queue. Amazon EC2 instances that are in an Auto Scaling group process the messages. A SysOps administrator needs to implement a solution that prioritizes alarm notifications over information notifications. Which solution will meet these requirements?
A team of developers is using several Amazon S3 buckets as centralized repositories. Users across the world upload large sets of files to these repositories. The development team's applications later process these files. A SysOps administrator sets up a new S3 bucket. DOC-EXAMPLE-BUCKET, to support a new workload. The new S3 bucket also receives regular uploads of large sets of files from users worldwide. When the new S3 bucket is put into production, the upload performance from certain geographic areas is lower than the upload performance that the existing S3 buckets provide. What should the SysOps administrator do to remediate this issue?
The SysOps administrator must modify the AWS Config rule that deletes noncompliant SSH inbound rules to update the rule to allow SSH from specific trusted IP addresses instead.
A company is running a serverless application on AWS Lambda. The application stores data in an Amazon RDS for MySQL DB instance. Usage has steadily increased, and recently there have been numerous "too many connections" errors when the Lambda function attempts to connect to the database. The company already has configured the database to use the maximum max_connections value that is possible. What should a SysOps administrator do to resolve these errors?

Question 131

Report
Export
Collapse

A development team recently deployed a new version of a web application to production. After the release penetration testing revealed a cross-site scripting vulnerability that could expose user data. Which AWS service will mitigate this issue?

A.
AWS Shield Standard
A.
AWS Shield Standard
Answers
B.
AWS WAF
B.
AWS WAF
Answers
C.
Elastic Load Balancing
C.
Elastic Load Balancing
Answers
D.
Amazon Cognito
D.
Amazon Cognito
Answers
Suggested answer: B

Question 132

Report
Export
Collapse

A SysOps administrator must configure a resilient tier of Amazon EC2 instances for a high performance computing (HPC) application. The HPC application requires minimum latency between nodes Which actions should the SysOps administrator take to meet these requirements? (Select TWO.)

A.
Create an Amazon Elastic File System (Amazon EPS) file system Mount the file system to the EC2 instances by using user data
A.
Create an Amazon Elastic File System (Amazon EPS) file system Mount the file system to the EC2 instances by using user data
Answers
B.
Create a Multi-AZ Network Load Balancer in front of the EC2 instances
B.
Create a Multi-AZ Network Load Balancer in front of the EC2 instances
Answers
C.
Place the EC2 instances in an Auto Scaling group within a single subnet
C.
Place the EC2 instances in an Auto Scaling group within a single subnet
Answers
D.
Launch the EC2 instances into a cluster placement group
D.
Launch the EC2 instances into a cluster placement group
Answers
E.
Launch the EC2 instances into a partition placement group
E.
Launch the EC2 instances into a partition placement group
Answers
Suggested answer: A, D

Question 133

Report
Export
Collapse

A SysOps administrator is unable to authenticate an AWS CLI call to an AWS service Which of the following is the cause of this issue?

A.
The IAM password is incorrect
A.
The IAM password is incorrect
Answers
B.
The server certificate is missing
B.
The server certificate is missing
Answers
C.
The SSH key pair is incorrect
C.
The SSH key pair is incorrect
Answers
D.
There is no access key
D.
There is no access key
Answers
Suggested answer: C

Question 134

Report
Export
Collapse

A company is expanding its use of AWS services across its portfolios The company wants to provision AWS accounts for each team to ensure a separation of business processes for security compliance and billing Account creation and bootstrapping should be completed m a scalable and efficient way so new accounts are created with a defined baseline and governance guardrails in place A SysOps administrator needs to design a provisioning process that saves time and resources Which action should be taken to meet these requirements?

A.
Automate using AWS Elastic Beanstalk to provision the AWS accounts set up infrastructure and integrate with AWS Organizations
A.
Automate using AWS Elastic Beanstalk to provision the AWS accounts set up infrastructure and integrate with AWS Organizations
Answers
B.
Create bootstrapping scripts in AWS OpsWorks and combine them with AWS CloudFormation templates to provision accounts and infrastructure
B.
Create bootstrapping scripts in AWS OpsWorks and combine them with AWS CloudFormation templates to provision accounts and infrastructure
Answers
C.
Use AWS Config to provision accounts and deploy instances using AWS Service Catalog
C.
Use AWS Config to provision accounts and deploy instances using AWS Service Catalog
Answers
D.
Use AWS Control Tower to create a template in Account Factory and use the template to provision new accounts
D.
Use AWS Control Tower to create a template in Account Factory and use the template to provision new accounts
Answers
Suggested answer: D

Question 135

Report
Export
Collapse

A SysOps administrator is unable to launch Amazon EC2 instances into a VPC because there are no available private IPv4 addresses in the VPC. Which combination of actions must the SysOps administrator take to launch the instances? (Select TWO.)

A.
Associate a secondary IPv4 CIDR block with the VPC
A.
Associate a secondary IPv4 CIDR block with the VPC
Answers
B.
Associate a primary IPv6 CIDR block with the VPC
B.
Associate a primary IPv6 CIDR block with the VPC
Answers
C.
Create a new subnet for the VPC
C.
Create a new subnet for the VPC
Answers
D.
Modify the CIDR block of the VPC
D.
Modify the CIDR block of the VPC
Answers
E.
Modify the CIDR block of the subnet that is associated with the instances
E.
Modify the CIDR block of the subnet that is associated with the instances
Answers
Suggested answer: A, D

Question 136

Report
Export
Collapse

A SysOps administrator needs to develop a solution that provides email notification and inserts a record into a database every time a file is put into an Amazon S3 bucket. What is the MOST operationally efficient solution that meets these requirements?

A.
Set up an S3 event notification that targets an Amazon Simple Notification Service (Amazon SNS) topic Create two subscriptions for the SNS topic Use one subscription to send the email notification Use the other subscription to invoke an AWS Lambda function that inserts the record into the database
A.
Set up an S3 event notification that targets an Amazon Simple Notification Service (Amazon SNS) topic Create two subscriptions for the SNS topic Use one subscription to send the email notification Use the other subscription to invoke an AWS Lambda function that inserts the record into the database
Answers
B.
Set up an Amazon CloudWatch alarm that enters ALARM state whenever an object is created in the S3 bucket Configure the alarm to invoke an AWS Lambda (unction that sends the email notification and inserts the record into the database
B.
Set up an Amazon CloudWatch alarm that enters ALARM state whenever an object is created in the S3 bucket Configure the alarm to invoke an AWS Lambda (unction that sends the email notification and inserts the record into the database
Answers
C.
Create an AWS Lambda function to send the email notification and insert the record into the database whenever a new object is detected in the S3 bucket invoke the function every minute with an Amazon EventBridge (Amazon CloudWatch Events) scheduled rule
C.
Create an AWS Lambda function to send the email notification and insert the record into the database whenever a new object is detected in the S3 bucket invoke the function every minute with an Amazon EventBridge (Amazon CloudWatch Events) scheduled rule
Answers
D.
Set up two S3 event notifications Target a separate AWS Lambda function with each notification Configure one function to send the email notification Configure the other function to insert the record into the database
D.
Set up two S3 event notifications Target a separate AWS Lambda function with each notification Configure one function to send the email notification Configure the other function to insert the record into the database
Answers
Suggested answer: C

Question 137

Report
Export
Collapse

A company needs to upload gigabytes of files every day. The company need to achieve higher throughput and upload speeds to Amazon S3 Which action should a SysOps administrator take to meet this requirement?

A.
Create an Amazon CloudFront distribution with the GET HTTP method allowed and the S3 bucketas an origin.
A.
Create an Amazon CloudFront distribution with the GET HTTP method allowed and the S3 bucketas an origin.
Answers
B.
Create an Amazon ElastiCache duster and enable caching for the S3 bucket
B.
Create an Amazon ElastiCache duster and enable caching for the S3 bucket
Answers
C.
Set up AWS Global Accelerator and configure it with the S3 bucket
C.
Set up AWS Global Accelerator and configure it with the S3 bucket
Answers
D.
Enable S3 Transfer Acceleration and use the acceleration endpoint when uploading files
D.
Enable S3 Transfer Acceleration and use the acceleration endpoint when uploading files
Answers
Suggested answer: D

Explanation:

Enable Amazon S3 Transfer Acceleration Amazon S3 Transfer Acceleration can provide fast and secure transfers over long distances between your client and Amazon S3. Transfer Acceleration uses Amazon CloudFront's globally distributed edge locations.

https://aws.amazon.com/premiumsupport/knowledge-center/s3-upload-large-files/

Question 138

Report
Export
Collapse

A company requires that all IAM user accounts that have not been used for 90 days or more must have their access keys and passwords immediately disabled A SysOps administrator must automate the process of disabling unused keys using the MOST operationally efficient method.

How should the SysOps administrator implement this solution?

A.
Create an AWS Step Functions workflow to identify IAM users that have not been active for 90 days Run an AWS Lambda function when a scheduled Amazon EventBridge (Amazon CloudWatch Events) rule is invoked to automatically remove the AWS access keys and passwords for these IAM users
A.
Create an AWS Step Functions workflow to identify IAM users that have not been active for 90 days Run an AWS Lambda function when a scheduled Amazon EventBridge (Amazon CloudWatch Events) rule is invoked to automatically remove the AWS access keys and passwords for these IAM users
Answers
B.
Configure an AWS Config rule to identify IAM users that have not been active for 90 days Set up an automatic weekly batch process on an Amazon EC2 instance to disable the AWS access keys and passwords for these IAM users
B.
Configure an AWS Config rule to identify IAM users that have not been active for 90 days Set up an automatic weekly batch process on an Amazon EC2 instance to disable the AWS access keys and passwords for these IAM users
Answers
C.
Develop and run a Python script on an Amazon EC2 instance to programmatically identify IAM users that have not been active for 90 days Automatically delete these 1AM users
C.
Develop and run a Python script on an Amazon EC2 instance to programmatically identify IAM users that have not been active for 90 days Automatically delete these 1AM users
Answers
D.
Set up an AWS Config managed rule to identify IAM users that have not been active for 90 days Set up an AWS Systems Manager automation runbook to disable the AWS access keys for these IAM users
D.
Set up an AWS Config managed rule to identify IAM users that have not been active for 90 days Set up an AWS Systems Manager automation runbook to disable the AWS access keys for these IAM users
Answers
Suggested answer: D

Question 139

Report
Export
Collapse

A company plans to run a public web application on Amazon EC2 instances behind an Elastic Load Balancer (ELB). The company's security team wants to protect the website by using AWS Certificate Manager (ACM) certificates The ELB must automatically redirect any HTTP requests to HTTPS Which solution will meet these requirements?

A.
Create an Application Load Balancer that has one HTTPS listener on port 80 Attach an SSLTLScertificate to listener port 80 Create a rule to redirect requests from HTTP to HTTPS
A.
Create an Application Load Balancer that has one HTTPS listener on port 80 Attach an SSLTLScertificate to listener port 80 Create a rule to redirect requests from HTTP to HTTPS
Answers
B.
Create an Application Load Balancer that has one HTTP listener on port 80 and one HTTPS protocollistener on port 443 Attach an SSL TLS certificate to listener port 443 Create a rule to redirect requestsfrom port 80 to port 443
B.
Create an Application Load Balancer that has one HTTP listener on port 80 and one HTTPS protocollistener on port 443 Attach an SSL TLS certificate to listener port 443 Create a rule to redirect requestsfrom port 80 to port 443
Answers
C.
Create an Application Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
C.
Create an Application Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
Answers
D.
Create a Network Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
D.
Create a Network Load Balancer that has two TCP listeners on port 80 and port 443 Attach an SSLTLS certificate to listener port 443 Create a rule to redirect requests from port 80 to port 443
Answers
Suggested answer: B

Question 140

Report
Export
Collapse

A company is planning to host its stateful web-based applications on AWS A SysOps administrator is using an Auto Scaling group of Amazon EC2 instances The web applications will run 24 hours a day 7 days a week throughout the year The company must be able to change the instance type within the same instance family later in the year based on the traffic and usage patterns Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

A.
Convertible Reserved Instances
A.
Convertible Reserved Instances
Answers
B.
On-Demand instances
B.
On-Demand instances
Answers
C.
Spot instances
C.
Spot instances
Answers
D.
Standard Reserved instances
D.
Standard Reserved instances
Answers
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-convertible-exchange.html

Total 425 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms