ExamGecko
Search Search Login
Home Home / Amazon / SOA-C02

Amazon SOA-C02 Practice Test - Questions Answers, Page 16

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company's application on EC2 instances relies on a Single-AZ RDS for MySQL DB instance. The SysOps administrator needs to ensure failover to minimize downtime.
A SysOps administrator creates two VPCs, VPC1 and VPC2, in a company's AWS account The SysOps administrator deploys a Linux Amazon EC2 instance in VPC1 and deploys an Amazon RDS for MySQL DB instance in VPC2. The DB instance is deployed in a private subnet. An application that runs on the EC2 instance needs to connect to the database. What should the SysOps administrator do to give the EC2 instance the ability to connect to the database?
A company needs to monitor the disk utilization of Amazon Elastic Block Store (Amazon EBS) volumes The EBS volumes are attached to Amazon EC2 Linux Instances A SysOps administrator must set up an Amazon CloudWatch alarm that provides an alert when disk utilization increases to more than 80%. Which combination of steps must the SysOps administrator lake lo meet these requirements? (Select THREE.)
A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances on AWS. A SysOps administrator needs to keep the instances and all of the instances' data, even if someone deletes the stack. Which solution will meet these requirements?
A SysOps administrator is optimizing the cost of a workload. The workload is running in multiple AWS Regions and is using AWS Lambda with Amazon EC2 On-Demand Instances for the compute. The overall usage is predictable. The amount of compute that is consumed in each Region varies, depending on the users' locations. Which approach should the SysOps administrator use to optimize this workload?
The SysOps administrator must dynamically reference the latest AMI ID from Systems Manager Parameter Store in CloudFormation templates for new AMI versions.
A company has an application that collects notifications from thousands of alarm systems. The notifications include alarm notifications and information notifications. The information notifications include the system arming processes, disarming processes, and sensor status. All notifications are kept as messages in an Amazon Simple Queue Service (Amazon SQS) queue. Amazon EC2 instances that are in an Auto Scaling group process the messages. A SysOps administrator needs to implement a solution that prioritizes alarm notifications over information notifications. Which solution will meet these requirements?
The SysOps administrator must modify the AWS Config rule that deletes noncompliant SSH inbound rules to update the rule to allow SSH from specific trusted IP addresses instead.
A team of developers is using several Amazon S3 buckets as centralized repositories. Users across the world upload large sets of files to these repositories. The development team's applications later process these files. A SysOps administrator sets up a new S3 bucket. DOC-EXAMPLE-BUCKET, to support a new workload. The new S3 bucket also receives regular uploads of large sets of files from users worldwide. When the new S3 bucket is put into production, the upload performance from certain geographic areas is lower than the upload performance that the existing S3 buckets provide. What should the SysOps administrator do to remediate this issue?
The SysOps administrator needs to address high disk I/O issues during EC2 instance bootstrap in an Auto Scaling group.

Question 151

Report
Export
Collapse

A SysOps administrator recently configured Amazon S3 Cross-Region Replication on an S3 bucket Which of the following does this feature replicate to the destination S3 bucket by default?

A.
Objects in the source S3 bucket for which the bucket owner does not have permissions
A.
Objects in the source S3 bucket for which the bucket owner does not have permissions
Answers
B.
Objects that are stored in S3 Glacier
B.
Objects that are stored in S3 Glacier
Answers
C.
Objects that existed before replication was configured
C.
Objects that existed before replication was configured
Answers
D.
Object metadata
D.
Object metadata
Answers
Suggested answer: B

Question 152

Report
Export
Collapse

A company must migrate its applications to AWS The company is using Chef recipes for configuration management The company wants to continue to use the existing Chef recipes after the applications are migrated to AWS. What is the MOST operationally efficient solution that meets these requirements?

A.
Use AWS Cloud Format ion to create an Amazon EC2 instance, install a Chef server, and add Chef recipes.
A.
Use AWS Cloud Format ion to create an Amazon EC2 instance, install a Chef server, and add Chef recipes.
Answers
B.
Use AWS CloudFormation to create a stack and add layers for Chef recipes.
B.
Use AWS CloudFormation to create a stack and add layers for Chef recipes.
Answers
C.
Use AWS Elastic Beanstalk with the Docker platform to upload Chef recipes.
C.
Use AWS Elastic Beanstalk with the Docker platform to upload Chef recipes.
Answers
D.
Use AWS OpsWorks to create a stack and add layers with Chef recipes.
D.
Use AWS OpsWorks to create a stack and add layers with Chef recipes.
Answers
Suggested answer: D

Question 153

Report
Export
Collapse

A company uses an Amazon CloudFront distribution to deliver its website. Traffic logs for the website must be centrally stored, and all data must be encrypted at rest. Which solution will meet these requirements?

A.
Create an Amazon OpenSearch Service (Amazon Elasticsearch Service) domain with internet access and server-side encryption that uses the default AWS managed key. Configure CloudFront to use the Amazon OpenSearch Service (Amazon Elasticsearch Service) domain as a log destination.
A.
Create an Amazon OpenSearch Service (Amazon Elasticsearch Service) domain with internet access and server-side encryption that uses the default AWS managed key. Configure CloudFront to use the Amazon OpenSearch Service (Amazon Elasticsearch Service) domain as a log destination.
Answers
B.
Create an Amazon OpenSearch Service (Amazon Elasticsearch Service) domain with VPC access and server-side encryption that uses AES-256 Configure CloudFront to use the Amazon OpenSearch Service (Amazon Elasticsearch Service) domain as a log destination.
B.
Create an Amazon OpenSearch Service (Amazon Elasticsearch Service) domain with VPC access and server-side encryption that uses AES-256 Configure CloudFront to use the Amazon OpenSearch Service (Amazon Elasticsearch Service) domain as a log destination.
Answers
C.
Create an Amazon S3 bucket that Is configured with default server-side encryption that uses AES- 256. Configure CloudFront to use the S3 bucket as a log destination.
C.
Create an Amazon S3 bucket that Is configured with default server-side encryption that uses AES- 256. Configure CloudFront to use the S3 bucket as a log destination.
Answers
D.
Create an Amazon S3 bucket that is configured with no default encryption. Enable encryption in the CloudFront distribution, and use the S3 bucket as a log destination.
D.
Create an Amazon S3 bucket that is configured with no default encryption. Enable encryption in the CloudFront distribution, and use the S3 bucket as a log destination.
Answers
Suggested answer: C

Question 154

Report
Export
Collapse

A SysOps administrator is creating an Amazon EC2 Auto Scaling group in a new AWS account. After adding some instances, the SysOps administrator notices that the group has not reached the minimum number of instances. The SysOps administrator receives the following error message:

Which action will resolve this issue?

A.
Adjust the account spending limits for Amazon EC2 on the AWS Billing and Cost Management console
A.
Adjust the account spending limits for Amazon EC2 on the AWS Billing and Cost Management console
Answers
B.
Modify the EC2 quota for that AWS Region in the EC2 Settings section of the EC2 console.
B.
Modify the EC2 quota for that AWS Region in the EC2 Settings section of the EC2 console.
Answers
C.
Request a quota Increase for the Instance type family by using Service Quotas on the AWS Management Console.
C.
Request a quota Increase for the Instance type family by using Service Quotas on the AWS Management Console.
Answers
D.
Use the Rebalance action In the Auto Scaling group on the AWS Management Console.
D.
Use the Rebalance action In the Auto Scaling group on the AWS Management Console.
Answers
Suggested answer: C

Question 155

Report
Export
Collapse

A company needs to view a list of security groups that are open to the internet on port 3389.

What should a SysOps administrator do to meet this requirement?

A.
Configure Amazon GuardDuty to scan security groups and report unrestricted access on port 3389.
A.
Configure Amazon GuardDuty to scan security groups and report unrestricted access on port 3389.
Answers
B.
Configure a service control policy (SCP) to identify security groups that allow unrestricted access on port 3389.
B.
Configure a service control policy (SCP) to identify security groups that allow unrestricted access on port 3389.
Answers
C.
Use AWS Identity and Access Management Access Analyzer to find any instances that have unrestricted access on port 3389.
C.
Use AWS Identity and Access Management Access Analyzer to find any instances that have unrestricted access on port 3389.
Answers
D.
Use AWS Trusted Advisor to find security groups that allow unrestricted access on port 3389
D.
Use AWS Trusted Advisor to find security groups that allow unrestricted access on port 3389
Answers
Suggested answer: D

Question 156

Report
Export
Collapse

A company uses AWS Organizations to manage its AWS accounts. A SysOps administrator must create a backup strategy for all Amazon EC2 instances across all the company's AWS accounts. Which solution will meet these requirements In the MOST operationally efficient way?

A.
Deploy an AWS Lambda function to each account to run EC2 instance snapshots on a scheduled basis.
A.
Deploy an AWS Lambda function to each account to run EC2 instance snapshots on a scheduled basis.
Answers
B.
Create an AWS CloudFormation stack set in the management account to add an AutoBackup=True tag to every EC2 instance
B.
Create an AWS CloudFormation stack set in the management account to add an AutoBackup=True tag to every EC2 instance
Answers
C.
Use AWS Backup In the management account to deploy policies for all accounts and resources.
C.
Use AWS Backup In the management account to deploy policies for all accounts and resources.
Answers
D.
Use a service control policy (SCP) to run EC2 instance snapshots on a scheduled basis in each account.
D.
Use a service control policy (SCP) to run EC2 instance snapshots on a scheduled basis in each account.
Answers
Suggested answer: B

Question 157

Report
Export
Collapse

A company uploaded its website files to an Amazon S3 bucket that has S3 Versioning enabled. The company uses an Amazon CloudFront distribution with the S3 bucket as the origin. The company recently modified the tiles, but the object names remained the same. Users report that old content is still appearing on the website.

How should a SysOps administrator remediate this issue?

A.
Create a CloudFront invalidation, and add the path of the updated files.
A.
Create a CloudFront invalidation, and add the path of the updated files.
Answers
B.
Create a CloudFront signed URL to update each object immediately.
B.
Create a CloudFront signed URL to update each object immediately.
Answers
C.
Configure an S3 origin access identity (OAI) to display only the updated files to users.
C.
Configure an S3 origin access identity (OAI) to display only the updated files to users.
Answers
D.
Disable S3 Versioning on the S3 bucket so that the updated files can replace the old files.
D.
Disable S3 Versioning on the S3 bucket so that the updated files can replace the old files.
Answers
Suggested answer: A

Question 158

Report
Export
Collapse

A company uses AWS Organizations to manage multiple AWS accounts. The company's SysOps team has been using a manual process to create and manage 1AM roles. The team requires an automated solution to create and manage the necessary 1AM roles for multiple AWS accounts.

What is the MOST operationally efficient solution that meets these requirements?

A.
Create AWS CloudFormation templates. Reuse the templates to create the necessary 1AM roles in each of the AWS accounts.
A.
Create AWS CloudFormation templates. Reuse the templates to create the necessary 1AM roles in each of the AWS accounts.
Answers
B.
Use AWS Directory Service with AWS Organizations to automatically associate the necessary 1AM roles with Microsoft Active Directory users.
B.
Use AWS Directory Service with AWS Organizations to automatically associate the necessary 1AM roles with Microsoft Active Directory users.
Answers
C.
Use AWS Resource Access Manager with AWS Organizations to deploy and manage shared resources across the AWS accounts.
C.
Use AWS Resource Access Manager with AWS Organizations to deploy and manage shared resources across the AWS accounts.
Answers
D.
Use AWS CloudFormation StackSets with AWS Organizations to deploy and manage 1AM roles for the AWS accounts.
D.
Use AWS CloudFormation StackSets with AWS Organizations to deploy and manage 1AM roles for the AWS accounts.
Answers
Suggested answer: D

Question 159

Report
Export
Collapse

A company's SysOps administrator attempts to restore an Amazon Elastic Block Store (Amazon EBS) snapshot. However, the snapshot is missing because another system administrator accidentally deleted the snapshot. The company needs the ability to recover snapshots for a specified period of time after snapshots are deleted.

Which solution will provide this functionality?

A.
Turn on deletion protection on individual EBS snapshots that need to be kept.
A.
Turn on deletion protection on individual EBS snapshots that need to be kept.
Answers
B.
Create an 1AM policy that denies the deletion of EBS snapshots by using a condition statement for the snapshot age Apply the policy to all users
B.
Create an 1AM policy that denies the deletion of EBS snapshots by using a condition statement for the snapshot age Apply the policy to all users
Answers
C.
Create a Recycle Bin retention rule for EBS snapshots for the desired retention period.
C.
Create a Recycle Bin retention rule for EBS snapshots for the desired retention period.
Answers
D.
Use Amazon EventBridge (Amazon CloudWatch Events) to schedule an AWS Lambda function to copy EBS snapshots to Amazon S3 Glacier.
D.
Use Amazon EventBridge (Amazon CloudWatch Events) to schedule an AWS Lambda function to copy EBS snapshots to Amazon S3 Glacier.
Answers
Suggested answer: B

Question 160

Report
Export
Collapse

A company is using Amazon Elastic Container Sen/ice (Amazon ECS) to run a containerized application on Amazon EC2 instances. A SysOps administrator needs to monitor only traffic flows between the ECS tasks. Which combination of steps should the SysOps administrator take to meet this requirement? (Select TWO.)

A.
Configure Amazon CloudWatch Logs on the elastic network interface of each task.
A.
Configure Amazon CloudWatch Logs on the elastic network interface of each task.
Answers
B.
Configure VPC Flow Logs on the elastic network interface of each task.
B.
Configure VPC Flow Logs on the elastic network interface of each task.
Answers
C.
Specify the awsvpc network mode in the task definition.
C.
Specify the awsvpc network mode in the task definition.
Answers
D.
Specify the bridge network mode in the task definition.
D.
Specify the bridge network mode in the task definition.
Answers
E.
Specify the host network mode in the task definition.
E.
Specify the host network mode in the task definition.
Answers
Suggested answer: B, C

Explanation:

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking-awsvpc.html

Total 425 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms