ExamGecko
Search Search Login
Home Home / Amazon / SOA-C02

Amazon SOA-C02 Practice Test - Questions Answers, Page 18

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company's application on EC2 instances relies on a Single-AZ RDS for MySQL DB instance. The SysOps administrator needs to ensure failover to minimize downtime.
A SysOps administrator creates two VPCs, VPC1 and VPC2, in a company's AWS account The SysOps administrator deploys a Linux Amazon EC2 instance in VPC1 and deploys an Amazon RDS for MySQL DB instance in VPC2. The DB instance is deployed in a private subnet. An application that runs on the EC2 instance needs to connect to the database. What should the SysOps administrator do to give the EC2 instance the ability to connect to the database?
A company needs to monitor the disk utilization of Amazon Elastic Block Store (Amazon EBS) volumes The EBS volumes are attached to Amazon EC2 Linux Instances A SysOps administrator must set up an Amazon CloudWatch alarm that provides an alert when disk utilization increases to more than 80%. Which combination of steps must the SysOps administrator lake lo meet these requirements? (Select THREE.)
A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances on AWS. A SysOps administrator needs to keep the instances and all of the instances' data, even if someone deletes the stack. Which solution will meet these requirements?
A SysOps administrator is optimizing the cost of a workload. The workload is running in multiple AWS Regions and is using AWS Lambda with Amazon EC2 On-Demand Instances for the compute. The overall usage is predictable. The amount of compute that is consumed in each Region varies, depending on the users' locations. Which approach should the SysOps administrator use to optimize this workload?
The SysOps administrator must dynamically reference the latest AMI ID from Systems Manager Parameter Store in CloudFormation templates for new AMI versions.
A company has an application that collects notifications from thousands of alarm systems. The notifications include alarm notifications and information notifications. The information notifications include the system arming processes, disarming processes, and sensor status. All notifications are kept as messages in an Amazon Simple Queue Service (Amazon SQS) queue. Amazon EC2 instances that are in an Auto Scaling group process the messages. A SysOps administrator needs to implement a solution that prioritizes alarm notifications over information notifications. Which solution will meet these requirements?
The SysOps administrator must modify the AWS Config rule that deletes noncompliant SSH inbound rules to update the rule to allow SSH from specific trusted IP addresses instead.
A team of developers is using several Amazon S3 buckets as centralized repositories. Users across the world upload large sets of files to these repositories. The development team's applications later process these files. A SysOps administrator sets up a new S3 bucket. DOC-EXAMPLE-BUCKET, to support a new workload. The new S3 bucket also receives regular uploads of large sets of files from users worldwide. When the new S3 bucket is put into production, the upload performance from certain geographic areas is lower than the upload performance that the existing S3 buckets provide. What should the SysOps administrator do to remediate this issue?
The SysOps administrator needs to address high disk I/O issues during EC2 instance bootstrap in an Auto Scaling group.

Question 171

Report
Export
Collapse

A company hosts several write-intensive applications. These applications use a MySQL database that runs on a single Amazon EC2 instance. The company asks a SysOps administrator to implement a highly available database solution that is ideal for multi-tenant workloads.

Which solution should the SysOps administrator implement to meet these requirements?

A.
Create a second EC2 instance for MySQL. Configure the second instance to be a read replica.
A.
Create a second EC2 instance for MySQL. Configure the second instance to be a read replica.
Answers
B.
Migrate the database to an Amazon Aurora DB cluster. Add an Aurora Replica.
B.
Migrate the database to an Amazon Aurora DB cluster. Add an Aurora Replica.
Answers
C.
Migrate the database to an Amazon Aurora multi-master DB cluster.
C.
Migrate the database to an Amazon Aurora multi-master DB cluster.
Answers
D.
Migrate the database to an Amazon RDS for MySQL DB instance.
D.
Migrate the database to an Amazon RDS for MySQL DB instance.
Answers
Suggested answer: C

Question 172

Report
Export
Collapse

A SysOps administrator created an AWS Cloud Formation template that provisions Amazon EC2 instances, an Elastic Load Balancer (ELB), and an Amazon RDS DB instance. During stack creation, the creation of the EC2 instances and the creation of the ELB are successful. However, the creation of the DB instance fails.

What is the default behavior of CloudFormation in this scenario?

A.
CloudFormation will roll back the stack and delete the stack.
A.
CloudFormation will roll back the stack and delete the stack.
Answers
B.
CloudFormation will roll back the stack but will not delete the stack.
B.
CloudFormation will roll back the stack but will not delete the stack.
Answers
C.
CloudFormation will prompt the user to roll back the stack or continue.
C.
CloudFormation will prompt the user to roll back the stack or continue.
Answers
D.
CloudFormation will successfully complete the stack but will report a failed status for the DB instance.
D.
CloudFormation will successfully complete the stack but will report a failed status for the DB instance.
Answers
Suggested answer: C

Question 173

Report
Export
Collapse

A company needs to deploy a new workload on AWS. The company must encrypt all data at rest and must rotate the encryption keys once each year. The workload uses an Amazon RDS for MySQL Multi- AZ database for data storage. Which configuration approach will meet these requirements?

A.
Enable Transparent Data Encryption (TDE) in the MySQL configuration file. Manually rotate the key every 12 months.
A.
Enable Transparent Data Encryption (TDE) in the MySQL configuration file. Manually rotate the key every 12 months.
Answers
B.
Enable RDS encryption on the database at creation time by using the AWS managed key for Amazon RDS.
B.
Enable RDS encryption on the database at creation time by using the AWS managed key for Amazon RDS.
Answers
C.
Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable RDS encryption on the database at creation time by using the KMS key.
C.
Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable RDS encryption on the database at creation time by using the KMS key.
Answers
D.
Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable encryption on the Amazon Elastic Block Store (Amazon EBS) volumes that are attached to the RDS DB instance.
D.
Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable encryption on the Amazon Elastic Block Store (Amazon EBS) volumes that are attached to the RDS DB instance.
Answers
Suggested answer: C

Explanation:

This configuration approach will meet the requirement of encrypting all data at rest and rotating the encryption keys once each year. By creating a new AWS KMS customer managed key and enabling automatic key rotation, the encryption keys will be rotated automatically every year. By enabling RDS encryption on the database at creation time using the KMS key, all data stored in the RDS for MySQL Multi-AZ database will be encrypted at rest. This approach provide more control over key management and rotation and provide additional security benefits

Question 174

Report
Export
Collapse

A SysOps administrator needs to automate the invocation of an AWS Lambda function. The Lambda function must run at the end of each day to generate a report on data that is stored in an Amazon S3 bucket. What is the MOST operationally efficient solution that meets these requirements?

A.
Create an Amazon EventBridge {Amazon CloudWatch Events) rule that has an event pattern for Amazon S3 and the Lambda function as a target.
A.
Create an Amazon EventBridge {Amazon CloudWatch Events) rule that has an event pattern for Amazon S3 and the Lambda function as a target.
Answers
B.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule that has a schedule and the Lambda function as a target.
B.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule that has a schedule and the Lambda function as a target.
Answers
C.
Create an S3 event notification to invoke the Lambda function whenever objects change in the S3 bucket.
C.
Create an S3 event notification to invoke the Lambda function whenever objects change in the S3 bucket.
Answers
D.
Deploy an Amazon EC2 instance with a cron job to invoke the Lambda function.
D.
Deploy an Amazon EC2 instance with a cron job to invoke the Lambda function.
Answers
Suggested answer: C

Question 175

Report
Export
Collapse

A company's SysOps administrator needs to change the AWS Support plan for one of the company's AWS accounts. The account has multi-factor authentication (MFA) activated, and the MFA device is lost. What should the SysOps administrator do to sign in?

A.
Sign in as a root user by using email and phone verification. Set up a new MFA device. Change the root user password.
A.
Sign in as a root user by using email and phone verification. Set up a new MFA device. Change the root user password.
Answers
B.
Sign in as an 1AM user with administrator permissions. Resynchronize the MFA token by using the 1AM console.
B.
Sign in as an 1AM user with administrator permissions. Resynchronize the MFA token by using the 1AM console.
Answers
C.
Sign in as an 1AM user with administrator permissions. Reset the MFA device for the root user by adding a new device.
C.
Sign in as an 1AM user with administrator permissions. Reset the MFA device for the root user by adding a new device.
Answers
D.
Use the forgot-password process to verify the email address. Set up a new password and MFA device.
D.
Use the forgot-password process to verify the email address. Set up a new password and MFA device.
Answers
Suggested answer: A

Question 176

Report
Export
Collapse

A SysOps administrator has created an AWS Service Catalog portfolio and has shared the portfolio with a second AWS account in the company. The second account is controlled by a different administrator. Which action will the administrator of the second account be able to perform?

A.
Add a product from the imported portfolio to a local portfolio.
A.
Add a product from the imported portfolio to a local portfolio.
Answers
B.
Add new products to the imported portfolio.
B.
Add new products to the imported portfolio.
Answers
C.
Change the launch role for the products contained in the imported portfolio.
C.
Change the launch role for the products contained in the imported portfolio.
Answers
D.
Customize the products in the imported portfolio.
D.
Customize the products in the imported portfolio.
Answers
Suggested answer: A

Question 177

Report
Export
Collapse

A SysOps administrator wants to manage a web server application with AWS Elastic Beanstalk. The Elastic Beanstalk service must maintain full capacity for new deployments at all times. Which deployment policies satisfy this requirement? (Select TWO.)

A.
All at once
A.
All at once
Answers
B.
Immutable
B.
Immutable
Answers
C.
Rebuild
C.
Rebuild
Answers
D.
Rolling
D.
Rolling
Answers
E.
Rolling with additional batch
E.
Rolling with additional batch
Answers
Suggested answer: B, E

Explanation:

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.rolling-version-deploy.html

Question 178

Report
Export
Collapse

A company has a policy that requires all Amazon EC2 instances to have a specific set of tags. If an EC2 instance does not have the required tags, the noncompliant instance should be terminated. What is the MOST operationally efficient solution that meets these requirements?

A.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all EC2 instance state changes to an AWS Lambda function to determine if each instance is compliant. Terminate any noncompliant instances.
A.
Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all EC2 instance state changes to an AWS Lambda function to determine if each instance is compliant. Terminate any noncompliant instances.
Answers
B.
Create an 1AM policy that enforces all EC2 instance tag requirements. If the required tags are not in place for an instance, the policy will terminate noncompliant instance.
B.
Create an 1AM policy that enforces all EC2 instance tag requirements. If the required tags are not in place for an instance, the policy will terminate noncompliant instance.
Answers
C.
Create an AWS Lambda function to determine if each EC2 instance is compliant and terminate an instance if it is noncompliant. Schedule the Lambda function to invoke every 5 minutes.
C.
Create an AWS Lambda function to determine if each EC2 instance is compliant and terminate an instance if it is noncompliant. Schedule the Lambda function to invoke every 5 minutes.
Answers
D.
Create an AWS Config rule to check if the required tags are present. If an EC2 instance is noncompliant, invoke an AWS Systems Manager Automation document to terminate the instance.
D.
Create an AWS Config rule to check if the required tags are present. If an EC2 instance is noncompliant, invoke an AWS Systems Manager Automation document to terminate the instance.
Answers
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager- automation.html

Question 179

Report
Export
Collapse

A SysOps administrator wants to upload a file that is 1 TB in size from on-premises to an Amazon S3 bucket using multipart uploads. What should the SysOps administrator do to meet this requirement?

A.
Upload the file using the S3 console.
A.
Upload the file using the S3 console.
Answers
B.
Use the s3api copy-object command.
B.
Use the s3api copy-object command.
Answers
C.
Use the s3api put-object command.
C.
Use the s3api put-object command.
Answers
D.
Use the s3 cp command.
D.
Use the s3 cp command.
Answers
Suggested answer: D

Explanation:

It's a best practice to use aws s3 commands (such as aws s3 cp) for multipart uploads and downloads, because these aws s3 commands automatically perform multipart uploading and downloading based on the file size. By comparison, aws s3api commands, such as aws s3api create-multipart-upload, should be used only when aws s3 commands don't support a specific upload need, such as when the multipart upload involves multiple servers, a multipart upload is manually stopped and resumed later, or when the aws s3 command doesn't support a required request parameter.https://aws.amazon.com/premiumsupport/knowledge-center/s3-multipart-upload-cli/

Question 180

Report
Export
Collapse

A SysOps administrator is responsible for a company's security groups. The company wants to maintain a documented trail of any changes that are made to the security groups. The SysOps administrator must receive notification whenever the security groups change.

Which solution will meet these requirements?

A.
Set up Amazon Detective to record security group changes. Specify an Amazon CloudWatch Logs log group to store configuration history logs. Create an Amazon Simple Queue Service (Amazon SOS) queue for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SQS queue.
A.
Set up Amazon Detective to record security group changes. Specify an Amazon CloudWatch Logs log group to store configuration history logs. Create an Amazon Simple Queue Service (Amazon SOS) queue for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SQS queue.
Answers
B.
Set up AWS Systems Manager Change Manager to record security group changes. Specify an Amazon CloudWatch Logs log group to store configuration history logs. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
B.
Set up AWS Systems Manager Change Manager to record security group changes. Specify an Amazon CloudWatch Logs log group to store configuration history logs. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
Answers
C.
Set up AWS Config to record security group changes. Specify an Amazon S3 bucket as the location for configuration snapshots and history files. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
C.
Set up AWS Config to record security group changes. Specify an Amazon S3 bucket as the location for configuration snapshots and history files. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
Answers
D.
Set up Amazon Detective to record security group changes. Specify an Amazon S3 bucket as the location for configuration snapshots and history files. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
D.
Set up Amazon Detective to record security group changes. Specify an Amazon S3 bucket as the location for configuration snapshots and history files. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
Answers
Suggested answer: D
Total 425 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms