ExamGecko
Search Search Login
Home Home / Amazon / SOA-C02

Amazon SOA-C02 Practice Test - Questions Answers, Page 2

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company's application on EC2 instances relies on a Single-AZ RDS for MySQL DB instance. The SysOps administrator needs to ensure failover to minimize downtime.
A company needs to monitor the disk utilization of Amazon Elastic Block Store (Amazon EBS) volumes The EBS volumes are attached to Amazon EC2 Linux Instances A SysOps administrator must set up an Amazon CloudWatch alarm that provides an alert when disk utilization increases to more than 80%. Which combination of steps must the SysOps administrator lake lo meet these requirements? (Select THREE.)
A SysOps administrator creates two VPCs, VPC1 and VPC2, in a company's AWS account The SysOps administrator deploys a Linux Amazon EC2 instance in VPC1 and deploys an Amazon RDS for MySQL DB instance in VPC2. The DB instance is deployed in a private subnet. An application that runs on the EC2 instance needs to connect to the database. What should the SysOps administrator do to give the EC2 instance the ability to connect to the database?
A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances on AWS. A SysOps administrator needs to keep the instances and all of the instances' data, even if someone deletes the stack. Which solution will meet these requirements?
A SysOps administrator is optimizing the cost of a workload. The workload is running in multiple AWS Regions and is using AWS Lambda with Amazon EC2 On-Demand Instances for the compute. The overall usage is predictable. The amount of compute that is consumed in each Region varies, depending on the users' locations. Which approach should the SysOps administrator use to optimize this workload?
The SysOps administrator must dynamically reference the latest AMI ID from Systems Manager Parameter Store in CloudFormation templates for new AMI versions.
A company has an application that collects notifications from thousands of alarm systems. The notifications include alarm notifications and information notifications. The information notifications include the system arming processes, disarming processes, and sensor status. All notifications are kept as messages in an Amazon Simple Queue Service (Amazon SQS) queue. Amazon EC2 instances that are in an Auto Scaling group process the messages. A SysOps administrator needs to implement a solution that prioritizes alarm notifications over information notifications. Which solution will meet these requirements?
A team of developers is using several Amazon S3 buckets as centralized repositories. Users across the world upload large sets of files to these repositories. The development team's applications later process these files. A SysOps administrator sets up a new S3 bucket. DOC-EXAMPLE-BUCKET, to support a new workload. The new S3 bucket also receives regular uploads of large sets of files from users worldwide. When the new S3 bucket is put into production, the upload performance from certain geographic areas is lower than the upload performance that the existing S3 buckets provide. What should the SysOps administrator do to remediate this issue?
The SysOps administrator must modify the AWS Config rule that deletes noncompliant SSH inbound rules to update the rule to allow SSH from specific trusted IP addresses instead.
The SysOps administrator needs to address high disk I/O issues during EC2 instance bootstrap in an Auto Scaling group.

Question 11

Report
Export
Collapse

A company uses AWS CloudFormation to deploy its application infrastructure. Recently, a user accidentally changed a property of a database in a CloudFormation template and performed a stack update that caused an interruption to the application. A SysOps administrator must determine how to modify the deployment process to allow the DevOps team to continue to deploy the infrastructure, but prevent against accidental modifications to specific resources. Which solution will meet these requirements?

A.
Set up an AWS Config rule to alert based on changes to any CloudFormation stack. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
A.
Set up an AWS Config rule to alert based on changes to any CloudFormation stack. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
Answers
B.
Set up an Amazon CloudWatch Events event with a rule to trigger based on any CloudFormation API call. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
B.
Set up an Amazon CloudWatch Events event with a rule to trigger based on any CloudFormation API call. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
Answers
C.
Launch the CloudFormation templates using a stack policy with an explicit allow for all resources and an explicit deny of the protected resources with an action of Update:*
C.
Launch the CloudFormation templates using a stack policy with an explicit allow for all resources and an explicit deny of the protected resources with an action of Update:*
Answers
D.
Attach an IAM policy to the DevOps team role that prevents a CloudFormation stack from updating, with a condition based on the specific Amazon Resource Names (ARNs) of the protected resources.
D.
Attach an IAM policy to the DevOps team role that prevents a CloudFormation stack from updating, with a condition based on the specific Amazon Resource Names (ARNs) of the protected resources.
Answers
Suggested answer: C

Explanation:

Reference: https://aws.amazon.com/blogs/devops/aws-cloudformation-security-best-practices/

Question 12

Report
Export
Collapse

A software development company has multiple developers who work on the same product. Each developer must have their own development environments, and these development environments must be identical. Each development environment consists of Amazon EC2 instances and an Amazon RDS DB instance. The development environments should be created only when necessary, and they must be terminated each night to minimize costs. What is the MOST operationally efficient solution that meets these requirements?

A.
Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly cron job on each development instance to stop all running processes to reduce CPU utilization to nearly zero.
A.
Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly cron job on each development instance to stop all running processes to reduce CPU utilization to nearly zero.
Answers
B.
Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to delete the AWS CloudFormation stacks.
B.
Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to delete the AWS CloudFormation stacks.
Answers
C.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to terminate all EC2 instances and the DB instance.
C.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to terminate all EC2 instances and the DB instance.
Answers
D.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to cause AWS CloudFormation to delete all of the development environment resources.
D.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to cause AWS CloudFormation to delete all of the development environment resources.
Answers
Suggested answer: C

Question 13

Report
Export
Collapse

A SysOps administrator is optimizing the cost of a workload. The workload is running in multiple AWS Regions and is using AWS Lambda with Amazon EC2 On-Demand Instances for the compute. The overall usage is predictable. The amount of compute that is consumed in each Region varies, depending on the users' locations.

Which approach should the SysOps administrator use to optimize this workload?

A.
Purchase Compute Savings Plans based on the usage during the past 30 days.
A.
Purchase Compute Savings Plans based on the usage during the past 30 days.
Answers
B.
Purchase Convertible Reserved Instances by calculating the usage baseline.
B.
Purchase Convertible Reserved Instances by calculating the usage baseline.
Answers
C.
Purchase EC2 Instance Savings Plans based on the usage during the past 30 days.
C.
Purchase EC2 Instance Savings Plans based on the usage during the past 30 days.
Answers
D.
Purchase Standard Reserved Instances by calculating the usage baseline.
D.
Purchase Standard Reserved Instances by calculating the usage baseline.
Answers
Suggested answer: C

Explanation:

Reference: https://pileuscloud.com/2019/11/14/aws-saving-plans-3-critical-things-to-know-before-buying-a-saving-plan/

Question 14

Report
Export
Collapse

A SysOps administrator needs to give users the ability to upload objects to an Amazon S3 bucket. The SysOps administrator creates a presigned URL and provides the URL to a user, but the user cannot upload an object to the S3 bucket. The presigned URL has not expired, and no bucket policy is applied to the S3 bucket.

Which of the following could be the cause of this problem?

A.
The user has not properly configured the AWS CLI with their access key and secret access key.
A.
The user has not properly configured the AWS CLI with their access key and secret access key.
Answers
B.
The SysOps administrator does not have the necessary permissions to upload the object to the S3 bucket.
B.
The SysOps administrator does not have the necessary permissions to upload the object to the S3 bucket.
Answers
C.
The SysOps administrator must apply a bucket policy to the S3 bucket to allow the user to upload the object.
C.
The SysOps administrator must apply a bucket policy to the S3 bucket to allow the user to upload the object.
Answers
D.
The object already has been uploaded through the use of the presigned URL, so the presigned URL is no longer valid.
D.
The object already has been uploaded through the use of the presigned URL, so the presigned URL is no longer valid.
Answers
Suggested answer: B

Explanation:

Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html

Question 15

Report
Export
Collapse

A company's IT department noticed an increase in the spend of their developer AWS account. There are over 50 developers using the account, and the finance team wants to determine the service costs incurred by each developer. What should a SysOps administrator do to collect this information? (Choose two.)

A.
Activate the createdBy tag in the account.
A.
Activate the createdBy tag in the account.
Answers
B.
Analyze the usage with Amazon CloudWatch dashboards.
B.
Analyze the usage with Amazon CloudWatch dashboards.
Answers
C.
Analyze the usage with Cost Explorer.
C.
Analyze the usage with Cost Explorer.
Answers
D.
Configure AWS Trusted Advisor to track resource usage.
D.
Configure AWS Trusted Advisor to track resource usage.
Answers
E.
Create a billing alarm in AWS Budgets.
E.
Create a billing alarm in AWS Budgets.
Answers
Suggested answer: A, C

Question 16

Report
Export
Collapse

A SysOps administrator is maintaining a web application using an Amazon CloudFront web distribution, an Application Load Balancer (ALB), Amazon RDS, and Amazon EC2 in a VPC. All services have logging enabled. The administrator needs to investigate HTTP Layer 7 status codes from the web application. Which log sources contain the status codes? (Choose two.)

A.
VPC Flow Logs
A.
VPC Flow Logs
Answers
B.
AWS CloudTrail logs
B.
AWS CloudTrail logs
Answers
C.
ALB access logs
C.
ALB access logs
Answers
D.
CloudFront access logs
D.
CloudFront access logs
Answers
E.
RDS logs
E.
RDS logs
Answers
Suggested answer: C, D

Question 17

Report
Export
Collapse

A company uses an Amazon RDS DB instance for data storage for its web application. For disaster recovery purposes, a SysOps administrator has configured an AWS Lambda function that copies the daily DB snapshot to the us-west-2- Region.

The SysOps administrator must provide a custom DNS name, myexampledb, for the DB instance so that the company's developers do not need to update the application code if the DB snapshot must be restored in another Region. The company hosts its corporate domain, example.com, on Amazon Route 53.

Which solution will meet these requirements?

A.
Create a Route 53 alias record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance domain name.
A.
Create a Route 53 alias record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance domain name.
Answers
B.
Create a Route 53 CNAME record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the CNAME record to point to the new DB instance domain name.
B.
Create a Route 53 CNAME record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the CNAME record to point to the new DB instance domain name.
Answers
C.
Locate the IP address of the DB instance. Create a Route 53 A record that maps myexamplebd.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the A record to point to the new DB instance IP address.
C.
Locate the IP address of the DB instance. Create a Route 53 A record that maps myexamplebd.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the A record to point to the new DB instance IP address.
Answers
D.
Locate the IP address of the DB instance. Create a Route 53 alias record that maps myexampledb.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance IP address.
D.
Locate the IP address of the DB instance. Create a Route 53 alias record that maps myexampledb.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance IP address.
Answers
Suggested answer: D

Explanation:

Reference: https://www.amazonaws.cn/en/route53/faqs/

Question 18

Report
Export
Collapse

A company has a new requirement stating that all resources in AWS must be tagged according to a set policy. Which AWS service should be used to enforce and continually identify all resources that are not in compliance with the policy?

A.
AWS CloudTrail
A.
AWS CloudTrail
Answers
B.
Amazon Inspector
B.
Amazon Inspector
Answers
C.
AWS Config
C.
AWS Config
Answers
D.
AWS Systems Manager
D.
AWS Systems Manager
Answers
Suggested answer: C

Explanation:

Reference: https://aws.amazon.com/config/

Question 19

Report
Export
Collapse

With the threat of ransomware viruses encrypting and holding company data hostage, which action should be taken to protect an Amazon S3 bucket?

A.
Deny Post, Put, and Delete on the bucket.
A.
Deny Post, Put, and Delete on the bucket.
Answers
B.
Enable server-side encryption on the bucket.
B.
Enable server-side encryption on the bucket.
Answers
C.
Enable Amazon S3 versioning on the bucket.
C.
Enable Amazon S3 versioning on the bucket.
Answers
D.
Enable snapshots on the bucket.
D.
Enable snapshots on the bucket.
Answers
Suggested answer: C

Question 20

Report
Export
Collapse

A company manages an application that uses Amazon ElastiCache for Redis with two extra-large nodes spread across two different Availability Zones. The company's IT team discovers that the ElastiCache for Redis cluster has 75% freeable memory. The application must maintain high availability.

What is the MOST cost-effective way to resize the cluster?

A.
Decrease the number of nodes in the ElastiCache for Redis cluster from 2 to 1.
A.
Decrease the number of nodes in the ElastiCache for Redis cluster from 2 to 1.
Answers
B.
Deploy a new ElastiCache for Redis cluster that uses large node types. Migrate the data from the original cluster to the new cluster. After the process is complete, shut down the original cluster.
B.
Deploy a new ElastiCache for Redis cluster that uses large node types. Migrate the data from the original cluster to the new cluster. After the process is complete, shut down the original cluster.
Answers
C.
Deploy a new ElastiCache for Redis cluster that uses large node types. Take a backup from the original cluster, and restore the backup in the new cluster. After the process is complete, shut down the original cluster.
C.
Deploy a new ElastiCache for Redis cluster that uses large node types. Take a backup from the original cluster, and restore the backup in the new cluster. After the process is complete, shut down the original cluster.
Answers
D.
Perform an online resizing for the ElastiCache for Redis cluster. Change the node types from extra-large nodes to large nodes.
D.
Perform an online resizing for the ElastiCache for Redis cluster. Change the node types from extra-large nodes to large nodes.
Answers
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/scaling-redis-cluster-modeenabled.html

As demand on your clusters changes, you might decide to improve performance or reduce costs by changing the number of shards in your Redis (cluster mode enabled) cluster. We recommend using online horizontal scaling to do so, because it allows your cluster to continue serving requests during the scaling process. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/redis-cluster-vertical-scalingscaling-down.html

Total 425 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms