ExamGecko
Home / Amazon / SOA-C02 / List of questions
Ask Question

Amazon SOA-C02 Practice Test - Questions Answers, Page 2

List of questions

Question 11

Report
Export
Collapse

A company uses AWS CloudFormation to deploy its application infrastructure. Recently, a user accidentally changed a property of a database in a CloudFormation template and performed a stack update that caused an interruption to the application. A SysOps administrator must determine how to modify the deployment process to allow the DevOps team to continue to deploy the infrastructure, but prevent against accidental modifications to specific resources. Which solution will meet these requirements?

Set up an AWS Config rule to alert based on changes to any CloudFormation stack. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
Set up an AWS Config rule to alert based on changes to any CloudFormation stack. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
Set up an Amazon CloudWatch Events event with a rule to trigger based on any CloudFormation API call. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
Set up an Amazon CloudWatch Events event with a rule to trigger based on any CloudFormation API call. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.
Launch the CloudFormation templates using a stack policy with an explicit allow for all resources and an explicit deny of the protected resources with an action of Update:*
Launch the CloudFormation templates using a stack policy with an explicit allow for all resources and an explicit deny of the protected resources with an action of Update:*
Attach an IAM policy to the DevOps team role that prevents a CloudFormation stack from updating, with a condition based on the specific Amazon Resource Names (ARNs) of the protected resources.
Attach an IAM policy to the DevOps team role that prevents a CloudFormation stack from updating, with a condition based on the specific Amazon Resource Names (ARNs) of the protected resources.
Suggested answer: C

Explanation:

Reference: https://aws.amazon.com/blogs/devops/aws-cloudformation-security-best-practices/

asked 16/09/2024
Jaime GONCALVES
45 questions

Question 12

Report
Export
Collapse

A software development company has multiple developers who work on the same product. Each developer must have their own development environments, and these development environments must be identical. Each development environment consists of Amazon EC2 instances and an Amazon RDS DB instance. The development environments should be created only when necessary, and they must be terminated each night to minimize costs. What is the MOST operationally efficient solution that meets these requirements?

Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly cron job on each development instance to stop all running processes to reduce CPU utilization to nearly zero.
Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly cron job on each development instance to stop all running processes to reduce CPU utilization to nearly zero.
Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to delete the AWS CloudFormation stacks.
Provide developers with access to the same AWS CloudFormation template so that they can provision their development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to delete the AWS CloudFormation stacks.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to terminate all EC2 instances and the DB instance.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to terminate all EC2 instances and the DB instance.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to cause AWS CloudFormation to delete all of the development environment resources.
Provide developers with CLI commands so that they can provision their own development environment when necessary. Schedule a nightly Amazon EventBridge (Amazon CloudWatch Events) rule to cause AWS CloudFormation to delete all of the development environment resources.
Suggested answer: C
asked 16/09/2024
Miguel Bakker
30 questions

Question 13

Report
Export
Collapse

A SysOps administrator is optimizing the cost of a workload. The workload is running in multiple AWS Regions and is using AWS Lambda with Amazon EC2 On-Demand Instances for the compute. The overall usage is predictable. The amount of compute that is consumed in each Region varies, depending on the users' locations.

Which approach should the SysOps administrator use to optimize this workload?

Purchase Compute Savings Plans based on the usage during the past 30 days.
Purchase Compute Savings Plans based on the usage during the past 30 days.
Purchase Convertible Reserved Instances by calculating the usage baseline.
Purchase Convertible Reserved Instances by calculating the usage baseline.
Purchase EC2 Instance Savings Plans based on the usage during the past 30 days.
Purchase EC2 Instance Savings Plans based on the usage during the past 30 days.
Purchase Standard Reserved Instances by calculating the usage baseline.
Purchase Standard Reserved Instances by calculating the usage baseline.
Suggested answer: C

Explanation:

Reference: https://pileuscloud.com/2019/11/14/aws-saving-plans-3-critical-things-to-know-before-buying-a-saving-plan/

asked 16/09/2024
Bernardo Garcia
43 questions

Question 14

Report
Export
Collapse

A SysOps administrator needs to give users the ability to upload objects to an Amazon S3 bucket. The SysOps administrator creates a presigned URL and provides the URL to a user, but the user cannot upload an object to the S3 bucket. The presigned URL has not expired, and no bucket policy is applied to the S3 bucket.

Which of the following could be the cause of this problem?

The user has not properly configured the AWS CLI with their access key and secret access key.
The user has not properly configured the AWS CLI with their access key and secret access key.
The SysOps administrator does not have the necessary permissions to upload the object to the S3 bucket.
The SysOps administrator does not have the necessary permissions to upload the object to the S3 bucket.
The SysOps administrator must apply a bucket policy to the S3 bucket to allow the user to upload the object.
The SysOps administrator must apply a bucket policy to the S3 bucket to allow the user to upload the object.
The object already has been uploaded through the use of the presigned URL, so the presigned URL is no longer valid.
The object already has been uploaded through the use of the presigned URL, so the presigned URL is no longer valid.
Suggested answer: B

Explanation:

Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html

asked 16/09/2024
Sebrena Adkins
42 questions

Question 15

Report
Export
Collapse

A company's IT department noticed an increase in the spend of their developer AWS account. There are over 50 developers using the account, and the finance team wants to determine the service costs incurred by each developer. What should a SysOps administrator do to collect this information? (Choose two.)

Activate the createdBy tag in the account.
Activate the createdBy tag in the account.
Analyze the usage with Amazon CloudWatch dashboards.
Analyze the usage with Amazon CloudWatch dashboards.
Analyze the usage with Cost Explorer.
Analyze the usage with Cost Explorer.
Configure AWS Trusted Advisor to track resource usage.
Configure AWS Trusted Advisor to track resource usage.
Create a billing alarm in AWS Budgets.
Create a billing alarm in AWS Budgets.
Suggested answer: A, C
asked 16/09/2024
mr yosh
37 questions

Question 16

Report
Export
Collapse

A SysOps administrator is maintaining a web application using an Amazon CloudFront web distribution, an Application Load Balancer (ALB), Amazon RDS, and Amazon EC2 in a VPC. All services have logging enabled. The administrator needs to investigate HTTP Layer 7 status codes from the web application. Which log sources contain the status codes? (Choose two.)

VPC Flow Logs
VPC Flow Logs
AWS CloudTrail logs
AWS CloudTrail logs
ALB access logs
ALB access logs
CloudFront access logs
CloudFront access logs
RDS logs
RDS logs
Suggested answer: C, D
asked 16/09/2024
Deepak PSK
46 questions

Question 17

Report
Export
Collapse

A company uses an Amazon RDS DB instance for data storage for its web application. For disaster recovery purposes, a SysOps administrator has configured an AWS Lambda function that copies the daily DB snapshot to the us-west-2- Region.

The SysOps administrator must provide a custom DNS name, myexampledb, for the DB instance so that the company's developers do not need to update the application code if the DB snapshot must be restored in another Region. The company hosts its corporate domain, example.com, on Amazon Route 53.

Which solution will meet these requirements?

Create a Route 53 alias record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance domain name.
Create a Route 53 alias record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance domain name.
Create a Route 53 CNAME record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the CNAME record to point to the new DB instance domain name.
Create a Route 53 CNAME record that maps myexampledb.example.com to the DB instance domain name. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the CNAME record to point to the new DB instance domain name.
Locate the IP address of the DB instance. Create a Route 53 A record that maps myexamplebd.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the A record to point to the new DB instance IP address.
Locate the IP address of the DB instance. Create a Route 53 A record that maps myexamplebd.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the A record to point to the new DB instance IP address.
Locate the IP address of the DB instance. Create a Route 53 alias record that maps myexampledb.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance IP address.
Locate the IP address of the DB instance. Create a Route 53 alias record that maps myexampledb.example.com to the IP address. Instruct the developers to refer to myexampledb.example.com in their application. After restoring the DB snapshot in us-west-2, update the alias record to point to the new DB instance IP address.
Suggested answer: D

Explanation:

Reference: https://www.amazonaws.cn/en/route53/faqs/

asked 16/09/2024
Henny Smit
36 questions

Question 18

Report
Export
Collapse

A company has a new requirement stating that all resources in AWS must be tagged according to a set policy. Which AWS service should be used to enforce and continually identify all resources that are not in compliance with the policy?

AWS CloudTrail
AWS CloudTrail
Amazon Inspector
Amazon Inspector
AWS Config
AWS Config
AWS Systems Manager
AWS Systems Manager
Suggested answer: C

Explanation:

Reference: https://aws.amazon.com/config/

Amazon SOA-C02 image Question 18 explanation 8053 09162024010005000000

asked 16/09/2024
Mogens Jensen
33 questions

Question 19

Report
Export
Collapse

With the threat of ransomware viruses encrypting and holding company data hostage, which action should be taken to protect an Amazon S3 bucket?

Deny Post, Put, and Delete on the bucket.
Deny Post, Put, and Delete on the bucket.
Enable server-side encryption on the bucket.
Enable server-side encryption on the bucket.
Enable Amazon S3 versioning on the bucket.
Enable Amazon S3 versioning on the bucket.
Enable snapshots on the bucket.
Enable snapshots on the bucket.
Suggested answer: C
asked 16/09/2024
Luis Morales
30 questions

Question 20

Report
Export
Collapse

A company manages an application that uses Amazon ElastiCache for Redis with two extra-large nodes spread across two different Availability Zones. The company's IT team discovers that the ElastiCache for Redis cluster has 75% freeable memory. The application must maintain high availability.

What is the MOST cost-effective way to resize the cluster?

Decrease the number of nodes in the ElastiCache for Redis cluster from 2 to 1.
Decrease the number of nodes in the ElastiCache for Redis cluster from 2 to 1.
Deploy a new ElastiCache for Redis cluster that uses large node types. Migrate the data from the original cluster to the new cluster. After the process is complete, shut down the original cluster.
Deploy a new ElastiCache for Redis cluster that uses large node types. Migrate the data from the original cluster to the new cluster. After the process is complete, shut down the original cluster.
Deploy a new ElastiCache for Redis cluster that uses large node types. Take a backup from the original cluster, and restore the backup in the new cluster. After the process is complete, shut down the original cluster.
Deploy a new ElastiCache for Redis cluster that uses large node types. Take a backup from the original cluster, and restore the backup in the new cluster. After the process is complete, shut down the original cluster.
Perform an online resizing for the ElastiCache for Redis cluster. Change the node types from extra-large nodes to large nodes.
Perform an online resizing for the ElastiCache for Redis cluster. Change the node types from extra-large nodes to large nodes.
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/scaling-redis-cluster-modeenabled.html

As demand on your clusters changes, you might decide to improve performance or reduce costs by changing the number of shards in your Redis (cluster mode enabled) cluster. We recommend using online horizontal scaling to do so, because it allows your cluster to continue serving requests during the scaling process. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/redis-cluster-vertical-scalingscaling-down.html

asked 16/09/2024
Dan Yann
47 questions
Total 450 questions
Go to page: of 45
Search

Related questions