ExamGecko
Login
Home / Amazon / SOA-C02 / List of questions
Ask Question

Amazon SOA-C02 Practice Test - Questions Answers, Page 22

List of questions

Question 211

Report
Export
Collapse

A company applies user-defined tags to resources that are associated with me company's AWS workloads Twenty days after applying the tags, the company notices that it cannot use re tags to filter views in the AWS Cost Explorer console. What is the reason for this issue?

It lakes at least 30 days to be able to use tags to filter views in Cost Explorer.
It lakes at least 30 days to be able to use tags to filter views in Cost Explorer.
The company has not activated the user-defined tags for cost allocation.
The company has not activated the user-defined tags for cost allocation.
The company has not created an AWS Cost and Usage Report
The company has not created an AWS Cost and Usage Report
The company has not created a usage budget in AWS Budgets
The company has not created a usage budget in AWS Budgets
Suggested answer: B
asked 16/09/2024
Cristian Lazo
38 questions

Question 212

Report
Export
Collapse

A company's SysOps administrator must ensure that all Amazon EC2 Windows instances that are launched in an AWS account have a third-party agent installed. The third-party agent has an msi package. The company uses AWS Systems Manager for patching, and the Windows instances are tagged appropriately. The third-party agent required periodic updates as new versions are released. The SysOps administrator must deploy these updates automatically

Which combination of steps will meet these requirements with the LEAST operational effort? (Seed TWO.) Create a Systems Manager Distributor package for the third-party agent.

Make sure that Systems Manager Inventory Is configured. If Systems Manager Inventory is not configured, set up a new inventory tor instances that is based on the appropriate tag value for Windows.
Make sure that Systems Manager Inventory Is configured. If Systems Manager Inventory is not configured, set up a new inventory tor instances that is based on the appropriate tag value for Windows.
Create a Systems Manager State Manager association to run the AWS-RunRemoteScript document. Populate the details of the third-party agent package. Specify instance tags based on the appropriate tag value for Windows with a schedule of 1 day
Create a Systems Manager State Manager association to run the AWS-RunRemoteScript document. Populate the details of the third-party agent package. Specify instance tags based on the appropriate tag value for Windows with a schedule of 1 day
Create a Systems Manager State Manager- association to run the AWS-ConfigureAWSPackage document. Populate the details of the third-party agent package. Specify instance tags based on the appropriate tag value for Windows with a schedule of 1 day
Create a Systems Manager State Manager- association to run the AWS-ConfigureAWSPackage document. Populate the details of the third-party agent package. Specify instance tags based on the appropriate tag value for Windows with a schedule of 1 day
Create a Systems Manager Opsitem with the tag value for Windows Attach the Systems Manager Distributor package to the Opsitem. Create a maintenance window that is specific to the package deployment Configure the maintenance window to cover 24 hours a day.
Create a Systems Manager Opsitem with the tag value for Windows Attach the Systems Manager Distributor package to the Opsitem. Create a maintenance window that is specific to the package deployment Configure the maintenance window to cover 24 hours a day.
Suggested answer: A, D

Explanation:

https://docs.aws.amazon.com/systems-manager/latest/userguide/distributor-working-with- packages-deploy.html

asked 16/09/2024
Mustapha Amine Atmani
46 questions

Question 213

Report
Export
Collapse

A global gaming company is preparing to launch a new game on AWS. The game runs in multiple AWS Regions on a fleet of Amazon EC2 instances. The instances are in an Auto Scaling group behind an Application Load Balancer (ALB) in each Region. The company plans to use Amazon Route 53 tor DNS services. The DNS configuration must direct users to the Region that is closest to mem and must provide automated failover. Which combination of steps should a SysOps administrator take to configure Route 53 to meet these requirements?{Select TWO.)

Create Amazon CloudWatch alarms that monitor the health of the ALB in each Region. Configure Route 53 DNS failover by using a health check that monitors the alarms.
Create Amazon CloudWatch alarms that monitor the health of the ALB in each Region. Configure Route 53 DNS failover by using a health check that monitors the alarms.
Create Amazon CloudWatch alarms that monitor the hearth of the EC2 instances in each Region.Configure Route 53 DNS failover by using a health check that monitors the alarms.
Create Amazon CloudWatch alarms that monitor the hearth of the EC2 instances in each Region.Configure Route 53 DNS failover by using a health check that monitors the alarms.
Configure Route 53 DNS failover by using a health check that monitors the private address of an EC2 instance in each Region.
Configure Route 53 DNS failover by using a health check that monitors the private address of an EC2 instance in each Region.
Configure Route 53 geoproximity routing Specify the Regions that are used for the infrastructure
Configure Route 53 geoproximity routing Specify the Regions that are used for the infrastructure
Configure Route 53 simple routing Specify the continent, country, and state or province that are used for the infrastructure.
Configure Route 53 simple routing Specify the continent, country, and state or province that are used for the infrastructure.
Suggested answer: A, D
asked 16/09/2024
lawrence Ajibolade
49 questions

Question 214

Report
Export
Collapse

A SysOps administrator is configuring an application on Amazon EC2 instances for a company Teams in other countries will use the application over the internet. The company requires the application endpoint to have a static pubic IP address.

How should the SysOps administrator deploy the application to meet this requirement?

Behind an Amazon API Gateway API
Behind an Amazon API Gateway API
Behind an Application Load Balancer
Behind an Application Load Balancer
Behind an internet-facing Network Load Balancer
Behind an internet-facing Network Load Balancer
In an Amazon CloudFront distribution
In an Amazon CloudFront distribution
Suggested answer: C
asked 16/09/2024
Hicham Jellab
44 questions

Question 215

Report
Export
Collapse

A SysOps administrator trust manage the security of An AWS account Recently an IAM users access key was mistakenly uploaded to a public code repository. The SysOps administrator must identity anything that was changed by using this access key.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all IAM events lo an AWS Lambda function for analysis
Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all IAM events lo an AWS Lambda function for analysis
Query Amazon EC2 togs by using Amazon CloudWatch Logs Insights for all events Heated with the compromised access key within the suspected timeframe
Query Amazon EC2 togs by using Amazon CloudWatch Logs Insights for all events Heated with the compromised access key within the suspected timeframe
Search AWS CloudTrail event history tor all events initiated with the compromised access key within the suspected timeframe
Search AWS CloudTrail event history tor all events initiated with the compromised access key within the suspected timeframe
Search VPC Flow Logs foe all events initiated with the compromised access key within the suspected Timeframe.
Search VPC Flow Logs foe all events initiated with the compromised access key within the suspected Timeframe.
Suggested answer: C
asked 16/09/2024
Scott Whitney
43 questions

Question 216

Report
Export
Collapse

A company maintains a large set of sensitive data in an Amazon S3 bucket. The company's security team asks a SyeOps administrator to help verify that all current objects in the S3 bucket are encrypted. What is the MOST operationally efficient solution that meets these requirements?

Create a script that runs against the S3 bucket and outputs the status of each object.
Create a script that runs against the S3 bucket and outputs the status of each object.
Create an S3 Inventory configuration on the S3 bucket Induce the appropriate status fields.
Create an S3 Inventory configuration on the S3 bucket Induce the appropriate status fields.
Provide the security team with an IAM user that has read access to the S3 bucket.
Provide the security team with an IAM user that has read access to the S3 bucket.
Use the AWS CLI to output a list of all objects in the S3 bucket.
Use the AWS CLI to output a list of all objects in the S3 bucket.
Suggested answer: B
asked 16/09/2024
Jonaid Alam
36 questions

Question 217

Report
Export
Collapse

A company has a high-performance Windows workload. The workload requires a storage volume mat provides consistent performance of 10.000 KDPS. The company does not want to pay for additional unneeded capacity to achieve this performance.

Which solution will meet these requirements with the LEAST cost?

Use a Provisioned IOPS SSD (lol) Amazon Elastic Block Store (Amazon EBS) volume that is configured with 10.000 provisioned IOPS
Use a Provisioned IOPS SSD (lol) Amazon Elastic Block Store (Amazon EBS) volume that is configured with 10.000 provisioned IOPS
Use a General Purpose SSD (gp3) Amazon Elastic Block Store (Amazon EBS) volume that is configured with 10.000 provisioned IOPS.
Use a General Purpose SSD (gp3) Amazon Elastic Block Store (Amazon EBS) volume that is configured with 10.000 provisioned IOPS.
Use an Amazon Elastic File System (Amazon EFS) file system w\ Max I/O mode.
Use an Amazon Elastic File System (Amazon EFS) file system w\ Max I/O mode.
Use an Amazon FSx for Windows Fife Server foe system that is configured with 10.000 IOPS
Use an Amazon FSx for Windows Fife Server foe system that is configured with 10.000 IOPS
Suggested answer: A
asked 16/09/2024
Ronald Stover
41 questions

Question 218

Report
Export
Collapse

A company has an application that is running on Amazon EC2 instances in a VPC. The application needs access to download software updates from the internet. The VPC has public subnets and private signets. The company's security policy requires all ECS instances to be deployed in private subnets What should a SysOps administrator do to meet those requirements?

Add an internet gateway to the VPC In the route table for the private subnets, odd a route to the interne; gateway.
Add an internet gateway to the VPC In the route table for the private subnets, odd a route to the interne; gateway.
Add a NAT gateway to a private subnet. In the route table for the private subnets, add a route to the NAT gateway.
Add a NAT gateway to a private subnet. In the route table for the private subnets, add a route to the NAT gateway.
Add a NAT gateway to a public subnet in the route table for the private subnets, add a route to the NAT gateway.
Add a NAT gateway to a public subnet in the route table for the private subnets, add a route to the NAT gateway.
Add two internet gateways to the VPC. In The route tablet for the private subnets and public subnets, add a route to each internet gateway.
Add two internet gateways to the VPC. In The route tablet for the private subnets and public subnets, add a route to each internet gateway.
Suggested answer: C
asked 16/09/2024
Andrea DG
35 questions

Question 219

Report
Export
Collapse

A SysOps administrator has successfully deployed a VPC with an AWS Cloud Formation template The SysOps administrator wants to deploy me same template across multiple accounts that are managed through AWS Organizations. Which solution will meet this requirement with the LEAST operational overhead?

Assume the OrganizationAccountAcccssKolc IAM role from the management account. Deploy the template in each of the accounts
Assume the OrganizationAccountAcccssKolc IAM role from the management account. Deploy the template in each of the accounts
Create an AWS Lambda function to assume a role in each account Deploy the template by using the AWS CloudFormation CreateStack API call
Create an AWS Lambda function to assume a role in each account Deploy the template by using the AWS CloudFormation CreateStack API call
Create an AWS Lambda function to query fc a list of accounts Deploy the template by using the AWS Cloudformation
Create an AWS Lambda function to query fc a list of accounts Deploy the template by using the AWS Cloudformation
CreateStack API call. Use AWS CloudFormation StackSets from the management account to deploy the template in each of the accounts
CreateStack API call. Use AWS CloudFormation StackSets from the management account to deploy the template in each of the accounts
Suggested answer: D

Explanation:

AWS CloudFormation StackSets extends the capability of stacks by enabling you to create, update, or delete stacks across multiple accounts and AWS Regions

asked 16/09/2024
Test Test
25 questions

Question 220

Report
Export
Collapse

A SysOps administrator must ensure that a company's Amazon EC2 instances auto scale as expected The SysOps administrator configures an Amazon EC2 Auto Scaling Lifecycle hook to send an event to Amazon EventBridge (Amazon CloudWatch Events), which then invokes an AWS Lambda function to configure the EC2 distances When the configuration is complete, the Lambda function calls the complete Lifecycle-action event to put the EC2 instances into service. In testing, the SysOps administrator discovers that the Lambda function is not invoked when the EC2 instances auto scale. What should the SysOps administrator do to reserve this issue?

Add a permission to the Lambda function so that it can be invoked by the EventBridge (CloudWatch Events) rule.
Add a permission to the Lambda function so that it can be invoked by the EventBridge (CloudWatch Events) rule.
Change the lifecycle hook action to CONTINUE if the lifecycle hook experiences a fa* we or timeout.
Change the lifecycle hook action to CONTINUE if the lifecycle hook experiences a fa* we or timeout.
Configure a retry policy in the EventBridge (CloudWatch Events) rule to retry the Lambda function invocation upon failure.
Configure a retry policy in the EventBridge (CloudWatch Events) rule to retry the Lambda function invocation upon failure.
Update the Lambda function execution role so that it has permission to call the complete lifecycleaction event
Update the Lambda function execution role so that it has permission to call the complete lifecycleaction event
Suggested answer: D
asked 16/09/2024
Steve Parnell
30 questions
Total 450 questions
Go to page: of 45
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The company needs a shared file solution for EC2 Windows instances in a Multi-AZ deployment that uses native Windows storage capabilities and maximizes consistency.
After creating a presigned URL for an S3 object, users can no longer access the file after a few days.
A company has an AWS Site-to-Site VPN connection between on-premises resources and resources that are hosted in a VPC. A SysOps administrator launches an Amazon EC2 instance that has only a private IP address into a private subnet in the VPC. The EC2 instance runs Microsoft Windows Server. A security group for the EC2 instance has rules that allow inbound traffic from the on-premises network over the VPN connection. The on-premises environment contains a third-party network firewall. Rules in the third-party network firewall allow Remote Desktop Protocol (RDP) traffic to flow between the on-premises users over the VPN connection. The on-premises users are unable to connect to the EC2 instance and receive a timeout error. What should the SysOps administrator do to troubleshoot this issue?
The SysOps administrator needs to complete the KMS key policy for least privilege read access for the DataEngineer role to decrypt S3 objects encrypted with a KMS key.
The SysOps administrator needs to deploy auditing software on all existing and new EC2 instances across multiple Regions, using AWS Systems Manager.
A company recently migrated its application to a VPC on AWS. An AWS Site-to-Site VPN connection connects the company's on-premises network to the VPC. The application retrieves customer data from another system that resides on premises. The application uses an on-premises DNS server to resolve domain records. After the migration, the application is not able to connect to the customer data because of name resolution errors. Which solution will give the application the ability to resolve the internal domain names?
A SysOps administrator is responsible for a legacy, CPU-heavy application. The application can only be scaled vertically. Currently, the application is deployed on a single t2. large Amazon EC2 instance. The system is showing 90% CPU usage and significant performance latency after a few minutes. What change should be made to alleviate the performance problem?
A SysOps administrator needs to share a new AMI with all accounts within an organization managed through AWS Organizations.
ASysOps administrator configures an application to run on Amazon EC2 instances behind an Application Load Balancer (ALB) in a simple scaling Auto Scaling group with the default settings. The Auto Scaling group is configured to use the RequestCountPerTarget metric for scaling. The SysOps administrator notices that the RequestCountPerTarget metric exceeded the specified limit twice in 180 seconds. How will the number of EC2 instances in this Auto Scaling group be affected in this scenario?
A SysOps administrator needs EC2 instances in a VPC to resolve DNS names for hosts in an on-premises data center.