ExamGecko
Search Search Login
Home Home / Amazon / SOA-C02

Amazon SOA-C02 Practice Test - Questions Answers, Page 39

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company's application on EC2 instances relies on a Single-AZ RDS for MySQL DB instance. The SysOps administrator needs to ensure failover to minimize downtime.
A SysOps administrator creates two VPCs, VPC1 and VPC2, in a company's AWS account The SysOps administrator deploys a Linux Amazon EC2 instance in VPC1 and deploys an Amazon RDS for MySQL DB instance in VPC2. The DB instance is deployed in a private subnet. An application that runs on the EC2 instance needs to connect to the database. What should the SysOps administrator do to give the EC2 instance the ability to connect to the database?
A company needs to monitor the disk utilization of Amazon Elastic Block Store (Amazon EBS) volumes The EBS volumes are attached to Amazon EC2 Linux Instances A SysOps administrator must set up an Amazon CloudWatch alarm that provides an alert when disk utilization increases to more than 80%. Which combination of steps must the SysOps administrator lake lo meet these requirements? (Select THREE.)
A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances on AWS. A SysOps administrator needs to keep the instances and all of the instances' data, even if someone deletes the stack. Which solution will meet these requirements?
A SysOps administrator is optimizing the cost of a workload. The workload is running in multiple AWS Regions and is using AWS Lambda with Amazon EC2 On-Demand Instances for the compute. The overall usage is predictable. The amount of compute that is consumed in each Region varies, depending on the users' locations. Which approach should the SysOps administrator use to optimize this workload?
The SysOps administrator must dynamically reference the latest AMI ID from Systems Manager Parameter Store in CloudFormation templates for new AMI versions.
A company has an application that collects notifications from thousands of alarm systems. The notifications include alarm notifications and information notifications. The information notifications include the system arming processes, disarming processes, and sensor status. All notifications are kept as messages in an Amazon Simple Queue Service (Amazon SQS) queue. Amazon EC2 instances that are in an Auto Scaling group process the messages. A SysOps administrator needs to implement a solution that prioritizes alarm notifications over information notifications. Which solution will meet these requirements?
A team of developers is using several Amazon S3 buckets as centralized repositories. Users across the world upload large sets of files to these repositories. The development team's applications later process these files. A SysOps administrator sets up a new S3 bucket. DOC-EXAMPLE-BUCKET, to support a new workload. The new S3 bucket also receives regular uploads of large sets of files from users worldwide. When the new S3 bucket is put into production, the upload performance from certain geographic areas is lower than the upload performance that the existing S3 buckets provide. What should the SysOps administrator do to remediate this issue?
The SysOps administrator must modify the AWS Config rule that deletes noncompliant SSH inbound rules to update the rule to allow SSH from specific trusted IP addresses instead.
The SysOps administrator needs to address high disk I/O issues during EC2 instance bootstrap in an Auto Scaling group.

Question 381

Report
Export
Collapse

Users of a company's internal web application recently experienced application performance issues for a brief period The application includes frontend web servers that run in an Amazon Elastic Kubernetes Service (Amazon EKS) cluster The application also includes a bacKend Amazon Aurora PostgreSQL DB cluster that includes one DB instance.

A SysOps administrator determines that the source of the performance issues was high utilization of the DB cluster. The single writer instance experienced more than 90% utilization for 11 minutes The cause of the high utilization was an automated report that is scheduled to run one time each week

What should the SysOps administrator do to ensure that users do not experience performance Issues each week when the report runs?

A.
Increase the size of the DB instance. Monitor the performance during the next scheduled run of the report
A.
Increase the size of the DB instance. Monitor the performance during the next scheduled run of the report
Answers
B.
Add a reader instance. Change the database connection string of the report application to use the newly created reader instance.
B.
Add a reader instance. Change the database connection string of the report application to use the newly created reader instance.
Answers
C.
Add another writer instance Change the database connection string of the report application to use the newly created writer instance.
C.
Add another writer instance Change the database connection string of the report application to use the newly created writer instance.
Answers
D.
Configure auto scaling for the DB cluster Set the minimum capacity units, maximum capacity units, and target utilization
D.
Configure auto scaling for the DB cluster Set the minimum capacity units, maximum capacity units, and target utilization
Answers
Suggested answer: A

Explanation:

Increasing DB Instance Size:

Increasing the instance size provides more CPU and memory resources, which can help handle higher loads.

Steps:

Go to the AWS Management Console.

Navigate to RDS and select the DB instance.

Modify the instance to increase its size.

Apply the changes during the next maintenance window or immediately if it is a critical issue.

Monitoring Performance:

After resizing, monitor the instance during the next report run to ensure that it handles the load effectively.

Question 382

Report
Export
Collapse

A company is using AWS to deploy a critical application on a fleet of Amazon EC2 instances The company is rewriting the application because the application failed a security review The application will take 12 months to rewrite While this rewrite happens, the company needs to rotate IAM access keys that the application uses.

A SysOps administrator must implement an automated solution that finds and rotates IAM access Keys that are at least 30 days old. The solution must then continue to rotate the IAM access Keys every 30 days.

Which solution will meet this requirement with the MOST operational efficiency?

A.
Use an AWS Config rule to identify IAM access Keys that are at least 30 days old. Configure AWS Config to invoKe an AWS Systems Manager Automation runbook to rotate the identified IAM access keys.
A.
Use an AWS Config rule to identify IAM access Keys that are at least 30 days old. Configure AWS Config to invoKe an AWS Systems Manager Automation runbook to rotate the identified IAM access keys.
Answers
B.
Use AWS Trusted Advisor to identify IAM access Keys that are at least 30 days old. Configure Trusted Advisor to invoke an AWS Systems Manager Automation runbook to rotate the identified IAM access keys
B.
Use AWS Trusted Advisor to identify IAM access Keys that are at least 30 days old. Configure Trusted Advisor to invoke an AWS Systems Manager Automation runbook to rotate the identified IAM access keys
Answers
C.
Create a script that checks the age of IAM access Keys and rotates them if they are at least 30 days old. Launch an EC2 instance. Schedule the script to run as a cron expression on the EC2 instance every day.
C.
Create a script that checks the age of IAM access Keys and rotates them if they are at least 30 days old. Launch an EC2 instance. Schedule the script to run as a cron expression on the EC2 instance every day.
Answers
D.
Create an AWS Lambda function that checks the age of IAM access keys and rotates them if they are at least 30 days old Use an Amazon EventBridge rule to invoke the Lambda function every time a new IAM access key is created.
D.
Create an AWS Lambda function that checks the age of IAM access keys and rotates them if they are at least 30 days old Use an Amazon EventBridge rule to invoke the Lambda function every time a new IAM access key is created.
Answers
Suggested answer: D

Explanation:

Lambda Function to Rotate IAM Access Keys:

A Lambda function can be used to automate the rotation of IAM access keys based on their age.

Steps:

Write a Lambda function that checks the age of IAM access keys.

The function should rotate keys that are at least 30 days old.

Deploy the Lambda function.

Amazon EventBridge Rule:

EventBridge can trigger the Lambda function periodically and when a new key is created.

Steps:

Create an EventBridge rule that triggers the Lambda function on a schedule (e.g., daily) and on IAM key creation events.

Question 383

Report
Export
Collapse

A company receives an alert from an Amazon CloudWatch alarm The alarm indicates that a web application that Is running on Amazon EC2 instances is not responding to requests The EC2 instances have a Red Hat Enterprise Linux operating system and are in an Auto Scaling group. The Auto Scaling group has a minimum capacity of 2 and a maximum capacity of 5.

An Investigation reveals that the web application is experiencing oul-of-memory errors. The company adds memory lo the web application and wants to track operating system memory utilization. A CloudWatch memory metric does not currently exist tor the EC2 Instances in the Auto Scaling group

What should a SysOps administrator do to provide a CloudWatch memory metric for the EC2 instances?

A.
Use an Amazon Machine Image (AMI) that includes the CloudWatch agent.
A.
Use an Amazon Machine Image (AMI) that includes the CloudWatch agent.
Answers
B.
Turn on CloudWatch detailed monitoring
B.
Turn on CloudWatch detailed monitoring
Answers
C.
Turn on Instance Metadata Service Version 2 (IMOSv2).
C.
Turn on Instance Metadata Service Version 2 (IMOSv2).
Answers
D.
Use an Amazon Machine Image (AMI) that is based on Amazon Linux.
D.
Use an Amazon Machine Image (AMI) that is based on Amazon Linux.
Answers
Suggested answer: A

Explanation:

Using an AMI with CloudWatch Agent:

The CloudWatch agent can collect memory utilization metrics and send them to CloudWatch.

Steps:

Create or use an existing AMI that includes the CloudWatch agent installed and configured.

Ensure the CloudWatch agent is configured to collect memory metrics.

Use this AMI for instances in the Auto Scaling group.

Question 384

Report
Export
Collapse

A company is using an Amazon CloudWatch alarm lo monitor the FreeLocalStorage metric for an Amazon Aurora PostgreSQL production database The alarm goes into ALARM state and indicates that the database is running low on temporary storage. A SysOps administrator discovers that a weekly report is using most of the temporary storage that is currently allocated.

What should the SysOps administrator do to solve this problem?

A.
Turn on Aurora PostgreSQL query plan management.
A.
Turn on Aurora PostgreSQL query plan management.
Answers
B.
Modify the configuration of the DB cluster to turn on storage auto scaling.
B.
Modify the configuration of the DB cluster to turn on storage auto scaling.
Answers
C.
Add an Aurora read replica to the DB cluster. Modify the report lo use the new read replica.
C.
Add an Aurora read replica to the DB cluster. Modify the report lo use the new read replica.
Answers
D.
Modify the DB instance class for each DB instance In the DB cluster to increase the instance size.
D.
Modify the DB instance class for each DB instance In the DB cluster to increase the instance size.
Answers
Suggested answer: B

Explanation:

Storage Auto Scaling:

Aurora storage auto scaling automatically increases the storage capacity of the database cluster when free storage space is running low.

Steps:

Go to the AWS Management Console.

Navigate to RDS and select your Aurora DB cluster.

Modify the DB cluster configuration to enable storage auto scaling.

Apply the changes.

Question 385

Report
Export
Collapse

A SysOps administrator is responsible for more than 50 Amazon EC2 instances mat are deployed in a single production AWS account The EC2 instances are running several different operating systems The company's standards require patching to be completed at least once a month.

The SysOps administrator wants to use AWS Systems Manager to reduce the number of hours the company spends on operating system patching each month.

Which combination of steps should the SysOps administrator take to meet these requirements? (Select THREE.)

A.
Group similar EC2 instances together into resource groups by using AWS Resource Groups
A.
Group similar EC2 instances together into resource groups by using AWS Resource Groups
Answers
B.
Create a schedule in Systems Manager Patch Manager. Specify the appropriate resource group as the target
B.
Create a schedule in Systems Manager Patch Manager. Specify the appropriate resource group as the target
Answers
C.
Specify Systems Manager Automation runbooks to patch the operating systems. Register the runbooks as tasks in the maintenance window. Specify the appropriate resource group as the target
C.
Specify Systems Manager Automation runbooks to patch the operating systems. Register the runbooks as tasks in the maintenance window. Specify the appropriate resource group as the target
Answers
D.
Create a Systems Manager Automation runbook to monitor and control the state of the patches required. Apply the runbook to Systems Manager Patch Manager
D.
Create a Systems Manager Automation runbook to monitor and control the state of the patches required. Apply the runbook to Systems Manager Patch Manager
Answers
E.
Create a single Systems Manager maintenance window for each resource group.
E.
Create a single Systems Manager maintenance window for each resource group.
Answers
F.
Configure Systems Manager Fleet Manager to apply a Systems Manager Automation runbook to the appropriate resource group.
F.
Configure Systems Manager Fleet Manager to apply a Systems Manager Automation runbook to the appropriate resource group.
Answers
Suggested answer: A, B, E

Explanation:

Group EC2 Instances Using Resource Groups:

Resource groups help organize and manage AWS resources based on tags and other criteria.

Steps:

Go to the AWS Management Console.

Navigate to AWS Resource Groups.

Create resource groups for similar EC2 instances based on tags or other criteria.

Create a Schedule in Patch Manager:

AWS Systems Manager Patch Manager automates the process of patching managed instances.

Steps:

Go to the AWS Management Console.

Navigate to Systems Manager and select Patch Manager.

Create a patch baseline if not already created.

Create a schedule for patching and specify the resource group as the target.

Create Maintenance Windows for Resource Groups:

Maintenance windows define a period of time for performing administrative tasks on instances.

Steps:

Go to the AWS Management Console.

Navigate to Systems Manager and select Maintenance Windows.

Create a maintenance window for each resource group.

Specify tasks and targets (resource groups) for each maintenance window.

Question 386

Report
Export
Collapse

A company uses AWS Cloud Formation to deploy its infrastructure. The company recently retired an application. A cloud operations engineer initiates CloudFormation stack deletion, and the stack gets stuck in DELETE FAILED status.

A SysOps administrator discovers that the stack had deployed a security group. The security group is referenced by other security groups in the environment. The SysOps administrator needs to delete the stack without affecting other applications.

Which solution will meet these requirements m the MOST operationally efficient manner?

A.
Create a new security group that has a different name Apply identical rules to the new security group. Replace all other security groups that reference the new security group. Delete the stack.
A.
Create a new security group that has a different name Apply identical rules to the new security group. Replace all other security groups that reference the new security group. Delete the stack.
Answers
B.
Create a CloudFormation change set to delete the security group. Deploy the change set.
B.
Create a CloudFormation change set to delete the security group. Deploy the change set.
Answers
C.
Delete the stack again. Specify that the security group be retained.
C.
Delete the stack again. Specify that the security group be retained.
Answers
D.
Perform CloudFormation drift detection Delete the stack.
D.
Perform CloudFormation drift detection Delete the stack.
Answers
Suggested answer: C

Explanation:

Retain the Security Group:

When deleting a CloudFormation stack, you can specify resources to be retained instead of deleted.

Steps:

Go to the AWS Management Console.

Navigate to CloudFormation and select the stack.

Choose to delete the stack.

In the deletion options, specify that the security group should be retained.

This will delete the stack but keep the security group, ensuring no impact on other applications.

Question 387

Report
Export
Collapse

A company's architeclure team must receive immediate email notification whenever new Amazon EC2 Instances are launched In the company's main AWS production account

What should a SysOps administrator do to meet this requirement?

A.
Create a user data script that sends an email message through a smarx host connector Include the architecture team's email address in the user data script as the recipient. Ensure that all new EC2 instances include the user data script as part of a standardized build process.
A.
Create a user data script that sends an email message through a smarx host connector Include the architecture team's email address in the user data script as the recipient. Ensure that all new EC2 instances include the user data script as part of a standardized build process.
Answers
B.
Create an Amazon Simple Notification Service (Amazon SNS) topic and a subscription that uses the email protocol. Enter (he architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched Specify the SNS topic as the rule's target
B.
Create an Amazon Simple Notification Service (Amazon SNS) topic and a subscription that uses the email protocol. Enter (he architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched Specify the SNS topic as the rule's target
Answers
C.
Create an Amazon Simple Queue Service (Amazon SOS) queue and a subscription that uses the email protocol Enter the architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched Specify the SOS queue as the rule's target
C.
Create an Amazon Simple Queue Service (Amazon SOS) queue and a subscription that uses the email protocol Enter the architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched Specify the SOS queue as the rule's target
Answers
D.
Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure AWS Systems Manager to publish EC2 events to the SNS topic. Create an AWS Lambda function to poll the SNS topic. Configure the Lambda function to send any messages to the architecture team's email address.
D.
Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure AWS Systems Manager to publish EC2 events to the SNS topic. Create an AWS Lambda function to poll the SNS topic. Configure the Lambda function to send any messages to the architecture team's email address.
Answers
Suggested answer: B

Explanation:

Create an SNS Topic and Subscription:

Amazon SNS allows you to send notifications to multiple endpoints.

Steps:

Go to the AWS Management Console.

Navigate to SNS and create a new topic.

Create a subscription for the topic using the email protocol.

Enter the architecture team's email address as the subscriber.

Create an EventBridge Rule:

Amazon EventBridge can monitor events and trigger actions.

Steps:

Go to the AWS Management Console.

Navigate to EventBridge.

Create a new rule that reacts to EC2 instance launch events.

Specify the SNS topic as the rule's target.

Question 388

Report
Export
Collapse

A SysOps administrator needs to update an AWS accoun1 name What should the SysOps administrator do to accomplish this goal?

A.
Add the Administrator Access policy to the SysOps administrator's 1AM user.
A.
Add the Administrator Access policy to the SysOps administrator's 1AM user.
Answers
B.
Add the AWS_ConfigRole policy to the SysOps administrator's 1AM user.
B.
Add the AWS_ConfigRole policy to the SysOps administrator's 1AM user.
Answers
C.
Change the AWS account name through the AWS Trusted Advisor interface.
C.
Change the AWS account name through the AWS Trusted Advisor interface.
Answers
D.
Sign in as the AWS account root user to make the change.
D.
Sign in as the AWS account root user to make the change.
Answers
Suggested answer: D

Explanation:

Update AWS Account Name:

The AWS account name can only be changed by the root user of the account.

Steps:

Sign in to the AWS Management Console using the root user credentials.

Navigate to the 'My Account' page.

Update the account name field and save the changes.

Question 389

Report
Export
Collapse

A SysOps administrator needs to create a report that shows how many bytes are sent to and received from each target group member for an Application Load Balancer (ALB).

Which combination of steps should the SysOps administrator take to meet these requirements? (Select TWO.)

A.
Enable access logging for the ALB. Save the logs to an Amazon S3 bucket.
A.
Enable access logging for the ALB. Save the logs to an Amazon S3 bucket.
Answers
B.
Install the Amazon CloudWatch agent on the Instances in the target group.
B.
Install the Amazon CloudWatch agent on the Instances in the target group.
Answers
C.
Use Amazon Athena to query the ALB logs Query the table Use the received_bytes and senl_byt.es fields to calculate the total bytes grouped by the target:port field.
C.
Use Amazon Athena to query the ALB logs Query the table Use the received_bytes and senl_byt.es fields to calculate the total bytes grouped by the target:port field.
Answers
D.
Use Amazon Athena to query the ALB logs Query the table. Use the received_bytes and sent_byt.es fields to calculate the total bytes grouped by the clientport field
D.
Use Amazon Athena to query the ALB logs Query the table. Use the received_bytes and sent_byt.es fields to calculate the total bytes grouped by the clientport field
Answers
E.
Create an Amazon CloudWatch dashboard that shows the Sum statistic of the ProcessedBytes metric for the ALB.
E.
Create an Amazon CloudWatch dashboard that shows the Sum statistic of the ProcessedBytes metric for the ALB.
Answers
Suggested answer: A, C

Explanation:

Enable Access Logging for the ALB:

Access logging provides detailed information about requests sent to your load balancer.

Steps:

Go to the AWS Management Console.

Navigate to EC2 and select 'Load Balancers.'

Select your Application Load Balancer.

Under the 'Attributes' tab, enable 'Access logs.'

Specify an S3 bucket where the logs will be saved.

Use Amazon Athena to Query the ALB Logs:

Athena allows you to run SQL queries on data stored in S3.

Steps:

Go to the AWS Management Console.

Navigate to Athena.

Create a table for the ALB logs using the appropriate schema.

Run queries to calculate the total bytes sent and received, grouped by the target field.

Example query:

SELECT target, SUM(received_bytes) as total_received, SUM(sent_bytes) as total_sent

FROM alb_logs

GROUP BY target, port

Question 390

Report
Export
Collapse

A SysOps administrator must ensure that all of a company's current and future Amazon S3 buckets have logging enabled If an S3 bucket does not have logging enabled an automated process must enable logging for the S3 bucket.

Which solution will meet these requirements?

A.
Use AWS Trusted Advisor 10 perform a check for S3 buckets that do not have logging enabled Configure the check to enable logging for S3 buckets that do not have logging enabled.
A.
Use AWS Trusted Advisor 10 perform a check for S3 buckets that do not have logging enabled Configure the check to enable logging for S3 buckets that do not have logging enabled.
Answers
B.
Configure an S3 bucket policy that requires all current and future S3 buckets to have logging enabled
B.
Configure an S3 bucket policy that requires all current and future S3 buckets to have logging enabled
Answers
C.
Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses an AWS Lambda function to enable logging.
C.
Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses an AWS Lambda function to enable logging.
Answers
D.
Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses the AWS-ConfigureS3BucketLoggmg AWS Systems Manager Automation runbook to enable logging.
D.
Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses the AWS-ConfigureS3BucketLoggmg AWS Systems Manager Automation runbook to enable logging.
Answers
Suggested answer: C, D

Explanation:

AWS Config Managed Rule for S3 Logging:

The s3-bucket-logging-enabled AWS Config rule checks whether S3 buckets have logging enabled.

Steps:

Go to the AWS Management Console.

Navigate to AWS Config.

Create a rule using s3-bucket-logging-enabled.

Add a remediation action using an AWS Lambda function or Systems Manager Automation runbook.

Using AWS Lambda for Remediation:

Create a Lambda function that enables logging on S3 buckets.

Steps:

Write a Lambda function in Python or Node.js to enable logging.

Configure the function to trigger on non-compliant buckets.

Using AWS Systems Manager Automation:

The AWS-ConfigureS3BucketLogging runbook automates enabling logging.

Steps:

Go to the AWS Management Console.

Navigate to Systems Manager.

Create an Automation document or use the existing AWS-ConfigureS3BucketLogging runbook.

Configure the remediation action to use this runbook.

Total 425 questions
Go to page: of 43
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms