Amazon AWS Certified SysOps Administrator - Associate SOA-C01
Prev

There are 439 results

Next
#131 (Accuracy: 100% / 1 votes)
Amazon EBS snapshots have which of the following two characteristics? (Choose two.)
  • A. EBS snapshots only save incremental changes from snapshot to snapshot
  • B. EBS snapshots can be created in real-time without stopping an EC2 instance
  • C. EBS snapshots can only be restored to an EBS volume of the same size or smaller
  • D. EBS snapshots can only be restored and mounted to an instance in the same Availability Zone as the original EBS volume
#132 (Accuracy: 100% / 1 votes)
Which of the following does Amazon S3 provide?
  • A. A virtual server in the cloud
  • B. A highly-scalable cloud storage
  • C. A highly encrypted virtual disk in the cloud
  • D. A transient storage in the cloud
#133 (Accuracy: 100% / 1 votes)
The information within an IAM policy is described through a series of ______.
  • A. elements
  • B. macros
  • C. classes
  • D. namespaces
#134 (Accuracy: 100% / 1 votes)
When an EC2 EBS-backed (EBS root) instance is stopped, what happens to the data on any ephemeral store volumes?
  • A. Data will be deleted and win no longer be accessible
  • B. Data is automatically saved in an EBS volume.
  • C. Data is automatically saved as an EBS snapshot
  • D. Data is unavailable until the instance is restarted
#135 (Accuracy: 100% / 1 votes)
Spot instances are ideally designed for which purpose below?
  • A. Running database instances that can scale up and down based on a specific workload.
  • B. Running long duration and highly transactional applications.
  • C. For building distributed fault tolerant databases under a tight deadline.
  • D. Taking advantage of excess EC2 capacity at prices below standard on-demand rates, for short duration jobs.
#136 (Accuracy: 100% / 1 votes)
A security officer has requested that internet access be removed from subnets in a VPC. The subnets currently route internet-bound traffic to a NAT gateway. A
SysOps administrator needs to remove this access while allowing access to Amazon S3.
Which solution will meet these requirements?
  • A. Set up an internet gateway. Update the route table on the subnets to use the internet gateway to route traffic to Amazon S3.
  • B. Set up an S3 VPC gateway endpoint. Update the route table on the subnets to use the gateway endpoint to route traffic to Amazon S3.
  • C. Set up additional NAT gateways in each Availability Zone. Update the route table on the subnets to use the NAT gateways to route traffic to Amazon S3.
  • D. Set up an egress-only internet gateway. Update the route table on the subnets to use the egress-only internet gateway to route traffic to Amazon S3.
#137 (Accuracy: 100% / 2 votes)
A user needs to put sensitive data in an Amazon S3 bucket that can be accessed through an S3 VPC endpoint only. The user must ensure that resources in the
VPC can only access the single S3 bucket.
Which combination of actions will meet the requirements? (Choose two.)
  • A. Configure the bucket policy to only allow access through the S3 Private Endpoint.
  • B. Modify the VPC endpoint policy on the bucket to only allow the VPC to access it.
  • C. Modify the VPC peering configuration to only allow access to the S3 private Endpoint.
  • D. Configure the VPC endpoint policy to only allow the VPC to access the specific S3 bucket.
  • E. Configure the IAM policy attached to the S3 bucket to only allow access from the specific VPC.
#138 (Accuracy: 100% / 1 votes)
A SysOps Administrator is attempting to use AWS Systems Manager Session Manager to initiate a SSH session with an Amazon EC2 instance running on a custom Linux Amazon Machine Image (AMI). The Administrator cannot find the target instance in the Session Manager console.
Which combination of actions will solve this issue? (Choose two.)
  • A. Add Systems Manager permissions to the instance profile.
  • B. Configure the bucket used by Session Manager logs to allow write access.
  • C. Install Systems Manager Agent on the instance.
  • D. Modify the instance security group to allow inbound traffic on SSH port 22.
  • E. Reboot the instance with a new SSH key pair named ssm-user.
#139 (Accuracy: 100% / 1 votes)
An organization stores sensitive customer in S3 buckets protected by bucket policies. Recently, there have been reports that unauthorized entities within the company have been trying to access the data on those S3 buckets. The Chief Information Security Officer (CISO) would like to know which buckets are being targeted and determine who is responsible for trying to access that information.
Which steps should a SysOps Administrator take to meet the CISO's requirement? (Choose two.)
  • A. Enable Amazon S3 Analytics on all affected S3 buckets to obtain a report of which buckets are being accessed without authorization.
  • B. Enable Amazon S3 Server Access Logging on all affected S3 buckets and have the logs stored in a bucket dedicated for logs.
  • C. Use Amazon Athena to query S3 Analytics report for HTTP 403 errors, and determine the IAM user or role making the requests.
  • D. Use Amazon Athena to query the S3 Server Access Logs for HTTP 403 errors, and determine the IAM user or role making the requests.
  • E. Use Amazon Athena to query the S3 Server Access Logs for HTTP 503 errors, and determine the IAM user or role making the requests.
#140 (Accuracy: 100% / 1 votes)
A user is trying to setup a recurring Auto Scaling process. The user has setup one process to scale up every day at 8 am and scale down at 7 PM. The user is trying to setup another recurring process which scales up on the 1st of every month at 8 AM and scales down the same day at 7 PM. What will Auto Scaling do in this scenario?
  • A. Auto Scaling will execute both processes but will add just one instance on the 1st
  • B. Auto Scaling will add two instances on the 1st of the month
  • C. Auto Scaling will schedule both the processes but execute only one process randomly
  • D. Auto Scaling will throw an error since there is a conflict in the schedule of two separate Auto Scaling Processes