Amazon AWS Certified SysOps Administrator - Associate SOA-C01
Prev

There are 439 results

Next
#171 (Accuracy: 100% / 1 votes)
A user is trying to connect to a running EC2 instance using SSH. However, the user gets a connection time out error. Which of the below mentioned options is not a possible reason for rejection?
  • A. The access key to connect to the instance is wrong
  • B. The security group is not configured properly
  • C. The private key used to launch the instance is not correct
  • D. The instance CPU is heavily loaded
#172 (Accuracy: 100% / 1 votes)
A SysOps Administrator needs to monitor all the object upload and download activity of a single Amazon S3 bucket. Monitoring must include tracking the AWS account of the caller, the IAM user role of the caller, the time of the API call, and the IP address of the API.
Where can the Administrator find this information?
  • A. AWS CloudTrail data event logging
  • B. AWS CloudTrail management event logging
  • C. Amazon Inspector bucket event logging
  • D. Amazon Inspector user event logging
#173 (Accuracy: 100% / 2 votes)
A company has a web application that is deployed in a VPC. Inbound traffic to this web application comes in through an internet gateway and arrives at a Network
Load Balancer (NLB). From there, the traffic travels to multiple Amazon EC2 instances in two private subnets. The company wants to perform deep packet inspection on the inbound traffic to identify potential hacking attempts.
Which solution meets these requirements?
  • A. Configure AWS Shield for the VPC.
  • B. Use AWS Network Firewall on the VPC. Configure Network Firewall to perform deep packet inspection.
  • C. Use AWS Network Firewall on the subnets. Configure Network Firewall to perform deep packet inspection.
  • D. Set up Traffic Mirroring on an inbound port of the NLB.
#174 (Accuracy: 100% / 1 votes)
A company wants to ensure that each department operates within their own isolated environment, and they are only able to use pre-approved services.
How can this requirement be met?
  • A. Set up an AWS Organization to create accounts for each department, and apply service control policies to control access to AWS services.
  • B. Create IAM roles for each department, and set policies that grant access to specific AWS services.
  • C. Use the AWS Service Catalog to create catalogs of AWS services that are approved for use by each department.
  • D. Request that each department create and manage its own AWS account and the resources within it.
#175 (Accuracy: 100% / 2 votes)
A web application's performance has been degrading. Historically, the application has had highly-variable workloads, but lately, there has been a steady growth in traffic as the result of a new product launch. After reviewing several Amazon CloudWatch metrics, it is discovered that over the last two weeks the balance of CPU credits has dropped to zero several times.
Which solutions will improve performance? (Choose two.)
  • A. Begin using the T2 instance type
  • B. Purchase more CPU credits for the existing instance
  • C. Increase the size of the current instance type
  • D. Configure a CloudWatch alarm on the CPU credits metric
#176 (Accuracy: 100% / 1 votes)
You are setting up security groups for both incoming traffic and outgoing traffic in your VPC net-work on the AWS CLI. Which of the following AWS CLI commands would you use for adding one or more incoming traffic rules to a security group?
  • A. authorize-security-group-egress
  • B. authorize-security-group-ingress
  • C. Grant-EC2SecurityGroupOutgress
  • D. Get-EC2SecurityGroup
#177 (Accuracy: 100% / 2 votes)
In a hardware security module (HSM), what is the function of a Transparent Data Encryption (TDE)?
  • A. To reduce the risk of confidential data theft
  • B. To decrease latency
  • C. To store SSL certificates
  • D. To provide backup
#178 (Accuracy: 100% / 1 votes)
A user has enabled instance protection for his Auto Scaling group that has spot instances. If Auto Scaling wants to terminate an instance in this Auto Scaling group due to a CloudWatch trigger unre-lated to bid price, what will happen?
  • A. Auto Scaling will notify the user for the next action
  • B. Auto Scaling will remove the instance from the Auto Scaling Group
  • C. Auto Scaling overwrites the instance termination attribute and terminates the instances
  • D. The EC2 instance will not be terminated since instance protection from scale-in is enabled.
#179 (Accuracy: 100% / 1 votes)
______ in VPC are stateful where return traffic is automatically allowed, regardless of any rules.
  • A. Security groups
  • B. Availability Zones
  • C. Network ACLs
  • D. Geo Redundant Servers
#180 (Accuracy: 100% / 1 votes)
A user is trying to connect to a running EC2 instance using SSH. However, the user gets a Host key not found error. Which of the below mentioned options is a possible reason for rejection?
  • A. The user has provided the wrong user name for the OS login
  • B. The instance CPU is heavily loaded
  • C. The security group is not configured properly
  • D. The access key to connect to the instance is wrong