Amazon AWS Certified SysOps Administrator - Associate SOA-C01
Prev

There are 439 results

Next
#201 (Accuracy: 100% / 1 votes)
An organization has created a Queue named `modularqueue` with SQS. The organization is not performing any operations such as SendMessage,
ReceiveMessage, DeleteMessage, GetQueueAttributes, SetQueueAttributes, AddPermission, and RemovePermission on the queue. What can happen in this scenario?
  • A. AWS SQS sends notification after 15 days for inactivity on queue
  • B. AWS SQS can delete queue after 30 days without notification
  • C. AWS SQS marks queue inactive after 30 days
  • D. AWS SQS notifies the user after 2 weeks and deletes the queue after 3 weeks.
#202 (Accuracy: 100% / 1 votes)
A user has two EC2 instances running in two separate regions. The user is running an internal memory management tool, which captures the data and sends it to
CloudWatch in US East, using a CLI with the same namespace and metric. Which of the below mentioned options is true with respect to the above statement?
  • A. The setup will not work as CloudWatch cannot receive data across regions
  • B. CloudWatch will receive and aggregate the data based on the namespace and metric
  • C. CloudWatch will give an error since the data will conflict due to two sources
  • D. CloudWatch will take the data of the server, which sends the data first
#203 (Accuracy: 100% / 1 votes)
A user has configured an HTTPS listener on an ELB. The user has not configured any security policy which can help to negotiate SSL between the client and ELB.
What will ELB do in this scenario?
  • A. By default, ELB will select the first version of the security policy
  • B. By default, ELB will select the latest version of the policy
  • C. ELB creation will fail without a security policy
  • D. It is not required to have a security policy since SSL is already installed
#204 (Accuracy: 100% / 1 votes)
An organization has created 10 IAM users. The organization wants each of the IAM users to have access to a separate DynamoDB table. All the users are added to the same group and the organization wants to setup a group level policy for this. How can the organization achieve this?
  • A. Define the group policy and add a condition which allows the access based on the IAM name
  • B. Create a DynamoDB table with the same name as the IAM user name and define the policy rule which grants access based on the DynamoDB ARN using a variable
  • C. Create a separate DynamoDB database for each user and configure a policy in the group based on the DB variable
  • D. It is not possible to have a group level policy which allows different IAM users to different DynamoDB Tables
#205 (Accuracy: 100% / 1 votes)
A storage admin wants to encrypt all the objects stored in S3 using server side encryption. The user does not want to use the AES 256 encryption key provided by
S3. How can the user achieve this?
  • A. The admin should upload his secret key to the AWS console and let S3 decrypt the objects
  • B. The admin should use CLI or API to upload the encryption key to the S3 bucket. When making a call to the S3 API mention the encryption key URL in each request
  • C. S3 does not support client supplied encryption keys for server side encryption
  • D. The admin should send the keys and encryption algorithm with each API call
#206 (Accuracy: 100% / 1 votes)
A user has provisioned 2000 IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of the below mentioned options does not affect the IOPS of the volume?
  • A. The application does not have enough IO for the volume
  • B. The instance is EBS optimized
  • C. The EC2 instance has 10 Gigabit Network connectivity
  • D. The volume size is too large
#207 (Accuracy: 100% / 1 votes)
An organization has configured Auto Scaling for hosting their application. The system admin wants to understand the Auto Scaling health check process. If the instance is unhealthy, Auto Scaling launches an instance and terminates the unhealthy instance. What is the order execution?
  • A. Auto Scaling launches a new instance first and then terminates the unhealthy instance
  • B. Auto Scaling performs the launch and terminate processes in a random order
  • C. Auto Scaling launches and terminates the instances simultaneously
  • D. Auto Scaling terminates the instance first and then launches a new instance
#208 (Accuracy: 100% / 1 votes)
A sys admin is using server side encryption with AWS S3. Which of the below mentioned statements helps the user understand the S3 encryption functionality?
  • A. The server side encryption with the user supplied key works when versioning is enabled
  • B. The user can use the AWS console, SDK and APIs to encrypt or decrypt the content for server side encryption with the user supplied key
  • C. The user must send an AES-128 encrypted key
  • D. The user can upload his own encryption key to the S3 console
#209 (Accuracy: 100% / 1 votes)
A user has configured ELB with Auto Scaling. The user suspended the Auto Scaling AlarmNotification which notifies Auto Scaling for CloudWatch alarms. process for a while. What will Auto Scaling do during this period?
  • A. AWS will not receive the alarms from CloudWatch
  • B. AWS will receive the alarms but will not execute the Auto Scaling policy
  • C. Auto Scaling will execute the policy but it will not launch the instances until the process is resumed
  • D. It is not possible to suspend the AlarmNotification process
#210 (Accuracy: 100% / 3 votes)
A company's Security team wants to track data encryption events across all company AWS accounts. The team wants to capture all AWS KMS events related to deleting or rotating customer master keys (CMKs) from all production AWS accounts. The KMS events will be sent to the Security team's AWS account for monitoring.
How can this be accomplished?
  • A. Create an AWS Lambda function that will run every few minutes in each production account, parse the KMS log for KMS events, and sent the information to an Amazon SQS queue managed by the Security team.
  • B. Create an event bus in the Security team's account, create a new Amazon CloudWatch Events rule that matches the KMS events in each production account, and then add the Security team's event bus as the target.
  • C. Set up AWS CloudTrail for KMS events in every production account, and have the logs sent to an Amazon S3 bucket that is managed by the Security team.
  • D. Create an AWS Config rule that checks for KMS keys that are in a pending deletion or rotated state in every production account, then send Amazon SNS notifications of any non-compliant KMS resources to the Security team.