Amazon AWS Certified SysOps Administrator - Associate SOA-C01
Prev

There are 439 results

Next
#291 (Accuracy: 100% / 2 votes)
A company developed and now runs a memory-intensive application on multiple Amazon EC2 Linux instances. The memory utilization metrics of the EC2 Linux instances must be monitored every minute.
How should the SysOps Administrator publish the memory metrics? (Choose two.)
  • A. Enable detailed monitoring on the instance within Amazon CloudWatch
  • B. Publish the memory metrics to Amazon CloudWatch Events
  • C. Publish the memory metrics using the Amazon CloudWatch agent
  • D. Publish the memory metrics using Amazon CloudWatch Logs
  • E. Set metrics_collection_interval to 60 seconds
#292 (Accuracy: 100% / 2 votes)
A SysOps Administrator has an AWS CloudFormation template of the company's existing infrastructure in us-west-2. The Administrator attempts to use the template to launch a new stack in eu-west-1, but the stack only partially deploys, receives an error message, and then rolls back.
Why would this template fail to deploy? (Choose two.)
  • A. The template referenced an IAM user that is not available in eu-west-1
  • B. The template referenced an Amazon Machine Image (AMI) that is not available in eu-west-1
  • C. The template did not have the proper level of permissions to deploy the resources
  • D. The template requested services that do not exist in eu-west-1
  • E. CloudFormation templates can be used only to update existing services
#293 (Accuracy: 100% / 2 votes)
A company wants to increase the availability and durability of a critical business application. The application currently uses a MySQL database running on an
Amazon EC2 instance. The company wants to minimize application changes.
How should the company meet these requirements?
  • A. Shut down the EC2 instance. Enable multi-AZ replication within the EC2 instance, then restart the instance.
  • B. Launch a secondary EC2 instance running MySQL. Configure a cron job that backs up the database on the primary EC2 instance and copies it to the secondary instance every 30 minutes.
  • C. Migrate the database to an Amazon RDS Aurora DB instance and create a Read Replica in another Availability Zone.
  • D. Create an Amazon RDS Microsoft SQL DB instance and enable multi-AZ replication. Back up the existing data and import it into the new database.
#294 (Accuracy: 100% / 2 votes)
A company wants to reduce costs across the entire company after discovering that several AWS accounts were using unauthorized services and incurring extremely high costs.
Which AWS service enables the company to reduce costs by controlling access to AWS services for all AWS accounts?
  • A. AWS Cost Explorer
  • B. AWS Config
  • C. AWS Organizations
  • D. AWS Budgets
#295 (Accuracy: 100% / 2 votes)
A SysOps Administrator is trying to set up an Amazon Route 53 domain name to route traffic to a website hosted on Amazon S3. The domain name of the website is www.anycompany.com and the S3 bucket name is anycompany-static. After the record set is set up in Route 53, the domain name www.anycompany.com does not seem to work, and the static website is not displayed in the browser.
Which of the following is a cause of this?
  • A. The S3 bucket must be configured with Amazon CloudFront first
  • B. The Route 53 record set must have an IAM role that allows access to the S3 bucket
  • C. The Route 53 record set must be in the same region as the S3 bucket
  • D. The S3 bucket name must match the record set name in Route 53
#296 (Accuracy: 100% / 2 votes)
A company issued SSL certificates to its users, and needs to ensure the private keys that are used to sign the certificates are encrypted. The company needs to be able to store the private keys and perform cryptographic signing operations in a secure environment.
Which service should be used to meet these requirements?
  • A. AWS CloudHSM
  • B. AWS KMS
  • C. AWS Certificate Manager
  • D. Amazon Connect
#297 (Accuracy: 100% / 1 votes)
A SysOps Administrator observes a large number of rogue HTTP requests on an Application Load Balancer (ALB). The requests originate from various IP addresses.
Which action should be taken to block this traffic?
  • A. Use Amazon CloudFront to cache the traffic and block access to the web servers
  • B. Use Amazon GuardDuty to protect the web servers from bots and scrapers
  • C. Use AWS Lambda to analyze the web server logs, detect bot traffic, and block the IP address in the security groups
  • D. Use AWS WAF rate-based blacklisting to block this traffic when it exceeds a defined threshold
#298 (Accuracy: 100% / 1 votes)
A company is using AWS Storage Gateway to create block storage volumes and mount them as Internet Small Computer Systems Interface (iSCSI) devices from on-premises servers. As the Storage Gateway has taken on several new projects, some of the Development teams report that the performance of the iSCSI drives has degraded. When checking the Amazon CloudWatch metrics, a SysOps Administrator notices that the CacheHitPercent metric is below 60% and the
CachePercentUsed metric is above 90%.
What steps should the Administrator take to increase Storage Gateway performance?
  • A. Change the default block size for the Storage Gateway from 64 KB to 128 KB, 256 KB, or 512 KB to improve I/O performance.
  • B. Create a larger disk for the cached volume. In the AWS Management Console, edit the local disks, then select the new disk as the cached volume.
  • C. Ensure that the physical disks for the Storage Gateway are in a RAID 1 configuration to allow higher throughput.
  • D. Take point-in-time snapshots of all the volumes in Storage Gateway, flush the cache completely, then restore the volumes from the clean snapshots.
#299 (Accuracy: 100% / 2 votes)
A Development team is designing an application that processes sensitive information within a hybrid deployment. The team needs to ensure the application data is protected both in transit and at rest.
Which combination of actions should be taken to accomplish this? (Choose two.)
  • A. Use a VPN to set up a tunnel between the on-premises data center and the AWS resources
  • B. Use AWS Certificate Manager to create TLS/SSL certificates
  • C. Use AWS CloudHSM to encrypt the data
  • D. Use AWS KMS to create TLS/SSL certificates
  • E. Use AWS KMS to manage the encryption keys used for data encryption
#300 (Accuracy: 100% / 3 votes)
A security researcher has published a new Common Vulnerabilities and Exposures (CVE) report that impacts a popular operating system. A SysOps Administrator is concerned with the new CVE report and wants to patch the company's systems immediately. The administrator contacts AWS Support and requests the patch be applied to all Amazon EC2 instances.
How will AWS respond to this request?
  • A. AWS will apply the patch during the next maintenance window, and will provide the Administrator with a report of all patched EC2 instances.
  • B. AWS will relaunch the EC2 instances with the latest version of the Amazon Machine Image (AMI), and will provide the Administrator with a report of all patched EC2 instances.
  • C. AWS will research the vulnerability to see if the Administrator's operating system is impacted, and will patch the EC2 instances that are affected.
  • D. AWS will review the shared responsibility model with the Administrator and advise them regarding how to patch the EC2 instances.