Amazon AWS Certified SysOps Administrator - Associate SOA-C01
Prev

There are 439 results

Next
#301 (Accuracy: 100% / 2 votes)
A company has deployed a NAT instance to allow web servers to obtain software updates from the internet. There is high latency on the NAT instance as the network grows. A SysOps Administrator needs to reduce latency on the instance in a manner that is efficient, cost-effective, and allows for scaling with future demand.
Which action should be taken to accomplish this?
  • A. Add a second NAT instance and place both instances behind a load balancer
  • B. Convert the NAT instance to a larger instance size
  • C. Replace the NAT instance with a NAT gateway
  • D. Replace the NAT instance with a virtual private gateway
#302 (Accuracy: 100% / 3 votes)
A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an ELB Application Load Balancer (ALB). The instances run in an EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.
Which condition should be used with the alarm?
  • A. AWS/ApplicationELB HealthyHostCount <= 0
  • B. AWS/ApplicationELB UnhealthyHostCount >= 1
  • C. AWS/EC2 StatusCheckFailed <= 0
  • D. AWS/EC2 StatusCheckFailed >= 1
#303 (Accuracy: 100% / 1 votes)
An enterprise is using federated Security Assertion Markup Language (SAML) to access the AWS Management Console.
How should the SAML assertion mapping be configured?
  • A. Map the group attribute to an AWS group. The AWS group is assigned IAM policies that govern access to AWS resources.
  • B. Map the policy attribute to IAM policies the federated user is assigned to. These policies govern access to AWS resources.
  • C. Map the role attribute to an AWS role. The AWS role is assigned IAM policies that govern access to AWS resources.
  • D. Map the user attribute to an AWS user. The AWS user is assigned specific IAM policies that govern access to AWS resources.
#304 (Accuracy: 100% / 4 votes)
A SysOps Administrator manages an Amazon RDS MySQL DB instance in production. The database is accessed by several applications. The Administrator needs to ensure minimal downtime of the applications in the event the database suffers a failure. This change must not impact customer use during regular business hours.
Which action will make the database MORE highly available?
  • A. Contact AWS Support to pre-warm the database to ensure that it can handle any unexpected spikes in traffic
  • B. Create a new Multi-AZ RDS DB instance. Migrate the data to the new DB instance and delete the old one
  • C. Create a read replica from the existing database outside of business hours
  • D. Modify the DB instance to outside of business hours to be a Multi-AZ deployment
#305 (Accuracy: 100% / 2 votes)
A SysOps Administrator is receiving alerts related to high CPU utilization of a Memcached-based Amazon ElastiCache cluster.
Which remediation steps should be taken to resolve this issue? (Choose two.)
  • A. Add a larger Amazon EBS volume to the ElastiCache cluster nodes
  • B. Add a load balancer to route traffic to the ElastiCache cluster
  • C. Add additional worker nodes to the ElastiCache cluster
  • D. Create an Auto Scaling group for the ElastiCache cluster
  • E. Vertically scale the ElastiCache cluster by changing the node type
#306 (Accuracy: 100% / 2 votes)
An application running on Amazon EC2 needs login credentials to access a database. The login credentials are stored in AWS Systems Manager Parameter Store as secure string parameters.
What is the MOST secure way to grant the application access to the credentials?
  • A. Create an IAM EC2 role for the EC2 instances and grant the role permission to read the Systems Manager parameters
  • B. Create an IAM group for the application and grant the group permissions to read the Systems Manager parameters
  • C. Create an IAM policy for the application and grant the policy permission to read the Systems Manager parameters
  • D. Create an IAM user for the application and grant the user permission to read the Systems Manager parameters
#307 (Accuracy: 100% / 1 votes)
An application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an Auto Scaling group that terminates unhealthy instances. The Auto Scaling group is configured to determine the health status of EC2 instances using both EC2 status checks and ALB health checks. The
Development team wants to analyze the unhealthy instances before termination.
What should the SysOps Administrator do to accomplish this?
  • A. Configure the ALB health check to restart instances instead of terminating them.
  • B. Configure an AWS Lambda function to take a snapshot of all instances before they are terminated.
  • C. Implement Amazon CloudWatch Events to capture lifecycle events and trigger an AWS Lambda function for remediation.
  • D. Use an Amazon EC2 Auto Scaling lifecycle hook to pause instance termination after the instance has been removed from service.
#308 (Accuracy: 100% / 2 votes)
A SysOps Administrator is maintaining a web application using an Amazon CloudFront web distribution, an Application Load Balancer (ALB), Amazon RDS, and
Amazon EC2 in a VPC. All services have logging enabled. The Administrator needs to investigate HTTP Layer 7 status codes from the web application.
Which log sources contain the status codes? (Choose two.)
  • A. VPC Flow Logs
  • B. AWS CloudTrail logs
  • C. ALB access logs
  • D. CloudFront access logs
  • E. RDS logs
#309 (Accuracy: 100% / 2 votes)
A SysOps Administrator is responsible for maintaining an Amazon EC2 instance that acts as a bastion host. The Administrator can successfully connect to the instance using SSH, but attempts to ping the instance result in a timeout.
What is one reason for the issue?
  • A. The instance does not have an Elastic IP address
  • B. The instance has a security group that does not allow Internet Control Message Protocol (ICMP) traffic
  • C. The instance is not set up in a VPC using AWS Direct Connect
  • D. The instance is running in a peered VPC
#310 (Accuracy: 100% / 1 votes)
Two companies will be working on several development projects together. Each company has an AWS account with a single VPC in us-east-1. Two companies would like to access one another's development servers. The IPv4 CIDR blocks in the two VPCs does not overlap.
What can the SysOps Administrators for each company do to set up network routing?
  • A. Each Administrator should create a custom routing table that points to the other company's internet gateway public IP address.
  • B. Both Administrators should set up a NAT gateway in a public subnet in their respective VPCs. Then. using the public IP address from the NAT gateway, the Administrators should enable routing between the two VPCs.
  • C. Both Administrators should install a 1 Gbps AWS Direct Connect circuit in their respective environments. Then, using the AWS Management Console, the Administrators should create an AWS Direct Connect routing requests to enable connectivity.
  • D. One Administrator should create a VPC peering request and send it to the other Administrator's account. Once the other Administrator accepts the request, update the routing tables to enable traffic.