Amazon AWS Certified SysOps Administrator - Associate SOA-C01
Prev

There are 439 results

Next
#41 (Accuracy: 100% / 2 votes)
You are managing the AWS account of a big organization. The organization has more than 1000+ employees and they want to provide access to the various services to most of the employees. Which of the below mentioned options is the best possible solution in this case?
  • A. The user should create a separate IAM user for each employee and provide access to them as per the policy
  • B. The user should create an IAM role and attach STS with the role. The user should attach that role to the EC2 instance and setup AWS authentication on that server
  • C. The user should create IAM groups as per the organization's departments and add each user to the group for better access control
  • D. Attach an IAM role with the organization's authentication service to authorize each user for various AWS services
#42 (Accuracy: 100% / 1 votes)
A user has created an ELB with Auto Scaling. Which of the below mentioned offerings from ELB helps the user to stop sending new requests traffic from the load balancer to the EC2 instance when the instance is being deregistered while continuing in-flight requests?
  • A. ELB sticky session
  • B. ELB deregistration check
  • C. ELB connection draining
  • D. ELB auto registration Off
#43 (Accuracy: 100% / 3 votes)
A user has launched an EBS backed EC2 instance in the US-East-1a region. The user stopped the instance and started it back after 20 days. AWS throws up an
`˜InsufficientInstanceCapacity' error. What can be the possible reason for this?
  • A. AWS does not have sufficient capacity in that availability zone
  • B. AWS zone mapping is changed for that user account
  • C. There is some issue with the host capacity on which the instance is launched
  • D. The user account has reached the maximum EC2 instance limit
#44 (Accuracy: 100% / 1 votes)
An organization is trying to create various IAM users. Which of the below mentioned options is not a valid IAM username?
  • A. John.cloud
  • B. john@cloud
  • C. John=cloud
  • D. john#cloud
#45 (Accuracy: 100% / 1 votes)
A user is trying to connect to a running EC2 instance using SSH. However, the user gets an Unprotected Private Key File error. Which of the below mentioned options can be a possible reason for rejection?
  • A. The private key file has the wrong file permission
  • B. The ppk file used for SSH is read only
  • C. The public key file has the wrong permission
  • D. The user has provided the wrong user name for the OS login
#46 (Accuracy: 100% / 1 votes)
A user has created a VPC with public and private subnets. The VPC has CIDR 20.0.0.0/16. The private subnet uses CIDR 20.0.1.0/24 and the public subnet uses
CIDR 20.0.0.0/24. The user is planning to host a web server in the public subnet (port 80. and a DB server in the private subnet (port 3306). The user is configuring a security group of the NAT instance. Which of the below mentioned entries is not required for the NAT security group?
  • A. For Inbound allow Source: 20.0.1.0/24 on port 80
  • B. For Outbound allow Destination: 0.0.0.0/0 on port 80
  • C. For Inbound allow Source: 20.0.0.0/24 on port 80
  • D. For Outbound allow Destination: 0.0.0.0/0 on port 443
#47 (Accuracy: 100% / 1 votes)
A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. The ELB security policy supports various ciphers. Which of the below mentioned options helps identify the matching cipher at the client side to the ELB cipher list when client is requesting ELB DNS over
SSL?
  • A. Cipher Protocol
  • B. Client Configuration Preference
  • C. Server Order Preference
  • D. Load Balancer Preference
#48 (Accuracy: 100% / 2 votes)
An AWS account owner has setup multiple IAM users. One IAM user only has CloudWatch access. He has setup the alarm action which stops the EC2 instances when the CPU utilization is below the threshold limit. What will happen in this case?
  • A. It is not possible to stop the instance using the CloudWatch alarm
  • B. CloudWatch will stop the instance when the action is executed
  • C. The user cannot set an alarm on EC2 since he does not have the permission
  • D. The user can setup the action but it will not be executed if the user does not have EC2 rights
#49 (Accuracy: 100% / 1 votes)
A user runs the command `dd if=/dev/zero of=/dev/xvdfbs=1M` on a fresh blank EBS volume attached to a Linux instance. Which of the below mentioned activities is the user performing with the command given above?
  • A. Creating a file system on the EBS volume
  • B. Mounting the device to the instance
  • C. Pre warming the EBS volume
  • D. Formatting the EBS volume
#50 (Accuracy: 100% / 1 votes)
A user has launched an EC2 instance store backed instance in the US-East-1a zone. The user created AMI #1 and copied it to the Europe region. After that, the user made a few updates to the application running in the US-East-1a zone. The user makes an AMI#2 after the changes. If the user launches a new instance in
Europe from the AMI #1 copy, which of the below mentioned statements is true?
  • A. The new instance will have the changes made after the AMI copy as AWS just copies the reference of the original AMI during the copying. Thus, the copied AMI will have all the updated data
  • B. The new instance will have the changes made after the AMI copy since AWS keeps updating the AMI
  • C. It is not possible to copy the instance store backed AMI from one region to another
  • D. The new instance in the EU region will not have the changes made after the AMI copy