Amazon AWS Certified SysOps Administrator - Associate SOA-C02
Prev

There are 349 results

Next
#1 (Accuracy: 100% / 6 votes)
A SysOps administrator has created a VPC that contains a public subnet and a private subnet. Amazon EC2 instances that were launched in the private subnet cannot access the internet. The default network ACL is active on all subnets in the VPC, and all security groups allow all outbound traffic.

Which solution will provide the EC2 instances in the private subnet with access to the internet?
  • A. Create a NAT gateway in the public subnet. Create a route from the private subnet to the NAT gateway.
  • B. Create a NAT gateway in the public subnet. Create a route from the public subnet to the NAT gateway.
  • C. Create a NAT gateway in the private subnet. Create a route from the public subnet to the NAT gateway.
  • D. Create a NAT gateway in the private subnet. Create a route from the private subnet to the NAT gateway.
#2 (Accuracy: 94% / 6 votes)
A company runs workloads on 90 Amazon EC2 instances in the eu-west-1 Region in an AWS account. In 2 months, the company will migrate the workloads from eu-west-1 to the eu-west-3 Region.

The company needs to reduce the cost of the EC2 instances. The company is willing to make a 1-year commitment that will begin next week. The company must choose an EC2 instance purchasing option that will provide discounts for the 90 EC2 instances regardless of Region during the 1-year period.

Which solution will meet these requirements?
  • A. Purchase EC2 Standard Reserved Instances.
  • B. Purchase an EC2 Instance Savings Plan.
  • C. Purchase EC2 Convertible Reserved Instances.
  • D. Purchase a Compute Savings Plan.
#3 (Accuracy: 100% / 6 votes)
A company expanded its web application to serve a worldwide audience. A SysOps administrator has implemented a multi-Region AWS deployment for all production infrastructure. The SysOps administrator must route traffic based on the location of resources.
Which Amazon Route 53 routing policy should the SysOps administrator use to meet this requirement?
  • A. Geolocation routing policy
  • B. Geoproximity routing policy
  • C. Latency-based routing policy
  • D. Multivalue answer routing policy
#4 (Accuracy: 100% / 5 votes)
A compliance team requires all administrator passwords for Amazon RDS DB instances to be changed at least annually.
Which solution meets this requirement in the MOST operationally efficient manner?
  • A. Store the database credentials in AWS Secrets Manager. Configure automatic rotation for the secret every 365 days.
  • B. Store the database credentials as a parameter in the RDS parameter group. Create a database trigger to rotate the password every 365 days.
  • C. Store the database credentials in a private Amazon S3 bucket. Schedule an AWS Lambda function to generate a new set of credentials every 365 days.
  • D. Store the database credentials in AWS Systems Manager Parameter Store as a secure string parameter. Configure automatic rotation for the parameter every 365 days.
#5 (Accuracy: 94% / 16 votes)
A new application runs on Amazon EC2 instances and accesses data in an Amazon RDS database instance. When fully deployed in production, the application fails. The database can be queried from a console on a bastion host. When looking at the web server logs, the following error is repeated multiple times:
*** Error Establishing a Database Connection
Which of the following may be causes of the connectivity problems? (Choose two.)
  • A. The security group for the database does not have the appropriate egress rule from the database to the web server.
  • B. The certificate used by the web server is not trusted by the RDS instance.
  • C. The security group for the database does not have the appropriate ingress rule from the web server to the database.
  • D. The port used by the application developer does not match the port specified in the RDS configuration.
  • E. The database is still being created and is not available for connectivity.
#6 (Accuracy: 100% / 8 votes)
A SysOps administrator developed a Python script that uses the AWS SDK to conduct several maintenance tasks. The script needs to run automatically every night.
What is the MOST operationally efficient solution that meets this requirement?
  • A. Convert the Python script to an AWS Lambda function. Use an Amazon EventBridge (Amazon CloudWatch Events) rule to invoke the function every night.
  • B. Convert the Python script to an AWS Lambda function. Use AWS CloudTrail to invoke the function every night.
  • C. Deploy the Python script to an Amazon EC2 instance. Use Amazon EventBride (Amazon CloudWatch Events) to schedule the instance to start and stop every night.
  • D. Deploy the Python script to an Amazon EC2 instance. Use AWS Systems Manager to schedule the instance to start and stop every night.
#7 (Accuracy: 92% / 3 votes)
A SysOps administrator is using AWS CloudFormation StackSets to create AWS resources in two AWS Regions in the same AWS account. A stack operation fails in one Region and returns the stack instance status of OUTDATED.
What is the cause of this failure?
  • A. The CloudFormation template changed on the local disk and has not been submitted to CloudFormation.
  • B. The CloudFormation template is trying to create a global resource that is not unique.
  • C. The stack has not yet been deployed to the Region.
  • D. The SysOps administrator is using an old version of the CloudFormation API.
#8 (Accuracy: 100% / 1 votes)
A SysOps administrator must ensure that all of a company's current and future Amazon S3 buckets have logging enabled. If an S3 bucket does not have logging enabled, an automated process must enable logging for the S3 bucket.

Which solution will meet these requirements?
  • A. Use AWS Trusted Advisor to perform a check for S3 buckets that do not have logging enabled. Configure the check to enable logging for S3 buckets that do not have logging enabled.
  • B. Configure an S3 bucket policy that requires all current and future S3 buckets to have logging enabled.
  • C. Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses an AWS Lambda function to enable logging.
  • D. Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses the AWS-ConfigureS3BucketLogging AWS Systems Manager Automation runbook to enable logging.
#9 (Accuracy: 100% / 1 votes)
A company hosts an application on Amazon EC2 instances. The instances are in an Amazon EC2 Auto Scaling group that uses a launch template. The amount of application traffic changes throughout the day. Scaling events happen frequently.

A SysOps administrator needs to help developers troubleshoot the application. When a scaling event removes an instance, EC2 Auto Scaling terminates the instance before the developers can log in to the instance to diagnose issues.

Which solution will prevent termination of the instance so that the developers can log in to the instance?
  • A. Ensure that the Delete on termination setting is turned off in the UserData section of the launch template.
  • B. Update the Auto Scaling group by enabling instance scale-in protection for newly launched instances.
  • C. Use Amazon Inspector to configure a rules package to protect the instances from termination.
  • D. Use Amazon GuardDuty to configure rules to protect the instances from termination.
#10 (Accuracy: 100% / 1 votes)
An application uses an Amazon Aurora MySQL DB cluster that includes one Aurora Replica. The application's read performance degrades when there are more than 200 user connections. The number of user connections is approximately 180 on a consistent basis. Occasionally, the number of user connections increases rapidly to more than 200.

A SysOps administrator must implement a solution that will scale the application automatically as user demand increases or decreases.

Which solution will meet these requirements?
  • A. Modify the DB cluster by increasing the Aurora Replica instance size.
  • B. Modify the DB cluster by changing to serverless mode whenever the number of user connections exceeds 200.
  • C. Migrate to a new Aurora DB cluster that has multiple writer instances. Modify the application's database connection string.
  • D. Create an auto scaling policy that has a target value of 195 for the DatabaseConnections metric.