Amazon AWS Certified SysOps Administrator - Associate SOA-C02
Prev

There are 349 results

Next
#171 (Accuracy: 100% / 2 votes)
A software company runs a workload on Amazon EC2 instances behind an Application Load Balancer (ALB). A SysOps administrator needs to define a custom health check for the EC2 instances.

What is the MOST operationally efficient solution?
  • A. Set up each EC2 instance so that it writes its healthy/unhealthy status into a shared Amazon S3 bucket for the ALB to read.
  • B. Configure the health check on the ALB and ensure that the Health Check Path setting is correct.
  • C. Set up Amazon ElastiCache to track the EC2 instances as they scale in and out.
  • D. Configure an Amazon API Gateway health check to ensure custom checks on all of the EC2 instances.
#172 (Accuracy: 100% / 3 votes)
A company is running an ecommerce application on AWS. The application maintains many open but idle connections to an Amazon Aurora DB cluster. During times of peak usage, the database produces the following error message: "Too many connections." The database clients are also experiencing errors.

Which solution will resolve these errors?
  • A. Increase the read capacity units (RCUs) and the write capacity units (WCUs) on the database.
  • B. Configure RDS Proxy. Update the application with the RDS Proxy endpoint.
  • C. Turn on enhanced networking for the DB instances.
  • D. Modify the DB cluster to use a burstable instance type.
#173 (Accuracy: 100% / 4 votes)
A SysOps administrator wants to provide access to AWS services by attaching an IAM policy to multiple IAM users. The SysOps administrator also wants to be able to change the policy and create new versions.
Which combination of actions will meet these requirements? (Choose two.)
  • A. Add the users to an IAM service-linked role. Attach the policy to the role.
  • B. Add the users to an IAM user group. Attach the policy to the group.
  • C. Create an AWS managed policy.
  • D. Create a customer managed policy.
  • E. Create an inline policy.
#174 (Accuracy: 100% / 2 votes)
A SysOps administrator notices a scale up event for an Amazon EC2 Auto Scaling group. Amazon CloudWatch shows a spike in the RequestCount metric for the associated Application Load Balancer. The administrator would like to know the IP addresses for the source of the requests.

Where can the administrator find this information?
  • A. Auto Scaling logs
  • B. AWS CloudTrail logs
  • C. EC2 instance logs
  • D. Elastic Load Balancer access logs
#175 (Accuracy: 100% / 3 votes)
A company is storing backups in an Amazon S3 bucket. The backups must not be deleted for at least 3 months after the backups are created.

What should a SysOps administrator do to meet this requirement?
  • A. Configure an IAM policy that denies the s3:DeleteObject action for all users. Three months after an object is written, remove the policy.
  • B. Enable S3 Object Lock on a new S3 bucket in compliance mode. Place all backups in the new S3 bucket with a retention period of 3 months.
  • C. Enable S3 Versioning on the existing S3 bucket. Configure S3 Lifecycle rules to protect the backups.
  • D. Enable S3 Object Lock on a new S3 bucket in governance mode. Place all backups in the new S3 bucket with a retention period of 3 months.
#176 (Accuracy: 100% / 4 votes)
A SysOps administrator is configuring AWS Client VPN to connect users on a corporate network to AWS resources that are running in a VPC. According to compliance requirements, only traffic that is destined for the VPC can travel across the VPN tunnel.

How should the SysOps administrator configure Client VPN to meet these requirements?
  • A. Associate the Client VPN endpoint with a private subnet that has an internet route through a NAT gateway.
  • B. On the Client VPN endpoint, turn on the split-tunnel option.
  • C. On the Client VPN endpoint, specify DNS server IP addresses.
  • D. Select a private certificate to use as the identity certificate for the VPN client.
#177 (Accuracy: 100% / 2 votes)
A SysOps administrator is reviewing AWS Trusted Advisor recommendations. The SysOps administrator notices that all the application servers for a finance application are listed in the Low Utilization Amazon EC2 Instances check. The application runs on three instances across three Availability Zones. The SysOps administrator must reduce the cost of running the application without affecting the application’s availability or design.

Which solution will meet these requirements?
  • A. Reduce the number of application servers.
  • B. Apply rightsizing recommendations from AWS Cost Explorer to reduce the instance size.
  • C. Provision an Application Load Balancer in front of the instances.
  • D. Scale up the instance size of the application servers.
#178 (Accuracy: 100% / 4 votes)
A company runs a multi-tier web application with two Amazon EC2 instances in one Availability Zone in the us-east-1 Region. A SysOps administrator must migrate one of the EC2 instances to a new Availability Zone.
Which solution will accomplish this?
  • A. Copy the EC2 instance to a different Availability Zone. Terminate the original instance.
  • B. Create an Amazon Machine Image (AMI) from the EC2 instance and launch it in a different Availability Zone. Terminate the original instance.
  • C. Move the EC2 instance to a different Availability Zone using the AWS CLI.
  • D. Stop the EC2 instance, modify the Availability Zone, and start the instance.
#179 (Accuracy: 100% / 5 votes)
A SysOps administrator is tasked with deploying a company's infrastructure as code. The SysOps administrator want to write a single template that can be reused for multiple environments.
How should the SysOps administrator use AWS CloudFormation to create a solution?
  • A. Use Amazon EC2 user data in a CloudFormation template.
  • B. Use nested stacks to provision resources.
  • C. Use parameters in a CloudFormation template.
  • D. Use stack policies to provision resources.
#180 (Accuracy: 100% / 3 votes)
A SysOps administrator is responsible for managing a fleet of Amazon EC2 instances. These EC2 instances upload build artifacts to a third-party service. The third-party service recently implemented a strict IP allow list that requires all build uploads to come from a single IP address.
What change should the systems administrator make to the existing build fleet to comply with this new requirement?
  • A. Move all of the EC2 instances behind a NAT gateway and provide the gateway IP address to the service.
  • B. Move all of the EC2 instances behind an internet gateway and provide the gateway IP address to the service.
  • C. Move all of the EC2 instances into a single Availability Zone and provide the Availability Zone IP address to the service.
  • D. Move all of the EC2 instances to a peered VPC and provide the VPC IP address to the service.