Amazon AWS Certified SysOps Administrator - Associate SOA-C02
Prev

There are 349 results

Next
#181 (Accuracy: 100% / 2 votes)
A media company hosts a public news and video portal on AWS. The portal uses an Amazon DynamoDB table with provisioned capacity to maintain an index of video files that are stored in an Amazon S3 bucket. During a recent event, millions of visitors came to the portal for news. This increase in traffic caused read requests to be throttled in the DynamoDB table. Videos could not be displayed in the portal.

The company's operations team manually increased the provisioned capacity on a temporary basis to meet the demand. The company wants the operations team to receive an alert before the table is throttled in the future. The company has created an Amazon Simple Notification Service (Amazon SNS) topic and has subscribed the operations team's email address to the SNS topic.

What should the company do next to meet these requirements?
  • A. Create an Amazon CloudWatch alarm that uses the ConsumedReadCapacityUnits metric. Set the alarm threshold to a value that is close to the DynamoDB table's provisioned capacity. Configure the alarm to publish notifications to the SNS topic.
  • B. Turn on auto scaling on the DynamoDB table. Configure an Amazon EventBridge rule to publish notifications to the SNS topic during scaling events.
  • C. Turn on Amazon CloudWatch Logs for the DynamoDB table. Create an Amazon CloudWatch metric filter to pattern match the THROTTLING_EXCEPTION status code from DynamoDB. Create a CloudWatch alarm for the metric. Select the SNS topic for notifications.
  • D. Configure the application to store logs in Amazon CloudWatch Logs. Create an Amazon CloudWatch metric filter to pattern match the THROTTLING_EXCEPTION status code from DynamoDB. Create a CloudWatch alarm for the metric. Select the SNS topic for notifications.
#182 (Accuracy: 100% / 3 votes)
An ecommerce company uses an Amazon ElastiCache for Redis cluster for in-memory caching of popular product queries on a shopping website. The cache eviction policy is randomly evicting keys whether or not a TTL is set. A SysOps administrator must improve the cache hit ratio without increasing costs.

Which solution will meet these requirements?
  • A. Add another node to the ElastiCache cluster.
  • B. Increase the ElastiCache TTL value.
  • C. Change the eviction policy to randomly evict keys that have a TTL set.
  • D. Change the eviction policy to evict the least frequently used keys.
#183 (Accuracy: 100% / 4 votes)
A company has a high performance computing (HPC) application that runs on Amazon EC2 instances. The application requires minimum latency and maximum network throughput between nodes.

How should a SysOps administrator deploy the EC2 instances to meet these requirements?
  • A. Use a cluster placement group in a single Availability Zone.
  • B. Use a cluster placement group across multiple Availability Zones.
  • C. Use a partition placement group in a single Availability Zone.
  • D. Use a partition placement group across multiple Availability Zones.
#184 (Accuracy: 100% / 3 votes)
A company is migrating its production file server to AWS. All data that is stored on the file server must remain accessible if an Availability Zone becomes unavailable or when system maintenance is performed. Users must be able to interact with the file server through the SMB protocol. Users also must have the ability to manage file permissions by using Windows ACLs.

Which solution will meet these requirements?
  • A. Create a single AWS Storage Gateway file gateway.
  • B. Create an Amazon FSx for Windows File Server Multi-AZ file system.
  • C. Deploy two AWS Storage Gateway file gateways across two Availability Zones. Configure an Application Load Balancer in front of the file gateways.
  • D. Deploy two Amazon FSx for Windows File Server Single-AZ 2 file systems. Configure Microsoft Distributed File System Replication (DFSR).
#185 (Accuracy: 100% / 3 votes)
An AWS CloudFormation template creates an Amazon RDS instance. This template is used to build up development environments as needed and then delete the stack when the environment is no longer required. The RDS-persisted data must be retained for further use, even after the CloudFormation stack is deleted.

How can this be achieved in a reliable and efficient way?
  • A. Write a script to continue backing up the RDS instance every five minutes.
  • B. Create an AWS Lambda function to take a snapshot of the RDS instance, and manually invoke the function before deleting the stack.
  • C. Use the Snapshot Deletion Policy in the CloudFormation template definition of the RDS instance.
  • D. Create a new CloudFormation template to perform backups of the RDS instance, and run this template before deleting the stack.
#186 (Accuracy: 100% / 2 votes)
A company needs to archive all audit logs for 10 years. The company must protect the logs from any future edits.

Which solution will meet these requirements?
  • A. Store the data in an Amazon Elastic Block Store (Amazon EBS) volume. Configure AWS Key Management Service (AWS KMS) encryption.
  • B. Store the data in an Amazon S3 Glacier vault. Configure a vault lock policy for write-once, read-many (WORM) access.
  • C. Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA). Configure server-side encryption.
  • D. Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA). Configure multi-factor authentication (MFA).
#187 (Accuracy: 100% / 3 votes)
A SysOps administrator creates an Amazon Elastic Kubernetes Service (Amazon EKS) cluster that uses AWS Fargate. The cluster is deployed successfully. The SysOps administrator needs to manage the cluster by using the kubectl command line tool.

Which of the following must be configured on the SysOps administrator’s machine so that kubectl can communicate with the cluster API server?
  • A. The kubeconfig file
  • B. The kube-proxy Amazon EKS add-on
  • C. The Fargate profile
  • D. The eks-connector.yaml file
#188 (Accuracy: 100% / 3 votes)
A SysOps administrator uses AWS Systems Manager Session Manager to connect to instances. After the SysOps administrator launches a new Amazon EC2 instance, the EC2 instance does not appear in the Session Manager list of systems that are available for connection. The SysOps administrator verifies that Systems Manager Agent is installed, updated, and running on the EC2 instance.

What is the reason for this issue?
  • A. The SysOps administrator does not have access to the key pair that is required for connection.
  • B. The SysOps administrator has not attached a security group to the EC2 instance to allow SSH on port 22.
  • C. The EC2 instance does not have an attached IAM role that allows Session Manager to connect to the EC2 instance.
  • D. The EC2 instance ID has not been entered into the Session Manager configuration.
#189 (Accuracy: 100% / 2 votes)
A company needs to view a list of security groups that are open to the internet on port 3389.

What should a SysOps administrator do to meet this requirement?
  • A. Configure Amazon GuardDuty to scan security groups and report unrestricted access on port 3389.
  • B. Configure a service control policy (SCP) to identify security groups that allow unrestricted access on port 3389.
  • C. Use AWS Identity and Access Management Access Analyzer to find any instances that have unrestricted access on port 3389.
  • D. Use AWS Trusted Advisor to find security groups that allow unrestricted access on port 3389.
#190 (Accuracy: 94% / 7 votes)
A new website will run on Amazon EC2 instances behind an Application Load Balancer. Amazon Route 53 will be used to manage DNS records.
What type of record should be set in Route 53 to point the website's apex domain name (for example, `company.com`) to the Application Load Balancer?
  • A. CNAME
  • B. SOA
  • C. TXT
  • D. ALIAS