Amazon AWS Certified SysOps Administrator - Associate SOA-C02
Prev

There are 349 results

Next
#211 (Accuracy: 94% / 8 votes)
A company wants to collect data from an application to use for analytics. For the first 90 days, the data will be infrequently accessed but must remain highly available. During this time, the company’s analytics team requires access to the data in milliseconds. However, after 90 days, the company must retain the data for the long term at a lower cost. The retrieval time after 90 days must be less than 5 hours.

Which solution will meet these requirements MOST cost-effectively?
  • A. Store the data in S3 Standard-Infrequent Access (S3 Standard-IA) for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Flexible Retrieval after 90 days.
  • B. Store the data in S3 One Zone-Infrequent Access (S3 One Zone-IA) for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Deep Archive after 90 days.
  • C. Store the data in S3 Standard for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Flexible Retrieval after 90 days.
  • D. Store the data in S3 Standard for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Deep Archive after 90 days.
#212 (Accuracy: 100% / 3 votes)
A company creates custom AMI images by launching new Amazon EC2 instances from an AWS CloudFormation template. It installs and configures necessary software through AWS OpsWorks, and takes images of each EC2 instance. The process of installing and configuring software can take between 2 to 3 hours, but at times, the process stalls due to installation errors.

The SysOps administrator must modify the CloudFormation template so if the process stalls, the entire stack will fail and roll back.

Based on these requirements, what should be added to the template?
  • A. Conditions with a timeout set to 4 hours.
  • B. CreationPolicy with a timeout set to 4 hours.
  • C. DependsOn with a timeout set to 4 hours.
  • D. Metadata with a timeout set to 4 hours.
#213 (Accuracy: 100% / 2 votes)
A company is transitioning away from applications that are hosted on Amazon EC2 instances. The company wants to implement a serverless architecture that uses Amazon S3, Amazon API Gateway, AWS Lambda, and Amazon CloudFront. As part of this transition, the company has Elastic IP addresses that are unassociated with any EC2 instances after the EC2 instances are terminated.

A SysOps administrator needs to automate the process of releasing all unassociated Elastic IP addresses that remain after the EC2 instances are terminated.

Which solution will meet this requirement in the MOST operationally efficient way?
  • A. Activate the eip-attached AWS Config managed rule to run automatically when resource changes occur in the AWS account. Configure automatic remediation for the rule. Specify the AWS-ReleaseElasticIP AWS Systems Manager Automation runbook for remediation. Specify an appropriate role that has permission for the remediation.
  • B. Create a custom Lambda function that calls the EC2 ReleaseAddress API operation and specifies the Elastic IP address AllocationId. Invoke the Lambda function by using an Amazon EventBridge rule. Specify AWS services as the event source, All Events as the event type, and AWS Trusted Advisor as the target.
  • C. Create an Amazon EventBridge rule. Specify AWS services as the event source, Instance State-change Notification as the event type, and Amazon EC2 as the service. Invoke a Lambda function that extracts the Elastic IP address from the notification. Use AWS CloudFormation to release the address by specifying the AllocationId as an input parameter.
  • D. Create a custom Lambda function that calls the EC2 ReleaseAddress API operation and specifies the Elastic IP address AllocationId. Invoke the Lambda function by using an Amazon EventBridge rule. Specify AWS services as the event source, Instance State-change Notification as the event type, and Amazon EC2 as the service.
#214 (Accuracy: 100% / 3 votes)
A SysOps administrator is responsible for a company's disaster recovery procedures. The company has a source Amazon S3 bucket in a production account, and it wants to replicate objects from the source to a destination S3 bucket in a nonproduction account. The SysOps administrator configures S3 cross-Region, cross-account replication to copy the source S3 bucket to the destination S3 bucket. When the SysOps administrator attempts to access objects in the destination S3 bucket, they receive an Access Denied error.

Which solution will resolve this problem?
  • A. Modify the replication configuration to change object ownership to the destination S3 bucket owner.
  • B. Ensure that the replication rule applies to all objects in the source S3 bucket and is not scoped to a single prefix.
  • C. Retry the request when the S3 Replication Time Control (S3 RTC) has elapsed.
  • D. Verify that the storage class for the replicated objects did not change between the source S3 bucket and the destination S3 bucket.
#215 (Accuracy: 100% / 2 votes)
A company hosts a continuous integration and continuous delivery (CI/CD) environment on AWS. The CI/CD environment includes a Jenkins server that is hosted on an Amazon EC2 instance. A 500 GB General Purpose SSD (gp2) Amazon Elastic Block Store (Amazon EBS) volume is attached to the EC2 instance.

Because of disk throughput limitations, the Jenkins server reports performance issues that are resulting in slower builds on the server. The EBS volume needs to sustain 3,000 IOPS while performing nightly build tasks.

A SysOps administrator examines the server's history in Amazon CloudWatch. The BurstBalance metric has had a value of 0 during nightly builds. The SysOps administrator needs to improve the performance and meet the sustained throughput requirements.

Which solution will meet these requirements MOST cost-effectively?
  • A. Double the gp2 EBS volume size from 500 GB to 1,000 GB.
  • B. Change the volume type from gp2 to General Purpose SSD (gp3).
  • C. Change the volume type from gp2 to Throughput Optimized HDD (st1).
  • D. Change the volume type from gp2 to Provisioned IOPS SSD (io2).
#216 (Accuracy: 100% / 2 votes)
A company has scientists who upload large data objects to an Amazon S3 bucket. The scientists upload the objects as multipart uploads. The multipart uploads often fail because of poor end-client connectivity.

The company wants to optimize storage costs that are associated with the data. A SysOps administrator must implement a solution that presents metrics for incomplete uploads. The solution also must automatically delete any incomplete uploads after 7 days.

Which solution will meet these requirements?
  • A. Review the Incomplete Multipart Upload Bytes metric in the S3 Storage Lens dashboard. Create an S3 Lifecycle policy to automatically delete any incomplete multipart uploads after 7 days.
  • B. Implement S3 Intelligent-Tiering to move data into lower-cost storage classes after 7 days. Create an S3 Storage Lens policy to automatically delete any incomplete multipart uploads after 7 days.
  • C. Access the S3 console. Review the Metrics tab to check the storage that incomplete multipart uploads are consuming. Create an AWS Lambda function to delete any incomplete multipart uploads after 7 days.
  • D. Use the S3 analytics storage class analysis tool to identify and measure incomplete multipart uploads. Configure an S3 bucket policy to enforce restrictions on multipart uploads to delete incomplete multipart uploads after 7 days.
#217 (Accuracy: 100% / 3 votes)
A company deployed a new web application on multiple Amazon EC2 instances behind an Application Load Balancer (ALB). The EC2 instances run in an Auto Scaling group. Users report that they are frequently being prompted to log in.

What should a SysOps administrator do to resolve this issue?
  • A. Configure an Amazon CloudFront distribution with the ALB as the origin.
  • B. Enable sticky sessions (session affinity) for the target group of EC2 instances.
  • C. Redeploy the EC2 instances in a spread placement group.
  • D. Replace the ALB with a Network Load Balancer.
#218 (Accuracy: 100% / 2 votes)
A company has several member accounts that are in an organization in AWS Organizations. The company recently discovered that administrators have been using account root user credentials. The company must prevent the administrators from using root user credentials to perform any actions on Amazon EC2 instances.

What should a SysOps administrator do to meet this requirement?
  • A. Create an identity-based IAM policy in each member account to deny actions on EC2 instances by the root user.
  • B. In the organization's management account, create a service control policy (SCP) to deny actions on EC2 instances by the root user in all member accounts.
  • C. Use AWS Config to prevent any actions on EC2 instances by the root user.
  • D. Use Amazon Inspector in each member account to scan for root user logins and to prevent any actions on EC2 instances by the root user.
#219 (Accuracy: 100% / 1 votes)
A company’s SysOps administrator deploys four new Amazon EC2 instances by using the standard Amazon Linux 2 Amazon Machine Image (AMI). The company needs to be able to use AWS Systems Manager to manage the instances. The SysOps administrator notices that the instances do not appear in the Systems Manager console.

What must the SysOps administrator do to resolve this issue?
  • A. Connect to each instance by using SSH. Install Systems Manager Agent on each instance. Configure Systems Manager Agent to start automatically when the instances start up.
  • B. Use AWS Certificate Manager (ACM) to create a TLS certificate. Import the certificate into each instance. Configure Systems Manager Agent to use the TLS certificate for secure communications.
  • C. Connect to each instance by using SSH. Create an ssm-user account. Add the ssm-user account to the /etc/sudoers.d directory.
  • D. Attach an IAM instance profile to the instances. Ensure that the instance profile contains the AmazonSSMManagedInstanceCore policy.
#220 (Accuracy: 100% / 3 votes)
A company has 10 Amazon EC2 instances in its production account. A SysOps administrator must ensure that email notifications are sent to administrators each time there is an EC2 instance state change.
Which solution will meet this requirements?
  • A. Configure an Amazon Route 53 simple routing policy that publishes a message to an Amazon Simple Notification Service (Amazon SNS) topic when an EC2 instance state changes. This SNS topic then sends notifications to its email subscribers.
  • B. Configure an Amazon Route 53 simple routing policy that publishes a message to an Amazon Simple Queue Service (Amazon SQS) queue when an EC2 instance state changes. This SQS queue then sends notifications to its email subscribers.
  • C. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that publishes a message to an Amazon Simple Notification Service (Amazon SNS) topic when an EC2 instance state changes. This SNS topic then sends notifications to its email subscribers.
  • D. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that publishes a message to an Amazon Simple Queue Service (Amazon SQS) queue when an EC2 instance state changes. This SQS queue then sends notifications to its email subscribers.