Amazon AWS Certified SysOps Administrator - Associate SOA-C02
Prev

There are 349 results

Next
#311 (Accuracy: 100% / 3 votes)
A SysOps administrator is trying to set up an Amazon Route 53 domain name to route traffic to a website hosted on Amazon S3. The domain name of the website is www.example.com and the S3 bucket name DOC-EXAMPLE-BUCKET. After the record set is set up in Route 53, the domain name www.anycompany.com does not seem to work, and the static website is not displayed in the browser.
Which of the following is a cause of this?
  • A. The S3 bucket must be configured with Amazon CloudFront first.
  • B. The Route 53 record set must have an IAM role that allows access to the S3 bucket.
  • C. The Route 53 record set must be in the same region as the S3 bucket.
  • D. The S3 bucket name must match the record set name in Route 53.
#312 (Accuracy: 100% / 4 votes)
A company runs a retail website on multiple Amazon EC2 instances behind an Application Load Balancer (ALB). The company must secure traffic to the website over an HTTPS connection.
Which combination of actions should a SysOps administrator take to meet these requirements? (Choose two.)
  • A. Attach the certificate to each EC2 instance.
  • B. Attach the certificate to the ALB.
  • C. Create a private certificate in AWS Certificate Manager (ACM).
  • D. Create a public certificate in AWS Certificate Manager (ACM).
  • E. Export the certificate, and attach it to the website.
#313 (Accuracy: 100% / 4 votes)
A data analytics application is running on an Amazon EC2 instance. A SysOps administrator must add custom dimensions to the metrics collected by the Amazon
CloudWatch agent.
How can the SysOps administrator meet this requirement?
  • A. Create a custom shell script to extract the dimensions and collect the metrics using the Amazon CloudWatch agent.
  • B. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to evaluate the required custom dimensions and send the metrics to Amazon Simple Notification Service (Amazon SNS).
  • C. Create an AWS Lambda function to collect the metrics from AWS CloudTrail and send the metrics to an Amazon CloudWatch Logs group.
  • D. Create an append_dimensions field in the Amazon CloudWatch agent configuration file to collect the metrics.
#314 (Accuracy: 100% / 3 votes)
A SysOps administrator must configure Amazon S3 to host a simple nonproduction webpage. The SysOps administrator has created an empty S3 bucket from the
AWS Management Console. The S3 bucket has the default configuration in place.
Which combination of actions should the SysOps administrator take to complete this process? (Choose two.)
  • A. Configure the S3 bucket by using the "Redirect requests for an object" functionality to point to the bucket root URL.
  • B. Turn off the "Block all public access" setting. Allow public access by using a bucket ACL that contains <Permission>WEBSITE</Permission>.
  • C. Turn off the "Block all public access" setting. Allow public access by using a bucket ACL that allows access to the AuthenticatedUsers grantee.
  • D. Turn off the "Block all public access" setting. Set a bucket policy that allows "Principal": the s3:GetObject action.
  • E. Create an index.html document. Configure static website hosting, and upload the index document to the S3 bucket.
#315 (Accuracy: 100% / 5 votes)
A SysOps administrator needs to configure automatic rotation for Amazon RDS database credentials. The credentials must rotate every 30 days. The solution must integrate with Amazon RDS.

Which solution will meet these requirements with the LEAST operational overhead?
  • A. Store the credentials in AWS Systems Manager Parameter Store as a secure string. Configure automatic rotation with a rotation interval of 30 days.
  • B. Store the credentials in AWS Secrets Manager. Configure automatic rotation with a rotation interval of 30 days.
  • C. Store the credentials in a file in an Amazon S3 bucket. Deploy an AWS Lambda function to automatically rotate the credentials every 30 days.
  • D. Store the credentials in AWS Secrets Manager. Deploy an AWS Lambda function to automatically rotate the credentials every 30 days.
#316 (Accuracy: 100% / 4 votes)
A developer creates an AWS Lambda function that runs when an object is put into an Amazon S3 bucket. The function reformats the object and places the object back into the S3 bucket. During testing, the developer notices a recursive invocation loop. The developer asks a SysOps administrator to immediately stop the recursive invocations.

What should the SysOps administrator do to stop the loop without errors?
  • A. Delete all the objects from the S3 bucket.
  • B. Set the function’s reserved concurrency to 0.
  • C. Update the S3 bucket policy to deny access for the function.
  • D. Publish a new version of the function.
#317 (Accuracy: 100% / 2 votes)
A company has users that deploy Amazon EC2 instances that have more disk performance capacity than is required. A SysOps administrator needs to review all Amazon Elastic Block Store (Amazon EBS) volumes that are associated with the instances and create cost optimization recommendations based on IOPS and throughput.

What should the SysOps administrator do to meet these requirements in the MOST operationally efficient way?
  • A. Use the monitoring graphs in the EC2 console to view metrics for EBS volumes. Review the consumed space against the provisioned space on each volume. Identify any volumes that have low utilization.
  • B. Stop the EC2 instances from the EC2 console. Change the EC2 instance type for Amazon EBS-optimized. Start the EC2 instances.
  • C. Opt in to AWS Compute Optimizer. Allow sufficient time for metrics to be gathered. Review the Compute Optimizer findings for EBS volumes.
  • D. Install the fio tool onto the EC2 instances and create a .cfg file to approximate the required workloads. Use the benchmark results to gauge whether the provisioned EBS volumes are of the most appropriate type.
#318 (Accuracy: 100% / 3 votes)
A SysOps administrator is configuring Amazon CloudWatch alarms. A particular is constantly in the ALARM state.

What could be the reason for this issue?
  • A. Alarms continue to evaluate metrics against configured thresholds, even after they are triggered.
  • B. After alarms are triggered, they remain in the ALARM state until they are manually disabled.
  • C. After an alarm is triggered and an action is performed, the application logic must reset the alarm to its normal state.
  • D. The alarm is not receiving appropriate metrics.
#319 (Accuracy: 100% / 2 votes)
A company hosts an internet web application on Amazon EC2 instances. The company is replacing the application with a new AWS Lambda function. During a transition period, the company must route some traffic to the legacy application and some traffic to the new Lambda function. The company needs to use the URL path of request to determine the routing.

Which solution will meet these requirements?
  • A. Configure a Gateway Load Balancer to use the URL path to direct traffic to the legacy application and the new Lambda function.
  • B. Configure a Network Load Balancer to use the URL path to direct traffic to the legacy application and the new Lambda function.
  • C. Configure a Network Load Balancer to use a regular expression to match the URL path to direct traffic to the new Lambda function.
  • D. Configure an Application Load Balancer to use the URL path to direct traffic to the legacy application and the new Lambda function.
#320 (Accuracy: 100% / 3 votes)
A company has a secure website running on Amazon EC2 instances behind an Application Load Balancer (ALB). An SSL certificate from AWS Certificate Manager (ACM) is used on the ALB. Users with legacy web browsers are experiencing issues with the website.

How should the SysOps administrator resolve these issues in the MOST operationally efficient manner?
  • A. Create a new SSL certificate in ACM and install the new certificate on the ALB to support legacy web browsers.
  • B. Create a second ALB and install a custom SSL certificate with a different domain name on the second ALB to support legacy web browsers.
  • C. Remove the ALB from the configuration and install a custom SSL certificate on each web server.
  • D. Update the SSL negotiation configuration of the ALB with a security policy that contains ciphers for legacy web browsers.