Amazon AWS Certified SysOps Administrator - Associate SOA-C02
Prev

There are 349 results

Next
#51 (Accuracy: 100% / 8 votes)
A company is running a serverless application on AWS Lambda. The application stores data in an Amazon RDS for MySQL DB instance. Usage has steadily increased, and recently there have been numerous "too many connections" errors when the Lambda function attempts to connect to the database. The company already has configured the database to use the maximum max_connections value that is possible.
What should a SysOps administrator do to resolve these errors?
  • A. Create a read replica of the database. Use Amazon Route 53 to create a weighted DNS record that contains both databases.
  • B. Use Amazon RDS Proxy to create a proxy. Update the connection string in the Lambda function.
  • C. Increase the value in the max_connect_errors parameter in the parameter group that the database uses.
  • D. Update the Lambda function's reserved concurrency to a higher value.
#52 (Accuracy: 100% / 7 votes)
A company hosts its website on Amazon EC2 instances behind an Application Load Balancer. The company manages its DNS with Amazon Route 53, and wants to point its domain's zone apex to the website.
Which type of record should be used to meet these requirements?
  • A. An AAAA record for the domain's zone apex
  • B. An A record for the domain's zone apex
  • C. A CNAME record for the domain's zone apex
  • D. An alias record for the domain's zone apex
#53 (Accuracy: 100% / 3 votes)
A company has a simple web application that runs on a set of Amazon EC2 instances behind an Elastic Load Balancer in the eu-west-2 Region. Amazon Route 53 holds a DNS record for the application with a simple routing policy. Users from all over the world access the application through their web browsers.

The company needs to create additional copies of the application in the us-east-1 Region and in the ap-south-1 Region. The company must direct users to the Region that provides the fastest response times when the users load the application.

What should a SysOps administrator do to meet these requirements?
  • A. In each new Region, create a new Elastic Load Balancer and a new set of EC2 instances to run a copy of the application. Transition to a geolocation routing policy.
  • B. In each new Region, create a copy of the application on new EC2 instances. Add these new EC2 instances to the Elastic Load Balancer in eu-west-2. Transition to a latency routing policy.
  • C. In each new Region, create a copy of the application on new EC2 instances. Add these new EC2 instances to the Elastic Load Balancer in eu-west-2. Transition to a multivalue routing policy.
  • D. In each new Region, create a new Elastic Load Balancer and a new set of EC2 instances to run a copy of the application. Transition to a latency routing policy.
#54 (Accuracy: 100% / 11 votes)
A company has a stateful web application that is hosted on Amazon EC2 instances in an Auto Scaling group. The instances run behind an Application Load
Balancer (ALB) that has a single target group. The ALB is configured as the origin in an Amazon CloudFront distribution. Users are reporting random logouts from the web application.
Which combination of actions should a SysOps administrator take to resolve this problem? (Choose two.)
  • A. Change to the least outstanding requests algorithm on the ALB target group.
  • B. Configure cookie forwarding in the CloudFront distribution cache behavior.
  • C. Configure header forwarding in the CloudFront distribution cache behavior.
  • D. Enable group-level stickiness on the ALB listener rule.
  • E. Enable sticky sessions on the ALB target group.
#55 (Accuracy: 100% / 2 votes)
A company using AWS Organizations requires that no Amazon S3 buckets in its production accounts should ever be deleted.

What is the SIMPLEST approach the SysOps administrator can take to ensure S3 buckets in those accounts can never be deleted?
  • A. Set up MFA Delete on all the S3 buckets to prevent the buckets from being deleted.
  • B. Use service control policies to deny the s3:DeleteBucket action on all buckets in production accounts.
  • C. Create an IAM group that has an IAM policy to deny the s3:DeleteBucket action on all buckets in production accounts.
  • D. Use AWS Shield to deny the s3:DeleteBucket action on the AWS account instead of all S3 buckets.
#56 (Accuracy: 97% / 7 votes)
A SysOps administrator wants to upload a file that is 1 TB in size from on-premises to an Amazon S3 bucket using multipart uploads.
What should the SysOps administrator do to meet this requirement?
  • A. Upload the file using the S3 console.
  • B. Use the s3api copy-object command.
  • C. Use the s3api put-object command.
  • D. Use the s3 cp command
#57 (Accuracy: 100% / 4 votes)
A company recently acquired another corporation and all of that corporation's AWS accounts. A financial analyst needs the cost data from these accounts. A
SysOps administrator uses Cost Explorer to generate cost and usage reports. The SysOps administrator notices that "No Tagkey" represents 20% of the monthly cost.
What should the SysOps administrator do to tag the "No Tagkey" resources?
  • A. Add the accounts to AWS Organizations. Use a service control policy (SCP) to tag all the untagged resources.
  • B. Use an AWS Config rule to find the untagged resources. Set the remediation action to terminate the resources.
  • C. Use Cost Explorer to find and tag all the untagged resources.
  • D. Use Tag Editor to find and tag all the untagged resources.
#58 (Accuracy: 93% / 6 votes)
A company is supposed to receive a data file every hour in an Amazon S3 bucket. An S3 event notification invokes an AWS Lambda function each time a file arrives. The function processes the data for use by an application.
The application team notices that sometimes the file does not arrive. The application team wants to receive a notification whenever the file does not arrive.
What is the MOST operationally efficient solution that meets these requirements?
  • A. Add an S3 Lifecycle rule on the S3 bucket with a scope that is limited to objects that were created in the last hour. Configure another S3 event notification to be invoked by the lifecycle transition when the number of objects transitioned is zero. Publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify the application team.
  • B. Configure another S3 event notification to invoke a Lambda function that posts a message to an Amazon Simple Queue Service (Amazon SQS) queue. Create an Amazon CloudWatch alarm to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify the application team when the ApproximateAgeOfOldestMessage metric of the queue is greater than 1 hour.
  • C. Create an Amazon CloudWatch alarm to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to alert the application team when the Invocations metric of the Lambda function is zero for an hour. Configure the alarm to treat missing data as breaching.
  • D. Create a new Lambda function to get the timestamp of the newest file in the S3 bucket. If the timestamp is more than 1 hour ago, publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify the application team. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to invoke the new function hourly.
#59 (Accuracy: 100% / 5 votes)
A SysOps administrator has successfully deployed a VPC with an AWS CloudFormation template. The SysOps administrator wants to deploy the same template across multiple accounts that are managed through AWS Organizations.
Which solution will meet this requirement with the LEAST operational overhead?
  • A. Assume the OrganizationAccountAccessRole IAM role from the management account. Deploy the template in each of the accounts.
  • B. Create an AWS Lambda function to assume a role in each account. Deploy the template by using the AWS CloudFormation CreateStack API call.
  • C. Create an AWS Lambda function to query for a list of accounts. Deploy the template by using the AWS CloudFormation CreateStack API call.
  • D. Use AWS CloudFormation StackSets from the management account to deploy the template in each of the accounts.
#60 (Accuracy: 100% / 8 votes)
A SysOps administrator is provisioning an Amazon Elastic File System (Amazon EFS) file system to provide shared storage across multiple Amazon EC2 instances. The instances all exist in the same VPC across multiple Availability Zones. There are two instances in each Availability Zone. The SysOps administrator must make the file system accessible to each instance with the lowest possible latency.
Which solution will meet these requirements?
  • A. Create a mount target for the EFS file system in the VPC. Use the mount target to mount the file system on each of the instances.
  • B. Create a mount target for the EFS file system in one Availability Zone of the VPC. Use the mount target to mount the file system on the instances in that Availability Zone. Share the directory with the other instances.
  • C. Create a mount target for each instance. Use each mount target to mount the EFS file system on each respective instance.
  • D. Create a mount target in each Availability Zone of the VPC. Use the mount target to mount the EFS file system on the instances in the respective Availability Zone.