1. Home
  2. Amazon
  3. SOA-C02

Amazon SOA-C02 Online Practice Questions and Exam Preparation

SOA-C02 Exam Details

  • Exam Code
    :SOA-C02
  • Exam Name
    :AWS Certified SysOps Administrator - Associate (SOA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :657 Q&As
  • Last Updated
    :Oct 14, 2025

Amazon SOA-C02 Online Questions & Answers

  • Question 181:

    A company has an ecommerce application. The application runs on Amazon EC2 instances that are in an Auto Scaling group. The company runs a backend PostgreSQL database on Amazon RDS. As the number of EC2 instances increases during times of high application usage, the database's CPU utilization increases. At the same time, the database's available memory significantly decreases. A SysOps administrator must reduce the overhead of the new database connections from the Auto Scaling group in a highly available manner.

    Which solution will meet this requirement?

    A. Enable the RDS Multi-AZ feature.
    B. Enable RDS Performance Insights.
    C. Launch another EC2 instance. Install and configure PgBouncer with the existing PostgreSQL database connection string.
    D. Create an RDS proxy. Configure connectivity to the existing PostgreSQL database.

  • Question 182:

    A SysOps administrator is setting up an automated process to recover an Amazon EC2 instance In the event of an underlying hardware failure. The recovered instance must have the same private IP address and the same Elastic IP address that the original instance had. The SysOps team must receive an email notification when the recovery process is initiated.

    Which solution will meet these requirements?

    A. Create an Amazon CloudWatch alarm for the EC2 instance, and specify the SiatusCheckFailedjnstance metric. Add an EC2 action to the alarm to recover the instance. Add an alarm notification to publish a message to an Amazon Simple Notification Service (Amazon SNS> topic. Subscribe the SysOps team email address to the SNS topic.
    B. Create an Amazon CloudWatch alarm for the EC2 Instance, and specify the StatusCheckFailed_System metric. Add an EC2 action to the alarm to recover the instance. Add an alarm notification to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SysOps team email address to the SNS topic.
    C. Create an Auto Scaling group across three different subnets in the same Availability Zone with a minimum, maximum, and desired size of 1. Configure the Auto Seating group to use a launch template that specifies the private IP address and the Elastic IP address. Add an activity notification for the Auto Scaling group to send an email message to the SysOps team through Amazon Simple Email Service (Amazon SES).
    D. Create an Auto Scaling group across three Availability Zones with a minimum, maximum, and desired size of 1. Configure the Auto Scaling group to use a launch template that specifies the private IP address and the Elastic IP address. Add an activity notification for the Auto Scaling group to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SysOps team email address to the SNS topic.

  • Question 183:

    A company recently its server infrastructure to Amazon EC2 instances. The company wants to use Amazon CloudWatch metrics to track instance memory utilization and available disk space. What should a SysOps administrator do to meet these requirements?

    A. Configure CloudWatch from the AWS Management Console tor all the instances that require monitoring by CloudWatch. AWS automatically installs and configures the agents far the specified instances.
    B. Install and configure the CloudWatch agent on all the instances. Attach an IAM role to allow the instances to write logs to CloudWatch.
    C. Install and configure the CloudWatch agent on all the instances. Attach an IAM user to allow the instances to write logs to CloudWatch.
    D. Install and configure the CloudWatch agent on all the instances. Attach the necessary security groups to allow the instances to write logs to CloudWatch

  • Question 184:

    A SysOps administrator must manage the security of an AWS account. Recently, an IAM user's access key was mistakenly uploaded to a public code repository.

    The SysOps administrator must identify anything that was changed by using this access key.

    How should the SysOps administrator meet these requirements?

    A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all IAM events to an AWS Lambda function for analysis.
    B. Query Amazon EC2 logs by using Amazon CloudWatch Logs Insights for all events initiated with the compromised access key within the suspected timeframe.
    C. Search AWS CloudTrail event history for all events initiated with the compromised access key within the suspected timeframe.
    D. Search VPC Flow Logs for all events initiated with the compromised access key within the suspected timeframe.

  • Question 185:

    A SysOps administrator creates a custom Amazon Machine Image (AMI) in the eu-west-2 Region and uses the AMI to launch Amazon EC2 instances. The SysOps administrator needs to use the same AMI to launch EC2 instances in two other Regions: us-east-1 and us-east-2.

    What must the SysOps administrator do to use the custom AMI in the additional Regions?

    A. Copy the AMI to the additional Regions.
    B. Make the AMI public in the Community AMIs section of the AWS Management Console.
    C. Share the AMI to the additional Regions. Assign the required access permissions.
    D. Copy the AMI to a new Amazon S3 bucket. Assign access permissions to the AMI for the additional Regions.

  • Question 186:

    A company has turned on server access logging for all of its existing Amazon S3 buckets. The company wants to implement a solution to monitor the logging settings for new and existing S3 buckets. The solution must remediate any S3 buckets that do not have logging turned on.

    What should a SysOps administrator do to meet these requirements in the MOST operationally efficient way?

    A. Track the logging information by using AWS CloudTrail. Launch an AWS Lambda function for remediation.
    B. Configure automatic remediation in AWS Config by using the s3-bucket-logging-enabled rule.
    C. Configure AWS Trusted Advisor to monitor the logging configuration and to turn on access logging if necessary.
    D. Track the logging information by using Amazon CloudWatch metrics. Launch an AWS Lambda function for remediation.

  • Question 187:

    A company migrates a write-once, ready-many (WORM) drive to an Amazon S3 bucket that has S3 Object Lock configured in governance mode. During the migration, the company copies unneeded data to the S3 bucket.

    A SysOps administrator attempts to delete the unneeded data from the S3 bucket by using the AWS CLI. However, the SysOps administrator receives an error.

    Which combination of steps should the SysOps administrator take to successfully delete the unneeded data? (Choose two.)

    A. Increase the Retain Until Date.
    B. Assume a role that has the s3:BypassLegalRetention permission.
    C. Assume a role that has the s3:BypassGovernanceRetention permission.
    D. Include the x-amz-bypass-governance-retention:true header in the request when issuing the delete command.
    E. Include the x-amz-bypass-legal-retention:true header in the request when issuing the delete command.

  • Question 188:

    A company is using an Amazon S3 bucket in the us-east-1 Region to set up a static website. The S3 bucket is named example-website-hosting-bucket. The website stores photographs in the following structure: www.example.com/ Photographs/user/.

    The S3 bucket has an Amazon Resource Name (ARN) of arn:aws:s3:::example-website- hosting-bucket. A SysOps administrator configured the S3 bucket for static website hosting and to allow public read access.

    The SysOps administrator did not configure S3 Block Public Access. Amazon Route 53 does not display the S3 bucket as the alias target when the SysOps administrator attempts to create a DNS record.

    Which solution will make the website available?

    A. In Route 53, update the record to reference the S3 bucket by using the following ARN: arn:aws:s3::https://www.google.com/search?q=example-website-hosting-bucket.s3- website-us-east-1.amazonaws.com.
    B. Change the ARN of the S3 bucket to arn:aws:s3:::example-website-hosting- bucket/Photographs. Configure Route 53 to point to the S3 bucket through the ARN.
    C. Configure versioning on the S3 bucket. Create an S3 access point that points to the S3 bucket. Create an access point alias name for Route 53 to use to reach the S3 bucket through the access point.
    D. Create a new S3 bucket named www.example.com. Migrate the website contents to the new S3 bucket. Configure the new S3 bucket with the same settings as the original S3 bucket. Configure the Route 53 alias record to point to the new S3 bucket.

  • Question 189:

    A company uses AWS Organizations to manage its multi-account environment. The organization contains a dedicated account for security and a dedicated account for logging. A SysOps administrator needs to implement a centralized solution that provides alerts when a resource metric in any account crosses a standard defined threshold.

    Which solution will meet these requirements?

    A. Deploy an AWS CloudFormation stack set to the accounts in the organization. Use a template that creates the required Amazon CloudWatch alarms and references an Amazon Simple Notification Service (Amazon SNS) topic in the logging account with publish permissions for all the accounts.
    B. Deploy an AWS CloudFormation stack in each account. Use the stack to deploy the required Amazon CloudWalch alarms and the required Amazon Simple Notification Service (Amazon SNS) topic.
    C. Deploy an AWS Lambda function on a cron job in each account. Configure the Lambda function to read resources that are in the account and to invoke an Amazon Simple Notification Service (Amazon SNS) topic if any metrics cross the defined threshold.
    D. Deploy an AWS CloudFormation change set to the organization. Use a template to create the required Amazon CloudWatch alarms and to send alerts to a verified Amazon Simple Email Service (Amazon SES) identity.

  • Question 190:

    The company is experiencing increased message load from the frontend to the backend, causing message loss due to backend capacity limitations.

    A. Redevelop the backend application as a series of AWS Lambda functions.
    B. Implement an Amazon Kinesis data stream to replace the backend application.
    C. Implement an Application Load Balancer to distribute message traffic across the backend application instances.
    D. Implement an Amazon Simple Queue Service (Amazon SQS) queue between the frontend and backend components.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.