A company has a simple web application that runs on a set of Amazon EC2 instances behind an Elastic Load Balancer in the eu-west-2 Region. Amazon Route 53 holds a DNS record for the application with a simple touting policy. Users from all over the world access the application through their web browsers.
The company needs to create additional copies of the application in the us-east-1 Region and in the ap-south-1 Region. The company must direct users to the Region that provides the fastest response times when the users load the application.
What should a SysOps administrator do to meet these requirements?
A. In each new Region, create a new Elastic Load Balancer and a new set of EC2 Instances to run a copy of the application. Transition to a geolocation routing policy. B. In each new Region, create a copy of the application on new EC2 instances. Add these new EC2 instances to the Elastic Load Balancer in eu-west-2. Transition to a latency routing policy. C. In each new Region, create a copy of the application on new EC2 instances. Add these new EC2 instances to the Elastic Load Balancer in eu-west-2. Transition to a multivalue routing policy. D. In each new Region, create a new Elastic Load Balancer and a new set of EC2 instances to run a copy of the application. Transition to a latency routing policy.
D. In each new Region, create a new Elastic Load Balancer and a new set of EC2 instances to run a copy of the application. Transition to a latency routing policy.
Question 212:
A company runs a workload on an Amazon EC2 instance. The workload needs a temporary cache that contains data that changes frequently. The workload does not need to retain the cache across instance restarts.
Which storage option will provide the HIGHEST performance for the cache?
A. General Purpose SSD (gp3) Amazon Elastic Block Store (Amazon EBS) volume B. Provisioned IOPS SSD (io2) Amazon Elastic Block Store (Amazon EBS) volume C. Throughput Optimized HDD (st1) Amazon Elastic Block Store (Amazon EBS) volume D. EC2 instance store
D. EC2 instance store The storage option that will provide the highest performance for the temporary cache is option D: EC2 instance store. EC2 instance store, also known as ephemeral storage, provides temporary block-level storage that is directly attached to the EC2 instance. It offers very high performance and low latency since it is physically attached to the instance's hardware. The performance of instance store volumes is often better than any other storage option. However, it's important to note that EC2 instance store is temporary storage and is not persistent. The data stored on instance store volumes is lost if the instance is stopped or terminated. If data retention is not required across instance restarts, using instance store as a cache can provide the highest performance.
Question 213:
A company has an application that uses a scheduled AWS Lambda function to retrieve datasets from external sources over the internet. The function is not associated with a VPC. The company is modifying the application to store the information that the Lambda function retrieves on an Amazon RDS DB instance in a private subnet. The VPC has two public subnets and two private subnets.
A SysOps administrator must deploy a solution that allows the Lambda function to access the new database and continue to access the internet.
Which solution meets these requirements?
A. Create a new Lambda function with VPC access and an Elastic IP address. Attach the function to public subnets in two Availability Zones. Associate a security group with the Elastic IP address. Configure the security group outbound rules to allow Lambda to access the required resources. B. Create a new Lambda function with VPC access and two public IP addresses. Attach the function to public subnets in the same Availability Zones that the database uses. Associate a security group with the function. Configure the security group inbound rules to allow Lambda to access the required resources. C. Reconfigure the Lambda function for VPC access. Add NAT gateways to the public subnets in the VPAdd route table entries in the private subnets to route through the NAT gateways to the internet. Attach the function to the private subnets that support the database. Associate a security group with the function. Configure the security group outbound rules to allow Lambda to access the internet. D. Reconfigure the Lambda function for VPC access. Attach the function to the private subnets. Add route table entries in the private subnets to route through the internet gateway to the internet. Associate a security group with the subnets. Configure the security group inbound rules to allow Lambda to access the required resources through the internet gateway.
C. Reconfigure the Lambda function for VPC access. Add NAT gateways to the public subnets in the VPAdd route table entries in the private subnets to route through the NAT gateways to the internet. Attach the function to the private subnets that support the database. Associate a security group with the function. Configure the security group outbound rules to allow Lambda to access the internet. Since the Lambda function needs to access the Amazon RDS DB instance in a private subnet while still accessing the internet, it should be configured to run within the VPC.
Question 214:
A company uses an Amazon S3 bucket to store data files. The S3 bucket contains hundreds of objects. The company needs to replace a tag on all the objects in the S3 bucket with another tag.
What is the MOST operationally efficient way to meet this requirement?
A. Use S3 Batch Operations. Specify the operation to replace all object tags. B. Use the AWS CLI to get the tags for each object. Save the tags in a list. Use S3 Batch Operations. Specify the operation to delete all object tags. Use the AWS CLI and the list to retag the objects. C. Use the AWS CLI to get the tags for each object. Save the tags in a list. Use the AWS CLI and the list to remove the object tags. Use the AWS CLI and the list to retag the objects. D. Use the AWS CLI to copy the objects to another S3 bucket. Add the new tag to the copied objects. Delete the original objects.
A. Use S3 Batch Operations. Specify the operation to replace all object tags. "With this feature, you can make changes to object metadata and properties, or perform other storage management tasks, such as" "replacing object tag sets" https://aws.amazon.com/s3/features/batch-operations/ Ref. https://aws.amazon.com/es/blogs/storage/adding-and-removing-object-tags-with-s3-batch-operations/
Question 215:
A company has several member accounts that are in an organization in AWS Organizations. The company recently discovered that administrators have been using account root user credentials. The company must prevent the administrators from using root user credentials to perform any actions on Amazon EC2 instances.
What should a SysOps administrator do to meet this requirement?
A. Create an identity-based IAM policy in each member account to deny actions on EC2 instances by the root user. B. In the organization's management account, create a service control policy (SCP) to deny actions on EC2 instances by the root user in all member accounts. C. Use AWS Config to prevent any actions on EC2 instances by the root user. D. Use Amazon Inspector in each member account to scan for root user logins and to prevent any actions on EC2 instances by the root user.
B. In the organization's management account, create a service control policy (SCP) to deny actions on EC2 instances by the root user in all member accounts.
Question 216:
A recent organizational audit uncovered an existing Amazon RDS database that is not currently configured for high availability. Given the critical nature of this database, it must be configured for high availability as soon as possible.
How can this requirement be met?
A. Switch to an active/passive database pair using the create-db-instance-read-replica with the --availability-zone flag. B. Specify high availability when creating a new RDS instance, and live-migrate the data. C. Modify the RDS instance using the console to include the Multi-AZ option. D. Use the modify-db-instance command with the --na flag.
C. Modify the RDS instance using the console to include the Multi-AZ option.
Question 217:
A company has a public web application that experiences rapid traffic increases after advertisements appear on local television. The application runs on Amazon EC2 instances that are in an Auto Scaling group. The Auto Scaling group is not keeping up with the traffic surges after an advertisement runs. The company often needs to scale out to 100 EC2 instances during the traffic surges.
The instance startup times are lengthy because of a boot process that creates machine-specific data caches that are unique to each instance. The exact timing of when the advertisements will appear on television is not known. A SysOps administrator must implement a solution so that the application can function properly during the traffic surges.
Which solution will meet these requirements?
A. Create e warm pool. Keep enough instances in the Stopped state to meet the increased demand. B. Start 100 instances. Allow the boot process to finish running. Store this data on the instance store volume before stopping the instances. C. Increase the value of the instance warmup time in the scaling policy D. Use predictive scaling for the Auto Scaling group.
A. Create e warm pool. Keep enough instances in the Stopped state to meet the increased demand. "A warm pool gives you the ability to decrease latency for your applications that have exceptionally long boot times, for example, because instances need to write massive amounts of data to disk" https://docs.aws.amazon.com/autoscaling/ ec2/userguide/ec2-auto-scaling-warm-pools.html I'm confident the answer is not "D" because they the requirements state "The exact timing of when the advertisements will appear on television is not known." That was put there to eliminate Predictive Scaling as an option.
Question 218:
A SysOps administrator has many Windows Amazon EC2 instances that need to share a file system between nodes. The SysOps administrator creates an Amazon Elastic File System (Amazon EFS) file share. After creation of the file share, the SysOps administrator is having trouble mounting the file share to the EC2 instances.
Which action should the SysOps administrator take so that the EC2 instances can share the files?
A. Delete the EFS file share. Create an Amazon FSx for Windows File Server file share for the EC2 instances. B. Use the correct IAM credentials to mount the EFS file share. C. Configure NFSv4 support on the Windows operating system that is running on the EC2 instances. D. Allow the correct port for NFS through the security group and network ACL.
A. Delete the EFS file share. Create an Amazon FSx for Windows File Server file share for the EC2 instances. https://docs.aws.amazon.com/efs/latest/ug/troubleshooting-efs-mounting.html
Question 219:
A company has a new requirement stating that all resources In AWS must be tagged according to a set policy.
Which AWS service should be used to enforce and continually Identify all resources that are not in compliance with the policy?
A. AWS CloudTrail B. Amazon Inspector C. AWS Config D. AWS Systems Manager
C. AWS Config
Question 220:
A company's VPC has an existing IPv4 configuration. The IPv4 configuration includes public subnets, private subnets, NAT gateways, default route tables, and ACLs.
The company associates an IPv6 CIDR block with the VPC. The company adds IPv6 allocations to each existing subnet and adds routes to the route tables. The company updates the ACLs to allow all IPv6 traffic.
Public subnets are working as expected, but private subnets are not allowing internet IPv6 connections.
What should a SysOps administrator do to allow outbound-only connectivity for the new IPv6 subnets?
A. Configure an egress-only internet gateway and associate it with the VPC. Create a default route in the route tables that are associated with the private subnets. Configure the default route to point to the egress-only internet gateway. B. Turn on IPv6 NAT on the NAT gateways. Create a default route in the route tables that are associated with the private subnets. Configure the default route to point to the NAT gateways. C. Configure a new IPv6-only NAT gateway. Create a default route in the route tables that are associated with the private subnets. Configure the default route to point to the IPv6-only NAT gateway. D. Create a default route in the route tables that are associated with the private subnets. Configure the default route to point to the existing internet gateway.
A. Configure an egress-only internet gateway and associate it with the VPC. Create a default route in the route tables that are associated with the private subnets. Configure the default route to point to the egress-only internet gateway.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SOA-C02 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.