1. Home
  2. Amazon
  3. SOA-C02

Amazon SOA-C02 Online Practice Questions and Exam Preparation

SOA-C02 Exam Details

  • Exam Code
    :SOA-C02
  • Exam Name
    :AWS Certified SysOps Administrator - Associate (SOA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :657 Q&As
  • Last Updated
    :Oct 14, 2025

Amazon SOA-C02 Online Questions & Answers

  • Question 351:

    A company uses an Amazon Elastic File System (Amazon EFS) file system to share files across many Linux Amazon EC2 instances. A SysOps administrator notices that the file system's PercentIOLimit metric is consistently at 100% for 15 minutes or longer. The SysOps administrator also notices that the application that reads and writes to that file system is performing poorly. They application requires high throughput and IOPS while accessing the file system.

    What should the SysOps administrator do to remediate the consistently high PercentIOLimit metric?

    A. Create a new EFS file system that uses Max I/O performance mode. Use AWS DataSync to migrate data to the new EFS file system.
    B. Create an EFS lifecycle policy to transition future files to the Infrequent Access (IA) storage class to improve performance. Use AWS DataSync to migrate existing data to IA storage.
    C. Modify the existing EFS file system and activate Max I/O performance mode.
    D. Modify the existing EFS file system and activate Provisioned Throughput mode.

  • Question 352:

    A SysOps administrator needs EC2 instances in a VPC to resolve DNS names for hosts in an on-premises data center.

    A. Create an Amazon Route 53 private hosted zone. Populate the zone with the hostnames and IP addresses of the hosts in the on-premises data center.
    B. Create an Amazon Route 53 Resolver outbound endpoint. Add the IP addresses of an on-premises DNS server for the domain names that need to be forwarded.
    C. Set up a forwarding rule for reverse DNS queries in Amazon Route 53 Resolver. Set the enableDnsHostnames attribute to true for the VPC.
    D. Add the hostnames and IP addresses for the on-premises hosts to the /etc/hosts file of each EC2 instance.

  • Question 353:

    A company hosts a database on an Amazon RDS Multi-AZ DB instance. The database is not encrypted. The company's new security policy requires all AWS resources to be encrypted at rest and in transit.

    What should a SysOps administrator do to encrypt the database?

    A. Configure encryption on the existing DB instance.
    B. Take a snapshot of the DB instance. Encrypt the snapshot. Restore the snapshot to the same DB instance.
    C. Encrypt the standby replica in a secondary Availability Zone. Promote the standby replica to the primary DB instance.
    D. Take a snapshot of the DB instance. Copy and encrypt the snapshot. Create a new DB instance by restoring the encrypted copy.

  • Question 354:

    A SysOps administrator is reviewing AWS Trusted Advisor warnings and encounters a warning for an S3 bucket policy that has open access permissions. While discussing the issue with the bucket owner, the administrator realizes the S3 bucket is an origin for an Amazon CloudFront web distribution.

    Which action should the administrator take to ensure that users access objects in Amazon S3 by using only CloudFront URLs?

    A. Encrypt the S3 bucket content with Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).
    B. Create an origin access identity and grant it permissions to read objects in the S3 bucket.
    C. Assign an IAM user to the CloudFront distribution and grant the user permissions in the S3 bucket policy.
    D. Assign an IAM role to the CloudFront distribution and grant the role permissions in the S3 bucket policy.

  • Question 355:

    A SysOps administrator creates an AWS CloudFormation template to define an application stack that can be deployed in multiple AWS Regions.

    The SysOps administrator also creates an Amazon CloudWatch dashboard by using the AWS Management Console. Each deployment of the application requires its own CloudWatch dashboard.

    How can the SysOps administrator automate the creation of the CloudWatch dashboard each time the application is deployed?

    A. Create a script by using the AWS CLI to run the aws cloudformation put-dashboard command with the name of the dashboard. Run the command each time a new CloudFormation stack is created.
    B. Export the existing CloudWatch dashboard as JSON. Update the CloudFormation template to define an AWS::CloudWatch::Dashboard resource. Include the exported JSON in the resource's DashboardBody property.
    C. Update the CloudFormation template to define an resource. Use the intrinsic Ref function to reference the ID of the existing CloudWatch dashboard.
    D. Update the CloudFormation template to define an AWS::CloudWatch::Dashboard resource. Specify the name of the existing dashboard in the DashboardName property.

  • Question 356:

    A company analyzes sales data for its customers. Customers upload files to one of the company's Amazon S3 buckets, and a message is posted to an Amazon Simple Queue Service (Amazon SQS) queue that contains the object Amazon Resource Name (ARN). An application that runs on an Amazon EC2 instance polls the queue and processes the messages. The processing time depends on the size of the file. Customers are reporting delays in the processing of their files. A SysOps administrator decides to configure Amazon EC2 Auto Scaling as the first step. The SysOps administrator creates an Amazon Machine Image (AMI) that is based on the existing EC2 instance. The SysOps administrator also creates a launch template that references the AMI. How should the SysOps administrator configure the Auto Scaling policy to improve the response time?

    A. Add several different instance sizes in the launch template. Create an Auto Scaling policy based on the ApproximateNumberOfMessagesVisible metric to select the size of the instance based on the number of messages in the queue.
    B. Create an Auto Scaling policy based on the ApproximateNumberOfMessagesDelayed metric to scale the number of instances based on the number of messages in the queue that have been delayed.
    C. Create a custom metric based on the ASGAverageCPUUtilization metric and the GroupPendingInstances metric from the Auto Scaling group. Modify the application to calculate the metric and post the metric to Amazon CloudWatch once each minute. Create an Auto Scaling policy based on this metric to scale the number of instances.
    D. Create a custom metric based on the ApproximateNumberOfMessagesVisible metric and the number of instances in the InService state in the Auto Scaling group. Modify the application to calculate the metric and post the metric to Amazon CloudWatch once each minute. Create an Auto Scaling policy based on this metric to scale the number of instances.

  • Question 357:

    A company is using an Amazon CloudWatch alarm lo monitor the FreeLocalStorage metric for an Amazon Aurora PostgreSQL production database The alarm goes into ALARM state and indicates that the database is running low on temporary storage. A SysOps administrator discovers that a weekly report is using most of the temporary storage that is currently allocated.

    What should the SysOps administrator do to solve this problem?

    A. Turn on Aurora PostgreSQL query plan management.
    B. Modify the configuration of the DB cluster to turn on storage auto scaling.
    C. Add an Aurora read replica to the DB cluster. Modify the report lo use the new read replica.
    D. Modify the DB instance class for each DB instance In the DB cluster to increase the instance size.

  • Question 358:

    A company needs to copy an Amazon Aurora database from one AWS account to a second account that uses a second AWS Region. A SysOps administrator must automate this process to occur every day.

    Which solution will meet these requirements with the LEAST operational overhead?

    A. Create a backup plan in AWS Backup. Specify the second account and the second Region as the destination.
    B. Create an Amazon EventBridge rule that runs on a schedule. Create an AWS Lambda function that runs an automation script to copy the database to the second account and the second Region. Use the EventBridge rule to invoke the Lambda function.
    C. Configure Amazon EventBridge Scheduler with a recurring rule. Add the RDS StartExportTask API operation as a target. Specify the relevant details about the database and an Amazon S3 bucket to store the exported data. Create a replication rule for the S3 bucket to replicate data to the second account and the second Region.
    D. Configure AWS Application Migration Service to replicate the Aurora database. Specify the second account and the second Region as the destination.

  • Question 359:

    A company has an application that is running on Amazon EC2 instances in a VPC. The application needs access to download software updates from the internet. The VPC has public subnets and private signets. The company's security policy requires all ECS instances to be deployed in private subnets

    What should a SysOps administrator do to meet those requirements?

    A. Add an internet gateway to the VPC In the route table for the private subnets, odd a route to the interne; gateway.
    B. Add a NAT gateway to a private subnet. In the route table for the private subnets, add a route to the NAT gateway.
    C. Add a NAT gateway to a public subnet in the route table for the private subnets, add a route to the NAT gateway.
    D. Add two internet gateways to the VPC. In The route tablet for the private subnets and public subnets, add a route to each internet gateway.

  • Question 360:

    An application runs on Amazon EC2 instances in an Auto Scaling group. Following the deployment of a new feature on the EC2 instances, some instances were marked as unhealthy and then replaced by the Auto Scaling group. The EC2 instances terminated before a SysOps administrator could determine the cause of the health status changes. To troubleshoot this issue, the SysOps administrator wants to ensure that an AWS Lambda function is invoked in this situation. How should the SysOps administrator meet these requirements?

    A. Activate the instance scale-in protection setting for the Auto Scaling group. Invoke the Lambda function through Amazon EventBridge (Amazon CloudWatch Events).
    B. Activate the instance scale-in protection setting for the Auto Scaling group. Invoke the Lambda function through Amazon Route 53.
    C. Add a lifecycle hook to the Auto Scaling group to invoke the Lambda function through Amazon EventBridge (Amazon CloudWatch Events).
    D. Add a lifecycle hook to the Auto Scaling group to invoke the Lambda function through Amazon Route 53.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.