Amazon SOA-C02 Online Practice Questions and Exam Preparation

Amazon SOA-C02 Online Questions & Answers

• Question 401:

  A user working in the Amazon EC2 console increased the size of an Amazon Elastic Block Store (Amazon EBS) volume attached to an Amazon EC2 Windows instance. The change is not reflected in the file system. What should a SysOps administrator do to resolve this issue?

  A. Extend the file system with operating system-level tools to use the new storage capacity.
  B. Reattach the EBS volume to the EC2 instance.
  C. Reboot the EC2 instance that is attached to the EBS volume.
  D. Take a snapshot of the EBS volume. Replace the original volume with a volume that is created from the snapshot.
  A. Extend the file system with operating system-level tools to use the new storage capacity.

  ---

  After you increase the size of an EBS volume, use the Windows Disk Management utility or PowerShell to extend the disk size to the new size of the volume. You can begin resizing the file system as soon as the volume enters the optimizing state. https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/recognize-expanded-volume-windows.html

• Question 402:

  A company needs to launch a public website. The company will deploy the website on Amazon EC2 instances that are in an Auto Scaling group. The Auto Scaling group extends across multiple Availability Zones. The website must be accessed through only https://example.com.

  Which solution will meet these requirements?

  A. Create an internet-facing Application Load Balancer (ALB). Create an Amazon Route 53 alias record that points to the ALB's DNS name. Configure an HTTP to HTTPS redirect action for the ALB. On the HTTPS listener, create a host-based rule to forward requests for example.com to the website's target group.
  B. Create an Amazon CloudFront distribution. Create an internal Network Load Balancer (NLB). Specify the NLB as the distribution's origin. Use an AWS WAF rule for host header filtering. Create an Amazon Route 53 alias record that points to the distribution's DNS name.
  C. Create an Amazon CloudFront distribution. Create an internet-facing Application Load Balancer (ALB). Specify the ALB as the distribution's origin. Create an Amazon Route 53 alias record that points to the distribution's DNS name.
  D. Create an Amazon CloudFront distribution. Create an internet-facing Application Load Balancer (ALB). Specify the ALB as the distribution's origin. Enable CloudFront Origin Shield. Add a custom Host header that contains the value "example.com". Create an Amazon Route 53 alias record that points to the distribution's DNS name.
  A. Create an internet-facing Application Load Balancer (ALB). Create an Amazon Route 53 alias record that points to the ALB's DNS name. Configure an HTTP to HTTPS redirect action for the ALB. On the HTTPS listener, create a host-based rule to forward requests for example.com to the website's target group.

• Question 403:

  A SysOps administrator is using IAM credentials to try to upload a file to a customer's Amazon S3 bucket that is named DOC-EXAMPLE-BUCKET. The SysOps administrator is receiving an AccessDenied message. Which combination of configuration changes will correct this problem? (Choose two.)

  

  

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  E. Option E
  A. Option A
  B. Option B

• Question 404:

  A company wants to apply an existing Amazon Route 53 private hosted zone to a new VPC to allow for customized resource name resolution within the VPC. The SysOps administrator created the VPC and added the appropriate resource record sets to the private hosted zone.

  Which step should the SysOps administrator take to complete the setup?

  A. Associate the Route 53 private hosted zone with the VPC.
  B. Create a rule in the default security group for the VPC that allows traffic to the Route 53 Resolver.
  C. Ensure the VPC network ACLs allow traffic to the Route 53 Resolver.
  D. Ensure there is a route to the Route 53 Resolver in each of the VPC route tables.
  A. Associate the Route 53 private hosted zone with the VPC.

• Question 405:

  A company has an organization in AWS Organizations. The company uses shared VPCs to provide networking resources across accounts A SysOps administrator has been able to successfully launch and manage Amazon EC2 instances in a participant account However the SysOps administrator is now receiving an InstanceLimitExceeded error when the SysOps administrator tries to launch a new EC2 instance.

  What should the SysOps administrator do to resolve this error')

  A. Request an instance quota increase from the account that owns the VPC
  B. Launch additional EC2 instances in a different AWS Region
  C. Request an instance quota increase from the parte pant account
  D. Launch additional EC2 instances by using a different Amazon Machine image (AMI)
  A. Request an instance quota increase from the account that owns the VPC

• Question 406:

  A company is using an Amazon EC2 instance to inspect inbound traffic. The EC2 instance runs Amazon Linux and has the Amazon CloudWatch agent installed and configured.

  The company needs to ingest metrics and logs from the EC2 instance into CloudWatch. The company also needs to receive notification when a specific number of errors occur for rejected web management requests.

  Which combination of steps will meet these requirements with the MOST operational efficiency? (Select TWO.)

  A. Create an Amazon S3 bucket to store the logs. Configure an S3 event notification that occurs when new logs are added to the S3 bucket.
  B. Create an Amazon Simple Queue Service (Amazon SQS) queue. Add the queue as the destination of the Amazon S3 event notification.
  C. Create a CloudWatch Logs log group and log stream. Set up IAM permissions for the EC2 instance to write to the log group and log stream.
  D. Create an AWS Lambda function to process the logs from CloudWatch. Configure the Amazon S3 event notification to invoke the Lambda function. Configure the Lambda function to publish to an Amazon Simple Notification Service (Amazon SNS) topic.
  E. Create a metric filter for the log group. Configure a filter pattern for the errors. Create a CloudWatch alarm that is based on the metric filter. Configure the alarm to publish to an Amazon Simple Notification Service (Amazon SNS) topic when the alarm is in ALARM state.
  C. Create a CloudWatch Logs log group and log stream. Set up IAM permissions for the EC2 instance to write to the log group and log stream.
  E. Create a metric filter for the log group. Configure a filter pattern for the errors. Create a CloudWatch alarm that is based on the metric filter. Configure the alarm to publish to an Amazon Simple Notification Service (Amazon SNS) topic when the alarm is in ALARM state.

• Question 407:

  An ecommerce company uses an Amazon ElastiCache for Memcached cluster for in- memory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the SysOps administrator notices a large number of evictions.

  Which of the following actions will reduce these evictions? (Choose two.)

  A. Add an additional node to the ElastiCache cluster.
  B. Increase the ElastiCache time to live (TTL).
  C. Increase the individual node size inside the ElastiCache cluster.
  D. Put an Elastic Load Balancer in front of the ElastiCache cluster.
  E. Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster.
  A. Add an additional node to the ElastiCache cluster.
  C. Increase the individual node size inside the ElastiCache cluster.

  ---

  Explanation Explanation/Reference:https://d1.awsstatic.com/training-and-certification/docs-sysops-associate/AWS-Certified-SysOps-Administrator-Associate_Sample-Questions_C02.pdf

• Question 408:

  A fleet of servers must send local logs to Amazon CloudWatch. How should the servers be configured to meet this requirement?

  A. Configure AWS Config to forward events to CloudWatch.
  B. Configure a Simple Network Management Protocol {SNMP) agent to forward events to CloudWatch.
  C. Install and configure the unified CloudWatch agent.
  D. Install and configure the Amazon Inspector agent.
  C. Install and configure the unified CloudWatch agent.

  ---

  Explanation Explanation/Reference:To send local logs from a fleet of servers to Amazon CloudWatch: Install the Unified CloudWatch Agent: The unified CloudWatch agent is capable of collecting both logs and metrics from servers. This agent supports various operating systems and can be configured according to specific logging requirements. Configuration of the Agent: The agent's configuration involves specifying which log files to monitor and how they should be processed. This configuration can be done manually or through the AWS Systems Manager for automated deployment across multiple servers. Send Logs to CloudWatch: Once configured and running, the CloudWatch agent will continuously monitor the specified log files and send the log data to Amazon CloudWatch Logs, allowing you to view, search, and set alarms on log data. This setup ensures a robust and scalable way to manage log data across a fleet of servers, leveraging AWS native services for seamless integration and management.

• Question 409:

  A SysOps administrator manages an AWS account where developers run CPU-intensive tasks on Amazon EC2 instances. The tasks can take several days to finish running and sometimes need to be repeated several times. The developers

  often forget to terminate the instances when the tasks are complete.

  The SysOps administrator needs to implement a solution to monitor EC2 CPU utilization and automatically terminate underutilized instances.

  Which solution will meet these requirements?

  A. Configure an Amazon GuardDuty finding that is based on EC2 CPU utilization. Associate an AWS Lambda function with the GuardDuty finding to terminate any instances that are identified as idle.
  B. Configure an Amazon Simple Notification Service (Amazon SNS) topic to receive EC2 utilization messages from the AWS Health Dashboard. Create an AWS Lambda function. Subscribe the Lambda function to the SNS topic. Use the ec2.stop_instances operation to terminate idle instances.
  C. Configure a Low Utilization Amazon EC2 Instances check in AWS Trusted Advisor to publish status changes to an Amazon Simple Notification Service (Amazon SNS) topic. Create an AWS Lambda function. Subscribe the Lambda function to the SNS topic. Use the ec2.stop_instances operation to terminate idle instances.
  D. Configure an Amazon EventBridge rule for the Low Utilization Amazon EC2 Instances check in AWS Trusted Advisor. Select the EC2 Terminatelnstances API call as the target.
  D. Configure an Amazon EventBridge rule for the Low Utilization Amazon EC2 Instances check in AWS Trusted Advisor. Select the EC2 Terminatelnstances API call as the target.

• Question 410:

  A SysOps administrator has used AWS Cloud Formation to deploy a sereness application into a production VPC. The application consists of an AWS Lambda function, an Amazon DynamoOB table, and an Amazon API Gateway API. The SysOps administrator must delete the AWS Cloud Formation stack without deleting the DynamoOB table.

  Which action should the SysOps administrator take before deleting the AWS Cloud Formation stack?

  A. Add a Retain deletion policy to the DynamoOB resource in the AWS CloudFormation stack.
  B. Add a Snapshot deletion policy to the DynamoOB resource In the AWS CloudFormation stack.
  C. Enable termination protection on the AWS Cloud Formation stack.
  D. Update the application's IAM policy with a Deny statement for the dynamodb:DeleteTabie action.
  A. Add a Retain deletion policy to the DynamoOB resource in the AWS CloudFormation stack.