A company hosts several write-intensive applications. These applications use a MySQL database that runs on a single Amazon EC2 instance. The company asks a SysOps administrator to implement a highly available database solution that is ideal for multi-tenant workloads.
Which solution should the SysOps administrator implement to meet these requirements?
A. Create a second EC2 instance for MySQL. Configure the second instance to be a read replica.
B. Migrate the database to an Amazon Aurora DB cluster. Add an Aurora Replica.
C. Migrate the database to an Amazon Aurora multi-master DB cluster.
D. Migrate the database to an Amazon RDS for MySQL DB instance.
While setting up an AWS managed VPN connection, a SysOps administrator creates a customer gateway resource in AWS. The customer gateway device resides in a data center with a NAT gateway in front of it.
What address should be used to create the customer gateway resource?
A. The private IP address of the customer gateway device
B. The MAC address of the NAT device in front of the customer gateway device
C. The public IP address of the customer gateway device
D. The public IP address of the NAT device in front of the customer gateway device
A company uses an Amazon CloudFront distribution to deliver its website Traffic togs for the website must be centrally stored and all data must be encrypted at rest.
Which solution will meet these requirements?
A. Create an Amazon OpenSearch Service (Amazon Elasttcsearch Service) domain with internet access and server-side encryption that uses the default AWS managed key Configure CloudFront to use the Amazon OpenSearch Service (Amazon Elasticsearch Service) domain as a log destination
B. Create an Amazon OpenSearch Service (Amazon Elasticsearch Service) domain with VPC access and server-side encryption that uses AES-256 Configure CloudFront to use the Amazon OpenSearch Service (Amazon Elastcsearch Service) domain as a log destination
C. Create an Amazon S3 bucket that is configured with default server side encryption that uses AES-256 Configure CloudFront to use the S3 bucket as a log destination
D. Create an Amazon S3 bucket that is configured with no default encryption Enable encryption in the CloudFront dtstnbubon and use the S3 bucket as a log destination
A company wants to collect data from an application to use for analytics. For the first 90 days, the data will be infrequently accessed but must remain highly available. During this time, the company's analytics team requires access to the data in milliseconds. However, after 90 days, the company must retain the data for the long term at a lower cost. The retrieval time after 90 days must be less than 5 hours.
Which solution will meet these requirements MOST cost-effectively?
A. Store the data in S3 Standard-Infrequent Access (S3 Standard-IA) for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Flexible Retrieval after 90 days.
B. Store the data in S3 One Zone-Infrequent Access (S3 One Zone-IA) for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Deep Archive after 90 days.
C. Store the data in S3 Standard for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Flexible Retrieval after 90 days.
D. Store the data in S3 Standard for the first 90 days. Set up an S3 Lifecycle rule to move the data to S3 Glacier Deep Archive after 90 days.
A company has a cluster of Linux Amazon EC2 Spot Instances that read many files from and write many files to attached Amazon Elastic Block Store (Amazon EBS) volumes. The EC2 instances are frequently started and stopped. As part of the process when an EC2 instance starts, an EBS volume is restored from a snapshot.
EBS volumes that are restored from snapshots are experiencing initial performance that is lower than expected. The company's workload needs almost all the provisioned IOPS on the attached EBS volumes. The EC2 instances are unable to support the workload when the performance of the EBS volumes is too low. A SysOps administrator must implement a solution to ensure that the EBS volumes provide the expected performance when they are restored from snapshots.
Which solution will meet these requirements?
A. Configure fast snapshot restore (FSR) on the snapshots that are used.
B. Restore each snapshot onto an unencrypted EBS volume. Encrypt the EBS volume when the performance stabilizes.
C. Format the EBS volumes as XFS file systems before restoring the snapshots.
D. Increase the Linux read-ahead buffer to 1 MiB.
A company's social media application has strict data residency requirements. The company wants to use Amazon Route 53 to provide the application with DNS services.
A SysOps administrator must implement a solution that routes requests to a defined list of AWS Regions. The routing must be based on the user's location.
Which solution will meet these requirements?
A. Configure a Route 53 latency routing policy.
B. Configure a Route 53 multivalue answer routing policy.
C. Configure a Route 53 geolocation routing policy.
D. Configure a Route 53 IP-based routing policy.
Users are reporting consistent forced logouts from a stateful web application. The logouts occur before the expiration of a 15-minute application logout timer.
The web application is hosted on Amazon EC2 instances that are in an Auto Scaling group. The instances run behind an Application Load Balancer (ALB) that has a single target group. The ALB is configured as the origin in an Amazon CloudFront distribution. Session affinity (sticky sessions) is already enabled on the ALB target group and uses duration-based cookies. The web application generates its own application cookie.
Which combination of actions should a SysOps administrator take to resolve the logout problem? (Choose two.)
A. Change to the least outstanding requests algorithm on the ALB target group.
B. Configure cookie forwarding in the CloudFront distribution's cache behavior settings.
C. Configure the duration-based cookie to be named AWSALB.
D. Configure the ALB to use the expiration cookie header.
E. Change the ALB to use application-based cookies.
A SysOps administrator is re-architecting an application. The SysOps administrator has moved the database from a public subnet, where the database used a public endpoint, into a private subnet to restrict access from the public network. After this change, an AWS Lambda function that requires read access to the database cannot connect to the database. The SysOps administrator must resolve this issue without compromising security.
Which solution meets these requirements?
A. Create an AWS PrivateLink interface endpoint for the Lambda function. Connect to the database using its private endpoint.
B. Connect the Lambda function to the database VPC. Connect to the database using its private endpoint.
C. Attach an IAM role to the Lambda function with read permissions to the database.
D. Move the database to a public subnet. Use security groups for secure access.
A company wants to store sensitive financial data within Amazon S3 buckets. The company has a corporate policy that does not allow public read or write access to the buckets. A SysOps administrator must create a solution to automatically
remove S3 permissions that allow public read or write access.
Which AWS service should the SysOps administrator use to meet these requirements in the MOST operationally efficient manner?
A. AWS Config
B. AWS Security Hub
C. AWS Trusted Advisor
D. Amazon Inspector
A SysOps administrator receives an alert that a production Auto Scaling group has been scaled down to two Amazon EC2 instances. The Auto Scaling group was originally configured with a minimum capacity of three instances. However, the SysOps administrator confirms that the configuration now reflects a minimum capacity of two instances.
Which AWS service will help identify who made the change?
A. AWS Config
B. Amazon Inspector
C. Amazon Macie D. Amazon Cloud Watch Logs
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.