A company runs a web application that users access using the name www example com. The company manages the domain name example.com using Amazon Route 53. The company created an Amazon CloudFront distribution in front of the application and would like www.example.com to access the application through CloudFront.
What is the MOST cost-effective way to achieve this?
A. Create a CNAME record in Amazon Route 53 that points to the CloudFront distribution URL.
B. Create an ALIAS record in Amazon Route 53 that points to the CioudFront distribution URL.
C. Create an A record in Amazon Route 53 that points to the public IP address of the web application,
D. Create a PTR record in Amazon Route 53 that points to the public IP address of the web application.
A company has set up an IPsec tunnel between its AWS environment and its on-premises data center. The tunnel is reporting as UP, but the Amazon EC2 instances are not able to ping any on-premises resources. What should a SysOps administrator do to resolve this issue?
A. Create a new inbound rule on the EC2 instances' security groups to allow ICMP traffic from the on-premises CIDR.
B. Create a peering connection between the IPsec tunnel and the subnet of the EC2 instances.
C. Enable route propagation for the virtual private gateway in the route table that is assigned to the subnet of the EC2 instances.
D. Modify the VPC's DHCP options set. Add the IPsec tunnel to the VPN section.
A SysOps administrator is configuring Amazon CloudWatch alarms. A particular is constantly in the ALARM state. What could be the reason for this issue?
A. Alarms continue to evaluate metrics against configured thresholds, even after they are triggered.
B. After alarms are triggered, they remain in the ALARM state until they are manually disabled.
C. After an alarm is triggered and an action is performed, the application logic must reset the alarm to its normal state.
D. The alarm is not receiving appropriate metrics.
A company's security policy states that connecting to Amazon EC2 instances is not permitted through SSH and ROP. If access is required, authorized staff can connect to instances by using AWS Systems Manager Session Manager.
Users report that they are unable to connect to one specific Amazon EC2 instance that is running Ubuntu and has AWS Systems Manager Agent (SSM Agent) pre-installed. These users are able to use Session Manager to connect to other
instances in the same subnet, and they are in an IAM group that has Session Manager permission for all instances.
What should a SysOps administrator do to resolve this issue?
A. Add an inbound rule for port 22 in the security group associated with the Ubuntu instance.
B. Assign the AmazonSSMManagedInstanceCore managed policy to the EC2 instance profile for the Ubuntu instance.
C. Configure the SSM Agent to log in with a user name of "ubuntu".
D. Generate a new key pair, configure Session Manager to use this new key pair, and provide the private key to the users.
A company has an application that runs behind an Application Load Balancer (ALB) in the us-west-2 Region. An Amazon Route 53 record set contains an alias record for app.anycompany.com that references the ALB in us-west-2 and uses a simple routing policy. The application is experiencing an increase in users from other locations in the world. These users are experiencing high latency.
Most of the new users are close to the ap-southeast-2 Region. The company deploys a copy of the application to ap-southeast-2. A SysOps administrator must implement a solution that automatically routes requests to the lowest latency endpoint for users without changing the URL.
Which solution will meet these requirements?
A. Add a new value to the existing alias record for app.anycompany.com with the DNS name of the new ALB in ap-southeast-2.
B. Change the existing alias record to use a geolocation routing policy. Create two geolocation records, one record that references each ALSelect the location that is closest to each Region.
C. Change the existing alias record to use a latency routing policy. Create two latency records, one record that references each ALB.
D. Change the existing alias record to use a multivalue routing policy Add the DNS name of each ALB to the record.
A company runs a high performance computing (HPC) application on an Amazon EC2 instance. The company needs to scale this architecture to two or more EC2 instances. The EC2 instances will need to communicate with each other at
high speeds with low latency to support the application.
The company wants to ensure that the network performance can support the required communication between the EC2 instances
What should a SysOps administrator do to meet these requirements?
A. Create a cluster placement group. Back up the existing EC2 instance to an Amazon Machine Image (AMI). Restore the EC2 instance from the AMI into the placement group. Launch the additional EC2 instances into the placement group.
B. Back up the existing EC2 instance to an Amazon Machine Image (AMI). Create a launch template from the existing EC2 instance by specifying the AMI. Create an Auto Scaling group and configure the desired instance count.
C. Create a Network Load Balancer (NLB) and a target group. Launch the new EC2 instances and register them with the target group. Register the existing EC2 instance with the target group. Pass all application traffic through the NLB.
D. Back up the existing EC2 instance to an Amazon Machine Image (AMI). Create additional clones of the EC2 instance from the AMI in the same Availability Zone where the existing EC2 instance is located.
A developer creates an AWS Lambda function that runs when an object is put into an Amazon S3 bucket. The function reformats the object and places the object back into the S3 bucket. During testing, the developer notices a recursive invocation loop. The developer asks a SysOps administrator to immediately stop the recursive invocations.
What should the SysOps administrator do to stop the loop without errors?
A. Delete all the objects from the S3 bucket.
B. Set the function's reserved concurrency to 0.
C. Update the S3 bucket policy to deny access for the function.
D. Publish a new version of the function.
A company hosts an internet web application on Amazon EC2 instances. The company is replacing the application with a new AWS Lambda function. During a transition period, the company must route some traffic to the legacy application and some traffic to the new Lambda function. The company needs to use the URL path of request to determine the routing.
Which solution will meet these requirements?
A. Configure a Gateway Load Balancer to use the URL path to direct traffic to the legacy application and the new Lambda function.
B. Configure a Network Load Balancer to use the URL path to direct traffic to the legacy application and the new Lambda function.
C. Configure a Network Load Balancer to use a regular expression to match the URL path to direct traffic to the new Lambda function.
D. Configure an Application Load Balancer to use the URL path to direct traffic to the legacy application and the new Lambda function.
A company has a secure website running on Amazon EC2 instances behind an Application Load Balancer (ALB). An SSL certificate from AWS Certificate Manager (ACM) is used on the ALB. Users with legacy web browsers are experiencing issues with the website.
How should the SysOps administrator resolve these issues in the MOST operationally efficient manner?
A. Create a new SSL certificate in ACM and install the new certificate on the ALB to support legacy web browsers.
B. Create a second ALB and install a custom SSL certificate with a different domain name on the second ALB to support legacy web browsers.
C. Remove the ALB from the configuration and install a custom SSL certificate on each web server.
D. Update the SSL negotiation configuration of the ALB with a security policy that contains ciphers for legacy web browsers.
ASysOps administrator configures an application to run on Amazon EC2 instances behind an Application Load Balancer (ALB) in a simple scaling Auto Scaling group with the default settings. The Auto Scaling group is configured to use the RequestCountPerTarget metric for scaling. The SysOps administrator notices that the RequestCountPerTarget metric exceeded the specified limit twice in 180 seconds.
How will the number of EC2 instances in this Auto Scaling group be affected in this scenario?
A. The Auto Scaling group will launch an additional EC2 instance every time the RequestCountPerTarget metric exceeds the predefined limit.
B. The Auto Scaling group will launch one EC2 instance and will wait for the default cooldown period before launching another instance.
C. The Auto Scaling group will send an alert to the ALB to rebalance the traffic and not add new EC2 instances until the load is normalized.
D. The Auto Scaling group will try to distribute the traffic among all EC2 instances before launching another instance.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.