SOA-C02 Exam Details

  • Exam Code
    :SOA-C02
  • Exam Name
    :AWS Certified SysOps Administrator - Associate (SOA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :657 Q&As
  • Last Updated
    :Oct 14, 2025

Amazon SOA-C02 Online Questions & Answers

  • Question 41:

    A company stores sensitive data in an Amazon S3 bucket. The company must log all access attempts to the S3 bucket. The company's risk team must receive immediate notification about any delete events. Which solution will meet these requirements?

    A. Enable S3 server access logging for audit logs. Set up an Amazon Simple Notification Service (Amazon SNSJ notification for the S3 bucket. Select DeleteObject tor the event type for the alert system.
    B. Enable S3 server access logging for audit logs. Launch an Amazon EC2 instance for the alert system. Run a cron job on the EC2 instance to download the access logs each day and to scan for a DeleteObject event.
    C. Use Amazon CloudWatch Logs for audit logs. Use Amazon CloudWatch alarms with an Amazon Simple Notification Service (Amazon SNS) notification for the alert system.
    D. Use Amazon CloudWatch Logs for audit logs. Launch an Amazon EC2 instance for The alert system. Run a cron job on the EC2 Instance each day to compare the list of the items with the list from the previous day. Configure the cron job to send a notification if an item is missing.

  • Question 42:

    A company stores its internal data within an Amazon S3 bucket. All existing data within the S3 bucket is protected by using server-side encryption with Amazon S3 managed encryption keys (SSE-S3). S3 Versioning is enabled. A SysOps administrator must replicate the internal data to another S3 bucket in a different AWS account for disaster recovery. All the existing data is copied from the source S3 bucket to the destination S3 bucket.

    Which replication solution is MOST operationally efficient?

    A. Add a replication rule to the source bucket and specify the destination bucket. Create a bucket policy for the destination bucket to allow the owner of the source bucket to replicate objects.
    B. Schedule an AWS Batch job with Amazon EventBridge to copy new objects from the source bucket to the destination bucket. Create a Batch Operations IAM role in the destination account.
    C. Configure an Amazon S3 event notification for the source bucket to invoke an AWS Lambda function to copy new objects to the destination bucket. Ensure that the Lambda function has cross-account access permissions.
    D. Run a scheduled script on an Amazon EC2 instance to copy new objects from the source bucket to the destination bucket. Assign cross-account access permissions to the EC2 instance's role.

  • Question 43:

    A company is creating an application that runs on smart TVs and mobile phones. Static images for the application are loaded from an Amazon CloudFront distribution.

    The images have large file sizes that result in a poor experience for users of mobile devices. The company has created a set of smaller images for mobile devices.

    A SysOps administrator must configure CloudFront to cache different content based on the user's device type.

    Which solution will meet this requirement?

    A. Create two new CloudFront distributions: one distribution with the smart TV resources, and one distribution with the mobile device resources. Create a CloudFront behavior. Add a policy to send the requests to the correct distribution.
    B. Set the Elemental-MediaTailor-PersonalizedManifests origin request policy on the CloudFront distribution to enable caching of different images depending on the requesting device.
    C. Create a CloudFront origin request policy. Include the CloudFront-Is-SmartTV-Viewer header and the CloudFront-Is-Mobile-Viewer header in the origin request settings.
    D. Configure AWS Amplify to set the CloudFront distribution origin request policy to enable caching of different images for mobile devices.

  • Question 44:

    A data analytics application is running on an Amazon EC2 instance. A SysOps administrator must add custom dimensions to the metrics collected by the Amazon CloudWatch agent. How can the SysOps administrator meet this requirement?

    A. Create a custom shell script to extract the dimensions and collect the metrics using the Amazon CloudWatch agent.
    B. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to evaluate the required custom dimensions and send the metrics to Amazon Simple Notification Service (Amazon SNS).
    C. Create an AWS Lambda function to collect the metrics from AWS CloudTrail and send the metrics to an Amazon CloudWatch Logs group.
    D. Create an append_dimensions field in the Amazon CloudWatch agent configuration file to collect the metrics.

  • Question 45:

    A company is running a serverless application on AWS Lambda The application stores data in an Amazon RDS for MySQL DB instance Usage has steadily increased and recently there have been numerous "too many connections" errors when the Lambda function attempts to connect to the database The company already has configured the database to use the maximum max_connections value that is possible.

    What should a SysOps administrator do to resolve these errors'?

    A. Create a read replica of the database Use Amazon Route 53 to create a weighted DNS record that contains both databases
    B. Use Amazon RDS Proxy to create a proxy Update the connection string in the Lambda function
    C. Increase the value in the max_connect_errors parameter in the parameter group that the database uses
    D. Update the Lambda function's reserved concurrency to a higher value

  • Question 46:

    A company uses AWS Organizations to manage its AWS accounts. A SysOps administrator must create a backup strategy for all Amazon EC2 instances across all the company's AWS accounts.

    Which solution will meet these requirements In the MOST operationally efficient way?

    A. Deploy an AWS Lambda function to each account to run EC2 instance snapshots on a scheduled basis.
    B. Create an AWS CloudFormation stack set in the management account to add an AutoBackup=True tag to every EC2 instance
    C. Use AWS Backup In the management account to deploy policies for all accounts and resources.
    D. Use a service control policy (SCP) to run EC2 instance snapshots on a scheduled basis in each account.

  • Question 47:

    A SysOps administrator wants to securely share an object from a private Amazon S3 bucket with a group of users who do not have an AWS account. What is the MOST operationally efficient solution that will meet this requirement?

    A. Attach an S3 bucket policy that only allows object downloads from the users' IP addresses.
    B. Create an IAM role that has access to the object. Instruct the users to assume the role.
    C. Create an IAM user that has access to the object. Share the credentials with the users.
    D. Generate a presigned URL for the object. Share the URL with the users.

  • Question 48:

    A company's VPC has connectivity to an on-premises data center through an AWS Site-to- Site VPN. The company needs Amazon EC2 instances in the VPC to send DNS queries for example com to the DNS servers in the data center.

    Which solution will meet these requirements?

    A. Create an Amazon Route 53 Resolver inbound endpoint Create a conditional forwarding rule on the on-primes DNS servers to forward DNS requests for example.com to the inbound endpoints.
    B. Create an Amazon Route 53 Resolver inbound endpoint Create a forwarding rule on the resolver that sends all queries for example.com to the on-premises DNS servers. Associate this rule with the VPC.
    C. Create an Amazon Route 53 Resolver outbound endpoint Create a conditional forwarding rule on the on-premises DNS servers to forward DNS requests for example.com to the outbound endpoints
    D. Create an Amazon Route 53 Resolver outbound endpoint. Create a forwarding rule on the resolver that sends all queries for exarrc4e.com to the on-premises DNS servers Associate this rule with the VPC.

  • Question 49:

    A development team created and deployed a new AWS Lambda function 15 minutes ago. Although the function was invoked many times, Amazon CloudWatch Logs are not showing any log messages. What is one cause of this?

    A. The developers did not enable log messages for this Lambda function.
    B. The Lambda function's role does not include permissions to create CloudWatch Logs items.
    C. The Lambda function raises an exception before the first log statement has been reached.
    D. The Lambda functions creates local log files that have to be shipped to CloudWatch Logs first before becoming visible.

  • Question 50:

    A company has an NFS server running on a single Amazon EC2 instance. A SysOps administrator needs to replace the NFS server with a highly available file system. A total of 30 EC2 instances, spread across multiple Availability Zones, must connect to the file system to store and retrieve shared images and data. The administrator plans to use Amazon Elastic File System (Amazon EFS) for the file system.

    Which solution will meet these requirements?

    A. Create a new EFS file system in each Availability Zone. Configure the file systems to use the EFS One Zone storage class. Create an Amazon Route 53 alias record. Turn on health checks. Configure the record to resolve to the EFS file systems. Configure each EC2 instance to connect to the alias record.
    B. Create a new EFS file system that uses the EFS Standard storage class. Configure each EC2 instance to connect to the mount target in its own AWS Region.
    C. Create a new EFS file system in each Availability Zone. Configure the file systems to use the EFS One Zone storage class. Configure each EC2 instance to connect to the mount target in its own Availability Zone.
    D. Create a new EFS file system that uses the EFS Standard storage class. Configure each EC2 instance to connect to the mount target in its own Availability Zone.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.