A company is releasing a new static website hosted on Amazon S3. The static website hosting feature was enabled on the bucket and content was uploaded: however, upon navigating to the site, the following error message is received:
403 Forbidden - Access Denied
What change should be made to fix this error?
A. Add a bucket policy that grants everyone read access to the bucket. B. Add a bucket policy that grants everyone read access to the bucket objects. C. Remove the default bucket policy that denies read access to the bucket. D. Configure cross-origin resource sharing (CORS) on the bucket.
B. Add a bucket policy that grants everyone read access to the bucket objects. { "Version": "2012-10-12", "Statement": { "Sid": "PublicReadGetObject", "Effect": "Allow", "Action": [ "s3:GetObject" ], "Principal": "*", "Resouce": [ "arn:aws:s3:::example-s3-website.com/*" ] } }
Question 532:
A SysOps administrator created an AWS Cloud Formation template that provisions Amazon EC2 instances, an Elastic Load Balancer (ELB), and an Amazon RDS DB instance. During stack creation, the creation of the EC2 instances and the creation of the ELB are successful. However, the creation of the DB instance fails.
What is the default behavior of CloudFormation in this scenario?
A. CloudFormation will roll back the stack and delete the stack. B. CloudFormation will roll back the stack but will not delete the stack. C. CloudFormation will prompt the user to roll back the stack or continue. D. CloudFormation will successfully complete the stack but will report a failed status for the DB instance.
B. CloudFormation will roll back the stack but will not delete the stack. CloudFormation will delete the resources it created during the stack creation attempt but it will not remove the stack record itself. This allows you to review the stack events and troubleshoot the reason for failure. I hope this clarifies the matter.
Question 533:
A SysOps administrator is responsible for a company's disaster recovery procedures. The company has a source Amazon S3 bucket in a production account, and it wants to replicate objects from the source to a destination S3 bucket in a nonproduction account. The SysOps administrator configures S3 cross-Region, cross-account replication to copy the source S3 bucket to the destination S3 bucket. When the SysOps administrator attempts to access objects in the destination S3 bucket, they receive an Access Denied error.
Which solution will resolve this problem?
A. Modify the replication configuration to change object ownership to the destination S3 bucket owner. B. Ensure that the replication rule applies to all objects in the source S3 bucket and is not scoped to a single prefix. C. Retry the request when the S3 Replication Time Control (S3 RTC) has elapsed. D. Verify that the storage class for the replicated objects did not change between the source S3 bucket and the destination S3 bucket.
A. Modify the replication configuration to change object ownership to the destination S3 bucket owner.
Question 534:
A company runs an application on Amazon EC2 instances. The EC2 instances are in an Auto Scaling group and run behind an Application Load Balancer (ALB). The application experiences errors when total requests exceed 100 requests per second. A SysOps administrator must collect information about total requests for a 2-week period to determine when requests exceeded this threshold.
What should the SysOps administrator do to collect this data?
A. Use the ALB's RequestCount metric. Configure a time range of 2 weeks and a period of 1 minute. Examine the chart to determine peak traffic times and volumes. B. Use Amazon CloudWatch metric math to generate a sum of request counts for all the EC2 instances over a 2-week period. Sort by a 1-minute interval. C. Create Amazon CloudWatch custom metrics on the EC2 launch configuration templates to create aggregated request metrics across all the EC2 instances. D. Create an Amazon EventBridge (Amazon CloudWatch Events) rule. Configure an EC2 event matching pattern that creates a metric that is based on EC2 requests. Display the data in a graph.
A. Use the ALB's RequestCount metric. Configure a time range of 2 weeks and a period of 1 minute. Examine the chart to determine peak traffic times and volumes. Explanation Explanation/Reference:The ALB's RequestCount metric provides the total number of requests processed by the ALB. By configuring a time range of 2 weeks with a 1-minute period, you can collect detailed data on request counts for each minute over the 2-week period. This will allow the SysOps administrator to visualize the traffic patterns and identify peak times when the requests exceeded the threshold of 100 requests per second.
Question 535:
A SysOps administrator needs to create a report that shows how many bytes are sent to and received from each target group member for an Application Load Balancer (ALB).
Which combination of steps should the SysOps administrator take to meet these requirements? (Select TWO.)
A. Enable access logging for the ALB. Save the logs to an Amazon S3 bucket. B. Install the Amazon CloudWatch agent on the Instances in the target group. C. Use Amazon Athena to query the ALB logs Query the table Use the received_bytes and senl_byt.es fields to calculate the total bytes grouped by the target:port field. D. Use Amazon Athena to query the ALB logs Query the table. Use the received_bytes and sent_byt.es fields to calculate the total bytes grouped by the clientport field E. Create an Amazon CloudWatch dashboard that shows the Sum statistic of the ProcessedBytes metric for the ALB.
A. Enable access logging for the ALB. Save the logs to an Amazon S3 bucket. C. Use Amazon Athena to query the ALB logs Query the table Use the received_bytes and senl_byt.es fields to calculate the total bytes grouped by the target:port field. Enable Access Logging for the ALB: Access logging provides detailed information about requests sent to your load balancer. Steps: Enable Access Logs for Your Load Balancer Use Amazon Athena to Query the ALB Logs: Athena allows you to run SQL queries on data stored in S3. Steps: Go to the AWS Management Console. Navigate to Athena. Create a table for the ALB logs using the appropriate schema. Run queries to calculate the total bytes sent and received, grouped by the target field. Example query: SELECT target, SUM(received_bytes) as total_received, SUM(sent_bytes) as total_sent FROM alb_logs GROUP BY target, port Analyzing Elastic Load Balancing Logs in Athena
Question 536:
A SysOps administrator must implement a limited rollout of a new version of the website to 20% of customers using Amazon Route 53.
A. Create a target group in Route 53. Set the routing algorithm to Weighted. Configure a weight of 80 for the original resource. Configure a weight of 20 for the new resource. B. Create a weighted routing policy. Configure a weight of 80 for the record that points to the original resource. Configure a weight of 20 for the record that points to the new resource. C. Create a multivalue answer routing policy. Configure a weight of 80 for the record that points to the original resource. Configure a weight of 20 for the record that points to the new resource. Enable session affinity (sticky sessions). D. Create a failover routing policy. Configure 80% of the website traffic to go to the original resource. Configure the remaining 20% of traffic as the failover record that points to the new resource.
B. Create a weighted routing policy. Configure a weight of 80 for the record that points to the original resource. Configure a weight of 20 for the record that points to the new resource.
Question 537:
A company is using a single AWS account to support a workload. A SysOps administrator is responsible for the security of the AWS account. The SysOps administrator must implement a solution to identify unusual API usage behavior by AWS users.
Which solution will meet this requirement with the LEAST operational overhead?
A. Enable Amazon GuardDuty on the account. Review GuardDuty findings to identify anomalous user behavior. B. Create an AWS CloudTrail trail. Export CloudTrail logs to Amazon S3. Query the logs for anomalous user behavior. C. Create VPC flow logs for all VPCs in the account. Use Amazon CloudWatch Logs Insights to query the logs for anomalous user behavior. D. Generate an IAM credential report for the account. Review the results to identify anomalous user behavior.
A. Enable Amazon GuardDuty on the account. Review GuardDuty findings to identify anomalous user behavior.
Question 538:
A company has a web application that is experiencing performance problems many times each night. A root cause analysis reveals sudden increases in CPU utilization that last 5 minutes on an Amazon EC2 Linux instance. A SysOps
administrator must find the process ID (PID) of the service or process that is consuming more CPU.
What should the SysOps administrator do to collect the process utilization information with the LEAST amount of effort?
A. Configure the Amazon CloudWatch agent procstat plugin to capture CPU process metrics. B. Configure an AWS Lambda function to run every minute to capture the PID and send a notification. C. Log in to the EC2 instance by using a .pem key each night. Then run the top command. D. Use the default Amazon CloudWatch CPU utilization metric to capture the PID in CloudWatch.
A. Configure the Amazon CloudWatch agent procstat plugin to capture CPU process metrics. The procstat plugin enables you to collect metrics from individual processes. It is supported on Linux servers and on servers running Windows Server 2012 or later. https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-procstat-process-metrics.html
Question 539:
A company has an application that runs on a fleet of Amazon EC2 instances behind an Elastic Load Balancer. The instances run in an Auto Scaling group. The application's performance remains consistent throughout most of each day.
However, an increase in user traffic slows the performance during the same 4-hour period of time each day.
What is the MOST operationally efficient solution that will resolve this issue?
A. Configure a second Elastic Load Balancer in front of the Auto Scaling group with a weighted routing policy. B. Configure the fleet of EC2 instances to run on larger instance types to support the increase in user traffic. C. Create a scheduled scaling action to scale out the number of EC2 instances shortly before the increase in user traffic occurs. D. Manually add a few more EC2 instances to the Auto Scaling group to support the increase in user traffic.
C. Create a scheduled scaling action to scale out the number of EC2 instances shortly before the increase in user traffic occurs. https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-scheduled-scaling.html
Question 540:
A company's architecture team must receive immediate email notification whenever new Amazon EC2 instances are launched in the company's main AWS production account. `What should a SysOps administrator do to meet this requirement?
A. Create a user data script that sends an email message through a smart host connector. Include the architecture team's email address in the user data script as the recipient. Ensure that all new EC2 instances include the user data script as part of a standardized build process. B. Create an Amazon Simple Notification Service (Amazon SNS) topic and a subscription that uses the email protocol. Enter the architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched. Specify the SNS topic as the rule's target. C. Create an Amazon Simple Queue Service (Amazon SQS) queue and a subscription that uses the email protocol. Enter the architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched. Specify the SQS queue as the rule's target. D. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure AWS Systems Manager to publish EC2 events to the SNS topic. Create an AWS Lambda function to poll the SNS topic. Configure the Lambda function to send any messages to the architecture team's email address.
B. Create an Amazon Simple Notification Service (Amazon SNS) topic and a subscription that uses the email protocol. Enter the architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched. Specify the SNS topic as the rule's target. Should use Eventbridge rule -> SNS -> send email
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SOA-C02 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.