SOA-C02 Exam Details

  • Exam Code
    :SOA-C02
  • Exam Name
    :AWS Certified SysOps Administrator - Associate (SOA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :657 Q&As
  • Last Updated
    :Oct 14, 2025

Amazon SOA-C02 Online Questions & Answers

  • Question 61:

    A SysOps administrator is reviewing VPC Flow Logs to troubleshoot connectivity issues in a VPC. While reviewing the logs, the SysOps administrator notices that rejected traffic is not listed.

    What should the SysOps administrator do to ensure that all traffic is logged?

    A. Create a new flow log that has a filter setting to capture all traffic.
    B. Create a new flow log. Set the log record format to a custom format. Select the proper fields to include in the log.
    C. Edit the existing flow log. Change the filter setting to capture all traffic.
    D. Edit the existing flow log. Set the log record format to a custom format. Select the proper fields to include in the log.

  • Question 62:

    A company has migrated its application to AWS. The company will host the application on Amazon EC2 instances of multiple instance families. During initial testing, a SysOps administrator identifies performance issues on selected EC2

    instances. The company has a strict budget allocation policy, so the SysOps administrator must use the right resource types with the performance characteristics to match the workload.

    What should the SysOps administrator do to meet this requirement?

    A. Purchase regional Reserved Instances (RIs) for immediate cost savings. Review and take action on the EC2 rightsizing recommendations in Cost Explorer. Exchange the RIs for the optimal instance family after rightsizing.
    B. Purchase zonal Reserved Instances (RIs) for the existing instances. Monitor the RI utilization in the AWS Billing and Cost Management console. Make adjustments to instance sizes to optimize utilization.
    C. Review and take action on AWS Compute Optimizer recommendations. Purchase Compute Savings Plans to reduce the cost that is required to run the compute resources.
    D. Review resource utilization metrics in the AWS Cost and Usage Report. Rightsize the EC2 instances. Create On-Demand Capacity Reservations for the rightsized resources.

  • Question 63:

    A SysOps administrator is required to monitor free space on Amazon EBS volumes attached to Microsoft Windows-based Amazon EC2 instances within a company's account. The administrator must be alerted to potential issues.

    What should the administrator do to receive email alerts before low storage space affects EC2 instance performance?

    A. Use built-in Amazon CloudWatch metrics, and configure CloudWatch alarms and an Amazon SNS topic for email notifications
    B. Use AWS CloudTrail logs and configure the trail to send notifications to an Amazon SNS topic.
    C. Use the Amazon CloudWatch agent to send disk space metrics, then set up CloudWatch alarms using an Amazon SNS topic.
    D. Use AWS Trusted Advisor and enable email notification alerts for EC2 disk space

  • Question 64:

    A company is creating a new multi-account architecture. A Sysops administrator must implement a login solution to centrally manage user access and permissions across all AWS accounts. The solution must be integrated with AWS Organizations and must be connected to a third-party Security Assertion Markup Language (SAML) 2.0 identity provider (IdP).

    What should the SysOps administrator do to meet these requirements?

    A. Configure an Amazon Cognito user pool. Integrate the user pool with the third-party IdP.
    B. Enable and configure AWS Single Sign-On with the third-party IdP.
    C. Federate the third-party IdP with AWS Identity and Access Management (IAM) for each AWS account in the organization.
    D. Integrate the third-party IdP directly with AWS Organizations.

  • Question 65:

    A company creates custom AMI images by launching new Amazon EC2 instances from an AWS CloudFormation template it installs and configure necessary software through AWS OpsWorks and takes images of each EC2 instance. The

    process of installing and configuring software can take between 2 to 3 hours but at limes the process stalls due to installation errors.

    The SysOps administrator must modify the CloudFormation template so if the process stalls, the entire stack will tail and roil back.

    Based on these requirements what should be added to the template?

    A. Conditions with a timeout set to 4 hours.
    B. CreationPolicy with timeout set to 4 hours.
    C. DependsOn a timeout set to 4 hours.
    D. Metadata with a timeout set to 4 hours

  • Question 66:

    A company has scientists who upload large data objects to an Amazon S3 bucket. The scientists upload the objects as multipart uploads. The multipart uploads often fail because of poor end-client connectivity.

    The company wants to optimize storage costs that are associated with the data. A SysOps administrator must implement a solution that presents metrics for incomplete uploads. The solution also must automatically delete any incomplete uploads after 7 days.

    Which solution will meet these requirements?

    A. Review the Incomplete Multipart Upload Bytes metric in the S3 Storage Lens dashboard. Create an S3 Lifecycle policy to automatically delete any incomplete multipart uploads after 7 days.
    B. Implement S3 Intelligent-Tiering to move data into lower-cost storage classes after 7 days. Create an S3 Storage Lens policy to automatically delete any incomplete multipart uploads after 7 days.
    C. Access the S3 console. Review the Metrics tab to check the storage that incomplete multipart uploads are consuming. Create an AWS Lambda function to delete any incomplete multipart uploads after 7 days.
    D. Use the S3 analytics storage class analysis tool to identify and measure incomplete multipart uploads. Configure an S3 bucket policy to enforce restrictions on multipart uploads to delete incomplete multipart uploads after 7 days.

  • Question 67:

    A company has several business units that want to use Amazon EC2. The company wants to require all business units to provision their EC2 instances by using only approved EC2 instance configurations. What should a SysOps administrator do to implement this requirement?

    A. Create an EC2 instance launch configuration. Allow the business units to launch EC2 instances by specifying this launch configuration in the AWS Management Console.
    B. Develop an IAM policy that limits the business units to provision EC2 instances only. Instruct the business units to launch instances by using an AWS CloudFormation template.
    C. Publish a product and launch constraint role for EC2 instances by using AWS Service Catalog. Allow the business units to perform actions in AWS Service Catalog only.
    D. Share an AWS CloudFormation template with the business units. Instruct the business units to pass a role to AWS CloudFormation to allow the service to manage EC2 instances.

  • Question 68:

    A SysOps administrator is setting up a fleet of Amazon EC2 instances in an Auto Scaling group for an application. The fleet should have 50% CPU available at that times to accommodate bursts of traffic. The load will increase significantly between the hours of

    09:00 and 17:00,7 days a week.

    How should the SysOps administrator configure the scaling of the EC2 instances to meet these requirements?

    A. Create a target tracking scaling policy that runs when the CPU utilization is higher than 90%
    B. Create a target tracking scaling policy that runs when the CPU utilization is higher than 50%. Create a scheduled scaling policy that ensures that the fleet is available at 09:00 Create a second scheduled scaling policy that scales in the fleet at 17:00
    C. Set the Auto Scaling group to start with 2 instances by setting the desired instances maximum instances, and minimum instances to 2 Create a scheduled scaling policy that ensures that the fleet is available at 09:00
    D. Create a scheduled scaling policy that ensures that the fleet is available at 09.00. Create a second scheduled scaling policy that scales in the fleet at 17:00

  • Question 69:

    A company needs to automatically monitor an AWS account for potential unauthorized AWS Management Console logins from multiple geographic locations.

    Which solution will meet this requirement?

    A. Configure Amazon Cognito to detect any compromised IAM credentials.
    B. Set up Amazon Inspector. Scan and monitor resources for unauthorized logins.
    C. Set up AWS Config. Add the iam-policy-blacklisted-check managed rule to the account.
    D. Configure Amazon GuardDuty to monitor the UnauthorizedAccess:IAMUser/ConsoleLoginSuccess finding.

  • Question 70:

    The SysOps administrator needs to create a key policy that grants data engineers least privilege access to decrypt and read data from an S3 bucket encrypted with KMS.

    A. "kms:ReEncrypt*", "kms:GenerateDataKey*", "kms:Encrypt", "kms:DescribeKey"
    B. "kms:ListAliases", "kms:GetKeyPolicy", "kms:Describe*", "kms:Decrypt"
    C. "kms:ListAliases", "kms:DescribeKey", "kms:Decrypt"
    D. "kms:Update*", "kms:TagResource", "kms:Revoke*", "kms:Put*", "kms:List*", "kms:Get*", "kms:Enable*", "kms:Disable*", "kms:Describe*", "kms:Delete*", "kms:Create*", kms:CancelKeyDeletion

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.