SOA-C02 Exam Details

  • Exam Code
    :SOA-C02
  • Exam Name
    :AWS Certified SysOps Administrator - Associate (SOA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :657 Q&As
  • Last Updated
    :Oct 14, 2025

Amazon SOA-C02 Online Questions & Answers

  • Question 81:

    A company uses AWS Cloud Formation to deploy its infrastructure. The company recently retired an application. A cloud operations engineer initiates CloudFormation stack deletion, and the stack gets stuck in DELETE FAILED status.

    A SysOps administrator discovers that the stack had deployed a security group. The security group is referenced by other security groups in the environment. The SysOps administrator needs to delete the stack without affecting other applications.

    Which solution will meet these requirements m the MOST operationally efficient manner?

    A. Create a new security group that has a different name Apply identical rules to the new security group. Replace all other security groups that reference the new security group. Delete the stack.
    B. Create a CloudFormation change set to delete the security group. Deploy the change set.
    C. Delete the stack again. Specify that the security group be retained.
    D. Perform CloudFormation drift detection Delete the stack.

  • Question 82:

    A SysOps administrator wants to share a copy of a production database with a migration account. The production database is hosted on an Amazon RDS DB instance and is encrypted at rest with an AWS Key Management Service (AWS KMS) key that has an alias of production-rds-key.

    What must the SysOps administrator do to meet these requirements with the LEAST administrative overhead?

    A. Take a snapshot of the RDS DB instance in the production account. Amend the KMS key policy of the production-rds-key KMS key to give access to the migration account's root user. Share the snapshot with the migration account.
    B. Create an RDS read replica in the migration account. Configure the KMS key policy to replicate the production-rds-key KMS key to the migration account.
    C. Take a snapshot of the RDS DB instance in the production account. Share the snapshot with the migration account. In the migration account, create a new KMS key that has an identical alias.
    D. Use native database toolsets to export the RDS DB instance to Amazon S3. Create an S3 bucket and an S3 bucket policy for cross account access between the production account and the migration account. Use native database toolsets to import the database from Amazon S3 to a new RDS DB instance.

  • Question 83:

    A SysOps administrator is re-architecting an application. The SysOps administrator has moved the database from a public subnet, where the database used a public endpoint, into a private subnet to restrict access from the public network. After this change, an AWS Lambda function that requires read access to the database cannot connect to the database. The SysOps administrator must resolve this issue without compromising security.

    Which solution meets these requirements?

    A. Create an AWS PrivateLink interface endpoint for the Lambda function. Connect to the database using its private endpoint.
    B. Connect the Lambda function to the database VPC. Connect to the database using its private endpoint.
    C. Attach an IAM role to the Lambda function with read permissions to the database.
    D. Move the database to a public subnet. Use security groups for secure access.

  • Question 84:

    A development team recently deployed a new version of a web application to production. After the release, penetration testing revealed a cross-site scripting vulnerability that could expose user data. Which AWS service will mitigate this issue?

    A. AWS Shield Standard
    B. AWS WAF
    C. Elastic Load Balancing
    D. Amazon Cognito

  • Question 85:

    A company runs an encrypted Amazon RDS for Oracle DB instance. The company wants to make regular backups available in another AWS Region. What is the MOST operationally efficient solution that meets these requirements?

    A. Modify the DB instance. Enable cross-Region automated backups.
    B. Create an RDS read replica in another Region. Create a snapshot of the read replica.
    C. Use AWS Database Migration Service (AWS DMS) to copy the data to a DB instance in another Region.
    D. Temporarily turn off encryption on the DB instance. Take a snapshot. Copy the snapshot to another Region.

  • Question 86:

    A SysOos administrator s tasked with analyzing database performance. The database runs on a single Amazon RDS D6 instance. The SysOps administrator finds that, during times of peak traffic, resources on the database are over utilized due to the amount of read traffic.

    Which actions should the SysOps administrator take to improve RDS performance? (Select TWO.)

    A. Add a read replica.
    B. Modify the application to use Amazon ElastiCache for Memcached.
    C. Migrate the database from RDS to Amazon DynamoDB.
    D. Migrate the database to Amazon EC2 with enhanced networking enabled
    E. Upgrade the database to a Multi-AZ deployment.

  • Question 87:

    A company is running production workloads that use a Multi-AZ deployment of an Amazon RDS for MySQL db.m6g.xlarge (general purpose) standard DB instance. Users report that they are frequently encountering a "too many connections" error. A SysOps administrator observes that the number of connections on the database is high.

    The SysOps administrator needs to resolve this issue while keeping code changes to a minimum.

    Which solution will meet these requirements MOST cost-effectively?

    A. Modify the RDS for MySQL DB instance to a larger instance size.
    B. Modify the RDS for MySQL DB instance to Amazon DynamoDB.
    C. Configure RDS Proxy. Modify the application configuration file to use the RDS Proxy endpoint.
    D. Modify the RDS for MySQL DB instance to a memory optimized DB instance.

  • Question 88:

    An application accesses data through a file system interface. The application runs on Amazon EC2 instances in multiple Availability Zones, all of which must share the same data. While the amount of data is currently small, the company anticipates that it will grow to tens of terabytes over the lifetime of the application.

    What is the MOST scalable storage solution to fulfill this requirement?

    A. Connect a large Amazon EBS volume to multiple instances and schedule snapshots.
    B. Deploy Amazon EFS in the VPC and create mount targets in multiple subnets.
    C. Launch an EC2 instance and share data using SMB/CIFS or NFS.
    D. Deploy an AWS Storage Gateway cached volume on Amazon EC2.

  • Question 89:

    A company has a non-production application that runs on an Amazon EC2 instance. The Amazon CloudWatch agent is installed on the EC2 instance. The application includes a process that randomly overuses temporary disk space and fills disks to 100% capacity. A SysOps administrator needs to automate a reboot of the EC2 instance after the disks reach 100% capacity.

    Which solution will meet this requirement in the MOST operationally efficient way?

    A. Create a CloudWatch alarm for the EC2 instance. Create an Amazon EventBridge event rule that reacts to the CloudWatch alarm and reboots the EC2 instance.
    B. Create a CloudWatch alarm for the EC2 instance. Create an Amazon Simple Email Service (Amazon SES) notification that reacts to the CloudWatch alarm and reboots the EC2 instance.
    C. Create an AWS Lambda function to reboot the EC2 instance. Create a CloudWatch alarm that uses Amazon EventBridge to invoke the Lambda function.
    D. Create an AWS Lambda function to reboot the EC2 instance. Use EC2 health checks to invoke the Lambda function.

  • Question 90:

    A company with multiple AWS accounts needs to obtain recommendations for AWS Lambda functions and identify optimal resource configurations for each Lambda function. How should a SysOps administrator provide these recommendations?

    A. Create an AWS Serverless Application Repository and export the Lambda function recommendations.
    B. Enable AWS Compute Optimizer and export the Lambda function recommendations
    C. Enable all features of AWS Organization and export the recommendations from AWS CloudTrail Insights.
    D. Run AWS Trusted Advisor and export the Lambda function recommendations

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.