A company has users that deploy Amazon EC2 instances with more Amazon EBS performance capacity than required. A CloudOps engineer must review all EBS volumes and create cost optimization recommendations based on IOPS and throughput .
What should the CloudOps engineer do in the MOST operationally efficient way?
A. Review EC2 console monitoring graphs manually.A company needs to ensure that an Application Load Balancer is protected against common web exploits and that rules can be centrally managed across multiple accounts.
Which solution will meet these requirements?
A. Deploy AWS WAF on each ALB and manage rules individually per account.A company runs an application on Amazon EC2 instances behind an Application Load Balancer (ALB).
The company must tolerate the loss of an Availability Zone with minimal downtime and without changing the application's endpoint.
Which solution will meet these requirements?
A. Deploy the instances in a single Availability Zone and enable EC2 instance recovery.A company asks a SysOps administrator to provision an additional environment for an application in four additional AWS Regions. The application is running on more than 100 Amazon EC2 instances in the us- east- 1 Region, using fully configured Amazon Machine Images (AMIs). The company has an AWS CloudFormation template to deploy resources in us-east-1.
What should the SysOps administrator do to provision the application in the MOST operationally efficient manner?
A. Copy the AMI to each Region by using the aws ec2 copy-image command. Update the CloudFormation template to include mappings for the copied AMIs.A CloudOps engineer must manage the security of an AWS account. Recently, an IAM user's access key was mistakenly uploaded to a public code repository. The engineer must identify everything that was changed using this compromised key.
How should the CloudOps engineer meet these requirements?
A. Create an Amazon EventBridge rule to send all IAM events to an AWS Lambda function for analysis.A company builds golden AMIs for production. The CloudOps engineer must automate image creation, include hardening steps, and run validation tests before AMIs are used.
Which solution will meet these requirements?
A. Use EC2 Image Builder pipelines with components for hardening and testing.A company runs an application that logs user data to an Amazon CloudWatch Logs log group. The company discovers that personal information the application has logged is visible in plain text in the CloudWatch logs.
The company needs a solution to redact personal information in the logs by default. Unredacted information must be available only to the company's security team.
Which solution will meet these requirements?
A. Create an Amazon S3 bucket. Create an export task from appropriate log groups in CloudWatch. Export the logs to the S3 bucket. Configure an Amazon Macie scan to discover personal data in the S3 bucket. Invoke an AWS Lambda function to move identified personal data to a second S3 bucket. Update the S3 bucket policies to grant only the security team access to both buckets.A SysOps administrator is configuring an Auto Scaling group of Amazon EC2 instances for an application. The average CPU utilization of the instances in the Auto Scaling group must remain at approximately 40% when the load on the application changes.
Which solution will meet this requirement in the MOST operationally efficient manner?
A. Create a scheduled scaling action. Configure the action to run at times when the application typically experiences an increase in traffic.A CloudOps engineer needs to automatically restart a failed application process when specific error patterns appear in application logs stored in CloudWatch Logs.
Which architecture aligns with AWS recommended operational best practices?
A. CloudWatch Logs subscription filter --- Lambda --- restart processA company uses AWS Organizations to manage its AWS environment. The company implements a process that uses prebuilt Amazon Machine Images (AMIs) to launch instances as a security measure. All AMIs are tagged automatically with a key named ApprovedAMI.
The company wants to ensure that employees can use only the approved prebuilt AMIs to launch new instances.
Which solution will meet this requirement?
A. Implement a tag policy for the company's organization to require users to set the ApprovedAMI tag to launch new EC2 instances.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SOA-C03 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.