...

info@certsmasters.com

Verified Content • 24/7 Access • Free Updates
CertsMasters logo

Exam overview

Amazon SOA-C02 Exam Questions

Vendor

Amazon

Exam Code

SOA-C02

Actual Exam Duration

 130 Minutes

TOTAL QUESTIONS

425

Exam Name

AWS Certified SysOps Administrator - Associate

Purchase

$ 40

One-time payment • Instant access

  • Verified answers with explanations
  • Practice-friendly layout
  • Updated content focus
  • Support if you get stuck
Get More Questions
View all vendors

Frequently Ask Questions

Hot Exams

DVA-C02 PDF Dumps
DOP-C02 PDF Dumps
SAP-C02 PDF Dumps
CLF-C02 PDF Dumps
ANS-C01 PDF Dumps
MLS-C01 PDF Dumps
SAA-C03 PDF Dumps
SOA-C02 PDF Dumps
AXS-C01 PDF Dumps
SCS-C02 PDF Dumps
AIF-C01 PDF Dumps
Data-Engineer-Associate PDF Dumps
NIST-COBIT-2019 PDF Dumps
IT-Risk-Fundamentals PDF Dumps
Cybersecurity-Audit-Certificate PDF Dumps

Exam practice

Exam Q&A

Select an option, then click Show Answer.

Q1: A company uses AWS Organizations to manage multiple AWS accounts. Corporate policy mandates that only specific AWS Regions can be used to store and process customer dat a. A SysOps administrator must prevent the provisioning of Amazon EC2 instances in unauthorized Regions by anyone in the company. What is the MOST operationally efficient solution that meets these requirements?

A: Configure AWS CloudTrail in all Regions to record all API activity Create an Amazon EventBridge rule in all unauthorized Regions for ec2:Runlnstances events. Use AWS Lambda to terminate the launched EC2 instances.

B: In each AWS account, create a managed 1AM policy that uses a Region condition to deny the ec2:Runlnstances action in all unauthorized Regions. Attach this policy to all 1AM groups in each AWS account.

C: In each AWS account, create an 1AM permissions boundary policy that uses a Region condition to deny the ec2:Runlnstances action in all unauthorized Regions. Attach the permissions boundary policy to all 1AM users in each AWS account.

D: Create a service control policy (SCP) in AWS Organizations to deny the ec2:Runlnstances action in all unauthorized Regions. Attach this policy to the root level of the organization.

Correct Answer: D

Q2: To configure central configuration for Security Hub in an AWS Organization, the SysOps administrator must ensure it's set up centrally. Options:

A: Enable Security Hub in the organization's management account. Configure Security Hub central configuration.

B: Enable Security Hub in the organization's management account. Configure and integrate AWS Trusted Advisor. Configure Security Hub from an opt-in Region.

C: Delegate an AWS account that is not the organization's management account as the Security Hub administrator. Configure Security Hub central configuration.

D: Delegate an AWS account that is not the organization's management account as the Security Hub administrator. Configure and integrate AWS Trusted Advisor. Configure Security Hub from an opt-in Region.

Correct Answer: C

Q3: The SysOps administrator must restart the web server if specific errors are detected in logs on EC2 instances behind a load balancer. Options (Select THREE):

A: Install the Amazon CloudWatch agent on the EC2 instances.

B: Create an AWS CloudTrail metric filter for the web logs. Configure an alarm for the specific errors.

C: Create an Amazon CloudWatch metric filter for the web logs. Configure an alarm for the specific errors.

D: Publish alarm findings to Amazon Simple Email Service (Amazon SES). Invoke an AWS Lambda function to restart the web server software.

E: Create an Amazon EventBridge rule that responds to the alarm. Configure the rule to invoke an AWS Systems Manager Automation runbook to restart the web server software.

F: Create an Amazon Simple Notification Service (Amazon SNS) notification that responds to the alarm. Configure the notification to invoke an AWS Systems Manager Automation runbook to restart the web server software.

Correct Answer: A, C, E

Q4: Users of a company's internal web application recently experienced application performance issues for a brief period The application includes frontend web servers that run in an Amazon Elastic Kubernetes Service (Amazon EKS) cluster The application also includes a bacKend Amazon Aurora PostgreSQL DB cluster that includes one DB instance. A SysOps administrator determines that the source of the performance issues was high utilization of the DB cluster. The single writer instance experienced more than 90% utilization for 11 minutes The cause of the high utilization was an automated report that is scheduled to run one time each week What should the SysOps administrator do to ensure that users do not experience performance Issues each week when the report runs?

A: Increase the size of the DB instance. Monitor the performance during the next scheduled run of the report

B: Add a reader instance. Change the database connection string of the report application to use the newly created reader instance.

C: Add another writer instance Change the database connection string of the report application to use the newly created writer instance.

D: Configure auto scaling for the DB cluster Set the minimum capacity units, maximum capacity units, and target utilization

Correct Answer: A

- Testimonials -

Real Results From Real Students

John Doe
John Doe
This site has been a game-changer for my certification journey. The materials are current, reliable, and best of all—free! It's clear they're committed to supporting the IT community.
Emma
Emma
I passed my CompTIA Security+ exam on the first try thanks to this site. Their practice exams and study guides are top-notch. Highly recommend it to anyone serious about IT certifications.
Liam
Liam
I’ve passed three certifications using this site. Their materials are detailed and well-structured, and the fact that it’s free makes it even better.
Isabella
Isabella
If you're studying for any IT certification, this should be your first stop. It’s comprehensive, organized, and constantly updated.
Benjamin
Benjamin
This website helped me prepare for multiple certifications, and today I’m working in cybersecurity. Without their free resources, I wouldn’t be here.