Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Amazon Web Services
  3. AWS Certified Associate
  4. SOA-C01
  5. AWS Certified SysOps Administrator - Associate Questions and Answers

Pass the Amazon Web Services AWS Certified Associate SOA-C01 Questions and answers with ValidTests

Exam SOA-C01 All Questions
Exam SOA-C01 Premium Access

View all detail and faqs for the SOA-C01 exam

Go to Exam
Viewing page 7 out of 8 pages
Viewing questions 61-70 out of questions
Questions # 61:

A company has an existing web application that runs on two Amazon EC2 instances behind an Application Load Balancer (ALB) across two Availability Zones. The application uses an Amazon RDS Multi-AZ DB Instance. Amazon Route 53 record sets route requests for dynamic content to the load balancer and requests for static content to an Amazon S3 bucket. Site visitors are reporting extremely long loading times.

Which actions should be taken to improve the performance of the website? (Choose two.)

Options:

A.

Add Amazon CloudFront caching for static content.

B.

Change the load balancer listener from HTTPS to TCP.

C.

Enable Amazon Route 53 latency-based routing.

D.

Implement Amazon EC2 Auto Scaling for the web servers.

E.

Move the static content from Amazon S3 to the web servers.

Expert Solution
Questions # 62:

A company has attached the following policy to an IAM user.

Question # 62

What of the following actions are allowed for the IAM user?

Options:

A.

Amazon RDS DescribeDBInstances action in the us-east-1 Region

B.

Amazon S3 PutObject operation in a bucket named testbucket

C.

Amazon EC2 DescribeInstances action in the us-east-1 Region

D.

Amazon EC2 AttachNetworkInterface action in the eu-west-1 Region

Expert Solution
Questions # 63:

A SysOps Administrator is deploying a test site running on Amazon EC2 instances. The application requires both incoming and outgoing connectivity to the Internet.

Which combination of steps are required to provide internet connectivity to the EC2 instances? (Choose two.)

Options:

A.

Add a NAT gateway to a public subnet

B.

Attach a private address to the elastic network interface on the EC2 instance

C.

Attach an Elastic IP address to the internet gateway

D.

Add an entry to the route table for the subnet that points to an internet gateway

E.

Create an internet gateway and attach it to a VPC

Expert Solution
Questions # 64:

Based on the AWS Shared Responsibility Model, which of the following actions are the responsibility of the customer for an Aurora database?

Options:

A.

Performing underlying OS updates

B.

Provisioning of storage for database

C.

Scheduling maintenance, patches, and other updates

D.

Executing maintenance, patches, and other updates

Expert Solution
Questions # 65:

An Applications team has successfully deployed an AWS CloudFormation stack consisting of 30 t2-medium Amazon EC2 instances in the us-west-2 Region. When using the same template to launch a stack in us-east-2, the launch failed and rolled back after launching only 10 EC2 instances.

What is a possible cause of this failure?

Options:

A.

The IAM user did not have privileges to launch the CloudFormation template.

B.

The t2 medium EC2 instance service limit was reached.

C.

An AWS Budgets threshold was breached.

D.

The application’s Amazon Machine Image (AMI) is not available in us-east-2.

Expert Solution
Questions # 66:

A sysops administrator is implementing SSL for a domain of an internet facing application running behind an Application load balancer (ALB). The administrator decides to use an SSL certificates from Amazon certificate Manager (ACM) to secure it. Upon creating a request for the ALB fully qualified domain name (FQND), it fails, and the error message “Domain not allowed” is displayed.

How can the administrator fix this issue?

Options:

A.

Contact the domain register and ask them to provide the verification required by AWS.

B.

Place a new request with the proper domain name instead of the ALB FQDN.

C.

Select the certificate request in the ACM console and resend the validation email.

D.

Contact AWS support and verify the request by answering security challenge questions.

Expert Solution
Questions # 67:

A SysOps Administrator is configuring AWS SSO tor the first time. The Administrator has already created a directory in the master account using AWS Directory Service and enabled full access in AWS Organizations

What should the Administrator do next to configure the service?

Options:

A.

Create IAM roles in each account to be used by AWS SSO, and associate users with these roles using AWS SSO

B.

Create IAM users in the master account and use AWS SSO to associate the users with the accounts they will access

C.

Create permission sets in AWS SSO and associate the permission sets with Directory Service users or groups

D.

Create service control policies (SCPs) in Organizations and associate the SCPs with Directory Service users or groups

Expert Solution
Questions # 68:

A SysOps Administrator must ensure all Amazon EBS volumes currently in use, and those created in the future, are encrypted with a specific AWS KMS customer master key (CMK).

What is the MOST efficient way for the Administrator to meet this requirement?

Options:

A.

Create an AWS Lambda function to run on a daily schedule, and have the function run the aws ec2 describe-volumes --filters encrypted command.

B.

Within Aws Config, configure the encrypted-volumes managed rule and specify the key ID of the CMK.

C.

Log in to the AWS Management Console on a daily schedule, then filter the list of volumes by encryption status, then export this list.

D.

Create an AWS Lambda function to run on a daily schedule, and have the function run the aws kms describe key command.

Expert Solution
Questions # 69:

A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an ELB Application Load Balancer (ALB). The instances run in an EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.

Which condition should be used with the alarm?

Options:

A.

AWS/ApplicationELB HealthyHostCount <= 0

B.

AWS/ApplicationELB UnhealthyHostCount >= 1

C.

AWS/EC2 StatusCheckFailed <= 0

D.

AWS/EC2 StatusCheckFailed >= 1

Expert Solution
Questions # 70:

A company wants to identify specific Amazon EC2 instances that ate underutilized and the estimated cost savings for each instance How can this be done with MINIMAL effort?

Options:

A.

Use AWS Budgets to report on low utilization of EC2 instances.

B.

Run an AWS Systems Manager script to check for low memory utilization of EC2 instances.

C.

Run Cost Explorer to look for low utilization of EC2 instances.

D.

Use Amazon CloudWatch metrics to identify EC2 instances with low utilization.

Expert Solution
Viewing page 7 out of 8 pages
Viewing questions 61-70 out of questions