• Home
  • Articles
  • [Nov-2022] SOA-C02 Exam Dumps - Free Demo & 365 Day Updates [Q47-Q69]

[Nov-2022] SOA-C02 Exam Dumps - Free Demo & 365 Day Updates [Q47-Q69]

Share

[Nov-2022] SOA-C02 Exam Dumps - Free Demo & 365 Day Updates

Free Sales Ending Soon - Use Real SOA-C02 PDF Questions

NEW QUESTION 47
A SysOps Administrator runs a web application that is using a microservices approach whereby different responsibilities of the application have been divided in a separate microservice running on a different Amazon EC2 instance. The administrator has been tasked with reconfiguring the infrastructure to support this approach.
How can the administrator accomplish this with the LEAST administrative overhead?

  • A. Use a Network Load Balancer (NLB) and do path-based routing.
  • B. Use Amazon CloudFront to log the URL and forward the request.
  • C. Use Amazon CloudFront to rewrite the header based on the microservice and forward the request.
  • D. Use an Application Load Balancer (ALB) and do path-based routing.

Answer: D

 

NEW QUESTION 48
A company needs to create a daily Amazon Machine Image (AMI) of an existing Amazon Linux EC2 instance that hosts the operating system, application, and database on multiple attached Amazon Elastic Block Store (Amazon EBS) volumes. File system integrity must be maintained.
Which solution will meet these requirements?

  • A. Create an AWS Lambda function to call the CreateImage API operation with the EC2 instance ID and the reboot parameter enabled. Create a daily scheduled Amazon EventBridge (Amazon CloudWatch Events) rule that invokes the function.
  • B. Use AWS Backup to create a backup plan with a backup rule that runs daily. Assign the resource ID of the EC2 instance with the reboot parameter enabled.
  • C. Create an AWS Lambda function to call the CreateImage API operation with the EC2 instance ID and the no-reboot parameter enabled. Create a daily scheduled Amazon EventBridge (Amazon CloudWatch Events) rule that invokes the function.
  • D. Use AWS Backup to create a backup plan with a backup rule that runs daily. Assign the resource ID of the EC2 instance with the no-reboot parameter enabled.

Answer: A

Explanation:
Reference:
https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Creating_EBSbacked_WinAMI.html
"NoReboot By default, Amazon EC2 attempts to shut down and reboot the instance before creating the image. If the No Reboot option is set, Amazon EC2 doesn't shut down the instance before creating the image. When this option is used, file system integrity on the created image can't be guaranteed." Besides, we can use AWS EventBridge to invoke Lambda function https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html

 

NEW QUESTION 49
A company has deployed a web application in a VPC that has subnets in three Availability Zones. The company launches three Amazon EC2 instances from an EC2 Auto Scaling group behind an Application Load Balancer (ALB).
A SysOps administrator notices that two of the EC2 instances are in the same Availability Zone, rather than being distributed evenly across all three Availability Zones. There are no errors in the Auto Scaling group's activity history.
What is the MOST likely reason for the unexpected placement of EC2 instances?

  • A. The Auto Scaling group was configured for only two Availability Zones.
  • B. One Availability Zone did not have sufficient capacity for the requested EC2 instance type.
  • C. Amazon EC2 Auto Scaling randomly placed the instances in Availability Zones.
  • D. The ALB was configured for only two Availability Zones.

Answer: D

 

NEW QUESTION 50
A company has a new requirement stating that all resources In AWS must be tagged according to a set policy.
Which AWS service should be used to enforce and continually Identify all resources that are not in compliance with the policy?

  • A. AWS Systems Manager
  • B. AWS Config
  • C. Amazon Inspector
  • D. AWS CloudTrail

Answer: B

 

NEW QUESTION 51
An application runs on multiple Amazon EC2 instances in an Auto Scaling group The Auto Scaling group is configured to use the latest version of a launch template A SysOps administrator must devise a solution that centrally manages the application logs and retains the logs for no more than 90 days Which solution will meet these requirements?

  • A. Update the launch template user data to install and configure the Amazon CloudWatch Logs agent to send logs to a log group Set the log rotation configuration of the EC2 instances to 90 days
  • B. Launch an Amazon Machine Image (AMI) that is preconfigured with the Amazon CloudWatch Logs agent to send logs to an Amazon S3 bucket Apply a 90-day S3 Lifecycle policy on the S3 bucket to expire the application logs
  • C. Update the launch template user data to install and configure the Amazon CloudWatch Logs agent to send logs to a log group Configure the retention period on the log group to be 90 days
  • D. Launch an Amazon Machine Image (AMI) that is preconfigured with the Amazon CloudWatch Logs agent to send logs to a log group Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled rule to perform an instance refresh every 90 days

Answer: C

 

NEW QUESTION 52
A company is migrating its production file server to AWS. All data that is stored on the file server must remain accessible if an Availability Zone becomes unavailable or when system maintenance is performed. Users must be able to interact with the file server through the SMB protocol. Users also must have the ability to manage file permissions by using Windows ACLs.
Which solution will net these requirements?

  • A. Deploy two Amazon FSx for Windows File Server Single-AZ 2 file systems. Configure Microsoft Distributed File System Replication (DFSR).
  • B. Deploy two AWS Storage Gateway file gateways across two Availability Zones. Configure an Application Load Balancer in front of the file gateways.
  • C. Create a single AWS Storage Gateway file gateway.
  • D. Create an Amazon FSx for Windows File Server Multi-AZ file system.

Answer: D

Explanation:
Reference:
https://aws.amazon.com/fsx/windows/

 

NEW QUESTION 53
A company hosts a website on multiple Amazon EC2 instances that run in an Auto Scaling group. Users are reporting slow responses during peak times between 6 PM and 11 PM every weekend. A SysOps administrator must implement a solution to improve performance during these peak times.
What is the MOST operationally efficient solution that meets these requirements?

  • A. Configure a scheduled scaling action with a recurrence option to change the desired capacity before and after peak times.
  • B. Create a target tracking scaling policy to add more instances when memory utilization is above 70%.
  • C. Create a scheduled Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to increase the desired capacity before peak times.
  • D. Configure the cooldown period for the Auto Scaling group to modify desired capacity before and after peak times.

Answer: A

 

NEW QUESTION 54
While setting up an AWS managed VPN connection, a SysOps administrator creates a customer gateway resource in AWS. The customer gateway device resides in a data center with a NAT gateway in front of it.
What address should be used to create the customer gateway resource?

  • A. The public IP address of the NAT device in front of the customer gateway device
  • B. The MAC address of the NAT device in front of the customer gateway device
  • C. The public IP address of the customer gateway device
  • D. The private IP address of the customer gateway device

Answer: A

 

NEW QUESTION 55
A company is trying to connect two applications. One application runs in an on-premises data center that has a hostname of hostl .onprem.private. The other application runs on an Amazon EC2 instance that has a hostname of hostl.awscloud.private. An AWS Site-to-Site VPN connection is in place between the on-premises network and AWS.
The application that runs in the data center tries to connect to the application that runs on the EC2 instance, but DNS resolution fails. A SysOps administrator must implement DNS resolution between on-premises and AWS resources.
Which solution allows the on-premises application to resolve the EC2 instance hostname?

  • A. Set up an Amazon Route 53 inbound resolver endpoint with a forwarding rule for the onprem.private hosted zone. Associate the resolver with the VPC of the EC2 instance. Configure the on-premises DNS resolver to forward onprem.private DNS queries to the inbound resolver endpoint.
  • B. Set up an Amazon Route 53 outbound resolver endpoint. Associate the resolver with the AWS Region of the EC2 instance. Configure the on-premises DNS resolver to forward awscloud.private DNS queries to the outbound resolver endpoint.
  • C. Set up an Amazon Route 53 inbound resolver endpoint. Associate the resolver with the VPC of the EC2 instance. Configure the on-premises DNS resolver to forward awscloud.private DNS queries to the inbound resolver endpoint.
  • D. Set up an Amazon Route 53 outbound resolver endpoint with a forwarding rule for the onprem.private hosted zone. Associate the resolver with the AWS Region of the EC2 instance. Configure the on-premises DNS resolver to forward onprem.private DNS queries to the outbound resolver endpoint.

Answer: D

 

NEW QUESTION 56
An errant process is known to use an entire processor and run at 100% A SysOps administrator wants to automate restarting the instance once the problem occurs for more than 2 minutes How can this be accomplished?

  • A. Create an AWS Lambda function to restart the EC2 instance triggered on a scheduled basis every 2 minutes
  • B. Create a Lambda function to restart the EC2 instance, triggered by EC2 health checks
  • C. Create a CloudWatch alarm for the EC2 instance with detailed monitoring Enable an action to restart the instance
  • D. Create an Amazon CloudWatch alarm for the Amazon EC2 instance with basic monitoring Enable an action to restart the instance

Answer: C

 

NEW QUESTION 57
A company needs to restrict access to an Amazon S3 bucket to Amazon EC2 instances in a VPC only. All traffic must be over the AWS private network.
What actions should the SysOps administrator take to meet these requirements?

  • A. Create a VPC endpoint for the S3 bucket, and create an IAM policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.
  • B. Create a service-linked role for Amazon EC2 that allows the EC2 instances to interact directly with Amazon S3, and attach an IAM policy to the role that allows the EC2 instances full access to the S3 bucket.
  • C. Create a NAT gateway in the VPC, and modify the VPC route table to route all traffic destined for Amazon S3 through the NAT gateway.
  • D. Create a VPC endpoint for the S3 bucket, and create an S3 bucket policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.

Answer: D

 

NEW QUESTION 58
A company wants to build a solution for its business-critical Amazon RDS for MySQL database. The database requires high availability across different geographic locations. A SysOps administrator must build a solution to handle a disaster recovery (DR) scenario with the lowest recovery time objective (RTO) and recovery point objective (RPO).
Which solution meets these requirements?

  • A. Create a Multi-AZ read replica for the database.
  • B. Create a cross-Region read replica for the database.
  • C. Schedule AWS Lambda functions to create snapshots of the source database and to copy the snapshots to a DR Region.
  • D. Create automated snapshots of the database on a schedule. Copy the snapshots to the DR Region.

Answer: B

 

NEW QUESTION 59
A SysOps administrator is responsible for a legacy. CPU-heavy application The application can only be scaled vertically Currently, the application is deployed on a single t2 large Amazon EC2 instance The system is showing 90% CPU usage and significant performance latency after a few minutes What change should be made to alleviate the performance problem?

  • A. Upgrade to a compute-optimized instance
  • B. Purchase Reserved Instances
  • C. Add additional 12 large instances to the application
  • D. Change the Amazon EBS volume to Provisioned lOPs

Answer: A

 

NEW QUESTION 60
A SysOps Administrator is troubleshooting Amazon EC2 connectivity issues to the internet. The EC2 instance is in a private subnet. Below is the route table that is applied to the subnet of the EC2 instance.
Destination - 10.2.0.0/16
Target - local
Status - Active
Propagated - No
Destination - 0.0.0.0/0
Target - nat-xxxxxxx
Status - Blackhole
Propagated - No
What has caused the connectivity issue?

  • A. The routes are no longer propagating.
  • B. The NAT gateway no longer exists
  • C. There is no route rule with a destination for the internet.
  • D. There is no route to the internet gateway.

Answer: B

 

NEW QUESTION 61
An existing, deployed solution uses Amazon EC2 instances with Amazon EBS General Purpose SSD volumes, an Amazon RDS PostgreSQL database, an Amazon EFS file system, and static objects stored in an Amazon S3 bucket. The Security team now mandates that at-rest encryption be turned on immediately for all aspects of the application, without creating new resources and without any downtime.
To satisfy the requirements, which one of these services can the SysOps administrator enable at-rest encryption on?

  • A. EBS General Purpose SSD volumes
  • B. RDS PostgreSQL database
  • C. S3 objects within a bucket
  • D. Amazon EFS file systems

Answer: C

Explanation:
Reference:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingEncryption.html

 

NEW QUESTION 62
A SysOps administrator is setting up an automated process to recover an Amazon EC2 instance in the event of an underlying hardware failure. The recovered instance must have the same private IP address and the same Elastic IP address that the original instance had. The SysOps team must receive an email notification when the recovery process is initiated.
Which solution will meet these requirements?

  • A. Create an Amazon CloudWatch alarm for the EC2 instance, and specify the StatusCheckFailed_Instance metric. Add an EC2 action to the alarm to recover the instance. Add an alarm notification to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SysOps team email address to the SNS topic.
  • B. Create an Auto Scaling group across three different subnets in the same Availability Zone with a minimum, maximum, and desired size of 1. Configure the Auto Scaling group to use a launch template that specifies the private IP address and the Elastic IP address. Add an activity notification for the Auto Scaling group to send an email message to the SysOps team through Amazon Simple Email Service (Amazon SES).
  • C. Create an Auto Scaling group across three Availability Zones with a minimum, maximum, and desired size of 1. Configure the Auto Scaling group to use a launch template that specifies the private IP address and the Elastic IP address. Add an activity notification for the Auto Scaling group to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SysOps team email address to the SNS topic.
  • D. Create an Amazon CloudWatch alarm for the EC2 instance, and specify the StatusCheckFailed_System metric. Add an EC2 action to the alarm to recover the instance. Add an alarm notification to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the SysOps team email address to the SNS topic.

Answer: A

 

NEW QUESTION 63
A company has a critical serverless application that uses multiple AWS Lambda functions. Each Lambda function generates 1 GB of log data daily in its own Amazon CloudWatch Logs log group. The company's security team asks for a count of application errors, grouped by type, across all of the log groups.
What should a SysOps administrator do to meet this requirement?

  • A. Perform a CloudWatch Logs search that uses the groupby keyword and count function.
  • B. Perform an Amazon Athena query that uses the SELECT and GROUP BY keywords.
  • C. Perform a CloudWatch Logs Insights query that uses the stats command and count function.
  • D. Perform an Amazon RDS query that uses the SELECT and GROUP BY keywords.

Answer: C

 

NEW QUESTION 64
A SysOps administrator has used AWS Cloud Formal ion to deploy a serverless application Into a production VPC. The application consists of an AWS Lambda function an Amazon DynamoDB table, and an Amazon API Gateway API. The SysOps administrator must delete the AWS Cloud Formation stack without deleting the DynamoDB table.
Which action should the SysOps administrator take before deleting the AWS Cloud Formation stack?

  • A. Add a Snapshot deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
  • B. Add a Retain deletion policy to the DynamoDB resource in the AWS CloudFormation stack
  • C. Update the application's IAM policy with a Deny statement for the dynamodb:DeleteTabie action.
  • D. Enable termination protection on the AWS Cloud Formation stack.

Answer: B

 

NEW QUESTION 65
With the threat of ransomware viruses encrypting and holding company data hostage, which action should be taken to protect an Amazon S3 bucket?

  • A. Enable snapshots on the bucket.
  • B. Enable server-side encryption on the bucket.
  • C. Enable Amazon S3 versioning on the bucket.
  • D. Deny Post. Put. and Delete on the bucket.

Answer: B

 

NEW QUESTION 66
A company has a stateless application that runs on four Amazon EC2 instances. The application requires tour instances at all times to support all traffic. A SysOps administrator must design a highly available, fault-tolerant architecture that continually supports all traffic if one Availability Zone becomes unavailable.
Which configuration meets these requirements?

  • A. Deploy two Auto Scaling groups in two Availability Zones with a minimum capacity of two instances in each group.
  • B. Deploy an Auto Scaling group across three Availability Zones with a minimum capacity of four instances.
  • C. Deploy an Auto Scaling group across two Availability Zones with a minimum capacity of four instances.
  • D. Deploy an Auto Scaling group across three Availability Zones with a minimum capacity of six instances.

Answer: B

 

NEW QUESTION 67
A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.
Which condition should be used with the alarm?

  • A. AWS/ApplicationELB UnhealthyHostCount >= 1
  • B. AWS/ApplicationELB HealthyHostCount <= 0
  • C. AWS/EC2 StatusCheckFailed <= 0
  • D. AWS/EC2 StatusCheckFailed >= 1

Answer: B

Explanation:
Reference:
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-cloudwatch-metrics.html

 

NEW QUESTION 68
A SysOps administrator notices a scale-up event for an Amazon EC2 Auto Scaling group. Amazon CloudWatch shows a spike in the RequestCount metric for the associated Application Load Balancer. The administrator would like to know the IP addresses for the source of the requests.
Where can the administrator find this information?

  • A. AWS CloudTrail logs
  • B. Auto Scaling logs
  • C. Elastic Load Balancer access logs
  • D. EC2 instance logs

Answer: B

 

NEW QUESTION 69
......


AWS-SysOps Exam Syllabus Topics:

SectionObjectivesWeight
Security and Compliance- Implement and manage security and compliance policies
  • Implement IAM features (for example, password policies, MFA, roles, SAML, federated identity, resource policies, policy conditions)
  • Troubleshoot and audit access issues by using AWS services (for example, CloudTrail, IAM Access Analyzer, IAM policy simulator)
  • Validate service control policies and permissions boundaries
  • Review AWS Trusted Advisor security checks
  • Validate AWS Region and service selections based on compliance requirements
  • Implement secure multi-account strategies (for example, AWS Control Tower, AWS Organizations)

- Implement data and infrastructure protection strategies

  • Enforce a data classification scheme
  • Create, manage, and protect encryption keys
  • Implement encryption at rest (for example, AWS Key Management Service [AWS KMS])
  • Implement encryption in transit (for example, AWS Certificate Manager, VPN)
  • Securely store secrets by using AWS services (for example, AWS Secrets Manager, Systems Manager Parameter Store)
  • Review reports or findings (for example, AWS Security Hub, Amazon GuardDuty, AWS Config, Amazon Inspector)
16%
Networking and Content Delivery- Implement networking features and connectivity
  • Configure a VPC (for example, subnets, route tables, network ACLs, security groups, NAT gateway, internet gateway)
  • Configure private connectivity (for example, Systems Manager Session Manager, VPC endpoints, VPC peering, VPN)
  • Configure AWS network protection services (for example, AWS WAF, AWS Shield)

- Configure domains, DNS services, and content delivery

  • Configure Route 53 hosted zones and records
  • Implement Route 53 routing policies (for example, geolocation, geoproximity)
  • Configure DNS (for example, Route 53 Resolver)
  • Configure Amazon CloudFront and S3 origin access identity (OAI)
  • Configure S3 static website hosting

- Troubleshoot network connectivity issues

  • Interpret VPC configurations (for example, subnets, route tables, network ACLs, security groups)
  • Collect and interpret logs (for example, VPC Flow Logs, Elastic Load Balancer access logs, AWS WAF web ACL logs, CloudFront logs)
  • Identify and remediate CloudFront caching issues
  • Troubleshoot hybrid and private connectivity issues
18%
Monitoring, Logging, and Remediation- Implement metrics, alarms, and filters by using AWS monitoring and logging services
  • Identify, collect, analyze, and export logs (for example, Amazon CloudWatch Logs, CloudWatch Logs Insights, AWS CloudTrail logs)
  • Collect metrics and logs using the CloudWatch agent
  • Create CloudWatch alarms
  • Create metric filters
  • Create CloudWatch dashboards
  • Configure notifications (for example, Amazon Simple Notification Service [Amazon SNS], Service Quotas, CloudWatch alarms, AWS Health events)

- Remediate issues based on monitoring and availability metrics

  • Troubleshoot or take corrective actions based on notifications and alarms
  • Configure Amazon EventBridge rules to trigger actions
  • Use AWS Systems Manager Automation documents to take action based on AWS Config rules
20%
Cost and Performance Optimization- Implement cost optimization strategies
  • Implement cost allocation tags
  • Identify and remediate underutilized or unused resources by using AWS services and tools (for example, Trusted Advisor, AWS Compute Optimizer, Cost Explorer)
  • Configure AWS Budgets and billing alarms
  • Assess resource usage patterns to qualify workloads for EC2 Spot Instances
  • Identify opportunities to use managed services (for example, Amazon RDS, AWS Fargate, EFS)

- Implement performance optimization strategies

  • Recommend compute resources based on performance metrics
  • Monitor Amazon EBS metrics and modify configuration to increase performance efficiency
  • Implement S3 performance features (for example, S3 Transfer Acceleration, multipart uploads)
  • Monitor RDS metrics and modify the configuration to increase performance efficiency (for example, Performance Insights, RDS Proxy)
  • Enable enhanced EC2 capabilities (for example, enhanced network adapter, instance store, placement groups)
12%
Reliability and Business Continuity- Implement scalability and elasticity
  • Create and maintain AWS Auto Scaling plans
  • Implement caching
  • Implement Amazon RDS replicas and Amazon Aurora Replicas
  • Implement loosely coupled architectures
  • Differentiate between horizontal scaling and vertical scaling

- Implement high availability and resilient environments

  • Configure Elastic Load Balancer and Amazon Route 53 health checks
  • Differentiate between the use of a single Availability Zone and Multi-AZ deployments (for example, Amazon EC2 Auto Scaling groups, Elastic Load Balancing, Amazon FSx, Amazon RDS)
  • Implement fault-tolerant workloads (for example, Amazon Elastic File System [Amazon EFS], Elastic IP addresses)
  • Implement Route 53 routing policies (for example, failover, weighted, latency based)

- Implement backup and restore strategies

  • Automate snapshots and backups based on use cases (for example, RDS snapshots, AWS Backup, RTO and RPO, Amazon Data Lifecycle Manager, retention policy)
  • Restore databases (for example, point-in-time restore, promote read replica)
  • Implement versioning and lifecycle rules
  • Configure Amazon S3 Cross-Region Replication
  • Execute disaster recovery procedures
16%

 

SOA-C02 Dumps - Pass Your Certification Exam: https://www.itexamreview.com/SOA-C02-exam-dumps.html

Latest Real Amazon SOA-C02 Exam Dumps Questions: https://drive.google.com/open?id=1eE9jtcKM0YqrIzI50Dtgq-gtdWsp6QFl

Related Articles

more
Amazon SOA-C02 Certification Practice Exam

ITexamReview is the provider of reliable and professional exam dumps and question solver for your coming real exam. Please trust us to give you a perfect answer.

Latest Exam Review

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ITexamReview NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy