Curious about Actual Amazon Associate (SOA-C02) Exam Questions?
Here are sample Amazon AWS Certified SysOps Administrator - Associate (SOA-C02) Exam questions from real exam. You can get more Amazon Associate (SOA-C02) Exam premium practice questions at TestInsights.
A company is using AWS to deploy a critical application on a fleet of Amazon EC2 instances The company is rewriting the application because the application failed a security review The application will take 12 months to rewrite While this rewrite happens, the company needs to rotate IAM access keys that the application uses.
A SysOps administrator must implement an automated solution that finds and rotates IAM access Keys that are at least 30 days old. The solution must then continue to rotate the IAM access Keys every 30 days.
Which solution will meet this requirement with the MOST operational efficiency?
Correct : D
Lambda Function to Rotate IAM Access Keys:
A Lambda function can be used to automate the rotation of IAM access keys based on their age.
Steps:
Write a Lambda function that checks the age of IAM access keys.
The function should rotate keys that are at least 30 days old.
Deploy the Lambda function.
Amazon EventBridge Rule:
EventBridge can trigger the Lambda function periodically and when a new key is created.
Steps:
Create an EventBridge rule that triggers the Lambda function on a schedule (e.g., daily) and on IAM key creation events.
Start a Discussions
A company receives an alert from an Amazon CloudWatch alarm The alarm indicates that a web application that Is running on Amazon EC2 instances is not responding to requests The EC2 instances have a Red Hat Enterprise Linux operating system and are in an Auto Scaling group. The Auto Scaling group has a minimum capacity of 2 and a maximum capacity of 5.
An Investigation reveals that the web application is experiencing oul-of-memory errors. The company adds memory lo the web application and wants to track operating system memory utilization. A CloudWatch memory metric does not currently exist tor the EC2 Instances in the Auto Scaling group
What should a SysOps administrator do to provide a CloudWatch memory metric for the EC2 instances?
Correct : A
Using an AMI with CloudWatch Agent:
The CloudWatch agent can collect memory utilization metrics and send them to CloudWatch.
Steps:
Create or use an existing AMI that includes the CloudWatch agent installed and configured.
Ensure the CloudWatch agent is configured to collect memory metrics.
Use this AMI for instances in the Auto Scaling group.
Start a Discussions
A company is using an Amazon CloudWatch alarm lo monitor the FreeLocalStorage metric for an Amazon Aurora PostgreSQL production database The alarm goes into ALARM state and indicates that the database is running low on temporary storage. A SysOps administrator discovers that a weekly report is using most of the temporary storage that is currently allocated.
What should the SysOps administrator do to solve this problem?
Correct : B
Storage Auto Scaling:
Aurora storage auto scaling automatically increases the storage capacity of the database cluster when free storage space is running low.
Steps:
Go to the AWS Management Console.
Navigate to RDS and select your Aurora DB cluster.
Modify the DB cluster configuration to enable storage auto scaling.
Apply the changes.
Start a Discussions
A SysOps administrator is responsible for more than 50 Amazon EC2 instances mat are deployed in a single production AWS account The EC2 instances are running several different operating systems The company's standards require patching to be completed at least once a month.
The SysOps administrator wants to use AWS Systems Manager to reduce the number of hours the company spends on operating system patching each month.
Which combination of steps should the SysOps administrator take to meet these requirements? (Select THREE.)
Correct : A, B, E, E
Group EC2 Instances Using Resource Groups:
Resource groups help organize and manage AWS resources based on tags and other criteria.
Steps:
Go to the AWS Management Console.
Navigate to AWS Resource Groups.
Create resource groups for similar EC2 instances based on tags or other criteria.
Create a Schedule in Patch Manager:
AWS Systems Manager Patch Manager automates the process of patching managed instances.
Steps:
Go to the AWS Management Console.
Navigate to Systems Manager and select Patch Manager.
Create a patch baseline if not already created.
Create a schedule for patching and specify the resource group as the target.
Create Maintenance Windows for Resource Groups:
Maintenance windows define a period of time for performing administrative tasks on instances.
Steps:
Go to the AWS Management Console.
Navigate to Systems Manager and select Maintenance Windows.
Create a maintenance window for each resource group.
Specify tasks and targets (resource groups) for each maintenance window.
Start a Discussions
Create an Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function on a daily basis. Configure the function to restore the DB cluster to a point in time and then delete the previous DB cluster. This is the most operationally efficient solution that meets the requirements, as it will allow the company to reset the database on a daily basis without having to manually take and restore snapshots. The other solutions (creating a manual snapshot of the DB cluster, enabling the Backtrack feature, or exporting a manual snapshot of the DB cluster to Amazon S3) will require additional steps and resources to reset the database on a daily basis.
A company hosts an application on an Amazon EC2 instance in a single AWS Region. The application requires support for non-HTTP TCP traffic and HTTP traffic.
The company wants to deliver content with low latency by leveraging the AWS network. The company also wants to implement an Auto Scaling group with an
Elastic Load Balancer.
How should a SysOps administrator meet these requirements?
Correct : D
AWS Global Accelerator and Amazon CloudFront are separate services that use the AWS global network and its edge locations around the world. CloudFront improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery). Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions. Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or Voice over IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic, fast regional failover. Both services integrate with AWS Shield for DDoS protection.
Start a Discussions
Total 461 questions