February/2022 Latest Braindump2go SOA-C02 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SOA-C02 Real Exam Questions!
QUESTION 158
A SysOps administrator has used AWS CloudFormation to deploy a serverless application into a production VPC. The application consists of an AWS Lambda function, an Amazon DynamoDB table, and an Amazon API Gateway API. The SysOps administrator must delete the AWS CloudFormation stack without deleting the DynamoDB table.
Which action should the SysOps administrator take before deleting the AWS CloudFormation stack?
A. Add a Retain deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
B. Add a Snapshot deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
C. Enable termination protection on the AWS CloudFormation stack.
D. Update the application’s IAM policy with a Deny statement for the dynamodb:DeleteTable action.
Answer: A
QUESTION 159
A SysOps administrator is reviewing AWS Trusted Advisor warnings and encounters a warning for an S3 bucket policy that has open access permissions. While discussing the issue the bucket owner, the administrator realizes the S3 bucket is an origin for an Amazon CloudFront web distribution.
Which action should the administrator take to ensure that users access objects in Amazon S3 by using only CloudFront URLs?
A. Encrypt the S3 bucket content with Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).
B. Create an origin access identity and grant it permissions to read objects in the S3 bucket.
C. Assign an IAM user to the CloudFront distribution and grant the user permissions in the S3 bucket policy.
D. Assign an IAM role to the CloudFront distribution and grant the role permissions in the S3 bucket policy.
Answer: B
QUESTION 160
A company has a critical serverless application that uses multiple AWS Lambda functions. Each Lambda function generates 1 GB of log data daily in its own Amazon CloudWatch Logs log group. The company’s security team asks for a count of application errors, grouped by type, across all of the log group.
What should a SysOps administrator do to meet this requirement?
A. Perform a CloudWatch Logs Insights query that uses the stats command and count function.
B. Perform a CloudWatch Logs search that uses the groupby keyword and count function.
C. Perform an Amazon Athena query that uses the SELECT and GROUP BY keywords.
D. Perform an Amazon RDS query that uses the SELECT and GROUP BY keywords.
Answer: A
QUESTION 161
A SysOps administrator needs to give users the ability to upload objects to an Amazon S3 bucket. The SysOps administrator creates a presigned URL and provides the URL to a user, but the user cannot upload an object to the S3 bucket. The presigned URL has not expired, and no bucket policy is applied to the S3 bucket.
Which of the following could be the cause of this problem?
A. The user has not properly configured the AWS CLI with their access key and secret access key.
B. The SysOps administrator does not have the necessary permissions to upload the object to the S3 bucket.
C. The SysOps administrator must apply a bucket policy to the S3 bucket to allow the user to upload the object.
D. The object already has been uploaded through the use of the presigned URL, so the presigned URL is no longer valid.
Answer: B
Explanation:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html
QUESTION 162
A company wants to track its expenditures for Amazon EC2 and Amazon RDS within AWS. The company decides to implement more rigorous tagging requirements for resources in its AWS accounts. A SysOps administrator needs to identify all noncompliant resources.
What is the MOST operationally efficient solution that meets these requirements?
A. Create a rule in Amazon EventBridge (Amazon CloudWatch Events) that invokes a custom AWS Lambda function that will evaluate all created or updated resources for the specified tags.
B. Create a rule in AWS Config that invokes a custom AWS Lambda function that will evaluate all resources for the specified tags.
C. Create a rule in AWS Config with the required-tags managed rule to evaluate all resources for the specified tags.
D. Create a rule in Amazon EventBridge (Amazon CloudWatch Events) with a managed rule to evaluate all created or updated resources for the specified tags.
Answer: C
Explanation:
https://docs.aws.amazon.com/config/latest/developerguide/required-tags.html
QUESTION 163
A company runs a web application on three Amazon EC2 instances behind an Application Load Balancer (ALB). The company notices that random periods of increased traffic cause a degradation in the application’s performance. A SysOps administrator must scale the application to meet the increased traffic.
Which solution meets these requirements?
A. Create an Amazon CloudWatch alarm to monitor application latency and increase the size of each EC2 instance if the desired threshold is reached.
B. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to monitor application latency and add an EC2 instance to the ALB if the desired threshold is reached.
C. Deploy the application to an Auto Scaling group of EC2 instances with a target tracking scaling policy.
Attach the ALB to the Auto Scaling group.
D. Deploy the application to an Auto Scaling group of EC2 instances with a scheduled scaling policy.
Attach the ALB to the Auto Scaling group.
Answer: C
QUESTION 164
A company uses several large Chef recipes to automate the configuration of virtual machines (VMs) in its data center. A SysOps administrator is migrating this workload to Amazon EC2 Instances on AWS and must run the existing Chef recipes.
Which solution will meet these requirements MOST cost-effectively?
A. Create a Chef server that includes EC2 instances.
Migrate the existing recipes.
Modify the EC2 instance user data to connect to Chef.
B. Set up AWS OpsWorks for Chef Automate.
Migrate the existing recipes.
Modify the EC2 instance user data to connect to Chef.
C. Upload the existing recipes to Amazon S3.
Run the recipes by using AWS Systems Manager State Manager.
D. Upload the existing recipes to the user data section during the creation of the EC2 instances.
Answer: B
QUESTION 165
A company runs its infrastructure on Amazon EC2 instances that run in an Auto Scaling group. Recently, the company promoted faulty code to the entire EC2 fleet. This faulty code caused the Auto Scaling group to scale the instances before any of the application logs could be retrieved.
What should a SysOps administrator do to retain the application logs after instances are terminated?
A. Configure an Auto Scaling lifecycle hook to create a snapshot of the ephemeral storage upon termination of the instances.
B. Create a new Amazon Machine Image (AMI) that has the Amazon CloudWatch agent installed and configured to send logs to Amazon CloudWatch Logs.
Update the launch template to use the new AMI.
C. Create a new Amazon Machine Image (AMI) that has a custom script configured to send logs to AWS CloudTrail.
Update the launch template to use the new AMI.
D. Install the Amazon CloudWatch agent on the Amazon Machine Image (AMI) that is defined in the launch template.
Configure the CloudWatch agent to back up the logs to ephemeral storage.
Answer: C
QUESTION 166
A SysOps Administrator is required to monitor free space on Amazon EBS volumes attached to Microsoft Windows-based Amazon EC2 instances within a company’s account. The administrator must be alerted to potential issues.
What should the administrator do to receive email alerts before low storage space affects EC2 instance performance?
A. Use built-in Amazon CloudWatch metrics, and configure CloudWatch alarms and an Amazon SNS topic for email notifications.
B. Use AWS CloudTrail logs and configure the trail to send notifications to an Amazon SNS topic.
C. Use the Amazon CloudWatch agent to send disk space metrics, then set up CloudWatch alarms using an Amazon SNS topic.
D. Use AWS Trusted Advisor and enable email notification alerts for EC2 disk space.
Answer: C
QUESTION 167
A company is trying to connect two applications. One application runs in an on-premises data center that has a hostname of host1.onprem.private. The other application runs on an Amazon EC2 instance that has a hostname of host1.awscloud.private. An AWS Site-to-Site VPN connection is in place between the on-premises network and AWS.
The application that runs in the data center tries to connect to the application that runs on the EC2 instance, but DNS resolution fails. A SysOps administrator must implement DNS resolution between on-premises and AWS resources.
Which solution allows the on-premises application to resolve the EC2 instance hostname?
A. Set up an Amazon Route 53 inbound resolver endpoint with a forwarding rule for the onprem.private hosted zone.
Associate the resolver with the VPC of the EC2 instance.
Configure the on-premises DNS resolver to forward onprem.private DNS queries to the inbound resolver endpoint.
B. Set up an Amazon Route 53 inbound resolver endpoint.
Associate the resolver with the VPC of the EC2 instance.
Configure the on-premises DNS resolver to forward awscloud.private DNS queries to the inbound resolver endpoint.
C. Set up an Amazon Route 53 outbound resolver endpoint with a forwarding rule for the onprem.private hosted zone.
Associate the resolver with the AWS Region of the EC2 instance.
Configure the on-premises DNS resolver to forward onprem.private DNS queries to the outbound resolver endpoint.
D. Set up an Amazon Route 53 outbound resolver endpoint.
Associate the resolver with the AWS Region of the EC2 instance.
Configure the on-premises DNS resolver to forward awscloud.private DNS queries to the outbound resolver endpoint.
Answer: B
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/route53-resolve-with-inbound-endpoint
QUESTION 168
A SysOps administrator is troubleshooting an AWS CloudFormation template whereby multiple Amazon EC2 instances are being created. The template is working in us-east-1, but it is failing in us-west-2 with the error code:
AMI [ami-12345678] does not exist
How should the Administrator ensure that the AWS CloudFormation template is working in every region?
A. Copy the source region’s Amazon Machine Image (AMI) to the destination region and assign it the same ID.
B. Edit the AWS CloudFormation template to specify the region code as part of the fully qualified AMI ID.
C. Edit the AWS CloudFormation template to offer a drop-down list of all AMIs to the user by using the AWS::EC2::AMI::ImageID control.
D. Modify the AWS CloudFormation template by including the AMI IDs in the “Mappings” section.
Refer to the proper mapping within the template for the proper AMI ID.
Answer: D
QUESTION 169
A SysOps administrator has enabled AWS CloudTrail in an AWS account. If CloudTrail is disabled, it must be re-enabled immediately.
What should the SysOps administrator do to meet these requirements WITHOUT writing custom code?
A. Add the AWS account to AWS Organizations.
Enable CloudTrail in the management account.
B. Create an AWS Config rule that is invoked when CloudTrail configuration changes.
Apply the AWS-ConfigureCloudTrailLogging automatic remediation action.
C. Create an AWS Config rule that is invoked when CloudTrail configuration changes.
Configure the rule to invoke an AWS Lambda function to enable CloudTrail.
D. Create an Amazon EventBridge (Amazon CloudWatch Event) hourly rule with a schedule pattern to run an AWS Systems Manager Automation document to enable CloudTrail.
Answer: B
QUESTION 170
A SysOps administrator is using AWS Compute Optimizer to get recommendations for a fleet of Amazon EC2 instances. After the analysis is complete, some of the EC2 instances are missing from the Compute Optimizer dashboard.
What is the cause of this issue?
A. The missing instances do not have the Amazon CloudWatch agent installed.
B. Compute Optimizer does not support the instance types of the missing instances.
C. Compute Optimizer already considers the missing instances to be optimized.
D. The missing instances are running a Windows operating system.
Answer: A
QUESTION 171
A SysOps administrator is investigating issues on an Amazon RDS for MariaDB DB instance. The SysOps administrator wants to display the database load categorized by detailed wait events.
How can the SysOps administrator accomplish this goal?
A. Create an Amazon CloudWatch dashboard.
B. Enable Amazon RDS Performance Insights.
C. Enable and configure Enhanced Monitoring.
D. Review the database logs in Amazon CloudWatch Logs.
Answer: B
Explanation:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.EnableMySQL.html
QUESTION 172
A company is partnering with an external vendor to provide data processing services. For this integration, the vendor must host the company’s data in an Amazon S3 bucket in the vendor’s AWS account. The vendor is allowing the company to provide an AWS Key Management Service (AWS KMS) key to encrypt the company’s data. The vendor has provided an IAM role Amazon Resources Name (ARN) to the company for this integration.
What should a SysOps administrator do to configure this integration?
A. Create a new KMS key.
Add the vendor’s IAM role ARN to the KMS key policy.
Provide the new KMS key ARN to the vendor.
B. Create a new KMS key.
Create a new IAM key.
Add the vendor’s IAM role ARN to an inline policy that is attached to the IAM user.
Provide the new IAM user ARN to the vendor.
C. Configure encryption using the KMS managed S3 key.
Add the vendor’s IAM role ARN to the KMS key policy.
Provide the KMS managed S3 key ARN to the vendor.
D. Configure encryption using the KMS managed S3 key.
Create an S3 bucket. Add the vendor’s IAM role ARN to the S3 bucket policy.
Provide the S3 bucket ARN to the vendor.
Answer: D
Explanation:
https://bookdown.org/bingweiliu11/aws-tutorial-book/use-case.html
QUESTION 173
A company is planning to host an application on a set of Amazon EC2 instances that are distributed across multiple Availability Zones. The application must be able to scale to millions of requests each second.
A SysOps administrator must design a solution to distribute the traffic to the EC2 instances. The solution must be optimized to handle sudden and volatile traffic patterns while using a single static IP address for each Availability Zone.
Which solution will meet these requirements?
A. Amazon Simple Queue Service (Amazon SQS) queue
B. Application Load Balancer
C. AWS Global Accelerator
D. Network Load Balancer
Answer: B
QUESTION 174
A SysOps administrator is provisioning an Amazon Elastic File System (Amazon EFS) file system to provide shared storage across multiple Amazon EC2 instances. The instances all exist in the same VPC across multiple Availability Zones. There are two instances in each Availability Zone. The SysOps administrator must make the file system accessible to each instance with the lowest possible latency.
Which solution will meet these requirements?
A. Create a mount target for the EFS file system in the VPC.
Use the mount target to mount the file system on each of the instances.
B. Create a mount target for the EFS file system in one Availability Zone of the VPC.
Use the mount target to mount the file system on the instances in that Availability Zone.
Share the directory with the other instances.
C. Create a mount target for each instance.
Use each mount target to mount the EFS file system on each respective instance.
D. Create a mount target in each Availability Zone of the VPC.
Use the mount target to mount the EFS file system on the instances in the respective Availability Zone.
Answer: D
Explanation:
https://docs.aws.amazon.com/efs/latest/ug/accessing-fs
QUESTION 175
When the AWS Cloud infrastructure experiences an event that may impact an organization, which AWS service can be used to see which of the organization’s resources are affected?
A. AWS Service Health Dashboard
B. AWS Trusted Advisor
C. AWS Personal Health Dashboard
D. AWS Systems Manager
Answer: C
Explanation:
https://docs.aws.amazon.com/health/latest/ug/getting-started-phd.html
QUESTION 176
A company creates custom AMI images by launching new Amazon EC2 instances from an AWS CloudFormation template. It installs and configures necessary software through AWS OpsWorks, and takes images of each EC2 instance. The process of installing and configuring software can take between 2 to 3 hours, but at times, the process stalls due to installation errors.
The SysOps administrator must modify the CloudFormation template so if the process stalls, the entire stack will fail and roll back.
Based on these requirements, what should be added to the template?
A. Conditions with a timeout set to 4 hours.
B. CreationPolicy with a timeout set to 4 hours.
C. DependsOn with a timeout set to 4 hours.
D. Metadata with a timeout set to 4 hours.
Answer: B
Explanation:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/deploying.applications.html
Resources From:
1.2022 Latest Braindump2go SOA-C02 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/soa-c02.html
2.2022 Latest Braindump2go SOA-C02 PDF and SOA-C02 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1SwmRv-OKTAJzLTMirp_O8l8tjGIFElzz?usp=sharing
3.2021 Free Braindump2go SOA-C02 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/SOA-C02-PDF-Dumps(158-176).pdf
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!