Amazon SOA-C01 Exam Dumps

A company's application running on Amazon EC2 Linux recently crashed because it ran out ot available memory. Management wants to be alerted if this ever happens again. Which combination of steps will accomplish this? (Select TWO.)

A. Create an Amazon CloudWatch dashboard to monitor the memory usage metrics on theInstance over time.
B. Create an alarm on the dashboard that publishes an Amazon SNS notification to alertthe CIO when a threshold is passed.
C. Create an alarm on the metric that publishes an Amazon SNS notification to alert theCIO when a threshold is passed.
D. Create an alarm on the AWS Personal Health Dashboard that publishes an AmazonSNS notification to alert the CIO when the system is out of memory.
E. Configure the Amazon CloudWatch agent to collect and push memory usage metrics onthe instance.

Answer: B,E

A sysops administrator has an AWS Lambda function that performs maintenance on various AWS resources. This function must be run nightly. Which is the MOST costeffective solution?

A. Launch a single t2.nano Amazon EC2 instance and create a Linux cron job to invoke theLambda function at the same time every night.
B. Set up an Amazon CloudWatch metrics alarm to invoke the Lambda function at thesame time every night.
C. Schedule a CloudWatch event to invoke the Lambda function at the same time everynight.
D. Implement a Chef recipe in AWS OpsWorks stack to invoke the Lambda function at thesame time every night.

Answer: C

A SysOps administrator is implementing automated I/O load performance testing as part of lite continuous integraliorVcontinuous delivery (CI'CD) process for an application The application uses an Amazon Elastic Block Store (Amazon E8S) Provisioned IOPS volume for each instance that is restored from a snapshot and requires consistent I/O performance. During the initial tests, the I/O performance results are sporadic. The SysOps administrator must ensure that the tests yield more consistent results. Which actions could the SysOps administrator take to accomplish this goal? (Select TWO.)

A. Restore the EBS volume from the snapshot with fast snapshot restore enabled
B. Restore the EBS volume from the snapshot using the cold HDD volume type.
C. Restore the EBS volume from the snapshot and pre-warm the volume by reading all ofthe blocks.
D. Restore the EBS volume from the snapshot and configure encryption.
E. Restore the EBS volume from the snapshot and configure I/O block sizes at random

Answer: A,C

Users are struggling to connect to a single public-facing development web server using its public IP address on a unique port number ot 8181 The security group is correctly configured to allow access on that port and the network ACLs are using the default configuration. Which log type will confirm whether users are trying to connect to the correct port?

A. AWS CloudTrail logs
B. Elastic Load Balancer access logs
C. Amazon S3 access logs
D. VPC Flow Logs

Answer: B

A company will migrate its on-premises enterprise system to AWS. The enterprise system will be hosted on memory optimized Amazon EC2 instances across multiple Availability Zones. The enterprise system needs shared file storage that is scalable and block-based. A SysOps team must configure the encryption of data in transit tor the shared He system and develop a backup strategy to cost-effectively store the file system data centrally. Which solution will meet these requirements?

A. Use Amazon Elastic Block Store (Amazon EBS) for the shared file storage. Mount the EBS volume to the EC2 instances. Use a custom script to create a backup of the entire file system and protect data in transit by using SSL 
B. Use Amazon Elastic File System (Amazon EFS) for the shared file storage. Use AWS Backup to configure backups. Use lifecycle policies to automatically transition backups to cold storage. Use the amazon-efs-utils package to mount the EFS file system by using the TLS options
C. Use Amazon Elastic File System (Amazon EFS) for the shared file storage. Use AWS Backup to configure backups. Use lifecycle policies to automatically transition backups to cold storage Perform data-in-transit encryption by using client-side encryption. 
D. Use Amazon S3 for the shared file storage. Mount the S3 bucket directory to the EC2 instances. Use an S3 Lifecycle policy to archive the data in Amazon S3 Glacier. 

Answer: B

A SysOps administrator is running an automatically scaled application behind an Application Load Balancer. Scaling out Is triggered when the CPU Utilization instance metric is more than 75% across the Auto Scaling group. The administrator noticed aggressive scaling out. Developers suspect an application memory leak that is causing aggressive garbage collection cycles. How can the administrator troubleshoot the application without triggering the scaling process?

A. Create a scale down trigger when the CPUUtilization instance metric is at 70%.
B. Delete the Auto Scaling group and recreate it when troubleshooting is complete
C. Remove impacted instances from the Application Load Balancer.
D. Suspend the scaling process before troubleshooting.

Answer: D

A company uses LDAP-based credentials and Has a Security Assertion Markup Language (SAML) 2.0 identity provider. A SysOps administrator has configured various federated roles in a new AWS account to provide AWS Management Console access for groups of users that use the existing LDAP-Based credentials. Several groups want to use the AWS CLI on their workstations to automate daily tasks. To enable them to do so, the SysOps administrator has created an application that authenticates a user and generates a SAML assertion. Which API call should be used to retrieve credentials for federated programmatic access?

A. sts:AssumeRote
B. sts:AssumeRoleWithSAML
C. stsAssumeRoleWithWebldentity
D. sts:GetFederationToken

Answer: B

A company with dozens of AWS accounts wants to ensure that governance rules are being applied across all accounts. The CIO has recommended that AWS Config rules be deployed using an AWS Cloud Formation template. How should this be accomplished?

A. Create a Cloud Form at ion stack in the master account of AWS Organizations andexecute the Cloud Formation template to create AWS Config rules in all accounts.
B. Create a CloudFormation stack set. then select the Cloud Formation template and use Itto configure the AWS accounts.
C. Use AWS Organizations to execute the CloudFormation template in all accounts.
D. Write a script that iterates over the company's AWS accounts and executes the CloudFormation template in each account.

Answer: B

A company relies on a fleet of Amazon EC2 instances to support an application. One of the EC2 instances was scheduled for hardware maintenance by AWS. An operations team did not remove the EC2 instance from the fleet in advance of the scheduled maintenance, and an unplanned outage resulted. A SysOps administrator must configure notifications to let the operations team know about scheduled maintenance in the future. Which action should the SysOps administrator take to meet this requirement?

A. Create an AWS Lambda function K> look up user data settings of the EC2 instance andpublish a notification to an Amazon Simple Notification Service {Amazon SNS) topic.
B. Create AWS Config rules to monitor the fleet of EC2 instances and publish a notificationto an Amazon Simple Notification Service {Amazon SNS) topic.
C. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to publish AWSPersonal Health Dashboard events to an Amazon Simple Notification Service (AmazonSNS) topic.
D. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to publish AWSService Health Dashboard events lo an Amazon Simple Notification Service (Amazon SNS)topic.

Answer: A

A company is using AWS Storage Gateway to create block storage volumes and mount them as Internet Small Computer Systems Interlace (iSCSI) devices from on-premise! servers As the Storage Gateway has taken on several new projects some of the Development teams report that the performance of the iSCSI drives has degraded. When checking the Amazon CloudWatch metrics a SysOps Administrator notices that the cachePercentUsed metric is below 60% and the cachePercentUsed metric is above 90%. What steps should the Administrator take to increase Storage Gateway performance?

A. Change the default block size for the Storage Gateway from 64 KB to 128 KB 256 KB or512 KB to improve I/O performance
B. Create a larger disk for the cached volume. In the AWS Management Console. edit thelocal disks then select the new disk as the cached volume
C. Ensure that the physical disks for the Storage Gateway are in a RAID 1 configuration toallow higher throughput
D. Take point in time snapshots of all the volumes in Storage Gateway flush the cachecompletely then restore the volumes from the clean snapshots

Answer: A

An organization stores sensitive customer information in S3 buckets protected by bucket policies. Recently, there have been reports that unauthorized entities within the company have been trying to access the data on those S3 buckets. The chief information security officer (CISO) would like to know which buckets are being targeted and determine who is responsible for trying to access that information. Which steps should a SysOps administrator take to meet the CISO's requirement? (Select TWO.)

A. Enable Amazon S3 Analytics on all affected S3 buckets to obtain a report of whichbuckets are being accessed without authorization.
B. Enable Amazon S3 Server Access Logging on all affected S3 buckets and have the logsstored in a bucket dedicated for logs.
C. Use Amazon Athena to query S3 Analytics reports for HTTP 403 errors, and determinethe 1AM user or role making the requests.
D. Use Amazon Athena to query the S3 Server Access Logs for HTTP 403 errors, anddetermine the 1AM user or role making the requests.
E. Use Amazon Athena to query the S3 Server Access Logs for HTTP 503 errors, anddetermine the 1AM user or role making the requests.

Answer: A,B

A SysOps administrator is evaluating Amazon Route 53 DNS options to address concerns about high availability tor an on-premises website. The website consists of two servers: a primary active server and a secondary passive server. Route 53 should route traffic to the primary server if the associated health check returns 2xx or 3xx HTTP codes. AH other traffic should be directed to the secondary passive server. The failover record type, set ID, and routing policy have been set appropriately for both primary and secondary servers. Which next step should be taken to configure Route 53?

A. Create an A record for each server. Associate the records with the Route 53 HTTP health check.
B. Create an A record for each server. Associate the records with the Route 53 TCP health check.
C. Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 HTTP health check.  
D. Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 TCP health check. 

Answer: C

A SysOps administrator is investigating why a user has been unable to use RDP to connect over the internet from their home computer to a bastion server running on an Amazon EC2 Windows instance Which of the following are possible causes of this issue? (Select TWO.)

A. A network ACL associated with the bastion's subnet is blocking the network traffic
B. The instance does not have a private IP address.
C. The route table associated with the bastion's subnet does not have a route to theinternet gateway
D. The security group for the instance does not have an inbound rule on port 22
E. The security group for the instance does not have an outbound rule on port 3389.

Answer: A,C

A SysOps administrator is configuring an application on AWS to be used over the internet by departments in other countries For remote locations, the company requires a static public IP address to be explicitly allowed as a target for outgoing internet traffic How should the SysOps administrator deploy the application to meet this requirement? 

A. Deploy the application on an Amazon Elastic Container Service (Amazon ECS) clusterConfigure an AWS App Mesh service mesh.
B. Deploy the application as AWS Lambda functions behind an Application Load Balancer
C. Deploy the application on Amazon EC2 instances behind an internet-facing NetworkLoad Balancer
D. Deploy the application on an Amazon Elastic Kubernetes Service (Amazon EKS) clusterbehind an Amazon API Gateway

Answer: C

A company is running an application on Amazon EC2 instances. The company needs to stop all development instances during non-business hours to reduce costs. The instances must be started again at trie beginning of each business day. Which solution meets these requirements with the LEAST administrative overhead?

A. Add the instances to an EC2 Auto Scaling group. Configure the scaling policy to scale in when the instances are at low CPU utilization levels.
B. Create a cron script on each EC2 instance that shuts down the instance at the end of each day.
C. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that triggers an Amazon Simple Notification Service (Amazon SNS) topic to let a SysOps administrator know to start or stop the EC2 instances.
D. Create Amazon EventBridge (Amazon CloudWatch Events) scheduled rules that trigger an AWS Lambda function to start or stop the EC2 instances. 

Answer: D

A company is managing multiple AWS accounts using AWS Organizations. One of these accounts is used only for retaining logs in an Amazon S3 bucket The company wants to make sure that compute resources cannot be used in the account. How can this be accomplished with the LEAST administrative effort?

A. Apply an 1AM policy to all 1AM entities in the account with a statement to explicitly denyNotAction: s3:
B. Configure AWS Config to terminate compute resources that have been created in theaccounts.
C. Configure AWS CloudTrail to block any action where the event source is nots3.amazonaws.com.
D. Update the service control policy on the account to deny the unapproved services.

Answer: D

An ecommerce company uses an Amazon ElastiCache for memcached cluster for inmemory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the sysops administrator notices a large number of evictions.Which of the following actions will reduce these evictions? (Select Two)  

A. Add an additional node to the ElasticCache cluster.
B. Increase the ElastiCache time to the live (TTL).
C. Increase the individual node size inside the ElasiCache cluster.
D. Put an Elastic load Balancer in front of the ElasticCache cluster.
E. Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster.

Answer: A,C

A company has a web application that is experiencing performance problems many times each night. A root cause analysis reveals spikes in CPU utilization that last 5 minutes on an Amazon EC2 Linux instance. A SysOps administrator is tasked with finding the process ID (PID) of the service or process that is consuming more CPU. How can the administrator accomplish this with the LEAST amount of effort?

A. Configure an AWS Lambda function in Python 3.7 to run every minute to capture the PID and send a notification
B. Configure the procstat plugin to collect and send CPU metrics for the running processes.  
C. Log in to the EC2 Linux instance using a .pern key each night and then run the top command 
D. Use the default Amazon CloudWatch CPU utilization metric to capture the PID in the CloudWatch dashboard. 

Answer: D