Weekend Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

How to Pass the Amazon Web Services SOA-C01 Exam: Comprehensive AWS Certified SysOps Administrator - Associate Guide and Tips

Questions 71

A company is planning to deploy multiple ecommerce websites across the eu-west-1, ap-east-1, and us-west-1 Regions. The websites consist of Amazon S3 buckets Amazon EC2 instances, Amazon RDS databases and Elastic Load Balancers.

Which method will accomplish the deployment with the LEAST amount of effort?

Options:

A.

Configure deployment automation using AWS OpsWorks

B.

Configure S3 cross-Region replication

C.

Use AWS CloudFormation stack sets to deploy the application

D.

Use AWS Elastic Beanstalk to deploy the application

Buy Now
Questions 72

A development team recently deployed new version of a web application to production. After the release, penetration testing revealed a cross-site scripting vulnerability that could expose user data.

Which AWS service will mitigate this issue?

Options:

A.

AWS Shield Standard

B.

AWS WAF

C.

Elastic Load balancing

D.

Amazon Cognito

Buy Now
Questions 73

A SysOps Administrator must ensure all Amazon EBS volumes currently in use, and those created in the future, are encrypted with a specific AWS KMS customer master key (CMK).

What is the MOST efficient way for the Administrator to meet this requirement?

Options:

A.

Create an AWS Lambda function to run on a daily schedule, and have the function run the aws ec2 describe-volumes --filters encrypted command.

B.

Within Aws Config, configure the encrypted-volumes managed rule and specify the key ID of the CMK.

C.

Log in to the AWS Management Console on a daily schedule, then filter the list of volumes by encryption status, then export this list.

D.

Create an AWS Lambda function to run on a daily schedule, and have the function run the aws kms describe key command.

Buy Now
Questions 74

A company's application infrastructure was deployed using AWS CloudFormation and is composed of Amazon EC2 instances behind an Application Load Balancer. The instances run an EC2 Auto Scaling group across multiple Availability Zones. When releasing a new version of the application, the update deployment must avoid DNS changes and allow rollback.

Which solution should a sysops administrator use to meet the deployment requirements for this new release?

Options:

A.

Configure the Auto Scaling group to use lifecycle hooks. Deploy now instances with the new application version. Complete the lifecycle hook action once healthy.

B.

Create a new Amazon Machine Image (AMI) containing the updated code. Create a launch configuration with the AMI. Update Auto Scaling group to use the new lauch configuration.

C.

Deploy a second CloudFormation stack. Wait for the application to be available Cut over to the new Application Load Balancer

D.

Modify the CloudFormation template to use an AutoScalingReplacingUpdate policy. Update the stack. Perform a second update with the new release

Buy Now
Questions 75

A company recently implemented an Amazon S3 lifecycle rule that accidentally deleted objects from one of its S3 buckets. The bucket has S3 versioning enabled.

Which actions will restore the objects? (Choose two.)

Options:

A.

Use the AWS Management Console to delete the object delete markers.

B.

Create a new lifecycle rule to delete the object delete markers that were created.

C.

Use the AWS CLI to delete the object delete markers while specifying the version IDs of the delete markers.

D.

Modify the existing lifecycle rule to delete the object delete markers that were created.

E.

Use the AWS CLI to delete the object delete markers while specifying the name of the objects only.

Buy Now
Questions 76

A company has a multi-tier web application. In the web tier, all the servers are in private subnets inside a VPC. The development team wants to make changes to the application that requires access to Amazon S3.

What should be done to accomplish this?

Options:

A.

Create a customer gateway to connect to Amazon S3 Modify the route table of the private subnets to use the customer gateway

B.

Create a gateway VPC endpoint for Amazon S3 Modify the route table of the private subnets to use the gateway VPC endpoint.

C.

Create a NAT gateway in the private subnets. Modify the route table of the subnets to use the NAT gateway.

D.

Create an S3 bucket policy to allow connections from the private subnets. Modify the route table.

Buy Now
Questions 77

A company uses AWS CloudFormation to deploy its application infrastructure. Recently, a user accidentally changed a property of a database in a CloudFormation template and performed a stack update that caused an interruption to the application. A SysOps Administrator must determine how to modify the deployment process to allow the DevOps team to continue to deploy the infrastructure, but prevent against accidental modifications to specific resources.

Which solution will meet these requirements?

Options:

A.

Set up an AWS Config rule to alert based on changes to any Cloud Formation stack. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.

B.

Set up an Amazon CloudWatch Events event with a rule to trigger based on any CloudFormation API call. An AWS Lambda function can then describe the stack to determine if any protected resources were modified and cancel the operation.

C.

Launch the CloudFormation templates using a stack policy with an explicit allow for all resources and an explicit deny of the protected resources with an action of Update:*

D.

Attach an IAM policy to the DevOps team role that prevents a CloudFormation stack from updating, with a condition based on the specific Amazon Resource names (ARNs) of the protected resources.

Buy Now
Questions 78

A company is running multiple AWS Lambda functions in a non-VPC environment. Most of the functions are application-specific; an operational function is involved synchronously every hour.

Recently, the Applications team deployed new functions that are triggered based on an Amazon S3 event to process multiple files that are uploaded to an S3 bucket simultaneously. The SysOps Administrator notices that the operational function occasionally fails to execute due to throttling.

What step should the Administrator take to make sure that the operational function executes?

Options:

A.

Redeploy the operational function to a VPC.

B.

Increase the operational function timeout.

C.

Set the operational function concurrency to 1.

D.

Increase the operational function memory.

Buy Now
Exam Code: SOA-C01
Exam Name: AWS Certified SysOps Administrator - Associate
Last Update: Oct 13, 2024
Questions: 263

PDF + Testing Engine

$159.99
$56

Testing Engine

$119.99
$42

PDF (Q&A)

$99.99
$35