The SysOps administrator needs to deploy auditing software on all existing and new EC2 instances across multiple Regions, using AWS Systems Manager.
Options:
A company needs to upload gigabytes of files every day. The company need to achieve higher throughput and upload speeds to Amazon S3 Which action should a SysOps administrator take to meet this requirement?
An application runs on multiple Amazon EC2 instances in an Auto Scaling group The Auto Scaling group is configured to use the latest version of a launch template A SysOps administrator must devise a solution that centrally manages the application logs and retains the logs for no more than 90 days
Which solution will meet these requirements?
While setting up an AWS managed VPN connection, a SysOps administrator creates a customer gateway resource in AWS The customer gateway device resides in a data center with a NAT gateway in front of it
What address should be used to create the customer gateway resource?
A SysOps administrator manages a company's Amazon S3 buckets. The SysOps administrator has identified 5 GB of incomplete multipart uploads in an S3 bucket in the company's AWS account. The SysOps administrator needs to reduce the number of incomplete multipart upload objects in the S3 bucket.
Which solution will meet this requirement?
A company has 50 AWS accounts and wants to create an identical Amazon VPC in each account. Any changes the company makes to the VPCs in the future must be implemented on every VPC.
What is the MOST operationally efficient method to deploy and update the VPCs in each account?
A company runs an application on Amazon EC2 instances behind an Application Load Balancer. The EC2 instances are in an Auto Scaling group. The application sometimes becomes slow and unresponsive. Amazon CloudWatch metrics show that some EC2 instances are experiencing high CPU load.
A SysOps administrator needs to create a CloudWatch dashboard that can automatically display CPU metrics of all the EC2 instances. The metrics must include new instances that are launched as part of the Auto Scaling group.
What should the SysOps administrator do to meet these requirements in the MOST operationally efficient way?
A company performs advanced statistical analysis by using custom software. The custom software runs on a cluster of Amazon EC2 instances and is sensitive to network latency between the nodes. None of the instances are approaching their network throughput limitations.
Which solution will MINIMIZE the network latency?
A company migrated a non-production application that is I/O intensive to a general purpose Amazon EC2 instance. A General Purpose SSD (gp3) Amazon Elastic Block Store (Amazon EBS) volume is attached to the EC2 instance. Users report that actions that require intensive reading and writing to the disk are taking longer than normal or are failing.
A SysOps administrator reviews the performance metrics of the EBS volume. The VolumeQueueLength metric is consistently high during the same times in which the users report issues. The SysOps administrator needs to resolve this problem to restore full performance to the application.
Which action will meet this requirement?
A company runs its entire suite of applications on Amazon EC2 instances. The company plans to move the applications to containers and AWS Fargate. Within 6 months, the company plans to retire its EC2 instances and use only Fargate. The company has been able to estimate its future Fargate costs.
A SysOps administrator needs to choose a purchasing option to help the company minimize costs. The SysOps administrator must maximize any discounts that are available and must ensure that there are no unused reservations.
Which purchasing option will meet these requirements?
A company hosts a web portal on Amazon EC2 instances. The web portal uses an Elastic Load Balancer (ELB) and Amazon Route 53 for its public DNS service. The ELB and the EC2 instances are deployed by way of a single AWS CloudFormation stack in the us-east-1 Region. The web portal must be highly available across multiple Regions.
Which configuration will meet these requirements?
A company has applications that process transaction requests multiple times each minute. The applications write transaction data to a single Amazon RDS DB instance. As the company begins to process more transactions, the company becomes concerned that it has no failover solution in place for disaster recovery (DR). The company needs the DB instance to fail over automatically without losing any committed transactions.
Which solution will meet these requirements?
The company is experiencing increased message load from the frontend to the backend, causing message loss due to backend capacity limitations.
Options:
A company has deployed a web application in a VPC that has subnets in three Availability Zones. The company launches three Amazon EC2 instances from an
EC2 Auto Scaling group behind an Application Load Balancer (ALB).
A SysOps administrator notices that two of the EC2 instances are in the same Availability Zone, rather than being distributed evenly across all three Availability
Zones. There are no errors in the Auto Scaling group's activity history.
What is the MOST likely reason for the unexpected placement of EC2 instances?
A company has an application that is deployed 10 two AWS Regions in an active-passive configuration. The application runs on Amazon EC2 instances behind an Application Load Balancer (ALB) in each Region. The instances are in an Amazon EC2 Auto Scaling group in each Region. The application uses an Amazon Route 53 hosted zone (or DNS. A SysOps administrator needs to configure automatic failover to the secondary Region.
What should the SysOps administrator do to meet these requirements?
A SysOps administrator must ensure that all of a company's current and future Amazon S3 buckets have logging enabled If an S3 bucket does not have logging enabled an automated process must enable logging for the S3 bucket.
Which solution will meet these requirements?
A company wants to be alerted through email when IAM CreateUser API calls are made within its AWS account.
Which combination of actions should a SysOps administrator take to meet this requirement? (Choose two.)
A company uses AWS Organizations to manage its multi-account environment. The organization contains a dedicated account for security and a dedicated account for logging. A SysOps administrator needs to implement a centralized solution that provides alerts when a resource metric in any account crosses a standard defined threshold.
Which solution will meet these requirements?
A SysOps administrator needs to give users the ability to upload objects to an Amazon S3 bucket. The SysOps administrator creates a presigned URL and provides the URL to a user, but the user cannot upload an object to the S3 bucket. The presigned URL has not expired, and no bucket policy is applied to the S3 bucket.
Which of the following could be the cause of this problem?
The SysOps administrator must restart the web server if specific errors are detected in logs on EC2 instances behind a load balancer.
Options (Select THREE):
A company has a Python script that needs to send an SMS message to a monitoring center. A SysOps administrator must use Amazon EventBridge and AWS Lambda to automatically run the Python script every 60 minutes. Which solution will meet these requirements?
If your AWS Management Console browser does not show that you are logged in to an AWS account, close the browser and relaunch the
console by using the AWS Management Console shortcut from the VM desktop.
If the copy-paste functionality is not working in your environment, refer to the instructions file on the VM desktop and use Ctrl+C, Ctrl+V or Command-C , Command-V.
Configure Amazon EventBridge to meet the following requirements.
1. use the us-east-2 Region for all resources,
2. Unless specified below, use the default configuration settings.
3. Use your own resource naming unless a resource
name is specified below.
4. Ensure all Amazon EC2 events in the default event
bus are replayable for the past 90 days.
5. Create a rule named RunFunction to send the exact message every 1 5 minutes to an existing AWS Lambda function named LogEventFunction.
6. Create a rule named SpotWarning to send a notification to a new standard Amazon SNS topic named TopicEvents whenever an Amazon EC2
Spot Instance is interrupted. Do NOT create any topic subscriptions. The notification must match the following structure:
Input Path:
{“instance” : “$.detail.instance-id”}
Input template:
“ The EC2 Spot Instance
You need to update an existing AWS CloudFormation stack. If needed, a copy to the CloudFormation template is available in an Amazon SB bucket named cloudformation-bucket
1. Use the us-east-2 Region for all resources.
2. Unless specified below, use the default configuration settings.
3. update the Amazon EQ instance named Devinstance by making the following changes to the stack named 1700182:
a) Change the EC2 instance type to us-east-t2.nano.
b) Allow SSH to connect to the EC2 instance from the IP address range
192.168.100.0/30.
c) Replace the instance profile IAM role with IamRoleB.
4. Deploy the changes by updating the stack using the CFServiceR01e role.
5. Edit the stack options to prevent accidental deletion.
6. Using the output from the stack, enter the value of the Prodlnstanceld in the text box below:
A webpage is stored in an Amazon S3 bucket behind an Application Load Balancer (ALB). Configure the SS bucket to serve a static error page in the event of a failure at the primary site.
1. Use the us-east-2 Region for all resources.
2. Unless specified below, use the default configuration settings.
3. There is an existing hosted zone named lab-
751906329398-26023898.com that contains an A record with a simple routing policy that routes traffic to an existing ALB.
4. Configure the existing S3 bucket named lab-751906329398-26023898.com as a static hosted website using the object named index.html as the index document
5. For the index-html object, configure the S3 ACL to allow for public read access. Ensure public access to the S3 bucketjs allowed.
6. In Amazon Route 53, change the A record for domain lab-751906329398-26023898.com to a primary record for a failover routing policy. Configure the record so that it evaluates the health of the ALB to determine failover.
7. Create a new secondary failover alias record for the domain lab-751906329398-26023898.com that routes traffic to the existing 53 bucket.
A company needs to create a daily Amazon Machine Image (AMI) of an existing Amazon Linux EC2 instance that hosts the operating system, application, and database on multiple attached Amazon Elastic Block Store (Amazon EBS) volumes. File system integrity must be maintained.
Which solution will meet these requirements?
A company has a stateful web application that is hosted on Amazon EC2 instances in an Auto Scaling group. The instances run behind an Application Load Balancer (ALB) that has a single target group. The ALB is configured as the origin in an Amazon CloudFront distribution. Users are reporting random logouts from the web application.
Which combination of actions should a SysOps administrator take to resolve this problem? (Select TWO.)
A company's SysOps administrator must ensure that all Amazon EC2 Windows instances that are launched in an AWS account have a third-party agent installed. The third-party agent has an msi package. The company uses AWS Systems Manager for patching, and the Windows instances are tagged appropriately. The third-party agent required periodic updates as new versions are released. The SysOps administrator must deploy these updates automatically
Which combination of steps will meet these requirements with the LEAST operational effort? (Seed TWO.)
Create a Systems Manager Distributor package for the third-party agent.
A company is creating a new multi-account architecture. A Sysops administrator must implement a login solution to centrally manage
user access and permissions across all AWS accounts. The solution must be integrated with AWS Organizations and must be connected to a third-party Security Assertion Markup Language (SAML) 2.0 identity provider (IdP).
What should the SysOps administrator do to meet these requirements?
A SysOps administrator wants to manage a web server application with AWS Elastic Beanstalk. The Elastic Beanstalk service must maintain full capacity for new deployments at all times.
Which deployment policies satisfy this requirement? (Select TWO.)
A team of On-call engineers frequently needs to connect to Amazon EC2 Instances In a private subnet to troubleshoot and run commands. The Instances use either the latest AWS-provided Windows Amazon Machine Images (AMIs) or Amazon Linux AMIs.
The team has an existing IAM role for authorization. A SysOps administrator must provide the team with access to the Instances by granting IAM permissions to this
Which solution will meet this requirement?
The SysOps administrator needs to complete the KMS key policy for least privilege read access for the DataEngineer role to decrypt S3 objects encrypted with a KMS key.
Options:
A company decides to stop non-production Amazon EC2 instances during the EC2 instances. The company's IT manager must receive notification in near real time whenever an EC2 instance that has an environment type tag value of non-production is started during the night.
Which solution will meet this requirement with the MOST operational efficiency?
A company hosts a static website in an Amazon S3 bucket. The website is accessed globally. The company has configured an Amazon CloudFront distribution and has set the S3 bucket as the distribution's origin. The Cache-Control max-age header is set to 1 hour The Maximum TTL is set to 5 minutes.
A SysOps administrator observes that website performance is lower than expected. CloudFront is not caching objects for the amount of time that is configured.
What is the reason for this issue?
A SysOps administrator is creating resources from an AWS CloudFormation template that defines an Auto Scaling group of Amazon EC2 instances. The Auto Scaling group launch template provisions each EC2 instance by using a user data script. The creation of the Auto Scaling group resource is failing because of an error The wait condition is not receiving the required number of signals.
How should the SysOps administrator resolve this error?
A SysOps administrator needs to configure an Amazon S3 bucket to host a web application. The SysOps administrator has created the S3 bucket and has copied the static files for the web application to the S3 bucket.
The company has a policy that all S3 buckets must not be public.
What should the SysOps administrator do to meet these requirements?
A recent organizational audit uncovered an existing Amazon RDS database that is not currently configured for high availability. Given the critical nature of this database, it must be configured for high availability as soon as possible.
How can this requirement be met?
A company has two general purpose Amazon EC2 instances that run a software package. Each EC2 instance is attached to its own 500 GiB General Purpose SSD (gp2) Amazon Elastic Block Store (Amazon EBS) volume.
Each EBS volume frequently reaches its IOPS limit, negatively affecting workload performance. The company is starting a large promotion that will require 5 times more IOPS.
Which solution will meet these requirements?
An organization is running multiple applications for their customers. Each application is deployed by running a base AWS CloudFormation template that configures a new VPC. All applications are run in the same AWS account and AWS Region. A SysOps administrator has noticed that when trying to deploy the same AWS
CloudFormation stack, it fails to deploy.
What is likely to be the problem?
A company plans to deploy a database on an Amazon Aurora MySQL DB cluster. The database will store data for a demonstration environment. The data must be reset on a daily basis.
What is the MOST operationally efficient solution that meets these requirements?
A company uses AWS Organizations to manage multiple AWS accounts. Corporate policy mandates that only specific AWS Regions can be used to store and process customer data. A SysOps administrator must prevent the provisioning of Amazon EC2 instances in unauthorized Regions by anyone in the company.
What is the MOST operationally efficient solution that meets these requirements?
A company has a new requirement stating that all resources In AWS must be tagged according to a set policy.
Which AWS service should be used to enforce and continually Identify all resources that are not in compliance with the policy?
A SysOps administrator needs to configure the Amazon Route 53 hosted zone for example.com and www.example.com to point to an Application Load Balancer (ALB). Which combination of actions should the SysOps administrator take to meet these requirements? (Select TWO.)
A company's ecommerce application is running on Amazon EC2 instances that are behind an Application Load Balancer (ALB). The instances are in an Auto Scaling group. Customers report that the website is occasionally down. When the website is down, the website returns an HTTP 500 (server error) status message to customer browsers.
The Auto Scaling group's health check is configured for EC2 status checks, and the instances are healthy.
Which solution will resolve the problem?
A SysOps administrator needs to share a new AMI with all accounts within an organization managed through AWS Organizations.
Options:
A company has mandated the use of multi-factor authentication (MFA) for all IAM users, and requires users to make all API calls using the CLI. However. users are not prompted to enter MFA tokens, and are able to run CLI commands without MFA. In an attempt to enforce MFA, the company attached an IAM policy to all users that denies API calls that have not been authenticated with MFA.
What additional step must be taken to ensure that API calls are authenticated using MFA?
A Sysops administrator launches an Amazon EC2 instance from a Windows Amazon Machine Image (AMI). The EC2 instance includes additional Amazon Elastic Block Store (Amazon EBS) volumes. When the instance is launched, none of the additional Amazon Elastic Block Store (Amazon EBS) volumes are initialized and ready for use through a drive letter. The SysOps administrator needs to automate the EBS volume initialization.
Which solution will meet these requirements in the MOST operationally efficient way?
A company's IT department noticed an increase in the spend of their developer AWS account. There are over 50 developers using the account, and the finance team wants to determine the service costs incurred by each developer.
What should a SysOps administrator do to collect this information? (Select TWO.)
A company is expanding its fleet of Amazon EC2 instances before an expected increase of traffic. When a SysOps administrator attempts to add more instances, an InstanceLimitExceeded error is returned.
What should the SysOps administrator do to resolve this error?
A company stores sensitive data in an Amazon S3 bucket. The company must log all access attempts to the S3 bucket. The company's risk team must receive immediate notification about any delete events.
Which solution will meet these requirements?
The company’s ecommerce website running on EC2 instances behind an ALB intermittently returns HTTP 500 errors. The Auto Scaling group is only using EC2 status checks.
Options:
A company is experiencing issues with legacy software running on Amazon EC2 instances. Errors occur when the total CPU utilization on the EC2 instances exceeds 80%. A short-term solution is required while the software is being rewritten. A SysOps administrator is tasked with creating a solution to restart the instances when the CPU utilization rises above 80%.
Which solution meets these requirements with the LEAST operational overhead?
A SysOps administrator uses AWS Systems Manager Session Manager to connect to instances After the SysOps administrator launches a new Amazon EC2 instance the EC2 instance does not appear in the Session Manager list of systems that are available for connection. The SysOps administrator verities that Systems Manager Agent is installed updated and running on the EC2 instance
What is the reason for this issue?
A company monitors its account activity using AWS CloudTrail. and is concerned that some log files are being tampered with after the logs have been delivered to the account's Amazon S3 bucket.
Moving forward, how can the SysOps administrator confirm that the log files have not been modified after being delivered to the S3 bucket?
A SysOps administrator has created a VPC that contains a public subnet and a private subnet. Amazon EC2 instances that were launched in the private subnet cannot access the internet. The default network ACL is active on all subnets in the VPC, and all security groups allow all outbound traffic:
Which solution will provide the EC2 instances in the private subnet with access to the internet?
A SysOps administrator wants to securely share an object from a private Amazon S3 bucket with a group of users who do not have an AWS account. What is the MOST operationally efficient solution that will meet this requirement?
A company needs to automatically monitor an AWS account for potential unauthorized AWS Management Console logins from multiple geographic locations.
Which solution will meet this requirement?
A SysOps administrator is unable to launch Amazon EC2 instances into a VPC because there are no available private IPv4 addresses in the VPC. Which combination of actions must the SysOps administrator take to launch the instances? (Select TWO.)
A SysOps administrator needs to ensure that an Amazon RDS for PostgreSQL DB instance has available backups The DB instance has automated backups turned on with a backup retention period of 7 days. However, no automated backups for the DB instance have been created in the past month.
What could be the cause of the lack of automated backups?
A company stores files on 50 Amazon S3 buckets in the same AWS Region. The company wants to connect to the S3 buckets securely over a private connection from its Amazon EC2 instances. The company needs a solution that produces no additional cost.
Which solution will meet these requirements?
A compliance learn requites all administrator passwords for Amazon RDS DB instances to be changed at least annually.
Which solution meets this requirement in the MOST operationally efficient manner?
A company has developed a service that is deployed on a fleet of Linux-based Amazon EC2 instances that are in an Auto Scaling group. The service occasionally fails unexpectedly because of an error in the application code. The company's engineering team determines that resolving the underlying cause of the service failure could take several weeks.
A SysOps administrator needs to create a solution to automate recovery if the service crashes on any of the EC2 instances.
Which solutions will meet this requirement? (Select TWO.)
A SysOps administrator needs to configure a solution that will deliver digital content to a set of authorized users through Amazon CloudFront. Unauthorized users must be restricted from access.
Which solution will meet these requirements?
A company is supposed to receive a data file every hour in an Amazon S3 bucket. An S3 event notification invokes an AWS Lambda function each time a file arrives. The function processes the data for use by an application.
The application team notices that sometimes the file does not arrive. The application team wants to receive a notification whenever the file does not arrive.
What is the MOST operationally efficient solution that meets these requirements?
A company has several business units that want to use Amazon EC2. The company wants to require all business units to provision their EC2 instances by using only approved EC2 instance configurations.
What should a SysOps administrator do to implement this requirement?
A company has migrated its application to AWS. The company will host the application on Amazon EC2 instances of multiple instance families.
During initial testing, a SysOps administrator identifies performance issues on selected EC2 instances. The company has a strict budget allocation policy, so the
SysOps administrator must use the right resource types with the performance characteristics to match the workload.
What should the SysOps administrator do to meet this requirement?
A company creates custom AMI images by launching new Amazon EC2 instances from an AWS CloudFormation template it installs and configure necessary software through AWS OpsWorks and takes images of each EC2 instance. The process of installing and configuring software can take between 2 to 3 hours but at limes the process stalls due to installation errors.
The SysOps administrator must modify the CloudFormation template so if the process stalls, the entire stack will tail and roil back.
Based on these requirements what should be added to the template?
A company runs a worker process on three Amazon EC2 instances. The instances are in an Auto Scaling group that is configured to use a simple scaling policy. The instances process messages from an Amazon Simple Queue Service (Amazon SOS) queue.
Random periods of increased messages are causing a decrease in the performance of the worker process. A SysOps administrator must scale the instances to accommodate the increased number of messages.
Which solution will meet these requirements?
A company hosts several write-intensive applications. These applications use a MySQL database that runs on a single Amazon EC2 instance. The company asks a SysOps administrator to implement a highly available database solution that is ideal for multi-tenant workloads.
Which solution should the SysOps administrator implement to meet these requirements?
A company has implemented a data ingestion pipeline to process files in the form of messages. A frontend application accepts user input and stores the input in Amazon S3. A backend application uses Amazon EC2 instances to process the object that was uploaded to Amazon S3. The company recently experienced a significant increase in customer traffic. The frontend application is now sending more messages at one time than the backend application can handle, resulting in some lost messages.
Which action will resolve this problem with the LEAST operational effort?
A company has a web application with a database tier that consists of an Amazon EC2 instance that runs MySQL. A SysOps administrator needs to minimize potential data loss and the time that is required to recover in the event of a database failure.
What is the MOST operationally efficient solution that meets these requirements?
A company has a list of pre-appf oved Amazon Machine Images (AMIs) for developers lo use to launch Amazon EC2 instances However, developers are still launching EC2 instances from unapproved AMIs.
A SysOps administrator must implement a solution that automatically terminates any instances that are launched from unapproved AMIs.
Which solution will meet mis requirement?
A company recently migrated its application to a VPC on AWS. An AWS Site-to-Site VPN connection connects the company’s on-premises network to the VPC. The application retrieves customer data from another system that resides on premises. The application uses an on-premises DNS server to resolve domain records. After the migration, the application is not able to connect to the customer data because of name resolution errors.
Which solution will give the application the ability to resolve the internal domain names?
A company has a policy that requires all Amazon EC2 instances to have a specific set of tags. If an EC2 instance does not have the required tags, the noncompliant instance should be terminated.
What is the MOST operationally efficient solution that meets these requirements?
A company is using an Amazon S3 bucket in the us-east-1 Region to set up a static website. The S3 bucket is named example-website-hosting-bucket. The website stores photographs in the following structure: www.example.com/Photographs/user/.
The S3 bucket has an Amazon Resource Name (ARN) of arn:aws:s3:::example-website-hosting-bucket. A SysOps administrator configured the S3 bucket for static website hosting and to allow public read access.
The SysOps administrator did not configure S3 Block Public Access.
Amazon Route 53 does not display the S3 bucket as the alias target when the SysOps administrator attempts to create a DNS record.
Which solution will make the website available?
A company’s SysOps administrator regularly checks the AWS Personal Health Dashboard in each of the company’s accounts. The accounts are part of an organization in AWS Organizations. The company recently added 10 more accounts to the organization. The SysOps administrator must consolidate the alerts from each account’s Personal Health Dashboard.
Which solution will meet this requirement with the LEAST amount of effort?
A SysOps administrator Is troubleshooting an AWS Cloud Formation template whereby multiple Amazon EC2 instances are being created The template is working In us-east-1. but it is failing In us-west-2 with the error code:
How should the administrator ensure that the AWS Cloud Formation template is working in every region?
AWS Certified Associate | SOA-C02 Questions Answers | SOA-C02 Test Prep | AWS Certified SysOps Administrator - Associate (SOA-C02) Questions PDF | SOA-C02 Online Exam | SOA-C02 Practice Test | SOA-C02 PDF | SOA-C02 Test Questions | SOA-C02 Study Material | SOA-C02 Exam Preparation | SOA-C02 Valid Dumps | SOA-C02 Real Questions | AWS Certified Associate SOA-C02 Exam Questions