
Your success in Amazon-Web-Services SOA-C02 is our sole target and we develop all our SOA-C02 braindumps in a way that facilitates the attainment of this target. Not only is our SOA-C02 study material the best you can find, it is also the most detailed and the most updated. SOA-C02 Practice Exams for Amazon-Web-Services SOA-C02 are written to the highest standards of technical accuracy.
Check SOA-C02 free dumps before getting the full version:
NEW QUESTION 1
A company using AWS Organizations requires that no Amazon S3 buckets in its production accounts should ever be deleted.
What is the SIMPLEST approach the SysOps administrator can take to ensure S3 buckets in those accounts can never be deleted?
Answer: B
Explanation:
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html
If you're using AWS Organizations, check the service control policies for any statements that explicitly deny Amazon S3 access. In particular, check the service control policies for statements denying the s3:PutBucketPolicy action.
https://aws.amazon.com/tw/premiumsupport/knowledge-center/s3-access-denied-bucket-policy/
NEW QUESTION 2
A global company handles a large amount of personally identifiable information (Pll) through an internal web portal. The company's application runs in a corporate data center that is connected to AWS through an AWS Direct Connect connection. The application stores the Pll in Amazon S3. According to a compliance requirement, traffic from the web portal to Amazon S3 must not travel across the internet.
What should a SysOps administrator do to meet the compliance requirement?
Answer: B
NEW QUESTION 3
A Sysops administrator creates an Amazon Elastic Kubernetes Service (Amazon EKS) cluster that uses AWS Fargate. The cluster is deployed successfully. The Sysops administrator needs to manage the cluster by using the kubect1 command line tool.
Which of the following must be configured on the Sysops administrator's machine so that kubect1 can communicate with the cluster API server?
Answer: A
Explanation:
The kubeconfig file is a configuration file used to store cluster authentication information, which is required to make requests to the Amazon EKS cluster API server. The kubeconfig file will need to be configured on the SysOps administrator's machine in order for kubectl to be able to communicate with the cluster API server.
https://aws.amazon.com/blogs/developer/running-a-kubernetes-job-in-amazon-eks-on-aws-fargate-using-aws-ste
NEW QUESTION 4
You need to update an existing AWS CloudFormation stack. If needed, a copy to the CloudFormation template is available in an Amazon SB bucket named cloudformation-bucket
* 1. Use the us-east-2 Region for all resources.
* 2. Unless specified below, use the default configuration settings.
* 3. update the Amazon EQ instance named Devinstance by making the following changes to the stack named 1700182:
* a) Change the EC2 instance type to us-east-t2.nano.
* b) Allow SSH to connect to the EC2 instance from the IP address range 192.168.100.0/30.
* c) Replace the instance profile IAM role with IamRoleB.
* 4. Deploy the changes by updating the stack using the CFServiceR01e role.
* 5. Edit the stack options to prevent accidental deletion.
* 6. Using the output from the stack, enter the value of the Prodlnstanceld in the text box below:
Log in to the AWS Management Console and navigate to the CloudFormation service in the us-east-2 Region.
Find the existing stack named 1700182 and click on it.
Click on the "Update" button.
Choose "Replace current template" and upload the updated CloudFormation template from the Amazon S3 bucket named "cloudformation-bucket"
In the "Parameter" section, update the EC2 instance type to us-east-t2.nano and add the IP address range 192.168.100.0/30 for SSH access.
Replace the instance profile IAM role with IamRoleB.
In the "Capabilities" section, check the checkbox for "IAM Resources"
Choose the role CFServiceR01e and click on "Update Stack"
Wait for the stack to be updated.
Once the update is complete, navigate to the stack and click on the "Stack options" button, and select "Prevent updates to prevent accidental deletion"
To get the value of the Prodlnstanceld , navigate to the "Outputs" tab in the CloudFormation stack and
You can use AWS CloudFormation to update an existing stack.Answer: A
NEW QUESTION 5
A company is managing multiple AWS accounts in AWS Organizations The company is reviewing internal security of Its AWS environment The company's security administrator has their own AWS account and wants to review the VPC configuration of developer AWS accounts
Which solution will meet these requirements in the MOST secure manner?
Answer: D
NEW QUESTION 6
A large company is using AWS Organizations to manage hundreds of AWS accounts across multiple AWS Regions. The company has turned on AWS Config throughout the organization.
The company requires all Amazon S3 buckets to block public read access. A SysOps administrator must generate a monthly report that shows all the S3 buckets and whether they comply with this requirement.
Which combination of steps should the SysOps administrator take to collect this data? {Select TWO).
Answer: CD
NEW QUESTION 7
A company's SysOps administrator needs to change the AWS Support plan for one of the company's AWS accounts. The account has multi-factor authentication (MFA) activated, and the MFA device is lost.
What should the SysOps administrator do to sign in?
Answer: A
NEW QUESTION 8
An organization with a large IT department has decided to migrate to AWS With different job functions in the IT department it is not desirable to give all users access to all AWS resources Currently the organization handles access via LDAP group membership
What is the BEST method to allow access using current LDAP credentials?
Answer: D
NEW QUESTION 9
A company is using Amazon Elastic File System (Amazon EFS) to share a file system among several Amazon EC2 instances. As usage increases, users report that file retrieval from the EFS file system is slower than normal.
Which action should a SysOps administrator take to improve the performance of the file system?
Answer: A
NEW QUESTION 10
A company has a new requirement stating that all resources In AWS must be tagged according to a set policy. Which AWS service should be used to enforce and continually Identify all resources that are not in compliance with the policy?
Answer: C
NEW QUESTION 11
A SysOps administrator is required to monitor free space on Amazon EBS volumes attached to Microsoft Windows-based Amazon EC2 instances within a company’s account. The administrator must be alerted to potential issues.
What should the administrator do to receive email alerts before low storage space affects EC2 instance performance?
Answer: C
NEW QUESTION 12
A company's VPC has connectivity to an on-premises data center through an AWS Site-to-Site VPN. The company needs Amazon EC2 instances in the VPC to send DNS queries for example com to the DNS servers in the data center.
Which solution will meet these requirements?
Answer: C
NEW QUESTION 13
A company is planning to host its stateful web-based applications on AWS A SysOps administrator is using an Auto Scaling group of Amazon EC2 instances The web applications will run 24 hours a day 7 days a week throughout the year The company must be able to change the instance type within the same instance family later in the year based on the traffic and usage patterns
Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?
Answer: A
Explanation:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-convertible-exchange.html
NEW QUESTION 14
A SysOps administrator receives notification that an application that is running on Amazon EC2 instances has failed to authenticate to an Amazon RDS database To troubleshoot, the SysOps administrator needs to investigate AWS Secrets Manager password rotation
Which Amazon CloudWatch log will provide insight into the password rotation?
Answer: B
NEW QUESTION 15
A data storage company provides a service that gives users the ability to upload and download files as needed. The files are stored in Amazon S3 Standard and must be immediately retrievable for 1 year. Users access files frequently during the first 30 days after the files are stored. Users rarely access files after 30 days.
The company's SysOps administrator must use S3 Lifecycle policies to implement a solution that maintains object availability and minimizes cost.
Which solution will meet these requirements?
Answer: C
Explanation:
https://aws.amazon.com/s3/storage-classes/
NEW QUESTION 16
A team of On-call engineers frequently needs to connect to Amazon EC2 Instances In a private subnet to troubleshoot and run commands. The Instances use either the latest AWS-provided Windows Amazon Machine Images (AMIs) or Amazon Linux AMIs.
The team has an existing IAM role for authorization. A SysOps administrator must provide the team with
access to the Instances by granting IAM permissions to this Which solution will meet this requirement?
Answer: A
NEW QUESTION 17
A company must migrate its applications to AWS The company is using Chef recipes for configuration management The company wants to continue to use the existing Chef recipes after the applications are migrated to AWS.
What is the MOST operationally efficient solution that meets these requirements?
Answer: D
NEW QUESTION 18
A company has an application that customers use to search for records on a website. The application's data is stored in an Amazon Aurora DB cluster. The application's usage varies by season and by day of the week.
The website's popularity is increasing, and the website is experiencing slower performance because of increased load on the DB cluster during periods of peak activity. The application logs show that the performance issues occur when users are searching for information. The same search is rarely performed multiple times.
A SysOps administrator must improve the performance of the platform by using a solution that maximizes resource efficiency.
Which solution will meet these requirements?
Answer: B
Explanation:
https://docs.amazonaws.cn/en_us/AmazonRDS/latest/AuroraUserGuide/aurora-replicas-adding.html
NEW QUESTION 19
......
Thanks for reading the newest SOA-C02 exam dumps! We recommend you to try the PREMIUM 2passeasy SOA-C02 dumps in VCE and PDF here: https://www.2passeasy.com/dumps/SOA-C02/ (486 Q&As Dumps)