AWS Certified SysOps Administrator(SOA-C02)

The AWS Certified SysOps Administrator(SOA-C02) were last updated on today.

Viewing page 1 out of 208 pages.
Viewing questions 1-5 out of 1,040 questions

Disclaimers:

- ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.and Azure
- Trademarks, certification & product names are used for reference only and belong to Amazon.and Azure

Topic 1 - Exam A

Question #1 Topic 1

In IAM, a policy has to include the information about who (user) is allowed to access the resource, known as the _____.

A permission
B role
C license
D principal

Suggested Answer: D
NOTE: To specify resource-based permissions, you can attach a policy to the resource, such as an Amazon SNS topic, an Amazon S3 bucket, or an Amazon Glacier vault. In that case, the policy has to in-clude information about who is allowed to access the resource, known as the principal. (For user-based policies, the principal is the IAM user that the policy is attached to, or the user who gets the policy from a group.) Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html

Question #2 Topic 1

A root AWS account owner has created three IAM users: Bob, John and Michael. Michael is the IAM administrator. Bob and John are not the super users, but users with some pre-defined policies. John does not have access to modify his password. Thus, he asks Bob to change his password. How can Bob change John's password?

A This statement is false. Only Michael can change the password for John
B This is possible if Michael can add Bob to a group which has permissions to modify the IAM passwords
C It is not possible for John to modify his password
D Provided Bob is the manager of John

Suggested Answer: B
NOTE: Generally, with IAM users, the password can be modified in two ways. The first option is to define the IAM level policy which allows each user to modify their own passwords. The other option is to create a group and create a policy for the group which can change the passwords of various IAM users. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html

Question #3 Topic 1

How many metrics are supported by CloudWatch for Auto Scaling?

A 8 metrics and 1 dimension
B 7 metrics and 5 dimension
C 5 metrics and 1 dimension
D 1 metric and 5 dimensions

Suggested Answer: A
NOTE: AWS Auto Scaling supports both detailed as well as basic monitoring of the CloudWatch metrics. Basic monitoring happens every 5 minutes, while detailed monitoring happens every minute. It sup-ports 8 metrics and 1 dimension. The metrics are: GroupMinSize - GroupMaxSize - GroupDesiredCapacity - GroupInServiceInstances - GroupPendingInstances - GroupStandbyInstances - GroupTerminatingInstances - GroupTotalInstances - The dimension is AutoScalingGroupName Reference: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/supported_services.html

Question #4 Topic 1

What are the benefits of CloudTrail integration with CloudWatch Logs?

A It delivers API activity captured by CloudTrail to an S3 bucket.
B It doesn't exist
C It delivers SDK activity captured by CloudTrail to a CloudWatch Logs log stream.
D It delivers API activity captured by CloudTrail to a CloudWatch Logs log stream.

Suggested Answer: D
NOTE: CloudTrail integration with CloudWatch Logs delivers API activity captured by CloudTrail to a CloudWatch Logs log stream in the CloudWatch Logs log group you specify. Reference: http://aws.amazon.com/cloudtrail/faqs/

Question #5 Topic 1

In a hardware security module (HSM), what is the function of a Transparent Data Encryption (TDE)?

A To reduce the risk of confidential data theft
B To decrease latency
C To store SSL certificates
D To provide backup

Suggested Answer: A
NOTE: In a hardware security module (HSM), Transparent Data Encryption (TDE) reduces the risk of con-fidential data theft by encrypting sensitive data. Reference: http://docs.aws.amazon.com/cloudhsm/latest/userguide/cloud-hsm-third-party-apps.html