AWS Certified SysOps Administrator(SOA-C02)

The AWS Certified SysOps Administrator(SOA-C02) were last updated on today.
  • Viewing page 4 out of 208 pages.
  • Viewing questions 16-20 out of 1,040 questions
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.and Azure
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.and Azure

Topic 1 - Exam A

Question #16 Topic 1

A user has launched five instances and have registered them with an ELB. How can the user add the sixth EC2 instance to the ELB?

  • A The user must stop the ELB and add the sixth instance.
  • B The user can add the sixth instance on the fly through API, CLI or the AWS Management Con-sole.
  • C The user can add the instance and change the ELB config file.
  • D The ELB can only have a maximum of five instances.
Suggested Answer: B
NOTE: Elastic Load Balancing automatically distributes incoming traffic across multiple EC2 instances. You create a load balancer and register instances with the load balancer in one or more Availability Zones. The load balancer serves as a single point of contact for clients. This enables you to increase the availability of your application. You can add and remove EC2 instances from your load balancer as your needs change, without disrupting the overall flow of information. Reference: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/SvcIntro.html
Question #17 Topic 1

Bob is an IAM user who has access to the EC2 services. Admin is an IAM user who has access to all the AWS services including IAM. Can Bob change his own password?

  • A No, the IAM user can never change the password
  • B Yes, only from AWS CLI
  • C Yes, only from the AWS console
  • D Yes, provided Admin has given Bob access to change his own password
Suggested Answer: D
NOTE: The IAM users by default cannot change their password. The root owner or IAM administrator needs to set the policy in the password policy page, which should allow the user to change their password. Once it is enabled, the IAM user can always change their own passwords from the AWS console or CLI. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingUserPwdSelf.html
Question #18 Topic 1

A company is hosting backend web services across Amazon EC2 Linux instances in public subnets in a VPC. A SysOps administrator tries to connect to the instance by using SSH but is unable to connect. What could be the cause of the failed connection?

  • A The security group does not allow inbound traffic on port 22.
  • B The network ACL does not allow outbound traffic on port 80.
  • C The security group does not allow outbound traffic on port 3389.
  • D The network ACL does not allow inbound traffic on port 443.
Suggested Answer: D
NOTE:
Question #19 Topic 1

A user has configured an EC2 instance in the US-East-1a zone. The user has enabled detailed monitoring of the instance. The user is trying to get the data from CloudWatch using a CLI. Which of the below mentioned CloudWatch endpoint URLs should the user use?

  • A monitoring.us-east-1.amazonaws.com
  • B monitoring.us-east-1-a.amazonaws.com
  • C monitoring.us-east-1a.amazonaws.com
  • D cloudwatch.us-east-1a.amazonaws.com
Suggested Answer: A
NOTE: The CloudWatch resources are always region specific and they will have the end point as region specific. If the user is trying to access the metric in the US-East-1 region, the endpoint URL will be: monitoring.us-east- 1.amazonaws.com
Question #20 Topic 1

Amazon S3 provides a number of security features for protection of data at rest, which you can use or not, depending on your threat profile. What feature of S3 allows you to create and manage your own encryption keys for sending data?

  • A Client-side Encryption
  • B Network traffic protection
  • C Data integrity compromise
  • D Server-side Encryption
Suggested Answer: A
NOTE: With client-side encryption you create and manage your own encryption keys. Keys you create are not exported to AWS in clear text. Your applications encrypt data before submitting it to Amazon S3, and decrypt data after receiving it from Amazon S3. Data is stored in an encrypted form, with keys and algorithms only known to you. While you can use any encryption algorithm, and either symmetric or asymmetric keys to encrypt the data, the AWS-provided Java SDK offers Amazon S3 client-side encryption features. Reference: https://d0.awsstatic.com/whitepapers/aws-security-best-practices.pdf
Previous Questions Next Questions