AWS Certified SysOps Administrator(SOA-C02)

The AWS Certified SysOps Administrator(SOA-C02) were last updated on today.

Viewing page 5 out of 208 pages.
Viewing questions 21-25 out of 1,040 questions

Disclaimers:

- ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.and Azure
- Trademarks, certification & product names are used for reference only and belong to Amazon.and Azure

Topic 1 - Exam A

Question #21 Topic 1

A user has launched an EC2 instance. However, due to some reason the instance was terminated. If the user wants to find out the reason for termination, where can he find the details?

A It is not possible to find the details after the instance is terminated
B The user can get information from the AWS console, by checking the Instance description under the State transition reason label
C The user can get information from the AWS console, by checking the Instance description under the Instance Status Change reason label
D The user can get information from the AWS console, by checking the Instance description under the Instance Termination reason label

Suggested Answer: B
NOTE: An EC2 instance, once terminated, may be available in the AWS console for a while after termination. The user can find the details about the termination from the description tab under the label State transition reason. If the instance is still running, there will be no reason listed. If the user has explicitly stopped or terminated the instance, the reason will be ג€User initiated shutdownג€. Reference: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html

Question #22 Topic 1

A user needs to put sensitive data in an Amazon S3 bucket that can be accessed through an S3 VPC endpoint only. The user must ensure that resources in the VPC can only access the single S3 bucket. Which combination of actions will meet the requirements? (Choose two.)

A Configure the bucket policy to only allow access through the S3 Private Endpoint.
B Modify the VPC endpoint policy on the bucket to only allow the VPC to access it.
C Modify the VPC peering configuration to only allow access to the S3 private Endpoint.
D Configure the VPC endpoint policy to only allow the VPC to access the specific S3 bucket.
E Configure the IAM policy attached to the S3 bucket to only allow access from the specific VPC.

Suggested Answer: BD
NOTE: Reference: https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies-vpc-endpoint.html

Question #23 Topic 1

A SysOps administrator needs to register targets for a Network Load Balancer (NLB) using IP addresses. Which prerequisite should the SysOps administrator validate to perform this task?

A Ensure the NLB listener security policy is set to ELBSecurityPolicy-TLS-1-2-Ext-2018-06, ELBSecurityPolicy-FS-1-2-Res-2019-08, or ELBSecurityPolicy-TLS- 1-0-2015-04.
B Ensure the health check setting on the NLB for the Matcher configuration is between 200 and 399.
C Ensure the targets are within any of these CIDR blocks: 10.0.0.0/8 (RFC 1918), 100.64.0.0/10 (RFC 6598), 172.16.0.0/12 (RFC 1918), or 192.168.0.0/16 (RFC 1918).
D Ensure the NLB is exposed as an endpoint service before registering the targets using IP addresses.

Suggested Answer: D
NOTE:

Question #24 Topic 1

A SysOps Administrator is troubleshooting Amazon EC2 connectivity issues to the internet. The EC2 instance is in a private subnet. Below is the route table that is applied to the subnet of the EC2 instance. Destination `" 10.2.0.0/16 - Target `" local - Status `" Active - Propagated `" No - Destination `" 0.0.0.0/0 - Target `" nat-xxxxxxx - Status `" Blackhole - Propagated `" No - What has caused the connectivity issue?

A The NAT gateway no longer exists.
B There is no route to the internet gateway.
C The routes are no longer propagating.
D There is no route rule with a destination for the internet.

Suggested Answer: B
NOTE:

Question #25 Topic 1

An application is running on Amazon EC2 instances and storing all application data in Amazon S3. The company wants to archive all files older than 30 days to reduce costs. Archived files are used for auditing purposes only; however, the audit team may need to retrieve files in under a minute. How should the SysOps administrator implement these requirements?

A Configure an S3 bucket policy to move all objects older than 30 days to S3 Standard-Infrequent Access (S3 Standard-IA).
B Create a lifecycle rule to move all objects older than 30 days to S3 Glacier.
C Create a lifecycle rule to move all objects older than 30 days to S3 Standard-Infrequent Access (S3 Standard-IA).
D Use S3 Intelligent-Tiering to move files older than 30 days to S3 Glacier Deep Archive.

Suggested Answer: A
NOTE: