Amazon AWS Certified SysOps Administrator - Associate SOA-C02 Dumps in PDF

Free Amazon SOA-C02 Real Questions (page: 8)

A company uses an AWS Service Catalog portfolio to create and manage resources. A SysOps administrator must create a replica of the company's existing AWS infrastructure in a new AWS account.
What is the MOST operationally efficient way to meet this requirement?

  1. Create an AWS CloudFormation template to use the AWS Service Catalog portfolio in the new AWS account.
  2. In the new AWS account, manually create an AWS Service Catalog portfolio that duplicates the original portfolio.
  3. Run an AWS Lambda function to create a new AWS Service Catalog portfolio based on the output of the DescribePortfolio API operation.
  4. Share the AWS Service Catalog portfolio with the new AWS account. Import the portfolio into the new AWS account.

Answer(s): D



A SysOps administrator must manage the security of an AWS account. Recently, an IAM user's access key was mistakenly uploaded to a public code repository.
The SysOps administrator must identify anything that was changed by using this access key.
How should the SysOps administrator meet these requirements?

  1. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all IAM events to an AWS Lambda function for analysis.
  2. Query Amazon EC2 logs by using Amazon CloudWatch Logs Insights for all events initiated with the compromised access key within the suspected timeframe.
  3. Search AWS CloudTrail event history for all events initiated with the compromised access key within the suspected timeframe.
  4. Search VPC Flow Logs for all events initiated with the compromised access key within the suspected timeframe.

Answer(s): C



A company runs a retail website on multiple Amazon EC2 instances behind an Application Load Balancer (ALB). The company must secure traffic to the website over an HTTPS connection.
Which combination of actions should a SysOps administrator take to meet these requirements? (Choose two.)

  1. Attach the certificate to each EC2 instance.
  2. Attach the certificate to the AL
  3. Create a private certificate in AWS Certificate Manager (ACM).
  4. Create a public certificate in AWS Certificate Manager (ACM).
  5. Export the certificate, and attach it to the website.

Answer(s): B,D



SIMULATION
Instructions
If the copy-paste functionality is not working in your environment, refer to the instructions file on the VM desktop and use Ctrl+C, Ctrl+V or Command-C,
Command-V.
Configure Amazon EventBridge to meet the following requirements.
1. Use the us-east-2 Region for all resources.
2. Unless specified below, use the default configuration settings.
3. Use your own resource naming unless a resource name is specified below.
4. Ensure all Amazon EC2 events in the default event bus are replayable for the past 45 days.
5. Create a rule named RunFunction to send the exact message {"name":"example") every 15 minutes to an existing AWS Lambda function named LogEventFunction
6. Create a rule named SpotWarning to send a notification to a new standard Amazon SNS topic named TopicEvents whenever an Amazon EC2 Spot Instance is interrupted. Do NOT create any topic subscriptions. The notification must match the following structure:
Input path:
{`instance`:`detail.instance-id}
Input template:
`The EC2 Spot Instance <instance> has been interrupted.`
Important: Click the Next button to complete this lab and continue to the next lab. Once you click the Next button, you will NOT be able to return to this lab.

  1. See Explanation section for answer.

Answer(s): A

Explanation:































A company has a stateful, long-running workload on a single xlarge general purpose Amazon EC2 On-Demand Instance Metrics show that the service is always using 80% of its available memory and 40% of its available CPU. A SysOps administrator must reduce the cost of the service without negatively affecting performance.
Which change in instance type will meet these requirements?

  1. Change to one large compute optimized On-Demand Instance.
  2. Change to one large memory optimized On-Demand Instance.
  3. Change to one xlarge general purpose Spot Instance.
  4. Change to two large general purpose On-Demand Instances.

Answer(s): B



A company asks a SysOps administrator to ensure that AWS CloudTrail files are not tampered with after they are created. Currently, the company uses AWS
Identity and Access Management (IAM) to restrict access to specific trails. The company's security team needs the ability to trace the integrity of each file.
What is the MOST operationally efficient solution that meets these requirements?

  1. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that invokes an AWS Lambda function when a new file is delivered. Configure the Lambda function to compute an MD5 hash check on the file and store the result in an Amazon DynamoDB table. The security team can use the values that are stored in DynamoDB to verify the integrity of the delivered files.
  2. Create an AWS Lambda function that is invoked each time a new file is delivered to the CloudTrail bucket. Configure the Lambda function to compute an MD5 hash check on the file and store the result as a tag in an Amazon 53 object. The security team can use the information in the tag to verify the integrity of the delivered files.
  3. Enable the CloudTrail file integrity feature on an Amazon S3 bucket. Create an IAM policy that grants the security team access to the file integrity logs that are stored in the S3 bucket.
  4. Enable the CloudTrail file integrity feature on the trail. The security team can use the digest file that is created by CloudTrail to verify the integrity of the delivered files.

Answer(s): D



When the AWS Cloud infrastructure experiences an event that may impact an organization, which AWS service can be used to see which of the organization's resources are affected?

  1. AWS Service Health Dashboard
  2. AWS Trusted Advisor
  3. AWS Personal Health Dashboard
  4. AWS Systems Manager

Answer(s): C

Explanation:


Reference:

https://docs.aws.amazon.com/health/latest/ug/getting-started-phd.html



A company is using an AWS KMS customer master key (CMK) with imported key material. The company references the CMK by its alias in the Java application to encrypt data. The CMK must be rotated every 6 months.
What is the process to rotate the key?

  1. Enable automatic key rotation for the CMK, and specify a period of 6 months.
  2. Create a new CMK with new imported material, and update the key alias to point to the new CMK.
  3. Delete the current key material, and import new material into the existing CMK.
  4. Import a copy of the existing key material into a new CMK as a backup, and set the rotation schedule for 6 months.

Answer(s): B

Explanation:


Reference:

https://aws.amazon.com/kms/faqs/



Share your comments for Amazon SOA-C02 exam with other users:

J
John
8/7/2023 12:12:00 AM

has anyone recently attended safe 6.0 exam? did you see any questions from here?

B
Big Dog
6/24/2023 4:47:00 PM

question 13 should be dhcp option 43, right?

B
B.Khan
4/19/2022 9:43:00 PM

the buy 1 get 1 is a great deal. so far i have only gone over exam. it looks promissing. i report back once i write my exam.

G
Ganesh
12/24/2023 11:56:00 PM

is this dump good

A
Albin
10/13/2023 12:37:00 AM

good ................

P
Passed
1/16/2022 9:40:00 AM

passed

H
Harsh
6/12/2023 1:43:00 PM

yes going good

S
Salesforce consultant
1/2/2024 1:32:00 PM

good questions for practice

R
Ridima
9/12/2023 4:18:00 AM

need dump and sap notes for c_s4cpr_2308 - sap certified application associate - sap s/4hana cloud, public edition - sourcing and procurement

T
Tanvi Rajput
10/6/2023 6:50:00 AM

question 11: d i personally feel some answers are wrong.

A
Anil
7/18/2023 9:38:00 AM

nice questions

C
Chris
8/26/2023 1:10:00 AM

looking for c1000-158: ibm cloud technical advocate v4 questions

S
sachin
6/27/2023 1:22:00 PM

can you share the pdf

B
Blessious Phiri
8/13/2023 10:26:00 AM

admin ii is real technical stuff

L
Luis Manuel
7/13/2023 9:30:00 PM

could you post the link

V
vijendra
8/18/2023 7:54:00 AM

hello send me dumps

S
Simeneh
7/9/2023 8:46:00 AM

it is very nice

J
john
11/16/2023 5:13:00 PM

i gave the amazon dva-c02 tests today and passed. very helpful.

T
Tao
11/20/2023 8:53:00 AM

there is an incorrect word in the problem statement. for example, in question 1, there is the word "speci c". this is "specific. in the other question, there is the word "noti cation". this is "notification. these mistakes make this site difficult for me to use.

P
patricks
10/24/2023 6:02:00 AM

passed my az-120 certification exam today with 90% marks. studied using the dumps highly recommended to all.

A
Ananya
9/14/2023 5:17:00 AM

i need it, plz make it available

J
JM
12/19/2023 2:41:00 PM

q47: intrusion prevention system is the correct answer, not patch management. by definition, there are no patches available for a zero-day vulnerability. the way to prevent an attacker from exploiting a zero-day vulnerability is to use an ips.

R
Ronke
8/18/2023 10:39:00 AM

this is simple but tiugh as well

C
CesarPA
7/12/2023 10:36:00 PM

questão 4, segundo meu compilador local e o site https://www.jdoodle.com/online-java-compiler/, a resposta correta é "c" !

J
Jeya
9/13/2023 7:50:00 AM

its very useful

T
Tracy
10/24/2023 6:28:00 AM

i mastered my skills and aced the comptia 220-1102 exam with a score of 920/1000. i give the credit to for my success.

J
James
8/17/2023 4:33:00 PM

real questions

A
Aderonke
10/23/2023 1:07:00 PM

very helpful assessments

S
Simmi
8/24/2023 7:25:00 AM

hi there, i would like to get dumps for this exam

J
johnson
10/24/2023 5:47:00 AM

i studied for the microsoft azure az-204 exam through it has 100% real questions available for practice along with various mock tests. i scored 900/1000.

M
Manas
9/9/2023 1:48:00 AM

please upload 1z0-1072-23 exam dups

S
SB
9/12/2023 5:15:00 AM

i was hoping if you could please share the pdf as i’m currently preparing to give the exam.

J
Jagjit
8/26/2023 5:01:00 PM

i am looking for oracle 1z0-116 exam

S
S Mallik
11/27/2023 12:32:00 AM

where we can get the answer to the questions

AI Tutor 👋 I’m here to help!