We just do not compromise with the bright future of our respected customers. PassExam4Sure takes the future of clients quite seriously and we ensure that our SOA-C02 exam dumps get you through the line. If you think that our exam question and answers did not help you much with the exam paper and you failed it somehow, we will happily return all of your invested money with a full 100% refund.
We verify and assure the authenticity of Amazon SOA-C02 exam dumps PDFs with 100% real and exam-oriented questions. Our exam questions and answers comprise 100% real exam questions from the latest and most recent exams in which you’re going to appear. So, our majestic library of exam dumps for Amazon SOA-C02 is surely going to push on forward on the path of success.
Free for download Amazon SOA-C02 demo papers are available for our customers to verify the authenticity of our legit helpful exam paper samples, and to authenticate what you will be getting from PassExam4Sure. We have tons of visitors daily who simply opt and try this process before making their purchase for Amazon SOA-C02 exam dumps.
Customers Passed Amazon SOA-C02 Exam
Average Score In Real SOA-C02 Exam
Questions came from our SOA-C02 dumps.
PassExam4Sure is famous for its top-notch services for providing the most helpful, accurate, and up-to-date material for Amazon SOA-C02 exam in form of PDFs. Our SOA-C02 dumps for this particular exam is timely tested for any reviews in the content and if it needs any format changes or addition of new questions as per new exams conducted in recent times. Our highly-qualified professionals assure the guarantee that you will be passing out your exam with at least 85% marks overall. PassExam4Sure Amazon SOA-C02 ProvenDumps is the best possible way to prepare and pass your certification exam.
PassExam4Sure is your best buddy in providing you with the latest and most accurate material without any hidden charges or pointless scrolling. We value your time and we strive hard to provide you with the best possible formatting of the PDFs with accurate, to the point, and vital information about Amazon SOA-C02. PassExam4Sure is your 24/7 guide partner and our exam material is curated in a way that it will be easily readable on all smartphone devices, tabs, and laptop PCs.
We have a sheer focus on providing you with the best course material for Amazon SOA-C02. So that you may prepare your exam like a pro, and get certified within no time. Our practice exam material will give you the necessary confidence you need to sit, relax, and do the exam in a real exam environment. If you truly crave success then simply sign up for PassExam4Sure Amazon SOA-C02 exam material. There are millions of people all over the globe who have completed their certification using PassExam4Sure exam dumps for Amazon SOA-C02.
Our Amazon SOA-C02 exam questions and answers are reviewed by us on weekly basis. Our team of highly qualified Amazon professionals, who once also cleared the exams using our certification content does all the analysis of our recent exam dumps. The team makes sure that you will be getting the latest and the greatest exam content to practice, and polish your skills the right way. All you got to do now is to practice, practice a lot by taking our demo questions exam, and making sure that you prepare well for the final examination. Amazon SOA-C02 test is going to test you, play with your mind and psychology, and so be prepared for what’s coming. PassExam4Sure is here to help you and guide you in all steps you will be going through in your preparation for glory. Our free downloadable demo content can be checked out if you feel like testing us before investing your hard-earned money. PassExam4Sure guaranteed your success in the Amazon SOA-C02 exam because we have the newest and most authentic exam material that cannot be found anywhere else on the internet.
A SysOps administrator creates two VPCs, VPC1 and VPC2, in a company’s AWS accountThe SysOps administrator deploys a Linux Amazon EC2 instance in VPC1 and deploys anAmazon RDS for MySQL DB instance in VPC2. The DB instance is deployed in a privatesubnet. An application that runs on the EC2 instance needs to connect to the database.What should the SysOps administrator do to give the EC2 instance the ability to connect tothe database?
A. Enter the DB instance connection string into the VPC1 route table.
B. Configure VPC peering between the two VPCs.
C. Add the same IPv4 CIDR range for both VPCs.
D. Connect to the DB instance by using the DB instance’s public IP address.
A company has a policy that requires all Amazon EC2 instances to have a specific set oftags. If an EC2 instance does not have the required tags, the noncompliant instance shouldbe terminated.What is the MOST operationally efficient solution that meets these requirements?
A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all EC2instance state changes to an AWS Lambda function to determine if each instance iscompliant. Terminate any noncompliant instances.
B. Create an IAM policy that enforces all EC2 instance tag requirements. If the requiredtags are not in place for an instance, the policy will terminate noncompliant instance.
C. Create an AWS Lambda function to determine if each EC2 instance is compliant andterminate an instance if it is noncompliant. Schedule the Lambda function to invoke every 5minutes.
D. Create an AWS Config rule to check if the required tags are present. If an EC2 instanceis noncompliant, invoke an AWS Systems Manager Automation document to terminate theinstance.
A company has a compliance requirement that no security groups can allow SSH ports tobe open to all IP addresses. A SysOps administrator must implement a solution that willnotify the company's SysOps team when a security group rule violates this requirement.The solution also must remediate the security group rule automatically.Which solution will meet these requirements?
A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that invokes anAWS Lambda function when a security group changes. Configure the Lambda function toevaluate the security group for compliance, remove all inbound security group rules on allports, and notify the SysOps team if the security group is noncompliant.
B. Create an AWS CloudTrail metric filter for security group changes. Create an AmazonCloudWatch alarm to notify the SysOps team through an Amazon Simple NotificationService (Amazon SNS) topic when (he metric is greater than 0. Subscribe an AWS Lambdafunction to the SNS topic to remediate the security group rule by removing the rule.
C. Activate the AWS Config restricted-ssh managed rule. Add automatic remediation to theAWS Config rule by using the AWS Systems Manager Automation AWSDisablePublicAccessForSecurityGroup runbook. Create an Amazon EventBridge (AmazonCloudWatch Events) rule to notify the SysOps team when the rule is noncompliant.
D. Create an AWS CloudTrail metric filter for security group changes. Create an AmazonCloudWatch alarm for when the metric is greater than 0. Add an AWS Systems Manageraction to the CloudWatch alarm to suspend the security group by using the SystemsManager Automation AWS-DisablePublicAccessForSecurityGroup runbook when the alarmis in ALARM state. Add an Amazon Simple Notification Service (Amazon SNS) topic as asecond target to notify the SysOps team.
A company has an application that is deployed 10 two AWS Regions in an active-passiveconfiguration. The application runs on Amazon EC2 instances behind an Application LoadBalancer (ALB) in each Region. The instances are in an Amazon EC2 Auto Scaling groupin each Region. The application uses an Amazon Route 53 hosted zone (or DNS. ASysOps administrator needs to configure automatic failover to the secondary Region.What should the SysOps administrator do to meet these requirements?
A. Configure Route 53 alias records that point to each ALB. Choose a failover routingpolicy. Set Evaluate Target Health to Yes.
B. Configure CNAME records that point to each ALB. Choose a failover routing policy. SetEvaluate Target Health to Yes.
C. Configure Elastic Load Balancing (ELB) health checks for the Auto Scaling group. Add atarget group to the ALB in the primary Region. Include the EC2 instances in the secondaryRegion astargets.
D. Configure EC2 health checks for the Auto Scaling group. Add a target group to the ALBin the primary Region. Include the EC2 instances in the secondary Region as targets.
A company stores its data in an Amazon S3 bucket. The company is required to classifythe data and find any sensitive personal information in its S3 files.Which solution will meet these requirements?
A. Create an AWS Config rule to discover sensitive personal information in the S3 files andmark them as noncompliant.
B. Create an S3 event-driven artificial intelligence/machine learning (AI/ML) pipeline toclassify sensitive personal information by using Amazon Recognition.
C. Enable Amazon GuardDuty. Configure S3 protection to monitor all data inside AmazonS3.
D. Enable Amazon Macie. Create a discovery job that uses the managed data identifier.
A company has an application that customers use to search for records on a website. Theapplication's data is stored in an Amazon Aurora DB cluster. The application's usage variesby season and by day of the week.The website's popularity is increasing, and the website is experiencing slower performancebecause of increased load on the DB cluster during periods of peak activity. Theapplication logs show that the performance issues occur when users are searching forinformation. The same search is rarely performed multiple times.A SysOps administrator must improve the performance of the platform by using a solutionthat maximizes resource efficiency.Which solution will meet these requirements?
A. Deploy an Amazon ElastiCache for Redis cluster in front of the DB cluster. Modify theapplication to check the cache before the application issues new queries to the database.Add the results of any queries to the cache.
B. Deploy an Aurora Replica for the DB cluster. Modify the application to use the readerendpoint for search operations. Use Aurora Auto Scaling to scale the number of replicasbased on load. Most Voted
C. Use Provisioned IOPS on the storage volumes that support the DB cluster to improveperformance sufficiently to support the peak load on the application.
D. Increase the instance size in the DB cluster to a size that is sufficient to support the peak load on the application. Use Aurora Auto Scaling to scale the instance size based on
load.
A company’s reporting job that used to run in 15 minutes is now taking an hour to run. Anapplication generates the reports. The application runs on Amazon EC2 instances andextracts data from an Amazon RDS for MySQL database.A SysOps administrator checks the Amazon CloudWatch dashboard for the RDS instanceand notices that the Read IOPS metrics are high, even when the reports are not running.The SysOps administrator needs to improve the performance and the availability of theRDS instance.Which solution will meet these requirements?
A. Configure an Amazon ElastiCache cluster in front of the RDS instance. Update thereporting job to query the ElastiCache cluster.
B. Deploy an RDS read replica. Update the reporting job to query the reader endpoint.
C. Create an Amazon CloudFront distribution. Set the RDS instance as the origin. Updatethe reporting job to query the CloudFront distribution.
D. Increase the size of the RDS instance.
A Sysops administrator needs to configure automatic rotation for Amazon RDS databasecredentials. The credentials must rotate every 30 days. The solution must integrate withAmazon RDS.Which solution will meet these requirements with the LEAST operational overhead?
A. Store the credentials in AWS Systems Manager Parameter Store as a secure string.Configure automatic rotation with a rotation interval of 30 days.
B. Store the credentials in AWS Secrets Manager. Configure automatic rotation with arotation interval of 30 days.
C. Store the credentials in a file in an Amazon S3 bucket. Deploy an AWS Lambda functionto automatically rotate the credentials every 30 days.
D. Store the credentials in AWS Secrets Manager. Deploy an AWS Lambda function toautomatically rotate the credentials every 30 days.
A company updates its security policy to clarify cloud hosting arrangements for regulatedworkloads. Workloads that are identified as sensitive must run on hardware that is notshared with other customers or with other AWS accounts within the company.Which solution will ensure compliance with this policy?
A. Deploy workloads only to Dedicated Hosts.
B. Deploy workloads only to Dedicated Instances.
C. Deploy workloads only to Reserved Instances.
D. Place all instances in a dedicated placement group.
A company is implementing a monitoring solution that is based on machine learning. Themonitoring solution consumes Amazon EventBridge (Amazon CloudWatch Events) eventsthat are generated by Amazon EC2 Auto Scaling. The monitoring solution providesdetection of anomalous behavior such as unanticipated scaling events and is configured asan EventBridge (CloudWatch Events) API destination.During initial testing, the company discovers that the monitoring solution is not receivingevents. However, Amazon CloudWatch is showing that the EventBridge (CloudWatchEvents) rule is being invoked. A SysOps administrator must implement a solution toretrieve client error details to help resolve this issue.Which solution will meet these requirements with the LEAST operational effort?
A. Create an EventBridge (CloudWatch Events) archive for the event pattern to replay theevents. Increase the logging on the monitoring solution. Use replay to invoke themonitoring solution. Examine the error details.
B. Add an Amazon Simple Queue Service (Amazon SQS) standard queue as a dead-letterqueue for the target. Process the messages in the dead-letter queue to retrieve errordetails.
C. Create a second EventBridge (CloudWatch Events) rule for the same event pattern totarget an AWS Lambda function. Configure the Lambda function to invoke the monitoringsolution and to record the results to Amazon CloudWatch Logs. Examine the errors in thelogs.
D. Configure the EventBridge (CloudWatch Events) rule to send error messages to anAmazon Simple Notification Service (Amazon SNS) topic.
A company is hosting applications on Amazon EC2 instances. The company is hosting adatabase on an Amazon RDS for PostgreSQL DB instance. The company requires allconnections to the DB instance to be encrypted.What should a SysOps administrator do to meet this requirement?
A. Allow SSL connections to the database by using an inbound security group rule.
B. Encrypt the database by using an AWS Key Management Service (AWS KMS)encryption key.
C. Enforce SSL connections to the database by using a custom parameter group.
D. Patch the database with SSL/TLS by using a custom PostgreSQL extension.
A company needs to take an inventory of applications that are running on multiple AmazonEC2 instances. The company has configured users and roles with the appropriatepermissions for AWS Systems Manager. An updated version of Systems Manager Agenthas been installed and is running on every instance. While configuring an inventorycollection, a SysOps administrator discovers that not all the instances in a single subnetare managed by Systems Manager.What must the SysOps administrator do to fix this issue?
A. Ensure that all the EC2 instances have the correct tags for Systems Manager access.
B. Configure AWS Identity and Access Management Access Analyzer to determine andautomatically remediate the issue.
C. Ensure that all the EC2 instances have an instance profile with Systems Manageraccess.
D. Configure Systems Manager to use an interface VPC endpoint.
A company recently migrated its application to a VPC on AWS. An AWS Site-to-Site VPN connection connects the company’s on-premises network to the VPC. The application retrieves customer data from another system that resides on premises. The application uses an on-premises DNS server to resolve domain records. After the migration, the application is not able to connect to the customer data because of name resolution errors.Which solution will give the application the ability to resolve the internal domain names?
A. Launch EC2 instances in the VPC. On the EC2 instances, deploy a custom DNSforwarder that forwards all DNS requests to the on-premises DNS server. Create anAmazon Route 53 private hosted zone that uses the EC2 instances for name servers.
B. Create an Amazon Route 53 Resolver outbound endpoint. Configure the outboundendpoint to forward DNS queries against the on-premises domain to the on-premises DNSserver.
C. Set up two AWS Direct Connect connections between the AWS environment and theon-premises network. Set up a link aggregation group (LAG) that includes the twoconnections. Change the VPC resolver address to point to the on-premises DNS server.
D. Create an Amazon Route 53 public hosted zone for the on-premises domain. Configurethe network ACLs to forward DNS requests against the on-premises domain to the Route53 public hosted zone.
A company needs to archive all audit logs for 10 years. The company must protect the logsfrom any future edits.Which solution will meet these requirements?
A. Store the data in an Amazon Elastic Block Store (Amazon EBS) volume. Configure AWSKey Management Service (AWS KMS) encryption.
B. Store the data in an Amazon S3 Glacier vault. Configure a vault lock policy for writeonce, read-many (WORM) access.
C. Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA). Configureserver-side encryption.
D. Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA). Configuremulti-factor authentication (MFA).
A company has a memory-intensive application that runs on a fleet of Amazon EC2instances behind an Elastic Load Balancer (ELB). The instances run in an Auto Scalinggroup. A Sysops administrator must ensure that the application can scale based on thenumber of users that connect to the application.Which solution will meet these requirements?
A. Create a scaling policy that will scale the application based on theActiveConnectionCount Amazon CloudWatch metric that is generated from the ELB.
B. Create a scaling policy that will scale the application based on the mem used AmazonCloudWatch metric that is generated from the ELB.
C. Create a scheduled scaling policy to increase the number of EC2 instances in the AutoScaling group to support additional connections.
D. Create and deploy a script on the ELB to expose the number of connected users as acustom Amazon CloudWatch metric. Create a scaling policy that uses the metric.
A company needs to automatically monitor an AWS account for potential unauthorizedAWS Management Console logins from multiple geographic locations.Which solution will meet this requirement?
A. Configure Amazon Cognito to detect any compromised 1AM credentials.
B. Set up Amazon Inspector. Scan and monitor resources for unauthorized logins.
C. Set up AWS Config. Add the iam-policy-blacklisted-check managed rule to the account.
D. Configure Amazon GuardDuty to monitor theUnauthorizedAccess:IAMUser/ConsoleLoginSuccess finding.
A company has two VPC networks named VPC A and VPC B. The VPC A CIDR block is10.0.0.0/16 and the VPC B CIDR block is 172.31.0.0/16. The company wants to establish aVPC peering connection named pcx-12345 between both VPCs.Which rules should appear in the route table of VPC A after configuration? (Select TWO.)
A. Destination: 10.0.0.0/16, Target: Local
B. Destination: 172.31.0.0/16, Target: Local
C. Destination: 10.0.0.0/16, Target: pcx-12345
D. Destination: 172.31.0.0/16, Target: pcx-12345
E. Destination: 10.0.0.0/16. Target: 172.31.0.0/16
A company needs to implement a managed file system to host Windows file shares for users on premises. Resources in the AWS Cloud also need access to the data on these file shares. A SysOps administrator needs to present the user file shares on premises and make the user file shares available on AWS with minimum latency. What should the SysOps administrator do to meet these requirements?
A. Set up an Amazon S3 File Gateway.
B. Set up an AWS Direct Connect connection.
C. Use AWS DataSync to automate data transfers between the existing file servers andAWS.
D. Set up an Amazon FSx File Gateway.
A company has created a NAT gateway in a public subnet in a VPC. The VPC alsocontains a private subnet that includes Amazon EC2 instances. The EC2 instances use theNAT gateway to access the internet to download patches and updates. The company hasconfigured a VPC flow log for the elastic network interface of the NAT gateway. Thecompany is publishing the output to Amazon CloudWatch Logs.A SysOps administrator must identify the top five internet destinations that the EC2instances in the private subnet communicate with for downloads.What should the SysOps administrator do to meet this requirement in the MOSToperationally efficient way?
A. Use AWS CloudTrail Insights events to identify the top five internet destinations.
B. Use Amazon CloudFront standard logs (access logs) to identify the top five internetdestinations.
C. Use CloudWatch Logs Insights to identify the top five internet destinations.
D. Change the flow log to publish logs to Amazon S3. Use Amazon Athena to query the logfiles in Amazon S3.
A SysOps administrator needs to delete an AWS CloudFormation stack that is no longer inuse. The CloudFormation stack is in the DELETE_FAILED state. The SysOps administratorhas validated the permissions that are required to delete the Cloud Formation stack.
A. The configured timeout to delete the stack was too low for the delete operation tocomplete.
B. The stack contains nested stacks that must be manually deleted fast.
C. The stack was deployed with the -disable rollback option.
D. There are additional resources associated with a security group in the stack
E. There are Amazon S3 buckets that still contain objects in the stack.
A SysOps administrator needs to track the costs of data transfer between AWS Regions.The SysOps administrator must implement a solution to send alerts to an email distributionlist when transfer costs reach 75% of a specific threshold.What should the SysOps administrator do to meet these requirements?
A. Create an AWS Cost and Usage Report. Analyze the results in Amazon Athena.Configure an alarm to publish a message to an Amazon Simple Notification Service(Amazon SNS) topic when costs reach 75% of the threshold. Subscribe the emaildistribution list to the topic.
B. Create an Amazon CloudWatch billing alarm to detect when costs reach 75% of thethreshold. Configure the alarm to publish a message to an Amazon Simple NotificationService (Amazon SNS) topic. Subscribe the email distribution list to the topic.
C. Use AWS Budgets to create a cost budget for data transfer costs. Set an alert at 75% ofthe budgeted amount. Configure the budget to send a notification to the email distributionlist when costs reach 75% of the threshold.
D. Set up a VPC flow log. Set up a subscription filter to an AWS Lambda function toanalyze data transfer. Configure the Lambda function to send a notification to the emaildistribution list when costs reach 75% of the threshold.
A company hosts a web application on an Amazon EC2 instance. The web server logs arepublished to Amazon CloudWatch Logs. The log events have the same structure andinclude the HTTP response codes that are associated with the user requests. Thecompany needs to monitor the number of times that the web server returns an HTTP 404response. What is the MOST operationally efficient solution that meets these requirements?
A. Create a CloudWatch Logs metric filter that counts the number of times that the webserver returns an HTTP 404 response.
B. Create a CloudWatch Logs subscription filter that counts the number of times that theweb server returns an HTTP 404 response.
C. Create an AWS Lambda function that runs a CloudWatch Logs Insights query thatcounts the number of 404 codes in the log events during the past hour.
D. Create a script that runs a CloudWatch Logs Insights query that counts the number of404 codes in the log events during the past hour.
A company’s AWS Lambda function is experiencing performance issues. The Lambdafunction performs many CPU-intensive operations. The Lambda function is not running fastenough and is creating bottlenecks in the system.What should a SysOps administrator do to resolve this issue?
A. In the CPU launch options for the Lambda function, activate hyperthreading.
B. Turn off the AWS managed encryption.
C. Increase the amount of memory for the Lambda function.
D. Load the required code into a custom layer.
A company plans to migrate several of its high performance computing (MPC) virtualmachines (VMs) to Amazon EC2 instances on AWS. A SysOps administrator must identifya placement group for this deployment. The strategy must minimize network latency andmust maximize network throughput between the HPC VMs.Which strategy should the SysOps administrator choose to meet these requirements?
A. Deploy the instances in a cluster placement group in one Availability Zone.
B. Deploy the instances in a partition placement group in two Availability Zones
C. Deploy the instances in a partition placement group in one Availability Zone
D. Deploy the instances in a spread placement group in two Availably Zones
A company is using Amazon CloudFront to serve static content for its web application to itsusers. The CloudFront distribution uses an existing on-premises website as a customorigin.The company requires the use of TLS between CloudFront and the origin server. Thisconfiguration has worked as expected for several months. However, users are nowexperiencing HTTP 502 (Bad Gateway) errors when they view webpages that includecontent from the CloudFront distribution.What should a SysOps administrator do to resolve this problem?
A. Examine the expiration date on the certificate on the origin site. Validate that thecertificate has not expired. Replace the certificate if necessary.
B. Examine the hostname on the certificate on the origin site. Validate that the hostnamematches one of the hostnames on the CloudFront distribution. Replace the certificate ifnecessary.
C. Examine the firewall rules that are associated with the origin server. Validate that port443 is open for inbound traffic from the internet. Create an inbound rule if necessary.
D. Examine the network ACL rules that are associated with the CloudFront distribution.Validate that port 443 is open for outbound traffic to the origin server. Create an outboundrule if necessary.
A Sysops administrator has created an Amazon EC2 instance using an AWSCloudFormation template in the us-east-I Region. The administrator finds that thistemplate has failed to create an EC2 instance in the us-west-2 Region.What is one cause for this failure?
A. Resource tags defined in the CloudFormation template are specific to the us-east-IRegion.
B. The Amazon Machine Image (AMI) ID referenced in the CloudFormation template couldnot be found in the us-west-2 Region.
C. The cfn-init script did not run during resource provisioning in the us-west-2 Region.
D. The IAM user was not created in the specified Region.
A Sysops administrator has created an Amazon EC2 instance using an AWSCloudFormation template in the us-east-I Region. The administrator finds that thistemplate has failed to create an EC2 instance in the us-west-2 Region.What is one cause for this failure?
A. Resource tags defined in the CloudFormation template are specific to the us-east-IRegion.
B. The Amazon Machine Image (AMI) ID referenced in the CloudFormation template couldnot be found in the us-west-2 Region.
C. The cfn-init script did not run during resource provisioning in the us-west-2 Region.
D. The IAM user was not created in the specified Region.
A company has a public website that recently experienced problems. Some links led tomissing webpages, and other links rendered incorrect webpages. The applicationinfrastructure was running properly, and all the provisioned resources were healthy.Application logs and dashboards did not show any errors, and no monitoring alarms wereraised. Systems administrators were not aware of any problems until end users reportedthe issues.The company needs to proactively monitor the website for such issues in the future andmust implement a solution as soon as possible.Which solution will meet these requirements with the LEAST operational overhead?
A. Rewrite the application to surface a custom error to the application log when issues occur. Automatically parse logs for errors. Create an Amazon CloudWatch alarm to provide
alerts when issues are detected.
B. Create an AWS Lambda function to test the website. Configure the Lambda function toemit an Amazon CloudWatch custom metric when errors are detected. Configure aCloudWatch alarm to provide alerts when issues are detected.
C. Create an Amazon CloudWatch Synthetics canary. Use the CloudWatch SyntheticsRecorder plugin to generate the script for the canary run. Configure the canary in line withrequirements. Create an alarm to provide alerts when issues are detected.
A company plans to launch a static website on its domain example com and subdomain www example.com using Amazon S3. How should the SysOps administrator meet this requirement?
A. Create one S3 bucket named example.com for both the domain and subdomain.
B. Create one S3 bucket with a wildcard named '.example.com tor both the domain andsubdomain.
C. Create two S3 buckets named example.com and www.exdmpte.com. Configure thesubdomain bucket to redirect requests to the domain bucket.
D. Create two S3 buckets named http//example.com and http//" exampte.com. Configurethe wildcard (') bucket to redirect requests to the domain bucket.
A Sysops administrator creates an Amazon Elastic Kubernetes Service (Amazon EKS)cluster that uses AWS Fargate. The cluster is deployed successfully. The Sysopsadministrator needs to manage the cluster by using the kubect1 command line tool.Which of the following must be configured on the Sysops administrator's machine so thatkubect1 can communicate with the cluster API server?
A. The kubeconfig file
B. The kube-proxy Amazon EKS add-on
C. The Fargate profile
D. The eks-connector.yaml file
A company is attempting to manage its costs in the AWS Cloud. A SysOps administratorneeds specific company-defined tags that are assigned to resources to appear on thebilling report.What should the SysOps administrator do to meet this requirement?
A. Activate the tags as AWS generated cost allocation tags.
B. Activate the tags as user-defined cost allocation tags.
C. Create a new cost category. Select the account billing dimension.
D. Create a new AWS Cost and Usage Report. Include the resource IDs.
A company has an application that runs only on Amazon EC2 Spot Instances. Theinstances run in an Amazon EC2 Auto Scaling group with scheduled scaling actions.However, the capacity does not always increase at the scheduled times, and instancesterminate many times a day. A Sysops administrator must ensure that the instances launchon time and have fewer interruptions. Which action will meet these requirements?
A. Specify the capacity-optimized allocation strategy for Spot Instances. Add more instancetypes to the Auto Scaling group.
B. Specify the capacity-optimized allocation strategy for Spot Instances. Increase the sizeof the instances in the Auto Scaling group.
C. Specify the lowest-price allocation strategy for Spot Instances. Add more instance typesto the Auto Scaling group.
D. Specify the lowest-price allocation strategy for Spot Instances. Increase the size of theinstances in the Auto Scaling group.
A company is storing backups in an Amazon S3 bucket. The backups must not be deletedfor at least 3 months after the backups are created.What should a SysOps administrator do to meet this requirement?
A. Configure an IAM policy that denies the s3:DeleteObject action for all users. Threemonths after an object is written, remove the policy.
B. Enable S3 Object Lock on a new S3 bucket in compliance mode. Place all backups inthe new S3 bucket with a retention period of 3 months.
C. Enable S3 Versioning on the existing S3 bucket. Configure S3 Lifecycle rules to protectthe backups.
D. Enable S3 Object Lock on a new S3 bucket in governance mode. Place all backups in the new S3 bucket with a retention period of 3 months.
A SysOps administrator is required to monitor free space on Amazon EBS volumesattached to Microsoft Windows-based Amazon EC2 instances within a company’s account.The administrator must be alerted to potential issues.What should the administrator do to receive email alerts before low storage space affectsEC2 instance performance?
A. Use built-in Amazon CloudWatch metrics, and configure CloudWatch alarms and anAmazon SNS topic for email notifications
B. Use AWS CloudTrail logs and configure the trail to send notifications to an Amazon SNStopic.
C. Use the Amazon CloudWatch agent to send disk space metrics, then set upCloudWatch alarms using an Amazon SNS topic.
D. Use AWS Trusted Advisor and enable email notification alerts for EC2 disk space
A SysOps administrator is investigating why a user has been unable to use RDP to connectover the internet from their home computer to a bastion server running on an Amazon EC2Windows instance.Which of the following are possible causes of this issue? (Choose two.)
A. A network ACL associated with the bastion's subnet is blocking the network traffic.
B. The instance does not have a private IP address.
C. The route table associated with the bastion's subnet does not have a route to theinternet gateway.
D. The security group for the instance does not have an inbound rule on port 22.
E. The security group for the instance does not have an outbound rule on port 3389.
A company runs hundreds of Amazon EC2 instances in a single AWS Region. Each EC2instance has two attached 1 GiB General Purpose SSD (gp2) Amazon Elastic Block Store(Amazon EBS) volumes. A critical workload is using all the available IOPS capacity on theEBS volumes.According to company policy, the company cannot change instance types or EBS volumetypes without completing lengthy acceptance tests to validate that the company’sapplications will function properly. A SysOps administrator needs to increase the I/Operformance of the EBS volumes as quickly as possible.Which action should the SysOps administrator take to meet these requirements?
A. Increase the size of the 1 GiB EBS volumes.
B. Add two additional elastic network interfaces on each EC2 instance.
C. Turn on Transfer Acceleration on the EBS volumes in the Region.
D. Add all the EC2 instances to a cluster placement group.
A company recently purchased Savings Plans. The company wants to receive emailnotification when the company’s utilization drops below 90% for a given day.Which solution will meet this requirement?
A. Create an Amazon CloudWatch alarm to monitor the Savings Plan check in AWSTrusted Advisor. Configure an Amazon Simple Queue Service (Amazon SQS) queue foremail notification when the utilization drops below 90% for a given day.
B. Create an Amazon CloudWatch alarm to monitor the SavingsPlansUtilization metricunder the AWS/SavingsPlans namespace in CloudWatch. Configure an Amazon SimpleQueue Service (Amazon SQS) queue for email notification when the utilization drops below90% for a given day.
C. Create a Savings Plans alert to monitor the daily utilization of the Savings Plans.Configure an Amazon Simple Notification Service (Amazon SNS) topic for email notificationwhen the utilization drops below 90% for a given day.
D. Use AWS Budgets to create a Savings Plans budget to track the daily utilization of theSavings Plans. Configure an Amazon Simple Notification Service (Amazon SNS) topic foremail notification when the utilization drops below 90% for a given day.
A company’s application currently uses an IAM role that allows all access to all AWSservices. A SysOps administrator must ensure that the company’s IAM policies allow onlythe permissions that the application requires.How can the SysOps administrator create a policy to meet this requirement?
A. Turn on AWS CloudTrail. Generate a policy by using AWS Security Hub.
B. Turn on Amazon EventBridge (Amazon CloudWatch Events). Generate a policy byusing AWS Identity and Access Management Access Analyzer.
C. Use the AWS CLI to run the get-generated-policy command in AWS Identity and AccessManagement Access Analyzer.
D. Turn on AWS CloudTrail. Generate a policy by using AWS Identity and AccessManagement Access Analyzer.
A company is managing many accounts by using a single organization in AWSOrganizations. The organization has all features enabled. The company wants to turn onAWS Config in all the accounts of the organization and in all AWS Regions.What should a Sysops administrator do to meet these requirements in the MOSToperationally efficient way?
A. Use AVVS CloudFormation StackSets to deploy stack instances that turn on AWSConfig in all accounts and in all Regions.
B. Use AWS CloudFormation StackSets to deploy stack policies that turn on AWS Configin all accounts and in all Regions.
C. Use service control policies (SCPs) to configure AWS Config in all accounts and in allRegions.
D. Create a script that uses the AWS CLI to turn on AWS Config in all accounts in theorganization. Run the script from the organization's management account.