Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

All SOA-C02 Test Inside Amazon Web Services Questions

Page: 3 / 19
Total 485 questions

AWS Certified SysOps Administrator - Associate (SOA-C02) Questions and Answers

Question 9

A company's SysOps administrator needs to change the AWS Support plan for one of the company's AWS accounts. The account has multi-factor authentication (MFA) activated, and the MFA device is lost.

What should the SysOps administrator do to sign in?

Options:

A.

Sign in as a root user by using email and phone verification. Set up a new MFA device. Change the root user password.

B.

Sign in as an 1AM user with administrator permissions. Resynchronize the MFA token by using the 1AM console.

C.

Sign in as an 1AM user with administrator permissions. Reset the MFA device for the root user by adding a new device.

D.

Use the forgot-password process to verify the email address. Set up a new password and MFA device.

Question 10

A user is connected to an Amazon EC2 instance in a private subnet. The user is unable to access the internet from the instance by using the following curl command: curl

A SysOps administrator reviews the VPC configuration and learns the following information:

• The private subnet has a route to a NAT gateway for CIDR 0.0.0.0/0

• The outbound security group for the EC2 instance contains one rule: outbound for port 443 to CIDR 0.0.0.0/0

• The inbound security group for the EC2 instance allows ports 22 and 443 from the user's IP address.

• The inbound network ACL for the subnet allows port 22 and port range 1024-65535 from CIDR 0.0.0.0/0

Which action will allow the user to complete the curl request successfully?

Options:

A.

Add an additional inbound network ACL rule for port 80 to CIDR 0.0.0.0/0.

B.

Add an additional inbound security group rule for port 80 to CIDR 0.0.0.0/0.

C.

Add an additional outbound security group rule for port 80 to CIDR 0.0.0.0/0.

D.

Add an additional outbound security group rule for port 80 to the user's IP address.

Question 11

A SysOps administrator needs to design a disaster recovery (DR) plan for an application on AWS. The application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Auto Scaling group. The application uses an Amazon Aurora PostgreSQL database. The recovery time objective (RTO) and recovery point objective (RPO) are 15 minutes each.

Which combination of steps should the SysOps administrator take to meet these requirements MOST cost-effectively? (Select TWO.)

Options:

A.

Configure Aurora backups to be exported to the DR Region.

B.

Configure the Aurora cluster to replicate data to the DR Region by using the Aurora global database option.

C.

Configure the DR Region with an ALB and an Auto Scaling group. Use the same configuration as in the primary Region.

D.

Configure the DR Region with an ALB and an Auto Scaling group. Set the Auto Scaling group's minimum capacity, maximum capacity, and desired capacity to 1.

E.

Manually launch a new ALB and a new Auto Scaling group by using AWS CloudFormation during a failover activity.

Question 12

The company needs EC2 instances in the VPC to resolve DNS names for on-premises hosts using Direct Connect.

Options:

Options:

A.

Create an Amazon Route 53 private hosted zone. Populate the zone with the hostnames and IP addresses of the hosts in the on-premises data center.

B.

Create an Amazon Route 53 Resolver outbound endpoint. Add the IP addresses of an on-premises DNS server for the domain names that need to be forwarded.

C.

Set up a forwarding rule for reverse DNS queries in Amazon Route 53 Resolver. Set the enableDnsHostnames attribute to true for the VPC.

D.

Add the hostnames and IP addresses for the on-premises hosts to the /etc/hosts file of each EC2 instance.

Page: 3 / 19
Total 485 questions