Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

AWS Certified Associate SOA-C02 Full Course Free

Page: 5 / 19
Total 485 questions

AWS Certified SysOps Administrator - Associate (SOA-C02) Questions and Answers

Question 17

A company is managing a website with a global user base hosted on Amazon EC2 with an Application Load Balancer (ALB). To reduce the load on the web servers, a SysOps administrator configures an Amazon CloudFront distribution with the ALB as the origin. After a week of monitoring the solution, the administrator notices that requests are still being served by the ALB and there is no change in the web server load.

What are possible causes for this problem? (Choose two.)

Options:

A.

CloudFront does not have the ALB configured as the origin access identity.

B.

The DNS is still pointing to the ALB instead of the CloudFront distribution.

C.

The ALB security group is not permitting inbound traffic from CloudFront.

D.

The default, minimum, and maximum Time to Live (TTL) are set to 0 seconds on the CloudFront distribution.

E.

The target groups associated with the ALB are configured for sticky sessions.

Question 18

A company's SysOps administrator is troubleshooting communication between the components of an application. The company configured VPC flow logs to be published to Amazon CloudWatch Logs However, there are no logs in CloudWatch Logs

What could be blocking the VPC flow logs from being published to CloudWatch Logs?

Options:

A.

The 1AM policy that is attached to the 1AM role for the flow log is missing the logs:CreateLogGroup permission.

B.

The 1AM policy that is attached to the 1AM role for the flow log is missing the logs:CreateExportTask permission.

C.

The VPC is configured for IPv6 addresses.

D.

The VPC is peered with another VPC in the AWS account.

Question 19

A SysOps administrator has used AWS Cloud Formal ion to deploy a serverless application Into a production VPC. The application consists of an AWS Lambda function an Amazon DynamoDB table, and an Amazon API Gateway API. The SysOps administrator must delete the AWS Cloud Formation stack without deleting the DynamoDB table.

Which action should the SysOps administrator take before deleting the AWS Cloud Formation stack?

Options:

A.

Add a Retain deletion policy to the DynamoDB resource in the AWS CloudFormation stack

B.

Add a Snapshot deletion policy to the DynamoDB resource in the AWS CloudFormation stack.

C.

Enable termination protection on the AWS Cloud Formation stack.

D.

Update the application's IAM policy with a Deny statement for the dynamodb:DeleteTabie action.

Question 20

After creating a presigned URL for an S3 object, users can no longer access the file after a few days.

Options (Select TWO):

Options:

A.

The presigned URL's expiration date and time have passed.

B.

The SysOps administrator's access key is no longer valid.

C.

The S3 bucket's Block Public Access settings are enabled.

D.

The S3 object's ACL does not include READ access for the All Users group.

E.

The S3 object's ACL does not include READ_ACP access for the All Users group.

Page: 5 / 19
Total 485 questions