Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Online SOA-C02 Questions Video

Page: 18 / 20
Total 528 questions

AWS Certified SysOps Administrator - Associate (SOA-C02) Questions and Answers

Question 69

A company is deploying a third-party unit testing solution that is delivered as an Amazon EC2 Amazon Machine Image (AMI). The company is deploying the testing solution on On-Demand Instances. The company wants to use an additional three Spot Instances when the Spot Instance prices drop to a specific threshold. A minimum of three instances are required at all times to operate the testing solution. A SysOps administrator must implement high availability for the architecture. Which solution will meet these requirements with the LEAST management overhead?

Options:

A.

Configure a launch template for the Spot Instances. Set the maximum price for the Spot Instances. Configure another launch template for the On-Demand Instances.

B.

Configure a launch template that uses the InstanceMarketOptions property for the Spot Instances and the On-Demand Instances. Set the maximum price for the Spot Instances.

C.

Configure a launch template that uses the MixedInstancesPolicy property for the Spot Instances and the On-Demand Instances. Set the maximum price for the Spot Instances.

D.

Configure a launch template that uses the InstanceMarketOptions property and the MixedInstancesPolicy property for the Spot Instances and the On-Demand Instances. Set the maximum price for the Spot Instances.

Question 70

A SysOps administrator needs to share a new AMI with all accounts within an organization managed through AWS Organizations.

Options:

Options:

A.

Make the AMI public. Reference the AMI ID from within the member accounts of the organization.

B.

Share the AMI's associated snapshots with all the accounts in the organization.

C.

Share the AMI with the organization by specifying the organization Amazon Resource Name (ARN).

D.

Upload the AMI to AWS Marketplace. Search for the uploaded AMI when an instance is launched from a member account in the organization.

Question 71

A large company is using AWS Organizations to manage hundreds of AWS accounts across multiple AWS Regions. The company has turned on AWS Config throughout the organization.

The company requires all Amazon S3 buckets to block public read access. A SysOps administrator must generate a monthly report that shows all the S3 buckets and whether they comply with this requirement.

Which combination of steps should the SysOps administrator take to collect this data? {Select TWO).

Options:

A.

Create an AWS Config aggregator in an aggregator account. Use the organization as the source. Retrieve the compliance data from the aggregator.

B.

Create an AWS Config aggregator in each account. Use an S3 bucket in an aggregator account as the destination. Retrieve the compliance data from the S3 bucket

C.

Edit the AWS Config policy in AWS Organizations. Use the organization's management account to turn on the s3-bucket-public-read-prohibited rule for the entire organization.

D.

Use the AWS Config compliance report from the organization's management account. Filter the results by resource, and select Amazon S3.

E.

Use the AWS Config API to apply the s3-bucket-public-read-prohibited rule in all accounts for all available Regions.

Question 72

A company is using AWS Certificate Manager (ACM) to manage public SSL/TLS certificates. A SysOps administrator needs to send an email notification when a certificate has less than 14 days until expiration.

Which solution will meet this requirement with the LEAST operational overhead?

Options:

A.

Create an Amazon CloudWatch custom metric to monitor certificate expiration for all ACM certificates. Create an Amazon EventBridge rule that has an event source of a ws. cloud watch Configure the rule to send an event to a target Amazon Simple Notification Service (Amazon SNS) topic if the DaysToExpiry metric is less than 14. Subscribe the appropriate email addresses to the SNS topic.

B.

Create an Amazon EventBridge rule that has an event source of aws.acm. Configure the rule to evaluate the DaysToExpiry melric for all ACM certificates.Configure the rule to send an event to a target Amazon Simple Notification Service (Amazon SNS) topic if DaysToExpiry is less than 14. Subscribe the appropriate email addresses to the SNS topic.

C.

Create an Amazon CloudWatch dashboard that displays the DaysToExpiry metric for all ACM certificates. If DaysToExpiry is less than 14, send an emailmessage to the appropriate email addresses. Send the email message by running a predefined CLI command to publish to an Amazon Simple Notification Service (Amazon SNS) topic.

D.

Create an Amazon EventBridge rule that has an event source of aws.acm. Configure the rule to evaluate the DaysToExpiry metric for all ACM certificates. Configure a target SMS identity that uses a predefined email template. Configure the rule to send an event to the target SMS identity if DaysToExpiry is less than 14.

Page: 18 / 20
Total 528 questions