Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

SOA-C02 Reviews Questions

Page: 12 / 20
Total 528 questions

AWS Certified SysOps Administrator - Associate (SOA-C02) Questions and Answers

Question 45

A company is undergoing an external audit of its systems, which run wholly on AWS. A SysOps administrator must supply documentation of Payment Card Industry Data Security Standard (PCI DSS) compliance for the infrastructure managed by AWS.

Which set of action should the SysOps administrator take to meet this requirement?

Options:

A.

Download the applicable reports from the AWS Artifact portal and supply these to the auditors.

B.

Download complete copies of the AWS CloudTrail log files and supply these to the auditors.

C.

Download complete copies of the AWS CloudWatch logs and supply these to the auditors.

D.

Provide the auditors with administrative access to the production AWS account so that the auditors can determine compliance.

Question 46

A company has an Amazon CloudFront distribution that uses an Amazon S3 bucket as its origin. During a review of the access logs, the company determines that some requests are going directly to the S3 bucket by using the website hosting endpoint. A SysOps administrator must secure the S3 bucket to allow requests only from CloudFront.

What should the SysOps administrator do to meet this requirement?

Options:

A.

Create an origin access identity (OAI) in CloudFront. Associate the OAI with the distribution. Remove access to and from other principals in the S3 bucket policy. Update the S3 bucket policy to allow access only from the OAI.

B.

Create an origin access identity (OAI) in CloudFront. Associate the OAI with the distribution. Update the S3 bucket policy to allow access only from the OAI. Create a new origin, and specify the S3 bucket as the new origin. Update the distribution behavior to use the new origin. Remove the existing origin.

C.

Create an origin access identity (OAI) in CloudFront. Associate the OAI with the distribution. Update the S3 bucket policy to allow access only from the OAI. Disable website hosting. Create a new origin, and specify the S3 bucket as the new origin. Update the distribution behavior to use the new origin. Remove the existing origin.

D.

Update the S3 bucket policy to allow access only from the CloudFront distribution. Remove access to and from other principals in the S3 bucket policy. Disable website hosting. Create a new origin, and specify the S3 bucket as the new origin. Update the distribution behavior to use the new origin. Remove the existing origin.

Question 47

A SysOps administrator needs to create a report that shows how many bytes are sent to and received from each target group member for an Application Load Balancer (ALB).

Which combination of steps should the SysOps administrator take to meet these requirements? (Select TWO.)

Options:

A.

Enable access logging for the ALB. Save the logs to an Amazon S3 bucket.

B.

Install the Amazon CloudWatch agent on the Instances in the target group.

C.

Use Amazon Athena to query the ALB logs Query the table Use the received_bytes and senl_byt.es fields to calculate the total bytes grouped by the target:port field.

D.

Use Amazon Athena to query the ALB logs Query the table. Use the received_bytes and sent_byt.es fields to calculate the total bytes grouped by the clientport field

E.

Create an Amazon CloudWatch dashboard that shows the Sum statistic of the ProcessedBytes metric for the ALB.

Question 48

A company wants to store sensitive financial data within Amazon S3 buckets. The company has a corporate policy that does not allow public read or write access to the buckets. A SysOps administrator must create a solution to automatically remove S3 permissions that allow public read or write access.

Which AWS service should the SysOps administrator use to meet these requirements in the MOST operationally efficient manner?

Options:

A.

AWSConfig

B.

AWS Security Hub

C.

AWS Trusted Advisor

D.

Amazon Inspector

Page: 12 / 20
Total 528 questions