Amazon SOA-C02 Exam Practice Test Instant Access

Question 1

A company is migrating its production file server to AWS. All data that is stored on the file server must remain accessible if an Availability Zone becomes unavailable or when system maintenance is performed. Users must be able to interact with the file server through the SMB protocol. Users also must have the ability to manage file permissions by using Windows ACLs.

Which solution will net these requirements?

ACreate a single AWS Storage Gateway file gateway.

BCreate an Amazon FSx for Windows File Server Multi-AZ file system.

CDeploy two AWS Storage Gateway file gateways across two Availability Zones. Configure an Application Load Balancer in front of the file gateways.

DDeploy two Amazon FSx for Windows File Server Single-AZ 2 file systems. Configure Microsoft Distributed File System Replication (DFSR).

Answer : B

Question 2

A company hosts a web application on an Amazon EC2 instance in a production VPC. Client connections to the application are failing. A SysOps administrator inspects the VPC flow logs and finds the following entry:

2 111122223333 eni-<###> 192.0.2.15 203.0.113.56 40711 443 6 1 40 1418530010 1418530070 REJECT OK

What is a possible cause of these failed connections?

AA security group is denying traffic on port 443.

BThe EC2 instance is shut down.

CThe network ACL is blocking HTTPS traffic.

DThe VPC has no internet gateway attached.

Answer : A

Question 3

A company is expanding its fleet of Amazon EC2 instances before an expected increase of traffic. When a SysOps administrator attempts to add more instances, an InstanceLimitExceeded error is returned.

What should the SysOps administrator do to resolve this error?

AAdd an additional CIDR block to the VPC.

BLaunch the EC2 instances in a different Availability Zone.

CLaunch new EC2 instances in another VPC.

DUse Service Quotas to request an EC2 quota increase.

Answer : D

Question 4

An errant process is known to use an entire processor and run at 100%. A SysOps administrator wants to automate restarting the instance once the problem occurs for more than 2 minutes.

How can this be accomplished?

ACreate an Amazon CloudWatch alarm for the Amazon EC2 instance with basic monitoring. Enable an action to restart the instance.

BCreate a CloudWatch alarm for the EC2 instance with detailed monitoring. Enable an action to restart the instance.

CCreate an AWS Lambda function to restart the EC2 instance, triggered on a scheduled basis every 2 minutes.

DCreate a Lambda function to restart the EC2 instance, triggered by EC2 health checks.

Answer : B

Question 5

A company uses AWS Organizations to manage multiple AWS accounts with consolidated billing enabled. Organization member account owners want the benefits of Reserved Instances (RIs) but do not want to share RIs with other accounts.

Which solution will meet these requirements?

APurchase RIs in individual member accounts. Disable Rl discount sharing in the management account.

BPurchase RIs in individual member accounts. Disable Rl discount sharing in the member accounts.

CPurchase RIs in the management account. Disable Rl discount sharing in the management account.

DPurchase RIs in the management account. Disable Rl discount sharing in the member accounts.

Answer : A

Question 6

A company has attached the following policy to an IAM user:

Which of the following actions are allowed for the IAM user?

AAmazon RDS DescribeDBInstances action in the us-east-1 Region

BAmazon S3 Putobject operation in a bucket named testbucket

CAmazon EC2 Describe Instances action in the us-east-1 Region

DAmazon EC2 AttachNetworkinterf ace action in the eu-west-1 Region

Answer : C

Question 7

A SysOps administrator needs to configure a solution that will deliver digital content to a set of authorized users through Amazon CloudFront. Unauthorized users must be restricted from access.

Which solution will meet these requirements?

AStore the digital content in an Amazon S3 bucket that does not have public access blocked. Use signed URLs to access the S3 bucket through CloudFront.

BStore the digital content in an Amazon S3 bucket that has public access blocked. Use an origin access identity (OAI) to deliver the content through CloudFront. Restrict S3 bucket access with signed URLs in CloudFront.

CStore the digital content in an Amazon S3 bucket that has public access blocked. Use an origin access identity (OAI) to deliver the content through CloudFront. Enable field-level encryption.

DStore the digital content in an Amazon S3 bucket that does not have public access blocked. Use signed cookies for restricted delivery of the content through CloudFront.

Answer : B

Amazon SOA-C02 AWS Certified SysOps Administrator - Associate (2021) Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7