Exam Logo

Amazon (SOA-C02) Exam Questions And Answers page 10

An organization with a large IT department has decided to migrate to AWS. With different job functions in the IT department, it is not desirable to give all users access to all AWS resources. Currently the organization handles access via LDAP group membership.

What is the BEST method to allow access using current LDAP credentials?
Security and Compliance Cost and Performance Optimization
A recent audit found that most resources belonging to the development team were in violation of patch compliance standards. The resources were properly tagged.

Which service should be used to quickly remediate the issue and bring the resources back into compliance?
Security and Compliance Cost and Performance Optimization
A software development company has multiple developers who work on the same product. Each developer must have their own development environments, and these development environments must be identical. Each development environment consists of Amazon EC2 instances and an Amazon RDS DB instance. The development environments should be created only when necessary, and they must be terminated each night to minimize costs.

What is the MOST operationally efficient solution that meets these requirements?
Deployment, Provisioning, and Automation Cost and Performance Optimization
A sofware development company has multiple developers who work on the same product. Each developer must have their own development environments, and these development environments must be identical. Each development environment consists of Amazon EC2 instances and an Amazon RDS DB instance. The development environments should be created only when necessary, and they must be terminated each night to minimize costs.

What is the MOST operationally efficient solution that meets these requirements?
Deployment, Provisioning, and Automation Cost and Performance Optimization
A SysOps administrator developed a Python script that uses the AWS SDK to conduct several maintenance tasks. The script needs to run automatically every night.

What is the MOST operationally efficient solution that meets this requirement?
Deployment, Provisioning, and Automation Cost and Performance Optimization
A SysOps administrator has created a VPC that contains a public subnet and a private subnet. Amazon EC2 instances that were launched in the private subnet cannot access the internet. The default network ACL is active on all subnets in the VPC, and all security groups allow all outbound traffic.

Which solution will provide the EC2 instances in the private subnet with access to the internet?
Deployment, Provisioning, and Automation Networking and Content Delivery
A SysOps administrator has created a VPC that contains a public subnet and a private subnet. Amazon EC2 instances that were launched in the private subnet cannot access the internet. The default network ACL is active on all subnets in the VPC, and all security groups allow all outbound traffic.

Which solution will provide the EC2 instances in the private subnet with access to the internet?
Deployment, Provisioning, and Automation Networking and Content Delivery
A SysOps administrator has enabled AWS CloudTrail in an AWS account. If CloudTrail is disabled, it must be re-enabled immediately.

What should the SysOps administrator do to meet these requirements WITHOUT writing custom code?
Monitoring and Reporting Security and Compliance
A SysOps administrator has launched a large general purpose Amazon EC2 instance to regularly process large data files. The instance has an attached 1 TB General Purpose SSD (gp2) Amazon Elastic Block Store (Amazon EBS) volume. The instance also is EBS-optimized. To save costs, the SysOps administrator stops the instance each evening and restarts the instance ach morning.

When data processing is active, Amazon CloudWatch metrics on the instance show a consistent 3,000 VolumeReadOps. The SysOps administrator must improve the I/O performance while ensuring data integrity.

Which action will meet these requirements?
Deployment, Provisioning, and Automation Networking and Content Delivery
A SysOps administrator has successfully deployed a VPC with an AWS CloudFormation template. The SysOps administrator wants to deploy the same template across multiple accounts that are managed through AWS Organizations.

Which solution will meet this requirement with the LEAST operational overhead?
Deployment, Provisioning, and Automation Security and Compliance