Amazon (SOA-C02) Exam Questions And Answers page 11
A SysOps administrator has used AWS CloudFormation to deploy a serverless application into a production VPC. The application consists of an AWS Lambda function, an Amazon DynamoDB table, and an Amazon API Gateway API. The SysOps administrator must delete the AWS CloudFormation stack without deleting the DynamoDB table.
Which action should the SysOps administrator take before deleting the AWS CloudFormation stack?
Which action should the SysOps administrator take before deleting the AWS CloudFormation stack?
Add a Snapshot deletion policy to the DynamoDB resource in the AWS CloudFormation stack.
Enable termination protection on the AWS CloudFormation stack.
Update the application s IAM policy with a Deny statement for the dynamodb:DeleteTable action.
Deployment, Provisioning, and Automation
Security and Compliance
A SysOps administrator is attempting to download patches from the internet into an instance in a private subnet. An internet gateway exists for the VPC, and a NAT gateway has been deployed on the public subnet; however, the instance has no internet connectivity. The resources deployed into the private subnet must be inaccessible directly from the public internet.
What should be added to the private subnet s route table in order to address this issue, given the information provided?
What should be added to the private subnet s route table in order to address this issue, given the information provided?
0.0.0.0/0 IGW
0.0.0.0/0 NAT
10.0.1.0/24 IGW
10.0.1.0/24 NAT
Deployment, Provisioning, and Automation
Networking and Content Delivery
A SysOps administrator is creating two AWS CloudFormation templates. The first template will create a VPC with associated resources, such as subnets, route tables, and an internet gateway. The second template will deploy application resources within the VPC that was created by the first template. The second template should refer to the resources created by the first template.
How can this be accomplished with the LEAST amount of administrative effort?
How can this be accomplished with the LEAST amount of administrative effort?
Add an export field to the outputs of the first template and import the values in the second template.
Create a custom resource that queries the stack created by the first template and retrieves the required values.
Create a mapping in the first template that is referenced by the second template.
Input the names of resources in the first template and refer to those names in the second template as a parameter.
Deployment, Provisioning, and Automation
Networking and Content Delivery
A SysOps administrator is deploying an application on 10 Amazon EC2 instances. The application must be highly available. The instances must be placed on distinct underlying hardware.
What should the SysOps administrator do to meet these requirements?
What should the SysOps administrator do to meet these requirements?
Launch the instances into a cluster placement group in a single AWS Region.
Launch the instances into a partition placement group in multiple AWS Regions.
Launch the instances into a spread placement group in multiple AWS Regions.
Launch the instances into a spread placement group in a single AWS Region.
High Availability and Business Continuity
Deployment, Provisioning, and Automation
A SysOps administrator is deploying a test site running on Amazon EC2 instances. The application requires both incoming and outgoing connectivity to the internet.
Which combination of steps are required to provide internet connectivity to the EC2 instances? (Choose two.)
Which combination of steps are required to provide internet connectivity to the EC2 instances? (Choose two.)
Add a NAT gateway to a public subnet.
Attach a private address to the elastic network interface on the EC2 instance.
Attach an Elastic IP address to the internet gateway.
Add an entry to the route table for the subnet that points to an internet gateway.
Create an internet gateway and attach it to a VPC.
Deployment, Provisioning, and Automation
Networking and Content Delivery
A SysOps administrator is evaluating Amazon Route 53 DNS options to address concerns about high availability for an on-premises website. The website consists of two servers: a primary active server and a secondary passive server. Route 53 should route traffic to the primary server if the associated health check returns 2xx or 3xx HTTP codes. All other traffic should be directed to the secondary passive server. The failover record type, set ID, and routing policy have been set appropriately for both primary and secondary servers.
Which next step should be taken to configure Route 53?
Which next step should be taken to configure Route 53?
Create an A record for each server. Associate the records with the Route 53 HTTP health check.
Create an A record for each server. Associate the records with the Route 53 TCP health check.
Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 HTTP health check.
Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 TCP health check.
High Availability and Business Continuity
Networking and Content Delivery
A SysOps administrator is investigating issues on an Amazon RDS for MariaDB DB instance. The SysOps administrator wants to display the database load categorized by detailed wait events.
How can the SysOps administrator accomplish this goal?
How can the SysOps administrator accomplish this goal?
Create an Amazon CloudWatch dashboard.
Enable Amazon RDS Performance Insights.
Enable and configure Enhanced Monitoring.
Review the database logs in Amazon CloudWatch Logs.
Monitoring and Reporting
Networking and Content Delivery
A SysOps administrator is investigating issues on an Amazon RDS for MariaDB DB instance. The SysOps administrator wants to display the database load categorized by detailed wait events.
How can the SysOps administrator accomplish this goal?
How can the SysOps administrator accomplish this goal?
Create an Amazon CloudWatch dashboard.
Enable Amazon RDS Performance Insights.
Enable and configure Enhanced Monitoring.
Review the database logs in Amazon CloudWatch Logs.
Monitoring and Reporting
Networking and Content Delivery
A SysOps administrator is maintaining a web application using an Amazon CloudFront web distribution, an Application Load Balancer (ALB), Amazon RDS, and Amazon EC2 in a VPC. All services have logging enabled. The administrator needs to investigate HTTP Layer 7 status codes from the web application.
Which log sources contain the status codes? (Choose two.)
Which log sources contain the status codes? (Choose two.)
VPC Flow Logs
AWS CloudTrail logs
ALB access logs
CloudFront access logs
RDS logs
Monitoring and Reporting
Networking and Content Delivery
A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.
Which condition should be used with the alarm?
Which condition should be used with the alarm?
AWS/ApplicationELB HealthyHostCount <=>=>
AWS/ApplicationELB UnhealthyHostCount >= 1
AWS/EC2 StatusCheckFailed <=>=>
AWS/EC2 StatusCheckFailed >= 1
High Availability and Business Continuity
Deployment, Provisioning, and Automation
Comments