Amazon (SOA-C02) Exam Questions And Answers page 13
A SysOps administrator is troubleshooting an AWS CloudFormation template whereby multiple Amazon EC2 instances are being created. The template is working in us-east-1, but it is failing in us-west-2 with the error code:
AMI [ami-12345678] does not exist
How should the Administrator ensure that the AWS CloudFormation template is working in every region?
AMI [ami-12345678] does not exist
How should the Administrator ensure that the AWS CloudFormation template is working in every region?
Edit the AWS CloudFormation template to specify the region code as part of the fully qualified AMI ID.
Edit the AWS CloudFormation template to offer a drop-down list of all AMIs to the user by using the AWS::EC2::AMI::ImageID control.
Modify the AWS CloudFormation template by including the AMI IDs in the Mappings section. Refer to the proper mapping within the template for the proper AMI ID.
Deployment, Provisioning, and Automation
Networking and Content Delivery
A SysOps administrator is trying to set up an Amazon Route 53 domain name to route traffic to a website hosted on Amazon S3. The domain name of the website is www.anycompany.com and the S3 bucket name is anycompany-static. After the record set is set up in Route 53, the domain name www.anycompany.com does not seem to work, and the static website is not displayed in the browser.
Which of the following is a cause of this?
Which of the following is a cause of this?
The S3 bucket must be configured with Amazon CloudFront first.
The Route 53 record set must have an IAM role that allows access to the S3 bucket.
The Route 53 record set must be in the same region as the S3 bucket.
The S3 bucket name must match the record set name in Route 53.
Deployment, Provisioning, and Automation
Networking and Content Delivery
A SysOps administrator is using AWS Compute Optimizer to get recommendations for a fleet of Amazon EC2 instances. After the analysis is complete, some of the EC2 instances are missing from the Compute Optimizer dashboard.
What is the cause of this issue?
What is the cause of this issue?
The missing instances do not have the Amazon CloudWatch agent installed.
Compute Optimizer does not support the instance types of the missing instances.
Compute Optimizer already considers the missing instances to be optimized.
The missing instances are running a Windows operating system.
Deployment, Provisioning, and Automation
Cost and Performance Optimization
A SysOps administrator must create an IAM policy for a developer who needs access to specific AWS services. Based on the requirements, the SysOps administrator creates the following policy:
Which actions does this policy allow? (Choose two.)
Which actions does this policy allow? (Choose two.)
Create an AWS Storage Gateway.
Create an IAM role for an AWS Lambda function.
Delete an Amazon Simple Queue Service (Amazon SQS) queue.
Describe AWS load balancers.
Invoke an AWS Lambda function.
Deployment, Provisioning, and Automation
Security and Compliance
A SysOps administrator must create a solution that immediately notifies software developers if an AWS Lambda function experiences an error.
Which solution will meet this requirement?
Which solution will meet this requirement?
Create an Amazon Simple Notification Service (Amazon SNS) topic with an email subscription for each developer. Create an Amazon CloudWatch alarm by using the Errors metric and the Lambda function name as a dimension. Configure the alarm to send a notification to the SNS topic when the alarm state reaches ALARM.
Create an Amazon Simple Notification Service (Amazon SNS) topic with a mobile subscription for each developer. Create an Amazon EventBridge (Amazon CloudWatch Events) alarm by using the LambdaError as the event pattern and the SNS topic name as a resource. Configure the alarm to send a notification to the SNS topic when the alarm state reaches ALARM.
Verify each developer email address in Amazon Simple Email Service (Amazon SES). Create an Amazon CloudWatch rule by using the LambdaError metric and developer email addresses as dimensions. Configure the rule to send an email through Amazon SES when the rule state reaches ALARM.
Verify each developer mobile phone in Amazon Simple Email Service (Amazon SES). Create an Amazon EventBridge (Amazon CloudWatch Events) rule by using Error as the event pattern and the Lambda function name as a resource. Configure the rule to send a push notification through Amazon SES when the rule state reaches ALARM.
Monitoring and Reporting
A SysOps administrator must create a solution to automatically shuts down any Amazon EC2 instances that have less than 10% average CPU to monitor average CPU utilization for 60 minutes or more.
Which solution meets these requirements in the MOST operationally efficient manner?
Which solution meets these requirements in the MOST operationally efficient manner?
Implement a cron job on each EC2 instance to run once every 60 minutes and calculate the current CPU utilization. Initiate an instance shutdown if CPU utilization is less than 10%.
Implement an Amazon CloudWatch alarm for each EC2 instance to monitor average CPU utilization. Set the period at 1 hour, and set the threshold at 10%. Configure an EC2 action on the alarm to stop the instance.
Install the unified Amazon CloudWatch agent on each EC2 instance, and enable the Basic level predefined metric set. Log CPU utilization every 60 minutes, and initiate an instance shutdown if CPU utilization is less than 10%.
Use AWS Systems Manager Run Command to get CPU utilization from each EC2 instance every 60 minutes. Initiate an instance shutdown if CPU utilization is less than 10%.
Monitoring and Reporting
Deployment, Provisioning, and Automation
A SysOps administrator needs to design a high-traffic static website. The website must be highly available and must provide the lowest possible latency to users across the globe.
Which solution will meet these requirements?
Which solution will meet these requirements?
Create an Amazon S3 bucket, and upload the website content to the S3 bucket. Create an Amazon CloudFront distribution in each AWS Region, and set the S3 bucket as the origin. Use Amazon Route 53 to create a DNS record that uses a geolocation routing policy to route traffic to the correct CloudFront distribution based on where the request originates.
Create an Amazon S3 bucket, and upload the website content to the S3 bucket. Create an Amazon CloudFront distribution, and set the S3 bucket as the origin. Use Amazon Route 53 to create an alias record that points to the CloudFront distribution.
Create an Application Load Balancer (ALB) and a target group. Create an Amazon EC2 Auto Scaling group with at least two EC2 instances in the associated target group. Store the website content on the EC2 instances. Use Amazon Route 53 to create an alias record that points to the ALB.
Create an Application Load Balancer (ALB) and a target group in two Regions. Create an Amazon EC2 Auto Scaling group in each Region with at least two EC2 instances in each target group. Store the website content on the EC2 instances. Use Amazon Route 53 to create a DNS record that uses a geolocation routing policy to route traffic to the correct ALB based on where the request originates.
High Availability and Business Continuity
Networking and Content Delivery
A SysOps administrator needs to give users the ability to upload objects to an Amazon S3 bucket. The SysOps administrator creates a presigned URL and provides the URL to a user, but the user cannot upload an object to the S3 bucket. The presigned URL has not expired, and no bucket policy is applied to the S3 bucket.
Which of the following could be the cause of this problem?
Which of the following could be the cause of this problem?
The user has not properly configured the AWS CLI with their access key and secret access key.
The SysOps administrator does not have the necessary permissions to upload the object to the S3 bucket.
The SysOps administrator must apply a bucket policy to the S3 bucket to allow the user to upload the object.
The object already has been uploaded through the use of the presigned URL, so the presigned URL is no longer valid.
Deployment, Provisioning, and Automation
Networking and Content Delivery
A SysOps administrator noticed that a large number of Elastic IP addresses are being created on the company s AWS account, but they are not being associated with Amazon EC2 instance, and are incurring Elastic IP address charges in the monthly bill.
How can the administrator identify who is creating the Elastic IP addresses?
How can the administrator identify who is creating the Elastic IP addresses?
Attach a cost-allocation tag to each requested Elastic IP address with the IAM user name of the developer who creates it.
Query AWS CloudTrail logs by using Amazon Athena to search for Elastic IP address events.
Create a CloudWatch alarm on the EIPCreated metric and send an Amazon SNS notification when the alarm triggers.
Use Amazon Inspector to get a report of all Elastic IP addresses created in the last 30 days.
Security and Compliance
Cost and Performance Optimization
A SysOps administrator notices a scale-up event for an Amazon EC2 Auto Scaling group. Amazon CloudWatch shows a spike in the RequestCount metric for the associated Application Load Balancer. The administrator would like to know the IP addresses for the source of the requests.
Where can the administrator find this information?
Where can the administrator find this information?
Elastic Load Balancer access logs
Auto Scaling logs
AWS CloudTrail logs
EC2 instance logs
Deployment, Provisioning, and Automation
Networking and Content Delivery
Comments