Amazon (SOA-C02) Exam Questions And Answers page 14
A SysOps administrator notices a scale-up event for an Amazon EC2 Auto Scaling group. Amazon CloudWatch shows a spike in the RequestCount metric for the associated Application Load Balancer. The administrator would like to know the IP addresses for the source of the requests.
Where can the administrator find this information?
Where can the administrator find this information?
AWS CloudTrail logs
EC2 instance logs
Elastic Load Balancer access logs
Deployment, Provisioning, and Automation
Networking and Content Delivery
A SysOps Administrator runs a web application that is using a microservices approach whereby different responsibilities of the application have been divided in a separate microservice running on a different Amazon EC2 instance. The administrator has been tasked with reconfiguring the infrastructure to support this approach.
How can the administrator accomplish this with the LEAST administrative overhead?
How can the administrator accomplish this with the LEAST administrative overhead?
Use Amazon CloudFront to log the URL and forward the request.
Use Amazon CloudFront to rewrite the header based on the microservice and forward the request.
Use an Application Load Balancer (ALB) and do path-based routing.
Use a Network Load Balancer (NLB) and do path-based routing.
Deployment, Provisioning, and Automation
Networking and Content Delivery
The security team is concerned because the number of AWS Identity and Access Management (IAM) policies being used in the environment is increasing. The team tasked a SysOps administrator to report on the current number of IAM policies in use and the total available IAM policies.
Which AWS service should the administrator use to check how current IAM policy usage compares to current service limits?
Which AWS service should the administrator use to check how current IAM policy usage compares to current service limits?
AWS Trusted Advisor
Amazon Inspector
AWS Config
AWS Organizations
Monitoring and Reporting
Security and Compliance
When the AWS Cloud infrastructure experiences an event that may impact an organization, which AWS service can be used to see which of the organization s resources are affected?
AWS Service Health Dashboard
AWS Trusted Advisor
AWS Personal Health Dashboard
AWS Systems Manager
Monitoring and Reporting
When the AWS Cloud infrastructure experiences an event that may impact an organization, which AWS service can be used to see which of the organization s resources are affected?
AWS Service Health Dashboard
AWS Trusted Advisor
AWS Personal Health Dashboard
AWS Systems Manager
Monitoring and Reporting
While setting up an AWS managed VPN connection, a SysOps administrator creates a customer gateway resource in AWS. The customer gateway device resides in a data center with a NAT gateway in front of it.
What address should be used to create the customer gateway resource?
What address should be used to create the customer gateway resource?
The private IP address of the customer gateway device
The MAC address of the NAT device in front of the customer gateway device
The public IP address of the customer gateway device
The public IP address of the NAT device in front of the customer gateway device
Deployment, Provisioning, and Automation
Networking and Content Delivery
With the threat of ransomware viruses encrypting and holding company data hostage, which action should be taken to protect an Amazon S3 bucket?
Deny Post, Put, and Delete on the bucket.
Enable server-side encryption on the bucket.
Enable Amazon S3 versioning on the bucket.
Enable snapshots on the bucket.
Security and Compliance
Networking and Content Delivery
Comments