Amazon (SOA-C02) Exam Questions And Answers page 3
A company hosts a web application on an Amazon EC2 instance in a production VPC. Client connections to the application are failing. A SysOps administrator inspects the VPC flow logs and finds the following entry:
2 111122223333 eni-<###> 192.0.2.15 203.0.113.56 40711 443 6 1 40 1418530010 1418530070 REJECT OK
###>What is a possible cause of these failed connections?
2 111122223333 eni-<###> 192.0.2.15 203.0.113.56 40711 443 6 1 40 1418530010 1418530070 REJECT OK
###>What is a possible cause of these failed connections?
The EC2 instance is shut down.
The network ACL is blocking HTTPS traffic.
The VPC has no internet gateway attached.
Networking and Content Delivery
Cost and Performance Optimization
A company hosts a website on multiple Amazon EC2 instances that run in an Auto Scaling group. Users are reporting slow responses during peak times between 6 PM and 11 PM every weekend. A SysOps administrator must implement a solution to improve performance during these peak times.
What is the MOST operationally efficient solution that meets these requirements?
What is the MOST operationally efficient solution that meets these requirements?
Create a scheduled Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function to increase the desired capacity before peak times.
Configure a scheduled scaling action with a recurrence option to change the desired capacity before and after peak times.
Create a target tracking scaling policy to add more instances when memory utilization is above 70%.
Configure the cooldown period for the Auto Scaling group to modify desired capacity before and after peak times.
Deployment, Provisioning, and Automation
Cost and Performance Optimization
A company hosts its website in the us-east-1 Region. The company is preparing to deploy its website into the eu-central-1 Region. Website visitors who are located in Europe should access the website that is hosted in eu-central-1. All other visitors access the website that is hosted in us-east-1. The company uses Amazon Route 53 to manage the website's DNS records.
Which routing policy should a SysOps administrator apply to the Route 53 record set to meet these requirements?
Which routing policy should a SysOps administrator apply to the Route 53 record set to meet these requirements?
Geolocation routing policy
Geoproximity routing policy
Latency routing policy
Multivalue answer routing policy
Networking and Content Delivery
Cost and Performance Optimization
A company hosts its website in the us-east-1 Region. The company is preparing to deploy its website into the eu-central-1 Region. Website visitors who are located in Europe should access the website that is hosted in eu-central-1. All other visitors access the website that is hosted in us-east-1. The company uses Amazon Route 53 to manage the website's DNS records.
Which routing policy should a SysOps administrator apply to the Route 53 record set to meet these requirements?
Which routing policy should a SysOps administrator apply to the Route 53 record set to meet these requirements?
Geolocation routing policy
Geoproximity routing policy
Latency routing policy
Multivalue answer routing policy
Networking and Content Delivery
Cost and Performance Optimization
A company hosts its website in the us-east-1 Region. The company is preparing to deploy its website into the eu-central-1 Region. Website visitors who are located in Europe should access the website that is hosted in eu-central-1. All other visitors access the website that is hosted in us-east-1. The company uses Amazon Route 53 to manage the website's DNS records.
Which routing policy should a SysOps administrator apply to the Route 53 record set to meet these requirements?
Which routing policy should a SysOps administrator apply to the Route 53 record set to meet these requirements?
Multivalue answer routing policy
Geoproximity routing policy
Latency routing policy
Geolocation routing policy
Networking and Content Delivery
Cost and Performance Optimization
A company hosts its website on Amazon EC2 instances behind an Application Load Balancer. The company manages its DNS with Amazon Route 53, and wants to point its domain s zone apex to the website.
Which type of record should be used to meet these requirements?
Which type of record should be used to meet these requirements?
An AAAA record for the domain s zone apex
An A record for the domain s zone apex
A CNAME record for the domain s zone apex
An alias record for the domain s zone apex
Deployment, Provisioning, and Automation
Networking and Content Delivery
A company is migrating its production file server to AWS. All data that is stored on the file server must remain accessible if an Availability Zone becomes unavailable or when system maintenance is performed. Users must be able to interact with the file server through the SMB protocol. Users also must have the ability to manage file permissions by using Windows ACLs.
Which solution will net these requirements?
Which solution will net these requirements?
Create a single AWS Storage Gateway file gateway.
Create an Amazon FSx for Windows File Server Multi-AZ file system.
Deploy two AWS Storage Gateway file gateways across two Availability Zones. Configure an Application Load Balancer in front of the file gateways.
Deploy two Amazon FSx for Windows File Server Single-AZ 2 file systems. Configure Microsoft Distributed File System Replication (DFSR).
High Availability and Business Continuity
Security and Compliance
A company is migrating its production file server to AWS. All data that is stored on the file server must remain accessible if an Availability Zone becomes unavailable or when system maintenance is performed. Users must be able to interact with the file server through the SMB protocol. Users also must have the ability to manage file permissions by using Windows ACLs.
Which solution will net these requirements?
Which solution will net these requirements?
Create a single AWS Storage Gateway file gateway.
Create an Amazon FSx for Windows File Server Multi-AZ file system.
Deploy two AWS Storage Gateway file gateways across two Availability Zones. Configure an Application Load Balancer in front of the file gateways.
Deploy two Amazon FSx for Windows File Server Single-AZ 2 file systems. Configure Microsoft Distributed File System Replication (DFSR).
High Availability and Business Continuity
Security and Compliance
A company is migrating its production file server to AWS. All data that is stored on the file server must remain accessible if an Availability Zone becomes unavailable or when system maintenance is performed. Users must be able to interact with the file server through the SMB protocol. Users also must have the ability to manage file permissions by using Windows ACLs.
Which solution will net these requirements?
Which solution will net these requirements?
Create a single AWS Storage Gateway file gateway.
Create an Amazon FSx for Windows File Server Multi-AZ file system.
Deploy two AWS Storage Gateway file gateways across two Availability Zones. Configure an Application Load Balancer in front of the file gateways.
Deploy two Amazon FSx for Windows File Server Single-AZ 2 file systems. Configure Microsoft Distributed File System Replication (DFSR).
High Availability and Business Continuity
Security and Compliance
A company is partnering with an external vendor to provide data processing services. For this integration, the vendor must host the company s data in an Amazon S3 bucket in the vendor s AWS account. The vendor is allowing the company to provide an AWS Key Management Service (AWS KMS) key to encrypt the company s data. The vendor has provided an IAM role Amazon Resources Name (ARN) to the company for this integration.
What should a SysOps administrator do to configure this integration?
What should a SysOps administrator do to configure this integration?
Create a new KMS key. Add the vendor s IAM role ARN to the KMS key policy. Provide the new KMS key ARN to the vendor.
Create a new KMS key. Create a new IAM key. Add the vendor s IAM role ARN to an inline policy that is attached to the IAM user. Provide the new IAM user ARN to the vendor.
Configure encryption using the KMS managed S3 key. Add the vendor s IAM role ARN to the KMS key policy. Provide the KMS managed S3 key ARN to the vendor.
Configure encryption using the KMS managed S3 key. Create an S3 bucket. Add the vendor s IAM role ARN to the S3 bucket policy. Provide the S3 bucket ARN to the vendor.
Deployment, Provisioning, and Automation
Security and Compliance
Comments