Our Amazon SOA-C01 dumps are key to get success. More than 80000+ success stories.
Clients Passed Amazon SOA-C01 Exam Today
Passing score in Real Amazon SOA-C01 Exam
Questions were from our given SOA-C01 dumps
Company A purchases company B and inherits three new AWS accounts. Company A would like to centralize billing and reserved instance benefits but wants to keep all other resources separate. How can this be accomplished?
A. Implement AWS Organizations and create a service control policy that defines the billing relationship with the new master account.
B. Configure AWS Organizations Consolidated Billing and provide the finance team with IAM access to the billing console.
C. Send Cost and Usage Reports files to a central Amazon S3 bucket and load the data into Amazon Redshift. Use Amazon QuickSight to provide visualizations to the finance team.
D. Link the Reserved Instances to the master payer account and use Amazon Redshift Spectrum to query Detailed Billing Report data across all accounts.
A company has centralized all its logs into one Amazon CloudWatch Logs log group. The SysOps Administrator is to alert different teams of any issues relevant to them. What is the MOST efficient approach to accomplish this?
A. Write a AWS lambda function that will query the logs every minute and contain the logic of which team to notify on which patterns and issues.
B. Set up different metric filters for each team based on patterns and alerts. Each alarm will notify the appropriate notification list.
C. Redesign the aggregation of logs so that each team’s relevant parts are sent to a separate log group, then subscribe each team to its respective log group.
D. Create an AWS Auto Scaling group of Amazon EC2 instances that will scale based on the amount of ingested log entries. This group will pull streams, look for patterns, and send notifications to relevant teams.
A development team recently deployed new version of a web application to production. After the release, penetration testing revealed a cross-site scripting vulnerability that could expose user data. Which AWS service will mitigate this issue?
A. AWS Shield Standard
B. AWS WAF
C. Elastic Load balancing
D. Amazon Cognito
A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an ELB Application Load Balancer (ALB). The instances run in an EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy. Which condition should be used with the alarm?
A. AWS/ApplicationELB HealthyHostCount <= 0
B. AWS/ApplicationELB UnhealthyHostCount >= 1
C. AWS/EC2 StatusCheckFailed <= 0
D. AWS/EC2 StatusCheckFailed >= 1
A SysOps Administrator created an AWS CloudFormation template for the first time. The stack failed with a status of ROLLBACK_COMPLETE. The Administrator identified and resolved the template issue causing the failure. How should the Administrator continue with the stack deployment?
A. Delete the failed stack and create a new stack.
B. Execute a change set on the failed stack.
C. Perform an update-stack action on the failed stack.
D. Run a validate-template command.
A company creates custom AMI images by launching new Amazon EC2 instances from an AWS CloudFormation template. It installs and configures necessary software through AWS OpsWorks, and takes images of each EC2 instance. The process of installing and configuring software can take between 2 to 3 hours, but at times, the process stalls due to installation errors. The SysOps Administrator must modify the CloudFormation template so if the process stalls, the entire stack will fail and roll back. Based on these requirements, what should be added to the template?
A. Conditions with a timeout set to 4 hours.
B. CreationPolicy with a timeout set to 4 hours.
C. DependsOn with a timeout set to 4 hours.
D. Metadata with a timeout set to 4 hours.
A SysOps Administrator has configured health checks on a load balancer. An Amazon EC2 instance attached to this load balancer fails the health check. What will happen next? (Choose two.)
A. The load balancer will continue to perform the health check on the EC2 instance.
B. The EC2 instance will be terminated based on the health check failure.
C. The EC2 instance will be rebooted.
D. The load balancer will stop sending traffic to the EC2 instance.
E. A new EC2 instance will be deployed to replace the unhealthy instance.
A company backs up data from its data center using a tape gateway on AWS Storage Gateway. The SysOps Administrator needs to reboot the virtual machine running Storage Gateway. What process will protect data integrity?
A. Stop Storage Gateway and reboot the virtual machine, then restart Storage Gateway.
B. Reboot the virtual machine, then restart Storage Gateway.
C. Reboot the virtual machine.
D. Shut down the virtual machine and stop Storage Gateway, then turn on the virtual machine.
A SysOps Administrator is troubleshooting Amazon EC2 connectivity issues to the internet. The EC2 instance is in a private subnet. Below is the route table that is applied to the subnet of the EC2 instance. Destination – 10.2.0.0/16 Target – local Status – Active Propagated – No Destination – 0.0.0.0/0 Target – nat-xxxxxxx Status – Blackhole Propagated – No What has caused the connectivity issue?
A. The NAT gateway no longer exists
B. There is no route to the internet gateway.
C. The routes are no longer propagating.
D. There is no route rule with a destination for the internet.
A company requires that all access from on-premises applications to AWS services go over its AWS Direct Connect connection rather than the public internet. How would a SysOps Administrator implement this requirement?
A. Implement an IAM policy that uses the aws:sourceConnection condition to allow access from the AWS Direct Connect connection ID only
B. Set up a public virtual interface on the AWS Direct Connect connection
C. Configure AWS Shield to protect the AWS Management Console from being accessed by IP addresses other than those within the data center ranges
D. Update all the VPC network ACLs to allow access from the data center IP ranges
A SysOps Administrator must ensure all Amazon EBS volumes currently in use, and those created in the future, are encrypted with a specific AWS KMS customer master key (CMK). What is the MOST efficient way for the Administrator to meet this requirement?
A. Create an AWS Lambda function to run on a daily schedule, and have the function run the aws ec2 describe-volumes --filters encrypted command.
B. Within Aws Config, configure the encrypted-volumes managed rule and specify the key ID of the CMK.
C. Log in to the AWS Management Console on a daily schedule, then filter the list of volumes by encryption status, then export this list.
D. Create an AWS Lambda function to run on a daily schedule, and have the function run the aws kms describe key command.
A SysOps Administrator is configuring AWS SSO tor the first time. The Administrator has already created a directory in the master account using AWS Directory Service and enabled full access in AWS Organizations What should the Administrator do next to configure the service?
A. Create 1AM roles in each account to be used by AWS SSO, and associate users with these roles using AWS SSO
B. Create 1AM users in the master account and use AWS SSO to associate the users with the accounts they will access
C. Create permission sets in AWS SSO and associate the permission sets with Directory Service users or groups
D. Create service control policies (SCPs) in Organizations and associate the SCPs with Directory Service users or groups
Based on the AWS Shared Responsibility Model, which of the following actions are the responsibility of the customer for an Aurora database?
A. Performing underlying OS updates
B. Provisioning of storage for database
C. Scheduling maintenance, patches, and other updates
D. Executing maintenance, patches, and other updates