Trusted Worldwide Questions & Answers
Most Recent Amazon SOA-C02 Exam Dumps
Prepare for the Amazon AWS Certified SysOps Administrator - Associate exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.
QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the Amazon SOA-C02 exam and achieve success.
The questions for SOA-C02 were last updated on May 6, 2025.
- Viewing page 1 out of 107 pages.
- Viewing questions 1-5 out of 535 questions
A company hosts an application on an Amazon EC2 instance in a single AWS Region. The application requires support for non-HTTP TCP traffic and HTTP traffic.
The company wants to deliver content with low latency by leveraging the AWS network. The company also wants to implement an Auto Scaling group with an
Elastic Load Balancer.
How should a SysOps administrator meet these requirements?
AWS Global Accelerator and Amazon CloudFront are separate services that use the AWS global network and its edge locations around the world. CloudFront improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery). Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions. Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or Voice over IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic, fast regional failover. Both services integrate with AWS Shield for DDoS protection.
A development team recently deployed a new version of a web application to production. After the release penetration testing revealed a cross-site scripting vulnerability that could expose user data.
Which AWS service will mitigate this issue?
AWS WAF (Web Application Firewall) helps protect web applications from common web exploits that could affect availability, compromise security, or consume excessive resources. It can be used to mitigate cross-site scripting (XSS) vulnerabilities.
Set Up AWS WAF:
Open the AWS WAF console at AWS WAF Console.
Create a new Web ACL.
Add Rules for Protection:
Add managed rules that include protection against common vulnerabilities, including XSS.
AWS provides managed rule groups, such as the AWS Managed Rules for Common Vulnerabilities and Exposures (CVE) which include protections against XSS.
Associate WAF with the Application:
Associate the Web ACL with the resources you want to protect (e.g., CloudFront distribution, Application Load Balancer).
A company has a secure website running on Amazon EC2 instances behind an Application Load Balancer (ALB). An SSL certificate from AWS Certificate Manager (ACM) is used on the ALB. Users with legacy web browsers are experiencing issues with the website.
How should the SysOps administrator resolve these issues in the MOST operationally efficient manner?
The issues experienced by users with legacy browsers typically stem from the SSL/TLS ciphers that are supported or enforced by the ALB. Modern security policies may exclude older ciphers that are necessary for compatibility with older browsers. Here's how to resolve it:
Access the ALB Settings: Go to the AWS Management Console, navigate to the ALB settings, and locate the SSL negotiation configurations.
Modify Security Policy: Update the SSL/TLS security policy on the ALB to include ciphers that are compatible with legacy browsers. AWS provides predefined security policies, and some of these policies are designed to support older ciphers while still maintaining a level of security that complies with general best practices.
Apply Changes: Once the security policy is updated, the ALB will start using this new configuration, which should resolve compatibility issues with legacy browsers without needing to replace the SSL certificate or alter the infrastructure.
This solution maintains the operational efficiency of the setup and avoids the need for additional resources like a second ALB or new certificates.
A company is deploying a third-party unit testing solution that is delivered as an Amazon EC2 Amazon Machine Image (AMI). All system configuration data is stored in Amazon DynamoDB. The testing results are stored in Amazon S3.
A minimum of three EC2 instances are required to operate the product. The company's testing team wants to use an additional three EC2 Instances when the Spot Instance prices are at a certain threshold. A SysOps administrator must Implement a highly available solution that provides this functionality.
Which solution will meet these requirements with the LEAST operational overhead?
To implement a highly available solution that provides the functionality to use a minimum of three On-Demand instances and three Spot instances when prices are at a certain threshold, defining an Amazon EC2 Auto Scaling group using a launch template is the most suitable solution. This approach minimizes operational overhead by consolidating configuration and management tasks.
Define a Launch Template:
Use the provided AMI in the launch template.
Configure the instance type, key pair, security groups, and other necessary parameters.
Create an Auto Scaling Group:
Use the launch template for the Auto Scaling group.
Specify a desired capacity of three On-Demand instances.
Configure the Auto Scaling group to use mixed instances policies, which allow you to specify a combination of On-Demand and Spot instances.
Set the maximum price for Spot instances in the launch template to ensure that Spot instances are used only when their prices are below the specified threshold.
Configuration Steps:
Open the EC2 console and navigate to 'Launch Templates.'
Create a new launch template with the necessary configurations.
Navigate to 'Auto Scaling Groups' and create a new Auto Scaling group using the launch template.
Configure the desired capacity, minimum capacity, and maximum capacity.
Under 'Advanced Options,' specify the mixed instances policy and set the maximum price for Spot instances.
A company has a production application that runs on large compute optimized Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Amazon EC2 Auto Scaling group. The Auto Scaling group has a desired capacity of 2, a maximum capacity of 2. and a minimum capacity of 1.
The application is CPU-bound. The EC2 instances show consistent CPU utilization of 90% or greater during peak usage periods. These peak usage periods are unpredictable and cause performance issues and latency issues.
Which solution will automate the resolution of these issues?
Objective:
Address high and unpredictable CPU usage by automating the scaling of resources.
Using Auto Scaling Policies:
Scaling policies can dynamically adjust the number of instances in an Auto Scaling group based on metrics like CPU utilization.
Steps to Implement:
Step 1: Increase the maximum capacity of the Auto Scaling group (e.g., from 2 to a higher value like 5).
Step 2: Create a scaling policy:
Use a target tracking scaling policy with a threshold of 80% CPU utilization.
When the CPU usage exceeds 80%, additional instances will be launched automatically.
Step 3: Monitor scaling behavior and adjust thresholds or capacities if necessary.
AWS Reference:
Target Tracking Scaling Policies: Scaling Policies for Auto Scaling Groups
Dynamic Scaling Best Practices: Dynamic Scaling in Auto Scaling
Why Other Options Are Incorrect:
Option A: Deploying additional instances outside the Auto Scaling group is not scalable and defeats the purpose of automation.
Option B: Switching to burstable instances does not resolve the issue since the workload is CPU-bound and consistently high.
Option D: Increasing desired capacity does not account for the unpredictability of peak periods, as it sets a static scaling behavior rather than dynamic.
Unlock All Questions for Amazon SOA-C02 Exam
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 535 Questions & Answers