New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

AWS Certified Associate SOA-C02 Book

Page: 16 / 17
Question 64

A company needs to create a daily Amazon Machine Image (AMI) of an existing Amazon Linux EC2 instance that hosts the operating system, application, and database on multiple attached Amazon Elastic Block Store (Amazon EBS) volumes. File system integrity must be maintained.

Which solution will meet these requirements?

Options:

A.

Create an AWS Lambda function to call the CreateImage API operation with the EC2 instance ID and the no-reboot parameter enabled. Create a daily scheduled Amazon EventBridge (Amazon CloudWatch Events) rule that invokes the function.

B.

Create an AWS Lambda function to call the CreateImage API operation with the EC2 instance ID and the reboot parameter enabled. Create a daily scheduled Amazon EventBridge (Amazon CloudWatch Events) rule that invokes the function.

C.

Use AWS Backup to create a backup plan with a backup rule that runs daily. Assign the resource ID of the EC2 instance with the no-reboot parameter enabled.

D.

Use AWS Backup to create a backup plan with a backup rule that runs daily. Assign the resource ID of the EC2 instance with the reboot parameter enabled.

Question 65

The SysOps administrator must restart the web server if specific errors are detected in logs on EC2 instances behind a load balancer.

Options (Select THREE):

Options:

A.

Install the Amazon CloudWatch agent on the EC2 instances.

B.

Create an AWS CloudTrail metric filter for the web logs. Configure an alarm for the specific errors.

C.

Create an Amazon CloudWatch metric filter for the web logs. Configure an alarm for the specific errors.

D.

Publish alarm findings to Amazon Simple Email Service (Amazon SES). Invoke an AWS Lambda function to restart the web server software.

E.

Create an Amazon EventBridge rule that responds to the alarm. Configure the rule to invoke an AWS Systems Manager Automation runbook to restart the web server software.

F.

Create an Amazon Simple Notification Service (Amazon SNS) notification that responds to the alarm. Configure the notification to invoke an AWS Systems Manager Automation runbook to restart the web server software.

Question 66

A company has multiple AWS accounts. The company uses AWS Organizations with an organizational unit (OU) for the production account and another OU for the development account. Corporate policies state that developers may use only approved AWS services in the production account.

What is the MOST operationally efficient solution to control the production account?

Options:

A.

Create a customer managed policy in AWS Identity and Access Management (IAM). Apply the policy to all users within the production account.

B.

Create a job function policy in AWS Identity and Access Management (IAM). Apply the policy to all users within the production OU.

C.

Create a service control policy (SCP). Apply the SCP to the production OU.

D.

Create an IAM policy. Apply the policy in Amazon API Gateway to restrict the production account.

Question 67

A SysOps administrator wants to securely share an object from a private Amazon S3 bucket with a group of users who do not have an AWS account. What is the MOST operationally efficient solution that will meet this requirement?

Options:

A.

Attach an S3 bucket policy that only allows object downloads from the users' IP addresses.

B.

Create an 1AM role that has access to the object. Instruct the users to assume the role.

C.

Create an 1AM user that has access to the object. Share the credentials with the users.

D.

Generate a presigned URL for the object. Share the URL with the users.

Page: 16 / 17
Exam Code: SOA-C02
Exam Name: AWS Certified SysOps Administrator - Associate (SOA-C02)
Last Update: Dec 22, 2024
Questions: 460
SOA-C02 pdf

SOA-C02 PDF

$25.5  $84.99
SOA-C02 Engine

SOA-C02 Testing Engine

$28.5  $94.99
SOA-C02 PDF + Engine

SOA-C02 PDF + Testing Engine

$40.5  $134.99