Free Access Amazon Web Services SOA-C01 New Release

Page: 4 / 9

Question 16

A SysOps administrator is investigating why a user has been unable to use RDP to connect over the internet from their home computer to a bastion server running on an Amazon EC2 Windows instance

Which of the following are possible causes of this issue? (Select TWO.)

Options:

A network ACL associated with the bastion's subnet is blocking the network traffic

The instance does not have a private IP address.

The route table associated with the bastion's subnet does not have a route to the internet gateway

The security group for the instance does not have an inbound rule on port 22

The security group for the instance does not have an outbound rule on port 3389.

Question 17

An application is running on Amazon EC2 Instances behind an Application Load Balancer (ALB). An operations team wants to be notified in near-teal time when the ALB has issues connecting to backend EC2 instances.

Which solution will meet these requirements with the LEAST amount of effort?

Options:

Configure the ALB to send logs to Amazon S3. Write an AWS Lambda function to process the log files and send an email message to the operations team when the number of requests exceeds the threshold.

Create an Amazon CloudWatch rule to monitor the HealthyHostCount metric and send Amazon Simple Notification Service (Amazon SNS) messages to the operations team when HealthyHostCount is equal to zero.

Create an Amazon CloudWatch rule lo monitor the TargetConnectionErrorCount metric and send Amazon Simple Notification Service (Amazon SNS) messages to the operations team when TargetConnectionErrorCount is greater than 1.

Create an Amazon CloudWatch rule to monitor the HTTPCode_Target_5XX_Count metric and send Amazon Simple Notification Service (Amazon SNS) messages to the operations team when HTTPCode_Target_5XX_Count is greater than zero.

Question 18

A security researcher has published a new Common Vulnerabilities and Exposures (CVE) report that impacts a popular operating system A SysOps Administrator is concerned with the new CVE report and wants to patch the company's systems immediately The Administrator contacts AWS Support and requests the patch be applied to all Amazon EC2 instances

How will AWS respond to this request?

Options:

AWS will apply the patch during the next maintenance window and will provide the Administrator with a report of all patched EC2 instances

AWS will relaunch the EC2 instances with the latest version of the Amazon Machine Image (AMI) and will provide the Administrator with a report of all patched EC2 instances

AWS will research the vulnerability to see if the Administrator's operating system is impacted and will patch the EC2 instances that are affected

AWS will review the shared responsibility model with the Administrator and advise them regarding how to patch the EC2 instances

Question 19

A Systems Administrator is responsible for maintaining custom, approved AMIs for a company. These AMIs must be shared with each of the company’s AWS accounts.

How can the Administrator address this issue?