Certification Practice Test | PDF Questions | Actual Questions | Test Engine | Pass4Sure
SOA-C02 : AWS Certified SysOps Administrator - Associate (SOA-C02) Exam
Amazon SOA-C02 Questions & Answers
Full Version: 402 Q&A
Latest SOA-C02 Practice Tests with Actual Questions
Get Complete pool of questions with Premium PDF and Test Engine
Exam Code : SOA-C02
Exam Name : AWS Certified SysOps Administrator - Associate (SOA-C02)
Vendor Name :
"Amazon"
SOA-C02 Dumps SOA-C02 Braindumps
SOA-C02 Real Questions SOA-C02 Practice Test SOA-C02 Actual Questions
Amazon
SOA-C02
AWS Certified SysOps Administrator - Associate (SOA-C02)
https://killexams.com/pass4sure/exam-detail/SOA-C02
Question: 386
An organization is planning to create 5 different AWS accounts considering various security requirements. The organization wants to use a single payee account by using the consolidated billing option.
Which of the below mentioned statements is true with respect to the above information?
A . Master (Payee. account will get only the total bill and cannot see the cost incurred by each account B . Master (Payee. account can view only the AWS billing details of the linked accounts
C . It is not recommended to use consolidated billing since the payee account will have access to the linked accounts D . Each AWS account needs to create an AWS billing policy to provide permission to the payee account
Answer: B
Explanation:
AWS consolidated billing enables the organization to consolidate payments for multiple Amazon Web Services (AWS. accounts within a single organization by making a single paying account. Consolidated billing enables the organization to see a combined view of the AWS charges incurred by each account as well as obtain a detailed cost report for each of the individual AWS accounts associated with the paying account. The payee account will not have any other access than billing data of linked accounts.
Question: 387
A user has created a VPC with a public subnet. The user has terminated all the instances which are part of the subnet. Which of the below mentioned statements is true with respect to this scenario?
A . The user cannot delete the VPC since the subnet is not deleted
B . All network interface attached with the instances will be deleted
C . When the user launches a new instance it cannot use the same subnet D . The subnet to which the instances were launched with will be deleted
Answer: B
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. A user can create a subnet with VPC and launch instances inside that subnet. When an instance is launched it will have a network interface attached with it. The user cannot delete the subnet until he terminates the instance and deletes the network interface. When the user terminates the instance all the network interfaces attached with it are also deleted.
Question: 388
You are tasked with setting up a cluster of EC2 Instances for a NoSQL database. The database requires random read I/O disk performance up to a 100,000 IOPS at 4KB block side per node.
Which of the following EC2 instances will perform the best for this workload?
A . A High-Memory Quadruple Extra Large (m2.4xlarge) with EBS-Optimized set to true and a PIOPs EBS volume B . A Cluster Compute Eight Extra Large (cc2.8xlarge) using instance storage
C . High I/O Quadruple Extra Large (hi1.4xlarge) using instance storage
D . A Cluster GPU Quadruple Extra Large (cg1.4xlarge) using four separate 4000 PIOPS EBS volumes in a RAID 0 configuration
Answer: C
Explanation:
The SSD storage is local to the instance. Using PV virtualization, you can expect 120,000 random read IOPS (Input/Output Operations Per Second) and between 10,000 and 85,000 random write IOPS, both with 4K blocks. For HVM and Windows AMIs, you can expect 90,000 random read IOPS and 9,000 to 75,000 random write IOPS. https://aws.amazon.com/blogs/aws/new-high-io-ec2-instance-type-hi14xlarge/
Question: 389
You use S3 to store critical data for your company. Several users within your group currently have lull permissions to your S3 buckets. You need to come up with a solution mat does not impact your users and also protect against the accidental deletion of objects.
Which two options will address this issue? (Choose two.) A . Enable versioning on your S3 Buckets
B . Configure your S3 Buckets with MFA delete
C . Create a Bucket policy and only allow read only permissions to all users at the bucket level
D . Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier
Answer: A,B
Explanation:
Versioning allows easy recovery of previous file version. MFA delete requires additional MFA authentication to delete files. Won’t impact the users current access. http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html
Question: 390
A user has launched an EC2 Windows instance from an instance store backed AMI. The user wants to convert the AMI to an EBS backed AMI.
How can the user convert it?
A . Attach an EBS volume to the instance and unbundle all the AMI bundled data inside the EBS B . A Windows based instance store backed AMI cannot be converted to an EBS backed AMI
C . It is not possible to convert an instance store backed AMI to an EBS backed AMI
D . Attach an EBS volume and use the copy command to copy all the ephermal content to the EBS Volume
Answer: B
Explanation:
Generally, when a user has launched an EC2 instance from an instance store backed AMI, it can be converted to an EBS backed AMI provided the user has attached the EBS volume to the instance and unbundles the AMI data to it.
However, if the instance is a Windows instance, AWS does not allow this. In this case, since the instance is a Windows instance, the user cannot convert it to an EBS backed AMI.
Question: 391
A user has launched an EC2 instance from an instance store backed AMI. The infrastructure team wants to create an AMI from the running instance.
Which of the below mentioned credentials is not required while creating the AMI? A . AWS account ID
C . 509 certificate and private key
D . AWS login ID to login to the console E . Access key and secret access key
Answer: C
Explanation:
When the user has launched an EC2 instance from an instance store backed AMI and the admin team wants to create an AMI from it, the user needs to setup the AWS AMI or the API tools first. Once the tool is setup the user will need the following credentials:
AWS account ID; AWS access and secret access key;
X.509 certificate with private key.
Question: 392
A root AWS account owner is trying to understand various options to set the permission to AWS S3. Which of the below mentioned options is not the right option to grant permission for S3?
A . User Access Policy
B . S3 Object Access Policy C . S3 Bucket Access Policy D . S3 ACL
Answer: B
Explanation:
Amazon S3 provides a set of operations to work with the Amazon S3 resources. Managing S3 resource access refers to granting others permissions to work with S3. There are three ways the root account owner can define access with S3: S3 ACL: The user can use ACLs to grant basic read/write permissions to other AWS accounts. S3 Bucket Policy: The
policy is used to grant other AWS accounts or IAM users permissions for the bucket and the objects in it. User Access Policy: Define an IAM user and assign him the IAM policy which grants him access to S3.
Question: 393
If you want to launch Amazon Elastic Compute Cloud (EC2) Instances and assign each Instance a predetermined private IP address you should:
A . Assign a group or sequential Elastic IP address to the instances B . Launch the instances in a Placement Group
C . Launch the instances in the Amazon virtual Private Cloud (VPC).
D . Use standard EC2 instances since each instance gets a private Domain Name Service (DNS) already E . Launch the Instance from a private Amazon Machine image (Mil)
Answer: C
Explanation:
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-ip-addressing.html
Question: 394
A root account owner is trying to understand the S3 bucket ACL.
Which of the below mentioned options cannot be used to grant ACL on the object using the authorized predefined group?
A . Authenticated user group B . All users group
C . Log Delivery Group D . Canonical user group
Answer: D
Explanation:
An S3 bucket ACL grantee can be an AWS account or one of the predefined Amazon S3 groups. Amazon S3 has a set of predefined groups. When granting account access to a group, the user can specify one of the URLs of that group instead of a canonical user ID. AWS S3 has the following predefined groups: Authenticated Users group:
It represents all AWS accounts. All Users group: Access permission to this group allows anyone to access the resource. Log Delivery group: WRITE permission on a bucket enables this group to write server access logs to the bucket.
Question: 395
An organization has added 3 of his AWS accounts to consolidated billing. One of the AWS accounts has purchased a Reserved Instance (RI. of a small instance size in the US-East-1a zone. All other AWS accounts are running instances of a small size in the same zone.
What will happen in this case for the RI pricing?
A . Only the account that has purchased the RI will get the advantage of RI pricing
B . One instance of a small size and running in the US-East-1a zone of each AWS account will get the benefit of RI
pricing
C . Any single instance from all the three accounts can get the benefit of AWS RI pricing if they are running in the same zone and are of the same size
D . If there are more than one instances of a small size running across multiple accounts in the same zone no one will get the benefit of RI
Answer: C
Explanation:
AWS consolidated billing enables the organization to consolidate payments for multiple Amazon Web Services (AWS. accounts within a single organization by making a single paying account. For billing purposes, consolidated billing treats all the accounts on the consolidated bill as one account. This means that all accounts on a consolidated bill can receive the hourly cost benefit of the Amazon EC2 Reserved Instances purchased by any other account. In this case only one Reserved Instance has been purchased by one account. Thus, only a single instance from any of the accounts will get the advantage of RI. AWS will implement the blended rate for each instance if more than one instance is running concurrently.
Question: 396
A user has enabled versioning on an S3 bucket. The user is using server side encryption for data at rest.
If the user is supplying his own keys for encryption (SSE-C), what is recommended to the user for the purpose of security?
A . The user should not use his own security key as it is not secure
B . Configure S3 to rotate the user’s encryption key at regular intervals C . Configure S3 to store the user’s keys securely with SSL
D . Keep rotating the encryption key manually at the client side
Answer: D
Explanation:
AWS S3 supports client side or server side encryption to encrypt all data at Rest. The server side encryption can either have the S3 supplied AES-256 encryption key or the user can send the key along with each API call to supply his own encryption key (SSE-C). Since S3 does not store the encryption keys in SSE-C, it is recommended that the user should manage keys securely and keep rotating them regularly at the client side version.
Question: 397
A user has configured an EC2 instance in the US-East-1a zone. The user has enabled detailed monitoring of the instance. The user is trying to get the data from CloudWatch using a CLI.
Which of the below mentioned CloudWatch endpoint URLs should the user use? A . monitoring.us-east-1.amazonaws.com
B . monitoring.us-east-1-a.amazonaws.com C . monitoring.us-east-1a.amazonaws.com D . cloudwatch.us-east-1a.amazonaws.com
Answer: A
Explanation:
The CloudWatch resources are always region specific and they will have the end point as region specific. If the user is trying to access the metric in the US-East-1 region, the endpoint URL will be: monitoring.us-east- 1.amazonaws.com
Question: 398
A user is planning to setup notifications on the RDS DB for a snapshot.
Which of the below mentioned event categories is not supported by RDS for this snapshot source type? A . Backup
B . Creation C . Deletion
D . Restoration
Answer: A
Explanation:
Amazon RDS uses the Amazon Simple Notification Service to provide a notification when an Amazon RDS event occurs. Event categories for a snapshot source type include: Creation, Deletion, and Restoration. The Backup is a part of DB instance source type.
Question: 399
A user has configured Auto Scaling with the minimum capacity as 2 and the desired capacity as 2. The user is trying to terminate one of the existing instance with the command:
What will Auto Scaling do in this scenario?
A . Terminates the instance and does not launch a new instance B . Terminates the instance and updates the desired capacity to 1
C . Terminates the instance and updates the desired capacity and minimum size to 1 D . Throws an error
Answer: D
Explanation:
The Auto Scaling command as-terminate-instance-in-auto-scaling-group <Instance ID> will terminate the specific instance ID. The user is required to specify the parameter as –decrementdesired-capacity. Then Auto Scaling will terminate the instance and decrease the desired capacity by 1. In this case since the minimum size is 2, Auto Scaling will not allow the desired capacity to go below 2. Thus, it will throw an error.
Question: 400
A user has setup connection draining with ELB to allow in-flight requests to continue while the instance is being deregistered through Auto Scaling.
If the user has not specified the draining time, how long will ELB allow inflight requests traffic to continue? A . 600 seconds
B . 3600 seconds C . 300 seconds D . 0 seconds
Answer: C
Explanation:
The Elastic Load Balancer connection draining feature causes the load balancer to stop sending new requests to the back-end instances when the instances are deregistering or become unhealthy, while ensuring that inflight requests continue to be served. The user can specify a maximum time (3600 seconds. for the load balancer to keep the connections alive before reporting the instance as deregistered. If the user does not specify the maximum timeout period, by default, the load balancer will close the connections to the deregistering instance after 300 seconds.
Question: 401
A user has hosted an application on EC2 instances. The EC2 instances are configured with ELB and Auto Scaling. The application server session time out is 2 hours. The user wants to configure connection draining to ensure that all in- flight requests are supported by ELB even though the instance is being deregistered.
What time out period should the user specify for connection draining? A . 5 minutes
B . 1 hour
C . 30 minutes D . 2 hours
Answer: B
Explanation:
When you enable connection draining, you can specify a maximum time for the load balancer to keep connections alive before reporting the instance as de-registered. The maximum timeout value can be set between 1 and 3,600 seconds (the default is 300 seconds). When the maximum time limit is reached, the load balancer forcibly closes connections to the de-registering instance. http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/config-conn-drain.html
Question: 402
Which services allow the customer to retain full administrative privileges of the underlying EC2 instances? (Choose two.)
A . Amazon Elastic Map Reduce B . Elastic Load Balancing
C . AWS Elastic Beanstalk D . Amazon Elasticache
E . Amazon Relational Database service
Answer: A,C
Explanation:
Only the below services provide Root level access
EC2
Elastic Beanstalk
Elastic MapReduce C Master Node
Opswork
User: Heitor***** The soa-c02 questions from Killexams.com are excellent and reflect what is covered in the actual exam. I loved the entire guidance material from Killexams.com. I passed the exam with over 80%. |
User: Théo***** I strongly recommend Killexams.com practice tests as an excellent reference tool for those preparing for the exam. The website team carried out an excellent job, and I appreciate their performance and working style. The fast and concise answers provided were much less stressful to remember, and I managed to answer 98% of the questions, scoring 80% marks. The EC exam was a significant challenge for my IT profession, and I did not have much time to prepare. However, Killexams.com question and answer format effectively helped me overcome my fear, and I was able to answer 87 questions in 80 minutes. |
User: Alice***** Thanks to Killexams.com, I was able to understand the difficult themes, such as shipping competence, and answer the questions effectively, scoring 90% marks. Their study material was comprehensive and precisely structured, allowing me to plan my preparation while managing my busy schedule. Booking and purchasing the Killexams.com questions and answers and exam simulator was convenient and easy, and I received it within a week. |
User: Nadette***** I achieved a score of 44 out of 50 correct answers within the allotted time of 75 minutes while using the Killexams.com exam practice tests for SOA-C02. The concise answers and relevant examples provided in the guidebook were very helpful. |
User: Norvina***** Although I did not plan to use brain practice tests to prepare for my IT certification test, I ended up ordering the package deal for the SOA-C02 exam due to exam pressure. I was thrilled with the quality of the materials, and I believe they are worth more than their cost. I had no trouble answering all questions on the exam thanks to Killexams. I knew all the questions and answers and got 97% on the exam after only a few weeks of studying, which was impressive. Therefore, I would highly recommend Killexams.com for anyone looking to ace their IT certification exams. |
Features of iPass4sure SOA-C02 Exam
- Files: PDF / Test Engine
- Premium Access
- Online Test Engine
- Instant download Access
- Comprehensive Q&A
- Success Rate
- Real Questions
- Updated Regularly
- Portable Files
- Unlimited Download
- 100% Secured
- Confidentiality: 100%
- Success Guarantee: 100%
- Any Hidden Cost: $0.00
- Auto Recharge: No
- Updates Intimation: by Email
- Technical Support: Free
- PDF Compatibility: Windows, Android, iOS, Linux
- Test Engine Compatibility: Mac / Windows / Android / iOS / Linux
Premium PDF with 402 Q&A
Get Full VersionAll Amazon Exams
Amazon ExamsCertification and Entry Test Exams
Complete exam list