SOA-C01 Amazon Web Services AWS Certified SysOps Administrator

AWS Certified SysOps Administrator - Associate

Last Update 22 hours ago Total Questions : 263

The AWS Certified SysOps Administrator - Associate content is now fully updated, with all current exam questions added 22 hours ago. Deciding to include SOA-C01 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our SOA-C01 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these SOA-C01 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any AWS Certified SysOps Administrator - Associate practice test comfortably within the allotted time.

Question # 31

A SysOps Administrator manages an Amazon RDS MySQL DB instance in production. The database is accessed by several applications. The Administrator needs to ensure minimal downtime of the applications in the event the database suffers a failure. This change must not impact customer use during regular business hours.

Which action will make the database MORE highly available?

Contact AWS Support to pre-warm the database to ensure that it can handle any unexpected spikes in traffic

Create a new Multi-AZ RDS DB instance. Migrate the data to the new DB instance and delete the old one

Create a read replica from the existing database outside of business hours

Modify the DB instance to outside of business hours be a Multi-AZ deployment

Question # 32

A SysOps Administrator at an ecommerce company discovers that several 404 errors are being sent to one IP address every minute. The Administrator suspects a bot is collecting information about products listed on the company’s website.

Which service should be used to block this suspected malicious activity?

AWS CloudTrail

Amazon Inspector

AWS Shield Standard

AWS WAF

Question # 33

A company is expanding its use of AWS services across its portfolios. The company wants to provision AWS accounts for each team to ensure a separation of business processes for security, compli ance, and billing account creation and bootstrapping should be completed in a scalable and efficient way so new accounts are created with a defined baseline and governance guardrails in place. A sysops administrator needs to design a provisioning process t hat save time and resources.

Which action should be taken to meet these requirements?

Automate using AWS Elastic Beanstalk to provision the AWS Accounts, set up infrastructure, and integrate with AWS Organizations.

Create bootstrapping scripts in AWS OpsWorks and combine them with AWS CloudFormation templates to provision accounts and infrastructure.

Use AWS config to provision accounts and deploy instances using AWS service catalog.

Use AWS Control Tower to create a template in account factory and use the template to provision new accounts.

Question # 34

A sysops administrator runs a web application that is using a microservices approach whereby different responsibilities of the application have been divided in a separate microservice running on a different Amazon EC2 instance The administrato r has been tasked with reconfiguring the infrastructure to support this approach

How can the administrator accomplish this with the LEAST administrative overhead?

Use Amazon CloudFront to log the URL and forward the request

Use Amazon CloudFront to rewrite the header based on the microservice and forward the request

Use a Network Load Balancer (NLB) and do path-based routing

Use an Application Load Balancer (ALB) and do path-based routing

Question # 35

A SysOps administrator notices a scale-out event for an Amazon EC2 Auto Scaling group Amazon CloudWatch shows a spike in the RequestCount metric tor the associated Application Load Balancer The administrator would like to know the IP addresses for the source of the requests

Where can the administrator find this information?

Auto Scaling logs

AWS CloudTrail logs

EC2 instance logs

Elastic Load Balancer access logs

Question # 36

A company has a web application that is experiencing performance problems many times each night. A root cause analysis reveals spi kes in CPU utilization that last 5 minutes on an Amazon EC2 Linux instance. A SysOps administrator is tasked with finding the process ID (PID) of the service or process that is consuming more CPU.

How can the administrator accomplish this with the LEAST amount of effort?

Configure an AWS Lambda function in Python 3.7 to run every minute to capture the PID and send a notification.

Configure the procstat plugin to collect and send CPU metrics for the running processes.

Use the default Amazon CloudWatch CPU utilization metric to capture the PID in the CloudWatch dashboard.

Question # 37

An organization stores sensitive customer information in S3 buckets protected by bucket policies. Recently, there have been reports that unauthorized entities within the company have been trying to access the data on those S3 buckets. The chief information security officer (CISO) would like to know which buckets are being targeted and determine who is responsible for trying to access that information.

Which steps should a SysOps administrator take to meet the CISO ' s requirement? (Select TWO.)

Enable Amazon S3 Analytics on all affected S3 buckets to obtain a report of which buckets are being accessed without authorization.

Ena ble Amazon S3 Server Access Logging on all affected S3 buckets and have the logs stored in a bucket dedicated for logs.

Use Amazon Athena to query S3 Analytics reports for HTTP 403 errors, and determine the 1AM user or role making the requests.

Use Amazon Athena to query the S3 Server Access Logs for HTTP 403 errors, and determine the 1AM user or role making the requests.

Use Amazon Athena to query the S3 Server Access Logs for HTTP 503 errors, and determine the 1AM user or role making the requests.

Question # 38

A SysOps Administrator is using AWS KMS with AWS-generated key material to encrypt an Amazon EBS volume in a company’s AWS environment. The Administrator wants to rotate the KMS keys using automatic key rotation, and needs to ensure that the EBS volume encrypted with the current key remains readable.

What should be done to accomplish this?

Back up the current KMS key and enable automatic key rotation.

Create a new key in AWS KMS and assign the key to Amazon EBS.

Enable automatic key rotation of the EBS volume key in AWS KMS.

Upload ne key material to the EBS volume key in AWS KMS to enable automatic key rotation for the volume.

Question # 39

A company ' s finance department wants to receive a monthly report showing AWS resource usage by department. Which solution should be used to meet the requirements?

Configure AWS Cost and Usage reports for each department Run the reports monthly.

Schedule a monthly report for each department using AWS Budgets

Run a monthly AWS CloudTrail report of resource usage by tag using department codes

Tag all resources with department codes Generate a monthly cost allocation report

Question # 40

An organization created an Amazon Elastic File System (Amazon EFS) volume with a file system ID of fs-85ba41fc, and it is actively used by 10 Amazon EC2 hosts. The organization has become concerned that the file system is not encrypted?

How can this be resolved?

Enable encryption on each host’s connection to the Amazon EFS volume. Each connection must be recreated for encryption to take effect.

Enable encryption on the existing EFS volume by using the AWS command line interface.

Enable encryption on each host’s local drive. Restart each host to encrypt the drive.

Enable encryption on a newly created volume and copy all data from the original volume. Reconnect each hosts to the new volume.