Winter Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: big60

Amazon Web Services Updated SOA-C02 Exam Questions and Answers by asa

Page: 16 / 18

Amazon Web Services SOA-C02 Exam Overview :

Exam Name: AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code: SOA-C02 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Associate
Questions: 485 Q&A's Shared By: asa
Question 64

A company needs to restrict access to an Amazon S3 bucket to Amazon EC2 instances in a VPC only. All traffic must be over the AWS private network.

What actions should the SysOps administrator take to meet these requirements?

Options:

A.

Create a VPC endpoint for the S3 bucket, and create an IAM policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.

B.

Create a VPC endpoint for the S3 bucket, and create an S3 bucket policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.

C.

Create a service-linked role for Amazon EC2 that allows the EC2 instances to interact directly with Amazon S3, and attach an IAM policy to the role that allows the EC2 instances full access to the S3 bucket.

D.

Create a NAT gateway in the VPC, and modify the VPC route table to route all traffic destined for Amazon S3 through the NAT gateway.

Discussion
Question 65

A company has created a NAT gateway in a public subnet in a VPC. The VPC also contains a private subnet that includes Amazon EC2 instances. The EC2 instances use the NAT gateway to access the internet to download patches and updates. The company has configured a VPC flow log for the elastic network interface of the NAT gateway. The company is publishing the output to Amazon CloudWatch Logs.

A SysOps administrator must identify the top five internet destinations that the EC2 instances in the private subnet communicate with for downloads.

What should the SysOps administrator do to meet this requirement in the MOST operationally efficient way?

Options:

A.

Use AWS CloudTrail Insights events to identify the top five internet destinations.

B.

Use Amazon CloudFront standard logs (access logs) to identify the top five internet destinations.

C.

Use CloudWatch Logs Insights to identify the top five internet destinations.

D.

Change the flow log to publish logs to Amazon S3. Use Amazon Athena to query the log files in Amazon S3.

Discussion
Pippa
I was so happy to see that almost all the questions on the exam were exactly what I found in their Dumps.
Anastasia Sep 21, 2024
You are right…It was amazing! The Cramkey Dumps were so comprehensive and well-organized, it made studying for the exam a breeze.
Norah
Cramkey is highly recommended.
Zayan Oct 17, 2024
Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!
Billy
It was like deja vu! I was confident going into the exam because I had already seen those questions before.
Vincent Aug 15, 2024
Definitely. And the best part is, I passed! I feel like all that hard work and preparation paid off. Cramkey is the best resource for all students!!!
Ace
No problem! I highly recommend Cramkey Dumps to anyone looking to pass their certification exams. They will help you feel confident and prepared on exam day. Good luck!
Harris Oct 31, 2024
That sounds amazing. I'll definitely check them out. Thanks for the recommendation!
Ayra
How these dumps are necessary for passing the certification exam?
Damian Oct 22, 2024
They give you a competitive edge and help you prepare better.
Question 66

A company has a workload that runs on several Amazon EC2 instances. The company must retain the workload's system logs and application logs for 13 months. The logs must be available for the entire 13 months. The termination of an EC2 instance must not result in the loss of log information.

Which solution will meet these requirements?

Options:

A.

Create an Amazon S3 bucket Apply a bucket policy to expire objects after 13 months. Schedule a shell script to periodically copy the logs to the S3 bucket Ensure that the attached instance profile has permissions to copy logs to the S3 bucket.

B.

Create a log group in Amazon CloudWatch Logs. Specify an Expire Events After value of 13 months. Configure the syslog protocol on the EC2 instances to push the logs to the log group. Ensure that the attached instance profile has permissions to push logs to the log group.

C.

Create an Amazon S3 bucket. Apply a bucket policy to expire objects after 13 months. Deploy the unified Amazon CloudWatch agent onto the EC2 instances. Configure the agent to store the logs in the S3 bucket. Ensure that the attached instance profile has permissions to store objects in the S3 bucket,

D.

Create a log group in Amazon CloudWatch Logs. Specify an Expire Events After value of 13 months Deploy the unified CloudWatch agent onto the EC2 instances. Configure the agent to push the logs to the log group. Ensure that the attached instance profile has permissions to push logs to the log group.

Discussion
Question 67

A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances on AWS. A SysOps administrator needs to keep the instances and all of the instances’ data, even if someone deletes the stack.

Which solution will meet these requirements?

Options:

A.

Set the DeletionPolicy attribute to Snapshot for the EC2 instance resource in the CloudFormation template.

B.

Automate backups by using Amazon Data Lifecycle Manager (Amazon DLM).

C.

Create a backup plan in AWS Backup.

D.

Set the DeletionPolicy attribute to Retain for the EC2 instance resource in the CloudFormation template.

Discussion
Page: 16 / 18
Title
Questions
Posted

SOA-C02
PDF

$42  $104.99

SOA-C02 Testing Engine

$50  $124.99

SOA-C02 PDF + Testing Engine

$66  $164.99