Special Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Amazon Web Services Updated SOA-C02 Exam Questions and Answers by asa

Page: 16 / 18

Amazon Web Services SOA-C02 Exam Overview :

Exam Name: AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code: SOA-C02 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Associate
Questions: 485 Q&A's Shared By: asa
Question 64

A company needs to restrict access to an Amazon S3 bucket to Amazon EC2 instances in a VPC only. All traffic must be over the AWS private network.

What actions should the SysOps administrator take to meet these requirements?

Options:

A.

Create a VPC endpoint for the S3 bucket, and create an IAM policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.

B.

Create a VPC endpoint for the S3 bucket, and create an S3 bucket policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.

C.

Create a service-linked role for Amazon EC2 that allows the EC2 instances to interact directly with Amazon S3, and attach an IAM policy to the role that allows the EC2 instances full access to the S3 bucket.

D.

Create a NAT gateway in the VPC, and modify the VPC route table to route all traffic destined for Amazon S3 through the NAT gateway.

Discussion
Question 65

A company has created a NAT gateway in a public subnet in a VPC. The VPC also contains a private subnet that includes Amazon EC2 instances. The EC2 instances use the NAT gateway to access the internet to download patches and updates. The company has configured a VPC flow log for the elastic network interface of the NAT gateway. The company is publishing the output to Amazon CloudWatch Logs.

A SysOps administrator must identify the top five internet destinations that the EC2 instances in the private subnet communicate with for downloads.

What should the SysOps administrator do to meet this requirement in the MOST operationally efficient way?

Options:

A.

Use AWS CloudTrail Insights events to identify the top five internet destinations.

B.

Use Amazon CloudFront standard logs (access logs) to identify the top five internet destinations.

C.

Use CloudWatch Logs Insights to identify the top five internet destinations.

D.

Change the flow log to publish logs to Amazon S3. Use Amazon Athena to query the log files in Amazon S3.

Discussion
Question 66

A company has a workload that runs on several Amazon EC2 instances. The company must retain the workload's system logs and application logs for 13 months. The logs must be available for the entire 13 months. The termination of an EC2 instance must not result in the loss of log information.

Which solution will meet these requirements?

Options:

A.

Create an Amazon S3 bucket Apply a bucket policy to expire objects after 13 months. Schedule a shell script to periodically copy the logs to the S3 bucket Ensure that the attached instance profile has permissions to copy logs to the S3 bucket.

B.

Create a log group in Amazon CloudWatch Logs. Specify an Expire Events After value of 13 months. Configure the syslog protocol on the EC2 instances to push the logs to the log group. Ensure that the attached instance profile has permissions to push logs to the log group.

C.

Create an Amazon S3 bucket. Apply a bucket policy to expire objects after 13 months. Deploy the unified Amazon CloudWatch agent onto the EC2 instances. Configure the agent to store the logs in the S3 bucket. Ensure that the attached instance profile has permissions to store objects in the S3 bucket,

D.

Create a log group in Amazon CloudWatch Logs. Specify an Expire Events After value of 13 months Deploy the unified CloudWatch agent onto the EC2 instances. Configure the agent to push the logs to the log group. Ensure that the attached instance profile has permissions to push logs to the log group.

Discussion
Hassan
Highly Recommended Dumps… today I passed my exam! Same questions appear. I bought Full Access.
Kasper Oct 20, 2024
Hey wonderful….so same questions , sounds good. Planning to write this week, I will go for full access today.
Peyton
Hey guys. Guess what? I passed my exam. Thanks a lot Cramkey, your provided information was relevant and reliable.
Coby Sep 6, 2024
Thanks for sharing your experience. I think I'll give Cramkey a try for my next exam.
Kingsley
Do anyone guide my how these dumps would be helpful for new students like me?
Haris Sep 11, 2024
Absolutely! They are highly recommended for anyone looking to pass their certification exam. The dumps are easy to understand and follow, making it easier for you to study and retain the information.
Hendrix
Great website with Great Exam Dumps. Just passed my exam today.
Luka Aug 31, 2024
Absolutely. Cramkey Dumps only provides the latest and most updated exam questions and answers.
Cody
I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.
Eric Sep 13, 2024
Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.
Question 67

A company uses AWS CloudFormation to manage a stack of Amazon EC2 instances on AWS. A SysOps administrator needs to keep the instances and all of the instances’ data, even if someone deletes the stack.

Which solution will meet these requirements?

Options:

A.

Set the DeletionPolicy attribute to Snapshot for the EC2 instance resource in the CloudFormation template.

B.

Automate backups by using Amazon Data Lifecycle Manager (Amazon DLM).

C.

Create a backup plan in AWS Backup.

D.

Set the DeletionPolicy attribute to Retain for the EC2 instance resource in the CloudFormation template.

Discussion
Page: 16 / 18
Title
Questions
Posted

SOA-C02
PDF

$36.75  $104.99

SOA-C02 Testing Engine

$43.75  $124.99

SOA-C02 PDF + Testing Engine

$57.75  $164.99