Amazon Web Services certshero free Soa-c02 Updates by Andrei q31 vce pdf

Page: 18 / 19

Exam Name:	AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code:	SOA-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	528 Q&A's	Shared By:	andrei

Question 72

The company wants to improve the security and high availability of a two-tier web application that was rehosted to AWS, currently in a single Availability Zone.

Options (Select TWO):

Options:

Place the web-tier instances in an Auto Scaling group. Configure the Auto Scaling group to support a Multi-AZ deployment into private subnets that are behind an internet-facing Application Load Balancer.

Place the web-tier instances in an Auto Scaling group. Configure the Auto Scaling group in multiple AWS Regions. Deploy the EC2 instances into private subnets that are behind an internet-facing Application Load Balancer.

Launch an additional EC2 instance to host SQL Server. Place the new database EC2 instance in a second AWS Region. Enable replication between the two database EC2 instances.

Use AWS Database Migration Service (AWS DMS) to migrate the database EC2 instance to Amazon RDS for SQL Server with Multi-AZ Database Mirroring (DBM).

Use AWS Database Migration Service (AWS DMS) to migrate the database EC2 instance to Amazon DynamoDB.

Discussion

Question 73

A company has a critical serverless application that uses multiple AWS Lambda functions. Each Lambda function generates 1 GB of log data daily in tts own Amazon CloudWatch Logs log group. The company's security team asks for a count of application errors, grouped by type, across all of the log groups.

What should a SysOps administrator do to meet this requirement?

Options:

Perform a CloudWatch Logs Insights query that uses the stats command and count function.

Perform a CloudWatch Logs search that uses the groupby keyword and count function.

Perform an Amazon Athena query that uses the SELECT and GROUP BY keywords.

Perform an Amazon RDS query that uses the SELECT and GROUP BY keywords.

Discussion

Question 74

A company monitors its account activity using AWS CloudTrail. and is concerned that some log files are being tampered with after the logs have been delivered to the account's Amazon S3 bucket.

Moving forward, how can the SysOps administrator confirm that the log files have not been modified after being delivered to the S3 bucket?

Options:

Stream the CloudTrail logs to Amazon CloudWatch Logs to store logs at a secondary location.

Enable log file integrity validation and use digest files to verify the hash value of the log file.

Replicate the S3 log bucket across regions, and encrypt log files with S3 managed keys.

Enable S3 server access logging to track requests made to the log bucket for security audits.

Discussion

Atlas

What are these Dumps? Would anybody please explain it to me.

Reign Aug 14, 2024

These are exam dumps for a variety of IT certifications. They have a vast collection of updated questions and answers, which are very helpful in preparing for the exams.

Vienna

I highly recommend them. They are offering exact questions that we need to prepare our exam.

Jensen Oct 9, 2024

That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Neve

Will I be able to achieve success after using these dumps?

Rohan Oct 24, 2024

Absolutely. It's a great way to increase your chances of success.

Josie

I just passed my certification exam using their dumps and I must say, I was thoroughly impressed.

Fatimah Oct 24, 2024

You’re right. The dumps were authentic and covered all the important topics. I felt confident going into the exam and it paid off.

Marley

Hey, I heard the good news. I passed the certification exam!

Jaxson Oct 5, 2024

Yes, I passed too! And I have to say, I couldn't have done it without Cramkey Dumps.

Question 75

A company needs to deploy a new workload on AWS. The company must encrypt all data at rest and must rotate the encryption keys once each year. The workload uses an Amazon RDS for MySQL Multi-AZ database for data storage.

Which configuration approach will meet these requirements?

Options:

Enable Transparent Data Encryption (TDE) in the MySQL configuration file. Manually rotate the key every 12 months.

Enable RDS encryption on the database at creation time by using the AWS managed key for Amazon RDS.

Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable RDS encryption on the database at creation time by using the KMS key.

Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable encryption on the Amazon Elastic Block Store (Amazon EBS) volumes that are attached to the RDS DB instance.