Winter Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: big60

Amazon Web Services Updated SOA-C02 Exam Questions and Answers by orin

Page: 8 / 18

Amazon Web Services SOA-C02 Exam Overview :

Exam Name: AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code: SOA-C02 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Associate
Questions: 485 Q&A's Shared By: orin
Question 32

The SysOps administrator needs to complete the KMS key policy for least privilege read access for the DataEngineer role to decrypt S3 objects encrypted with a KMS key.

Options:

Options:

A.

"kms:ReEncrypt", "kms:GenerateDataKey*", "kms:Encrypt", "kms:DescribeKey"

B.

"kms:ListAliases", "kms:GetKeyPolicy", "kms:Describe*", "kms:Decrypt"

C.

"kms:ListAliases", "kms:DescribeKey", "kms:Decrypt"

D.

"kms:Update*", "kms:TagResource", "kms:Revoke*", "kms:Put*", "kms:List*", "kms:Get*", "kms:Enable*", "kms:Disable*", "kms:Describe*", "kms:Delete*", "kms:Create*", "kms:CancelKeyDeletion"

Discussion
Freddy
I passed my exam with flying colors and I'm confident who will try it surely ace the exam.
Aleksander Sep 26, 2024
Thanks for the recommendation! I'll check it out.
Andrew
Are these dumps helpful?
Jeremiah Oct 27, 2024
Yes, Don’t worry!!! I'm confident you'll find them to be just as helpful as I did. Good luck with your exam!
Alaya
Best Dumps among other dumps providers. I like it so much because of their authenticity.
Kaiden Sep 16, 2024
That's great. I've used other dump providers in the past and they were often outdated or had incorrect information. This time I will try it.
Faye
Yayyyy. I passed my exam. I think all students give these dumps a try.
Emmeline Sep 12, 2024
Definitely! I have no doubt new students will find them to be just as helpful as I did.
Question 33

A compliance learn requites all administrator passwords for Amazon RDS DB instances to be changed at least annually.

Which solution meets this requirement in the MOST operationally efficient manner?

Options:

A.

Store the database credentials in AWS Secrets Manager. Configure automatic rotation for the secret every 365 days.

B.

Store the database credentials as a parameter In the RDS parameter group. Create a database trigger to rotate the password every 365 days.

C.

Store the database credentials in a private Amazon S3 bucket. Schedule an AWS Lambda function to generate a new set of credentials every 365 days.

D.

Store the database credentials in AWS Systems Manager Parameter Store as a secure string parameter. Configure automatic rotation for the parameter every 365 days.

Discussion
Question 34

A company is tunning a website on Amazon EC2 instances thai are in an Auto Scaling group When the website traffic increases, additional instances lake several minutes to become available because ot a long-running user data script that installs software A SysOps administrator must decrease the time that is required (or new instances to become available

Which action should the SysOps administrator take to meet this requirement?

Options:

A.

Reduce the scaling thresholds so that instances are added before traffic increases

B.

Purchase Reserved Instances to cover 100% of the maximum capacity of the Auto Scaling group

C.

Update the Auto Scaling group to launch instances that have a storage optimized instance type

D.

Use EC2 Image Builder to prepare an Amazon Machine Image (AMI) that has pre-installed software

Discussion
Question 35

A company has an AWS Config rule that identifies open SSH ports in security groups. The rule has an automatic remediation action to delete the SSH inbound rule for noncompliant security groups. However, business units require SSH access and can provide a list of trusted IPs to restrict access.

Options:

Options:

A.

Create a new AWS Systems Manager Automation runbook that adds an IP set to the security group's inbound rule. Update the AWS Config rule to change the automatic remediation action to use the new runbook.

B.

Create a new AWS Systems Manager Automation runbook that updates the security group’s inbound rule with the IP addresses from the business units. Update the AWS Config rule to change the automatic remediation action to use the new runbook.

C.

Create an AWS Lambda function that adds an IP set to the security group's inbound rule. Update the AWS Config rule to change the automatic remediation action to use the Lambda function.

D.

Create an AWS Lambda function that updates the security group's inbound rule with the IP addresses from the business units. Update the AWS Config rule to change the automatic remediation action to use the Lambda function.

Discussion
Page: 8 / 18
Title
Questions
Posted

SOA-C02
PDF

$42  $104.99

SOA-C02 Testing Engine

$50  $124.99

SOA-C02 PDF + Testing Engine

$66  $164.99