Amazon Web Services transcender aws Certified Associate Soa-c02 Exam Questions And Answers Pdf by May q275 vce pdf

Page: 2 / 19

Exam Name:	AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code:	SOA-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	528 Q&A's	Shared By:	may

Question 8

A company uses AWS Organizations to manage multiple AWS accounts. Corporate policy mandates that only specific AWS Regions can be used to store and process customer data. A SysOps administrator must prevent the provisioning of Amazon EC2 instances in unauthorized Regions by anyone in the company.

What is the MOST operationally efficient solution that meets these requirements?

Options:

Configure AWS CloudTrail in all Regions to record all API activity Create an Amazon EventBridge rule in all unauthorized Regions for ec2:Runlnstances events. Use AWS Lambda to terminate the launched EC2 instances.

In each AWS account, create a managed 1AM policy that uses a Region condition to deny the ec2:Runlnstances action in all unauthorized Regions. Attach this policy to all 1AM groups in each AWS account.

In each AWS account, create an 1AM permissions boundary policy that uses a Region condition to deny the ec2:Runlnstances action in all unauthorized Regions. Attach the permissions boundary policy to all 1AM users in each AWS account.

Create a service control policy (SCP) in AWS Organizations to deny the ec2:Runlnstances action in all unauthorized Regions. Attach this policy to the root level of the organization.

Discussion

Question 9

A SysOps administrator is troubleshooting connection timeouts to an Amazon EC2 instance that has a public IP address. The instance has a private IP address of 172.31.16.139. When the SysOps administrator tries to ping the instance's public IP address from the remote IP address 203.0.113.12, the response is "request timed out." The flow logs contain the following information:

What is one cause of the problem?

Options:

Inbound security group deny rule

Outbound security group deny rule

Network ACL inbound rules

Network ACL outbound rules

Discussion

Cecilia

Yes, I passed my certification exam using Cramkey Dumps.

Helena Sep 19, 2024

Great. Yes they are really effective

Aliza

I used these dumps for my recent certification exam and I can say with certainty that they're absolutely valid dumps. The questions were very similar to what came up in the actual exam.

Jakub Sep 22, 2024

That's great to hear. I am going to try them soon.

Faye

Yayyyy. I passed my exam. I think all students give these dumps a try.

Emmeline Sep 12, 2024

Definitely! I have no doubt new students will find them to be just as helpful as I did.

Reeva

Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.

Amari Sep 1, 2024

Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.

Marley

Hey, I heard the good news. I passed the certification exam!

Jaxson Oct 5, 2024

Yes, I passed too! And I have to say, I couldn't have done it without Cramkey Dumps.

Question 10

A SysOps administrator is reviewing AWS Trusted Advisor warnings and encounters a warning for an S3 bucket policy that has open access permissions. While discussing the issue with the bucket owner, the administrator realizes the S3 bucket is an origin for an Amazon CloudFront web distribution.

Which action should the administrator take to ensure that users access objects in Amazon S3 by using only CloudFront URLs?

Options:

Encrypt the S3 bucket content with Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).

Create an origin access identity and grant it permissions to read objects in the S3 bucket.

Assign an 1AM user to the CloudFront distribution and grant the user permissions in the S3 bucket policy.

Assign an 1AM role to the CloudFront distribution and grant the role permissions in the S3 bucket policy.

Discussion

Question 11

A company runs a website from Sydney, Australia. Users in the United States (US) and Europe are reporting that images and videos are taking a long time to load. However, local testing in Australia indicates no performance issues. The website has a large amount of static content in the form of images and videos that are stored m Amazon S3.

Which solution will result In the MOST Improvement In the user experience for users In the US and Europe?

Options:

Configure AWS PrivateLink for Amazon S3.

Configure S3 Transfer Acceleration.

Create an Amazon CloudFront distribution. Distribute the static content to the CloudFront edge locations

Create an Amazon API Gateway API in each AWS Region. Cache the content locally.