CertsTopics Logo

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Ace Your SOA-C01 AWS Certified Associate Exam

Page: 9 / 10
Total 263 questions
Get SOA-C01 Full Access Download SOA-C01 PDF

AWS Certified SysOps Administrator - Associate Questions and Answers

Question 33

The Security team has decided that there will be no public internet access to HTTP (TCP port 80) because if it is moving to HTTPS for all incoming web traffic. The team has asked a SysOps Administrator to provide a report on any security groups that are not compliant.

What should the SysOps Administrator do to provide near real-time compliance reporting?

Options:

A.

Enable AWS Trusted Advisor and show the Security team that the Security Groups unrestricted access check will alarm.

B.

Schedule an AWS Lambda function to run hourly to scan and evaluate all security groups, and send a report to the Security team.

C.

Use AWS Config to enable the restricted-common-ports rule, and add port 80 to the parameters.

D.

Use Amazon Inspector to evaluate the security groups during scans, and send the completed reports to the Security team.

Question 34

A SysOps Administrator has configured a CloudWatch agent to send custom metrics to Amazon CloudWatch and is now assembling a CloudWatch dashboard to display these metrics.

What steps should be the Administrator take to complete this task?

Options:

A.

Select the AWS Namespace, filter by metric name, then add to the dashboard.

B.

Add a text widget, select the appropriate metric from the custom namespace, then add to the dashboard.

C.

Select the appropriate widget and metrics from the custom namespace, then add to the dashboard.

D.

Open the CloudWatch console, from the CloudWatch Events, add all custom metrics.

Question 35

A company is managing a website with a global user base hosted on Amazon EC2 with an Application Load Balancer (ALB). To reduce the load on the web servers, a SysOps administrator configures an Amazon CloudFront distribution with the ALB as the origin After a week of monitoring the solution, the administrator notices that requests are still being served by the ALB and there is no change in the web server load.

What are possible causes tor this problem? (Select TWO.)

Options:

A.

CloudFront does not have the ALB configured as the origin access identity.

B.

The DNS is still pointing to the ALB instead of the CloudFront distribution.

C.

The ALB security group is not permitting inbound traffic from CloudFront.

D.

The default, minimum, and maximum Time to Live (TTL) are set to 0 seconds on the CloudFront distribution.

E.

The target groups associated with the ALB are configured for sticky sessions.

Question 36

A company is using AWS Storage Gateway to create block storage volumes and mount them as Internet Small Computer Systems Interlace (iSCSI) devices from on-premise! servers As the Storage Gateway has taken on several new projects some of the Development teams report that the performance of the iSCSI drives has degraded. When checking the Amazon CloudWatch metrics a SysOps Administrator notices that the cachePercentUsed metric is below 60% and the cachePercentUsed metric is above 90%.

What steps should the Administrator take to increase Storage Gateway performance?

Options:

A.

Change the default block size for the Storage Gateway from 64 KB to 128 KB 256 KB or 512 KB to improve I/O performance

B.

Create a larger disk for the cached volume. In the AWS Management Console. edit the local disks then select the new disk as the cached volume

C.

Ensure that the physical disks for the Storage Gateway are in a RAID 1 configuration to allow higher throughput

D.

Take point in time snapshots of all the volumes in Storage Gateway flush the cache completely then restore the volumes from the clean snapshots

Page: 9 / 10
Total 263 questions
Get SOA-C01 Full Access Download SOA-C01 PDF