CertsTopics Logo

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Changed SOA-C02 Exam Questions

Page: 2 / 15
Total 393 questions
Get SOA-C02 Full Access Download SOA-C02 PDF

AWS Certified SysOps Administrator - Associate (SOA-C02) Questions and Answers

Question 5

A company is managing many accounts by using a single organization in AWS Organizations. The organization has all features enabled. The company wants to turn on AWS Config in all the accounts of the organization and in all AWS Regions.

What should a Sysops administrator do to meet these requirements in the MOST operationally efficient way?

Options:

A.

Use AVVS CloudFormation StackSets to deploy stack instances that turn on AWS Config in all accounts and in all Regions.

B.

Use AWS CloudFormation StackSets to deploy stack policies that turn on AWS Config in all accounts and in all Regions.

C.

Use service control policies (SCPs) to configure AWS Config in all accounts and in all Regions.

D.

Create a script that uses the AWS CLI to turn on AWS Config in all accounts in the organization. Run the script from the organization's management account.

Question 6

A recent audit found that most resources belonging to the development team were in violation of patch compliance standards The resources were properly tagged Which service should be used to quickly remediate the issue and bring the resources back into compliance?

Options:

A.

AWS Config

B.

Amazon Inspector

C.

AWS Trusted Advisor

D.

AWS Systems Manager

Question 7

A company is supposed to receive a data file every hour in an Amazon S3 bucket. An S3 event notification invokes an AWS Lambda function each time a file arrives. The function processes the data for use by an application.

The application team notices that sometimes the file does not arrive. The application team wants to receive a notification whenever the file does not arrive.

What is the MOST operationally efficient solution that meets these requirements?

Options:

A.

Add an S3 Lifecycle rule on the S3 bucket with a scope that is limited to objects that were created in the last hour. Configure another S3 event notification to be invoked by the lifecycle transition when the number of objects transitioned is zero. Publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify the application team.

B.

Configure another S3 event notification to invoke a Lambda function that posts a message to an Amazon Simple Queue Service (Amazon SQS) queue. Create an Amazon CloudWatch alarm to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify the application team when the ApproximateAgeOfOldestMessage metric of the queue is greater than 1 hour.

C.

Create an Amazon CloudWatch alarm to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to alert the application team when the Invocations metric of the Lambda function is zero for an hour. Configure the alarm to treat missing data as breaching.

D.

Create a new Lambda function to get the timestamp of the newest file in the S3 bucket. If the timestamp is more than 1 hour ago, publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to notify the application team. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to invoke the new function hourly.

Question 8

A company is creating a new multi-account architecture. A Sysops administrator must implement a login solution to centrally manage

user access and permissions across all AWS accounts. The solution must be integrated with AWS Organizations and must be connected to a third-party Security Assertion Markup Language (SAML) 2.0 identity provider (IdP).

What should the SysOps administrator do to meet these requirements?

Options:

A.

Configure an Amazon Cognito user pool. Integrate the user pool with the third-party IdP.

B.

Enable and configure AWS Single Sign-On with the third-party IdP.

C.

Federate the third-party IdP with AWS Identity and Access Management (IAM) for each AWS account in the organization.

D.

Integrate the third-party IdP directly with AWS Organizations.

Page: 2 / 15
Total 393 questions
Get SOA-C02 Full Access Download SOA-C02 PDF