SOA-C01 Online Practice Questions and Answers

An organization has created a Queue named “modularqueue” with SQS. The organization is not performing any operations such as SendMessage, ReceiveMessage, DeleteMessage, GetQueueAttributes, SetQueueAttributes, AddPermission, and RemovePermission on the queue. What can happen in this scenario?

A. AWS SQS sends notification after 15 days for inactivity on queue

B. AWS SQS can delete queue after 30 days without notification

C. AWS SQS marks queue inactive after 30 days

D. AWS SQS notifies the user after 2 weeks and deletes the queue after 3 weeks.

You run a web application with the following components Elastic Load Balancer (EL8), 3 Web/Application

servers, 1 MySQL RDS database with read replicas, and Amazon Simple Storage Service (Amazon S3)

for static content. Average response time for users is increasing slowly.

What three CloudWatch RDS metrics will allow you to identify if the database is the bottleneck? (Choose

three.)

A. The number of outstanding IOs waiting to access the disk.

B. The amount of write latency.

C. The amount of disk space occupied by binary logs on the master.

D. The amount of time a Read Replica DB Instance lags behind the source DB Instance E. The average number of disk I/O operations per second.

Amazon Cognito supports web identity federation through _____.

A. custom sign-in code or own user identities

B. Facebook, Google, and Amazon

C. a configuration check for rules that deny access to specific ports

D. an AWS user group

AWS KMS (Key Management Service) uses symmetric key cryptography to perform encryption and decryption. Symmetric key cryptography uses the same algorithm and key to both encrypt and de-crypt digital data. The unencrypted data is typically called plaintext whether it is text or not, and the encrypted data is typically called _____.

A. ciphertext

B. symtext

C. encryptext

D. cryptext

A company would like to review each change in the infrastructure before deploying updates in its AWS CloudFormation stacks.

Which action will allow an Administrator to understand the impact of these changes before implementation?

A. Implement a blue/green strategy using AWS Elastic Beanstalk.

B. Perform a canary deployment using Application Load Balancers and target groups.

C. Create a change set for the running stack.

D. Submit the update using the UpdateStack API call.

A company has two AWS accounts: development and production. All applications send logs to a specific Amazon S3 bucket for each account, and the Developers are requesting access to the production account S3 buckets to view the logs.

Which is the MOST efficient way to provide the Developers with access?

A. Create an AWS Lambda function with an IAM role attached to it that has access to both accounts’ S3 buckets. Pull the logs from the production S3 bucket to the development S3 bucket.

B. Create IAM users for each Developer on the production account, and add the Developers to an IAM group that provides read-only access to the S3 log bucket.

C. Create an Amazon EC2 bastion host with an IAM role attached to it that has access to the production S3 log bucket, and then provision access for the Developers on the host.

D. Create a resource-based policy for the S3 bucket on the production account that grants access to the development account, and then delegate access in the development account.

A company is running critical applications on Amazon EC2 instances. The company needs to ensure its resources are automatically recovered if they become impaired due to an underlying hardware failure.

Which service can be used to monitor and recover the EC2 instances?

A. Amazon EC2 Systems Manager

B. Amazon Inspector

C. AWS CloudFormation

D. Amazon CloudWatch

A company recently performed a security audit of all its internal applications developed in house. Certain business-critical applications that handle sensitive data were flagged because they use Amazon ES clusters that are open for read/write to a wider user group that intended.

Who is responsible for correcting the issue?

A. AWS Premium Support

B. the Amazon ES team

C. the AWS IAM team

D. a SysOps Administrator

A SysOps administrator must deploy a company's infrastructure as code (laC) The administrator needs to write a single template that can be reused for multiple environments in a safe, repeatable manner How should the administrator meet this requirement by using AWS Cloud Formation?

A. Use duplicate resource definitions for each environment selected based on conditions

B. Use nested stacks to provision the resources

C. Use parameter references and mappings for resource attributes

D. Use AWS Cloud Formation StackSets to provision the resources

A SysOps administrator is deploying a fleet of over 100 Amazon EC2 instances in an Amazon VPC. After the instances are set up and serving clients, a new DNS server needs to be added to the instances for DNS resolution.

What is the MOST efficient way to make this change?

A. Update the DHCP options set for the Amazon VPC.

B. Use AWS OpsWorks to update the DNS server configuration for each instance.

C. Use AWS Systems Manager to update the DMS server configuration for each instance.

D. Write a script to update the DNS server configuration for each instance.