SOA-C01 | A Review Of Top Quality SOA-C01 Dump

Master the SOA-C01 AWS Certified SysOps Administrator - Associate content and be ready for exam day success quickly with this Actualtests SOA-C01 simulations. We guarantee it!We make it a reality and give you real SOA-C01 questions in our Amazon-Web-Services SOA-C01 braindumps.Latest 100% VALID Amazon-Web-Services SOA-C01 Exam Questions Dumps at below page. You can use our Amazon-Web-Services SOA-C01 braindumps and pass your exam.

Also have SOA-C01 free dumps questions for you:

A user has configured a VPC with a new subnet. The user has created a security group. The user wants to configure that instances of the same subnet communicate with each other. How can the user configure this with the security group?

  • A. There is no need for a security group modification as all the instances can communicate with each other inside the same subnet
  • B. Configure the subnet as the source in the security group and allow traffic on all the protocols and ports
  • C. Configure the security group itself as the source and allow traffic on all the protocols and ports
  • D. The user has to use VPC peering to configure this

Answer: C

A Virtual Private Cloud (VPC. is a virtual network dedicated to the user??s AWS account. AWS provides two features that the user can use to increase security in VPC: security groups and network ACLs. Security groups work at the instance level. If the user is using the default security group it will have a rule which allows the instances to communicate with other. For a new security group the user has to specify the rule, add it to define the source as the security group itself, and select all the protocols and ports for that source.

A user has created a launch configuration for Auto Scaling where CloudWatch detailed monitoring is disabled. The user wants to now enable detailed monitoring. How can the user achieve this?

  • A. Update the Launch config with CLI to set InstanceMonitoringDisabled = false
  • B. The user should change the Auto Scaling group from the AWS console to enable detailed monitoring
  • C. Update the Launch config with CLI to set InstanceMonitoring.Enabled = true
  • D. Create a new Launch Config with detail monitoring enabled and update the Auto Scaling group

Answer: D

CloudWatch is used to monitor AWS as well as the custom services. To enable detailed instance monitoring for a new Auto Scaling group, the user does not need to take any extra steps. When the user creates the AutoScaling launch config as the first step for creating an Auto Scaling group, each launch configuration contains a flag named InstanceMonitoring.Enabled. The default value of this flag is true. When the user has created a launch configuration with InstanceMonitoring.Enabled = false it will involve multiple steps to enable detail monitoring. The steps are:
Create a new Launch config with detailed monitoring enabled Update the Auto Scaling group with a new launch config Enable detail monitoring on each EC2 instance

A user has created an ELB with three instances. How many security groups will ELB create by default?

  • A. 3
  • B. 5
  • C. 2
  • D. 1

Answer: C

Elastic Load Balancing provides a special Amazon EC2 source security group that the user can use to ensure that back-end EC2 instances receive traffic only from Elastic Load Balancing. This feature needs two security groups: the source security group and a security group that defines the ingress rules for the back-end instances. To ensure that traffic only flows between the load balancer and the back-end instances, the user can add or modify a rule to the back-end security group which can limit the ingress traffic. Thus, it can come only from the source security group provided by Elastic Load Balancing.

A user has enabled termination protection on an EC2 instance. The user has also set Instance initiated shutdown behaviour to terminate. When the user shuts down the instance from the OS, what will happen?

  • A. The OS will shutdown but the instance will not be terminated due to protection
  • B. It will terminate the instance
  • C. It will not allow the user to shutdown the instance from the OS
  • D. It is not possible to set the termination protection when an Instance initiated shutdown is set to Terminate

Answer: B

It is always possible that someone can terminate an EC2 instance using the Amazon EC2 console, command line interface or API by mistake. If the admin wants to prevent the instance from being accidentally terminated, he can enable termination protection for that instance. The user can also setup shutdown behaviour for an EBS backed instance to guide the instance on what should be done when he initiates shutdown from the OS using Instance initiated shutdown behaviour. If the instance initiated behaviour is set to terminate and the user shuts off the OS even though termination protection is enabled, it will still terminate the instance.

A sys admin is trying to understand the sticky session algorithm. Please select the correct sequence of steps, both when the cookie is present and when it is not, to help the admin understand the implementation of the sticky session:
ELB inserts the cookie in the response
ELB chooses the instance based on the load balancing algorithm Check the cookie in the service request
The cookie is found in the request
The cookie is not found in the request

  • A. 3,1,4,2 [Cookie is not Present] & 3,1,5,2 [Cookie is Present]
  • B. 3,4,1,2 [Cookie is not Present] & 3,5,1,2 [Cookie is Present]
  • C. 3,5,2,1 [Cookie is not Present] & 3,4,2,1 [Cookie is Present]
  • D. 3,2,5,4 [Cookie is not Present] & 3,2,4,5 [Cookie is Present]

Answer: C

Generally AWS ELB routes each request to a zone with the minimum load. The Elastic Load Balancer provides a feature called sticky session which binds the user??s session with a specific EC2 instance. The load balancer uses a special load-balancer-generated cookie to track the application instance for each request. When the load balancer receives a request, it first checks to see if this cookie is present in the request. If so, the request is sent to the application instance specified in the cookie. If there is no cookie, the load balancer chooses an application instance based on the existing load balancing algorithm. A cookie is inserted into the response for binding subsequent requests from the same user to that application instance.

A user is trying to understand the ACL and policy for an S3 bucket. Which of the below mentioned policy permissions is equivalent to the WRITE ACL on a bucket?

  • A. s3:GetObjectAcl
  • B. s3:GetObjectVersion
  • C. s3:ListBucketVersions
  • D. s3:DeleteObject

Answer: D

Amazon S3 provides a set of operations to work with the Amazon S3 resources. Each AWS S3 bucket can have an ACL (Access Control List. or bucket policy associated with it. The WRITE ACL list allows the other AWS accounts to write/modify to that bucket. The equivalent S3 bucket policy permission for it is

When assessing an organization s use of AWS API access credentials which of the following three credentials should be evaluated? Choose 3 answers

  • A. Key pairs
  • B. Console passwords
  • C. Access keys
  • D. Signing certificates
  • E. Security Group memberships

Answer: ACD


A user has configured an HTTPS listener on an ELB. The user has not configured any security policy which can help to negotiate SSL between the client and ELB. What will ELB do in this scenario?

  • A. By default ELB will select the first version of the security policy
  • B. By default ELB will select the latest version of the policy
  • C. ELB creation will fail without a security policy
  • D. It is not required to have a security policy since SSL is already installed

Answer: B

Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. If
the user has created an HTTPS/SSL listener without associating any security policy, Elastic Load Balancing will, by default, associate the latest version of the ELBSecurityPolicy-YYYY-MM with the load balancer.

A user is planning to evaluate AWS for their internal use. The user does not want to incur any charge on his account during the evaluation. Which of the below mentioned AWS services would incur a charge if used?

  • A. AWS S3 with 1 GB of storage
  • B. AWS micro instance running 24 hours daily
  • C. AWS ELB running 24 hours a day
  • D. AWS PIOPS volume of 10 GB size

Answer: D

AWS is introducing a free usage tier for one year to help the new AWS customers get started in Cloud. The free tier can be used for anything that the user wants to run in the Cloud. AWS offers a handful of AWS services as a part of this which includes 750 hours of free micro instances and 750 hours of ELB. It includes the AWS S3 of 5 GB and AWS EBS general purpose volume upto 30 GB. PIOPS is not part of free usage tier.

You have decided to change the Instance type for instances running In your application tier that are using Auto Scaling.
In which area below would you change the instance type definition?

  • A. Auto Scaling launch configuration
  • B. Auto Scaling group
  • C. Auto Scaling policy
  • D. Auto Scaling tags

Answer: A


A user has launched an EBS backed instance with EC2-Classic. The user stops and starts the instance. Which of the below mentioned statements is not true with respect to the stop/start action?

  • A. The instance gets new private and public IP addresses
  • B. The volume is preserved
  • C. The Elastic IP remains associated with the instance
  • D. The instance may run on a anew host computer

Answer: C

A user can always stop/start an EBS backed EC2 instance. When the user stops the instance, it first enters the stopping state, and then the stopped state. AWS does not charge the running cost but charges only for the EBS storage cost. If the instance is running in EC2-Classic, it receives a new private IP address; as the Elastic IP address (EIP. associated with the instance is no longer associated with that instance.

A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. Which of the below mentioned security policies is supported by ELB?

  • A. Dynamic Security Policy
  • B. All the other options
  • C. Predefined Security Policy
  • D. Default Security Policy

Answer: C

Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. ELB supports two policies:
Predefined Security Policy, which comes with predefined cipher and SSL protocols; Custom Security Policy, which allows the user to configure a policy.

A user has granted read/write permission of his S3 bucket using ACL. Which of the below mentioned options is a valid ID to grant permission to other AWS accounts (grantee. using ACL?

  • A. IAM User ID
  • B. S3 Secure ID
  • C. Access ID
  • D. Canonical user ID

Answer: D

An S3 bucket ACL grantee can be an AWS account or one of the predefined Amazon S3 groups. The user can grant permission to an AWS account by the email address of that account or by the canonical user ID. If the user provides an email in the grant request, Amazon S3 finds the canonical user ID for that account and adds it to the ACL. The resulting ACL will always contain the canonical user ID for the AWS account, and not the AWS account's email address.

A user is creating a CloudFormation stack. Which of the below mentioned limitations does not hold true for CloudFormation?

  • A. One account by default is limited to 100 templates
  • B. The user can use 60 parameters and 60 outputs in a single template
  • C. The template, parameter, output, and resource description fields are limited to 4096 characters
  • D. One account by default is limited to 20 stacks

Answer: A

AWS CloudFormation is an application management tool which provides application modelling, deployment, configuration, management and related activities. The limitations given below apply to the CloudFormation template and stack. There are no limits to the number of templates but each AWS CloudFormation account is limited to a maximum of 20 stacks by default. The Template, Parameter, Output, and Resource description fields are limited to 4096 characters. The user can include up to 60 parameters and 60 outputs in a template.

A user has configured ELB with Auto Scaling. The user suspended the Auto Scaling AlarmNotification (which notifies Auto Scaling for CloudWatch alarms. process for a while. What will Auto Scaling do during this period?

  • A. AWS will not receive the alarms from CloudWatch
  • B. AWS will receive the alarms but will not execute the Auto Scaling policy
  • C. Auto Scaling will execute the policy but it will not launch the instances until the process is resumed
  • D. It is not possible to suspend the AlarmNotification process

Answer: B

Auto Scaling performs various processes, such as Launch, Terminate Alarm Notification etc. The user can also suspend individual process. The AlarmNotification process type accepts notifications from the Amazon CloudWatch alarms that are associated with the Auto Scaling group. If the user suspends this process type, Auto Scaling will not automatically execute the scaling policies that would be triggered by the alarms.

A user has recently started using EC2. The user launched one EC2 instance in the default subnet in EC2-VPC Which of the below mentioned options is not attached or available with the EC2 instance when it is launched?

  • A. Public IP address
  • B. Internet gateway
  • C. Elastic IP
  • D. Private IP address

Answer: C

A Virtual Private Cloud (VPC. is a virtual network dedicated to a user??s AWS account. A subnet is a range of IP addresses in the VPC. The user can launch the AWS resources into a subnet. There are two supported platforms into which a user can launch instances: EC2-Classic and EC2-VPC (default subnet. A default VPC has all the benefits of EC2-VPC and the ease of use of EC2-Classic. Each instance that the user launches into a default subnet has a private IP address and a public IP address. These instances can communicate with the internet through an internet gateway. An internet gateway enables the EC2 instances to connect to the internet through the Amazon EC2 network edge.

A user has scheduled the maintenance window of an RDS DB on Monday at 3 AM. Which of the below
mentioned events may force to take the DB instance offline during the maintenance window?

  • A. Enabling Read Replica
  • B. Making the DB Multi AZ
  • C. DB password change
  • D. Security patching

Answer: D

Amazon RDS performs maintenance on the DB instance during a user-definable maintenance window. The system may be offline or experience lower performance during that window. The only maintenance events that may require RDS to make the DB instance offline are:
Scaling compute operations
Software patching. Required software patching is automatically scheduled only for patches that are security
and durability related. Such patching occurs infrequently (typically once every few months. and seldom
requires more than a fraction of the maintenance window.

An organization has configured Auto Scaling for hosting their application. The system admin wants to understand the Auto Scaling health check process. If the instance is unhealthy, Auto Scaling launches an instance and terminates the unhealthy instance. What is the order execution?

  • A. Auto Scaling launches a new instance first and then terminates the unhealthy instance
  • B. Auto Scaling performs the launch and terminate processes in a random order
  • C. Auto Scaling launches and terminates the instances simultaneously
  • D. Auto Scaling terminates the instance first and then launches a new instance

Answer: D

Auto Scaling keeps checking the health of the instances at regular intervals and marks the instance for replacement when it is unhealthy. The ReplaceUnhealthy process terminates instances which are marked as unhealthy and subsequently creates new instances to replace them. This process first terminates the instance and then launches a new instance.

A user is trying to connect to a running EC2 instance using SSH. However, the user gets a Host key not found error. Which of the below mentioned options is a possible reason for rejection?

  • A. The user has provided the wrong user name for the OS login
  • B. The instance CPU is heavily loaded
  • C. The security group is not configured properly
  • D. The access key to connect to the instance is wrong

Answer: A

If the user is trying to connect to a Linux EC2 instance and receives the Host Key not found error the probable reasons are:
The private key pair is not right The user name to login is wrong

An organization is using AWS since a few months. The finance team wants to visualize the pattern of AWS spending. Which of the below AWS tool will help for this requirement?

  • A. AWS Cost Manager
  • B. AWS Cost Explorer
  • C. AWS CloudWatch
  • D. AWS Consolidated Billing

Answer: B

The AWS Billing and Cost Management console includes the Cost Explorer tool for viewing AWS cost
data as a graph. It does not charge extra to user for this service. With Cost Explorer the user can filter graphs using resource tags or with services in AWS. If the organization is using Consolidated Billing it helps generate report based on linked accounts. This will help organization to identify areas that require further inquiry. The organization can view trends and use that to understand spend and to predict future costs.


P.S. now are offering 100% pass ensure SOA-C01 dumps! All SOA-C01 exam questions have been updated with correct answers: (639 New Questions)