SOA-C01 | Top Tips Of Replace SOA-C01 Actual Exam

Act now and download your Amazon-Web-Services SOA-C01 test today! Do not waste time for the worthless Amazon-Web-Services SOA-C01 tutorials. Download Far out Amazon-Web-Services AWS Certified SysOps Administrator - Associate exam with real questions and answers and begin to learn Amazon-Web-Services SOA-C01 with a classic professional.

Free SOA-C01 Demo Online For Amazon-Web-Services Certifitcation:

A user has enabled versioning on an S3 bucket. The user is using server side encryption for data at Rest. If the user is supplying his own keys for encryption (SSE-C., which of the below mentioned statements is true?

  • A. The user should use the same encryption key for all versions of the same object
  • B. It is possible to have different encryption keys for different versions of the same object
  • C. AWS S3 does not allow the user to upload his own keys for server side encryption
  • D. The SSE-C does not work when versioning is enabled

Answer: B

AWS S3 supports client side or server side encryption to encrypt all data at rest. The server side encryption can either have the S3 supplied AES-256 encryption key or the user can send the key along with each API call to supply his own encryption key (SSE-C.. If the bucket is versioning-enabled, each object version uploaded by the user using the SSE-C feature can have its own encryption key. The user is responsible for tracking which encryption key was used for which object's version

A sys admin is maintaining an application on AWS. The application is installed on EC2 and user has configured ELB and Auto Scaling. Considering future load increase, the user is planning to launch new servers proactively so that they get registered with ELB. How can the user add these instances with Auto Scaling?

  • A. Increase the desired capacity of the Auto Scaling group
  • B. Increase the maximum limit of the Auto Scaling group
  • C. Launch an instance manually and register it with ELB on the fly
  • D. Decrease the minimum limit of the Auto Scaling grou

Answer: A

A user can increase the desired capacity of the Auto Scaling group and Auto Scaling will launch a new instance as per the new capacity. The newly launched instances will be registered with ELB if Auto Scaling group is configured with ELB. If the user decreases the minimum size the instances will be removed from Auto Scaling. Increasing the maximum size will not add instances but only set the maximum instance cap.

A user has deployed an application on his private cloud. The user is using his own monitoring tool. He wants to configure that whenever there is an error, the monitoring tool should notify him via SMS. Which of the below mentioned AWS services will help in this scenario?

  • A. None because the user infrastructure is in the private cloud
  • B. AWS SNS
  • C. AWS SES
  • D. AWS SMS

Answer: B

Amazon Simple Notification Service (Amazon SNS. is a fast, flexible, and fully managed push messaging service. Amazon SNS can be used to make push notifications to mobile devices. Amazon SNS can deliver notifications by SMS text message or email to the Amazon Simple Queue Service
(SQS. queues or to any HTTP endpoint. In this case user can use the SNS apis to send SMS.

You have private video content in S3 that you want to serve to subscribed users on the Internet. User IDs, credentials, and subscriptions are stored in an Amazon RDS database.
Which configuration will allow you to securely serve private content to your users?

  • A. Generate pre-signed URLs for each user as they request access to protected S3 content
  • B. Create an IAM user for each subscribed user and assign the GetObject permission to each IAM user
  • C. Create an S3 bucket policy that limits access to your private content to only your subscribed users' credentials
  • D. Create a CloudFront Origin Identity user for your subscribed users and assign the GetObject permission to this user

Answer: D

Reference: CloudFront

A user has launched an EBS backed instance. The user started the instance at 9 AM in the morning. Between 9 AM to 10 AM, the user is testing some script. Thus, he stopped the instance twice and restarted it. In the same hour the user rebooted the instance once. For how many instance hours will AWS charge the user?

  • A. 3 hours
  • B. 4 hours
  • C. 2 hours
  • D. 1 hour

Answer: A

A user can stop/start or reboot an EC2 instance using the AWS console, the Amazon EC2 CLI or the Amazon EC2 API. Rebooting an instance is equivalent to rebooting an operating system. When the instance is rebooted AWS will not charge the user for the extra hours. In case the user stops the instance, AWS does not charge the running cost but charges only the EBS storage cost. If the user starts and stops the instance multiple times in a single hour, AWS will charge the user for every start and stop. In this case, since the instance was rebooted twice, it will cost the user for 3 instance hours.

A user is trying to launch an EBS backed EC2 instance under free usage. The user wants to achieve encryption of the EBS volume. How can the user encrypt the data at rest?

  • A. Use AWS EBS encryption to encrypt the data at rest
  • B. The user cannot use EBS encryption and has to encrypt the data manually or using a third party tool
  • C. The user has to select the encryption enabled flag while launching the EC2 instance
  • D. Encryption of volume is not available as a part of the free usage tier

Answer: B

AWS EBS supports encryption of the volume while creating new volumes. It supports encryption of the data at rest, the I/O as well as all the snapshots of the EBS volume. The EBS supports encryption for the selected instance type and the newer generation instances, such as m3, c3, cr1, r3, g2. It is not supported with a micro instance.

A company operate a secure website running an Amazon EC2 instance behind a Classic Load Balancer. An SSL certificate from AWS Certificate Manager is deployment on the load balancer. The company's Marketing team has determined that too many customer using older browser are experiencing issues with the website has asked a SysOps Administrator to fix this issue.
What course of action should the administrator take?

  • A. Update the SSL negotiation configuration of the load balancer by creating a custom security polic
  • B. Ensure the appropriate cipher has been enabled so that the web application can support the webbrowser.
  • C. Create a separate Classic Load Balancer and install custom SSL certificate with a different domain name on it that support the web browse
  • D. Ask customer with the affected browser to use this domain name instead of the one they are accustomed to using.
  • E. Create a new SSL certificate in Certificate Manager and install this certificate on each of the servers to accommodates the web browsers.
  • F. Remove the load balancer from the configuration and instead install a custom SSL certificate on each of the web servers.

Answer: A

Update the SSL Negotiation Configuration of Your Classic Load Balancer
Elastic Load Balancing provides security policies that have predefined SSL negotiation configurations to use to negotiate SSL connections between clients and your load balancer. If you are using the HTTPS/SSL protocol for your listener, you can use one of the predefined security policies, or use your own custom security policy.
For more information about the security policies, see SSL Negotiation Configurations for Classic Load Balancers. For information about the configurations of the security policies provided by Elastic Load Balancing, see Predefined SSL Security Policies.
If you create an HTTPS/SSL listener without associating a security policy, Elastic Load Balancing associates the default predefined security policy, ELBSecurityPolicy-2016-08, with your load balancer. If you have an existing load balancer with an SSL negotiation configuration that does not use the latest protocols and ciphers, we recommend that you update your load balancer to use ELBSecurityPolicy-2016-08. If you prefer, you can create a custom configuration. We strongly recommend that you test the new security policies before you upgrade your load balancer configuration.
The following examples show you how to update the SSL negotiation configuration for an HTTPS/SSL listener. Note that the change does not affect requests that were received by a load balancer node and are pending routing to a healthy instance, but the updated configuration will be used with new requests that are received.

You have an Auto Scaling group associated with an Elastic Load Balancer (ELB). You have noticed that instances launched via the Auto Scaling group are being marked unhealthy due to an ELB health check, but these unhealthy instances are not being terminated.
What do you need to do to ensure trial instances marked unhealthy by the ELB will be terminated and replaced?

  • A. Change the thresholds set on the Auto Scaling group health check
  • B. Add an Elastic Load Balancing health check to your Auto Scaling group
  • C. Increase the value for the Health check interval set on the Elastic Load Balancer
  • D. Change the health check set on the Elastic Load Balancer to use TCP rather than HTTP checks

Answer: B

Add an Elastic Load Balancing Health Check to your Auto Scaling Group
By default, an Auto Scaling group periodically reviews the results of EC2 instance status to determine the health state of each instance. However, if you have associated your Auto Scaling group with an Elastic Load Balancing load balancer, you can choose to use the Elastic Load Balancing health check. In this case, Auto Scaling determines the health status of your instances by checking the results of both the EC2 instance status check and the Elastic Load Balancing instance health check.
For information about EC2 instance status checks, see Monitor Instances With Status Checks in the Amazon EC2 User Guide for Linux Instances. For information about Elastic Load Balancing health checks, see Health Check in the Elastic Load Balancing Developer Guide.
This topic shows you how to add an Elastic Load Balancing health check to your Auto Scaling group, assuming that you have created a load balancer and have registered the load balancer with your Auto Scaling group. If you have not registered the load balancer with your Auto Scaling group, see Set Up a Scaled and Load-Balanced Application.
Auto Scaling marks an instance unhealthy if the calls to the Amazon EC2 action DescribeInstanceStatus return any state other than running, the system status shows impaired, or the calls to Elastic Load Balancing action DescribeInstanceHealth returns OutOfService in the instance state field.
If there are multiple load balancers associated with your Auto Scaling group, Auto Scaling checks the health state of your EC2 instances by making health check calls to each load balancer. For each call, if the Elastic Load Balancing action returns any state other than InService, the instance is marked as
unhealthy. After Auto Scaling marks an instance as unhealthy, it remains in that state, even if subsequent calls from other load balancers return an InService state for the same instance.

A user has launched an EC2 instance store backed instance in the US-East-1a zone. The user created AMI #1 and copied it to the Europe region. After that, the user made a few updates to the application running in the US-East-1a zone. The user makes an AMI#2 after the changes. If the user launches a new instance in Europe from the AMI #1 copy, which of the below mentioned statements is true?

  • A. The new instance will have the changes made after the AMI copy as AWS just copies the reference of the original AMI during the copyin
  • B. Thus, the copied AMI will have all the updated data
  • C. The new instance will have the changes made after the AMI copy since AWS keeps updating the AMI
  • D. It is not possible to copy the instance store backed AMI from one region to another
  • E. The new instance in the EU region will not have the changes made after the AMI copy

Answer: D

Within EC2, when the user copies an AMI, the new AMI is fully independent of the source AMI; there is no link to the original (source. AMI. The user can modify the source AMI without affecting the new AMI and vice a versa. Therefore, in this case even if the source AMI is modified, the copied AMI of the EU region will not have the changes. Thus, after copy the user needs to copy the new source AMI to the destination region to get those changes.

Which two AWS services provide out-of-the-box user configurable automatic backup-as-a-service and backup rotation options? Choose 2 answers

  • A. Amazon S3
  • B. Amazon RDS
  • C. Amazon EBS
  • D. Amazon Redshift

Answer: BD

By default: at no additional charge, Amazon RDS enables automated backups of your DB Instance with a 1-day retention period. By default: Amazon Redshift enables automated backups of your data warehouse cluster with a 1- day retention period.

A user is trying to understand the CloudWatch metrics for the AWS services. It is required that the
user should first understand the namespace for the AWS services. Which of the below mentioned is not a valid namespace for the AWS services?

  • A. AWS/StorageGateway
  • B. AWS/CloudTrail
  • C. AWS/ElastiCache
  • D. AWS/SWF

Answer: B

Amazon CloudWatch is basically a metrics repository. The AWS product puts metrics into this repository, and the user can retrieve the data or statistics based on those metrics. To distinguish the data for each service, the CloudWatch metric has a namespace. Namespaces are containers for metrics. All AWS services that provide the Amazon CloudWatch data use a namespace string, beginning with "AWS/". All the services which are supported by CloudWatch will have some namespace. CloudWatch does not monitor CloudTrail. Thus, the namespace ??AWS/CloudTrail?? is incorrect.

A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB. During a planned outage how will AWS ensure that a switch from DB to a standby replica will not affect access to the application?

  • A. RDS will have an internal IP which will redirect all requests to the new DB
  • B. RDS uses DNS to switch over to stand by replica for seamless transition
  • C. The switch over changes Hardware so RDS does not need to worry about access
  • D. RDS will have both the DBs running independently and the user has to manually switch over

Answer: B

In the event of a planned or unplanned outage of a DB instance, Amazon RDS automatically switches to a standby replica in another Availability Zone if the user has enabled Multi AZ. The automatic failover mechanism simply changes the DNS record of the DB instance to point to the standby DB instance. As a result, the user will need to re-establish any existing connections to the DB instance. However, as the DNS is the same, the application can access DB seamlessly.

A sys admin has enabled logging on ELB. Which of the below mentioned fields will not be a part of the log file name?

  • A. Load Balancer IP
  • B. EC2 instance IP
  • C. S3 bucket name
  • D. Random string

Answer: B

Elastic Load Balancing access logs capture detailed information for all the requests made to the load balancer. Elastic Load Balancing publishes a log file from each load balancer node at the interval that the user has specified. The load balancer can deliver multiple logs for the same period. Elastic Load Balancing creates log file names in the following format:
??{Bucket}/{Prefix}/AWSLogs/{AWS AccountID}/elasticloadbalancing/{Region}/{Year}/{Month}/{Day}/{AWS
Account ID}_elasticloadbalancing_{Region}_{Load Balancer Name}_{End Time}_{Load Balancer IP}_{Random

Your business is building a new application that will store its entire customer database on a RDS MySQL database, and will have various applications and users that will query that data for different purposes.
Large analytics jobs on the database are likely to cause other applications to not be able to get the query results they need to, before time out. Also, as your data grows, these analytics jobs will start to take more time, increasing the negative effect on the other applications.
How do you solve the contention issues between these different workloads on the same data?

  • A. Enable Multi-AZ mode on the RDS instance
  • B. Use ElastiCache to offload the analytics job data
  • C. Create RDS Read-Replicas for the analytics work
  • D. Run the RDS instance on the largest size possible

Answer: B

Amazon ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud. Amazon ElastiCache improves the performance of web applications by allowing you to retrieve information from a fast, managed, in-memory caching system, instead of relying entirely on slower disk-based databases. The service simplifies and offloads the management, monitoring and operation of in-memory cache environments, enabling your engineering resources to focus on developing applications. Using Amazon ElastiCache, you can not only improve load and response times to user actions and queries, but also reduce the cost associated with scaling web applications.
Amazon ElastiCache automates common administrative tasks required to operate a distributed cache environment. Using Amazon ElastiCache, you can add a caching layer to your application architecture in a matter of minutes via a few clicks of the AWS Management Console. Once a cache cluster is provisioned, Amazon ElastiCache automatically detects and replaces failed cache nodes, providing a resilient system that mitigates the risk of overloaded databases, which slow website and application load times. Through integration with Amazon CloudWatch monitoring, Amazon ElastiCache provides enhanced visibility into key performance metrics associated with your cache nodes. Amazon ElastiCache is protocol-compliant with Memcached and Redis, so code, applications, and popular tools that you use today with your existing Memcached or Redis environments will work seamlessly with the service. As with all Amazon Web Services,

You receive a frantic call from a new DBA who accidentally dropped a table containing all your customers.
Which Amazon RDS feature will allow you to reliably restore your database to within 5 minutes of when the mistake was made?

  • A. Multi-AZ RDS
  • B. RDS snapshots
  • C. RDS read replicas
  • D. RDS automated backup

Answer: D

Reference: zonRDSInstances.html

A root AWS account owner is trying to understand various options to set the permission to AWS S3. Which of the below mentioned options is not the right option to grant permission for S3?

  • A. User Access Policy
  • B. S3 Object Access Policy
  • C. S3 Bucket Access Policy
  • D. S3 ACL

Answer: B

Amazon S3 provides a set of operations to work with the Amazon S3 resources. Managing S3 resource access refers to granting others permissions to work with S3. There are three ways the root account owner can define access with S3:
S3 ACL: The user can use ACLs to grant basic read/write permissions to other AWS accounts.
S3 Bucket Policy: The policy is used to grant other AWS accounts or IAM users permissions for the bucket and the objects in it.
User Access Policy: Define an IAM user and assign him the IAM policy which grants him access to S3.

A company is planning a large marketing campaign that should increase traffic to an AWS-hosted application by at least 10 times normal traffic. A SysOps Administrator is concerned that service limits will be reached with this anticipated traffic. The company has just upgraded to Business Support on the primary account.
How can the Administrator configure the current limits?

  • A. Use the included Infrastructure Event Management benefit of Business Support to review the limits
  • B. Run a service limits report using Amazon QuickSight
  • C. Limits are seated automatically with Business Support and will not cause issues
  • D. Use AWS Trusted Advisor to view current limits

Answer: B

How can an EBS volume that is currently attached to an EC2 instance be migrated from one Availability Zone to another?

  • A. Simply create a new volume in the other AZ and specify the original volume as the source.
  • B. Detach the volume, then use the ec2-migrate-volume command to move it to another AZ.
  • C. Create a snapshot of the volume, and create a new volume from the snapshot in the other AZ.
  • D. Detach the volume and attach it to another EC2 instance in the other AZ.

Answer: C

Snapshots can be used to create multiple new EBS volumes, expand the size of a volume, or move volumes across Availability Zones.

You have a proprietary data store on-premises that must be backed up daily by dumping the data store contents to a single compressed 50GB file and sending the file to AWS. Your SLAs state that any dump file backed up within the past 7 days can be retrieved within 2 hours. Your compliance department has stated that all data must be held indefinitely. The time required to restore the data store from a backup is approximately 1 hour. Your on-premise network connection is capable of sustaining 1gbps to AWS.
Which backup methods to AWS would be most cost-effective while still meeting all of your requirements?

  • A. Send the daily backup files to Glacier immediately after being generated
  • B. Transfer the daily backup files to an EBS volume in AWS and take daily snapshots of the volume
  • C. Transfer the daily backup files to S3 and use appropriate bucket lifecycle policies to send to Glacier
  • D. Host the backup files on a Storage Gateway with Gateway-Cached Volumes and take daily snapshots

Answer: D


A user has setup a web application on EC2. The user is generating a log of the application performance at every second. There are multiple entries for each second. If the user wants to send that data to CloudWatch every minute, what should he do?

  • A. The user should send only the data of the 60th second as CloudWatch will map the receive data timezone with the sent data timezone
  • B. It is not possible to send the custom metric to CloudWatch every minute
  • C. Give CloudWatch the Min, Max, Sum, and SampleCount of a number of every minute
  • D. Calculate the average of one minute and send the data to CloudWatch

Answer: C

Amazon CloudWatch aggregates statistics according to the period length that the user has specified
while getting data from CloudWatch. The user can publish as many data points as he wants with the same or similartime stamps. CloudWatch aggregates them by the period length when the user calls get statistics about those data points. CloudWatch records the average (sum of all items divided by the number of items. of the values received for every 1-minute period, as well as the number of samples, maximum value, and minimum value for the same time period. CloudWatch will aggregate all the data which have time stamps within a one-minute period.


100% Valid and Newest Version SOA-C01 Questions & Answers shared by, Get Full Dumps HERE: (New 639 Q&As)