Download Amazon-Web-Services SOA-C01 Real Exam Online

NEW QUESTION 1
A user is configuring the Multi AZ feature of an RDS DB. The user came to know that this RDS DB does not use the AWS technology, but uses server mirroring to achieve H

• A. Which DB is the user using right now?
• B. My SQL
• C. Oracle
• D. MS SQL
• E. PostgreSQL

Answer: C

Explanation:
Amazon RDS provides high availability and failover support for DB instances using Multi AZ deployments. In a Multi AZ deployment, Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone. Multi AZ deployments for Oracle, PostgreSQL, and MySQL DB instances use Amazon technology, while SQL Server (MS SQL. DB instances use SQL Server Mirroring.

NEW QUESTION 2
A user has launched two EBS backed EC2 instances in the US-East-1a region. The user wants to change the zone of one of the instances. How can the user change it?

• A. Stop one of the instances and change the availability zone
• B. The zone can only be modified using the AWS CLI
• C. From the AWS EC2 console, select the Actions - > Change zones and specify new zone
• D. Create an AMI of the running instance and launch the instance in a separate AZ

Answer: D

Explanation:
With AWS EC2, when a user is launching an instance he can select the availability zone (AZ. at the time of launch. If the zone is not selected, AWS selects it on behalf of the user. Once the instance is launched, the user cannot change the zone of that instance unless he creates an AMI of that instance and launches a new instance from it.

NEW QUESTION 3
A user has launched an EBS backed instance with EC2-Classic. The user stops and starts the instance. Which of the below mentioned statements is not true with respect to the stop/start action?

• A. The instance gets new private and public IP addresses
• B. The volume is preserved
• C. The Elastic IP remains associated with the instance
• D. The instance may run on a anew host computer

Answer: C

Explanation:
A user can always stop/start an EBS backed EC2 instance. When the user stops the instance, it first enters the stopping state, and then the stopped state. AWS does not charge the running cost but charges only for the EBS storage cost. If the instance is running in EC2-Classic, it receives a new private IP address; as the Elastic IP address (EIP. associated with the instance is no longer associated with that instance.

NEW QUESTION 4
An organization is using AWS since a few months. The finance team wants to visualize the pattern of AWS spending. Which of the below AWS tool will help for this requirement?

• A. AWS Cost Manager
• B. AWS Cost Explorer
• C. AWS CloudWatch
• D. AWS Consolidated Billing

Answer: B

Explanation:
The AWS Billing and Cost Management console includes the Cost Explorer tool for viewing AWS cost
data as a graph. It does not charge extra to user for this service. With Cost Explorer the user can filter graphs using resource tags or with services in AWS. If the organization is using Consolidated Billing it helps generate report based on linked accounts. This will help organization to identify areas that require further inquiry. The organization can view trends and use that to understand spend and to predict future costs.

NEW QUESTION 5
A user is running a batch process on EBS backed EC2 instances. The batch process starts a few instances to process hadoop Map reduce jobs which can run between 50 ?V 600 minutes or sometimes for more time. The user wants to configure that the instance gets terminated only when the process is completed. How can the user configure this with CloudWatch?

• A. Setup the CloudWatch action to terminate the instance when the CPU utilization is less than 5%
• B. Setup the CloudWatch with Auto Scaling to terminate all the instances
• C. Setup a job which terminates all instances after 600 minutes
• D. It is not possible to terminate instances automatically

Answer: D

Explanation:
Amazon CloudWatch alarm watches a single metric over a time period that the user specifies and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. The user can setup an action which terminates the instances when their CPU utilization is below a certain threshold for a certain period of time. The EC2 action can either terminate or stop the instance as part of the EC2 action.

NEW QUESTION 6
A user has created an ELB with three instances. How many security groups will ELB create by default?

• A. 3
• B. 5
• C. 2
• D. 1

Answer: C

Explanation:
Elastic Load Balancing provides a special Amazon EC2 source security group that the user can use to ensure that back-end EC2 instances receive traffic only from Elastic Load Balancing. This feature needs two security groups: the source security group and a security group that defines the ingress rules for the back-end instances. To ensure that traffic only flows between the load balancer and the back-end instances, the user can add or modify a rule to the back-end security group which can limit the ingress traffic. Thus, it can come only from the source security group provided by Elastic Load Balancing.

NEW QUESTION 7
A user has moved an object to Glacier using the life cycle rules. The user requests to restore the archive after 6 months. When the restore request is completed the user accesses that archive. Which of the below mentioned statements is not true in this condition?

• A. The archive will be available as an object for the duration specified by the user during the restoration request
• B. The restored object??s storage class will be RRS
• C. The user can modify the restoration period only by issuing a new restore request with the updated period
• D. The user needs to pay storage for both RRS (restore
• E. and Glacier (Archiv
• F. Rates

Answer: B

Explanation:
AWS Glacier is an archival service offered by AWS. AWS S3 provides lifecycle rules to archive and restore objects from S3 to Glacier. Once the object is archived their storage class will change to Glacier. If the user sends a request for restore, the storage class will still be Glacier for the restored object. The user will be paying for both the archived copy as well as for the restored object. The object is available only for the duration specified in the restore request and if the user wants to modify that period, he has to raise another restore request with the updated duration.

NEW QUESTION 8
A user is trying to setup a scheduled scaling activity using Auto Scaling. The user wants to setup the
recurring schedule. Which of the below mentioned parameters is not required in this case?

• A. Maximum size
• B. Auto Scaling group name
• C. End time
• D. Recurrence value

Answer: A

Explanation:
Auto Scaling based on a schedule allows the user to scale the application in response to predictable load changes. The user can also configure the recurring schedule action which will follow the Linux cron format. If the user is setting a recurring event, it is required that the user specifies the Recurrence value (in a cron format., end time (not compulsory but recurrence will stop after this. and the Auto Scaling group for which the scaling activity is to be scheduled.

NEW QUESTION 9
An organization has setup Auto Scaling with ELB. Due to some manual error, one of the instances got rebooted. Thus, it failed the Auto Scaling health check. Auto Scaling has marked it for replacement. How can the system admin ensure that the instance does not get terminated?

• A. Update the Auto Scaling group to ignore the instance reboot event
• B. It is not possible to change the status once it is marked for replacement
• C. Manually add that instance to the Auto Scaling group after reboot to avoid replacement
• D. Change the health of the instance to healthy using the Auto Scaling commands

Answer: D

Explanation:
After an instance has been marked unhealthy by Auto Scaling, as a result of an Amazon EC2 or ELB health check, it is almost immediately scheduled for replacement as it will never automatically recover its health. If the user knows that the instance is healthy then he can manually call the SetInstanceHealth action (or the as-setinstance- health command from CLI. to set the instance's health status back to healthy. Auto Scaling will throw an error if the instance is already terminating or else it will mark it healthy.

NEW QUESTION 10
A company's customers are reporting increased latency while accessing static web contact from Amazon S3. A SysOps Administrator a very high rate of read operations on a particular S3 bucket. What will minimize latency by reducing lead on the S3 bucket?

• A. Migrate the S3 bucket to a region that is end users; geographic locations.
• B. Use cross-region replication to replicate all the data to another region
• C. Create an Amazon Cloud Front distribution with the bucket as the origin.
• D. Use Amazon ElastiCache to cache data being server from Amazon S3

Answer: C

Explanation:
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within
a developer-friendly environment. CloudFront is integrated with AWS ?V both physical locations that are directly connected to the AWS global infrastructure, as well as other AWS services. CloudFront works seamlessly with services including AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing or Amazon EC2 as origins for your applications, and Lambda@Edge to run custom code closer to customers?? users and to customize the user experience. You can get started with the Content Delivery Network in minutes, using the same AWS tools that you're already familiar with: APIs, AWS Management Console, AWS CloudFormation, CLIs, and SDKs. Amazon's CDN offers a simple, pay-as-you-go pricing model with no upfront fees or required long-term contracts, and support for the CDN is included in your existing AWS Support subscription.

NEW QUESTION 11
A user has launched an EC2 instance and deployed a production application in it. The user wants to prohibit any mistakes from the production team to avoid accidental termination. How can the user achieve this?

• A. The user can the set DisableApiTermination attribute to avoid accidental termination
• B. It is not possible to avoid accidental termination
• C. The user can set the Deletion termination flag to avoid accidental termination
• D. The user can set the InstanceInitiatedShutdownBehavior flag to avoid accidental termination

Answer: A

Explanation:
It is always possible that someone can terminate an EC2 instance using the Amazon EC2 console, command line interface or API by mistake. If the admin wants to prevent the instance from being accidentally terminated, he can enable termination protection for that instance. The DisableApiTermination attribute controls whether the instance can be terminated using the console, CLI or API. By default, termination protection is disabled for an EC2 instance. When it is set it will not allow the user to terminate the instance from CLI, API or the console.

NEW QUESTION 12
An organization has created 50 IAM users. The organization has introduced a new policy which will change the access of an IAM user. How can the organization implement this effectively so that there is no need to apply the policy at the individual user level?

• A. Use the IAM groups and add users as per their role to different groups and apply policy to group
• B. The user can create a policy and apply it to multiple users in a single go with the AWS CLI
• C. Add each user to the IAM role as per their organization role to achieve effective policy setup
• D. Use the IAM role and implement access at the role level

Answer: A

Explanation:
With AWS IAM, a group is a collection of IAM users. A group allows the user to specify permissions for a collection of users, which can make it easier to manage the permissions for those users. A group helps an organization manage access in a better way; instead of applying at the individual level, the organization can apply at the group level which is applicable to all the users who are a part of that group.

NEW QUESTION 13
A customer is using AWS for Dev and Test. The customer wants to setup the Dev environment with Cloudformation. Which of the below mentioned steps are not required while using Cloudformation?

• A. Create a stack
• B. Configure a service
• C. Create and upload the template
• D. Provide the parameters configured as part of the template

Answer: B

Explanation:
AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and related activities. AWS CloudFormation introduces two concepts: the template and the stack. The template is a JSON-format, text-based file that describes all the AWS resources required to deploy and run an application. The stack is a collection of AWS resources which are created and managed as a single unit when AWS CloudFormation instantiates a template. While creating a stack, the user uploads the template and provides the data for the parameters if required.

NEW QUESTION 14
A customer has a web application that uses cookie Based sessions to track logged in users It Is deployed on AWS using ELB and Auto Scaling The customer observes that when load increases. Auto Scaling launches new Instances but the load on the easting Instances does not decrease, causing all existing users to have a sluggish experience.
Which two answer choices independently describe a behavior that could be the cause of the sluggish user experience? Choose 2 answers

• A. ELB's normal behavior sends requests from the same user to the same backend instance
• B. ELB's behavior when sticky sessions are enabled causes ELB to send requests in the same session to the same backend instance
• C. A faulty browser is not honoring the TTL of the ELB DNS name.
• D. The web application uses long polling such as comet or websocket
• E. Thereby keeping a connection open to a web server tor a long time
• F. The web application uses long polling such as comet or websocket
• G. Thereby keeping a connection open to a web server for a long time.

Answer: BD

NEW QUESTION 15
An organization has created one IAM user and applied the below mentioned policy to the user. What entitlements do the IAM users avail with this policy?
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ec2:Describe*", "Resource": "*"
},
{
"Effect": "Allow"
"Action": [ "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "cloudwatch:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "autoscaling:Describe*", "Resource": "*"
}
]
}

• A. The policy will allow the user to perform all read only activities on the EC2 services
• B. The policy will allow the user to list all the EC2 resources except EBS
• C. The policy will allow the user to perform all read and write activities on the EC2 services
• D. The policy will allow the user to perform all read only activities on the EC2 services except load Balancing

Answer: D

Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If an organization wants to setup read only access to EC2 for a particular user, they should mention the action in the IAM policy which entitles the user for Describe rights for EC2, CloudWatch, Auto Scaling and ELB. In the policy shown below, the user will have read only access for EC2 and EBS, CloudWatch and Auto Scaling. Since ELB is not mentioned as a
part of the list, the user will not have access to ELB.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ec2:Describe*", "Resource": "*"
},
{
"Effect": "Allow", "Action": [ "cloudwatch:ListMetrics",
"cloudwatch:GetMetricStatistics", "cloudwatch:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "autoscaling:Describe*", "Resource": "*"
}
]
}

NEW QUESTION 16
A SysOps Administrator must run a script on production servers to fix an issue. The company has a policy block all remote interface access to production servers. The Based on this situation how should the Administrator execute the script?

• A. Share and use the Amazon EC2 key pairs to gain access to the servers and run the script
• B. Put the script into the user data of the instances
• C. Configure the script to run as a cron job or scheduled task on the EC2 instances
• D. Use Amazon EC2 Systems Manager to run the script

Answer: A

Explanation:
https://aws.amazon.com/getting-started/tutorials/deploy-code-vm/

NEW QUESTION 17
George has shared an EC2 AMI created in the US East region from his AWS account with Stefano. George copies the same AMI to the US West region. Can Stefano access the copied AMI of George??s account from the US West region?

• A. No, copy AMI does not copy the permission
• B. It is not possible to share the AMI with a specific account
• C. Yes, since copy AMI copies all private account sharing permissions
• D. Yes, since copy AMI copies all the permissions attached with the AMI

Answer: A

Explanation:
Within EC2, when the user copies an AMI, the new AMI is fully independent of the source AMI; there is no link to the original (source. AMI. AWS does not copy launch the permissions, user-defined tags or the Amazon S3 bucket permissions from the source AMI to the new AMI. Thus, in this case by default Stefano will not have access to the AMI in the US West region.

NEW QUESTION 18
An application stores data in an Amazon RDS database instance. Automated RDS snapshots are taken during specified backup windows every night. In addition, a SysOps Administrator takes monthly manual RDS snapshots. During a maintenance window, the RDS instance was accidentally deleted. How can the Administrator restore the DRS database instance?

• A. Restore the instance from the last available automated snapshot.
• B. Restore the instance from the last available manual snapshot.
• C. Restore the instance from the last full RDS snapshot and subsequent incremental snapshots
• D. Restore the instance from the RDS in the secondary Availability Zone

Answer: A

Explanation:
Creating a Final Snapshot and Retaining Automated Backups
When you delete a DB instance, you can choose whether to create a final snapshot of the DB instance. You can also choose to retain automated backups after the DB instance is deleted. To be able to restore the DB instance at a later time, create a final snapshot or retain automated backups.
How to To be able to restore To delete a DB instance quickly, Instead of creating a snapshot, you choose your deleted DB you can skip creating a final DB can choose to enable Retain
instance at a later snapshot. time, create a final DB Important
automated backups when you delete a DB instance. These backups
snapshot.
If you skip the snapshot, to are still subject to the retention restore your DB instance you period of the DB instance and age
need one of the following:
out the same way systems
You have to use an earlier snapshots do. manual snapshot of the DB instance to restore the DB instance to that snapshot's point in time.
You have to choose to retain automated backups; you can use those to restore it to any point in time within your retention period.
Automated backups
Automated backups are retained for All automated backups All automated backups are a set period of time, regardless of are deleted and can't deleted and can't be whether you chose to create a final be recovered, unless recovered, unless you choose snapshot. They are retained for to retain automated backups you enable Retain automated backups.
when you delete the DB retention period that was set on the
DB instance at the time you deleted Manual instance.
Earlier manual Earlier manual snapshots it.
snapshots
snapshots aren't aren't deleted. No snapshots are deleted. deleted.
You can't create a final snapshot of your DB instance if it has the status creating, failed, incompatible- restore, or incompatible-network. For more information about DB instance statuses, see DB Instance Status.

NEW QUESTION 19
A user is displaying the CPU utilization, and Network in and Network out CloudWatch metrics data of a single instance on the same graph. The graph uses one Y-axis for CPU utilization and Network in and another Y-axis for Network out. Since Network in is too high, the CPU utilization data is not visible clearly on graph to the user. How can the data be viewed better on the same graph?

• A. It is not possible to show multiple metrics with the different units on the same graph
• B. Add a third Y-axis with the console to show all the data in proportion
• C. Change the axis of Network by using the Switch command from the graph
• D. Change the units of CPU utilization so it can be shown in proportion with Network

Answer: C

Explanation:
Amazon CloudWatch provides the functionality to graph the metric data generated either by the AWS services or the custom metric to make it easier for the user to analyse. It is possible to show the multiple metrics with different units on the same graph. If the graph is not plotted properly due to a difference in the unit data over two metrics, the user can change the Y-axis of one of the graph by selecting that graph and clicking on the Switch option.

NEW QUESTION 20
A user is planning to use AWS CloudFormation. Which of the below mentioned functionalities does not help him to correctly understand CloudFormation?

• A. CloudFormation follows the DevOps model for the creation of Dev & Test
• B. AWS CloudFormation does not charge the user for its service but only charges for the AWS resources created with it.
• C. CloudFormation works with a wide variety of AWS services, such as EC2, EBS, VPC, IAM, S3, RDS, ELB, etc.
• D. CloudFormation provides a set of application bootstrapping scripts which enables the user to install Software.

Answer: A

Explanation:
AWS CloudFormation is an application management tool which provides application modelling, deployment, configuration, management and related activities. It supports a wide variety of AWS services, such as EC2, EBS, AS, ELB, RDS, VPC, etc. It also provides application bootstrapping scripts which enable the user to install software packages or create folders. It is free of the cost and only charges the user for the services created with it. The only challenge is that it does not follow any model, such as DevOps; instead customers can define templates and use them to provision and manage the AWS resources in an orderly way.

NEW QUESTION 21
A user is trying to connect to a running EC2 instance using SSH. However, the user gets an Unprotected Private Key File error. Which of the below mentioned options can be a possible reason for rejection?

• A. The private key file has the wrong file permission
• B. The ppk file used for SSH is read only
• C. The public key file has the wrong permission
• D. The user has provided the wrong user name for the OS login

Answer: A

Explanation:
While doing SSH to an EC2 instance, if you get an Unprotected Private Key File error it means that the private key file's permissions on your computer are too open. Ideally the private key should have the Unix permission of 0400. To fix that, run the command:
chmod 0400 /path/to/private.key

NEW QUESTION 22
......