• Home
  • Articles
  • [UPDATED 2021] Amazon SOA-C01 Questions Prepare with Free Demo of PDF [Q156-Q181]

[UPDATED 2021] Amazon SOA-C01 Questions Prepare with Free Demo of PDF [Q156-Q181]

Share

[UPDATED 2021] Amazon SOA-C01 Questions Prepare with Free Demo of PDF

NEW 2021 Certification Sample Questions SOA-C01 Dumps & Practice Exam


How to study the Amazon SOA-C01: AWS Certified SysOps Administrator-Associate Exam

A broad range of SOA-C01 dumps for AWS Accredited Developer-Professional Certification have been recognized for certification issues. The reality that students need to prepare attentively does not make certificates easy. It also takes a long time to learn from AWS Accredited Developer-Professional. Therefore, we design various SOA-C01 pdf of AWS Accredited Developer professional questions while we understand student specifications. Our items, like the study guide, help students complete examinations. Every examen includes answers and questions that help students pass their final test. You will pass the test after you have taken and learned our modules. But it doesn’t end there; thanks to our full guides, you will still be good in your career. You will produce your goods in the future. To plan any material for you, we have an advanced method. In the development of and commodity, we have used the latest details.

An effort is so hard that even the students' nerves can be shattered. Our waste management systems are so legitimate and best that you have no pain to pass your AWS accredited Developer Professional. SOA-C01 practice tests are easy to use so that anyone can appreciate them. In such dynamic areas, where qualification requires a lot of studies, planning, and focus, no one likes loss.

 

NEW QUESTION 156
A SysOps administrator maintains several Amazon EC2 instances that do not have access to the public internet. To patch operating systems, the instances should not be reachable from the Public internet.
The administrator deploys a NAT instance, updates the security groups, and configures the appropriate routes within the route table. However, the instances are still unable to reach the internet.
What should be done to resolve the issue?

  • A. Disable source/destination checks on the NAT instance.
  • B. Delete the NAT instance and replace it with AWS WAF.
  • C. Start/Stop the NAT instance so it is launched on a different host.
  • D. Assign elastic IP addresses to the instances and create a route from the private subnets to the internet gateway.

Answer: A

 

NEW QUESTION 157
A root account owner is trying to understand the S3 bucket ACL. Which of the below mentioned options cannot be used to grant ACL on the object using the authorized predefined group?

  • A. Log Delivery Group
  • B. All users group
  • C. Canonical user group
  • D. Authenticated user group

Answer: C

Explanation:
Explanation
An S3 bucket ACL grantee can be an AWS account or one of the predefined Amazon S3 groups. Amazon S3 has a set of predefined groups. When granting account access to a group, the user can specify one of the URLs of that group instead of a canonical user ID. AWS S3 has the following predefined groups:
Authenticated Users group: It represents all AWS accounts. All Users group: Access permission to this group allows anyone to access the resource. Log Delivery group: WRITE permission on a bucket enables this group to write server access logs to the bucket.

 

NEW QUESTION 158
A developer is deploying a web application on Amazon EC2 instances behind an Application Load Balancer (ALB) and notices that the application is not receiving all the expected elements from HTTP requests. The developer suspects users are not sending the correct query string How should a sysops administrator verify this?

  • A. Configure the ALB to store access logs within Amazon S3 Verify that log entries contain the expected query string
  • B. Create a custom Amazon CloudWatch metric to store requests Verify that the metric contains the expected query string
  • C. Open the ALB logs in Amazon CloudWatch Verify that requests contain the expected query string
  • D. Monitor the ALB default Amazon CloudWatch metrics Verify that the requests contain the expected query string

Answer: D

 

NEW QUESTION 159
A root account owner has given full access of his S3 bucket to one of the IAM users using the bucket ACL.
When the IAM user logs in to the S3 console, which actions can he perform?

  • A. It is not possible to give access to an IAM user using ACL
  • B. He can do all the operations on the bucket
  • C. The IAM user can perform all operations on the bucket using only API/SDK
  • D. He can just view the content of the bucket

Answer: A

Explanation:
Explanation
Each AWS S3 bucket and object has an ACL (Access Control List) associated with it. An ACL is a list of grants identifying the grantee and the permission granted. The user can use ACLs to grant basic read/write permissions to other AWS accounts. ACLs use an Amazon S3-specific XML schema. The user cannot grant permissions to other users (IAM users) in his account.

 

NEW QUESTION 160
You have a server with a 5O0GB Amazon EBS data volume. The volume is 80% full. You need to back up the volume at regular intervals and be able to re-create the volume in a new Availability Zone in the shortest time possible. All applications using the volume can be paused for a period of a few minutes with no discernible user impact.
Which of the following backup methods will best fulfill your requirements?

  • A. Create another EBS volume in the second Availability Zone attach it to the Amazon EC2 instance, and use a disk manager to mirror me two disks
  • B. Use a third party Incremental backup application to back up to Amazon Glacier
  • C. Periodically back up all data to a single compressed archive and archive to Amazon S3 using a parallelized multi-part upload
  • D. Take periodic snapshots of the EBS volume

Answer: D

Explanation:
Explanation
EBS volumes can only be attached to EC2 instances within the same Availability Zone.

 

NEW QUESTION 161
A user is trying to understand the ACL and policy for an S3 bucket. Which of the below mentioned policy permissions is equivalent to the WRITE ACL on a bucket?

  • A. s3:GetObjectAcl
  • B. s3:DeleteObject
  • C. s3:ListBucketVersions
  • D. s3:GetObjectVersion

Answer: B

Explanation:
Explanation
Amazon S3 provides a set of operations to work with the Amazon S3 resources. Each AWS S3 bucket can have an ACL (Access Control List. or bucket policy associated with it. The WRITE ACL list allows the other AWS accounts to write/modify to that bucket. The equivalent S3 bucket policy permission for it is s3:DeleteObject.

 

NEW QUESTION 162
Which of the following services is offered by CloudWatch?

  • A. Balancing the request load between various instances
  • B. Fixing broken links on the client's instances
  • C. Creating IAM users for all services in AWS
  • D. Monitoring estimated AWS charges

Answer: D

Explanation:
Explanation
AWS CloudWatch supports monitoring of the AWS estimated usage charges. You create an Amazon CloudWatch alarm that will monitor your estimated Amazon Web Services (AWS) charges. When you enable the monitoring of estimated charges for your AWS account, the estimated charges are calculated and sent several times daily to CloudWatch as metric data.
References:

 

NEW QUESTION 163
A company wants to increase the availability and durability of a critical business application. The application currently uses a MySQL database running on an Amazon EC2 instance. The company wants to minimize application changes.
How should the company meet these requirements?

  • A. Migrate the database to an Amazon RDS Aurora DB instance and create a Read Replica in another Availability Zone.
  • B. Shut down the EC2 instance. Enable multi-AZ replication within the EC2 instance, then restart the instance.
  • C. Launch a secondary EC2 instance running MySQL. Configure a cron job that backs up the database on the primary EC2 instance and copies it to the secondary instance every 30 minutes.
  • D. Create an Amazon RDS Microsoft SQL DB instance and enable multi-AZ replication. Back up the existing data and import it into the new database.

Answer: D

Explanation:
Reference:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_SQLServerMultiAZ.html

 

NEW QUESTION 164
A company must share monthly report files that are uploaded to Amazon S3 with a third party. The third-party user list is dynamic, is distributed, and changes frequently. The least amount of access must be granted to the third party. Administrative overhead must be low for the internal teams who manage the process.
How can this be accomplished while providing the LEAST amount of access to the third party?

  • A. Create an IAM role with the appropriate access to the S3 bucket, and grant login permissions to the console for the third party to access the S3 bucket.
  • B. Have the third party sign up for an AWS account, and grant it cross-account access to the appropriate S3 bucket in the source account.
  • C. Allow only specified IP addresses to access the S3 buckets which will host files that need to be provided to the third party.
  • D. Create a pre-signed URL that can be distributed by email to the third party, allowing it to download specific S3 filed.

Answer: C

 

NEW QUESTION 165
____________ is a fast, flexible, fully managed pub/sub messaging service.

  • A. Amazon SES
  • B. Amazon SNS
  • C. Amazon FPS
  • D. Amazon SQS

Answer: B

Explanation:
Explanation
Amazon Simple Notification Service (Amazon SNS) is a fast, flexible, fully managed push messaging service.
Amazon SNS makes it simple and cost-effective to push to mobile devices such as iPhone, iPad, Android, Kindle Fire, and internet connected smart devices, as well as pushing to other distributed services.
References:

 

NEW QUESTION 166
The networking team has created a VPC in an AWS account. The application team has asked for access to resources in another VPC in the same AWS account. The SysOps Administrator has created the VPC peering connection between both the accounts, but the resources in one VPC cannot communicate with the resources in the other VPC.
What could be causing this issue?

  • A. One VPC has disabled the peering flag.
  • B. One of the VPCs is not sized correctly for peering.
  • C. There is no public subnet in one of the VPCs.
  • D. The route tables have not been updated.

Answer: B

 

NEW QUESTION 167
How can an EBS volume that is currently attached to an EC2 instance be migrated from one Availability Zone to another?

  • A. Detach the volume and attach it to another EC2 instance in the other AZ.
  • B. Create a snapshot of the volume, and create a new volume from the snapshot in the other AZ.
  • C. Detach the volume, then use the ec2-migrate-volume command to move it to another AZ.
  • D. Simply create a new volume in the other AZ and specify the original volume as the source.

Answer: B

Explanation:
Explanation
These snapshots can be used to create multiple new EBS volumes, expand the size of a volume, or move volumes across Availability Zone

 

NEW QUESTION 168
You have a web application leveraging an Elastic Load Balancer (ELB). In front of the web servers deployed using an Auto Scaling Group Your database is running on Relational Database Service (RDS) The application serves out technical articles and responses to them in general there are more views of an article than there are responses to the article. On occasion, an article on the site becomes extremely popular resulting in significant traffic increases that causes the site to go down.
What could you do to help alleviate the pressure on the infrastructure while maintaining availability during these events? (Choose three.)

  • A. Add RDS read-replicas for the read traffic going to your relational database
  • B. Leverage CloudFront for the delivery of the articles.
  • C. Use SOS to queue up the requests for the technical posts and deliver them out of the queue.
  • D. Leverage ElastiCache for caching the most frequently used data.
  • E. Use Route53 health checks to fail over to an S3 bucket for an error page.

Answer: A,B,D

 

NEW QUESTION 169
Is it possible to publish your own metrics to CloudWatch?

  • A. Yes, but only if the data is aggregated.
  • B. No, metrics are in-built and cannot be defined explicitly.
  • C. No, it is not possible.
  • D. Yes, it can be done by using the put-metric-data command.

Answer: D

Explanation:
Explanation
You can publish your own metrics to CloudWatch using the AWS CLI or an API. You can view statistical graphs of your published metrics with the AWS Management Console. CloudWatch stores data about a metric as a series of data points. Each data point has an associated time stamp. You can even publish an aggregated set of data points called a statistic set.

 

NEW QUESTION 170
An organization has launched 5 instances: 2 for production and 3 for testing. The organization wants a particular group of IAM users to access only the test instances and not the production ones. They want to deploy the instances in various locations based on the factors that will change from time to time, especially in the test group. They expect instances will often need to be churned, i.e. deleted and replaced, especially in the testing group. This means the five instances they have created now will soon be replaced by a different set of five instances. The members of each group, production and testing, will not change in the foreseeable future.
Given the situation, what choice below is the most efficient and time-saving strategy to define the IAM policy?

  • A. By defining the tags on the test and production team members IAM user IDs, and adding a condition to the IAM policy that allows access to specific tags
  • B. By launching the test and production instances in separate regions and allowing region wise access to the group
  • C. By creating an IAM policy with a condition that allows access to only small instances
  • D. By defining the IAM policy that allows access based on the instance ID

Answer: A

Explanation:
Explanation
AWS Identity and Access Management is a web service that allows organizations to manage users and user permissions for various AWS services. The user can add conditions as a part of the IAM policies. The condition can be set on AWS Tags, Time, and Client IP as well as on various parameters. If the organization wants the user to access only specific instances, he should define proper tags and add to the IAM policy condition. The sample policy is shown below.

References:

 

NEW QUESTION 171
Which of the following states is not possible for the CloudWatch alarm?

  • A. ALARM
  • B. ALERT
  • C. INSUFFICIENT_DATA
  • D. OK

Answer: B

Explanation:
Explanation
An alarm has three possible states:
OK--The metric is within the defined threshold
ALARM--The metric is outside of the defined threshold
INSUFFICIENT_DATA--The alarm has just started, the metric is not available, or not enough data is available for the metric to determine the alarm state

 

NEW QUESTION 172
A block device is a storage device that moves data in sequences. How many types of block devices does Amazon EC2 support?

  • A. 5 -General Purpose SSD, Provisioned IOPS SSD, Throughput Optimized HDD, Cold HDD, and Magnetic
  • B. 1 -instance store volumes
  • C. 2 -instance store volumes and EBS volumes
  • D. 3 -SSD, HDD, and Magnetic

Answer: C

Explanation:
Explanation
A block device is a storage device that moves data in sequences of bytes or bits (blocks). These devices support random access and generally use buffered I/O. Examples include hard disks, CD-ROM drives, and flash drives. A block device can be physically attached to a computer or accessed remotely as if it were physically attached to the computer. Amazon EC2 supports two types of block devices:
Amazon EC2 supports two types of block devices.
Instance store volumes (virtual devices whose underlying hardware is physically attached to the host computer for the instance) EBS volumes (remote storage devices) The SSD, HDD and Magnetic choices are all options for the type of storage offered via EBS volumes. They are not types of block devices.
References:

 

NEW QUESTION 173
A company has a sales department and a marketing department. The company uses one AWS account. There is a need to determine what charges are incurred on the AWS platform by each department. There is also a need to receive notifications when a specified cost level is approached or exceeded.
Which actions must a SysOps administrator take to achieve both requirements with the LEAST amount of administrative overhead? (Select TWO.)

  • A. Use AWS Organizations to create a department Organizational Unit and allow only authorized personnel in each department to create resources.
  • B. Download the detailed billing report, upload it to a database, and match the line items with a list of known resources by department.
  • C. Create a Budget from the Billing and Cost Management console. Specify the budget type as Cost, assign tags for each department.
    define notifications, and specify any other options as required.
  • D. Use AWS Trusted Advisor to obtain a report containing the checked items in the Cost Optimization pillar.
  • E. Create a script by using the AWS CLI to automatically apply tags to existing resources for each department. Schedule the script to run weekly.

Answer: C,E

 

NEW QUESTION 174
An AWS root account owner is trying to create a policy to access RDS. Which of the below mentioned statements is true with respect to the above information?

  • A. Create a policy, which allows the users to access RDS and apply it to the RDS instances
  • B. The root account owner should create a policy for the IAM user and give him access to the RDS services
  • C. The user cannot access the RDS database if he is not assigned the correct IAM policy
  • D. The policy should be created for the user and provide access for RDS

Answer: B

Explanation:
Explanation
AWS Identity and Access Management is a web service, which allows organizations to manage users and user permissions for various AWS services. If the account owner wants to create a policy for RDS, the owner has to create an IAM user and define the policy, which entitles the IAM user with various RDS services such as Launch Instance, Manage security group, Manage parameter group etc.

 

NEW QUESTION 175
A user has configured ELB with Auto Scaling. The user suspended the Auto Scaling terminate process only for a while. What will happen to the availability zone rebalancing process (AZRebalance. during this period?

  • A. Auto Scaling will keep launching instances till the maximum instance size
  • B. Auto Scaling will allow the instances to grow more than the maximum size
  • C. Auto Scaling will not launch or terminate any instances
  • D. It is not possible to suspend the terminate process while keeping the launch active

Answer: B

Explanation:
Explanation
Auto Scaling performs various processes, such as Launch, Terminate, Availability Zone Rebalance (AZRebalance) etc. The AZRebalance process type seeks to maintain a balanced number of instances across Availability Zones within a region. If the user suspends the Terminate process, the AZRebalance process can cause the Auto Scaling group to grow up to ten percent larger than the maximum size. This is because Auto Scaling allows groups to temporarily grow larger than the maximum size during rebalancing activities. If Auto Scaling cannot terminate instances, the Auto Scaling group could remain up to ten percent larger than the maximum size until the user resumes the Terminate process type.

 

NEW QUESTION 176
A user has two EC2 instances running in two separate regions. The user is running an internal memory management tool, which captures the data and sends it to CloudWatch in US East, using a CLI with the same namespace and metric. Which of the below mentioned options is true with respect to the above statement?

  • A. CloudWatch will give an error since the data will conflict due to two sources
  • B. CloudWatch will take the data of the server, which sends the data first
  • C. The setup will not work as CloudWatch cannot receive data across regions
  • D. CloudWatch will receive and aggregate the data based on the namespace and metric

Answer: D

Explanation:
Explanation
Amazon CloudWatch does not differentiate the source of a metric when receiving custom data. If the user is publishing a metric with the same namespace and dimensions from different sources, CloudWatch will treat them as a single metric. If the data is coming with the same time zone within a minute, CloudWatch will aggregate the data. It treats these as a single metric, allowing the user to get the statistics, such as minimum, maximum, average, and the sum of all across all servers.

 

NEW QUESTION 177
ABC (with AWS account ID 111122223333) has created 50 IAM users for its organization's employees. What will be the AWS console URL for these associates?

  • A. https://111122223333.signin.aws.amazon.com/console/
  • B. https://signin.aws.amazon.com/111122223333/console/
  • C. https://signin.aws.amazon.com/console/
  • D. https://signin.aws.amazon.com/console/111122223333/

Answer: A

Explanation:
Explanation
When
an organization is using AWS IAM for creating various users and manage their access rights, the IAM user cannot use the login URL http://aws.amazon.com/console to access AWS management console. The console login URL for the IAM user will have AWS account ID of that organization to identify the IAM user belongs to particular account. The AWS console login URL for the IAM user will be https://<AWS_Account_ID>.signin.aws.amazon.com/console/. In this case it will be
https://111122223333.signin.aws.amazon.com/console/

 

NEW QUESTION 178
In regard to AWS CloudFormation, to pass values to your template at runtime you should use ____________.

  • A. mapping
  • B. resources
  • C. parameters
  • D. conditions

Answer: C

Explanation:
Explanation
Optional parameters are listed in the Parameters section. Parameters enable you to pass values to your template at runtime, and can be dereferenced in the Resources and Outputs sections of the template.

 

NEW QUESTION 179
You know that AWS Billing and Cost Management integrates with the AWS Identity and Access Management (IAM) service so that you can control who in your organization has access to specific pages on the AWS Billing and Cost Management console. Which of the following items can you control access to in AWS Billing and Cost Management?

  • A. You can control access to invoices and detailed information about charges and account activity, budgets, payment methods, and credits.
  • B. You can control access to detailed information about charges and account activity only.
  • C. You can control access to invoices only.
  • D. You can control access to payment methods only.

Answer: A

Explanation:
Explanation
In AWS Billing and Cost Management console, you can control access to the following:
- invoices
- detailed information about charges
- account activity
- budgets
- payment methods
- credits

 

NEW QUESTION 180
A SysOps Administrator has implemented an Auto Scaling group with a step scaling policy. The Administrator notices that the additional instances have not been included in the aggregated metrics.
Why are the additional instances missing from the aggregated metrics?

  • A. The warm-up period has not expired
  • B. The instances are included in a different set of metrics
  • C. The instances have not been attached to the Auto Scaling group
  • D. The instances are still in the boot process

Answer: C

 

NEW QUESTION 181
......

SOA-C01 Deluxe Study Guide with Online Test Engine: https://www.test4cram.com/SOA-C01_real-exam-dumps.html

Related Articles

more
Amazon SOA-C01 Certification Practice Exam

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Test4cram provides latest and valid test questions and dumps which help people pass exam and get the certification they want. We serve every customer at our best and guarantee 100% pass with exam cram pdf.

Disclaimer:
Test4Cram doesn't offer Real Lenovo Exam Questions.
Test4Cram does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Test4Cram does not own or claim any ownership on any of the brands.

Copyright © 2026 Test4Cram NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy