Practice Free SOA-C03 Exam Online Questions
A company is migrating its production file server to AWS. All data stored on the file server must remain accessible if an Availability Zone becomes unavailable or during system maintenance. Users must access the file server through the SMB protocol and manage permissions by using Windows ACLs.
Which solution will meet these requirements?
- A . Create a single AWS Storage Gateway file gateway.
- B . Create an Amazon FSx for Windows File Server Multi-AZ file system.
- C . Deploy two AWS Storage Gateway file gateways in two Availability Zones behind an Application Load Balancer.
- D . Deploy two Amazon FSx for Windows File Server Single-AZ file systems and configure DFS Replication.
A company has a VPC that contains a public subnet and a private subnet. The company deploys an Amazon EC2 instance that uses an Amazon Linux Amazon Machine Image (AMI) and has the AWS Systems Manager Agent (SSM Agent) installed in the private subnet. The EC2 instance is in a security group that allows only outbound traffic.
A CloudOps engineer needs to give a group of privileged administrators the ability to connect to the instance through SSH without exposing the instance to the internet.
Which solution will meet this requirement?
- A . Create an EC2 Instance Connect endpoint in the private subnet. Update the security group to allow inbound SSH traffic. Create an IAM group for privileged administrators. Assign the PowerUserAccess managed policy to the IAM group.
- B . Create a Systems Manager endpoint in the private subnet. Update the security group to allow SSH traffic from the private network where the Systems Manager endpoint is connected. Create an IAM group for privileged administrators. Assign the PowerUserAccess managed policy to the IAM group.
- C . Create an EC2 Instance Connect endpoint in the public subnet. Update the security group to allow SSH traffic from the private network. Create an IAM group for privileged administrators. Assign the PowerUserAccess managed policy to the IAM group.
- D . Create a Systems Manager endpoint in the public subnet. Create an IAM role that has the AmazonSSMManagedInstanceCore permission for the EC2 instance. Create an IAM group for privileged administrators. Assign the AmazonEC2ReadOnlyAccess IAM policy to the IAM group.
A company stores critical data in Amazon S3 buckets. A CloudOps engineer must build a solution to record all S3 API activity.
Which action will meet this requirement?
- A . Configure S3 bucket metrics to record object access logs.
- B . Create an AWS CloudTrail trail to log data events for all S3 objects.
- C . Enable S3 server access logging for each S3 bucket.
- D . Use AWS IAM Access Analyzer for Amazon S3 to store object access logs.
A company has an on-premises DNS solution and wants to resolve DNS records in an Amazon Route 53 private hosted zone for example.com. The company has set up an AWS Direct Connect connection for network connectivity between the on-premises network and the VPC. A CloudOps engineer must ensure that an on-premises server can query records in the example.com domain.
What should the CloudOps engineer do to meet these requirements?
- A . Create a Route 53 Resolver inbound endpoint. Attach a security group to the endpoint to allow inbound traffic on TCP/UDP port 53 from the on-premises DNS servers.
- B . Create a Route 53 Resolver inbound endpoint. Attach a security group to the endpoint to allow outbound traffic on TCP/UDP port 53 to the on-premises DNS servers.
- C . Create a Route 53 Resolver outbound endpoint. Attach a security group to the endpoint to allow inbound traffic on TCP/UDP port 53 from the on-premises DNS servers.
- D . Create a Route 53 Resolver outbound endpoint. Attach a security group to the endpoint to allow outbound traffic on TCP/UDP port 53 to the on-premises DNS servers.
A company’s CloudOps engineer maintains a highly available environment. The environment includes Amazon EC2 instances and an Amazon RDS Multi-AZ database. The EC2 instances are in an Auto Scaling group behind an Application Load Balancer.
Recently, the company conducted a failover test. The CloudOps engineer needs to decrease the failover time of the RDS database by at least 10%.
Which solution will meet this requirement?
- A . Increase the RDS instance size.
- B . Modify the RDS cluster to run in a single Availability Zone.
- C . Create a read replica in another AWS Region. Promote the read replica in case of failure.
- D . Create an RDS proxy. Point the application to the proxy endpoint.
A company hosts a critical legacy application on two Amazon EC2 instances that are in one Availability Zone. The instances run behind an Application Load Balancer (ALB). The company uses Amazon CloudWatch alarms to send Amazon Simple Notification Service (Amazon SNS) notifications when the ALB health checks detect an unhealthy instance. After a notification, the company’s engineers manually restart the unhealthy instance. A CloudOps engineer must configure the application to be highly available and more resilient to failures.
Which solution will meet these requirements?
- A . Create an Amazon Machine Image (AMI) from a healthy instance. Launch additional instances
from the AMI in the same Availability Zone. Add the new instances to the ALB target group. - B . Increase the size of each instance. Create an Amazon EventBridge rule. Configure the EventBridge rule to restart the instances if they enter a failed state.
- C . Create an Amazon Machine Image (AMI) from a healthy instance. Launch an additional instance from the AMI in the same Availability Zone. Add the new instance to the ALB target group. Create an AWS Lambda function that runs when an instance is unhealthy. Configure the Lambda function to stop and restart the unhealthy instance.
- D . Create an Amazon Machine Image (AMI) from a healthy instance. Create a launch template that uses the AMI. Create an Amazon EC2 Auto Scaling group that is deployed across multiple Availability Zones. Configure the Auto Scaling group to add instances to the ALB target group.
A CloudOps engineer is troubleshooting an AWS CloudFormation template whereby multiple Amazon EC2 instances are being created.
The template is working in us-east-1, but it is failing in us-west-2 with the error code:
AMI [ami-12345678] does not exist
How should the CloudOps engineer ensure that the AWS CloudFormation template is working in every Region?
- A . Copy the source Region’s Amazon Machine Image (AMI) to the destination Region and assign it the same ID.
- B . Edit the AWS CloudFormation template to specify the Region code as part of the fully qualified AMI ID.
- C . Edit the AWS CloudFormation template to offer a drop-down list of all AMIs to the user by using the AWS::EC2::AMI::ImageId control.
- D . Modify the AWS CloudFormation template by including the AMI IDs in the Mappings section. Refer to the proper mapping within the template for the proper AMI ID.
A company uses an Amazon CloudFront distribution to share a file through a signed URL. The company stores the source file in an Amazon S3 bucket and updates the file every day. Users report there is a delay of several days before they see new versions of the file. Occasionally, users report not being able to see a specific day’s file. A CloudOps engineer needs to resolve the issue.
Which solution will meet this requirement?
- A . Remove any lifecycle rules that are applied to the S3 bucket.
- B . Update the behavior path pattern of the CloudFront distribution to match the file name.
- C . Set all TTL settings to 0 in the CloudFront distribution cache policy.
- D . Use the AWS CLI to recreate the CloudFront signed URL. Update the date-less-than parameter to a date in the future.
A company plans to migrate several of its high-performance computing (HPC) virtual machines to Amazon EC2. The deployment must minimize network latency and maximize network throughput between the instances.
Which placement group strategy should the CloudOps engineer choose?
- A . Deploy the instances in a cluster placement group in one Availability Zone.
- B . Deploy the instances in a partition placement group in two Availability Zones.
- C . Deploy the instances in a partition placement group in one Availability Zone.
- D . Deploy the instances in a spread placement group in two Availability Zones.
A company runs its applications on a large number of Amazon EC2 instances. A CloudOps engineer must implement a solution to notify the operations team whenever an EC2 instance state changes.
What is the MOST operationally efficient solution that meets these requirements?
- A . Create a script that captures instance state changes and publishes a notification to an Amazon SNS topic. Use AWS Systems Manager Run Command to run the script on all EC2 instances.
- B . Create an Amazon EventBridge event rule that captures EC2 instance state changes. Set an Amazon SNS topic as the target.
- C . Create an Amazon EventBridge event rule that captures EC2 instance state changes. Set as the target an AWS Lambda function that publishes a notification to an Amazon SNS topic.
- D . Create an AWS Config custom rule that evaluates instance state changes with automatic remediation. Use the rule to invoke an AWS Lambda function that publishes a notification to an Amazon SNS topic.