Practice Free SOA-C03 Exam Online Questions
A company has a production application that runs on large compute optimized Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Amazon EC2 Auto Scaling group. The Auto Scaling group has a desired capacity of 2, a maximum capacity of 2, and a minimum capacity of 1.
The application is CPU-bound. The EC2 instances show consistent CPU utilization of 90% or greater during peak usage periods. These peak usage periods are unpredictable and cause performance issues and latency issues.
Which solution will automate the resolution of these issues?
- A . Deploy additional instances outside the Auto Scaling group. Create a new target group that includes the existing instances and the additional instances as targets. Reconfigure the ALB to direct traffic to the new target group.
- B . Increase the maximum capacity of the Auto Scaling group. Change the instances to a burstable instance type.
- C . Increase the maximum capacity of the Auto Scaling group. Configure a scaling policy to add instances when instance CPU utilization is greater than 80%.
- D . Increase the desired capacity of the Auto Scaling group. Configure a scaling policy to add instances when instance CPU utilization is greater than 80%.
A company runs an application on Amazon EC2 instances behind an Elastic Load Balancer (ELB) in an Auto Scaling group. The application performs well except during a 2-hour period of daily peak traffic, when performance slows.
A CloudOps engineer must resolve this issue with minimal operational effort.
What should the engineer do?
- A . Adjust the minimum capacity of the Auto Scaling group to the size required to meet the increased demand during the 2-hour period.
- B . Adjust the launch template that is associated with the Auto Scaling group to be more sensitive to increases in user traffic.
- C . Create a scheduled scaling action to scale out the number of EC2 instances shortly before the increase in user traffic occurs.
- D . Manually add a few more EC2 instances to the Auto Scaling group to support the increase in user traffic. Enable instance scale-in protection on the Auto Scaling group.
A company’s application servers in AWS account 111122223333 use a security group sg-1234abcd. They need to access a database hosted in account 444455556666. The VPCs are connected using a VPC peering connection (pcx-b04deed9).
A CloudOps engineer must configure the database’s security group to allow new connections only from the application servers.
What should the engineer do?
- A . Add an inbound rule to the database’s security group. Reference 111122223333/sg-1234abcd as the source.
- B . Add an inbound rule to the database’s security group. Reference pcx-b04deed9/sg-1234abcd as the source.
- C . Add an inbound rule to the database’s security group. Reference sg-1234abcd as the source.
- D . Add an inbound rule to the database’s security group. Reference 444455556666/sg-1234abcd as the source.
A company has created a new video-on-demand (VOD) application. The application runs on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB). The company configured an Amazon CloudFront distribution and set the ALB as the origin. Because of increasing application demand, the company wants to move all video files to a central Amazon S3 bucket.
A SysOps administrator needs to ensure that video files can be cached at edge locations after the company migrates the files to Amazon S3.
Which solution will meet this requirement?
- A . Configure CloudFront to send the X-Forwarded-For header to the origin and to redirect video requests to Amazon S3 instead of the ALB.
- B . Configure a new CloudFront cache behavior to route to Amazon S3 as a new origin, based on matching a URL path pattern.
- C . Configure URL signing in the CloudFront distribution by using a custom policy. Ensure that video files are accessed through signed URLs only.
- D . Configure a CloudFront origin group. Specify the required HTTP status codes to direct connection attempts to a secondary origin.
A company uses a large number of Linux-based Amazon EC2 instances to run business operations. The company uses AWS Systems Manager to manage the EC2 instances. The company wants to ensure that the Systems Manager Agent (SSM Agent) is always up to date with the latest version.
Which solution will meet this requirement in the MOST operationally efficient way?
- A . Enable the Auto update SSM Agent setting in Systems Manager Fleet Manager.
- B . Subscribe to SSM Agent GitHub notifications and use Lambda to update agents.
- C . Enable the Auto update SSM Agent setting in Systems Manager Patch Manager.
- D . Use GitHub notifications and a Systems Manager Automation document.
A company plans to run a public web application on Amazon EC2 instances behind an Elastic Load Balancing (ELB) load balancer. The company’s security team wants to protect the website by using AWS Certificate Manager (ACM) certificates. The load balancer must automatically redirect any HTTP requests to HTTPS.
Which solution will meet these requirements?
- A . Create an Application Load Balancer that has one HTTPS listener on port 80. Attach an SSL/TLS certificate to port 80.
- B . Create an Application Load Balancer that has one HTTP listener on port 80 and one HTTPS listener on port 443. Attach an SSL/TLS certificate to port 443. Create a rule to redirect requests from port 80 to port 443.
- C . Create an Application Load Balancer that has two TCP listeners on ports 80 and 443. Attach an SSL/TLS certificate to port 443.
- D . Create a Network Load Balancer with TCP listeners on ports 80 and 443. Attach an SSL/TLS certificate to port 443.
A company has an application that uses an Amazon EFS file system. A recent incident that involved an application logic error corrupted several files. The company wants to improve its ability to back up and recover the EFS file system. The company must be able to recover individual files rapidly.
Which solution meets these requirements MOST cost-effectively?
- A . Configure Amazon Data Lifecycle Manager (Amazon DLM) to archive a copy of the data to an Amazon S3 Glacier vault. Use S3 Glacier retrieval requests to retrieve individual files.
- B . Create a second EFS file system in another AWS Region. Configure AWS DataSync to copy the data to the backup file system. Recover files by copying them from the backup EFS file system.
- C . Enable AWS Backup in Amazon EFS to back up the file system to an Amazon S3 Glacier vault. Use S3 Glacier retrieval requests to retrieve individual files.
- D . Enable AWS Backup in Amazon EFS to back up the file system to a backup vault. Use a partial restore job to retrieve individual files.
A company has deployed Amazon EC2 instances from custom Amazon Machine Images (AMIs) in two AWS Regions. The company registered all the instances with AWS Systems Manager.
The company discovers that the operating system on some instances has a significant zero-day exploit. However, the company does not know how many instances are affected.
A CloudOps engineer must implement a solution to deploy operating system patches for the affected EC2 instances.
Which solution will meet this requirement with the LEAST operational overhead?
- A . Define a patch baseline in Systems Manager Patch Manager. Use a Patch Manager scan to identify the affected instances. Use the Patch Now option in each Region to update the affected instances.
- B . Use AWS Config to identify the affected instances. Define a patch baseline in Systems Manager Patch Manager. Use the Patch Now option in Patch Manager to update the affected instances.
- C . Create an Amazon EventBridge rule to react to Systems Manager Compliance events. Configure the EventBridge rule to run a patch baseline on the affected instances.
- D . Use AWS Config to identify the affected instances. Update the existing EC2 AMIs with the desired patch. Manually launch instances from the new AMIs to replace the affected instances in both Regions.
A company uses hundreds of Amazon EC2 On-Demand Instances and Spot Instances to run production and non-production workloads. The company installs and configures the AWS Systems Manager Agent (SSM Agent) on the EC2 instances.
During a recent instance patch operation, some instances were not patched because the instances were either busy or down. The company needs to generate a report that lists the current patch version of all instances.
Which solution will meet these requirements in the MOST operationally efficient way?
- A . Use Systems Manager Inventory to collect patch versions. Generate a report of all instances.
- B . Use Systems Manager Run Command to remotely collect patch version information. Generate a report of all instances.
- C . Use AWS Config to track EC2 instance configuration changes by using output from the SSM Agents.
Create a custom rule to check for patch versions. Generate a report of all unpatched instances. - D . Use AWS Config to monitor the patch status of the EC2 instances by using output from the SSM Agents. Create a configuration compliance rule to check whether patches are installed. Generate a report of all instances.
A company’s reporting job that previously ran in 15 minutes is now taking 1 hour. The application runs on Amazon EC2 and extracts data from an Amazon RDS for MySQL DB instance.
CloudWatch metrics show high Read IOPS even when reports are not running. The CloudOps engineer must improve performance and availability.
Which solution will meet these requirements?
- A . Configure Amazon ElastiCache and query it for reports.
- B . Deploy an RDS read replica and update the reporting job to query the reader endpoint.
- C . Create a CloudFront distribution with the RDS instance as the origin.
- D . Increase the size of the RDS instance.