SOA-C01 dumps
5 Star


Customer Rating & Feedbacks
98%


Exactly Questions Came From Dumps

Amazon SOA-C01 Question Answers

AWS Certified SysOps Administrator - Associate Dumps July 2026

discount banner
PDF + Test Engine $139  $97
Test Engine
$119  $83
PDF $99  $69

Here are Amazon SOA-C01 PDF available features:

263 questions with answers Updation Date : 16 Jul, 2026
1 day study required to pass exam 100% Passing Assurance
100% Money Back Guarantee Free 3 Months Updates
Amazon SOA-C01 Sample Questions

Question # 21

An organization stores sensitive customer information in S3 buckets protected by bucket policies. Recently, there have been reports that unauthorized entities within the company have been trying to access the data on those S3 buckets. The chief information security officer (CISO) would like to know which buckets are being targeted and determine who is responsible for trying to access that information. Which steps should a SysOps administrator take to meet the CISO's requirement? (Select TWO.)

A. Enable Amazon S3 Analytics on all affected S3 buckets to obtain a report of whichbuckets are being accessed without authorization.
B. Enable Amazon S3 Server Access Logging on all affected S3 buckets and have the logsstored in a bucket dedicated for logs.
C. Use Amazon Athena to query S3 Analytics reports for HTTP 403 errors, and determinethe 1AM user or role making the requests.
D. Use Amazon Athena to query the S3 Server Access Logs for HTTP 403 errors, anddetermine the 1AM user or role making the requests.
E. Use Amazon Athena to query the S3 Server Access Logs for HTTP 503 errors, anddetermine the 1AM user or role making the requests.


Question # 22

A SysOps administrator is evaluating Amazon Route 53 DNS options to address concerns about high availability tor an on-premises website. The website consists of two servers: a primary active server and a secondary passive server. Route 53 should route traffic to the primary server if the associated health check returns 2xx or 3xx HTTP codes. AH other traffic should be directed to the secondary passive server. The failover record type, set ID, and routing policy have been set appropriately for both primary and secondary servers. Which next step should be taken to configure Route 53?

A. Create an A record for each server. Associate the records with the Route 53 HTTP health check.
B. Create an A record for each server. Associate the records with the Route 53 TCP health check.
C. Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 HTTP health check.  
D. Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 TCP health check. 


Question # 23

A SysOps administrator is investigating why a user has been unable to use RDP to connect over the internet from their home computer to a bastion server running on an Amazon EC2 Windows instance Which of the following are possible causes of this issue? (Select TWO.)

A. A network ACL associated with the bastion's subnet is blocking the network traffic
B. The instance does not have a private IP address.
C. The route table associated with the bastion's subnet does not have a route to theinternet gateway
D. The security group for the instance does not have an inbound rule on port 22
E. The security group for the instance does not have an outbound rule on port 3389.


Question # 24

A company is migrating its exchange server from its on-premises location to a VPC in the AWS Cloud Users working from home connect using a secure encrypted channel over the internet to the exchange server However, after the migration to AWS. users are having trouble receiving email. The VPC flow log records display the following

A. SMTP traffic from the network interface was blocked by an outbound network ACL
B. SMTP traffic from the network interface was blocked by an outbound security group
C. SMTP traffic to the network interface was blocked by an inbound network ACL
D. SMTP traffic to the network interface was blocked by an inbound security group


Question # 25

A SysOps administrator is configuring an application on AWS to be used over the internet by departments in other countries For remote locations, the company requires a static public IP address to be explicitly allowed as a target for outgoing internet traffic How should the SysOps administrator deploy the application to meet this requirement? 

A. Deploy the application on an Amazon Elastic Container Service (Amazon ECS) clusterConfigure an AWS App Mesh service mesh.
B. Deploy the application as AWS Lambda functions behind an Application Load Balancer
C. Deploy the application on Amazon EC2 instances behind an internet-facing NetworkLoad Balancer
D. Deploy the application on an Amazon Elastic Kubernetes Service (Amazon EKS) clusterbehind an Amazon API Gateway


Question # 26

A company is running an application on Amazon EC2 instances. The company needs to stop all development instances during non-business hours to reduce costs. The instances must be started again at trie beginning of each business day. Which solution meets these requirements with the LEAST administrative overhead?

A. Add the instances to an EC2 Auto Scaling group. Configure the scaling policy to scale in when the instances are at low CPU utilization levels.
B. Create a cron script on each EC2 instance that shuts down the instance at the end of each day.
C. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that triggers an Amazon Simple Notification Service (Amazon SNS) topic to let a SysOps administrator know to start or stop the EC2 instances.
D. Create Amazon EventBridge (Amazon CloudWatch Events) scheduled rules that trigger an AWS Lambda function to start or stop the EC2 instances. 


Question # 27

A company is managing multiple AWS accounts using AWS Organizations. One of these accounts is used only for retaining logs in an Amazon S3 bucket The company wants to make sure that compute resources cannot be used in the account.
How can this be accomplished with the LEAST administrative effort?

A. Apply an 1AM policy to all 1AM entities in the account with a statement to explicitly denyNotAction: s3:
B. Configure AWS Config to terminate compute resources that have been created in theaccounts.
C. Configure AWS CloudTrail to block any action where the event source is nots3.amazonaws.com.
D. Update the service control policy on the account to deny the unapproved services.


Question # 28

An ecommerce company uses an Amazon ElastiCache for memcached cluster for inmemory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the sysops administrator notices a large number of evictions.
Which of the following actions will reduce these evictions? (Select Two)  

A. Add an additional node to the ElasticCache cluster.
B. Increase the ElastiCache time to the live (TTL).
C. Increase the individual node size inside the ElasiCache cluster.
D. Put an Elastic load Balancer in front of the ElasticCache cluster.
E. Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster.


Question # 29

A company has a web application that is experiencing performance problems many times each night. A root cause analysis reveals spikes in CPU utilization that last 5 minutes on an Amazon EC2 Linux instance. A SysOps administrator is tasked with finding the process ID (PID) of the service or process that is consuming more CPU. How can the administrator accomplish this with the LEAST amount of effort?

A. Configure an AWS Lambda function in Python 3.7 to run every minute to capture the PID and send a notification
B. Configure the procstat plugin to collect and send CPU metrics for the running processes.  
C. Log in to the EC2 Linux instance using a .pern key each night and then run the top command 
D. Use the default Amazon CloudWatch CPU utilization metric to capture the PID in the CloudWatch dashboard. 


Question # 30

An application is being developed that will be served across a fleet of Amazon EC2 instances, which require a consistent view of persistent data. Items stored vary in size from 1 KB lo 300MB; the items are read frequently, created occasionally, and often require partial changes without conflict. The data store is not expected to grow beyond 2TB. and items will be expired according to age and content type. Which AWS service solution meets these requirements?

A. Amazon S3 buckets with lifecycle policies to delete old objects  
B. Amazon ROS PostgreSQL and a job that deletes rows based on age and file type columns
C. Amazon EFS and a scheduled process to delete files based on age and extension.  
D. An EC2 instance store synced on boot from a central Amazon EBS-backed instance.  


123456789

Download All 263 Questions Check Customers Feedbacks