| PDF + Test Engine |
|
||
| Test Engine |
|
||
|
|
Here are Amazon SOA-C03 PDF available features:
| 219 questions with answers | Updation Date : 16 Jul, 2026 |
| 1 day study required to pass exam | 100% Passing Assurance |
| 100% Money Back Guarantee | Free 3 Months Updates |
A company needs to upload gigabytes of files daily to Amazon S3 and requires higher throughput and faster upload speeds. Which action should a CloudOps engineer take?
A. Create an Amazon CloudFront distribution with the GET HTTP method allowed and the S3 bucket as an origin.
B. Create an Amazon ElastiCache cluster and enable caching for the S3 bucket.
C. Set up AWS Global Accelerator and configure it with the S3 bucket.
D. Enable S3 Transfer Acceleration and use the acceleration endpoint when uploading files.
A company requires the rotation of administrative credentials for production workloads on a regular basis. A CloudOps engineer must implement this policy for an Amazon RDS DB instance's master user password. Which solution will meet this requirement with the LEAST operational effort?
A. Create an AWS Lambda function to change the RDS master user password. Create an Amazon EventBridge scheduled rule to invoke the Lambda function.
B. Create a new SecureString parameter in AWS Systems Manager Parameter Store. Encrypt the parameter with an AWS Key Management Service (AWS KMS) key. Configure automatic rotation.
C. Create a new String parameter in AWS Systems Manager Parameter Store. Configure automatic rotation.
D. Create a new RDS database secret in AWS Secrets Manager. Apply the secret to the RDS DB instance. Configure automatic rotation.
A company hosts a static website on Amazon S3. An Amazon CloudFront distribution presents this site to global users. The company uses the Managed-CachingDisabled CloudFront cache policy. The company's developers confirm that they frequently update a file in Amazon S3 with new information. Users report that the website presents correct information when the website first loads the file. However, the users' browsers do not retrieve the updated file after a refresh. What should a SysOps administrator recommend to fix this issue?
A. Add a Cache-Control header field with max-age=0 to the S3 object.
B. Change the CloudFront cache policy to Managed-CachingOptimized.
C. Disable bucket versioning in the S3 bucket configuration.
D. Enable content compression in the CloudFront configuration.
A CloudOps engineer is maintaining a web application that uses an Amazon CloudFront web distribution, an Application Load Balancer (ALB), Amazon RDS, and Amazon EC2 in a VPC. All services have logging enabled. The CloudOps engineer needs to investigate HTTP Layer 7 status codes from the web application. Which log sources contain the status codes? (Select TWO.)
A. VPC Flow Logs
B. AWS CloudTrail logs
C. ALB access logs
D. CloudFront access logs
E. RDS logs
A company’s Amazon EC2 instance with high CPU utilization is a t3.large instance running a test web app. The company determines the app would run better on a compute-optimized large instance. What should the CloudOps engineer do?
A. Migrate the EC2 instance to a compute optimized instance by using AWS VM Import/Export.
B. Enable hibernation on the EC2 instance. Change the instance type to a compute optimized instance. Disable hibernation on the EC2 instance.
C. Stop the EC2 instance. Change the instance type to a compute optimized instance. Start the EC2 instance.
D. Change the instance type to a compute optimized instance while the EC2 instance is running.
A SysOps administrator needs to implement a solution that protects credentials for an Amazon RDS for MySQL DB instance. The solution must rotate the credentials automatically one time every week. Which combination of steps will meet these requirements? (Select TWO.)
A. Configure an RDS proxy to store the credentials.
B. Add the credentials to AWS Secrets Manager.
C. Add the credentials to AWS Systems Manager Parameter Store.
D. Create an AWS Lambda function to rotate the credentials.
E. Create an AWS Systems Manager Automation runbook to rotate the credentials.
A company maintains a list of 75 approved Amazon Machine Images (AMIs) that can be used across an organization in AWS Organizations. The company's development team has been launching Amazon EC2 instances from unapproved AMIs. A SysOps administrator must prevent users from launching EC2 instances from unapproved AMIs. Which solution will meet this requirement?
A. Add a tag to the approved AMIs. Create an IAM policy that includes a tag condition that allows users to launch EC2 instances from only the tagged AMIs.
B. Create a service-linked role. Attach a policy that denies the ability to launch EC2 instances from a list of unapproved AMIs. Assign the role to users.
C. Use AWS Config with an AWS Lambda function to check for EC2 instances that are launched from unapproved AMIs. Program the Lambda function to send an Amazon Simple Notification Service (Amazon SNS) message to the SysOps administrator to terminate those EC2 instances.
D. Use AWS Trusted Advisor to check for EC2 instances that are launched from unapproved AMIs. Configure Trusted Advisor to invoke an AWS Lambda function to terminate those EC2 instances.
A company has a web application that is experiencing performance problems many times each night. A root cause analysis reveals sudden increases in CPU utilization that last 5 minutes on an Amazon EC2 Linux instance. A CloudOps engineer must find the process ID (PID) of the service or process that is consuming more CPU. What should the CloudOps engineer do to collect the process utilization information with the LEAST amount of effort?
A. Configure the Amazon CloudWatch agent procstat plugin to capture CPU process metrics.
B. Configure an AWS Lambda function to run every minute to capture the PID and send a notification.
C. Log in to the EC2 instance each night and run the top command.
D. Use the default Amazon CloudWatch CPUUtilization metric.
A SysOps administrator needs to encrypt an existing Amazon Elastic File System (Amazon EFS) file system by using an existing AWS KMS customer managed key. Which solution will meet these requirements?
A. Use Amazon EFS replication to create a new file system. Copy the data and metadata from the existing file system to the new file system. Specify the KMS customer managed key in the replication configuration. When the replication process finishes, fail over to the new encrypted file system.
B. Directly modify the file system to use encryption. Specify the KMS customer managed key.
C. Use Amazon EFS replication to create a new file system. Copy the data and metadata from the existing file system to the new file system. Generate a new TLS certificate. Specify the TLS certificate in the replication configuration. When the replication process finishes, fail over to the new encrypted file system.
D. Create a new EFS file system that is encrypted with the KMS customer managed key. Create an Amazon EC2 instance to copy the files. Mount the encrypted file system and unencrypted file system on the instance. Copy all data from the unencrypted file system to the encrypted file system. Unmount the unencrypted file system and remove the temporary instance.
A company runs applications on Amazon EC2 instances. Many of the instances are not patched. The company has a tagging policy. All the instances are tagged with details about the owners, application, and environment. AWS Systems Manager Agent (SSM Agent) is installed on all the instances. A SysOps administrator must implement a solution to automatically patch all existing and future instances that have "Prod" in the environment tag. The SysOps administrator plans to create a patch policy in Systems Manager Patch Manager. Which solution will meet the patching requirements with the LEAST operational overhead?
A. Define targets of the patch policy by specifying node tags that match the company's
tagging strategy.
B. Configure an AWS Lambda function to scan for new instances and to add the instances to the targets of the patch policy.
C. Create resource groups. Add the existing instances to the resource groups. Configure an AWS Lambda function to scan for new instances and to add the instances to the resource groups at regular intervals. Attach the resource groups to the patch policy.
D. Create resource groups. Add the existing instances to the resource groups. Create an Amazon EventBridge rule that uses an appropriately defined filter to add new instances to the resource groups. Attach the resource groups to the patch policy.