Download AWS Certified SysOps Administrator - Associate.SOA-C02.CertDumps.2026-04-26.475q.tqb

Vendor: Amazon
Exam Code: SOA-C02
Exam Name: AWS Certified SysOps Administrator - Associate
Date: Apr 26, 2026
File Size: 3 MB
Download Exam

How to open TQB files?

Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.

Download
Taurus Exam Studio

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
A company runs a single-page web application on AWS. The application uses Amazon CloudFront to deliver static content from an Amazon S3 bucket origin. The application also uses an Amazon Elastic Kubernetes Service (Amazon EKS) cluster to serve API calls.
Users sometimes report that the website is not operational, even when monitoring shows that the index page is reachable and that the EKS cluster is healthy. A SysOps administrator must implement additional monitoring that can detect when the website is not operational before users report the problem.
Which solution will meet these requirements?
  1. Create an Amazon CloudWatch Synthetics heartbeat monitor canary that points to the fully qualified domain name (FQDN) of the website.
  2. Create an Amazon CloudWatch Synthetics API canary that monitors the availability of API endpoints from the EKS cluster.
  3. Create an Amazon CloudWatch RUM app monitor that points to the fully qualified domain name (FQDN) of the website. Configure the app monitor to collect performance telemetry and JavaScript errors.
  4. Create an Amazon CloudWatch RUM app monitor that uses the API endpoints from the EKS cluster.
Correct answer: A
Question 2
A company receives an alert from an Amazon CloudWatch alarm. The alarm indicates that a web application that is running on Amazon EC2 instances is not responding to requests. The EC2 instances have a Red Hat Enterprise Linux operating system and are in an Auto Scaling group. The Auto Scaling group has a minimum capacity of 2 and a maximum capacity of 5.
An investigation reveals that the web application is experiencing out-of-memory errors. The company adds memory to the web application and wants to track operating system memory utilization. A CloudWatch memory metric does not currently exist for the EC2 instances in the Auto Scaling group.
What should a SysOps administrator do to provide a CloudWatch memory metric for the EC2 instances?
  1. Use an Amazon Machine Image (AMI) that includes the CloudWatch agent.
  2. Turn on CloudWatch detailed monitoring.
  3. Turn on Instance Metadata Service Version 2 (IMDSv2).
  4. Use an Amazon Machine Image (AMI) that is based on Amazon Linux.
Correct answer: A
Question 3
A SysOps administrator must ensure that all of a company's current and future Amazon S3 buckets have logging enabled. If an S3 bucket does not have logging enabled, an automated process must enable logging for the S3 bucket.
Which solution will meet these requirements?
  1. Use AWS Trusted Advisor to perform a check for S3 buckets that do not have logging enabled. Configure the check to enable logging for S3 buckets that do not have logging enabled.
  2. Configure an S3 bucket policy that requires all current and future S3 buckets to have logging enabled.
  3. Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses an AWS Lambda function to enable logging.
  4. Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses the AWS-ConfigureS3BucketLogging AWS Systems Manager Automation runbook to enable logging.
Correct answer: D
Question 4
A company hosts an application on Amazon EC2 instances. The instances are in an Amazon EC2 Auto Scaling group that uses a launch template. The amount of application traffic changes throughout the day. Scaling events happen frequently.
A SysOps administrator needs to help developers troubleshoot the application. When a scaling event removes an instance, EC2 Auto Scaling terminates the instance before the developers can log in to the instance to diagnose issues.
Which solution will prevent termination of the instance so that the developers can log in to the instance?
  1. Ensure that the Delete on termination setting is turned off in the UserData section of the launch template.
  2. Update the Auto Scaling group by enabling instance scale-in protection for newly launched instances.
  3. Use Amazon Inspector to configure a rules package to protect the instances from termination.
  4. Use Amazon GuardDuty to configure rules to protect the instances from termination.
Correct answer: B
Question 5
An application uses an Amazon Aurora MySQL DB cluster that includes one Aurora Replica. The application's read performance degrades when there are more than 200 user connections. The number of user connections is approximately 180 on a consistent basis. Occasionally, the number of user connections increases rapidly to more than 200.
A SysOps administrator must implement a solution that will scale the application automatically as user demand increases or decreases.
Which solution will meet these requirements?
  1. Modify the DB cluster by increasing the Aurora Replica instance size.
  2. Modify the DB cluster by changing to serverless mode whenever the number of user connections exceeds 200.
  3. Migrate to a new Aurora DB cluster that has multiple writer instances. Modify the application's database connection string.
  4. Create an auto scaling policy that has a target value of 195 for the DatabaseConnections metric.
Correct answer: D
Question 6
A company is using an Amazon EC2 Auto Scaling group to support a workload. A SysOps administrator finds that the Auto Scaling group is configured with two similar scaling policies.
One scaling policy adds 5 instances when CPU utilization reaches 80%. The other scaling policy adds 10 instances when CPU utilization reaches 80%.
What will happen when CPU utilization reaches the 80% threshold?
  1. Amazon EC2 Auto Scaling will add 5 instances.
  2. Amazon EC2 Auto Scaling will add 10 instances.
  3. Amazon EC2 Auto Scaling will add 15 instances.
  4. The Auto Scaling group will not scale because of conflicting policies.
Correct answer: B
Question 7
A company is running a development application on an Amazon EC2 instance. The application uploads 500,000 files that are 1 GB in size into a target Amazon S3 bucket that has default encryption enabled. The EC2 instance is in the same AWS Region where the S3 bucket is deployed.
The company uses performance logging that is built into the application software. The logs show that the application is constantly waiting for the files to be written to the S3 bucket. A SysOps administrator needs to improve the application's throughput performance. The SysOps administrator validates that the networking on the EC2 instance is not constrained.
What should the SysOps administrator do to improve the S3 upload performance?
  1. Enable S3 Transfer Acceleration on the S3 bucket.
  2. Split the S3 write operations to use multiple bucket prefixes to write items in parallel.
  3. Configure AWS PrivateLink for Amazon S3. Turn off encryption on the S3 bucket.
  4. Configure AWS Global Accelerator in the Region. Turn off encryption on the S3 bucket.
Correct answer: B
Question 8
A company is using AWS to deploy a critical application on a fleet of Amazon EC2 instances. The company is rewriting the application because the application failed a security review. The application will take 12 months to rewrite. While this rewrite happens, the company needs to rotate IAM access keys that the application uses.
A SysOps administrator must implement an automated solution that finds and rotates IAM access keys that are at least 30 days old. The solution must then continue to rotate the IAM access keys every 30 days.
Which solution will meet this requirement with the MOST operational efficiency?
  1. Use an AWS Config rule to identify IAM access keys that are at least 30 days old. Configure AWS Config to invoke an AWS Systems Manager Automation runbook to rotate the identified IAM access keys.
  2. Use AWS Trusted Advisor to identify IAM access keys that are at least 30 days old. Configure Trusted Advisor to invoke an AWS Systems Manager Automation runbook to rotate the identified IAM access keys.
  3. Create a script that checks the age of IAM access keys and rotates them if they are at least 30 days old. Launch an EC2 instance. Schedule the script to run as a cron expression on the EC2 instance every day.
  4. Create an AWS Lambda function that checks the age of IAM access keys and rotates them if they are at least 30 days old. Use an Amazon EventBridge rule to invoke the Lambda function every time a new IAM access key is created.
Correct answer: A
Question 9
A company has a list of pre-approved Amazon Machine Images (AMIs) for developers to use to launch Amazon EC2 instances. However, developers are still launching EC2 instances from unapproved AMIs.
A SysOps administrator must implement a solution that automatically terminates any instances that are launched from unapproved AMIs.
Which solution will meet this requirement?
  1. Set up an AWS Config managed rule to check if instances are running from AMIs that are on the list of pre-approved AMIs. Configure an automatic remediation action so that an AWS Systems Manager Automation runbook terminates any instances that are noncompliant with the rule.
  2. Store the list of pre-approved AMIs in an Amazon DynamoDB global table that is replicated to all AWS Regions that the developers use. Create Regional EC2 launch templates. Configure the launch templates to check AMIs against the list and to terminate any instances that are not on the list.
  3. Select the Amazon CloudWatch metric that shows all running instances and the AMIs that the instances were launched from. Create a CloudWatch alarm that terminates an instance if the metric shows the use of an unapproved AMI.
  4. Create a custom Amazon Inspector finding to compare a running instance's AMI against the list of pre-approved AMIs. Create an AWS Lambda function that terminates instances. Configure Amazon Inspector to report findings of unapproved AMIs to an Amazon Simple Queue Service (Amazon SQS) queue to invoke the Lambda function.
Correct answer: A
Question 10
A company has created an AWS CloudFormation template that consists of the AWS::EC2::Instance resource and a custom CloudFormation resource. The custom CloudFormation resource is an AWS Lambda function that attempts to run automation on the Amazon EC2 instance.
During testing, the Lambda function fails because the Lambda function tries to run before the EC2 instance is launched.
Which solution will resolve this issue?
  1. Add a DependsOn attribute to the custom resource. Specify the EC2 instance in the DependsOn attribute.
  2. Update the custom resource's service token to point to a valid Lambda function.
  3. Update the Lambda function to use the cfn-response module to send a response to the custom resource.
  4. Use the Fn::If intrinsic function to check for the EC2 instance before the custom resource runs.
Correct answer: A
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!