Amazon Web Services braindumps aws Certified Associate Soa-c02 Exam Dumps by Jeremiah q31 vce pdf

Page: 17 / 21

Exam Name:	AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code:	SOA-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	556 Q&A's	Shared By:	jeremiah

Question 68

A company recently migrated its application to a VPC on AWS. An AWS Site-to-Site VPN connection connects the company’s on-premises network to the VPC. The application retrieves customer data from another system that resides on premises. The application uses an on-premises DNS server to resolve domain records. After the migration, the application is not able to connect to the customer data because of name resolution errors.

Which solution will give the application the ability to resolve the internal domain names?

Options:

Launch EC2 instances in the VPC. On the EC2 instances, deploy a custom DNS forwarder that forwards all DNS requests to the on-premises DNS server. Create an Amazon Route 53 private hosted zone that uses the EC2 instances for name servers.

Create an Amazon Route 53 Resolver outbound endpoint. Configure the outbound endpoint to forward DNS queries against the on-premises domain to the on-premises DNS server.

Set up two AWS Direct Connect connections between the AWS environment and the on-premises network. Set up a link aggregation group (LAG) that includes the two connections. Change the VPC resolver address to point to the on-premises DNS server.

Create an Amazon Route 53 public hosted zone for the on-premises domain. Configure the network ACLs to forward DNS requests against the on-premises domain to the Route 53 public hosted zone.

Discussion

Question 69

A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an

EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.

Which condition should be used with the alarm?

Options:

AWS/ApplicationELB HealthyHostCount <= 0

AWS/ApplicationELB UnhealthyHostCount >= 1

AWS/EC2 StatusCheckFailed <= 0

AWS/EC2 StatusCheckFailed >= 1

Discussion

Question 70

A company has attached the following policy to an IAM user:

Questions 70

Which of the following actions are allowed for the IAM user?

Options:

Amazon RDS DescribeDBInstances action in the us-east-1 Region

Amazon S3 Putobject operation in a bucket named testbucket

Amazon EC2 Describe Instances action in the us-east-1 Region

Amazon EC2 AttachNetworkinterf ace action in the eu-west-1 Region

Discussion

Elise

I've heard that Cramkey is one of the best websites for exam dumps. They have a high passing rate and the questions are always up-to-date. Is it true?

Cian Jul 3, 2025

Definitely. The dumps are constantly updated to reflect the latest changes in the certification exams. And I also appreciate how they provide explanations for the answers, so I could understand the reasoning behind each question.

Esmae

I highly recommend Cramkey Dumps to anyone preparing for the certification exam.

Mollie Jul 20, 2025

Absolutely. They really make it easier to study and retain all the important information. I'm so glad I found Cramkey Dumps.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun Jul 12, 2025

That sounds really useful. I'll definitely check it out.

Miriam

Highly recommended Dumps. 100% authentic and reliable. Passed my exam with wonderful score.

Milan Jul 17, 2025

I see. Thanks for the information. I'll definitely keep Cramkey in mind for my next exam.

Nia

Why are these Dumps so important for students these days?

Mary Jul 27, 2025

With the constantly changing technology and advancements in the industry, it's important for students to have access to accurate and valid study material. Cramkey Dumps provide just that. They are constantly updated to reflect the latest changes and ensure that the information is up-to-date.

Question 71

A company has mandated the use of multi-factor authentication (MFA) for all IAM users, and requires users to make all API calls using the CLI. However. users are not prompted to enter MFA tokens, and are able to run CLI commands without MFA. In an attempt to enforce MFA, the company attached an IAM policy to all users that denies API calls that have not been authenticated with MFA.

What additional step must be taken to ensure that API calls are authenticated using MFA?

Options:

Enable MFA on IAM roles, and require IAM users to use role credentials to sign API calls.

Ask the IAM users to log into the AWS Management Console with MFA before making API calls using the CLI.

Restrict the IAM users to use of the console, as MFA is not supported for CLI use.

Require users to use temporary credentials from the get-session token command to sign API calls.