Amazon Web Services braindumps aws Certified Associate Soa-c02 Exam Dumps by Jeremiah q31 vce pdf

Page: 17 / 21

Exam Name:	AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code:	SOA-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	556 Q&A's	Shared By:	jeremiah

Question 68

A company recently migrated its application to a VPC on AWS. An AWS Site-to-Site VPN connection connects the company’s on-premises network to the VPC. The application retrieves customer data from another system that resides on premises. The application uses an on-premises DNS server to resolve domain records. After the migration, the application is not able to connect to the customer data because of name resolution errors.

Which solution will give the application the ability to resolve the internal domain names?

Options:

Launch EC2 instances in the VPC. On the EC2 instances, deploy a custom DNS forwarder that forwards all DNS requests to the on-premises DNS server. Create an Amazon Route 53 private hosted zone that uses the EC2 instances for name servers.

Create an Amazon Route 53 Resolver outbound endpoint. Configure the outbound endpoint to forward DNS queries against the on-premises domain to the on-premises DNS server.

Set up two AWS Direct Connect connections between the AWS environment and the on-premises network. Set up a link aggregation group (LAG) that includes the two connections. Change the VPC resolver address to point to the on-premises DNS server.

Create an Amazon Route 53 public hosted zone for the on-premises domain. Configure the network ACLs to forward DNS requests against the on-premises domain to the Route 53 public hosted zone.

Discussion

Question 69

A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an

EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.

Which condition should be used with the alarm?

Options:

AWS/ApplicationELB HealthyHostCount <= 0

AWS/ApplicationELB UnhealthyHostCount >= 1

AWS/EC2 StatusCheckFailed <= 0

AWS/EC2 StatusCheckFailed >= 1

Discussion

Zayaan

Successfully aced the exam… Thanks a lot for providing amazing Exam Dumps.

Harmony Nov 19, 2025

That's fantastic! I'm glad to hear that their dumps helped you. I also used them and found it accurate.

Annabel

I recently used them for my exam and I passed it with excellent score. I am impressed.

Amirah Nov 10, 2025

I passed too. The questions I saw in the actual exam were exactly the same as the ones in the Cramkey Dumps. I was able to answer the questions confidently because I had already seen and studied them.

Josie

I just passed my certification exam using their dumps and I must say, I was thoroughly impressed.

Fatimah Nov 9, 2025

You’re right. The dumps were authentic and covered all the important topics. I felt confident going into the exam and it paid off.

Miriam

Highly recommended Dumps. 100% authentic and reliable. Passed my exam with wonderful score.

Milan Nov 10, 2025

I see. Thanks for the information. I'll definitely keep Cramkey in mind for my next exam.

Question 70

A company has attached the following policy to an IAM user:

Questions 70

Which of the following actions are allowed for the IAM user?

Options:

Amazon RDS DescribeDBInstances action in the us-east-1 Region

Amazon S3 Putobject operation in a bucket named testbucket

Amazon EC2 Describe Instances action in the us-east-1 Region

Amazon EC2 AttachNetworkinterf ace action in the eu-west-1 Region

Discussion

Question 71

A company has mandated the use of multi-factor authentication (MFA) for all IAM users, and requires users to make all API calls using the CLI. However. users are not prompted to enter MFA tokens, and are able to run CLI commands without MFA. In an attempt to enforce MFA, the company attached an IAM policy to all users that denies API calls that have not been authenticated with MFA.

What additional step must be taken to ensure that API calls are authenticated using MFA?

Options:

Enable MFA on IAM roles, and require IAM users to use role credentials to sign API calls.

Ask the IAM users to log into the AWS Management Console with MFA before making API calls using the CLI.

Restrict the IAM users to use of the console, as MFA is not supported for CLI use.

Require users to use temporary credentials from the get-session token command to sign API calls.