Amazon Web Services transcender aws Certified Associate Soa-c02 Exam Questions And Answers Pdf by May q275 vce pdf

Page: 2 / 14

Exam Name:	AWS Certified SysOps Administrator - Associate (SOA-C02)
Exam Code:	SOA-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	393 Q&A's	Shared By:	may

Question 8

A company needs to deploy a new workload on AWS. The company must encrypt all data at rest and must rotate the encryption keys once each year. The workload uses an Amazon RDS for MySQL Multi-AZ database for data storage.

Which configuration approach will meet these requirements?

Options:

Enable Transparent Data Encryption (TDE) in the MySQL configuration file. Manually rotate the key every 12 months.

Enable RDS encryption on the database at creation time by using the AWS managed key for Amazon RDS.

Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable RDS encryption on the database at creation time by using the KMS key.

Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic key rotation. Enable encryption on the Amazon Elastic Block Store (Amazon EBS) volumes that are attached to the RDS DB instance.

Discussion

Ayra

How these dumps are necessary for passing the certification exam?

Damian (not set)

They give you a competitive edge and help you prepare better.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun (not set)

That sounds really useful. I'll definitely check it out.

Osian

Dumps are fantastic! I recently passed my certification exam using these dumps and I must say, they are 100% valid.

Azaan (not set)

They are incredibly accurate and valid. I felt confident going into my exam because the dumps covered all the important topics and the questions were very similar to what I saw on the actual exam. The team of experts behind Cramkey Dumps make sure the information is relevant and up-to-date.

Sarah

Yeah, I was so relieved when I saw that the question appeared in the exam were similar to their exam dumps. It made the exam a lot easier and I felt confident going into it.

Aaliyah (not set)

Same here. I've heard mixed reviews about using exam dumps, but for us, it definitely paid off.

Question 9

A company uses Amazon Elasticsearch Service (Amazon ES) to analyze sales and customer usage data. Members of the company's geographically dispersed sales team are traveling. They need to log in to Kibana by using their existing corporate credentials that are stored in Active Directory. The company has deployed

Active Directory Federation Services (AD FS) to enable authentication to cloud services.

Which solution will meet these requirements?

Options:

Configure Active Directory as an authentication provider in Amazon ES. Add the Active Directory server's domain name to Amazon ES. Configure Kibana to use Amazon ES authentication.

Deploy an Amazon Cognito user pool. Configure Active Directory as an external identity provider for the user pool. Enable Amazon Cognito authentication for Kibana on Amazon ES.

Enable Active Directory user authentication in Kibana. Create an IP-based custom domain access policy in Amazon ES that includes the Active Directory server's IP address.

Establish a trust relationship with Kibana on the Active Directory server. Enable Active Directory user authentication in Kibana. Add the Active Directory server's IP address to Kibana.

Discussion

Question 10

A company has a critical serverless application that uses multiple AWS Lambda functions. Each Lambda function generates 1 GB of log data daily in its own Amazon CloudWatch Logs log group. The company's security team asks for a count of application errors, grouped by type, across all of the log groups.

What should a SysOps administrator do to meet this requirement?

Options:

Perform a CloudWatch Logs Insights query that uses the stats command and count function.

Perform a CloudWatch Logs search that uses the groupby keyword and count function.

Perform an Amazon Athena query that uses the SELECT and GROUP BY keywords.

Perform an Amazon RDS query that uses the SELECT and GROUP BY keywords.

Discussion

Question 11

A SysOps administrator created an Amazon VPC with an IPv6 CIDR block, which requires access to the internet. However, access from the internet towards the VPC is prohibited. After adding and configuring the required components to the VPC. the administrator is unable to connect to any of the domains that reside on the internet.

What additional route destination rule should the administrator add to the route tables?

Options:

Route ;:/0 traffic to a NAT gateway

Route ::/0 traffic to an internet gateway

Route 0.0.0.0/0 traffic to an egress-only internet gateway

Route ::/0 traffic to an egress-only internet gateway