使用SOA-C02題庫更新資訊意味著你已經通過AWS Certified SysOps Administrator - Associate (SOA-C02)的一半市場對IT專業人員的需求越來越多,獲得Amazon SOA-C02認證會讓您更有優勢,平均工資也會高出20%,并能獲得更多的晉升機會。對于希望獲得SOA-C02認證的專業人士來說,我們考古題是復習并通過考試的可靠題庫,同時幫助準備參加認證考試考生獲得SOA-C02認證。我們確保為客戶提供高品質的Amazon SOA-C02考古題資料,這是我們聘請行業中最資深的專家經過整理而來,保證大家的考試高通過率。 最新的 AWS Certified Associate SOA-C02 免費考試真題 (Q143-Q148):問題 #143
A company needs to create a daily Amazon Machine Image (AMI) of an existing Amazon Linux EC2 instance that hosts the operating system, application, and database on multiple attached Amazon Elastic Block Store (Amazon EBS) volumes. File system integrity must be maintained.
Which solution will meet these requirements?
A. Create an AWS Lambda function to call the CreateImage API operation with the EC2 instance ID and the no-reboot parameter enabled. Create a daily scheduled Amazon EventBridge (Amazon CloudWatch Events) rule that invokes the function.
B. Create an AWS Lambda function to call the CreateImage API operation with the EC2 instance ID and the reboot parameter enabled. Create a daily scheduled Amazon EventBridge (Amazon CloudWatch Events) rule that invokes the function.
C. Use AWS Backup to create a backup plan with a backup rule that runs daily. Assign the resource ID of the EC2 instance with the reboot parameter enabled.
D. Use AWS Backup to create a backup plan with a backup rule that runs daily. Assign the resource ID of the EC2 instance with the no-reboot parameter enabled.
答案:D
問題 #144
A SysOps administrator is using Amazon EC2 instances to host an application. The SysOps administrator needs to grant permissions for the application to access an Amazon DynamoDB table.
Which solution will meet this requirement?
A. Create an IAM user to access the DynamoDB table. Assign the IAM user to the EC2 instance profile.
B. Create an IAM role to access the DynamoDB table. Assign the IAM role to the EC2 instance profile.
C. Create access keys to access the DynamoDB table. Assign the access keys to the EC2 instance profile.
D. Create an EC2 key pair to access the DynamoDB table. Assign the key pair to the EC2 instance profile.
答案:B
問題 #145
A company is managing multiple AWS accounts in AWS Organizations. The company is A company has attached the following policy to an IAM user:
Which of the following actions are allowed for the IAM user?
A. Amazon EC2 AttachNetworkInterface action in the eu-west-1 Region
B. Amazon S3 PutObject operation in a bucket named testbucket
C. Amazon RDS DescribeDBInstances action in the us-east-1 Region
D. Amazon EC2 DescribeInstances action in the us-east-1 Region
答案:D
解題說明:
The first statement explicitly allows any RDS action that begins with rdsescribe*.
The second statement explicitly allows any EC2 action, but only in the us-east-1 Region.
The third statement is an explicit Deny for all actions except those that match either ec2:* or s3:GetObject. Because explicit Deny overrides any Allow, only actions that are either an EC2 action (or s3:GetObject) will be permitted.
問題 #146
A SysOps Administrator runs a web application that is using a microservices approach whereby different responsibilities of the application have been divided in a separate microservice running on a different Amazon EC2 instance. The administrator has been tasked with reconfiguring the infrastructure to support this approach.
How can the administrator accomplish this with the LEAST administrative overhead?
A. Use a Network Load Balancer (NLB) and do path-based routing.
B. Use Amazon CloudFront to rewrite the header based on the microservice and forward the request.
C. Use Amazon CloudFront to log the URL and forward the request.
D. Use an Application Load Balancer (ALB) and do path-based routing.
答案:D
解題說明:
To reconfigure the infrastructure to support a microservices approach with the least administrative overhead, using an Application Load Balancer (ALB) with path-based routing is the most suitable solution.
* Application Load Balancer (ALB):
* ALBs are designed to distribute incoming application traffic across multiple targets, such as EC2 instances, in one or more Availability Zones.
* ALBs support path-based routing, which allows you to route requests to different microservices based on the URL path.
* Path-Based Routing:
* With path-based routing, you can configure your ALB to route requests to specific target groups based on the URL path.
* For example, requests to example.com/service1/* can be routed to one microservice, while requests to example.com/service2/* can be routed to another.
* Implementation Steps:
* Go to the EC2 console and navigate to "Load Balancers."
* Create an ALB and configure the listener.
* Define rules for path-based routing and create target groups for each microservice.
* Register the appropriate EC2 instances with each target group.
Application Load Balancers
ALB Path-Based Routing
問題 #147
A company hosts its website on Amazon EC2 instances in the us-east-1 Region. The company is preparing to extend its website into the eu-central-1 Region, but the database must remain only in us-east-1. After deployment, the EC2 instances in eu-central-1 are unable to connect to the database in us-east-1.
What is the MOST operationally efficient solution that will resolve this connectivity issue?
A. Create a VPC peering connection between the two Regions. Add the private IP address range of the instances to the inbound rule of the database security group.
B. Create a VPN connection between the two Regions. Add the private IP address range of the instances to the outbound rule of the database security group.
C. Create a VPC peering connection between the two Regions. Add the security group of the instances in eu-central-1 to the outbound rule of the database security group.
D. Create a VPN connection between the two Regions. Add the security group of the instances in eu- central-1 to the inbound rule of the database security group.
答案:A
解題說明:
VPN options are out of the question.
We are left with add the IP address or a security group rule, but since you cannont create a security group rule that references a peer VPC security group, than the answer is clearly A. https://docs.aws.amazon.com/vpc/ ... ecurity-groups.html
escribe*.