SOA-C02 (Page 17)

A company is trying to connect two applications.One application runs in an on-premises data center that has a hostname of host1.onprem private.The other application runs on an Amazon EC2 instance that has a hostname of host1.awscloud private.An AWS Site-to-Site VPN connection is in place between the on-premises network and AWS.The application that runs in the data center tries to connect to the application that runs on the EC2 instance, but DNS resolution fails.A SysOps administrator must implement DNS resolution between on-premises and AWS resources.Which solution allows the on-premises application to resolve the EC2 instance hostname?Read More →

A development team created and deployed a new AWS Lambda function 15 minutes ago.Although the function was invoked many times, Amazon CloudWatch Logs are not showing any log messages.What is one cause of this?Read More →

A company has an application that is running on Amazon EC2 instances in a VPC.The application needs access to download software updates from the internet.The VPC has public subnets and private subnets.The company’s security policy requires all EC2 instances to be deployed in private subnets.What should a SysOps administrator do to meet these requirements?Read More →

A development team recently deployed a new version of a web application to production.After the release, penetration testing revealed a cross-site scripting vulnerability that could expose user data.Which AWS service will mitigate this issue?Read More →

A SysOps administrator needs to develop a solution that provides email notification and inserts a record into a database every time a file is put into an Amazon S3 bucket.What is the MOST operationally efficient solution that meets these requirements?Read More →

A company hosts several write-intensive applications.These applications use a MySQL database that runs on a single Amazon EC2 instance.The company asks a SysOps administrator to implement a highly available database solution that is ideal for multi-tenant workloads.Which solution should the SysOps administrator implement to meet these requirements?Read More →

A SysOps administrator receives an alert from Amazon GuardDuty about suspicious network activity on an Amazon EC2 instance.The GuardDuty finding lists a new external IP address as a traffic destination.The SysOps administrator does not recognize the external IP address.The SysOps administrator must block traffic to the external IP address that GuardDuty identified.Which solution will meet this requirement?Read More →

A company has mandated the use of multi-factor authentication (MFA) for all IAM users, and requires users to make all API calls using the CLI.However, users are not prompted to enter MFA tokens, and are able to run CLI commands without MFA.In an attempt to enforce MFA, the company attached an IAM policy to all users that denies API calls that have not been authenticated with MFA.What additional step must be taken to ensure that API calls are authenticated using MFA?Read More →

A company plans to migrate several of its high performance computing (HPC) virtual machines (VMs) to Amazon EC2 instances on AWS.A SysOps administrator must identify a placement group for this deployment.The strategy must minimize network latency and must maximize network throughput between the HPC VMs.Which strategy should the SysOps administrator choose to meet these requirements?Read More →

An errant process is known to use an entire processor and run at 100%.A SysOps administrator wants to automate restarting an Amazon EC2 instance when the problem occurs for more than 2 minutes.How can this be accomplished?Read More →