Amazon SOA-C01 Dumps Questions Answers

Amazon SOA-C01 Dumps

Dumps4download providing 100% reliable Exam dumps that are verified by experts panel. Our Dumps4download SOA-C01 study material are totally unique and exam questions are valid all over the world. By using our SOA-C01 dumps we assure you that you will pass your exam on first attempt. You can easily score more than 97%.

100% exam passing Guarantee on your purchased exams.

100% money back guarantee if you will not clear your exam.

Amazon SOA-C01 Practice Test Helps You Turn Dreams To Reality!

IT Professionals from every sector are looking up certifications to boost their careers. Amazon being the leader certification provider earns the most demand in the industry.

The Amazon Certification is your short-cut to an ever-growing success. In the process, Dumps4download is your strongest coordinator, providing you with the best SOA-C01 Dumps PDF as well as Online Test Engine. Let’s steer your career to a more stable future with interactive and effective SOA-C01 Practice Exam Dumps.

Many of our customers are already excelling in their careers after achieving their goals with our help. You can too be a part of that specialized bunch with a little push in the right direction. Let us help you tread the heights of success.

Apply for the SOA-C01 Exam right away so you can get certified by using our Amazon Dumps.

Bulk Exams Package

Dumps4download Leads You To A 100% Success in First Attempt!

Our SOA-C01 Dumps PDF is intended to meet the requirements of the most suitable method for exam preparation. We especially hired a team of experts to make sure you get the latest and compliant SOA-C01 Practice Test Questions Answers. These questions are been selected according to the most relevance as well as the highest possibility of appearing in the exam. So, you can be sure of your success in the first attempt.

Interactive & Effective SOA-C01 Dumps PDF + Online Test Engine

Aside from our Amazon SOA-C01 Dumps PDF, we invest in your best practice through Online Test Engine. They are designed to reflect the actual exam format covering each topic of your exam. Also, with our interactive interface focusing on the exam preparation is easier than ever. With an easy-to-understand, interactive and effective study material assisting you there is nothing that could go wrong. We are 100% sure that our SOA-C01 Questions Answers Practice Exam is the best choice you can make to pass the exam with top score.

How Dumps4download Creates Better Opportunities for You!

Dumps4download knows how hard it is for you to beat this tough Amazon Exam terms and concepts. That is why to ease your preparation we offer the best possible training tactics we know best. Online Test Engine provides you an exam-like environment and PDF helps you take your study guide wherever you are. Best of all, you can download SOA-C01 Dumps PDF easily or better print it. For the purpose of getting concepts across as easily as possible, we have used simple language. Adding explanations at the end of the SOA-C01 Questions and Answers Practice Test we ensure nothing slips your grasp.

The exam stimulation is 100 times better than any other test material you would encounter. Besides, if you are troubled with anything concerning AWS Certified SysOps Administrator - Associate Exam or the SOA-C01 Dumps PDF, our 24/7 active team is quick to respond. So, leave us a message and your problem will be solved in a few minutes.

Get an Absolutely Free Demo Today!

Dumps4download offers an absolutely free demo version to test the product with sample features before actually buying it. This shows our concern for your best experience. Once you are thoroughly satisfied with the demo you can get the AWS Certified SysOps Administrator - Associate Practice Test Questions instantly.

24/7 Online Support – Anytime, Anywhere

Have a question? You can contact us anytime, anywhere. Our 24/7 Online Support makes sure you have absolutely no problem accessing or using AWS Certified SysOps Administrator - Associate Practice Exam Dumps. What’s more, Dumps4download is mobile compatible so you can access the site without having to log in to your Laptop or PC.

Features to use Dumps4download SOA-C01 Dumps:

• Thousands of satisfied customers.
• Good grades are 100% guaranteed.
• 100% verified by Experts panel.
• Up to date exam data.
• Dumps4download data is 100% trustworthy.
• Passing ratio more than 99%
• 100% money back guarantee.

Amazon SOA-C01 Frequently Asked Questions

Amazon SOA-C01 Sample Questions

Question # 1

A security officer has requested Ifial internet access be removed from subnets in a VPC. The subnets currently route internet-bound traffic to a NAT gateway. A SysOps administrator needs to remove this access while allowing access to Amazon S3. Which solution will meet these requirements?

A. Set up an internet gateway. Update the route table on the subnets to use the internet gateway to route traffic to Amazon S3 
B. Set up an S3 VPC gateway endpoint. Update the route table on the subnets to use the gateway endpoint to route traffic to Amazon S3. 
C. Set up additional NAT gateways in each Availability Zone. Update the route table on the subnets to use the NAT gateways to route traffic to Amazon S3.  
D. Set up an egress-only internet gateway. Update the route table on the subnets to use the egress-only internet gateway to route traffic to Amazon S3. 

Show Answer

---

Question # 2

A SysOps administrator set up an Amazon ElastiCache for Memcached cluster for an application During testing, the application expenences increased latency. Amazon CloudWatch metrics (or the Memcached cluster show CPUUtilization is consistently above 95% and FreeableMemory is consistently under 1 MB. Which aclion will solve the problem?

A. Configure ElastiCache automatic scaling for the Memcached cluster. Set the CPUUtilization metric as a scaling trigger above 75% and FreeableMemory below 10 MB.
B. Configure ElastiCache read replicas for each Memcached node in different AvailabilityZones to distribute the workload.
C. Deploy an Application Load Balancer to distribute the workload to Memcached clusternodes.
D. Replace the Memcached cluster and select a node type that has a higher CPU andmemory.

Show Answer

---

Question # 3

A company is managing a website with a global user base hosted on Amazon EC2 with an Application Load Balancer (ALB). To reduce the load on the web servers, a SysOps administrator configures an Amazon CloudFront distribution with the ALB as the origin After a week of monitoring the solution, the administrator notices that requests are still being served by the ALB and there is no change in the web server load. What are possible causes tor this problem? (Select TWO.)

A. CloudFront does not have the ALB configured as the origin access identity.
B. The DNS is still pointing to the ALB instead of the CloudFront distribution.
C. The ALB security group is not permitting inbound traffic from CloudFront.
D. The default, minimum, and maximum Time to Live (TTL) are set to 0 seconds on theCloudFront distribution.
E. The target groups associated with the ALB are configured for sticky sessions.

Show Answer

---

Question # 4

A security audit revealed that the security groups in a VPC have ports 22 and 3389 open to all. introducing a possible threat that instances can be stopped or configurations can be modified. A SysOps administrator needs to automate remediation. What should the administrator do to meet these requirements?

A. Create an 1AM managed policy lo deny access to ports 22 and 3389 on any securitygroups in a VPC.
B. Define an AWS Config rule and remediation action with AWS Systems Managerautomation documents.
C. Enable AWS Trusted Advisor to remediate public port access.
D. Use AWS Systems Manager configuration compliance to remediate public port access.

Show Answer

---

Question # 5

A company is planning to deploy multiple ecommerce websites across the eu-west-1, apeast-1, and us-west-1 Regions. The websites consist of Amazon S3 buckets Amazon EC2 instances, Amazon RDS databases and Elastic Load Balancers. Which method will accomplish the deployment with the LEAST amount of effort? 

A. Configure deployment automation using AWS OpsWorks
B. Configure S3 cross-Region replication
C. Use AWS CloudFormation stack sets to deploy the application
D. Use AWS Elastic Beanstalk to deploy the application

Show Answer

---

Question # 6

An application is running on Amazon EC2 Instances behind an Application Load Balancer (ALB). An operations team wants to be notified in near-teal time when the ALB has issues connecting to backend EC2 instances. Which solution will meet these requirements with the LEAST amount of effort? 

A. Configure the ALB to send logs to Amazon S3. Write an AWS Lambda function toprocess the log files and send an email message to the operations team when the numberof requests exceeds the threshold.
B. Create an Amazon CloudWatch rule to monitor the HealthyHostCount metric and sendAmazon Simple Notification Service (Amazon SNS) messages to the operations teamwhen HealthyHostCount is equal to zero.
C. Create an Amazon CloudWatch rule lo monitor the TargetConnectionErrorCount metricand send Amazon Simple Notification Service (Amazon SNS) messages to the operationsteam when TargetConnectionErrorCount is greater than 1.
D. Create an Amazon CloudWatch rule to monitor the HTTPCode_Target_5XX_Countmetric and send Amazon Simple Notification Service (Amazon SNS) messages to theoperations team when HTTPCode_Target_5XX_Count is greater than zero.

Show Answer

---

Question # 7

A company has multiple AWS accounts. The company uses AWS Organizations with an organizational unit (OU) tor the production account and another OU for the development account. Corporate policies state that developers may use only approved AWS services in the production account. What is the MOST operationally efficient solution to control the production account? 

A. Create a customer managed policy in AWS Identity and Access Management (1AM)Apply the policy to all users within the production account.
B. Create a job function policy in AWS Identity and Access Management (1AM). Apply thepolicy to all users within the production OU.
C. Create a service control policy (SCP). Apply the SCP to the production OU.
D. Create an IAM policy. Apply the policy in Amazon API Gateway to restrict the productionaccount.

Show Answer

---

Question # 8

A company wants to create a new Network Load Balancer (NLB) (or an existing interface VPC endpoint. A SysOps administrator tries to remove the existing NLB but sees the error "existing VPC Endpoint connections and cannot be removed." Which solution will resolve this issue? 

A. Create a new interface endpoint. Move the existing NLB to the new interface endpoint. Replace the NLB from the old endpoint with a new NLB. 
B. Create a new NLB. Disassociate the NLB used by the interface endpoint service. Associate the new NLB with the interface endpoint service
C. Disassociate the NLB used by the interface endpoint service. Create a new NLB and associate it with the Interface endpoint. 
D. Reject the interface endpoint connection. Disassociate the NLB. Create a new NLB and associate it with the interface endpoint. 

Show Answer

---

Question # 9

A SysOps administrator notices a scale-out event for an Amazon EC2 Auto Scaling group Amazon CloudWatch shows a spike in the RequestCount metric tor the associated Application Load Balancer The administrator would like to know the IP addresses for the source of the requests Where can the administrator find this information?

A. Auto Scaling logs
B. AWS CloudTrail logs
C. EC2 instance logs
D. Elastic Load Balancer access logs

Show Answer

---

Question # 10

A SysOps administrator needs to register targets for a Network Load Balancer (NL8) using IP addresses Which prerequisite should the SysOps administrator validate to perform this task?

A. Ensure the NLB listener security policy is set to ELBSecuntyPohcy-TLS-1-2-Ext-2018-06, ELBSecuntyPolicy-FS-1-2-Res-2019-08 or ELBSecuntyPolicy-TLS-1-0-2015-04
B. Ensure the heath check setting on the NLB for the Matcher configuration is between 200and 399
C. Ensure the targets are within any of these CIDR blocks: 10.0.0.0/8 (RFC I918)r100.64.0.0/10 (RFC 6598): 172.16.0.0/12 (RFC 1918), or 192.168.0.0/16 (RFC 1918).
D. Ensure the NLB is exposed as an endpoint service before registering the targets usingIP addresses

Show Answer

---

Question # 11

A company's application running on Amazon EC2 Linux recently crashed because it ran out ot available memory. Management wants to be alerted if this ever happens again. Which combination of steps will accomplish this? (Select TWO.)

A. Create an Amazon CloudWatch dashboard to monitor the memory usage metrics on theInstance over time.
B. Create an alarm on the dashboard that publishes an Amazon SNS notification to alertthe CIO when a threshold is passed.
C. Create an alarm on the metric that publishes an Amazon SNS notification to alert theCIO when a threshold is passed.
D. Create an alarm on the AWS Personal Health Dashboard that publishes an AmazonSNS notification to alert the CIO when the system is out of memory.
E. Configure the Amazon CloudWatch agent to collect and push memory usage metrics onthe instance.

Show Answer

---

Question # 12

A sysops administrator has an AWS Lambda function that performs maintenance on various AWS resources. This function must be run nightly. Which is the MOST costeffective solution?

A. Launch a single t2.nano Amazon EC2 instance and create a Linux cron job to invoke theLambda function at the same time every night.
B. Set up an Amazon CloudWatch metrics alarm to invoke the Lambda function at thesame time every night.
C. Schedule a CloudWatch event to invoke the Lambda function at the same time everynight.
D. Implement a Chef recipe in AWS OpsWorks stack to invoke the Lambda function at thesame time every night.

Show Answer

---

Question # 13

A SysOps administrator is implementing automated I/O load performance testing as part of lite continuous integraliorVcontinuous delivery (CI'CD) process for an application The application uses an Amazon Elastic Block Store (Amazon E8S) Provisioned IOPS volume for each instance that is restored from a snapshot and requires consistent I/O performance. During the initial tests, the I/O performance results are sporadic. The SysOps administrator must ensure that the tests yield more consistent results. Which actions could the SysOps administrator take to accomplish this goal? (Select TWO.)

A. Restore the EBS volume from the snapshot with fast snapshot restore enabled
B. Restore the EBS volume from the snapshot using the cold HDD volume type.
C. Restore the EBS volume from the snapshot and pre-warm the volume by reading all ofthe blocks.
D. Restore the EBS volume from the snapshot and configure encryption.
E. Restore the EBS volume from the snapshot and configure I/O block sizes at random

Show Answer

---

Question # 14

Users are struggling to connect to a single public-facing development web server using its public IP address on a unique port number ot 8181 The security group is correctly configured to allow access on that port and the network ACLs are using the default configuration. Which log type will confirm whether users are trying to connect to the correct port?

A. AWS CloudTrail logs
B. Elastic Load Balancer access logs
C. Amazon S3 access logs
D. VPC Flow Logs

Show Answer

---

Question # 15

A company will migrate its on-premises enterprise system to AWS. The enterprise system will be hosted on memory optimized Amazon EC2 instances across multiple Availability Zones. The enterprise system needs shared file storage that is scalable and block-based. A SysOps team must configure the encryption of data in transit tor the shared He system and develop a backup strategy to cost-effectively store the file system data centrally. Which solution will meet these requirements?

A. Use Amazon Elastic Block Store (Amazon EBS) for the shared file storage. Mount the EBS volume to the EC2 instances. Use a custom script to create a backup of the entire file system and protect data in transit by using SSL 
B. Use Amazon Elastic File System (Amazon EFS) for the shared file storage. Use AWS Backup to configure backups. Use lifecycle policies to automatically transition backups to cold storage. Use the amazon-efs-utils package to mount the EFS file system by using the TLS options
C. Use Amazon Elastic File System (Amazon EFS) for the shared file storage. Use AWS Backup to configure backups. Use lifecycle policies to automatically transition backups to cold storage Perform data-in-transit encryption by using client-side encryption. 
D. Use Amazon S3 for the shared file storage. Mount the S3 bucket directory to the EC2 instances. Use an S3 Lifecycle policy to archive the data in Amazon S3 Glacier. 

Show Answer

---

Question # 16

A SysOps administrator is running an automatically scaled application behind an Application Load Balancer. Scaling out Is triggered when the CPU Utilization instance metric is more than 75% across the Auto Scaling group. The administrator noticed aggressive scaling out. Developers suspect an application memory leak that is causing aggressive garbage collection cycles. How can the administrator troubleshoot the application without triggering the scaling process?

A. Create a scale down trigger when the CPUUtilization instance metric is at 70%.
B. Delete the Auto Scaling group and recreate it when troubleshooting is complete
C. Remove impacted instances from the Application Load Balancer.
D. Suspend the scaling process before troubleshooting.

Show Answer

---

Question # 17

A company uses LDAP-based credentials and Has a Security Assertion Markup Language (SAML) 2.0 identity provider. A SysOps administrator has configured various federated roles in a new AWS account to provide AWS Management Console access for groups of users that use the existing LDAP-Based credentials. Several groups want to use the AWS CLI on their workstations to automate daily tasks. To enable them to do so, the SysOps administrator has created an application that authenticates a user and generates a SAML assertion. Which API call should be used to retrieve credentials for federated programmatic access?

A. sts:AssumeRote
B. sts:AssumeRoleWithSAML
C. stsAssumeRoleWithWebldentity
D. sts:GetFederationToken

Show Answer

---

Question # 18

A company with dozens of AWS accounts wants to ensure that governance rules are being applied across all accounts. The CIO has recommended that AWS Config rules be deployed using an AWS Cloud Formation template. How should this be accomplished?

A. Create a Cloud Form at ion stack in the master account of AWS Organizations andexecute the Cloud Formation template to create AWS Config rules in all accounts.
B. Create a CloudFormation stack set. then select the Cloud Formation template and use Itto configure the AWS accounts.
C. Use AWS Organizations to execute the CloudFormation template in all accounts.
D. Write a script that iterates over the company's AWS accounts and executes the CloudFormation template in each account.

Show Answer

---

Question # 19

A company relies on a fleet of Amazon EC2 instances to support an application. One of the EC2 instances was scheduled for hardware maintenance by AWS. An operations team did not remove the EC2 instance from the fleet in advance of the scheduled maintenance, and an unplanned outage resulted. A SysOps administrator must configure notifications to let the operations team know about scheduled maintenance in the future. Which action should the SysOps administrator take to meet this requirement?

A. Create an AWS Lambda function K> look up user data settings of the EC2 instance andpublish a notification to an Amazon Simple Notification Service {Amazon SNS) topic.
B. Create AWS Config rules to monitor the fleet of EC2 instances and publish a notificationto an Amazon Simple Notification Service {Amazon SNS) topic.
C. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to publish AWSPersonal Health Dashboard events to an Amazon Simple Notification Service (AmazonSNS) topic.
D. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule to publish AWSService Health Dashboard events lo an Amazon Simple Notification Service (Amazon SNS)topic.

Show Answer

---

Question # 20

A company is using AWS Storage Gateway to create block storage volumes and mount them as Internet Small Computer Systems Interlace (iSCSI) devices from on-premise! servers As the Storage Gateway has taken on several new projects some of the Development teams report that the performance of the iSCSI drives has degraded. When checking the Amazon CloudWatch metrics a SysOps Administrator notices that the cachePercentUsed metric is below 60% and the cachePercentUsed metric is above 90%. What steps should the Administrator take to increase Storage Gateway performance?

A. Change the default block size for the Storage Gateway from 64 KB to 128 KB 256 KB or512 KB to improve I/O performance
B. Create a larger disk for the cached volume. In the AWS Management Console. edit thelocal disks then select the new disk as the cached volume
C. Ensure that the physical disks for the Storage Gateway are in a RAID 1 configuration toallow higher throughput
D. Take point in time snapshots of all the volumes in Storage Gateway flush the cachecompletely then restore the volumes from the clean snapshots

Show Answer

---

Question # 21

An organization stores sensitive customer information in S3 buckets protected by bucket policies. Recently, there have been reports that unauthorized entities within the company have been trying to access the data on those S3 buckets. The chief information security officer (CISO) would like to know which buckets are being targeted and determine who is responsible for trying to access that information. Which steps should a SysOps administrator take to meet the CISO's requirement? (Select TWO.)

A. Enable Amazon S3 Analytics on all affected S3 buckets to obtain a report of whichbuckets are being accessed without authorization.
B. Enable Amazon S3 Server Access Logging on all affected S3 buckets and have the logsstored in a bucket dedicated for logs.
C. Use Amazon Athena to query S3 Analytics reports for HTTP 403 errors, and determinethe 1AM user or role making the requests.
D. Use Amazon Athena to query the S3 Server Access Logs for HTTP 403 errors, anddetermine the 1AM user or role making the requests.
E. Use Amazon Athena to query the S3 Server Access Logs for HTTP 503 errors, anddetermine the 1AM user or role making the requests.

Show Answer

---

Question # 22

A SysOps administrator is evaluating Amazon Route 53 DNS options to address concerns about high availability tor an on-premises website. The website consists of two servers: a primary active server and a secondary passive server. Route 53 should route traffic to the primary server if the associated health check returns 2xx or 3xx HTTP codes. AH other traffic should be directed to the secondary passive server. The failover record type, set ID, and routing policy have been set appropriately for both primary and secondary servers. Which next step should be taken to configure Route 53?

A. Create an A record for each server. Associate the records with the Route 53 HTTP health check.
B. Create an A record for each server. Associate the records with the Route 53 TCP health check.
C. Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 HTTP health check.  
D. Create an alias record for each server with evaluate target health set to yes. Associate the records with the Route 53 TCP health check. 

Show Answer

---

Question # 23

A SysOps administrator is investigating why a user has been unable to use RDP to connect over the internet from their home computer to a bastion server running on an Amazon EC2 Windows instance Which of the following are possible causes of this issue? (Select TWO.)

A. A network ACL associated with the bastion's subnet is blocking the network traffic
B. The instance does not have a private IP address.
C. The route table associated with the bastion's subnet does not have a route to theinternet gateway
D. The security group for the instance does not have an inbound rule on port 22
E. The security group for the instance does not have an outbound rule on port 3389.

Show Answer

---

Question # 24

A SysOps administrator is configuring an application on AWS to be used over the internet by departments in other countries For remote locations, the company requires a static public IP address to be explicitly allowed as a target for outgoing internet traffic How should the SysOps administrator deploy the application to meet this requirement? 

A. Deploy the application on an Amazon Elastic Container Service (Amazon ECS) clusterConfigure an AWS App Mesh service mesh.
B. Deploy the application as AWS Lambda functions behind an Application Load Balancer
C. Deploy the application on Amazon EC2 instances behind an internet-facing NetworkLoad Balancer
D. Deploy the application on an Amazon Elastic Kubernetes Service (Amazon EKS) clusterbehind an Amazon API Gateway

Show Answer

---

Question # 25

A company is running an application on Amazon EC2 instances. The company needs to stop all development instances during non-business hours to reduce costs. The instances must be started again at trie beginning of each business day. Which solution meets these requirements with the LEAST administrative overhead?

A. Add the instances to an EC2 Auto Scaling group. Configure the scaling policy to scale in when the instances are at low CPU utilization levels.
B. Create a cron script on each EC2 instance that shuts down the instance at the end of each day.
C. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that triggers an Amazon Simple Notification Service (Amazon SNS) topic to let a SysOps administrator know to start or stop the EC2 instances.
D. Create Amazon EventBridge (Amazon CloudWatch Events) scheduled rules that trigger an AWS Lambda function to start or stop the EC2 instances. 

Show Answer

---

Question # 26

A company is managing multiple AWS accounts using AWS Organizations. One of these accounts is used only for retaining logs in an Amazon S3 bucket The company wants to make sure that compute resources cannot be used in the account. How can this be accomplished with the LEAST administrative effort?

A. Apply an 1AM policy to all 1AM entities in the account with a statement to explicitly denyNotAction: s3:
B. Configure AWS Config to terminate compute resources that have been created in theaccounts.
C. Configure AWS CloudTrail to block any action where the event source is nots3.amazonaws.com.
D. Update the service control policy on the account to deny the unapproved services.

Show Answer

---

Question # 27

An ecommerce company uses an Amazon ElastiCache for memcached cluster for inmemory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the sysops administrator notices a large number of evictions.Which of the following actions will reduce these evictions? (Select Two)  

A. Add an additional node to the ElasticCache cluster.
B. Increase the ElastiCache time to the live (TTL).
C. Increase the individual node size inside the ElasiCache cluster.
D. Put an Elastic load Balancer in front of the ElasticCache cluster.
E. Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster.

Show Answer

---

Question # 28

A company has a web application that is experiencing performance problems many times each night. A root cause analysis reveals spikes in CPU utilization that last 5 minutes on an Amazon EC2 Linux instance. A SysOps administrator is tasked with finding the process ID (PID) of the service or process that is consuming more CPU. How can the administrator accomplish this with the LEAST amount of effort?

A. Configure an AWS Lambda function in Python 3.7 to run every minute to capture the PID and send a notification
B. Configure the procstat plugin to collect and send CPU metrics for the running processes.  
C. Log in to the EC2 Linux instance using a .pern key each night and then run the top command 
D. Use the default Amazon CloudWatch CPU utilization metric to capture the PID in the CloudWatch dashboard. 

Show Answer

---

Question # 29

An application is being developed that will be served across a fleet of Amazon EC2 instances, which require a consistent view of persistent data. Items stored vary in size from 1 KB lo 300MB; the items are read frequently, created occasionally, and often require partial changes without conflict. The data store is not expected to grow beyond 2TB. and items will be expired according to age and content type. Which AWS service solution meets these requirements?

A. Amazon S3 buckets with lifecycle policies to delete old objects  
B. Amazon ROS PostgreSQL and a job that deletes rows based on age and file type columns
C. Amazon EFS and a scheduled process to delete files based on age and extension.  
D. An EC2 instance store synced on boot from a central Amazon EBS-backed instance.  

Show Answer

---

Question # 30

A SysOps administrator must deploy a company's infrastructure as code (laC) The administrator needs to write a single template that can be reused for multiple environments in a safe, repeatable manner How should the administrator meet this requirement by using AWS Cloud Formation? 

A. Use duplicate resource definitions for each environment selected based on conditions  
B. Use nested stacks to provision the resources  
C. Use parameter references and mappings for resource attributes  
D. Use AWS Cloud Formation StackSets to provision the resources  

Show Answer

---

Question # 31

A company has several business units that want to use Amazon EC2. The company wants to require all business units to provision their EC2 instances by using only approved EC2 instance configurations What should a SysOps administrator do to implement this requirement?

A. Create an EC2 instance launch configuration. Allow the business units to launch EC2 instances by specifying this launch configuration in the AWS Management Console
B. Develop an 1AM policy that limits the business units to provision EC2 instances only Instruct the business units to launch instances by using an AWS CtoudFormation template. 
C. Publish a product and launch constraint role for EC2 instances by using AWS Service Catalog Allow the business units to perform actions in AWS Service Catalog only 
D. Share an AWS CloudFormation template with the business units Instruct the business units to pass a role to AWS CloudFormation to allow the service to manage EC2 instances. 

Show Answer

---

Question # 32

A SysOps administrator is creating an AWS CloudFormation template that uses Amazon EC2 auto scaling to launch EC2 instances with windows 2016. The administrator wants to configure the CloudFormation template to ensure that newly launched instances include recent security updates before serving application traffic. This will minimize the time it takes for the instance to start.Which action will meet these requirements?

A. Configure the template to retrieve the latest windows Amazon machine image (AMI) from AWS systems manager parameter store.
B. Configure the template to use AWS system manager patch manager to update instances when they are launched.
C. Create a CloudFormation nested stack that creates a new Amazon Machine Image (AMI), then use that AMI ID in the auto scaling launch configuration.
D. Update the template with a user data script that runs windows update using the command line and then calls cfn-signal.

Show Answer

---

Testimonials