Want to pass your AWS Certified SysOps Administrator - Associate (SOA-C02) SOA-C02 exam in the very first attempt? Try Pass2lead! It is equally effective for both starters and IT professionals.
VCE
A company has created a NAT gateway in a public subnet in a VPC. The VPC also contains a private subnet that includes Amazon EC2 instances. The EC2 instances use the NAT gateway to access the internet to download patches and updates. The company has configured a VPC flow log for the elastic network interface of the NAT gateway. The company is publishing the output to Amazon CloudWatch Logs.
A SysOps administrator must identify the top five internet destinations that the EC2 instances in the private subnet communicate with for downloads.
What should the SysOps administrator do to meet this requirement in the MOST operationally efficient way?
A. Use AWS CloudTrail Insights events to identify the top five internet destinations.
B. Use Amazon CloudFront standard logs (access logs) to identify the top five internet destinations.
C. Use CloudWatch Logs Insights to identify the top five internet destinations.
D. Change the flow log to publish logs to Amazon S3. Use Amazon Athena to query the log files in Amazon S3.
A SysOps administrator is responsible for a company's security groups. The company wants to maintain a documented trail of any changes that are made to the security groups. The SysOps administrator must receive notification whenever the security groups change.
Which solution will meet these requirements?
A. Set up Amazon Detective to record security group changes. Specify an Amazon CloudWatch Logs log group to store configuration history logs. Create an Amazon Simple Queue Service (Amazon SOS) queue for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SQS queue.
B. Set up AWS Systems Manager Change Manager to record security group changes. Specify an Amazon CloudWatch Logs log group to store configuration history logs. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
C. Set up AWS Config to record security group changes. Specify an Amazon S3 bucket as the location for configuration snapshots and history files. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
D. Set up Amazon Detective to record security group changes. Specify an Amazon S3 bucket as the location for configuration snapshots and history files. Create an Amazon Simple Notification Service (Amazon SNS) topic for notifications about configuration changes. Subscribe the SysOps administrator's email address to the SNS topic.
A SysOps administrator has many Windows Amazon EC2 instances that need to share a file system between nodes. The SysOps administrator creates an Amazon Elastic File System (Amazon EFS) file share. After creation of the file share, the SysOps administrator is having trouble mounting the file share to the EC2 instances.
Which action should the SysOps administrator take so that the EC2 instances can share the files?
A. Delete the EFS file share. Create an Amazon FSx for Windows File Server file share for the EC2 instances.
B. Use the correct IAM credentials to mount the EFS file share.
C. Configure NFSv4 support on the Windows operating system that is running on the EC2 instances.
D. Allow the correct port for NFS through the security group and network ACL.