Amazon AWS Certified CloudOps Engineer - Associate SOA-C03 - AWS Certified CloudOps Engineer - Associate SOA-C03 Exam
Page: 1 / 15
Total 75 questions
Question #1 (Topic: Exam A)
A CloudOps engineer is examining the following AWS CloudFormation template:
Why will the stack creation fail?
Why will the stack creation fail?
A. The Outputs section of the CloudFormation template was omitted.
B. The Parameters section of the CloudFormation template was omitted.
C. The PrivateDnsName cannot be sot from a CloudFormation template.
D. The VPC was not specified in the CloudFormation template.
Answer: C
Question #2 (Topic: Exam A)
A company applies user-defined tags to resources that are associated with the company's AWS workloads. Twenty days after applying the tags, the company notices that it cannot use the tags to filter views in the AWS Cost Explorer console.
What is the reason for this issue?
What is the reason for this issue?
A. It takes at least 30 days to be able to use tags to filter views in Cost Explorer.
B. The company has not activated the user-defined tags for cost allocation.
C. The company has not created an AWS Cost and Usage Report.
D. The company has not created a usage budget in AWS Budgets.
Answer: B
Question #3 (Topic: Exam A)
An environment consists of 100 Amazon EC2 Windows instances. The Amazon CloudWatch agent is deployed and running on all EC2 instances with a baseline configuration file to capture log files. There is a new requirement to capture the DHCP log files that exist on 50 of the instances.
What is the MOST operationally efficient way to meet this new requirement?
What is the MOST operationally efficient way to meet this new requirement?
A. Create an additional CloudWatch agent configuration filo to capture the DHCP logs. Use the AWS Systems Manager Run Command to restart the CloudWatch agent on each EC2 instance with the append-config option to apply the additional configuration file.
B. Log in to each EC2 instance with administrator rights. Create a PowerShell script to push the needed baseline log files and DHCP log files to CloudWatch.
C. Run the CloudWatch agent configuration file wizard on each EC2 instance. Verify that the baseline log files are included and add the DHCP log files during the wizard creation process.
D. Run the CloudWatch agent configuration file wizard on each EC2 instance and select the advanced detail level. This will capture the operating system log files.
Answer: A
Question #4 (Topic: Exam A)
A company is storing backups in an Amazon S3 bucket. The backups must not be deleted for at least 3 months after the backups are created.
What should a CloudOps engineer do to meet this requirement?
What should a CloudOps engineer do to meet this requirement?
A. Configure an IAM policy that denies the s3:DeleteObject action for all users. Three months after an object is written, remove the policy.
B. Enable S3 Object Lock on a new S3 bucket in compliance mode. Place all backups in the new S3 bucket with a retention period of 3 months.
C. Enable S3 Versioning on the existing S3 bucket. Configure S3 Lifecycle rules to protect the backups.
D. Enable S3 Object Lock on a new S3 bucket in governance mode. Place all backups in the new S3 bucket with a retention period of 3 months.
Answer: B
Question #5 (Topic: Exam A)
A company's CloudOps engineer is troubleshooting communication between the components of an application. The company configured VPC flow logs to be published to Amazon CloudWatch Logs However, there are no logs in CloudWatch Logs.
What could be blocking the VPC flow logs from being published to CloudWatch Logs?
What could be blocking the VPC flow logs from being published to CloudWatch Logs?
A. The IAM policy that is attached to the IAM role for the flow log is missing the logs:CreateLogGroup permission.
B. The IAM policy that is attached to the IAM role for the flow log is missing the logs:CreateExportTask permission.
C. The VPC is configured for IPv6 addresses.
D. The VPC is peered with another VPC in the AWS account
Answer: A
