Summer Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dealsixty

PDF SOA-C02 Study Guide

Previous
Page: 4 / 6
Next
Question 16

A company is creating a new multi-account architecture. A Sysops administrator must implement a login solution to centrally manage

user access and permissions across all AWS accounts. The solution must be integrated with AWS Organizations and must be connected to a third-party Security Assertion Markup Language (SAML) 2.0 identity provider (IdP).

What should the SysOps administrator do to meet these requirements?

Options:

A.

Configure an Amazon Cognito user pool. Integrate the user pool with the third-party IdP.

B.

Enable and configure AWS Single Sign-On with the third-party IdP.

C.

Federate the third-party IdP with AWS Identity and Access Management (IAM) for each AWS account in the organization.

D.

Integrate the third-party IdP directly with AWS Organizations.

Question 17

A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an

EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.

Which condition should be used with the alarm?

Options:

A.

AWS/ApplicationELB HealthyHostCount <= 0

B.

AWS/ApplicationELB UnhealthyHostCount >= 1

C.

AWS/EC2 StatusCheckFailed <= 0

D.

AWS/EC2 StatusCheckFailed >= 1

Question 18

A company needs to automatically monitor an AWS account for potential unauthorized AWS Management Console logins from multiple geographic locations.

Which solution will meet this requirement?

Options:

A.

Configure Amazon Cognito to detect any compromised 1AM credentials.

B.

Set up Amazon Inspector. Scan and monitor resources for unauthorized logins.

C.

Set up AWS Config. Add the iam-policy-blacklisted-check managed rule to the account.

D.

Configure Amazon GuardDuty to monitor the UnauthorizedAccess:IAMUser/ConsoleLoginSuccess finding.

Question 19

A SysOps administrator trust manage the security of An AWS account Recently an IAM users access key was mistakenly uploaded to a public code repository. The SysOps administrator must identity anything that was changed by using this access key.

Options:

A.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all IAM events lo an AWS Lambda function for analysis

B.

Query Amazon EC2 togs by using Amazon CloudWatch Logs Insights for all events Heated with the compromised access key within the suspected timeframe

C.

Search AWS CloudTrail event history tor all events initiated with the compromised access key within the suspected timeframe

D.

Search VPC Flow Logs foe all events initiated with the compromised access key within the suspected Timeframe.

Previous
Page: 4 / 6
Next
AWS Certified Associate SOA-C02 Dumps PDF, Pearson SOA-C02 New Attempt, PDF SOA-C02 Study Guide, New Release SOA-C02 AWS Certified Associate Questions, AWS Certified Associate SOA-C02 Exam Questions and Answers PDF,
Exam Code: SOA-C02
Exam Name: AWS Certified SysOps Administrator - Associate (SOA-C02)
Last Update: Apr 19, 2024
Questions: 305
SOA-C02 pdf

SOA-C02 PDF

$32  $80
 Add to Cart
SOA-C02 Engine

SOA-C02 Testing Engine

$38  $95
 Add to Cart
SOA-C02 PDF + Engine

SOA-C02 PDF + Testing Engine

$52  $130
 Add to Cart