SOA-C02 Free Practice Test

- (Exam Topic 1)
A company has multiple Amazon EC2 instances that run a resource-intensive application in a development environment. A SysOps administrator is implementing a solution to stop these EC2 instances when they are not in use.
Which solution will meet this requirement?

1. A. Assess AWS CloudTrail logs to verify that there is no EC2 API activit
2. B. Invoke an AWS Lambda function to stop the EC2 instances.
3. C. Create an Amazon CloudWatch alarm to stop the EC2 instances when the average CPU utilization is lower than 5% for a 30-minute period.
4. D. Create an Amazon CloudWatch metric to stop the EC2 instances when the VolumeReadBytes metric is lower than 500 for a 30-minute period.
5. E. Use AWS Config to invoke an AWS Lambda function to stop the EC2 instances based on resource configuration changes.

Correct Answer: B
https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html#AddingStopActi

- (Exam Topic 2)
You need to update an existing AWS CloudFormation stack. If needed, a copy to the CloudFormation template is available in an Amazon SB bucket named cloudformation-bucket
* 1. Use the us-east-2 Region for all resources.
* 2. Unless specified below, use the default configuration settings.
* 3. update the Amazon EQ instance named Devinstance by making the following changes to the stack named 1700182:
* a) Change the EC2 instance type to us-east-t2.nano.
* b) Allow SSH to connect to the EC2 instance from the IP address range 192.168.100.0/30.
* c) Replace the instance profile IAM role with IamRoleB.
* 4. Deploy the changes by updating the stack using the CFServiceR01e role.
* 5. Edit the stack options to prevent accidental deletion.
* 6. Using the output from the stack, enter the value of the Prodlnstanceld in the text box below:

Solution:
Here are the steps to update an existing AWS CloudFormation stack:
Log in to the AWS Management Console and navigate to the CloudFormation service in the us-east-2 Region.
Find the existing stack named 1700182 and click on it.
Click on the "Update" button.
Choose "Replace current template" and upload the updated CloudFormation template from the Amazon S3 bucket named "cloudformation-bucket"
In the "Parameter" section, update the EC2 instance type to us-east-t2.nano and add the IP address range 192.168.100.0/30 for SSH access.
Replace the instance profile IAM role with IamRoleB.
In the "Capabilities" section, check the checkbox for "IAM Resources"
Choose the role CFServiceR01e and click on "Update Stack"
Wait for the stack to be updated.
Once the update is complete, navigate to the stack and click on the "Stack options" button, and select "Prevent updates to prevent accidental deletion"
To get the value of the Prodlnstanceld , navigate to the "Outputs" tab in the CloudFormation stack and
find the key "Prodlnstanceld". The value corresponding to it is the value that you need to enter in the text box below.
Note:
You can use AWS CloudFormation to update an existing stack.
You can use the AWS CloudFormation service role to deploy updates.
You can refer to the AWS CloudFormation documentation for more information on how to update and manage stacks: https://aws.amazon.com/cloudformation/

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 1)
A SysOps administrator uses AWS Systems Manager Session Manager to connect to instances After the SysOps administrator launches a new Amazon EC2 instance the EC2 instance does not appear in the Session Manager list of systems that are available for connection. The SysOps administrator verities that Systems Manager Agent is installed updated and running on the EC2 instance
What is the reason for this issue?

1. A. The SysOps administrator does not have access to the key pair that is required for connection
2. B. The SysOps administrator has not attached a security group to the EC2 instance to allow SSH on port 22.
3. C. The EC2 instance does not have an attached IAM role that allows Session Manager to connect to the EC2 instance.
4. D. The EC2 instance ID has not been entered into the Session Manager configuration

Correct Answer: C

- (Exam Topic 1)
A Sysops administrator has created an Amazon EC2 instance using an AWS CloudFormation template in the us-east-I Region. The administrator finds that this
template has failed to create an EC2 instance in the us-west-2 Region. What is one cause for this failure?

1. A. Resource tags defined in the CloudFormation template are specific to the us-east-I Region.
2. B. The Amazon Machine Image (AMI) ID referenced in the CloudFormation template could not be found in the us-west-2 Region.
3. C. The cfn-init script did not run during resource provisioning in the us-west-2 Region.
4. D. The IAM user was not created in the specified Region.

Correct Answer: B
One possible cause for the failure of the CloudFormation template to create an EC2 instance in the us-west-2 Region is that the Amazon Machine Image (AMI) ID referenced in the template could not be found in the us-west-2 Region. This could be due to the fact that the AMI is not available in that region, or the credentials used to access the AMI were not configured properly. The other options (resource tags defined in the CloudFormation template are specific to the us-east-I Region, the cfn-init script did not run during resource provisioning in the us-west-2 Region, and the IAM user was not created in the specified Region) are not valid causes for this failure.

- (Exam Topic 1)
A company recently acquired another corporation and all of that corporation's AWS accounts. A financial analyst needs the cost data from these accounts. A SysOps administrator uses Cost Explorer to generate cost and usage reports. The SysOps administrator notices that "No Tagkey" represents 20% of the monthly cost.
What should the SysOps administrator do to tag the "No Tagkey" resources?

1. A. Add the accounts to AWS Organization
2. B. Use a service control policy (SCP) to tag all the untagged resources.
3. C. Use an AWS Config rule to find the untagged resource
4. D. Set the remediation action to terminate the resources.
5. E. Use Cost Explorer to find and tag all the untagged resources.
6. F. Use Tag Editor to find and taq all the untaqqed resources.

Correct Answer: D
"You can add tags to resources when you create the resource. You can use the resource's service console or API to add, change, or remove those tags one resource at a time. To add tags to—or edit or delete tags
of—multiple resources at once, use Tag Editor. With Tag Editor, you search for the resources that you want to tag, and then manage tags for the resources in your search results." https://docs.aws.amazon.com/ARG/latest/userguide/tag-editor.html