Download AWS Certified SysOps Administrator - Associate.SOA-C02.ExamTopics.2026-04-07.449q.tqb

Vendor: Amazon
Exam Code: SOA-C02
Exam Name: AWS Certified SysOps Administrator - Associate
Date: Apr 07, 2026
File Size: 3 MB
Download Exam

How to open TQB files?

Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.

Download
Taurus Exam Studio

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
An organization is using cost allocation tags to find the cost distribution of different departments and projects. One of the instances has two separate tags with the key/ value as "InstanceName/HR", "CostCenter/HR". What will AWS do in this case?
  1. InstanceName is a reserved tag for AWS. Thus, AWS will not allow this tag
  2. AWS will not allow the tags as the value is the same for different keys
  3. AWS will allow tags but will not show correctly in the cost allocation report due to the same value of the two separate keys
  4. AWS will allow both the tags and show properly in the cost distribution report
Correct answer: D
Explanation:
AWS provides cost allocation tags to categorize and track the AWS costs. When the user applies tags to his AWS resources, AWS generates a cost allocation report as a comma-separated value (CSV file. with the usage and costs aggregated by those tags. Each tag will have a key-value and can be applied to services, such as EC2, S3, RDS, EMR, etc. It is required that the key should be different for each tag. The value can be the same for different keys. In this case since the value is different, AWS will properly show the distribution report with the correct values.
AWS provides cost allocation tags to categorize and track the AWS costs. When the user applies tags to his AWS resources, AWS generates a cost allocation report as a comma-separated value (CSV file. with the usage and costs aggregated by those tags. Each tag will have a key-value and can be applied to services, such as EC2, S3, RDS, EMR, etc. It is required that the key should be different for each tag. The value can be the same for different keys. In this case since the value is different, AWS will properly show the distribution report with the correct values.
Question 2
What is Amazon Import/Export?
  1. A properly configured service role and instance profile
  2. An international shipping division to help you enhance your sales reach
  3. A service that accelerates transferring large amounts of data into and out of AWS using physical storage appliances
  4. A software developed by Amazon to migrate the data from/to your datacenter to AWS
Correct answer: C
Explanation:
AWS Import/Export accelerates transferring large amounts of data between the AWS cloud and portable storage devices that you mail to us. AWS transfers data directly onto and off of your stor-age devices using Amazon high-speed internal network.Reference:http://docs.aws.amazon.com/AWSImportExport/latest/DG/whatisIE.html
AWS Import/Export accelerates transferring large amounts of data between the AWS cloud and portable storage devices that you mail to us. AWS transfers data directly onto and off of your stor-age devices using Amazon high-speed internal network.
Reference:
http://docs.aws.amazon.com/AWSImportExport/latest/DG/whatisIE.html
Question 3
What does enabling a sticky session with ELB do?
  1. Routes all the requests to a single DNS
  2. Ensures that all requests from the user's session are sent to multiple instances
  3. Binds the user session with a specific instance
  4. Provides a single ELB DNS for each IP address
Correct answer: C
Explanation:
By default, a load balancer routes each request independently to the registered instance with the smallest load. However, you can use the sticky session feature(also known as session affinity), which enables the load balancer to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.Reference:http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-sticky-sessions.html
By default, a load balancer routes each request independently to the registered instance with the smallest load. However, you can use the sticky session feature
(also known as session affinity), which enables the load balancer to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.
Reference:
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-sticky-sessions.html
Question 4
Amazon EC2 provides virtual computing environments known as _____.
  1. instances
  2. volumes
  3. microsystems
  4. servers
Correct answer: A
Explanation:
Amazon EC2 provides virtual computing environments known as instances. When you launch an instance, the instance type that you specify determines the hardware of the host computer used for your instance. Each instance type offers different compute, memory, and storage capabilities and are grouped in instance families based on these capabilities. Select an instance type based on the re-quirements of the application or software that you plan to run on your instance.Reference:http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html
Amazon EC2 provides virtual computing environments known as instances. When you launch an instance, the instance type that you specify determines the hardware of the host computer used for your instance. Each instance type offers different compute, memory, and storage capabilities and are grouped in instance families based on these capabilities. Select an instance type based on the re-quirements of the application or software that you plan to run on your instance.
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html
Question 5
A user has created a VPC with two subnets: one public and one private. The user is planning to run the patch update for the instances in the private subnet. How can the instances in the private subnet connect to the Internet?
  1. Use the internet gateway with a private IP
  2. Allow outbound traffic in the security group for port 80 to allow internet updates
  3. The private subnet can never connect to the internet
  4. Use NAT with an elastic IP
Correct answer: D
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. A user can create a subnet with VPC and launch instances inside that subnet. If the user has created two subnets (one private and one public., he would need a Network Address Translation (NAT) instance with the elastic IP address. This enables the instances in the private subnet to send requests to the Internet (for example, to perform software updates).
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. A user can create a subnet with VPC and launch instances inside that subnet. If the user has created two subnets (one private and one public., he would need a Network Address Translation (NAT) instance with the elastic IP address. This enables the instances in the private subnet to send requests to the Internet (for example, to perform software updates).
Question 6
A user is measuring the CPU utilization of a private data center machine every minute. The machine provides the aggregate of data every hour, such as "Sum of data", "Min value", "Max value", and "Number of Data points".
The user wants to send these values to CloudWatch. How can the user achieve this?
  1. Send the data using the put-metric-data command with the aggregate-values parameter
  2. Send the data using the put-metric-data command with the average-values parameter
  3. Send the data using the put-metric-data command with the statistic-values parameter
  4. Send the data using the put-metric-data command with the aggregate -data parameter
Correct answer: C
Explanation:
AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to CloudWatch using CLI or APIs. The user can publish the data to CloudWatch as single data points or as an aggregated set of data points called a statistic set using the command put-metric-data. When sending the aggregate data, the user needs to send it with the parameter statistic-values:
AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to CloudWatch using CLI or APIs. The user can publish the data to CloudWatch as single data points or as an aggregated set of data points called a statistic set using the command put-metric-data. When sending the aggregate data, the user needs to send it with the parameter statistic-values:
Question 7
A user has configured an ELB to distribute the traffic among multiple instances. The user instances are facing some issues due to the back-end servers. Which of the below mentioned CloudWatch metrics helps the user understand the issue with the instances?
  1. HTTPCode_Backend_3XX
  2. HTTPCode_Backend_4XX
  3. HTTPCode_Backend_2XX
  4. HTTPCode_Backend_5XX
Correct answer: D
Explanation:
CloudWatch is used to monitor AWS as well as the custom services. For ELB, CloudWatch provides various metrics including error code by ELB as well as by back-end servers (instances). It gives data for the count of the number of HTTP response codes generated by the back-end instances. This metric does not include any response codes generated by the load balancer. These metrics are:The 2XX class status codes represents successful actionsThe 3XX class status code indicates that the user agent requires actionThe 4XX class status code represents client errorsThe 5XX class status code represents back-end server errors
CloudWatch is used to monitor AWS as well as the custom services. For ELB, CloudWatch provides various metrics including error code by ELB as well as by back-end servers (instances). It gives data for the count of the number of HTTP response codes generated by the back-end instances. This metric does not include any response codes generated by the load balancer. These metrics are:
The 2XX class status codes represents successful actions
The 3XX class status code indicates that the user agent requires action
The 4XX class status code represents client errors
The 5XX class status code represents back-end server errors
Question 8
A user has configured Auto Scaling with 3 instances. The user had created a new AMI after updating one of the instances. If the user wants to terminate two specific instances to ensure that Auto Scaling launches an instances with the new launch configuration, which command should he run?
  1. as-delete-instance-in-auto-scaling-group <Instance ID> --no-decrement-desired-capacity
  2. as-terminate-instance-in-auto-scaling-group <Instance ID> --update-desired-capacity
  3. as-terminate-instance-in-auto-scaling-group <Instance ID> --decrement-desired-capacity
  4. as-terminate-instance-in-auto-scaling-group <Instance ID> --no-decrement-desired-capacity
Correct answer: D
Explanation:
The Auto Scaling command as-terminate-instance-in-auto-scaling-group <Instance ID> will terminate the specific instance ID. The user is required to specify the parameter as -no-decrement-desired-capacity to ensure that it launches a new instance from the launch config after terminating the instance. If the user specifies the parameter --decrement-desired-capacity then Auto Scaling will terminate the instance and decrease the desired capacity by 1.
The Auto Scaling command as-terminate-instance-in-auto-scaling-group <Instance ID> will terminate the specific instance ID. The user is required to specify the parameter as -no-decrement-desired-capacity to ensure that it launches a new instance from the launch config after terminating the instance. If the user specifies the parameter --decrement-desired-capacity then Auto Scaling will terminate the instance and decrease the desired capacity by 1.
Question 9
A system admin is planning to encrypt all objects being uploaded to S3 from an application. The system admin does not want to implement his own encryption algorithm; instead he is planning to use server side encryption by supplying his own key (SSE-C). Which parameter is not required while making a call for SSE-C?
  1. x-amz-server-side-encryption-customer-key-AES-256
  2. x-amz-server-side-encryption-customer-key
  3. x-amz-server-side-encryption-customer-algorithm
  4. x-amz-server-side-encryption-customer-key-MD5
Correct answer: A
Explanation:
AWS S3 supports client side or server side encryption to encrypt all data at rest. The server side encryption can either have the S3 supplied AES-256 encryption key or the user can send the key along with each API call to supply his own encryption key (SSE-C). When the user is supplying his own encryption key, the user has to send the below mentioned parameters as a part of the API calls: x-amz-server-side-encryption-customer-algorithm: Specifies the encryption algorithm x-amz-server-side-encryption-customer-key: To provide the base64-encoded encryption key x-amz-server-side-encryption-customer-key-MD5: To provide the base64-encoded 128-bit MD5 digest of the encryption key
AWS S3 supports client side or server side encryption to encrypt all data at rest. The server side encryption can either have the S3 supplied AES-256 encryption key or the user can send the key along with each API call to supply his own encryption key (SSE-C). When the user is supplying his own encryption key, the user has to send the below mentioned parameters as a part of the API calls: x-amz-server-side-encryption-customer-algorithm: Specifies the encryption algorithm x-amz-server-side-encryption-customer-key: To provide the base64-encoded encryption key x-amz-server-side-encryption-customer-key-MD5: To provide the base64-encoded 128-bit MD5 digest of the encryption key
Question 10
A user has created a VPC with CIDR 20.0.0.0/16. The user has created one subnet with CIDR 20.0.0.0/16 by mistake. The user is trying to create another subnet of CIDR 20.0.0.1/24. How can the user create the second subnet?
  1. There is no need to update the subnet as VPC automatically adjusts the CIDR of the first subnet based on the second subnet's CIDR
  2. The user can modify the first subnet CIDR from the console
  3. It is not possible to create a second subnet as one subnet with the same CIDR as the VPC has been created
  4. The user can modify the first subnet CIDR with AWS CLI
Correct answer: C
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. A user can create a subnet with VPC and launch instances inside the subnet. The user can create a subnet with the same size of VPC. However, he cannot create any other subnet since the CIDR of the second subnet will conflict with the first subnet. The user cannot modify the CIDR of a subnet once it is created. Thus, in this case if required, the user has to delete the subnet and create new subnets.
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. A user can create a subnet with VPC and launch instances inside the subnet. The user can create a subnet with the same size of VPC. However, he cannot create any other subnet since the CIDR of the second subnet will conflict with the first subnet. The user cannot modify the CIDR of a subnet once it is created. Thus, in this case if required, the user has to delete the subnet and create new subnets.
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!