AWS Certified SysOps Administrator - Associate Exam (SOA-C02) - AWS Actual Exam Questions
Last updated on February 20, 2026
[Monitoring, Reporting, and Automation] The company needs to minimize network latency for a cluster of EC2 instances running custom software for advanced statistical analysis. Options:
Place all the EC2 instances into a cluster placement group.
Configure and assign two Elastic IP addresses for each EC2 instance.
Configure jumbo frames on all the EC2 instances in the cluster.
Place all the EC2 instances into a spread placement group in the same AWS Region.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
[High Availability, Backup, and Recovery] A company has an NFS server running on a single Amazon EC2 instance. A SysOps administrator needs to replace the NFS server with a highly available file system. A total of 30 EC2 instances, spread across multiple Availability Zones, must connect to the file system to store and retrieve shared images and dat
The administrator plans to use Amazon Elastic File System (Amazon EFS) for the file system. Which solution will meet these requirements?
Create a new EFS file system in each Availability Zone. Configure the file systems to use the EFS One Zone storage class. Create an Amazon Route 53 alias record. Turn on health checks. Configure the record to resolve to the EFS file systems. Configure each EC2 instance to connect to the alias record.
Create a new EFS file system that uses the EFS Standard storage class. Configure each EC2 instance to connect to the mount target in its own AWS Region.
Create a new EFS file system in each Availability Zone. Configure the file systems to use the EFS One Zone storage class. Configure each EC2 instance to connect to the mount target in its own Availability Zone.
Create a new EFS file system that uses the EFS Standard storage class. Configure each EC2 instance to connect to the mount target in its own Availability Zone.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
[High Availability, Backup, and Recovery] A company recently acquired another corporation and all of that corporation's AWS accounts. A financial analyst needs the cost data from these accounts. A SysOps administrator uses Cost Explorer to generate cost and usage reports. The SysOps administrator notices that "No Tagkey" represents 20% of the monthly cost. What should the SysOps administrator do to tag the "No Tagkey" resources?
Add the accounts to AWS Organizations. Use a service control policy (SCP) to tag all the untagged resources.
Use an AWS Config rule to find the untagged resources. Set the remediation action to terminate the resources.
Use Cost Explorer to find and tag all the untagged resources.
Use Tag Editor to find and taq all the untaqqed resources.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
[High Availability, Backup, and Recovery] A company needs to deploy a new workload on AWS. The company must encrypt all data at rest and must rotate the encryption keys once each year. The workload uses an Amazon RDS for MySQL Multi- AZ database for data storage. Which configuration approach will meet these requirements?
Enable Transparent Data Encryption (TDE) in the MySQL configuration file. Manually rotate the key every 12 months.
Enable RDS encryption on the database at creation time by using the AWS managed key for Amazon RDS.
Create a new AWS Key Management Service (AWS KMS) customer managed key. Enable automatic
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
[Security and Compliance] A company's security policy states that connecting to Amazon EC2 instances is not permitted through SSH and RDP. If access is required, authorized staff can connect to instances by using AWS Systems Manager Session Manager. Users report that they are unable to connect to one specific Amazon EC2 instance that is running Ubuntu and has AWS Systems Manager Agent (SSM Agent) pre-installed These users are able to use Session Manager to connect to other instances in the same subnet, and they are in an 1AM group that has Session Manager permission for all instances. What should a SysOps administrator do to resolve this issue?
Add an inbound rule for port 22 in the security group associated with the Ubuntu instance.
Assign the AmazonSSMManagedlnstanceCore managed policy to the EC2 instance profile for the Ubuntu instance.
Configure the SSM Agent to log in with a user name of "ubuntu".
Generate a new key pair, configure Session Manager to use this new key pair, and provide the private key to the users.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Finish Practice?
Are you sure you want to finish? This will end your practice session.