← Back to exam page

AWS-SysOps-SOA-C01 AWS Certified SysOps Administrator (SOA-C01)

Loading demo links...

Showing 1–3 of 20 questions

Question 1

Your organization's security policy requires that all privileged users either use frequently rotated passwords or one-time access credentials in addition to username/password.

Which two of the following options would allow an organization to enforce this policy for AWS users? (Choose two.)

Select all that apply, then click Submit answer.

  • Configure multi-factor authentication for privileged 1AM users

  • Create 1AM users for privileged accounts

  • Implement identity federation between your organization's Identity provider leveraging the 1AM Security Token Service

  • Enable the 1AM single-use password policy option for privileged users
Question 2

A company must ensure that any objects uploaded to an S3 bucket are encrypted.

Which of the following actions will meet this requirement? (Choose two.)

Select all that apply, then click Submit answer.

  • Implement AWS Shield to protect against unencrypted objects stored in S3 buckets.

  • Implement Object access control list (ACL) to deny unencrypted objects from being uploaded to the S3 bucket.

  • Implement Amazon S3 default encryption to make sure that any object being uploaded is encrypted before it is stored.

  • Implement Amazon Inspector to inspect objects uploaded to the S3 bucket to make sure that they are encrypted.

  • Implement S3 bucket policies to deny unencrypted objects from being uploaded to the buckets.
Question 3

What are characteristics of Amazon S3? (Choose two.)

Select all that apply, then click Submit answer.

  • Objects are directly accessible via a URL

  • S3 should be used to host a relational database

  • S3 allows you to store objects or virtually unlimited size

  • S3 allows you to store virtually unlimited amounts of data

  • S3 offers Provisioned IOPS