getcertified4sure.com

AWS-SysOps Exam

Facts about aws sysops dumps



Cause all that matters here is passing the Amazon aws sysops dumps exam. Cause all that you need is a high score of aws certified sysops administrator associate level dumps AWS Certified SysOps Administrator Associate exam. The only one thing you need to do is downloading Ucertify aws sysops exam dumps exam study guides now. We will not let you down with our money-back guarantee.

Q71. - (Topic 3) 

A user is trying to connect to a running EC2 instance using SSH. However, the user gets a Host key not found error. Which of the below mentioned options is a possible reason for rejection? 

A. The user has provided the wrong user name for the OS login 

B. The instance CPU is heavily loaded 

C. The security group is not configured properly 

D. The access key to connect to the instance is wrong 

Answer:

Explanation: 

If the user is trying to connect to a Linux EC2 instance and receives the Host Key not found error the probable reasons are: The private key pair is not right The user name to login is wrong 


Q72. - (Topic 1) 

Your entire AWS infrastructure lives inside of one Amazon VPC You have an Infrastructure monitoring application running on an Amazon instance in Availability Zone (AZ) A of the region, and another application instance running in AZ B. The monitoring application needs to make use of ICMP ping to confirm network reachability of the instance hosting the application. 

Can you configure the security groups for these instances to only allow the ICMP ping to pass from the monitoring instance to the application instance and nothing else'' If so how? 

A. No Two instances in two different AZ's can't talk directly to each other via ICMP ping as that protocol is not allowed across subnet (iebroadcast) boundaries 

B. Yes Both the monitoring instance and the application instance have to be a part of the same security group, and that security group needs to allow inbound ICMP 

C. Yes, The security group for the monitoring instance needs to allow outbound ICMP and the application instance's security group needs to allow Inbound ICMP 

D. Yes, Both the monitoring instance's security group and the application instance's security group need to allow both inbound and outbound ICMP ping packets since ICMP is not a connection-oriented protocol 

Answer:


Q73. - (Topic 2) 

A user is trying to aggregate all the CloudWatch metric data of the last 1 week. Which of the below mentioned statistics is not available for the user as a part of data aggregation? 

A. Aggregate 

B. Sum 

C. Sample data 

D. Average 

Answer:

Explanation: 

Amazon CloudWatch is basically a metrics repository. Either the user can send the custom data or an AWS product can put metrics into the repository, and the user can retrieve the statistics based on those metrics. The statistics are metric data aggregations over specified periods of time. Aggregations are made using the namespace, metric name, dimensions, and the data point unit of measure, within the time period that is specified by the user. CloudWatch supports Sum, Min, Max, Sample Data and Average statistics aggregation. 


Q74. - (Topic 2) 

A user has recently started using EC2. The user launched one EC2 instance in the default subnet in EC2-VPC Which of the below mentioned options is not attached or available with the EC2 instance when it is launched? 

A. Public IP address 

B. Internet gateway 

C. Elastic IP 

D. Private IP address 

Answer:

Explanation: 

A Virtual Private Cloud (VPC. is a virtual network dedicated to a user’s AWS account. A subnet is a range of IP addresses in the VPC. The user can launch the AWS resources into a subnet. There are two supported platforms into which a user can launch instances: EC2-Classic and EC2-VPC (default subnet.. A default VPC has all the benefits of EC2-VPC and the ease of use of EC2-Classic. Each instance that the user launches into a default subnet has a private IP address and a public IP address. These instances can communicate with the internet through an internet gateway. An internet gateway enables the EC2 instances to connect to the internet through the Amazon EC2 network edge. 


Q75. - (Topic 1) 

A media company produces new video files on-premises every day with a total size of around 100GBS after compression All files have a size of 1 -2 GB and need to be uploaded to Amazon S3 every night in a fixed time window between 3am and 5am Current upload takes almost 3 hours, although less than half of the available bandwidth is used. 

What step(s) would ensure that the file uploads are able to complete in the allotted time window? 

A. Increase your network bandwidth to provide faster throughput to S3 

B. Upload the files in parallel to S3 

C. Pack all files into a single archive, upload it to S3, then extract the files in AWS 

D. Use AWS Import/Export to transfer the video files 

Answer:

Explanation: Reference: 

http://aws.amazon.com/importexport/faqs/ 


Q76. - (Topic 1) 

Which two AWS services provide out-of-the-box user configurable automatic backup-as-a-

service and backup rotation options? 

Choose 2 answers 

A. Amazon S3 

B. Amazon RDS 

C. Amazon EBS 

D. Amazon Red shift 

Answer: B,D 


Q77. - (Topic 3) 

A system admin wants to add more zones to the existing ELB. The system admin wants to perform this activity from CLI. Which of the below mentioned command helps the system admin to add new zones to the existing ELB? 

A. elb-enable-zones-for-lb 

B. elb-add-zones-for-lb 

C. It is not possible to add more zones to the existing ELB 

D. elb-configure-zones-for-lb 

Answer:

Explanation: 

The user has created an Elastic Load Balancer with the availability zone and wants to add more zones to the existing ELB. The user can do so in two ways: 

From the console or CLI, add new zones to ELB; 


Q78. - (Topic 1) 

A customer has a web application that uses cookie Based sessions to track logged in users It Is deployed on AWS using ELB and Auto Scaling The customer observes that when load increases. Auto Scaling launches new Instances but the load on the easting Instances does not decrease, causing all existing users to have a sluggish experience. 

Which two answer choices independently describe a behavior that could be the cause of the sluggish user experience? Choose 2 answers 

A. ELB's normal behavior sends requests from the same user to the same backend instance 

B. ELB's behavior when sticky sessions are enabled causes ELB to send requests in the same session to the same backend instance 

C. A faulty browser is not honoring the TTL of the ELB DNS name. 

D. The web application uses long polling such as comet or websockets. Thereby keeping a connection open to a web server tor a long time 

E. The web application uses long polling such as comet or websockets. Thereby keeping a connection open to a web server for a long time. 

Answer: B,D 


Q79. - (Topic 2) 

A user has launched 10 instances from the same AMI ID using Auto Scaling. The user is trying to see the 

average CPU utilization across all instances of the last 2 weeks under the CloudWatch console. How can the user achieve this? 

A. View the Auto Scaling CPU metrics 

B. Aggregate the data over the instance AMI ID 

C. The user has to use the CloudWatchanalyser to find the average data across instances 

D. It is not possible to see the average CPU utilization of the same AMI ID since the instance ID is different 

Answer:

Explanation: 

Amazon CloudWatch is basically a metrics repository. Either the user can send the custom data or an AWS product can put metrics into the repository, and the user can retrieve the statistics based on those metrics. The statistics are metric data aggregations over specified periods of time. Aggregations are made using the namespace, metric name, dimensions, and the data point unit of measure, within the time period that is specified by the user. To aggregate the data across instances launched with AMI, the user should select the AMI ID under EC2 metrics and select the aggregate average to view the data. 


Q80. - (Topic 3) 

A user has created a mobile application which makes calls to DynamoDB to fetch certain data. The application is using the DynamoDB SDK and root account access/secret access key to connect to DynamoDB from mobile. Which of the below mentioned statements is true with respect to the best practice for security in this scenario? 

A. The user should create a separate IAM user for each mobile application and provide DynamoDB access with it 

B. The user should create an IAM role with DynamoDB and EC2 access. Attach the role with EC2 and route all calls from the mobile through EC2 

C. The application should use an IAM role with web identity federation which validates calls to DynamoDB with identity providers, such as Google, Amazon, and Facebook 

D. Create an IAM Role with DynamoDB access and attach it with the mobile application 

Answer:

Explanation: 

With AWS IAM a user is creating an application which runs on an EC2 instance and makes requests to AWS, such as DynamoDB or S3 calls. Here it is recommended that the user should not create an IAM user and pass the user's credentials to the application or embed those credentials inside the application. If the user is creating an app that runs on a mobile phone and makes requests to AWS, the user should not create an IAMuser and distribute the user's access key with the app. Instead, he should use an identity provider, such as Login with Amazon, Facebook, or Google to authenticate the users, and then use that identity to get temporary security credentials. 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.