AWS-SysOps Exam
Getting Smart with: aws sysops exam dumps
we provide Printable Amazon sysops aws simulations which are the best for clearing aws certified sysops administrator pdf test, and to get certified by Amazon AWS Certified SysOps Administrator Associate. The aws certified sysops administrator salary Questions & Answers covers all the knowledge points of the real aws certified sysops administrator pdf exam. Crack your Amazon aws sysops dumps Exam with latest dumps, guaranteed!
Q111. - (Topic 3)
You have private video content in S3 that you want to serve to subscribed users on the Internet. User IDs, credentials, and subscriptions are stored in an Amazon RDS database.
Which configuration will allow you to securely serve private content to your users?
A. Generate pre-signed URLs for each user as they request access to protected S3 content
B. Create an IAM user for each subscribed user and assign the GetObject permission to each IAM user
C. Create an S3 bucket policy that limits access to your private content to only your subscribed users' credentials
D. Create a CloudFront Origin Identity user for your subscribed users and assign the GetObject permission to this user
Answer: C
Explanation: Reference:
https://java.awsblog.com/post/Tx1VE22EWFR4H86/Accessing-Private-Content-in-Amazon-CloudFront
Q112. - (Topic 3)
A user is configuring a CloudWatch alarm on RDS to receive a notification when the CPU utilization of RDS is higher than 50%. The user has setup an alarm when there is some inactivity on RDS, such as RDS unavailability. How can the user configure this?
A. Setup the notification when the CPU is more than 75% on RDS
B. Setup the notification when the state is Insufficient Data
C. Setup the notification when the CPU utilization is less than 10%
D. It is not possible to setup the alarm on RDS
Answer: B
Explanation:
Amazon CloudWatch alarms watch a single metric over a time period that the user specifies and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. The alarm has three states: Alarm, OK and Insufficient data. The Alarm will change to Insufficient Data when any of the three situations arise: when the alarm has just started, when the metric is not available or when enough data is not available for the metric to determine the alarm state. If the user wants to find that RDS is not available, he can setup to receive the notification when the state is in Insufficient data.
Q113. - (Topic 2)
A user has a refrigerator plant. The user is measuring the temperature of the plant every 15 minutes. If the user wants to send the data to CloudWatch to view the data visually, which of the below mentioned statements is true with respect to the information given above?
A. The user needs to use AWS CLI or API to upload the data
B. The user can use the AWS Import Export facility to import data to CloudWatch
C. The user will upload data from the AWS console
D. The user cannot upload data to CloudWatch since it is not an AWS service metric
Answer: A
Explanation:
AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to CloudWatch using CLI or APIs. While sending the data the user has to include the metric name, namespace and timezone as part of the request.
Q114. - (Topic 3)
Amazon EBS snapshots have which of the following two characteristics? (Choose 2.) Choose 2 answers
A. EBS snapshots only save incremental changes from snapshot to snapshot
B. EBS snapshots can be created in real-time without stopping an EC2 instance
C. EBS snapshots can only be restored to an EBS volume of the same size or smaller
D. EBS snapshots can only be restored and mounted to an instance in the same Availability Zone as the original EBS volume
Answer: A,D
Q115. - (Topic 3)
A user has configured ELB with Auto Scaling. The user suspended the Auto Scaling AlarmNotification (which notifies Auto Scaling for CloudWatch alarms. process for a while. What will Auto Scaling do during this period?
A. AWS will not receive the alarms from CloudWatch
B. AWS will receive the alarms but will not execute the Auto Scaling policy
C. Auto Scaling will execute the policy but it will not launch the instances until the process is resumed
D. It is not possible to suspend the AlarmNotification process
Answer: B
Explanation:
Auto Scaling performs various processes, such as Launch, Terminate Alarm Notification etc. The user can also suspend individual process. The AlarmNotification process type accepts notifications from the Amazon CloudWatch alarms that are associated with the Auto Scaling group. If the user suspends this process type, Auto Scaling will not automatically execute the scaling policies that would be triggered by the alarms.
Q116. - (Topic 3)
A user has created a VPC with CIDR 20.0.0.0/16 using the wizard. The user has created a public subnet CIDR (20.0.0.0/24. and VPN only subnets CIDR (20.0.1.0/24. along with the
VPN gateway (vgw-12345. to connect to the user’s data centre. The user’s data centre has CIDR 172.28.0.0/12. The user has also setup a NAT instance (i-123456. to allow traffic to the internet from the VPN subnet. Which of the below mentioned options is not a valid entry for the main route table in this scenario?
A. Destination: 20.0.1.0/24 and Target: i-12345
B. Destination: 0.0.0.0/0 and Target: i-12345
C. Destination: 172.28.0.0/12 and Target: vgw-12345
D. Destination: 20.0.0.0/16 and Target: local
Answer: A
Explanation:
The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data centre, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data centre. When the user has configured this setup with Wizard, it will create a virtual private gateway to route all traffic of the VPN subnet. If the user has setup a NAT instance to route all the internet requests then all requests to the internet should be routed to it. All requests to the organization’s DC will be routed to the VPN gateway. Here are the valid entries for the main route table in this scenario: Destination: 0.0.0.0/0 & Target: i-12345 (To route all internet traffic to the NAT Instance. Destination: 172.28.0.0/12 & Target: vgw-12345 (To route all the organization’s data centre traffic to the VPN gateway. Destination: 20.0.0.0/16 & Target: local (To allow local routing in VPC.
Q117. - (Topic 2)
A customer is using AWS for Dev and Test. The customer wants to setup the Dev environment with
Cloudformation. Which of the below mentioned steps are not required while using Cloudformation?
A. Create a stack
B. Configure a service
C. Create and upload the template
D. Provide the parameters configured as part of the template
Answer: B
Explanation:
AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and related activities. AWS CloudFormation introduces two concepts: the template and the stack. The template is a JSON-format, text-based file that describes all the AWS resources required to deploy and run an application. The stack is a collection of AWS resources which are created and managed as a single unit when AWS CloudFormation instantiates a template. While creating a stack, the user uploads the template and provides the data for the parameters if required.
Q118. - (Topic 2)
A user is planning to use AWS Cloudformation. Which of the below mentioned functionalities does not help him to correctly understand Cloudfromation?
A. Cloudformation follows the DevOps model for the creation of Dev & Test
B. AWS Cloudfromation does not charge the user for its service but only charges for the AWS resources created with it
C. Cloudformation works with a wide variety of AWS services, such as EC2, EBS, VPC, IAM, S3, RDS,
ELB, etc
D. CloudFormation provides a set of application bootstrapping scripts which enables the user to install Software
Answer: A
Explanation:
AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and related activities. It supports a wide variety of AWS services, such as EC2, EBS, AS, ELB, RDS, VPC, etc. It also provides application bootstrapping scripts which enable the user to install software packages or create folders. It is free of the cost and only charges the user for the services created with it. The only challenge is that it does not follow any model, such as DevOps; instead customers can define templates and use them to provision and manage the AWS resources in an orderly way.
Q119. - (Topic 1)
When an EC2 instance that is backed by an S3-based AMI Is terminated, what happens to the data on me root volume?
A. Data is automatically saved as an E8S volume.
B. Data is automatically saved as an ESS snapshot.
C. Data is automatically deleted.
D. Data is unavailable until the instance is restarted.
Answer: C
Explanation: Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html
Q120. - (Topic 3)
A user is trying to connect to a running EC2 instance using SSH. However, the user gets an Unprotected
Private Key File error. Which of the below mentioned options can be a possible reason for rejection?
A. The private key file has the wrong file permission
B. The ppk file used for SSH is read only
C. The public key file has the wrong permission
D. The user has provided the wrong user name for the OS login
Answer: A
Explanation:
While doing SSH to an EC2 instance, if you get an Unprotected Private Key File error it means that the private key file's permissions on your computer are too open. Ideally the private key should have the Unix permission of 0400. To fix that, run the command: chmod 0400 /path/to/private.key