AWS-SysOps Exam
Getting Smart with: aws sysops certification dumps
We provide real sysops aws exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Amazon aws certified sysops administrator associate level dumps Exam quickly & easily. The aws sysops exam PDF type is available for reading and printing. You can print more and practice many times. With the help of our Amazon aws sysops certification dumps pdf and vce product and material, you can easily pass the aws sysops certification dumps exam.
Q121. - (Topic 2)
An organization has configured the custom metric upload with CloudWatch. The organization has given permission to its employees to upload data using CLI as well SDK. How can the user track the calls made to CloudWatch?
A. The user can enable logging with CloudWatch which logs all the activities
B. Use CloudTrail to monitor the API calls
C. Create an IAM user and allow each user to log the data using the S3 bucket
D. Enable detailed monitoring with CloudWatch
Answer: B
Explanation:
AWS CloudTrail is a web service which will allow the user to monitor the calls made to the Amazon CloudWatch API for the organization’s account, including calls made by the AWS Management Console, Command Line Interface (CLI., and other services. When CloudTrail logging is turned on, CloudWatch will write log files into the Amazon S3 bucket, which is specified during the CloudTrail configuration.
Q122. - (Topic 3)
A user is collecting 1000 records per second. The user wants to send the data to CloudWatch using the custom namespace. Which of the below mentioned options is recommended for this activity?
A. Aggregate the data with statistics, such as Min, max, Average, Sum and Sample data and send the data to CloudWatch
B. Send all the data values to CloudWatch in a single command by separating them with a comma. CloudWatch will parse automatically
C. Create one csv file of all the data and send a single file to CloudWatch
D. It is not possible to send all the data in one call. Thus, it should be sent one by one. CloudWatch will aggregate the data automatically
Answer: A
Explanation:
AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to CloudWatch using CLI or APIs. The user can publish data to CloudWatch as single data points or as an aggregated set of data points called a statistic set using the command put-metric-data. It is recommended that when the user is having multiple data points per minute, he should aggregate the data so that it will minimize the number of calls to put-metric-data. In this case it will be single call to CloudWatch instead of 1000 calls if the data is aggregated.
Q123. - (Topic 1)
What is a placement group?
A. A collection of Auto Scaling groups in the same Region
B. Feature that enables EC2 instances to interact with each other via nigh bandwidth, low latency connections
C. A collection of Elastic Load Balancers in the same Region or Availability Zone
D. A collection of authorized Cloud Front edge locations for a distribution
Answer: B
Explanation: Reference:
http://aws.amazon.com/ec2/faqs/
Q124. - (Topic 2)
An organization, which has the AWS account ID as 999988887777, has created 50 IAM users. All the users are added to the same group cloudacademy. If the organization has enabled that each IAM user can login with the AWS console, which AWS login URL will the IAM users use?
A. https:// 999988887777.signin.aws.amazon.com/console/
B. https:// signin.aws.amazon.com/cloudacademy/
C. https:// cloudacademy.signin.aws.amazon.com/999988887777/console/
D. https:// 999988887777.aws.amazon.com/ cloudacademy/
Answer: A
Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. Once the organization has created the IAM users, they will have a separate AWS console URL to login to the AWS console. The console login URL for the IAM user will be https:// AWS_Account_ID.signin.aws.amazon.com/console/. It uses only the AWS account ID and does not depend on the group or user ID.
Q125. - (Topic 3)
How can an EBS volume that is currently attached to an EC2 instance be migrated from one Availability Zone to another?
A. Simply create a new volume in the other AZ and specify the original volume as the source.
B. Detach the volume, then use the ec2-migrate-volume command to move it to another AZ.
C. Create a snapshot of the volume, and create a new volume from the snapshot in the other AZ.
D. Detach the volume and attach it to another EC2 instance in the other AZ.
Answer: D
Explanation: Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html
Q126. - (Topic 3)
A user is configuring the Multi AZ feature of an RDS DB. The user came to know that this RDS DB does not use the AWS technology, but uses server mirroring to achieve HA. Which DB is the user using right now?
A. My SQL
B. Oracle
C. MS SQL
D. PostgreSQL
Answer: C
Explanation:
Amazon RDS provides high availability and failover support for DB instances using Multi AZ deployments. In a Multi AZ deployment, Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone. Multi AZ deployments for Oracle, PostgreSQL, and MySQL DB instances use Amazon technology, while SQL Server (MS SQL. DB instances use SQL Server Mirroring.
Q127. - (Topic 2)
You are managing the AWS account of a big organization. The organization has more than 1000+ employees and they want to provide access to the various services to most of the employees. Which of the below mentioned options is the best possible solution in this case?
A. The user should create a separate IAM user for each employee and provide access to them as per the policy
B. The user should create an IAM role and attach STS with the role. The user should attach that role to the EC2 instance and setup AWS authentication on that server
C. The user should create IAM groups as per the organization’s departments and add each user to the group for better access control
D. Attach an IAM role with the organization’s authentication service to authorize each user for various AWS services
Answer: D
Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. The user is managing an AWS account for an organization that already has an identity system, such as the login system for the corporate network (SSO.. In this case, instead of creating individual IAM users or groups for each user who need AWS access, it may be more practical to use a proxy server to translate the user identities from the organization network into the temporary AWS security credentials. This proxy server will attach an IAM role to the user after authentication.
Q128. - (Topic 3)
A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. The ELB security policy supports various ciphers. Which of the below mentioned options helps identify the matching cipher at the client side to the ELB cipher list when client is requesting ELB DNS over SSL?
A. Cipher Protocol
B. Client Configuration Preference
C. Server Order Preference
D. Load Balancer Preference
Answer: C
Explanation:
Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. When client is requesting ELB DNS over SSL and if the load balancer is configured to support the Server Order Preference, then the load balancer gets to select the first cipher in its list that matches any one of the ciphers in the client's list. Server Order Preference ensures that the load balancer determines which cipher is used for the SSL connection.
Q129. - (Topic 2)
A user is trying to connect to a running EC2 instance using SSH. However, the user gets a connection time out error. Which of the below mentioned options is not a possible reason for rejection?
A. The access key to connect to the instance is wrong
B. The security group is not configured properly
C. The private key used to launch the instance is not correct
D. The instance CPU is heavily loaded
Answer: A
Explanation:
If the user is trying to connect to a Linux EC2 instance and receives the connection time out error the probable reasons are: Security group is not configured with the SSH port The private key pair is not right The user name to login is wrong The instance CPU is heavily loaded, so it does not allow more connections
Q130. - (Topic 2)
A user has launched two EBS backed EC2 instances in the US-East-1a region. The user wants to change the zone of one of the instances. How can the user change it?
A. Stop one of the instances and change the availability zone
B. The zone can only be modified using the AWS CLI
C. From the AWS EC2 console, select the Actions - > Change zones and specify new zone
D. Create an AMI of the running instance and launch the instance in a separate AZ
Answer: D
Explanation:
With AWS EC2, when a user is launching an instance he can select the availability zone (AZ. at the time of launch. If the zone is not selected, AWS selects it on behalf of the user. Once the instance is launched, the user cannot change the zone of that instance unless he creates an AMI of that instance and launches a new instance from it.