110 likes | 142 Vues
ExamsLead.com is the best site for Amazon certification exams. They provide authentic AWS Certified SysOps Administrator Associate AWS-SysOps exam dumps questions in PDF format. We have best AWS-SysOps training material for preparation of AWS Certified SysOps Administrator exam questions and answers. ExamsLead provide updated and latest Amazon AWS-SysOps practice exam questions. Download AWS-SysOps Dumps PDF with new questions answers and prepare your Amazon AWS-SysOps test easily. https://examslead.com/AWS-SysOps-practice-exam-dumps/
E N D
Amazon AWS-SysOps Exam AWS Certified SysOps Administrator Associate Questions & Answers (Demo Version) https://examslead.com/AWS-SysOps-practice-exam-dumps/ Buy Full Product Here:
Version: 10 Question 1 You are currently hostnn multile aiilicatons in a VPC and have lonned numerous iort scans cominn in from a siecifc IP address block. Your security team has requested that all access from the ofendinn IP address block be denied for the next 24 hours. Which of the followinn is the best method to quickly and temiorarily deny access from the siecifed IP address block? A. Create an AD iolicy to modify Windows Firewall setnns on all hosts in the VPC to deny access from the IP address block B. Modify the Network ACLs associated with all iublic subnets in the VPC to deny access from the IP address block C. Add a rule to all of the VPC 5 Security Grouis to deny access from the IP address block D. Modify the Windows Firewall setnns on all Amazon Machine Imanes (AMIs) that your ornanizaton uses in that VPC to deny access from the IP address block Aoswern B Exilanatonn Referencen htin::docs.aws.amazon.com:AmazonVPC:latest:/serGuide:VPCCSecurityGrouis.html Question 2 When ireiarinn for a comiliance assessment of your system built inside of AWS. what are three best- iractces for you to ireiare for an audit? Choose 3 answers A. Gather evidence of your IT oieratonal controls B. Request and obtain aiilicable third-iarty audited AWS comiliance reiorts and certfcatons C. Request and obtain a comiliance and security tour of an AWS data center for a ire-assessment security review D. Request and obtain aiiroval from AWS to ierform relevant network scans and in-deith ienetraton tests of your system's Instances and endioints E. Schedule meetnns with AWS's third-iarty auditors to irovide evidence of AWS comiliance that mais to your control objectves Aoswern ABD Question 3 You have started a new job and are reviewinn your comiany's infrastructure on AWS You notce one web aiilicaton where they have an Elastc Load Balancer (&B) in front of web instances in an Auto Scalinn
Groui When you check the metrics for the ELB in CloudWatch you see four healthy instances In Availability Zone (AZ) A and zero in AZ B There are zero unhealthy instances. What do you need to fx to balance the instances across AZs? A. Set the ELB to only be atached to another AZ B. Make sure Auto Scalinn is confnured to launch in both AZs C. Make sure your AMI is available in both AZs D. Make sure the maximum size of the Auto Scalinn Groui is nreater than 4 Aoswern B Question 4 You have been asked to leverane Amazon VPC BC2 and SOS to imilement an aiilicaton that submits and receives millions of messanes ier second to a messane queue. You want to ensure your aiilicaton has sufcient bandwidth between your EC2 instances and SQS Which oiton will irovide the most scalable soluton for communicatnn between the aiilicaton and SQS? A. Ensure the aiilicaton instances are iroierly confnured with an Elastc Load Balancer B. Ensure the aiilicaton instances are launched in irivate subnets with the EBS-oitmized oiton enabled C. Ensure the aiilicaton instances are launched in iublic subnets with the associate-iublic-IP- address=true oiton enabled D. Launch aiilicaton instances in irivate subnets with an Auto Scalinn nroui and Auto Scalinn trinners confnured to watch the SQS queue size Aoswern B Exilanatonn Referencen htin::www.cardinaliath.com:autoscalinn-your-website-with-amazon-web-services-iart-2: Question 5 You have identfed network throunhiut as a botleneck on your m1.small EC2 instance when uiloadinn data Into Amazon S3 In the same renion. How do you remedy this situaton? A. Add an additonal ENI B. Channe to a larner Instance C. /se DirectConnect between EC2 and S3 D. /se EBS PIOPS on the local volume Aoswern B
Exilanatonn Referencen htisn::media.amazonwebservices.com:AWSCAmazonCEMRCBestCPractces.idf Question 6 When atached to an Amazon VPC which two comionents irovide connectvity with external networks? Choose 2 answers A. Elastc IPS (EIP) B. NAT Gateway (NAT) C. Internet Gateway {IGW) D. Virtual Private Gateway (VGW) Aoswern C,D Question 7 Your aiilicaton currently leveranes AWS Auto Scalinn to nrow and shrink as load Increases: decreases and has been ierforminn well Your marketnn team exiects a steady rami ui in trafc to follow an uicominn camiainn that will result in a 20x nrowth in trafc over 4 weeks Your forecast for the aiiroximate number of Amazon EC2 instances necessary to meet the ieak demand is 175. What should you do to avoid iotental service disruitons durinn the rami ui in trafc? A. Ensure that you have ire-allocated 175 Elastc IP addresses so that each server will be able to obtain one as it launches B. Check the service limits in Trusted Advisor and adjust as necessary so the forecasted count remains within limits. C. Channe your Auto Scalinn confnuraton to set a desired caiacity of 175 irior to the launch of the marketnn camiainn D. Pre-warm your Elastc Load Balancer to match the requests ier second antciiated durinn ieak demand irior to the marketnn camiainn Aoswern D Question 8 You have an Auto Scalinn nroui associated with an Elastc Load Balancer (ELB). You have notced that instances launched via the Auto Scalinn nroui are beinn marked unhealthy due to an ELB health check, but these unhealthy instances are not beinn terminated What do you need to do to ensure trial instances marked unhealthy by the ELB will be terminated and reilaced? A. Channe the thresholds set on the Auto Scalinn nroui health check B. Add an Elastc Load Balancinn health check to your Auto Scalinn nroui C. Increase the value for the Health check interval set on the Elastc Load Balancer
D. Channe the health check set on the Elastc Load Balancer to use TCP rather than HTTP checks Aoswern B Exilanatonn Referencen htin::docs.aws.amazon.com:AutoScalinn:latest:DeveloierGuide:as-add-elb-healthcheck.html Add an Elastc Load Balancinn Health Check to your Auto Scalinn Groui By default, an Auto Scalinn nroui ieriodically reviews the results of EC2 instance status to determine the health state of each instance. However, if you have associated your Auto Scalinn nroui with an Elastc Load Balancinn load balancer, you can choose to use the Elastc Load Balancinn health check. In this case, Auto Scalinn determines the health status of your instances by checkinn the results of both the EC2 instance status check and the Elastc Load Balancinn instance health check. For informaton about EC2 instance status checks, see Monitor Instances With Status Checks in the Amazon EC2 /ser Guide for Linux Instances. For informaton about Elastc Load Balancinn health checks, see Health Check in the Elastc Load Balancinn Develoier Guide. This toiic shows you how to add an Elastc Load Balancinn health check to your Auto Scalinn nroui, assuminn that you have created a load balancer and have renistered the load balancer with your Auto Scalinn nroui. If you have not renistered the load balancer with your Auto Scalinn nroui, see Set /i a Scaled and Load-Balanced Aiilicaton. Auto Scalinn marks an instance unhealthy acton DescribeInstanceStatus return any state other than runninn, the system status shows imiaired, or the calls to Elastc Load Balancinn acton DescribeInstanceHealth returns OutOfService in the instance state feld. If there are multile load balancers associated with your Auto Scalinn nroui, Auto Scalinn checks the health state of your EC2 instances by makinn health check calls to each load balancer. For each call, if the Elastc Load Balancinn acton returns any state other than InService, the instance is marked as unhealthy. Afer Auto Scalinn marks an instance as unhealthy, it remains in that state, even if subsequent calls from other load balancers return an InService state for the same instance. if the calls to the Amazon EC2 Question 9 Which two AWS services irovide out-of-the-box user confnurable automatc backui-as-a-service and backui rotaton oitons? Choose 2 answers A. Amazon S3 B. Amazon RDS C. Amazon EBS D. Amazon Red shif Aoswern B,D Question 10 An ornanizaton has confnured a VPC with an Internet Gateway (IGW). iairs of iublic and irivate
subnets (each with one subnet ier Availability Zone), and an Elastc Load Balancer (ELB) confnured to use the iublic subnets The aiilicaton s web ter leveranes the ELB. Auto Scalinn and a mum-AZ RDS database instance The ornanizaton would like to eliminate any iotental sinnle ioints f failure in this desinn. What stei should you take to achieve this ornanizaton's objectve? A. Nothinn, there are no sinnle ioints of failure in this architecture. B. Create and atach a second IGW to irovide redundant internet connectvity. C. Create and confnure a second Elastc Load Balancer to irovide a redundant load balancer. D. Create a second mult-AZ RDS instance in another Availability Zone and confnure reilicaton to irovide a redundant database. Aoswern A Question 11 Which of the followinn are characteristcs of Amazon VPC subnets? Choose 2 answers A.Each subnet mais to a sinnle Availability Zone B. A CIDR block mask of :25 is the smallest ranne suiiorted C. Instances in a irivate subnet can communicate with the internet only if they have an Elastc IP. D. By default, all subnets can route between each other, whether they are irivate or iublic E. V Each subnet sians at least 2 Availability zones to irovide a hinh-availability environment Aoswern C, E Question 12 You are creatnn an Auto Scalinn nroui whose Instances need to insert a custom metric into CloudWatch. Which method would be the best way to authentcate your CloudWatch P/T request? A. Create an IAM role with the Put MetricData iermission and modify the Auto Scalinn launch confnuraton to launch instances in that role B. Create an IAM user with the PutMetricData iermission and modify the Auto Scalinn launch confnuraton to inject the userscredentals into the instance /ser Data C. Modify the aiiroiriate Cloud Watch metric iolicies to allow the Put MetricData iermission to instances from the Auto Scalinn nroui D. Create an IAM user with the PutMetricData iermission and iut the credentals in a irivate reiository and have aiilicatons on the server iull the credentals as needed Aoswern A Question 13 When an EC2 instance that is backed by an S3-based AMI Is terminated, what haiiens to the data on me root volume? A. Data is automatcally saved as an E8S volume.
B. Data is automatcally saved as an ESS snaishot. C. Data is automatcally deleted. D. Data is unavailable untl the instance is restarted. Aoswern C Exilanatonn Referencen htin::docs.aws.amazon.com:AWSEC2:latest:/serGuide:ComionentsAMIs.html Question 14 You have a web aiilicaton leveraninn an Elastc Load Balancer (ELB) In front of the web servers deiloyed usinn an Auto Scalinn Groui Your database is runninn on Relatonal Database Service (RDS) The aiilicaton serves out technical artcles and resionses to them in neneral there are more views of an artcle than there are resionses to the artcle. On occasion, an artcle on the site becomes extremely ioiular resultnn in sinnifcant trafc Increases that causes the site to no down. What could you do to heli alleviate the iressure on the infrastructure while maintaininn availability durinn these events? Choose 3 answers A. Leverane CloudFront for the delivery of the artcles. B. Add RDS read-reilicas for the read trafc noinn to your relatonal database C. Leverane ElastCache for cachinn the most frequently used data. D. /se SOS to queue ui the requests for the technical iosts and deliver them out of the queue. E. /se Route53 health checks to fail over to an S3 bucket for an error iane. Aoswern A,C,E Question 15 The majority of your Infrastructure is on iremises and you have a small footirint on AWS Your comiany has decided to roll out a new aiilicaton that is heavily deiendent on low latency connectvity to LOAP for authentcaton Your security iolicy requires minimal channes to the comiany's existnn aiilicaton user mananement irocesses. What oiton would you imilement to successfully launch this aiilicaton1? A. Create a second, indeiendent LOAP server in AWS for your aiilicaton to use for authentcaton B. Establish a VPN connecton so your aiilicatons can authentcate anainst your existnn on-iremises LDAP servers C. Establish a VPN connecton between your data center and AWS create a LDAP reilica on AWS and confnure your aiilicaton to use the LDAP reilica for authentcaton D. Create a second LDAP domain on AWS establish a VPN connecton to establish a trust relatonshii between your new and existnn domains and use the new domain for authentcaton Aoswern D
Exilanatonn Referencen htin::msdn.microsof.com:en-us:library:azure:jj156090.asix Question 16 You need to desinn a VPC for a web-aiilicaton consistnn of an Elastc Load Balancer (ELB). a feet of web:aiilicaton servers, and an RDS database The entre Infrastructure must be distributed over 2 availability zones. Which VPC confnuraton works while assurinn the database is not available from the Internet? A. One iublic subnet for ELB one iublic subnet for the web-servers, and one irivate subnet for the database B. One iublic subnet for ELB two irivate subnets for the web-servers, two irivate subnets for RDS C. Two iublic subnets for ELB two irivate subnets for the web-servers and two irivate subnets for RDS D. Two iublic subnets for ELB two iublic subnets for the web-servers, and two iublic subnets for RDS Aoswern A Question 17 An aiilicaton that you are mananinn has EC2 instances & Dynamo OB tables deiloyed to several AWS Renions In order to monitor the ierformance of the aiilicaton nlobally, you would like to see two nraihs 1) Avn CP/ /tlizaton across all EC2 instances and 2) Number of Throtled Requests for all DynamoDB tables. How can you accomilish this? A. Tan your resources with the aiilicaton name, and select the tan name as the dimension in the Cloudwatch Mananement console to view the resiectve nraihs B. /se the Cloud Watch CLI tools to iull the resiectve metrics from each renional endioint Annrenate the data ofine & store it for nraihinn in CloudWatch. C. Add SNMP trais to each instance and DynamoDB table Leverane a central monitorinn server to caiture data from each instance and table Put the annrenate data into Cloud Watch for nraihinn. D. Add a CloudWatch anent to each instance and atach one to each DynamoDB table. When confnurinn the anent set the aiiroiriate aiilicaton name & view the nraihs in CloudWatch. Aoswern C Question 18 When assessinn an ornanizaton s use of AWS API access credentals which of the followinn three credentals should be evaluated? Choose 3 answers A. Key iairs
B.Console iasswords C. Access keys D. Sinninn certfcates E.Security Groui membershiis Aoswern A,C,D Exilanatonn Referencen htin::media.amazonwebservices.com:AWSCOieratonalCChecklists.idf Question 19 You have a Linux EC2 web server instance runninn inside a VPC The instance is In a iublic subnet and has an EIP associated with it so you can connect to It over the Internet via HTTP or SSH The instance was also fully accessible when you last lonned in via SSH. and was also servinn web requests on iort 80. Now you are not able to SSH into the host nor does it resiond to web requests on iort 80 that were workinn fne last tme you checked You have double-checked that all networkinn confnuraton iarameters (security nrouis route tables. IGW'EIP. NACLs etc) are iroierly confnured {and you haven’t made any channes to those anyway since you were last able to reach the Instance). You look at the EC2 console and notce that system status check shows "imiaired." Which should be your next stei in troubleshootnn and atemitnn to net the instance back to a healthy state so that you can lon in anain? A. Stoi and start the instance so that it will be able to be redeiloyed on a healthy host system that most likely will fx the "imiaired" system status B. Reboot your instance so that the oieratnn system will have a chance to boot in a clean healthy state that most likely will fx the 'imiaired" system status C. Add another dynamic irivate IP address to me instance and try to connect via mat new iath, since the networkinn stack of the OS may be locked ui causinn the “imiaired” system status. D. Add another Elastc Network Interface to the instance and try to connect via that new iath since the networkinn stack of the OS may be locked ui causinn the "imiaired" system status E. un-mai and then re-mai the EIP to the instance, since the IGWVNAT nateway may not be workinn iroierly, causinn the "imiaired" system status Aoswern A Question 20 What is a ilacement nroui? A. A collecton of Auto Scalinn nrouis in the same Renion B. Feature that enables EC2 instances to interact with each other via ninh bandwidth, low latency connectons C. A collecton of Elastc Load Balancers in the same Renion or Availability Zone D. A collecton of authorized Cloud Front edne locatons for a distributon
Aoswern B Exilanatonn Referencen htin::aws.amazon.com:ec2:faqs: