[Sep 16, 2022] Latest Questions AWS-SysOps Guide to Prepare Free Practice Tests
Reliable AWS-SysOps Dumps Questions Available as Web-Based Practice Test Engine
AWS Certified SysOps Administrator - Associate salary
The estimated average salary AWS Certified SysOps Administrator-Associate is listed below:
Country wise:
- Europe: 99000 EURO
- England: 88800 POUND
- India: 8880000 INR
- United States: 110000 USD
NEW QUESTION 326
A SysOps Administrator is receiving multiple reports from customers that they are unable to connect to the company's website. which is being served through Amazon CloudFront.
Customers are receiving HTTP response codes for both 4XX and 5XX errors.
Which metric can the Administrator use to monitor the elevated error rates in CloudFront?
- A. TotalErrorRate
- B. RejectedConnectionCount
- C. NetworkTransmitThroughput
- D. HealthyHostCount
Answer: A
Explanation:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/monitoring-using-cloudwatch.html
NEW QUESTION 327
You receive a frantic call from a new DBA who accidentally dropped a table containing all your customers.
Which Amazon RDS feature will allow you to reliably restore your database to within 5 minutes of when the mistake was made?
- A. RDS snapshots
- B. RDS read replicas
- C. Multi-AZ RDS
- D. RDS automated backup
Answer: D
Explanation:
Explanation
References:
https://aws.amazon.com/rds/details/#ha
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html
NEW QUESTION 328
A user is trying to save some cost on the AWS services. Which of the below mentioned options will not help him save cost?
- A. Delete the AutoScaling launch configuration after the instances are terminated
- B. Delete the unutilized EBS volumes once the instance is terminated
- C. Delete the AWS ELB after the instances are terminated
- D. Release the elastic IP if not required once the instance is terminated
Answer: A
Explanation:
Explanation
AWS bills the user on a as pay as you go model. AWS will charge the user once the AWS resource is allocated. Even though the user is not using the resource, AWS will charge if it is in service or allocated. Thus, it is advised that once the user's work is completed he should:
Terminate the EC2 instance Delete the EBS volumes Release the unutilized Elastic IPs Delete ELB The AutoScaling launch configuration does not cost the user. Thus, it will not make any difference to the cost whether it is deleted or not.
NEW QUESTION 329
A user has launched an EC2 instance from an instance store backed AMI. The infrastructure team wants to create an AMI from the running instance. Which of the below mentioned credentials is not required while creating the AMI?
- A. X.509 certificate and private key
- B. AWS login ID to login to the console
- C. AWS account ID
- D. Access key and secret access key
Answer: B
Explanation:
When the user has launched an EC2 instance from an instance store backed AMI and the admin
team wants to create an AMI from it, the user needs to setup the AWS AMI or the API tools first.
Once the tool is setup the user will need the following credentials:
AWS account ID;
AWS access and secret access key;
X.509 certificate with private key.
NEW QUESTION 330
A company currently has a single AES account used by all project team. The company is migrate to a multi-account strategy, where each project team will have its own account. The AWS IAM configuration must have the same role and policies for each of the accounts.
What is the MOST efficient way to implement and manage these new requirements?
- A. Create a portfolio in the AWS Service Catalog for the IAM roles and policies Have a specific product in the portfolio for each environment, project, and team that can be launched independently by each user
- B. Create a single AWS CloudFormation template Use CloudFormation StackSets to launch the CloudFormation template into each target account from the Administrator account
- C. Use AWS Organizations to create organizational units (OUs) for each group of projects and each team.
Then leverage service control policies at the account level to restrict what services can used and what actions the users, groups and rotes can perform m those accounts - D. Create an AWS Lambda script that leverages cross-account access to each AWS account and create all the roles and policies needed using the 1AM API and JSON documents stored in Amazon S3
Answer: C
NEW QUESTION 331
A user had aggregated the CloudWatch metric data on the AMI ID. The user observed some abnormal
behavior of the CPU utilization metric while viewing the last 2 weeks of data. The user wants to share that data
with his manager. How can the user achieve this easily with the AWS console?
- A. The user can use the export data option from the CloudWatch console to export the current data point
- B. The user has to find the period and data and provide all the aggregation information to the manager
- C. The user can use the copy URL functionality of CloudWatch to share the exact details
- D. The user can use the CloudWatch data copy functionality to copy the current data points
Answer: C
Explanation:
Amazon CloudWatch provides the functionality to graph the metric data generated either by the AWS services
or the custom metric to make it easier for the user to analyze. The console provides the option to save the URL
or bookmark it so that it can be used in the future by typing the same URL. The Copy URL functionality is
available under the console when the user selects any metric to view.
NEW QUESTION 332
As part of a federated identity configuration, an IAM policy is created and attached to an IAM role.
Who is responsible for creating the IAM policy and attaching it to the IAM role, according to the shared responsibility model?
- A. AWS is responsible for creating the role, and a SysOps Administrator is responsible for attaching the policy to the role.
- B. AWS is responsible for creating and attaching the IAM policy to the role.
- C. A SysOps Administrator is responsible for creating the role, and AWS is responsible for attaching the policy to the role.
- D. A SysOps Administrator is responsible for creating and attaching the IAM policy to the role.
Answer: D
Explanation:
Explanation/Reference: https://aws.amazon.com/iam/faqs/
NEW QUESTION 333
A SysOps administrator is managing a VPC network consisting of public and private subnets. Instances in the pnvate subnets access the internet through a NAT gateway. A recent AWS bill shows that the NAT gateway charges have doubled. The administrator wants to identify which instances are creating the most network traffic.
How should this be accomplished?
- A. Use Amazon CloudWatch metrics generated by the NAT gateway for each individual instance.
- B. Use the VPC traffic mirroring feature to send traffic to Amazon QuickSight.
- C. Run an AWS Cost and Usage report and group the findings by instance ID.
- D. Enable flow logs on the NAT gateway elastic network interface and use Amazon CloudWatch insights to filter data based on the source IP addresses.
Answer: D
NEW QUESTION 334
A user has configured an ELB to distribute the traffic among multiple instances. The user instances are facing some issues due to the back-end servers. Which of the below mentioned CloudWatch metrics helps the user understand the issue with the instances?
- A. HTTPCode_Backend_2XX
- B. HTTPCode_Backend_3XX
- C. HTTPCode_Backend_5XX
- D. HTTPCode_Backend_4XX
Answer: C
Explanation:
CloudWatch is used to monitor AWS as well as the custom services. For ELB, CloudWatch provides various metrics including error code by ELB as well as by back-end servers (instances). It gives data for the count of the number of HTTP response codes generated by the back-end instances. This metric does not include any response codes generated by the load balancer. These metrics are:
The 2XX class status codes represents successful actions
The 3XX class status code indicates that the user agent requires action The 4XX class status code represents client errors The 5XX class status code represents back-end server errors
NEW QUESTION 335
A company is running a new promotion that will result in a massive spike in traffic for a single application. The
SysOps Administrator must prepare the application and ensure that the customers have a great experience.
The application is heavy on memory and is running behind an AWS Application Load Balancer (ALB). The ALB
has been pre-warmed, and the application is in an Auto Scaling group.
What built-in metric should be used to control the Auto Scaling group's scaling policy?
- A. MemoryUtilization
- B. RejectedConnection Count
- C. Request CountPerTarget
- D. CPUUtilization
Answer: D
Explanation:
Explanation
NEW QUESTION 336
A user is trying to pre-warm a blank EBS volume attached to a Linux instance. Which of the below mentioned steps should be performed by the user?
- A. Contact AWS support to pre-warm
- B. Format the device
- C. There is no need to pre-warm an EBS volume
- D. Unmount the volume before pre-warming
Answer: D
Explanation:
Explanation
When the user creates a new EBS volume or restores a volume from the snapshot, the back-end storage blocks are immediately allocated to the user EBS. However, the first time when the user is trying to access a block of the storage, it is recommended to either be wiped from the new volumes or instantiated from the snapshot (for restored volumes. before the user can access the block. This preliminary action takes time and can cause a 5 to
50 percent loss of IOPS for the volume when the block is accessed for the first time. To avoid this it is required to pre warm the volume. Pre-warming an EBS volume on a Linux instance requires that the user should unmount the blank device first and then write all the blocks on the device using a command, such as
"dd".
NEW QUESTION 337
A user has launched two EBS backed EC2 instances in the US-East-1a region.
The user wants to change the zone of one of the instances.
How can the user change it?
- A. The zone can only be modified using the AWS CLI
- B. From the AWS EC2 console, select the Actions - > Change zones and specify new zone
- C. Stop one of the instances and change the availability zone
- D. Create an AMI of the running instance and launch the instance in a separate AZ
Answer: D
Explanation:
With AWS EC2, when a user is launching an instance he can select the availability zone (AZ. at the time of launch. If the zone is not selected, AWS selects it on behalf of the user. Once the instance is launched, the user cannot change the zone of that instance unless he creates an AMI of that instance and launches a new instance from it.
NEW QUESTION 338
A user is running one instance for only 3 hours every day.
The user wants to save some cost with the instance.
Which of the below mentioned Reserved Instance categories is advised in this case?
- A. The user should use the AWS high utilized RI
- B. The user should use the AWS low utilized RI
- C. The user should not use RI; instead only go with the on-demand pricing
- D. The user should use the AWS medium utilized RI
Answer: C
Explanation:
The AWS Reserved Instance provides the user with an option to save some money by paying a one-time fixed amount and then save on the hourly rate. It is advisable that if the user is having
30% or more usage of an instance per day, he should go for a RI. If the user is going to use an EC2 instance for more than 2200-2500 hours per year, RI will help the user save some cost.
Here, the instance is not going to run for less than 1500 hours. Thus, it is advisable that the user should use the on-demand pricing.
NEW QUESTION 339
A user has created a VPC with CIDR 20.0.0.0/16 using the wizard. The user has created a public subnet CIDR (20.0.0.0/24. and VPN only subnets CIDR (20.0.1.0/24. along with the VPN gateway (vgw-12345. to connect to the user's data center. Which of the below mentioned options is a valid entry for the main route table in this scenario?
- A. Destination: 20.0.0.0/24 and Target: vgw-12345
- B. Destination: 20.0.1.0/16 and Target: vgw-12345
- C. Destination: 20.0.0.0/16 and Target: ALL
- D. Destination: 0.0.0.0/0 and Target: vgw-12345
Answer: D
Explanation:
The main route table came with the VPC, and it also has a route for the VPN-only subnet. A custom route table is associated with the public subnet. The custom route table has a route over the Internet gateway (the destination is 0.0.0.0/0, and the target is the Internet gateway).
If you create a new subnet in this VPC, it's automatically associated with the main route table, which routes its traffic to the virtual private gateway. If you were to set up the reverse configuration (the main route table with the route to the Internet gateway, and the custom route table with the route to the virtual private gateway), then a new subnet automatically has a route to the Internet gateway.
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html
NEW QUESTION 340
A user has created a subnet in VPC and launched an EC2 instance within it.
The user has not selected the option to assign the IP address while launching the instance.
The user has 3 elastic IPs and is trying to assign one of the Elastic IPs to the VPC instance from the console.
The console does not show any instance in the IP assignment screen.
What is a possible reason that the instance is unavailable in the assigned IP console?
- A. The IP address may be attached to one of the instances
- B. The IP address belongs to a different zone than the subnet zone
- C. The IP addresses belong to EC2 Classic; so they cannot be assigned to VPC
- D. The user has not created an internet gateway
Answer: C
Explanation:
A Virtual Private Cloud (VPC. is a virtual network dedicated to the user's AWS account.
A user can create a subnet with VPC and launch instances inside that subnet. When the user is launching an instance he needs toselect an option which attaches a public IP to the instance.
If the user has not selected the option to attach the public IP then it will only have a private IP when launched. If the user wants to connect to an instance from the internet he should create an elastic IP with VPC. If the elastic IP is a part of EC2 Classic it cannot be assigned to a VPC instance.
NEW QUESTION 341
......
For more info read reference:
For more info visit: Amazon - AWS Certified SysOps Administrator - Associate
SOA-C01 Exam Overview
SOA-C01 exam requires candidates to answer multiple choice and multiple response questions. MCQs have only one correct option while multiple response items can contain two or more of them. Note that the tasks left unanswered are assessed as incorrect responses. However, attempted questions with wrong answers carry no penalty. Also, some unscored elements may be presented in the exam. These are needed for statistical purposes and will not influence on your final score.
The test lasts for 130 minutes and can be taken in English, Korean, Japanese, or Simplified Chinese either in an Online Proctored form or offline/real-time in the Test Center. The registration fee one should pay is $150. Also, candidates can take practice tests for $20. The mark one has to attain to get a pass status is 720 on a scale of 100-1,000. The passing score and performance in each domain are specified in the final result sheet. The exam scoring is compensatory and does not require you to succeed in every section to pass the entire test, a total mark is what should be gained.
Correct and Up-to-date Amazon AWS-SysOps BrainDumps: https://actualtests.vceengine.com/AWS-SysOps-vce-test-engine.html
