Want to Pass AWS-SysOps Exam In Next HOURS? Get it now →
August 2, 2017

Secrets to aws certified sysops administrator book

Want to know Examcollection aws sysops pdf Exam practice test features? Want to lear more about Amazon AWS Certified SysOps Administrator Associate certification experience? Study Verified Amazon aws sysops certification answers to Down to date aws certified sysops administrator book questions at Examcollection. Gat a success with an absolute guarantee to pass Amazon aws certified sysops administrator (AWS Certified SysOps Administrator Associate) test on your first attempt.

Q131. - (Topic 2) 

A root AWS account owner is trying to understand various options to set the permission to AWS S3. Which of the below mentioned options is not the right option to grant permission for S3? 

A. User Access Policy 

B. S3 Object Access Policy 

C. S3 Bucket Access Policy 

D. S3 ACL 



Amazon S3 provides a set of operations to work with the Amazon S3 resources. Managing S3 resource access refers to granting others permissions to work with S3. There are three ways the root account owner can define access with S3: S3 ACL: The user can use ACLs to grant basic read/write permissions to other AWS accounts. S3 Bucket Policy: The policy is used to grant other AWS accounts or IAM users permissions for the bucket and the objects in it. User Access Policy: Define an IAM user and assign him the IAM policy which grants him access to S3. 

Q132. - (Topic 2) 

An organization (Account ID 123412341234. has attached the below mentioned IAM policy 

to a user. What does this policy statement entitle the user to perform? 

"Statement": [ 

"Sid": "AllowUsersAllActionsForCredentials", 

"Effect": "Allow", 

"Action": [ 



"Resource": ["arn:aws:iam:: 123412341234:user/${aws:username}"] 

A. 0 

B. 0 

C. 0 

D. 0 



AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the organization (Account ID 123412341234. wants some of their users to manage keys (access and secret access keys. of all IAM users, the organization should set the below mentioned policy which entitles the IAM user to modify keys of all IAM users with CLI, SDK or API. 

"Statement": [ 

"Sid": "AllowUsersAllActionsForCredentials", 

"Effect": "Allow", 

"Action": [ 



"Resource": ["arn:aws:iam:: 123412341234:user/${aws:username}"] 

Q133. - (Topic 2) 

A user has setup an EBS backed instance and a CloudWatch alarm when the CPU utilization is more than 65%. The user has setup the alarm to watch it for 5 periods of 5 minutes each. The CPU utilization is 60% between 9 AM to 6 PM. The user has stopped the EC2 instance for 15 minutes between 11 AM to 11:15 AM. What will be the status of the alarm at 11:30 AM? 

A. Alarm 

B. OK 

C. Insufficient Data 

D. Error 



Amazon CloudWatch alarm watches a single metric over a time period the user specifies and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. The state of the alarm will be OK for the whole 

day. When the user stops the instance for three periods the alarm may not receive the data 

Q134. - (Topic 2) 

A user has created an ELB with the availability zone US-East-1A. The user wants to add more zones to ELB to achieve High Availability. How can the user add more zones to the existing ELB? 

A. It is not possible to add more zones to the existing ELB 

B. The only option is to launch instances in different zones and add to ELB 

C. The user should stop the ELB and add zones and instances as required 

D. The user can add zones on the fly from the AWS console 



The user has created an Elastic Load Balancer with the availability zone and wants to add more zones to the existing ELB. The user can do so in two ways: 

From the console or CLI, add new zones to ELB; 

Launch instances in a separate AZ and add instances to the existing ELB. 

Q135. - (Topic 2) 

A user has stored data on an encrypted EBS volume. The user wants to share the data with his friend’s AWS account. How can user achieve this? 

A. Create an AMI from the volume and share the AMI 

B. Copy the data to an unencrypted volume and then share 

C. Take a snapshot and share the snapshot with a friend 

D. If both the accounts are using the same encryption key then the user can share the volume directly 



AWS EBS supports encryption of the volume. It also supports creating volumes from existing snapshots 

provided the snapshots are created from encrypted volumes. If the user is having data on an encrypted volume and is trying to share it with others, he has to copy the data from the encrypted volume to a new unencrypted volume. Only then can the user share it as an encrypted volume data. Otherwise the snapshot cannot be shared. 

Q136. - (Topic 1) 

A media company produces new video files on-premises every day with a total size of around 100GBS after compression All files have a size of 1 -2 GB and need to be uploaded to Amazon S3 every night in a fixed time window between 3am and 5am Current upload takes almost 3 hours, although less than half of the available bandwidth is used. 

What step(s) would ensure that the file uploads are able to complete in the allotted time window? 

A. Increase your network bandwidth to provide faster throughput to S3 

B. Upload the files in parallel to S3 

C. Pack all files into a single archive, upload it to S3, then extract the files in AWS 

D. Use AWS Import/Export to transfer the video files 


Explanation: Reference: 


Q137. - (Topic 3) 

A user has launched an EBS backed EC2 instance in the US-East-1a region. The user stopped the instance and started it back after 20 days. AWS throws up an ‘InsufficientInstanceCapacity’ error. What can be the possible reason for this? 

A. AWS does not have sufficient capacity in that availability zone 

B. AWS zone mapping is changed for that user account 

C. There is some issue with the host capacity on which the instance is launched 

D. The user account has reached the maximum EC2 instance limit 



When the user gets an ‘InsufficientInstanceCapacity’ error while launching or starting an EC2 instance, it means that AWS does not currently have enough available capacity to service the user request. If the user is requesting a large number of instances, there might not be enough server capacity to host them. The user can either try again later, by specifying a smaller number of instances or changing the availability zone if launching a fresh instance. 

Q138. - (Topic 1) 

You are creating an Auto Scaling group whose Instances need to insert a custom metric into CloudWatch. 

Which method would be the best way to authenticate your CloudWatch PUT request? 

A. Create an IAM role with the Put MetricData permission and modify the Auto Scaling launch configuration to launch instances in that role 

B. Create an IAM user with the PutMetricData permission and modify the Auto Scaling launch configuration to inject the userscredentials into the instance User Data 

C. Modify the appropriate Cloud Watch metric policies to allow the Put MetricData permission to instances from the Auto Scaling group 

D. Create an IAM user with the PutMetricData permission and put the credentials in a private repository and have applications on the server pull the credentials as needed 


Q139. - (Topic 2) 

A user is trying to connect to a running EC2 instance using SSH. However, the user gets a connection time out error. Which of the below mentioned options is not a possible reason for rejection? 

A. The access key to connect to the instance is wrong 

B. The security group is not configured properly 

C. The private key used to launch the instance is not correct 

D. The instance CPU is heavily loaded 



If the user is trying to connect to a Linux EC2 instance and receives the connection time out error the probable reasons are: Security group is not configured with the SSH port The private key pair is not right The user name to login is wrong The instance CPU is heavily loaded, so it does not allow more connections 

Q140. - (Topic 2) 

An admin is planning to monitor the ELB. Which of the below mentioned services does not help the admin capture the monitoring information about the ELB activity? 

A. ELB Access logs 

B. ELB health check 

C. CloudWatch metrics 

D. ELB API calls with CloudTrail 



The admin can capture information about Elastic Load Balancer using either: CloudWatch Metrics ELB Logs files which are stored in the S3 bucket CloudTrail with API calls which can notify the user as well generate logs for each API calls The health check is internally performed by ELB and does not help the admin get the ELB activity. 

see more free AWS-SysOps exam dumps