Super to aws sysops certification dumps
Want to know Testking aws certified sysops administrator pdf Exam practice test features? Want to lear more about Amazon AWS Certified SysOps Administrator Associate certification experience? Study Approved Amazon aws certified sysops administrator book answers to Refresh aws certified sysops administrator pdf questions at Testking. Gat a success with an absolute guarantee to pass Amazon aws sysops exam (AWS Certified SysOps Administrator Associate) test on your first attempt.
Q161. - (Topic 3)
An organization has configured Auto Scaling for hosting their application. The system admin wants to
understand the Auto Scaling health check process. If the instance is unhealthy, Auto Scaling launches an
instance and terminates the unhealthy instance. What is the order execution?
A. Auto Scaling launches a new instance first and then terminates the unhealthy instance
B. Auto Scaling performs the launch and terminate processes in a random order
C. Auto Scaling launches and terminates the instances simultaneously
D. Auto Scaling terminates the instance first and then launches a new instance
Auto Scaling keeps checking the health of the instances at regular intervals and marks the instance for replacement when it is unhealthy. The ReplaceUnhealthy process terminates instances which are marked as unhealthy and subsequently creates new instances to replace them. This process first terminates the instance and then launches a new instance.
Q162. - (Topic 2)
A user has created an ELB with three instances. How many security groups will ELB create by default?
Elastic Load Balancing provides a special Amazon EC2 source security group that the user can use to ensure that back-end EC2 instances receive traffic only from Elastic Load Balancing. This feature needs two security groups: the source security group and a security group that defines the ingress rules for the back-end instances. To ensure that traffic only flows between the load balancer and the back-end instances, the user can add or modify a rule to the back-end security group which can limit the ingress traffic. Thus, it can come only from the source security group provided by Elastic load Balancing.
Q163. - (Topic 3)
You have a business-to-business web application running in a VPC consisting of an Elastic Load Balancer (ELB), web servers, application servers and a database. Your web application should only accept traffic from pre-defined customer IP addresses.
Which two options meet this security requirement? Choose 2 answers A. Configure web server VPC security groups to allow traffic from your customers' IPs
B. Configure your web servers to filter traffic based on the ELB's "X-forwarded-for" header
C. Configure ELB security groups to allow traffic from your customers' IPs and deny all outbound traffic
D. Configure a VPC NACL to allow web traffic from your customers' IPs and deny all outbound traffic
Q164. - (Topic 3)
A user has configured Auto Scaling with 3 instances. The user had created a new AMI after updating one of the instances. If the user wants to terminate two specific instances to ensure that Auto Scaling launches an instances with the new launch configuration, which command should he run?
A. as-delete-instance-in-auto-scaling-group <Instance ID> --no-decrement-desired-capacity
B. as-terminate-instance-in-auto-scaling-group <Instance ID> --update-desired-capacity
C. as-terminate-instance-in-auto-scaling-group <Instance ID> --decrement-desired-capacity
D. as-terminate-instance-in-auto-scaling-group <Instance ID> --no-decrement-desired-capacity
The Auto Scaling command as-terminate-instance-in-auto-scaling-group <Instance ID> will terminate the specific instance ID. The user is required to specify the parameter as –no-decrement-desired-capacity to ensure that it launches a new instance from the launch config after terminating the instance. If the user specifies the parameter --decrement-desired-capacity then Auto Scaling will terminate the instance and decrease the desired capacity by 1.
Q165. - (Topic 3)
A user has created an Auto Scaling group using CLI. The user wants to enable CloudWatch detailed monitoring for that group. How can the user configure this?
A. When the user sets an alarm on the Auto Scaling group, it automatically enables detail monitoring
B. By default detailed monitoring is enabled for Auto Scaling
C. Auto Scaling does not support detailed monitoring
D. Enable detail monitoring from the AWS console
CloudWatch is used to monitor AWS as well as the custom services. It provides either basic or detailed monitoring for the supported AWS products. In basic monitoring, a service sends data points to CloudWatch every five minutes, while in detailed monitoring a service sends data points to CloudWatch every minute. To enable detailed instance monitoring for a new Auto Scaling group, the user does not need to take any extra steps. When the user creates an Auto Scaling launch config as the first step for creating an Auto Scaling group, each launch configuration contains a flag named InstanceMonitoring.Enabled. The default value of this flag is true. Thus, the user does not need to set this flag if he wants detailed monitoring.
Q166. - (Topic 3)
A user has created an EBS volume of 10 GB and attached it to a running instance. The user is trying to access EBS for first time. Which of the below mentioned options is the correct statement with respect to a first time EBS access?
A. The volume will show a size of 8 GB
B. The volume will show a loss of the IOPS performance the first time
C. The volume will be blank
D. If the EBS is mounted it will ask the user to create a file system
A user can create an EBS volume either from a snapshot or as a blank volume. If the volume is from a snapshot it will not be blank. The volume shows the right size only as long as it is mounted. This shows that the file system is created. When the user is accessing the volume the AWS EBS will wipe out the block storage or instantiate from the snapshot. Thus, the volume will show a loss of IOPS. It is recommended that the user should pre warm the EBS before use to achieve better IO.
Q167. - (Topic 1)
You have decided to change the Instance type for instances running In your application tier that are using Auto Scaling.
In which area below would you change the instance type definition?
A. Auto Scaling launch configuration
B. Auto Scaling group
C. Auto Scaling policy
D. Auto Scaling tags
Q168. - (Topic 3)
When you put objects in Amazon S3, what is the indication that an object was successfully stored?
A. Each S3 account has a special bucket named_s3_logs. Success codes are written to this bucket with a timestamp and checksum.
B. A success code is inserted into the S3 object metadata.
C. A HTTP 200 result code and MD5 checksum, taken together, indicate that the operation was successful.
D. Amazon S3 is engineered for 99.999999999% durability. Therefore there is no need to confirm that data was inserted.
Q169. - (Topic 2)
An organization has configured the custom metric upload with CloudWatch. The organization has given permission to its employees to upload data using CLI as well SDK. How can the user track the calls made to CloudWatch?
A. The user can enable logging with CloudWatch which logs all the activities
B. Use CloudTrail to monitor the API calls
C. Create an IAM user and allow each user to log the data using the S3 bucket
D. Enable detailed monitoring with CloudWatch
AWS CloudTrail is a web service which will allow the user to monitor the calls made to the Amazon CloudWatch API for the organization’s account, including calls made by the AWS Management Console, Command Line Interface (CLI., and other services. When CloudTrail logging is turned on, CloudWatch will write log files into the Amazon S3 bucket, which is specified during the CloudTrail configuration.
Q170. - (Topic 3)
A user has created a VPC with CIDR 126.96.36.199/16 using the wizard. The user has created a public subnet CIDR (188.8.131.52/24. and VPN only subnets CIDR (184.108.40.206/24. along with the
VPN gateway (vgw-12345. to connect to the user’s data centre. The user’s data centre has CIDR 172.28.0.0/12. The user has also setup a NAT instance (i-123456. to allow traffic to the internet from the VPN subnet. Which of the below mentioned options is not a valid entry for the main route table in this scenario?
A. Destination: 220.127.116.11/24 and Target: i-12345
B. Destination: 0.0.0.0/0 and Target: i-12345
C. Destination: 172.28.0.0/12 and Target: vgw-12345
D. Destination: 18.104.22.168/16 and Target: local
The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data centre, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data centre. When the user has configured this setup with Wizard, it will create a virtual private gateway to route all traffic of the VPN subnet. If the user has setup a NAT instance to route all the internet requests then all requests to the internet should be routed to it. All requests to the organization’s DC will be routed to the VPN gateway. Here are the valid entries for the main route table in this scenario: Destination: 0.0.0.0/0 & Target: i-12345 (To route all internet traffic to the NAT Instance. Destination: 172.28.0.0/12 & Target: vgw-12345 (To route all the organization’s data centre traffic to the VPN gateway. Destination: 22.214.171.124/16 & Target: local (To allow local routing in VPC.