aiotestking uk

AWS-SysOps Exam Questions - Online Test


AWS-SysOps Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. - (Topic 2) 

A user has created a VPC with CIDR 20.0.0.0/16 using the wizard. The user has created a public subnet CIDR (20.0.0.0/24. and VPN only subnets CIDR (20.0.1.0/24. along with the VPN gateway (vgw-12345. to connect to the user’s data centre. Which of the below mentioned options is a valid entry for the main route table in this scenario? 

A. Destination: 20.0.0.0/24 and Target: vgw-12345 

B. Destination: 20.0.0.0/16 and Target: ALL 

C. Destination: 20.0.1.0/16 and Target: vgw-12345 

D. Destination: 0.0.0.0/0 and Target: vgw-12345 

Answer:

Explanation: 

The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data centre, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data centre. When the user has configured this setup with Wizard, it will create a virtual private gateway to route all traffic of the VPN subnet. Here are the valid entries for the main route table in this scenario: Destination: 0.0.0.0/0 & Target: vgw-12345 (To route all internet traffic to the VPN gateway. Destination: 20.0.0.0/16 & Target: local (To allow local routing in VPC. 

Q2. - (Topic 3) 

A system admin wants to add more zones to the existing ELB. The system admin wants to perform this activity from CLI. Which of the below mentioned command helps the system admin to add new zones to the existing ELB? 

A. elb-enable-zones-for-lb 

B. elb-add-zones-for-lb 

C. It is not possible to add more zones to the existing ELB 

D. elb-configure-zones-for-lb 

Answer:

Explanation: 

The user has created an Elastic Load Balancer with the availability zone and wants to add more zones to the existing ELB. The user can do so in two ways: 

From the console or CLI, add new zones to ELB; 

Q3. - (Topic 3) 

An organization has created a Queue named “modularqueue” with SQS. The organization is not performing any operations such as SendMessage, ReceiveMessage, DeleteMessage, GetQueueAttributes, SetQueueAttributes, AddPermission, and RemovePermission on the queue. What can happen in this scenario? 

A. AWS SQS sends notification after 15 days for inactivity on queue 

B. AWS SQS can delete queue after 30 days without notification 

C. AWS SQS marks queue inactive after 30 days 

D. AWS SQS notifies the user after 2 weeks and deletes the queue after 3 weeks. 

Answer:

Explanation: 

Amazon SQS can delete a queue without notification if one of the following actions hasn't been performed on it for 30 consecutive days: SendMessage, ReceiveMessage, DeleteMessage, GetQueueAttributes, SetQueueAttributes, AddPermission, and RemovePermission. 

Q4. - (Topic 3) 

A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. Which of the below mentioned security policies is supported by ELB? 

A. Dynamic Security Policy 

B. All the other options 

C. Predefined Security Policy 

D. Default Security Policy 

Answer:

Explanation: 

Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. ELB supports two policies: Predefined Security Policy, which comes with predefined cipher and SSL protocols; Custom Security Policy, which allows the user to configure a policy. 

Q5. A user is trying to setup a scheduled scaling activity using Auto Scaling. The user wants to setup the recurring schedule. Which of the below mentioned parameters is not required in this case? 

A. Maximum size 

B. Auto Scaling group name 

C. End time 

D. Recurrence value 

Answer:

Auto Scaling based on a schedule allows the user to scale the application in response to predictable load changes. The user can also configure the recurring schedule action which will follow the Linux cron format. If the user is setting a recurring event, it is required that the user specifies the Recurrence value (in a cron format., end time (not compulsory but recurrence will stop after this. and the Auto Scaling group for which the scaling activity is to be scheduled. 

Q6. - (Topic 1) 

You are creating an Auto Scaling group whose Instances need to insert a custom metric into CloudWatch. 

Which method would be the best way to authenticate your CloudWatch PUT request? 

A. Create an IAM role with the Put MetricData permission and modify the Auto Scaling launch configuration to launch instances in that role 

B. Create an IAM user with the PutMetricData permission and modify the Auto Scaling launch configuration to inject the userscredentials into the instance User Data 

C. Modify the appropriate Cloud Watch metric policies to allow the Put MetricData permission to instances from the Auto Scaling group 

D. Create an IAM user with the PutMetricData permission and put the credentials in a private repository and have applications on the server pull the credentials as needed 

Answer:

Q7. - (Topic 2) 

A user has launched an EBS backed EC2 instance. What will be the difference while performing the restart or stop/start options on that instance? 

A. For restart it does not charge for an extra hour, while every stop/start it will be charged as a separate hour 

B. Every restart is charged by AWS as a separate hour, while multiple start/stop actions during a single hour will be counted as a single hour 

C. For every restart or start/stop it will be charged as a separate hour 

D. For restart it charges extra only once, while for every stop/start it will be charged as a separate hour 

Answer:

Explanation: 

For an EC2 instance launched with an EBS backed AMI, each time the instance state is changed from stop to start/ running, AWS charges a full instance hour, even if these transitions happen multiple times within a single hour. Anyway, rebooting an instance AWS does not charge a new instance billing hour. 

Topic 3, Volume C 

154. - (Topic 3) 

A user has created a VPC with a public subnet. The user has terminated all the instances which are part of the subnet. Which of the below mentioned statements is true with respect to this scenario? 

A. The user cannot delete the VPC since the subnet is not deleted 

B. All network interface attached with the instances will be deleted 

C. When the user launches a new instance it cannot use the same subnet 

D. The subnet to which the instances were launched with will be deleted 

Q8. - (Topic 1) 

You use S3 to store critical data for your company Several users within your group currently have lull permissions to your S3 buckets You need to come up with a solution mat does not impact your users and also protect against the accidental deletion of objects. 

Which two options will address this issue? Choose 2 answers 

A. Enable versioning on your S3 Buckets 

B. Configure your S3 Buckets with MFA delete 

C. Create a Bucket policy and only allow read only permissions to all users at the bucket level 

D. Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier 

Answer: A,B 

Q9. - (Topic 3) 

A user has created an Auto Scaling group using CLI. The user wants to enable CloudWatch detailed monitoring for that group. How can the user configure this? 

A. When the user sets an alarm on the Auto Scaling group, it automatically enables detail monitoring 

B. By default detailed monitoring is enabled for Auto Scaling 

C. Auto Scaling does not support detailed monitoring 

D. Enable detail monitoring from the AWS console 

Answer:

Explanation: 

CloudWatch is used to monitor AWS as well as the custom services. It provides either basic or detailed monitoring for the supported AWS products. In basic monitoring, a service sends data points to CloudWatch every five minutes, while in detailed monitoring a service sends data points to CloudWatch every minute. To enable detailed instance monitoring for a new Auto Scaling group, the user does not need to take any extra steps. When the user creates an Auto Scaling launch config as the first step for creating an Auto Scaling group, each launch configuration contains a flag named InstanceMonitoring.Enabled. The default value of this flag is true. Thus, the user does not need to set this flag if he wants detailed monitoring. 

Q10. - (Topic 2) 

A user has created an S3 bucket which is not publicly accessible. The bucket is having thirty objects which are also private. If the user wants to make the objects public, how can he configure this with minimal efforts? 

A. The user should select all objects from the console and apply a single policy to mark them public 

B. The user can write a program which programmatically makes all objects public using S3 SDK 

C. Set the AWS bucket policy which marks all objects as public 

D. Make the bucket ACL as public so it will also mark all objects as public 

Answer:

Explanation: 

A system admin can grant permission of the S3 objects or buckets to any user or make the objects public using the bucket policy and user policy. Both use the JSON-based access policy language. Generally if the user is defining the ACL on the bucket, the objects in the bucket do not inherit it and vice a versa. The bucket policy can be defined at the bucket level which allows the objects as well as the bucket to be public with a single policy applied to that bucket.