aiotestking uk

AWS-SysOps Exam Questions - Online Test


AWS-SysOps Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. - (Topic 2) 

A user has launched an EBS backed EC2 instance. The user has rebooted the instance. Which of the below mentioned statements is not true with respect to the reboot action? 

A. The private and public address remains the same 

B. The Elastic IP remains associated with the instance 

C. The volume is preserved 

D. The instance runs on a new host computer 

Answer:

Explanation: 

A user can reboot an EC2 instance using the AWS console, the Amazon EC2 CLI or the Amazon EC2 API. Rebooting an instance is equivalent to rebooting an operating system. However, it is recommended that the user use the Amazon EC2 to reboot the instance instead of running the operating system reboot command from the instance. The instance remains on the same host computer and maintains its public DNS name, private IP address, and any data on its instance store volumes. It typically takes a few minutes for the reboot to complete, but the time it takes to reboot depends on the instance configuration. 

Q2. - (Topic 3) 

A sys admin has enabled logging on ELB. Which of the below mentioned fields will not be a part of the log file name? 

A. Load Balancer IP 

B. EC2 instance IP 

C. S3 bucket name 

D. Random string 

Answer:

Explanation: 

Elastic Load Balancing access logs capture detailed information for all the requests made to the load balancer. Elastic Load Balancing publishes a log file from each load balancer node at the interval that the user has specified. The load balancer can deliver multiple logs for the same period. Elastic Load Balancing creates log file names in the following format: “{Bucket}/{Prefix}/AWSLogs/{AWS AccountID}/elasticloadbalancing/{Region}/{Year}/{Month}/{Day}/{AWS Account ID}_elasticloadbalancing_{Region}_{Load Balancer Name}_{End Time}_{Load Balancer IP}_{Random String}.log“ 

Q3. - (Topic 2) 

A sys admin is maintaining an application on AWS. The application is installed on EC2 and user has configured ELB and Auto Scaling. Considering future load increase, the user is planning to launch new servers proactively so that they get registered with ELB. How can the user add these instances with Auto Scaling? 

A. Increase the desired capacity of the Auto Scaling group 

B. Increase the maximum limit of the Auto Scaling group 

C. Launch an instance manually and register it with ELB on the fly 

D. Decrease the minimum limit of the Auto Scaling grou 

Answer:

Explanation: 

A user can increase the desired capacity of the Auto Scaling group and Auto Scaling will launch a new instance as per the new capacity. The newly launched instances will be registered with ELB if Auto Scaling group is configured with ELB. If the user decreases the minimum size the instances will be removed from Auto Scaling. Increasing the maximum size will not add instances but only set the maximum instance cap. 

Q4. - (Topic 1) 

You are running a web-application on AWS consisting of the following components an Elastic Load Balancer (ELB) an Auto-Scaling Group of EC2 instances running Linux/PHP/Apache, and Relational DataBase Service (RDS) MySQL. 

Which security measures fall into AWS's responsibility? 

A. Protect the EC2 instances against unsolicited access by enforcing the principle of least-privilege access 

B. Protect against IP spoofing or packet sniffing 

C. Assure all communication between EC2 instances and ELB is encrypted 

D. Install latest security patches on ELB. RDS and EC2 instances 

Answer:

Q5. - (Topic 3) 

A user has created a mobile application which makes calls to DynamoDB to fetch certain data. The application is using the DynamoDB SDK and root account access/secret access key to connect to DynamoDB from mobile. Which of the below mentioned statements is true with respect to the best practice for security in this scenario? 

A. The user should create a separate IAM user for each mobile application and provide DynamoDB access with it 

B. The user should create an IAM role with DynamoDB and EC2 access. Attach the role with EC2 and route all calls from the mobile through EC2 

C. The application should use an IAM role with web identity federation which validates calls to DynamoDB with identity providers, such as Google, Amazon, and Facebook 

D. Create an IAM Role with DynamoDB access and attach it with the mobile application 

Answer:

Explanation: 

With AWS IAM a user is creating an application which runs on an EC2 instance and makes requests to AWS, such as DynamoDB or S3 calls. Here it is recommended that the user should not create an IAM user and pass the user's credentials to the application or embed those credentials inside the application. If the user is creating an app that runs on a mobile phone and makes requests to AWS, the user should not create an IAMuser and distribute the user's access key with the app. Instead, he should use an identity provider, such as Login with Amazon, Facebook, or Google to authenticate the users, and then use that identity to get temporary security credentials. 

Q6. - (Topic 2) 

A user is planning to use AWS Cloudformation. Which of the below mentioned functionalities does not help him to correctly understand Cloudfromation? 

A. Cloudformation follows the DevOps model for the creation of Dev & Test 

B. AWS Cloudfromation does not charge the user for its service but only charges for the AWS resources created with it 

C. Cloudformation works with a wide variety of AWS services, such as EC2, EBS, VPC, IAM, S3, RDS, 

ELB, etc 

D. CloudFormation provides a set of application bootstrapping scripts which enables the user to install Software 

Answer:

Explanation: 

AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and related activities. It supports a wide variety of AWS services, such as EC2, EBS, AS, ELB, RDS, VPC, etc. It also provides application bootstrapping scripts which enable the user to install software packages or create folders. It is free of the cost and only charges the user for the services created with it. The only challenge is that it does not follow any model, such as DevOps; instead customers can define templates and use them to provision and manage the AWS resources in an orderly way. 

Q7. - (Topic 2) 

A user has created a VPC with CIDR 20.0.0.0/24. The user has created a public subnet with CIDR 20.0.0.0/25 and a private subnet with CIDR 20.0.0.128/25. The user has launched one instance each in the private and public subnets. Which of the below mentioned options cannot be the correct IP address (private IP. assigned to an instance in the public or private subnet? 

A. 20.0.0.255 

B. 20.0.0.132 

C. 20.0.0.122 

D. 20.0.0.55 

Answer:

Explanation: 

When the user creates a subnet in VPC, he specifies the CIDR block for the subnet. In this case the user has created a VPC with the CIDR block 20.0.0.0/24, which supports 256 IP addresses (20.0.0.0 to 20.0.0.255.. The public subnet will have IP addresses between 20.0.0.0 - 20.0.0.127 and the private subnet will have IP addresses between 20.0.0.128 -20.0.0.255. AWS reserves the first four IP addresses and the last IP address in each subnet’s CIDR block. These are not available for the user to use. Thus, the instance cannot have an IP address of 20.0.0.255 

Q8. - (Topic 1) 

You have a web application leveraging an Elastic Load Balancer (ELB) In front of the web servers deployed using an Auto Scaling Group Your database is running on Relational 

Database Service (RDS) The application serves out technical articles and responses to them in general there are more views of an article than there are responses to the article. On occasion, an article on the site becomes extremely popular resulting in significant traffic Increases that causes the site to go down. 

What could you do to help alleviate the pressure on the infrastructure while maintaining availability during these events? 

Choose 3 answers 

A. Leverage CloudFront for the delivery of the articles. 

B. Add RDS read-replicas for the read traffic going to your relational database 

C. Leverage ElastiCache for caching the most frequently used data. 

D. Use SOS to queue up the requests for the technical posts and deliver them out of the queue. 

E. Use Route53 health checks to fail over to an S3 bucket for an error page. 

Answer: A,C,E 

Q9. - (Topic 3) 

Your business is building a new application that will store its entire customer database on a RDS MySQL database, and will have various applications and users that will query that data for different purposes. 

Large analytics jobs on the database are likely to cause other applications to not be able to get the query results they need to, before time out. Also, as your data grows, these analytics jobs will start to take more time, increasing the negative effect on the other applications. 

How do you solve the contention issues between these different workloads on the same data? 

A. Enable Multi-AZ mode on the RDS instance 

B. Use ElastiCache to offload the analytics job data 

C. Create RDS Read-Replicas for the analytics work 

D. Run the RDS instance on the largest size possible 

Answer:

Q10. - (Topic 2) 

An organization is planning to use AWS for 5 different departments. The finance department is responsible to pay for all the accounts. However, they want the cost separation for each account to map with the right cost centre. How can the finance department achieve this? 

A. Create 5 separate accounts and make them a part of one consolidate billing 

B. Create 5 separate accounts and use the IAM cross account access with the roles for better management 

C. Create 5 separate IAM users and set a different policy for their access 

D. Create 5 separate IAM groups and add users as per the department’s employees 

Answer:

Explanation: 

AWS consolidated billing enables the organization to consolidate payments for multiple Amazon Web Services (AWS. accounts within a single organization by making a single paying account. Consolidated billing enables the organization to see a combined view of the AWS charges incurred by each account as well as obtain a detailed cost report for each of the individual AWS accounts associated with the paying account.