aiotestking uk

AWS-SysOps Exam Questions - Online Test


AWS-SysOps Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. - (Topic 3) 

An organization has applied the below mentioned policy on an IAM group which has selected the IAM users. What entitlements do the IAM users avail with this policy? 

"Version": "2012-10-17", 

"Statement": [ 

"Effect": "Allow", 

"Action": "*", 

"Resource": "*" 

A. The policy is not created correctly. It will throw an error for wrong resource name 

B. The policy is for the group. Thus, the IAM user cannot have any entitlement to this 

C. It allows full access to all AWS services for the IAM users who are a part of this group 

D. If this policy is applied to the EC2 resource, the users of the group will have full access to the EC2 Resources 

Answer:

Explanation: 

AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. The IAM group allows the organization to specify permissions for a collection of users. With the below mentioned policy, it will allow the group full access (Admin. to all AWS services. 

"Version": "2012-10-17", 

"Statement": [ 

"Effect": "Allow", 

"Action": "*", 

"Resource": "*" 

Q2. - (Topic 1) 

You have a Linux EC2 web server instance running inside a VPC The instance is In a public subnet and has an EIP associated with it so you can connect to It over the Internet via HTTP or SSH The instance was also fully accessible when you last logged in via SSH. and was also serving web requests on port 80. 

Now you are not able to SSH into the host nor does it respond to web requests on port 80 that were working fine last time you checked You have double-checked that all networking configuration parameters (security groups route tables. IGW'EIP. NACLs etc) are properly configured {and you haven’t made any changes to those anyway since you were last able to reach the Instance). You look at the EC2 console and notice that system status check shows "impaired." 

Which should be your next step in troubleshooting and attempting to get the instance back to a healthy state so that you can log in again? 

A. Stop and start the instance so that it will be able to be redeployed on a healthy host system that most likely will fix the "impaired" system status 

B. Reboot your instance so that the operating system will have a chance to boot in a clean healthy state that most likely will fix the 'impaired" system status 

C. Add another dynamic private IP address to me instance and try to connect via mat new path, since the networking stack of the OS may be locked up causing the “impaired” system status. 

D. Add another Elastic Network Interface to the instance and try to connect via that new path since the networking stack of the OS may be locked up causing the "impaired" system status 

E. un-map and then re-map the EIP to the instance, since the IGWVNAT gateway may not be working properly, causing the "impaired" system status 

Answer:

Topic 2, Volume B 

56. - (Topic 2) 

A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB. During a planned outage how will AWS ensure that a switch from DB to a standby replica will not affect access to the application? 

A. RDS will have an internal IP which will redirect all requests to the new DB 

B. RDS uses DNS to switch over to stand by replica for seamless transition 

C. The switch over changes Hardware so RDS does not need to worry about access 

D. RDS will have both the DBs running independently and the user has to manually switch over 

Q3. - (Topic 2) 

A user is planning to evaluate AWS for their internal use. The user does not want to incur any charge on his account during the evaluation. Which of the below mentioned AWS services would incur a charge if used? 

A. AWS S3 with 1 GB of storage 

B. AWS micro instance running 24 hours daily 

C. AWS ELB running 24 hours a day 

D. AWS PIOPS volume of 10 GB size 

Answer:

Explanation: 

AWS is introducing a free usage tier for one year to help the new AWS customers get started in Cloud. The free tier can be used for anything that the user wants to run in the Cloud. AWS offers a handful of AWS services as a part of this which includes 750 hours of free micro instances and 750 hours of ELB. It includes the AWS S3 of 5 GB and AWS EBS general purpose volume upto 30 GB. PIOPS is not part of free usage tier. 

Q4. - (Topic 2) 

A user has created a VPC with CIDR 20.0.0.0/24. The user has created a public subnet with CIDR 20.0.0.0/25. The user is trying to create the private subnet with CIDR 20.0.0.128/25. Which of the below mentioned statements is true in this scenario? 

A. It will not allow the user to create the private subnet due to a CIDR overlap 

B. It will allow the user to create a private subnet with CIDR as 20.0.0.128/25 

C. This statement is wrong as AWS does not allow CIDR 20.0.0.0/25 

D. It will not allow the user to create a private subnet due to a wrong CIDR range 

Answer:

Explanation: 

When the user creates a subnet in VPC, he specifies the CIDR block for the subnet. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC., or a subset (to enable multiple subnets.. If the user creates more than one subnet in a VPC, the CIDR blocks of the subnets must not overlap. Thus, in this case the user has created a VPC with the CIDR block 20.0.0.0/24, which supports 256 IP addresses (20.0.0.0 to 20.0.0.255.. The user can break this CIDR block into two subnets, each supporting 128 IP addresses. One subnet uses the CIDR block 20.0.0.0/25 (for addresses 20.0.0.0 - 20.0.0.127. and the other uses the CIDR block 20.0.0.128/25 (for addresses 20.0.0.128 - 20.0.0.255.. 

Q5. - (Topic 3) 

A .NET application that you manage is running in Elastic Beanstalk. Your developers tell you they will need access to application log files to debug issues that arise. The infrastructure will scale up and down. 

How can you ensure the developers will be able to access only the log files? 

A. Access the log files directly from Elastic Beanstalk 

B. Enable log file rotation to S3 within the Elastic Beanstalk configuration 

C. Ask your developers to enable log file rotation in the applications web.config file 

D. Connect to each Instance launched by Elastic Beanstalk and create a Windows Scheduled task to rotate the log files to S3. 

Answer:

Explanation: Reference: 

http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.loggingS3.title.html 

Q6. - (Topic 3) 

A sysadmin has created the below mentioned policy on an S3 bucket named cloudacademy. The bucket has both AWS.jpg and index.html objects. What does this policy define? 

"Statement": [{ 

"Sid": "Stmt1388811069831", 

"Effect": "Allow", 

"Principal": { "AWS": "*"}, 

"Action": [ "s3:GetObjectAcl", "s3:ListBucket", "s3:GetObject"], 

"Resource": [ "arn:aws:s3:::cloudacademy/*.jpg] 

}] 

A. It will make all the objects as well as the bucket public 

B. It will throw an error for the wrong action and does not allow to save the policy 

C. It will make the AWS.jpg object as public 

D. It will make the AWS.jpg as well as the cloudacademy bucket as public 

Answer:

Q7. - (Topic 3) 

A user has setup an Auto Scaling group. The group has failed to launch a single instance for more than 24 hours. What will happen to Auto Scaling in this condition? 

A. Auto Scaling will keep trying to launch the instance for 72 hours 

B. Auto Scaling will suspend the scaling process 

C. Auto Scaling will start an instance in a separate region 

D. The Auto Scaling group will be terminated automatically 

Answer:

Explanation: 

If Auto Scaling is trying to launch an instance and if the launching of the instance fails continuously, it will suspend the processes for the Auto Scaling groups since it repeatedly failed to launch an instance. This is known as an administrative suspension. It commonly applies to the Auto Scaling group that has no running instances which is trying to launch instances for more than 24 hours, and has not succeeded in that to do so. 

Q8. - (Topic 2) 

An organization is planning to use AWS for their production roll out. The organization wants to implement 

automation for deployment such that it will automatically create a LAMP stack, download the latest PHP 

installable from S3 and setup the ELB. Which of the below mentioned AWS services meets the quirement for making an orderly deployment of the software? 

A. AWS Elastic Beanstalk 

B. AWS Cloudfront 

C. AWS Cloudformation 

D. AWS DevOps 

Answer:

Explanation: 

AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and related activities. Cloudformation provides an easy way to create and delete the collection of related AWS resources and provision them in an orderly way. AWS CloudFormation automates and simplifies the task of repeatedly and predictably creating groups of related resources that power the user’s applications. AWS Cloudfront is a CDN; Elastic Beanstalk does quite a few of the required tasks. However, it is a PAAS which uses a ready AMI. AWS Elastic Beanstalk provides an environment to easily develop and run applications in the cloud. 

Q9. - (Topic 2) 

A user has launched an ELB which has 5 instances registered with it. The user deletes the 

ELB by mistake. What will happen to the instances? 

A. ELB will ask the user whether to delete the instances or not 

B. Instances will be terminated 

C. ELB cannot be deleted if it has running instances registered with it 

D. Instances will keep running 

Answer:

Explanation: 

When the user deletes the Elastic Load Balancer, all the registered instances will be deregistered. However, they will continue to run. The user will incur charges if he does not take any action on those instances. 

Q10. - (Topic 3) 

A user had aggregated the CloudWatch metric data on the AMI ID. The user observed some abnormal 

behaviour of the CPU utilization metric while viewing the last 2 weeks of data. The user wants to share that data with his manager. How can the user achieve this easily with the AWS console? 

A. The user can use the copy URL functionality of CloudWatch to share the exact details 

B. The user can use the export data option from the CloudWatch console to export the current data point 

C. The user has to find the period and data and provide all the aggregation information to the manager 

D. The user can use the CloudWatch data copy functionality to copy the current data points 

Answer:

Explanation: 

Amazon CloudWatch provides the functionality to graph the metric data generated either by the AWS services or the custom metric to make it easier for the user to analyse. The console provides the option to save the URL or bookmark it so that it can be used in the future by typing the same URL. The Copy URL functionality is available under the console when the user selects any metric to view.