Amazon AWS-SysOps Exam Dumps 2021

NEW QUESTION 1
A user is trying to understand the detailed CloudWatch monitoring concept. Which of the below mentioned services does not provide detailed monitoring with CloudWatch?

• A. AWS EMR
• B. AWS RDS
• C. AWS ELB
• D. AWS Route53

Answer: A

Explanation:
CloudWatch is used to monitor AWS as well as the custom services. It provides either basic or detailed monitoring for the supported AWS products. In basic monitoring, a service sends data points to CloudWatch every five minutes, while in detailed monitoring a service sends data points to CloudWatch every minute. Services, such as RDS, EC2, Auto Scaling, ELB, and Route 53 can provide the monitoring data every minute.

NEW QUESTION 2
A user is planning to scale up an application by 8 AM and scale down by 7 PM daily using Auto Scaling. What should the user do in this case?

• A. Setup the scaling policy to scale up and down based on the CloudWatch alarms
• B. The user should increase the desired capacity at 8 AM and decrease it by 7 PM manually
• C. The user should setup a batch process which launches the EC2 instance at a specific time
• D. Setup scheduled actions to scale up or down at a specific time

Answer: A

Explanation:
Auto Scaling based on a schedule allows the user to scale the application in response to predictable load changes. To configure the Auto Scaling group to scale based on a schedule, the user needs to create scheduled actions. A scheduled action tells Auto Scaling to perform a scaling action at a certain time in the future.

NEW QUESTION 3
A user has created an ELB with the availability zone US-East-1A. The user wants to add more zones to ELB to achieve High Availability. How can the user add more zones to the existing ELB?

• A. It is not possible to add more zones to the existing ELB
• B. The only option is to launch instances in different zones and add to ELB
• C. The user should stop the ELB and add zones and instances as required
• D. The user can add zones on the fly from the AWS console

Answer: D

Explanation:
The user has created an Elastic Load Balancer with the availability zone and wants to add more zones to the existing ELB. The user can do so in two ways:
From the console or CLI, add new zones to ELB;
Launch instances in a separate AZ and add instances to the existing ELB.

NEW QUESTION 4
The CFO of a company wants to allow one of his employees to view only the AWS usage report page. Which of the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?

• A. "Effect": "Allow", "Action": [“Describe”], "Resource": "Billing"
• B. "Effect": "Allow", "Action": ["AccountUsage], "Resource": "*"
• C. "Effect": "Allow", "Action": ["aws-portal:ViewUsage"], "Resource": "*"
• D. "Effect": "Allow", "Action": ["aws-portal: ViewBilling"], "Resource": "*"

Answer: C

Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the CFO wants to allow only AWS usage report page access, the policy for that IAM user will be as given below:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"aws-portal:ViewUsage"
],
"Resource": "*"
}
]
}

NEW QUESTION 5
A user has configured Auto Scaling with the minimum capacity as 2 and the desired capacity as 2. The user is trying to terminate one of the existing instance with the command:
as-terminate-instance-in-auto-scaling-group<Instance ID> --decrement-desired-capacity
What will Auto Scaling do in this scenario?

• A. Terminates the instance and does not launch a new instance
• B. Terminates the instance and updates the desired capacity to 1
• C. Terminates the instance and updates the desired capacity and minimum size to 1
• D. Throws an error

Answer: D

Explanation:
The Auto Scaling command as-terminate-instance-in-auto-scaling-group <Instance ID> will terminate the specific instance ID. The user is required to specify the parameter as --decrement-desired-capacity. Then Auto Scaling will terminate the instance and decrease the desired capacity by 1. In this case since the minimum size is 2, Auto Scaling will not allow the desired capacity to go below 2. Thus, it will throw an error.

NEW QUESTION 6
A user has created a VPC with two subnets: one public and one private. The user is planning to run the patch update for the instances in the private subnet. How can the instances in the private subnet connect to theinternet?

• A. Use the internet gateway with a private IP
• B. Allow outbound traffic in the security group for port 80 to allow internet updates
• C. The private subnet can never connect to the internet
• D. Use NAT with an elastic IP

Answer: D

Explanation:
A Virtual Private Cloud (VPC. is a virtual network dedicated to the user’s AWS account. A user can create a subnet with VPC and launch instances inside that subnet. If the user has created two subnets (one private and one public., he would need a Network Address Translation (NAT. instance with the elastic IP address. This enables the instances in the private subnet to send requests to the internet (for example, to perform software updates..

NEW QUESTION 7
A user is trying to configure the CloudWatch billing alarm. Which of the below mentioned steps should be
performed by the user for the first time alarm creation in the AWS Account Management section?

• A. Enable Receiving Billing Reports
• B. Enable Receiving Billing Alerts
• C. Enable AWS billing utility
• D. Enable CloudWatch Billing Threshold

Answer: B

Explanation:
AWS CloudWatch supports enabling the billing alarm on the total AWS charges. Before the user can create an alarm on the estimated charges, he must enable monitoring of the estimated AWS charges, by selecting the option “Enable receiving billing alerts”. It takes about 15 minutes before the user can view the billing data. The user can then create the alarms.

NEW QUESTION 8
An organization is planning to use AWS for 5 different departments. The finance department is responsible to pay for all the accounts. However, they want the cost separation for each account to map with the right cost centre. How can the finance department achieve this?

• A. Create 5 separate accounts and make them a part of one consolidate billing
• B. Create 5 separate accounts and use the IAM cross account access with the roles for better management
• C. Create 5 separate IAM users and set a different policy for their access
• D. Create 5 separate IAM groups and add users as per the department’s employees

Answer: A

Explanation:
AWS consolidated billing enables the organization to consolidate payments for multiple Amazon Web Services (AWS. accounts within a single organization by making a single paying account. Consolidated billing enables the organization to see a combined view of the AWS charges incurred by each account as well as obtain a detailed cost report for each of the individual AWS accounts associated with the paying account.

NEW QUESTION 9
An organization wants to move to Cloud. They are looking for a secure encrypted database storage option. Which of the below mentioned AWS functionalities helps them to achieve this?

• A. AWS MFA with EBS
• B. AWS EBS encryption
• C. Multi-tier encryption with Redshift
• D. AWS S3 server side storage

Answer: B

Explanation:
AWS EBS supports encryption of the volume while creating new volumes. It also supports creating volumes from existing snapshots provided the snapshots are created from encrypted volumes. The data at rest, the I/O as well as all the snapshots of EBS will be encrypted. The encryption occurs on the servers that host the EC2 instances, providing encryption of data as it moves between the EC2 instances and EBS storage. EBS encryption is based on the AES-256 cryptographic algorithm, which is the industry standard

NEW QUESTION 10
A user has created a VPC with CIDR 20.0.0.0/16 using VPC Wizard. The user has created a public CIDR
(20.0.0.0/24. and a VPN only subnet CIDR (20.0.1.0/24. along with the hardware VPN access to connect to the user’s data centre. Which of the below mentioned components is not present when the VPC is setup with the wizard?

• A. Main route table attached with a VPN only subnet
• B. A NAT instance configured to allow the VPN subnet instances to connect with the internet
• C. Custom route table attached with a public subnet
• D. An internet gateway for a public subnet

Answer: B

Explanation:
The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data centre, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data centre. When the user has configured this setup with Wizard, it will update the main route table used with the VPN-only subnet, create a custom route table and associate it with the public subnet. It also creates an internet gateway for the public subnet. The wizard does not create a NAT instance by default. The user can create it manually and attach it with a VPN only subnet.

NEW QUESTION 11
A user has provisioned 2000 IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of the below mentioned options does not affect the IOPS of the volume?

• A. The application does not have enough IO for the volume
• B. The instance is EBS optimized
• C. The EC2 instance has 10 Gigabit Network connectivity
• D. The volume size is too large

Answer: D

Explanation:
When the application does not experience the expected IOPS or throughput of the PIOPS EBS volume that was provisioned, the possible root cause could be that the EC2 bandwidth is the limiting factor and the instance might not be either EBS-optimized or might not have 10 Gigabit network connectivity. Another possible cause for not experiencing the expected IOPS could also be that the user is not driving enough I/O to the EBS volumes. The size of the volume may not affect IOPS.

NEW QUESTION 12
A user runs the command “dd if=/dev/zero of=/dev/xvdfbs=1M” on a fresh blank EBS volume attached to a Linux instance. Which of the below mentioned activities is the user performing with the command given above?

• A. Creating a file system on the EBS volume
• B. Mounting the device to the instance
• C. Pre warming the EBS volume
• D. Formatting the EBS volume

Answer: C

Explanation:
When the user creates a new EBS volume and is trying to access it for the first time it will encounter reduced IOPS due to wiping or initiating of the block storage. To avoid this as well as achieve the best performance it is required to pre warm the EBS volume. For a blank volume attached with a Linux OS, the “dd” command is used to write to all the blocks on the device. In the command “dd if=/dev/zero of=/dev/xvdfbs=1M” the parameter “if =import file” should be set to one of the Linux virtual devices, such as /dev/zero. The “of=output file” parameter should be set to the drive that the user wishes to warm. The “bs” parameter sets the block size of the write operation; for optimal performance, this should be set to 1 MB.

NEW QUESTION 13
A user is trying to understand the ACL and policy for an S3 bucket. Which of the below mentioned policy
permissions is equivalent to the WRITE ACL on a bucket?

• A. s3:GetObjectAcl
• B. s3:GetObjectVersion
• C. s3:ListBucketVersions
• D. s3:DeleteObject

Answer: D

Explanation:
Amazon S3 provides a set of operations to work with the Amazon S3 resources. Each AWS S3 bucket can have an ACL (Access Control List. or bucket policy associated with it. The WRITE ACL list allows the other AWS accounts to write/modify to that bucket. The equivalent S3 bucket policy permission for it is s3:DeleteObject.

NEW QUESTION 14
A user has setup an EBS backed instance and attached 2 EBS volumes to it. The user has setup a CloudWatch alarm on each volume for the disk data. The user has stopped the EC2 instance and detached the EBS volumes. What will be the status of the alarms on the EBS volume?

• A. OK
• B. Insufficient Data
• C. Alarm
• D. The EBS cannot be detached until all the alarms are removed

Answer: B

Explanation:
Amazon CloudWatch alarm watches a single metric over a time period that the user specifies and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. Alarms invoke actions only for sustained state changes. There are three states of the alarm: OK, Alarm and Insufficient data. In this case since the EBS is detached and inactive the state will be Insufficient.

NEW QUESTION 15
A user has launched an RDS MySQL DB with the Multi AZ feature. The user has scheduled the scaling of
instance storage during maintenance window. What is the correct order of events during maintenance window?
Perform maintenance on standby
Promote standby to primary
Perform maintenance on original primary
Promote original master back as primary

• A. 1, 2, 3, 4
• B. 1, 2, 3
• C. 2, 3, 1, 4

Answer: B

Explanation:
Running MySQL on the RDS DB instance as a Multi-AZ deployment can help the user reduce the impact of a maintenance event, as the Amazon will conduct maintenance by following the steps in the below mentioned order: Perform maintenance on standby Promote standby to primary Perform maintenance on original primary, which becomes the new standby.

NEW QUESTION 16
You use S3 to store critical data for your company Several users within your group currently have lull permissions to your S3 buckets You need to come up with a solution mat does not impact your users and also protect against the accidental deletion of objects.
Which two options will address this issue? Choose 2 answers

• A. Enable versioning on your S3 Buckets
• B. Configure your S3 Buckets with MFA delete
• C. Create a Bucket policy and only allow read only permissions to all users at the bucket level
• D. Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier

Answer: AB

NEW QUESTION 17
What is a placement group?

• A. A collection of Auto Scaling groups in the same Region
• B. Feature that enables EC2 instances to interact with each other via nigh bandwidth, low latency connections
• C. A collection of Elastic Load Balancers in the same Region or Availability Zone
• D. A collection of authorized Cloud Front edge locations for a distribution

Answer: B

Explanation: Reference:
http://aws.amazon.com/ec2/faqs/

NEW QUESTION 18
A user has configured ELB with Auto Scaling. The user suspended the Auto Scaling AddToLoadBalancer
(which adds instances to the load balancer. process for a while. What will happen to the instances launched during the suspension period?

• A. The instances will not be registered with ELB and the user has to manually register when the process is resumed
• B. The instances will be registered with ELB only once the process has resumed
• C. Auto Scaling will not launch the instance during this period due to process suspension
• D. It is not possible to suspend only the AddToLoadBalancer process

Answer: A

Explanation:
Auto Scaling performs various processes, such as Launch, Terminate, add to Load Balancer etc. The user can also suspend the individual process. The AddToLoadBalancer process type adds instances to the load balancer when the instances are launched. If this process is suspended, Auto Scaling will launch the instances but will not add them to the load balancer. When the user resumes this process, Auto Scaling will resume adding new instances launched after resumption to the load balancer. However, it will not add running instances that were launched while the process was suspended; those instances must be added manually.