AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)
Question : A user has launched two EBS backed EC instances in the US-East-a region. The user wants to change the zone of one of the instances. How
can the user change it?
1. The zone can only be modified using the AWS CLI
2. It is not possible to change the zone of an instance after it is launched
3. Stop one of the instances and change the availability zone
4. From the AWS EC2 console, select the Actions - > Change zones and specify the new zone
Correct Answer : 2
Explanation: With AWS EC2, when a user is launching an instance he can select the availability zone (AZ. at the time of launch. If the zone is not selected, AWS selects
it on behalf of the user. Once the instance is launched, the user cannot change the zone of that instance unless he creates an AMI of
that instance and launches a new instance from it. Migrating an Instance to Another Availability Zone
If you need to, you can migrate an instance from one Availability Zone to another. For example, if you are trying to modify the instance type of your instance and we can't launch an
instance of the new instance type in the current Availability Zone, you could migrate the instance to an Availability Zone where we can launch an instance of that instance type.
The migration process involves creating an AMI from the original instance, launching an instance in the new Availability Zone, and updating the configuration of the new instance, as
shown in the following procedure. To migrate an instance to another Availability Zone : Create an AMI from the instance. The procedure depends on the operating system and the type of
root device volume for the instance.
[EC2-VPC] If you need to preserve the private IP address of the instance, you must delete the subnet in the current Availability Zone and then create a subnet in the new Availability
Zone with the same IP address range as the original subnet. Note that you must terminate all instances in a subnet before you can delete it. Therefore, you should move all instances
in the current subnet to the new subnet.
Launch an instance from the AMI that you just created, specifying the new Availability Zone or subnet. You can use the same instance type as the original instance, or select a new
instance type. If the original instance has an associated Elastic IP address, associate it with the new
instance.
If the original instance is a Reserved Instance, change the Availability Zone for your reservation. (If you also changed the instance type, you can also change the instance type for
your reservation.)
Question : An organization (account ID . has configured the IAM policy to allow the user to modify his
credentials. What will the below mentioned statement allow the user to perform?
{"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"iam:AddUserToGroup",
"iam:RemoveUserFromGroup",
"iam:GetGroup"
],
"Resource": "arn:aws:iam:: 777777777777:group/TestingGroup"
}]
1. The IAM policy will throw an error due to an invalid resource name
2. The IAM policy will allow the user to subscribe to any IAM group
3. Allow the IAM user to update the membership of the group called TestingGroup
4. Allow the IAM user to delete the TestingGroup
Correct Answer : 3 Exp: IAM Groups : A group is a collection of IAM users. Groups let you specify permissions for a collection of users, which can make it easier to manage the
permissions for those users. For example, you could have a group called Admins and give that group the types of permissions that administrators typically need. Any user in that group
automatically has the permissions that are assigned to the group. If a new user joins your organization and should have administrator privileges, you can assign the appropriate
permissions by adding the user to that group. Similarly, if a person changes jobs in your organization, instead of editing that user's permissions, you can remove him or her from the
old group and add him or her to the new group. Following are some important characteristics of groups:
A group can contain many users, and a user can belong to multiple groups.
Groups can't be nested; they can contain only users, not other groups.
There's no default group that automatically includes all users in the AWS account. If you want to have a group like that, you need to create it and assign each new user to it.
There's a limit to the number of groups you can have, and a limit to how many groups a user can be in.
Example : The company owner uses the AWS account credentials to create an Admins group that can includes users who can create and manage the users as
the company grows. The Admins group establishes a Development group and a Test group. Each of these groups consists of users (humans and applications) that interact with AWS (Jim,
Brad, DevApp1, and so on). Each user has an individual set of security credentials. In this example, each user belongs to a single group. However, users can belong to multiple
groups.AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS
services. If the organization (account ID 777777777777. wants their users to manage their subscription to the groups, they should create a
relevant policy for that. The below mentioned policy allows the respective IAM user to update the membership of the group called TestingGroup.
{ "Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"iam:AddUserToGroup",
"iam:RemoveUserFromGroup",
"iam:GetGroup"
],
"Resource": "arn:aws:iam:: 777777777777:group/ TestingGroup " }]
Question : HadoopExam Sysadmin has configured ELB with two EBS backed instances (for backup). The user has stopped the instances for week to save costs. The user restarts the
instances after 1 week. Which of the below mentioned statements will help the user to understand the ELB and instance registration better?
1. There is no way to register the stopped instances with ELB
2. The user cannot stop the instances if they are registered with ELB
3. If the instances have the same Elastic IP assigned after reboot they will be registered with ELB
4. The instances will automatically get registered with ELB
Correct Answer : 3
Mapping an Elastic IP to a load balancer is not supported. Elastic Load Balancing only provides a DNS name for your loadbalancer. You can change your domain to use the provided name
as a CNAME. As DNS resolution caches and clients pick up the new record, your traffic will transition to the load balancer. When you are comfortable that there is no more load
going directly to the original host, you can release it and its associated Elastic IP.
Elastic Load Balancing registers the user's load balancer with his EC2 instance using the associated IP address. When the instances are stopped and started back they will have a
different IP address. Thus, they will not get registered with ELB unless the user manually registers them. If the instances are assigned the same Elastic IP after reboot they will
automatically get registered with ELB.
Related Questions
Question : How can a Virtual Private Cloud (VPC) be connected to the internet?
1. By creating a NAT, which allows Amazon EC2 instances in the VPC to directly access the Internet.
2. By launching a specific EC2 instance with a pre-installed Internet Gateway, using the same Security Group as my instances within VPC.
3. A VPC cannot access the internet, but it can access other EC2 instances outside VPC.
4. By creating an Internet Gateway, which allows Amazon EC2 instances in the VPC to directly access the Internet.
Question : A user is sending a custom metric to CloudWatch. If the call to the CloudWatch APIs has different dimensions,
but the same metric name, how will CloudWatch treat all the requests?
1. Rejects the request as there cannot be a separate dimension for a single metric
2. Create a separate metric for each call
3. Group all the calls for the same metric based with the dimension category
4. Create a separate metric, but overwrites the previous dimension data with the new dimension data
Question :
Which parameter of the as-create-launch-config command displays the URL used to call the AWS Auto Scaling service?
1. show-URL
2. show-request
3. show-region-endpoint
4. show-endpoint
Question : What is the state of Alarm during the ninth time period
1. OK
2. ALARM
3. INSUFFICIENT_DATA
Question : Amazon EBS ________ send metric data for an available volume that is not attached to an Amazon EC instance,
because there is no metric activity to be monitored for that volume.
1. may
2. may not
3. Access Mostly Uused Products by 50000+ Subscribers
Question : What is the below cloudwatch command mean
Prompt>aws cloudwatch put-metric-alarm --alarm-name cpu-mon --alarm-description "" --metric-name CPUUtilization --namespace AWS/EC2
--statistic Average --period 300 --threshold 70 --comparison-operator GreaterThanThreshold --dimensions
Name=InstanceId,Value=i-12345678 --evaluation-periods 2 --alarm-actions arn:aws:sns:us-east-1:111122223333:MyTopic --unit Percent
1. To send an Amazon Simple Notification Service email message when CPU utilization exceeds 70 percent for consecutive 24 hours
2. To send an Amazon Simple Notification Service email message when CPU utilization less than 70 percent for consecutive 24 hours
3. Access Mostly Uused Products by 50000+ Subscribers