Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : A user has launched instances in EC-CLASSIC and attached elastic IPs to the five different instances in the US East region. The user is
creating a VPC in the same region. The user wants to assign an elastic IP to the VPC instance. How can the user achieve this?

: A user has launched instances in EC-CLASSIC and attached elastic IPs to the five different instances in the US East region. The user is
1. The user has to request AWS to increase the number of elastic IPs associated with the account
2. AWS allows 10 EC2 Classic IPs per region; so it will allow to allocate new Elastic IPs to the same region
3. The AWS will not allow to create a new elastic IP in VPC; it will throw an error
4. The user can allocate a new IP address in VPC as it has a different limit than EC2

Correct Answer : 4
A Virtual Private Cloud (VPC. is a virtual network dedicated to the user's AWS account. A user can create a subnet with VPC and launch instances
inside that subnet. A user can have 5 IP addresses per region with EC2 Classic. The user can have 5 separate IPs with VPC in the same region
as it has a separate limit than EC2 Classic.




Question : A user has created a subnet in VPC and launched an EC instance within it. The user has not selected the option to assign the IP address while
launching the instance. Which of the below mentioned statements is true with respect to this scenario?
: A user has created a subnet in VPC and launched an EC instance within it. The user has not selected the option to assign the IP address while
1. The instance will always have a public DNS attached to the instance by default
2. The user can directly attach an elastic IP to the instance
3. The instance will never launch if the public IP is not assigned
4. The user would need to create an internet gateway and then attach an elastic IP to the instance to connect from internet

Correct Answer : 4


Explanation: A Virtual Private Cloud (VPC. is a virtual network dedicated to the user's AWS account. A user can create a subnet with VPC and launch instances
inside that subnet. When the user is launching an instance he needs to select an option which attaches a public IP to the instance. If the user has
not selected the option to attach the public IP then it will only have a private IP when launched. The user cannot connect to the instance from the
internet. If the user wants an elastic IP to connect to the instance from the internet he should create an internet gateway and assign an elastic IP
to instance.








Question : An organization has applied the below mentioned policy on an IAM group which has selected the IAM users. What entitlements do the IAM users avail with this policy?
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}
: An organization has applied the below mentioned policy on an IAM group which has selected the IAM users. What entitlements do the IAM users avail with this policy?
1. The policy is not created correctly. It will throw an error for wrong resource name
2. The policy is for the group. Thus, the IAM user cannot have any entitlement to this
3. It allows full access to all AWS services for the IAM users who are a part of this group
4. If this policy is applied to the EC2 resource, the users of the group will have full access to the EC2 Resources

Correct Answer : 3
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS
services. The IAM group allows the organization to specify permissions for a collection of users. With the below mentioned policy,
it will allow the group full access (Admin. to all AWS services.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}



Related Questions

Question : A user is receiving a notification from the RDS DB whenever there is a change in the DB security group. The user does not want to receive these
notifications for only a month. Thus, he does not want to delete the notification. How can the user configure this?

 : A user is receiving a notification from the RDS DB whenever there is a change in the DB security group. The user does not want to receive these
1. Change the Disable button for notification to "Yes" in the RDS console
2. Set the send mail flag to false in the DB event notification console
3. Access Mostly Uused Products by 50000+ Subscribers
4. Change the Enable button for notification to "No" in the RDS console



Question : A user has created a VPC with CIDR .../. The user has created one subnet with CIDR .../ by mistake. The user is trying to create
another subnet of CIDR 20.0.0.1/24. How can the user create the second subnet?
 : A user has created a VPC with CIDR .../. The user has created one subnet with CIDR .../ by mistake. The user is trying to create
1. There is no need to update the subnet as VPC automatically adjusts the CIDR of the first subnet based on the second subnet's CIDR
2. The user can modify the first subnet CIDR from the console
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The user can modify the first subnet CIDR with AWS CLI


Question : A user has created a VPC with the public and private subnets using the VPC wizard. The VPC has CIDR
20.0.0.0/16. The public subnet uses CIDR 20.0.1.0/24. The user is planning to host a web server in the public subnet port 80. and a DB server in
the private subnet port 3306.. The user is configuring a security group for the public subnet WebSecGrp. and the private subnet DBSecGrp..
Which of the below mentioned entries is required in the web server security group WebSecGrp.?
 : A user has created a VPC with the public and private subnets using the VPC wizard. The VPC has CIDR
1. Configure Destination as DB Security group ID DbSecGrp. for port 3306 Outbound
2. 80 for Destination 0.0.0.0/0 Outbound
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Configure port 80 InBound for source 20.0.0.0/16


Question : A user is trying to understand the detailed CloudWatch monitoring concept. Which of the below mentioned services provides detailed monitoring
with CloudWatch without charging the user extra?
 : A user is trying to understand the detailed CloudWatch monitoring concept. Which of the below mentioned services provides detailed monitoring
1. AWS Auto Scaling
2. AWS Route 53
 3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS SNS


Question : A user is trying to understand the CloudWatch metrics for the AWS services. It is required that the user should first understand the namespace for
the AWS services. Which of the below mentioned is not a valid namespace for the AWS services?

 : A user is trying to understand the CloudWatch metrics for the AWS services. It is required that the user should first understand the namespace for
1. AWS/StorageGateway
2. AWS/CloudTrail
 3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS/SWF



Question : A system admin is planning to encrypt all objects being uploaded to S from an application. The system admin does not want to implement his
own encryption algorithm; instead he is planning to use server side encryption by supplying his own key SSE-C. Which parameter is not required while making a call for SSE-C?
 : A system admin is planning to encrypt all objects being uploaded to S from an application. The system admin does not want to implement his
1. x-amz-server-side-encryption-customer-key-AES-256
2. x-amz-server-side-encryption-customer-key
 3. Access Mostly Uused Products by 50000+ Subscribers
4. x-amz-server-side-encryption-customer-key-MD5