Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : A sysadmin has created the below mentioned policy on an S bucket named hadoopexam. The bucket has both AWS.jpg and index.html objects.
What does this policy define?
"Statement": [{
"Sid": "Stmt11111111111111",
"Effect": "Allow",
"Principal": { "AWS": "*"},
"Action": [ "s3:GetObjectAcl", "s3:ListBucket", "s3:GetObject"],
"Resource": [ "arn:aws:s3:::hadoopexam/*.jpg]
}]
: A sysadmin has created the below mentioned policy on an S bucket named hadoopexam. The bucket has both AWS.jpg and index.html objects.
1. It will make all the objects as well as the bucket public
2. It will throw an error for the wrong action and does not allow to save the policy
3. It will make the AWS.jpg object as public
4. It will make the AWS.jpg as well as the hadoopexam bucket as public

Correct Answer : 2
Explanation: A sysadmin can grant permission to the S3 objects or the buckets to any user or make objects public using the bucket policy and user policy. Both use the
JSON-based access policy language. Generally if user is defining the ACL on the bucket, the objects in the bucket do not inherit it and vice a versa. The bucket policy can be defined
at the bucket level which allows the objects as well as the bucket to be public with a single policy applied to that bucket. In the below policy the action says "S3:ListBucket" for
effect Allow and when there is no bucket name mentioned as a part of the resource, it will throw an error and not save the policy.
"Statement": [{
"Sid": "Stmt11111111111111",
"Effect": "Allow",
"Principal": { "AWS": "*"},
"Action": [ "s3:GetObjectAcl", "s3:ListBucket", "s3:GetObject"], "Resource": [ "arn:aws:s3:::hadoopexam/*.jpg]
}]
Granting Permissions to Multiple Accounts with Added Conditions The following example policy grants the s3:PutObject and s3:PutObjectAcl permissions to multiple AWS accounts and
requires that any request for these operations include the public-read canned ACL. For more information, see Specifying Permissions in a Policy and Specifying Conditions in a Policy.
{ "Version":"2012-10-17",
"Statement":[{
"Sid":"AddCannedAcl",
"Effect":"Allow",
"Principal": {
"AWS": ["arn:aws:iam::111122223333:root","arn:aws:iam::444455556666:root"]
},
"Action":["s3:PutObject","s3:PutObjectAcl"
],
"Resource":["arn:aws:s3:::examplebucket/*"
],
"Condition":{
"StringEquals":{
"s3:x-amz-acl":["public-read"]
} } } ]}






Question : A user has launched an EC instance and deployed a production application in it.
The user wants to prohibit any mistakes from the production team to avoid accidental termination. How can the user achieve this?
: A user has launched an EC instance and deployed a production application in it.
1. The user can the set DisableApiTermination attribute to avoid accidental termination
2. It is not possible to avoid accidental termination
3. The user can set the Deletion termination flag to avoid accidental termination
4. The user can set the InstanceInitiatedShutdownBehavior flag to avoid accidental termination

Correct Answer : 1

Explanation: Enabling Termination Protection for an Instance
By default, you can terminate your instance using the Amazon EC2 console, command line interface, or API. If you want to prevent your instance from being accidentally terminated
using Amazon EC2, you can enable termination protection for the instance. The DisableApiTermination attribute controls whether the instance can be terminated using the console, CLI,
or API. By default, termination protection is disabled for your instance. You can set the value of this attribute when you launch the instance, while the instance is running, or
while the instance is stopped (for Amazon EBS-backed instances).

The DisableApiTermination attribute does not prevent you from terminating an instance by initiating shutdown from the instance (using an operating system command for system shutdown)
when the InstanceInitiatedShutdownBehavior attribute is set. For more information, see Changing the Instance Initiated Shutdown Behavior.

You can't prevent instances that are part of an Auto Scaling group from terminating using termination protection. However, you can specify which instances should terminate first. For
more information, see Choosing a Termination Policy in the Auto Scaling Developer Guide.
It is always possible that someone can terminate an EC2 instance using the Amazon EC2 console, command line interface or API by mistake. If
the admin wants to prevent the instance from being accidentally terminated, he can enable termination protection for that instance. The
DisableApiTermination attribute controls whether the instance can be terminated using the console, CLI or API. By default, termination protection
is disabled for an EC2 instance. When it is set it will not allow the user to terminate the instance from CLI, API or the console.





Question : When an instance terminates, the data on any instance store volumes associated with that instance is _________
: When an instance terminates, the data on any instance store volumes associated with that instance is _________
1. Will not be deleted
2. remain for 48 Hrs
3. Will be deleted
4. remain for 24 Hrs

Correct Answer : 3

Explanation: After you terminate an instance, it remains visible in the console for a short while, and then the entry is deleted.

When an instance terminates, the data on any instance store volumes associated with that instance is deleted.

By default, any Amazon EBS volumes that you attach as you launch the instance are automatically deleted when the instance terminates. However, by default, any volumes that you attach
to a running instance persist even after the instance terminates. This behavior is controlled by the volume's DeleteOnTermination attribute, which you can modify. For more
information, see Preserving Amazon EBS Volumes on Instance Termination.

You can prevent an instance from being terminated accidentally by someone using the AWS Management Console, the CLI, and the API. This feature is available for both Amazon EC2
instance store-backed and Amazon EBS-backed instances. Each instance has a DisableApiTermination attribute with the default value of false (the instance can be terminated through
Amazon EC2). You can modify this instance attribute while the instance is running or stopped (in the case of Amazon EBS-backed instances). For more information, see Enabling
Termination Protection for an Instance.

You can control whether an instance should stop or terminate when shutdown is initiated from the instance using an operating system command for system shutdown. For more information,
see Changing the Instance Initiated Shutdown Behavior.

If you run a script on instance termination, your instance might have an abnormal termination, because we have no way to ensure that shutdown scripts run. Amazon EC2 attempts to shut
an instance down cleanly and run any system shutdown scripts; however, certain events (such as hardware failure) may prevent these system shutdown scripts from running.


Related Questions

Question : A user has launched an EC instance from an instance store backed AMI. The user has attached an additional instance store volume to the
instance. The user wants to create an AMI from the running instance. Will the AMI have the additional instance store volume data?
 : A user has launched an EC instance from an instance store backed AMI. The user has attached an additional instance store volume to the
1. Yes, the block device mapping will have information about the additional instance store volume
2. No, since the instance store backed AMI can have only the root volume bundled
3. It is not possible to attach an additional instance store volume to the existing instance store backed AMI instance
4. No, since this is ephermal storage it will not be a part of the AMI



Question : A user has created an EBS volume of GB and attached it to a running instance. The user is trying to access EBS for first time. Which of the
below mentioned options is the correct statement with respect to a first time EBS access?
 : A user has created an EBS volume of GB and attached it to a running instance. The user is trying to access EBS for first time. Which of the
1. The volume will show a size of 8 GB
2. The volume will show a loss of the IOPS performance the first time
3. The volume will be blank
4. If the EBS is mounted it will ask the user to create a file system



Question : QuickTechie.com sysadmin has enabled termination protection on an EC instance. The user has also set Instance initiated
shutdown behaviour to terminate. When the user shuts down the instance from the OS, what will happen?
 : QuickTechie.com sysadmin has enabled termination protection on an EC instance. The user has also set Instance initiated
1. The OS will shutdown but the instance will not be terminated due to protection
2. It will terminate the instance
3. It will not allow the user to shutdown the instance from the OS
4. It is not possible to set the termination protection when an Instance initiated shutdown is set to Terminate


Question : A user has deployed an application on an EBS backed EC instance. For a better performance of application, it requires dedicated EC to EBS
traffic. How can the user achieve this?
 : A user has deployed an application on an EBS backed EC instance. For a better performance of application, it requires dedicated EC to EBS
1. Launch the EC2 instance as EBS dedicated with PIOPS EBS
2. Launch the EC2 instance as EBS enhanced with PIOPS EBS
3. Launch the EC2 instance as EBS provisioned with PIOPS EBS
4. Launch the EC2 instance as EBS optimized with PIOPS EBS



Question : A user has launched a Windows based EC instance. However, the instance has some issues and the user wants to check the log. When the user
checks the Instance console output from the AWS console, what will it display?
 : A user has launched a Windows based EC instance. However, the instance has some issues and the user wants to check the log. When the user
1. All the event logs since instance boot
2. The last 10 system event log error
3. The Windows instance does not support the console output
4. The last three system events' log errors



Question : A user has launched an EBS backed instance with EC-Classic. The user stops and starts the instance.
Which of the below mentioned statements is not true with respect to the stop/start action?
 : A user has launched an EBS backed instance with EC-Classic. The user stops and starts the instance.
1. The instance gets new private and public IP addresses
2. The volume is preserved
3. The Elastic IP remains associated with the instance
4. The instance may run on a anew host computer