Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : A user has created a VPC with public and private subnets using the VPC wizard. The VPC has CIDR
20.0.0.0/16. The private subnet uses CIDR 20.0.0.0/24 . The NAT instance ID is i-a12345. Which of the below mentioned entries are required in
the main route table attached with the private subnet to allow instances to connect with the internet?
: A user has created a VPC with public and private subnets using the VPC wizard. The VPC has CIDR
1. Destination: 0.0.0.0/0 and Target: i-a12345
2. Destination: 20.0.0.0/0 and Target: 80
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Destination: 20.0.0.0/24 and Target: i-a12345


Correct Answer : Get Lastest Questions and Answer :

Exp: A user can create a subnet with VPC and launch instances inside that subnet. If the user has created a public private subnet, the instances in the
public subnet can receive inbound traffic directly from the Internet, whereas the instances in the private subnet cannot. If these subnets are
created with Wizard, AWS will create two route tables and attach to the subnets. The main route table will have the entry "Destination: 0.0.0.0/0
and Target: ia12345", which allows all the instances in the private subnet to connect to the internet using NAT.






Question : A root account owner has given full access of his S bucket to one of the IAM users using the bucket ACL. When the IAM user logs in to the S
console, which actions can he perform?

: A root account owner has given full access of his S bucket to one of the IAM users using the bucket ACL. When the IAM user logs in to the S
1. As he is not an owner, he can not delete the object from bucket.
2. He can do all the operations on the bucket
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The IAM user can perform all operations on the bucket using only API/SDK


Correct Answer : Get Lastest Questions and Answer :
Exp: Each AWS S3 bucket and object has an ACL (Access Control List. associated with it. An ACL is a list of grants identifying the grantee and the
permission granted. The user can use ACLs to grant basic read/write permissions to other AWS accounts. ACLs use an Amazon S3-specific XML
schema. The user cannot grant permissions to other users IAM users. in his account.

When using ACLs, a grantee can be an AWS account or one of the predefined Amazon S3 groups. However, the grantee cannot be an IAM user.






Question : An organization has configured Auto Scaling with ELB. There is a memory issue in the application which is causing CPU utilization to go above
90%. The higher CPU usage triggers an event for Auto Scaling as per the scaling policy. If the user wants to find the root cause inside the
application without triggering a scaling activity, how can he achieve this?
: An organization has configured Auto Scaling with ELB. There is a memory issue in the application which is causing CPU utilization to go above
1. Stop the scaling process until research is completed
2. It is not possible to find the root cause from that instance without triggering scaling
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Suspend the scaling process until research is completed

Correct Answer : Get Lastest Questions and Answer :

Exp: : Auto Scaling allows the user to suspend and then resume one or more of the Auto Scaling processes in the Auto Scaling group. This is very useful
when the user wants to investigate a configuration problem or some other issue, such as a memory leak with the web application and then make
changes to the application, without triggering the Auto Scaling process.



Related Questions

Question : A user runs the command "dd if=/dev/xvdf of=/dev/null bs=M" on an EBS volume created from a snapshot and attached to a Linux instance.
Which of the below mentioned activities is the user performing with the step given above?

 : A user runs the command
1. Pre warming the EBS volume
2. Initiating the device to mount on the EBS volume
3. Access Mostly Uused Products by 50000+ Subscribers
4. Copying the data from a snapshot to the device

Ans : 1

Exp : When the user creates an EBS volume and is trying to access it for the first time it will encounter reduced IOPS due to wiping or initiating of the
block storage. To avoid this as well as achieve the best performance it is required to pre warm the EBS volume. For a volume created from a
snapshot and attached with a Linux OS, the "dd" command pre warms the existing data on EBS and any restored snapshots of volumes that have
been previously fully pre warmed. This command maintains incremental snapshots; however, because this operation is read-only, it does not pre
warm unused space that has never been written to on the original volume. In the command "dd if=/dev/xvdf of=/dev/null bs=1M" , the parameter
"if=input file" should be set to the drive that the user wishes to warm. The "of=output file" parameter should be set to the Linux null virtual device,
/dev/null. The "bs" parameter sets the block size of the read operation; for optimal performance, this should be set to 1 MB.







Question : An organization has created IAM users. The organization wants to give them the same login ID but different passwords. How can the
organization achieve this?
: A user runs the command
1. The organization should create a separate login ID but give the IAM users the same alias so that each one can login with their alias
2. The organization should create each user in a separate region so that they have their own URL to login
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The organization should create various groups and add each user with the same login ID to different groups. The user can login with their own group ID
Ans: 3
Exp : AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS
services. Whenever the organization is creating an IAM user, there should be a unique ID for each user. It is not possible to have the same login
ID for multiple users. The names of users,groups, roles, instance profiles must be alphanumeric, including the following common characters: plus
(+., equal (=., comma (,., period (.., at (@., and dash (-..



Question : A user is planning to evaluate AWS for their internal use. The user does not want to incur any charge on his account during the evaluation. Which
of the below mentioned AWS services would incur a charge if used?

: A user runs the command
1. AWS S3 with 1 GB of storage
2. AWS micro instance running 24 hours daily
 3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS PIOPS volume of 10 GB size

Ans : 4
Exp : AWS is introducing a free usage tier for one year to help the new AWS customers get started in Cloud. The free tier can be used for anything that
the user wants to run in the Cloud. AWS offers a handful of AWS services as a part of this which includes 750 hours of free micro instances and
750 hours of ELB. It includes the AWS S3 of 5 GB and AWS EBS general purpose volume upto 30 GB. PIOPS is not part of free usage tier.



Question : A user has developed an application which is required to send the data to a NoSQL database. The user wants to decouple the data sending such
that the application keeps processing and sending data but does not wait for an acknowledgement of DB. Which of the below mentioned
applications helps in this scenario?
: A user runs the command
1. AWS Simple Notification Service
2. AWS Simple Workflow
 3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS Simple Query Service
Ans : 3

Exp : Amazon Simple Queue Service (SQS. is a fast, reliable, scalable, and fully managed message queuing service. SQS provides a simple and
cost-effective way to decouple the components of an application. In this case, the user can use AWS SQS to send messages which are received
from an application and sent to DB. The application can continue processing data without waiting for any acknowledgement from DB. The user
can use SQS to transmit any volume of data without losing messages or requiring other services to always be available.


Question : A root AWS account owner is trying to understand various options to set the permission to AWS S. Which of the below mentioned options is not
the right option to grant permission for S3?
: A user runs the command
1. User Access Policy
2. S3 Object Access Policy
 3. Access Mostly Uused Products by 50000+ Subscribers
4. S3 ACL
Ans : 2
Exp : Amazon S3 provides a set of operations to work with the Amazon S3 resources. Managing S3 resource access refers to granting others
permissions to work with S3. There are three ways the root account owner can define access with S3:
S3 ACL: The user can use ACLs to grant basic read/write permissions to other AWS accounts. S3 Bucket Policy: The policy is used to grant other
AWS accounts or IAM users permissions for the bucket and the objects in it.
User Access Policy: Define an IAM user and assign him the IAM policy which grants him access to S3.



Question : A sys admin has created a shopping cart application and hosted it on EC. The EC instances are running behind ELB. The admin wants to
ensure that the end user request will always go to the EC2 instance where the user session has been created. How can the admin configure this?
: A user runs the command
1. Enable ELB cross zone load balancing
2. Enable ELB cookie setup
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Enable ELB connection draining

Ans : 3
Exp : Generally AWS ELB routes each request to a zone with the minimum load. The Elastic Load Balancer provides a feature called sticky session
which binds the user's session with a specific EC2 instance. If the sticky session is enabled the first request from the user will be redirected to any
of the EC2 instances. But, henceforth, all requests from the same user will be redirected to the same EC2 instance. This ensures that all requests
coming from the user during the session will be sent to the same application instance.




Question : A user has configured ELB with three instances. The user wants to achieve High Availability as well as
redundancy with ELB. Which of the below mentioned AWS services helps the user achieve this for ELB?
: A user runs the command
1. Route 53
2. AWS Mechanical Turk
 3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS EMR
Ans : 1
Exp : The user can provide high availability and redundancy for applications running behind Elastic Load Balancer by enabling the Amazon Route 53
Domain Name System (DNS. failover for the load balancers. Amazon Route 53 is a DNS service that provides reliable routing to the user's
infrastructure.



Question : An organization is using AWS since a few months. The finance team wants to visualize the pattern of AWS spending. Which of the below AWS
tool will help for this requirement?

: A user runs the command
1. AWS Cost Manager
2. AWS Cost Explorer
 3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS Consolidated Billing
Ans : 2
Exp : The AWS Billing and Cost Management console includes the Cost Explorer tool for viewing AWS cost data as a graph. It does not charge extra to
user for this service. With Cost Explorer the user can filter graphs using resource tags or with services in AWS. If the organization is using
Consolidated Billing it helps generate report based on linked accounts. This will help organization to identify areas that require further inquiry. The
organization can view trends and use that to understand spend and to predict future costs.




Question : A user has launched an ELB which has instances registered with it. The user deletes the ELB by mistake. What will happen to the instances?
: A user runs the command
1. ELB will ask the user whether to delete the instances or not
2. Instances will be terminated
3. Access Mostly Uused Products by 50000+ Subscribers
4. Instances will keep running
Ans : 4
Exp : When the user deletes the Elastic Load Balancer, all the registered instances will be deregistered. However, they will continue to run. The user will
incur charges if he does not take any action on those instances.



Question : A user is planning to setup notifications on the RDS DB for a snapshot. Which of the below mentioned event categories is not supported by RDS
for this snapshot source type?
: A user runs the command
1. Backup
2. Creation
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Restoration
Ans : 1
Exp : Amazon RDS uses the Amazon Simple Notification Service to provide a notification when an Amazon RDS event occurs. Event categories for a
snapshot source type include: Creation, Deletion, and Restoration. The Backup is a part of DB instance source type.




Question : A customer is using AWS for Dev and Test. The customer wants to setup the Dev environment with
Cloudformation. Which of the below mentioned steps are not required while using Cloudformation?

: A user runs the command
1. Create a stack
2. Configure a service
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Provide the parameters configured as part of the template
Ans : 2
Exp : AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and
related activities. AWS CloudFormation introduces two concepts: the template and the stack. The template is a JSON-format, text-based file that
describes all the AWS resources required to deploy and run an application. The stack is a collection of AWS resources which are created and
managed as a single unit when AWS CloudFormation instantiates a template. While creating a stack, the user uploads the template and provides
the data for the parameters if required.



Question : A user has configured the AWS CloudWatch alarm for estimated usage charges in the US East region. Which of the below mentioned statements
is not true with respect to the estimated charges?

: A user runs the command
1. It will store the estimated charges data of the last 14 days
2. It will include the estimated charges of every AWS service
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The metric data will show data specific to that region


Question : A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB. During a planned outage how
will AWS ensure that a switch from DB to a standby replica will not affect access to the application?

 : A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB. During a planned outage how
1. RDS will have an internal IP which will redirect all requests to the new DB
2. RDS uses DNS to switch over to stand by replica for seamless transition
 3. Access Mostly Uused Products by 50000+ Subscribers
4. RDS will have both the DBs running independently and the user has to manually switch over
Ans : 2
Exp : In the event of a planned or unplanned outage of a DB instance, Amazon RDS automatically switches to a standby replica in another Availability
Zone if the user has enabled Multi AZ. The automatic failover mechanism simply changes the DNS record of the DB instance to point to the
standby DB instance. As a result, the user will need to re-establish any existing connections to the DB instance. However, as the DNS is the same,
the application can access DB seamlessly.




Question : An organization is generating digital policy files which are required by the admins for verification. Once the files are verified they may not be
required in the future unless there is some compliance issue. If the organization wants to save them in a cost effective way, which is the best
possible solution?

: A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB. During a planned outage how
1. AWS RRS
2. AWS S3
 3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS Glacier

Ans : 4
Exp : Amazon S3 stores objects according to their storage class. There are three major storage classes:
Standard, Reduced Redundancy and Glacier. Standard is for AWS S3 and provides very high durability. However, the costs are a little higher.
Reduced redundancy is for less critical files. Glacier is for archival and the files which are accessed infrequently. It is an extremely low-cost
storage service that provides secure and durable storage for data archiving and backup.



Question : A user has launched an EBS backed instance. The user started the instance at AM in the morning. Between AM to AM, the user is testing
some script. Thus, he stopped the instance twice and restarted it. In the same hour the user rebooted the instance once. For how many instance
hours will AWS charge the user?
: A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB. During a planned outage how
1. 3 hours
2. 4 hours
 3. Access Mostly Uused Products by 50000+ Subscribers
4. 1 hour
Ans : 1
Exp : A user can stop/start or reboot an EC2 instance using the AWS console, the Amazon EC2 CLI or the Amazon EC2 API. Rebooting an instance is
equivalent to rebooting an operating system. When the instance is rebooted AWS will not charge the user for the extra hours. In case the user
stops the instance, AWS does not charge the running cost but charges only the EBS storage cost. If the user starts and stops the instance multiple
times in a single hour, AWS will charge the user for every start and stop. In this case, since the instance was rebooted twice, it will cost the user
for 3 instance hours.






Question : A user has a weighing plant. The user measures the weight of some goods every minutes and sends data to AWS CloudWatch for monitoring
and tracking. Which of the below mentioned parameters is mandatory for the user to include in the request list?
: A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB. During a planned outage how
1. Value
2. Namespace
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Timezone




Question : An organization has configured Auto Scaling for hosting their application. The system admin wants to
understand the Auto Scaling health check process. If the instance is unhealthy, Auto Scaling launches an
instance and terminates the unhealthy instance. What is the order execution?
 : An organization has configured Auto Scaling for hosting their application. The system admin wants to
1. Auto Scaling launches a new instance first and then terminates the unhealthy instance
2. Auto Scaling performs the launch and terminate processes in a random order
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Auto Scaling terminates the instance first and then launches a new instance



Question : A user is trying to connect to a running EC instance using SSH. However, the user gets an Unprotected
Private Key File error. Which of the below mentioned options can be a possible reason for rejection?

 : A user is trying to connect to a running EC instance using SSH. However, the user gets an Unprotected
1. The private key file has the wrong file permission
2. The ppk file used for SSH is read only
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The user has provided the wrong user name for the OS login



Question : A user has provisioned IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of
the below mentioned options does not affect the IOPS of the volume?
 : A user has provisioned IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of
1. The application does not have enough IO for the volume
2. The instance is EBS optimized
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The volume size is too large


Question : A storage admin wants to encrypt all the objects stored in S using server side encryption. The user does not want to use the AES encryption
key provided by S3. How can the user achieve this?
 : A storage admin wants to encrypt all the objects stored in S using server side encryption. The user does not want to use the AES encryption
1. The admin should upload his secret key to the AWS console and let S3 decrypt the objects
2. The admin should use CLI or API to upload the encryption key to the S3 bucket. When making a call
to the S3 API mention the encryption key URL in each request
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The admin should send the keys and encryption algorithm with each API call