AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)

Question : A user has granted read/write permission of his S bucket using ACL. Which of the below mentioned options is a valid ID to grant permission to
other AWS accounts grantee. using ACL?

1. IAM User ID
2. S3 Secure ID
3. Access Mostly Uused Products by 50000+ Subscribers
4. Canonical user ID


Correct Answer : Get Lastest Questions and Answer :

Explanation: An S3 bucket ACL grantee can be an AWS account or one of the predefined Amazon S3 groups. The user can grant permission to an AWS
account by the email address of that account or by the canonical user ID. If the user provides an email in the grant request, Amazon S3 finds the
canonical user ID for that account and adds it to the ACL. The resulting ACL will always contain the canonical user ID for the AWS account, and
not the AWS account's email address.





Question : A user has configured an ELB to distribute the traffic among multiple instances. The user instances are facing some issues due to the back-end
servers. Which of the below mentioned CloudWatch metrics helps the user understand the issue with the instances?

1. HTTPCode_Backend_3XX
2. HTTPCode_Backend_4XX
3. Access Mostly Uused Products by 50000+ Subscribers
4. HTTPCode_Backend_5XX




Correct Answer : Get Lastest Questions and Answer :
CloudWatch is used to monitor AWS as well as the custom services. For ELB, CloudWatch provides various metrics including error code by ELB
as well as by back-end servers instances. It gives data for the count of the number of HTTP response codes generated by the back-end
instances. This metric does not include any response codes generated by the load balancer.
These metrics are:
The 2XX class status codes represents successful actions The 3XX class status code indicates that the user agent requires action The 4XX class
status code represents client errors
The 5XX class status code represents back-end server errors






Question : A user has launched an EC instance store backed instance in the US-East-a zone. The user created AMI # and copied it to the Europe region.
After that, the user made a few updates to the application running in the US-East-1a zone. The user makes an AMI#2 after the changes. If the
user launches a new instance in Europe from the AMI #1 copy, which of the below mentioned statements is true?

1. The new instance will have the changes made after the AMI copy as AWS just copies the reference of
the original AMI during the copying. Thus, the copied AMI will have all the updated data
2. The new instance will have the changes made after the AMI copy since AWS keeps updating the AMI
3. Access Mostly Uused Products by 50000+ Subscribers
4. The new instance in the EU region will not have the changes made after the AMI copy

Correct Answer : Get Lastest Questions and Answer :

Explanation: Within EC2, when the user copies an AMI, the new AMI is fully independent of the source AMI; there is no link to the original (source. AMI. The
user can modify the source AMI without affecting the new AMI and vice a versa. Therefore, in this case even if the source AMI is modified, the
copied AMI of the EU region will not have the changes. Thus, after copy the user needs to copy the new source AMI to the destination region to
get those changes.

Related Questions

---

Question : Which of the following are characteristics of Amazon VPC subnets?

Choose 2 answers
A. Each subnet maps to a single Availability Zone
B. A CIDR block mask of /25 is the smallest range supported
C. Instances in a private subnet can communicate with the internet only if they have an Elastic IP.
D. By default, all subnets can route between each other, whether they are private or public
E. Each subnet spans at least 2 Availability zones to provide a high-availability environment



1. A,B
2. A,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. C,E
5. A,E



Question : When an EC instance that is backed by an S-based AMI Is terminated, what happens to the data on the root volume?

1. Data is automatically saved as an EBS volume.
2. Data is automatically saved as an EBS snapshot.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Data is unavailable until the instance is restarted



Question : You are creating an Auto Scaling group whose Instances need to insert a custom metric into CloudWatch.
Which method would be the best way to authenticate your CloudWatch PUT request?

1. Create an IAM role with the PutMetricData permission and modify the Auto Scaling launch configuration to launch instances in that role
2. Create an IAM user with the PutMetricData permission and modify the Auto Scaling launch configuration to inject the userscredentials into the instance User Data
3. Access Mostly Uused Products by 50000+ Subscribers
4. Create an IAM user with the PutMetricData permission and put the credentials in a private repository and have applications on the server pull the credentials as needed


Question : You have a web application leveraging an Elastic Load Balancer (ELB) In front of the web servers
deployed using an Auto Scaling Group Your database is running on Relational Database Service
(RDS) The application serves out technical articles and responses to them in general there are
more views of an article than there are responses to the article. On occasion, an article on the site
becomes extremely popular resulting in significant traffic Increases that causes the site to go
down.
What could you do to help alleviate the pressure on the infrastructure while maintaining availability
during these events?
Choose 3 answers

A. Leverage CloudFront for the delivery of the articles.
B. Add RDS read-replicas for the read traffic going to your relational database
C. Leverage ElastiCache for caching the most frequently used data.
D. Use SQS to queue up the requests for the technical posts and deliver them out of the queue.
E. Use Route53 health checks to fail over to an S3 bucket for an error page.


1. A,B,C
2. B,C,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. A,B,D
5. B,C,E


Question : The majority of your Infrastructure is on premises and you have a small footprint on AWS. Your company has decided to roll out a new application that is heavily
dependent on low latency connectivity to LDAP for authentication Your security policy requires minimal changes to the company's existing application user management processes.
What option would you implement to successfully launch this application1?

1. Create a second, independent LDAP server in AWS for your application to use for authentication
2. Establish a VPN connection so your applications can authenticate against your existing on-premises LDAP servers
3. Access Mostly Uused Products by 50000+ Subscribers
4. Create a second LDAP domain on AWS establish a VPN connection to establish a trust relationship between your new and existing domains and use the new domain for authentication




Question : You need to design a VPC for a web-application consisting of an Elastic Load Balancer (ELB). a fleet of web/application servers, and an RDS database The entire
Infrastructure must be distributed over 2 availability zones. Which VPC configuration works while assuring the database is not available from the Internet?

1. One public subnet for ELB one public subnet for the web-servers, and one private subnet for the database
2. One public subnet for ELB two private subnets for the web-servers, two private subnets for RDS
3. Access Mostly Uused Products by 50000+ Subscribers
4. Two public subnets for ELB two public subnets for the web-servers, and two public subnets for RDS