Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : A user runs the command "dd if=/dev/zero of=/dev/xvdfbs=M" on a fresh blank EBS volume attached to a Linux instance. Which of the below
mentioned activities is the user performing with the command given above?
: A user runs the command
1. Creating a file system on the EBS volume
2. Mounting the device to the instance
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Formatting the EBS volume

Correct Answer : Get Lastest Questions and Answer :

When the user creates a new EBS volume and is trying to access it for the first time it will encounter reduced IOPS due to wiping or initiating of the
block storage. To avoid this as well as achieve the best performance it is required to pre warm the EBS volume. For a blank volume attached with
a Linux OS, the "dd" command is used to write to all the blocks on the device. In the command "dd if=/dev/zero of=/dev/xvdfbs=1M" the parameter
"if =import file" should be set to one of the Linux virtual devices, such as /dev/zero. The "of=output file" parameter should be set to the drive that
the user wishes to warm. The "bs" parameter sets the block size of the write operation; for optimal performance, this should be set to 1 MB.






Question : A user has created an Auto Scaling group using CLI. The user wants to enable CloudWatch detailed
monitoring for that group. How can the user configure this?

: A user has created an Auto Scaling group using CLI. The user wants to enable CloudWatch detailed
1. When the user sets an alarm on the Auto Scaling group, it automatically enables detail monitoring
2. By default detailed monitoring is enabled for Auto Scaling
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Enable detail monitoring from the AWS console

Correct Answer : Get Lastest Questions and Answer :

Explanation: CloudWatch is used to monitor AWS as well as the custom services. It provides either basic or detailed
monitoring for the supported AWS products. In basic monitoring, a service sends data points to CloudWatch every five minutes, while in detailed
monitoring a service sends data points to CloudWatch every minute. To enable detailed instance monitoring for a new Auto Scaling group, the
user does not need to take any extra steps. When the user creates an Auto Scaling launch config as the first step for creating an Auto Scaling
group, each launch configuration contains a flag named
InstanceMonitoring.Enabled. The default value of this flag is true. Thus, the user does not need to set this flag if he wants detailed monitoring.






Question : A user has created a VPC with a public subnet. The user has terminated all the instances which are part of the subnet. Which of the below
mentioned statements is true with respect to this scenario?
: A user has created a VPC with a public subnet. The user has terminated all the instances which are part of the subnet. Which of the below
1. The user cannot delete the VPC since the subnet is not deleted
2. All network interface attached with the instances will be deleted
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The subnet to which the instances were launched with will be deleted


Correct Answer : Get Lastest Questions and Answer :

Explanation: A Virtual Private Cloud VPC is a virtual network dedicated to the user's AWS account. A user can create a subnet with VPC and launch instances
inside that subnet. When an instance is launched it will have a network interface attached with it. The user cannot delete the subnet until he
terminates the instance and deletes the network interface. When the user terminates the instance all the network interfaces attached with it are also deleted.



Related Questions

Question : An application that you are managing has EC instances and Dynamo OB tables deployed to
several AWS Regions In order to monitor the performance of the application globally, you would
like to see two graphs 1) Avg CPU Utilization across all EC2 instances and 2) Number of Throttled
Requests for all DynamoDB tables.
How can you accomplish this?
 : An application that you are managing has EC instances and Dynamo OB tables deployed to
1. Tag your resources with the application name, and select the tag name as the dimension in the Cloudwatch Management console to view the respective graphs
2. Use the Cloud Watch CLI tools to pull the respective metrics from each regional endpoint Aggregate the data offline and store it for graphing in CloudWatch.
3. Access Mostly Uused Products by 50000+ Subscribers
Cloud Watch for graphing.
4. Add a CloudWatch agent to each instance and attach one to each DynamoDB table. When configuring the agent set the appropriate application name and view the graphs
in CloudWatch.




Question : When assessing an organizations use of AWS API access credentials which of the following three credentials should be evaluated?
Choose 3 answers
A. Key pairs
B. Console passwords
C. Access keys
D. Signing certificates
E. Security Group memberships
 : When assessing an organizations use of AWS API access credentials which of the following three credentials should be evaluated?
1. A,C,D
2. B,C,D
 3. Access Mostly Uused Products by 50000+ Subscribers
4. A,B,D
5. B,C,E



Question : You have a Linux EC web server instance running inside a VPC. The instance is in a public subnet and has an EIP associated with it so you can connect to it over the
internet via HTTP or SSH. The instance was also fully accessible when you last logged in via SSH. and was also serving web requests on port 80.
Now you are not able to SSH into the host nor does it respond to web requests on port 80 that were working fine last time you checked. You have double-checked that all networking
configuration parameters (security groups route tables. IGW , EIP, NACLs etc) are properly configured and you haven't made any changes to those anyway since you were last able to
reach the Instance). You look at the EC2 console and notice that system status check shows "impaired." Which should be your next step in troubleshooting and attempting to get the
instance back to a healthy state so that you can log in again?
 : You have a Linux EC web server instance running inside a VPC. The instance is in a public subnet and has an EIP associated with it so you can connect to it over the
1. Stop and start the instance so that it will be able to be redeployed on a healthy host system that most likely will fix the "impaired" system status
2. Reboot your instance so that the operating system will have a chance to boot in a clean healthy state that most likely will fix the 'impaired" system status
 3. Access Mostly Uused Products by 50000+ Subscribers
"impaired" system status.
4. Add another Elastic Network Interface to the instance and try to connect via that new path since the networking stack of the OS may be locked up causing the
"impaired" system status
5. un-map and then re-map the EIP to the instance, since the IGW/NAT gateway may not be working properly, causing the "impaired" system status



Question : What is a placement group?
 : What is a placement group?
1. A collection of Auto Scaling groups in the same Region
2. Feature that enables EC2 instances to interact with each other via high bandwidth, low latency connections
 3. Access Mostly Uused Products by 50000+ Subscribers
4. A collection of authorized Cloud Front edge locations for a distribution


Question : Your entire AWS infrastructure lives inside of one Amazon VPC You have an infrastructure
monitoring application running on an Amazon instance in Availability Zone (AZ) A of the region,
and another application instance running in AZ B. The monitoring application needs to make use
of ICMP ping to confirm network reachability of the instance hosting the application.
Can you configure the security groups for these instances to only allow the ICMP ping to pass
from the monitoringinstance to the application instance and nothing else, If so how?
 : Your entire AWS infrastructure lives inside of one Amazon VPC You have an infrastructure
1. No Two instances in two different AZ's can't talk directly to each other via ICMP ping as that
protocol is not allowed across subnet (iebroadcast) boundaries
2. Yes Both the monitoring instance and the application instance have to be a part of the same
security group, and that security group needs to allow inbound ICMP
 3. Access Mostly Uused Products by 50000+ Subscribers
application instance's security group needs to allow Inbound ICMP.
4. Yes, Both the monitoring instance's security group and the application instance's security group
need to allow both inbound and outbound ICMP ping packets since ICMP is not a connection oriented protocol



Question : You have two Elastic Compute Cloud (EC) instances inside a Virtual Private Cloud (VPC) in the
same Availability Zone (AZ) but in different subnets.One instance is running a database and the
other instance an application that will interface with the database. You want to confirm that they
can talk to each other for your application to work properly.
Which two things do we need to confirm in the VPC settings so that these EC2 instances can
communicate inside the VPC?

Choose 2 answers
A. A network ACL that allows communication between the two subnets.
B. Both instances are the same instance class and using the same Key-pair.
C. That the default route is set to a NAT instance or internet Gateway (IGW) for them to communicate.
D. Security groups are set to allow the application host to talk to the database on the right port/protocol.

 : You have two Elastic Compute Cloud (EC) instances inside a Virtual Private Cloud (VPC) in the
1. A,B
2. A,D
 3. Access Mostly Uused Products by 50000+ Subscribers
4. C,D