AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)
Question : An organization Account ID . has attached the below mentioned IAM policy to a user. What does this policy statement entitle the
user to perform?
{
"Version": "2012-10-17",
"Statement": [{
"Sid": "AllowUsersAllActionsForCredentials",
"Effect": "Allow",
"Action": [
"iam:*LoginProfile",
"iam:*AccessKey*",
"iam:*SigningCertificate*"
],
"Resource": ["arn:aws:iam:: 123412341234:user/${aws:username}"]
}]
}
1. The policy allows the IAM user to modify all IAM user's credentials using the console, SDK, CLI or APIs
2. The policy will give an invalid resource error
3. Access Mostly Uused Products by 50000+ Subscribers
4. The policy allows the user to modify all IAM user's password, sign in certificates and access keys
using only CLI, SDK or APIs
Correct Answer : Get Lastest Questions and Answer :
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS
services. If the organization Account ID 123412341234. wants some of their users to manage credentials access keys, password, and sing in
certificates of all IAM users, they should set an applicable policy to that user or group of users. The below mentioned policy allows the IAM user to
modify the credentials of all IAM user's using only CLI, SDK or APIs. The user cannot use the AWS console for this activity since he does not have list permission for the IAM users.
{
"Version": "2012-10-17",
"Statement": [{
"Sid": "AllowUsersAllActionsForCredentials",
"Effect": "Allow"
"Action": [
"iam:*LoginProfile",
"iam:*AccessKey*",
"iam:*SigningCertificate*"
],
"Resource": ["arn:aws:iam::123412341234:user/${aws:username}"] }]
}
Question : . A sys admin is trying to understand the sticky session algorithm. Please select the correct sequence of steps, both when the cookie is present and
when it is not, to help the admin understand the implementation of the sticky session:
1. ELB inserts the cookie in the response
2. ELB chooses the instance based on the load balancing algorithm
3. Access Mostly Uused Products by 50000+ Subscribers
4. The cookie is found in the request
5. The cookie is not found in the request
1. 3,1,4,2 [Cookie is not Present] & 3,1,5,2 [Cookie is Present]
2. 3,4,1,2 [Cookie is not Present] & 3,5,1,2 [Cookie is Present]
3. Access Mostly Uused Products by 50000+ Subscribers
4. 3,2,5,4 [Cookie is not Present] & 3,2,4,5 [Cookie is Present]
Correct Answer : Get Lastest Questions and Answer :
Explanation: Generally AWS ELB routes each request to a zone with the minimum load. The Elastic Load Balancer provides a feature called sticky session
which binds the user's session with a specific EC2 instance. The load balancer uses a special load-balancer-generated cookie to track the
application instance for each request. When the load balancer receives a request, it first checks to see if this cookie is present in the request. If so,
the request is sent to the application instance specified in the cookie. If there is no cookie, the load balancer chooses an application instance
based on the existing load balancing algorithm. A cookie is inserted into the response for binding subsequent requests from the same user to that
application instance.
Question :
A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. Which of the below
mentioned SSL protocols is not supported by the security policy?
1. TLS 1.3
2. TLS 1.2
3. Access Mostly Uused Products by 50000+ Subscribers
4. SSL 3.0
Correct Answer : Get Lastest Questions and Answer :
Elastic Load Balancing uses a Secure Socket Layer : SSL negotiation configuration which is known as a
Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. Elastic Load Balancing supports the following
versions of the SSL protocol:
TLS 1.2
TLS 1.1
TLS 1.0
SSL 3.0
SSL 2.0
Related Questions
Question : You run a web application where web servers on EC instances are in an Auto Scaling group Monitoring over the last months shows that web servers are necessary to
handle the minimum load. During the day up to 12 servers are needed. Five to six days per year, the number of web servers required might go up to 15.
What would you recommend to minimize costs while being able to provide high availability?
1. 6 Reserved instances (heavy utilization). 6 Reserved instances {medium utilization), rest covered by On-Demand instances
2. 6 Reserved instances (heavy utilization). 6 On-Demand instances, rest covered by Spot Instances
3. Access Mostly Uused Products by 50000+ Subscribers
4. 6 Reserved instances (heavy utilization) 6 Reserved instances (medium utilization) rest covered by Spot instances
Question : You have been asked to propose a multi-region deployment of a web-facing application where a controlled portion of your traffic is being processed by an alternate
region. Which configuration would achieve that goal?
1. Route53 record sets with weighted routing policy
2. Route53 record sets with latency based routing policy
3. Access Mostly Uused Products by 50000+ Subscribers
4. Elastic Load Balancing with health checks enabled
Question : You have set up Individual AWS accounts for each project. You have been asked to make sure your AWS Infrastructure costs do not exceed the budget set per project for
each month. Which of the following approaches can help ensure that you do not exceed the budget each month?
1. Consolidate your accounts so you have a single bill for all accounts and projects
2. Set up auto scaling with CloudWatch alarms using SNS to notify you when you are running too
many Instances in a given account
3. Access Mostly Uused Products by 50000+ Subscribers
occurring when the amount for each resource tagged to a particular project matches the budget
allocated to the project.
4. Set up CloudWatch billing alerts for all AWS resources used by each account, with email notifications when it hits 50%. 80% and 90% of its budgeted monthly spend
Question : When creation of an EBS snapshot, which is initiated but not completed the EBS volume?
1. Cannot De detached or attached to an EC2 instance until me snapshot completes
2. Can be used in read-only mode while the snapshot is in progress
3. Access Mostly Uused Products by 50000+ Subscribers
4. Cannot be used until the snapshot completes
Question : You are using ElastiCache Memcached to store session state and cache database queries in your
infrastructure. You notice in Cloud Watch that Evictions and GetMisses are both very high.
What two actions could you take to rectify this?
Choose 2 answers
A. Increase the number of nodes in your cluster
B. Tweak the max-item-size parameter
C. Shrink the number of nodes in your cluster
D. Increase the size of the nodes in the duster
1. A,B
2. A,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. C,D
5. A,C
Question : You are running a database on an EC instance, with the data stored on Elastic Block Store (EBS) for persistence. At times throughout the day, you are seeing large
variance in the response times of the database queries. Looking into the instance with the isolate command you see a lot of wait time on the disk volume that the database's data is
stored on. What two ways can you improve the performance of the database's storage while maintaining the current persistence of the data?
Choose 2 answers
A. Move to an SSD backed instance
B. Move the database to an EBS-Optimized Instance
C. Use Provisioned IOPs EBS
D. Use the ephemeral storage on an m2 4xiarge Instance Instead
1. A,B
2. A,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. C,D
5. A,C