Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : The CFO of a company wants to allow one of his employees to view only the AWS usage report page. Which of the below mentioned IAM policy
statements allows the user to have access to the AWS usage report page?

: The CFO of a company wants to allow one of his employees to view only the AWS usage report page. Which of the below mentioned IAM policy
1. "Effect": "Allow", "Action": ["Describe"], "Resource": "Billing"
2. "Effect": "Allow", "Action": ["AccountUsage], "Resource": "*"
 3. Access Mostly Uused Products by 50000+ Subscribers
4. "Effect": "Allow", "Action": ["aws-portal: ViewBilling"], "Resource": "*"

Correct Answer : Get Lastest Questions and Answer :


Explanation: AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS
services. If the CFO wants to allow only AWS usage report page access, the policy for that IAM user will be as given below:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"aws-portal:ViewUsage"
],
"Resource": "*"
}
]
}





Question : An organization has created IAM users. The organization wants each of the IAM users to have access to a separate DyanmoDB table. All the
users are added to the same group and the organization wants to setup a group level policy for this. How can the organization achieve this?

: An organization has created IAM users. The organization wants each of the IAM users to have access to a separate DyanmoDB table. All the
1. Define the group policy and add a condition which allows the access based on the IAM name
2. Create a DynamoDB table with the same name as the IAM user name and define the policy rule which grants access based on the DynamoDB ARN using a variable
 3. Access Mostly Uused Products by 50000+ Subscribers
4. It is not possible to have a group level policy which allows different IAM users to different DynamoDB Tables




Correct Answer : Get Lastest Questions and Answer :


Explanation:AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS
services. AWS DynamoDB has only tables and the organization cannot makeseparate databases. The organization should create a table with the
same name as the IAM user name and use the ARN of DynamoDB as part of the group policy.
The sample policy is shown below:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["dynamodb:*"],
"Resource": "arn:aws:dynamodb:region:account-number-without-hyphens:table/${aws:username}" }
]
}






Question : A user has configured an HTTPS listener on an ELB. The user has not configured any security policy which can help to negotiate SSL between
the client and ELB. What will ELB do in this scenario?

: A user has configured an HTTPS listener on an ELB. The user has not configured any security policy which can help to negotiate SSL between
1. By default ELB will select the first version of the security policy
2. By default ELB will select the latest version of the policy
 3. Access Mostly Uused Products by 50000+ Subscribers
4. It is not required to have a security policy since SSL is already installed


Correct Answer : Get Lastest Questions and Answer :
Elastic Load Balancing uses a Secure Socket Layer SSL negotiation configuration which is known as a
Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. If the user has created an HTTPS/SSL listener
without associating any security policy, Elastic Load Balancing will, bydefault, associate the latest version of the ELBSecurityPolicy-YYYY-MM
with the load balancer.




Related Questions

Question : A user has deployed an application on an EBS backed EC instance. For a better performance of application, it requires dedicated EC to EBS
traffic. How can the user achieve this?
 : A user has deployed an application on an EBS backed EC instance. For a better performance of application, it requires dedicated EC to EBS
1. Launch the EC2 instance as EBS dedicated with PIOPS EBS
2. Launch the EC2 instance as EBS enhanced with PIOPS EBS
3. Launch the EC2 instance as EBS provisioned with PIOPS EBS
4. Launch the EC2 instance as EBS optimized with PIOPS EBS



Question : A user has launched a Windows based EC instance. However, the instance has some issues and the user wants to check the log. When the user
checks the Instance console output from the AWS console, what will it display?
 : A user has launched a Windows based EC instance. However, the instance has some issues and the user wants to check the log. When the user
1. All the event logs since instance boot
2. The last 10 system event log error
3. The Windows instance does not support the console output
4. The last three system events' log errors



Question : A user has launched an EBS backed instance with EC-Classic. The user stops and starts the instance.
Which of the below mentioned statements is not true with respect to the stop/start action?
 : A user has launched an EBS backed instance with EC-Classic. The user stops and starts the instance.
1. The instance gets new private and public IP addresses
2. The volume is preserved
3. The Elastic IP remains associated with the instance
4. The instance may run on a anew host computer




Question : QuickTechie Admin launched an RDS postgreSQL DB with AWS. The user did not specify the maintenance window during creation. The user has
configured RDS to update the DB instance type from micro to large. If the user wants to have it during the maintenance window, what will AWS
do?
 : QuickTechie Admin launched an RDS postgreSQL DB with AWS. The user did not specify the maintenance window during creation. The user has
1. AWS will not allow to update the DB until the maintenance window is configured
2. AWS will select the default maintenance window if the user has not provided it
3. AWS will ask the user to specify the maintenance window during the update
4. It is not possible to change the DB size from micro to large with RDS





Question : Acmeshell Inc's Sysadmin has created a subnet in VPC and launched an EC instance within it.Admin has not selected the option to assign
the IP address while launching the instance. The user has 3 elastic IPs and is trying to assign one of the Elastic IPs to the VPC
instance from the console. The console does not show any instance in the IP assignment screen. What is a possible reason that
the instance is unavailable in the assigned IP console?
 : Acmeshell Inc's Sysadmin has created a subnet in VPC and launched an EC instance within it.Admin has not selected the option to assign
1. The IP address may be attached to one of the instances
2. The IP address belongs to a different zone than the subnet zone

3. The user has not created an internet gateway

4. The IP addresses belong to EC2 Classic; so they cannot be assigned to VPC



Question : John is an Administrator at Acmeshell Inc and has launched multiple EC instances for the purpose of development and testing in the same region.
Now he wants to find the separate cost for the production and development instances. How can the user find the cost distribution?
 : John is an Administrator at Acmeshell Inc and has launched multiple EC instances for the purpose of development and testing in the same region.
1. The user should download the activity report of the EC2 services as it has the instance ID wise data
2. It is not possible to get the AWS cost usage data of single region instances separately
3. The user should use Cost Distribution Metadata and AWS detailed billing
4. The user should use Cost Allocation Tags and AWS billing reports