Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : A user is trying to connect to a running EC instance using SSH. However, the user gets an Unprotected
Private Key File error. Which of the below mentioned options can be a possible reason for rejection?

: A user is trying to connect to a running EC instance using SSH. However, the user gets an Unprotected
1. The private key file has the wrong file permission
2. The ppk file used for SSH is read only
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The user has provided the wrong user name for the OS login


Correct Answer : Get Lastest Questions and Answer :

Explanation: While doing SSH to an EC2 instance, if you get an Unprotected Private Key File error it means that the private key file's permissions on your
computer are too open. Ideally the private key should have the Unix permission of 0400. To fix that, run the command:
chmod 0400 /path/to/private.key







Question : A user has provisioned IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of
the below mentioned options does not affect the IOPS of the volume?
: A user has provisioned IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of
1. The application does not have enough IO for the volume
2. The instance is EBS optimized
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The volume size is too large

Correct Answer : Get Lastest Questions and Answer :

Explanation: When the application does not experience the expected IOPS or throughput of the PIOPS EBS volume that was provisioned, the possible root
cause could be that the EC2 bandwidth is the limiting factor and the instance might not be either EBS-optimized or might not have 10 Gigabit
network connectivity. Another possible cause for not experiencing the expected IOPS could also be that the user is not driving enough I/O to the
EBS volumes. The size of the volume may not affect IOPS.





Question : A storage admin wants to encrypt all the objects stored in S using server side encryption. The user does not want to use the AES encryption
key provided by S3. How can the user achieve this?
: A storage admin wants to encrypt all the objects stored in S using server side encryption. The user does not want to use the AES encryption
1. The admin should upload his secret key to the AWS console and let S3 decrypt the objects
2. The admin should use CLI or API to upload the encryption key to the S3 bucket. When making a call
to the S3 API mention the encryption key URL in each request
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The admin should send the keys and encryption algorithm with each API call

Correct Answer : Get Lastest Questions and Answer :

Explanation: AWS S3 supports client side or server side encryption to encrypt all data at rest. The server side encryption can either have the S3 supplied
AES-256 encryption key or the user can send the key along with each API callto supply his own encryption key. Amazon S3 never stores the
user's encryption key. The user has to supply it for each encryption or decryption call.




Related Questions

Question : An organization has created one IAM user and applied the below mentioned policy to the user. What entitlements do the IAM users avail with this policy? { "Version":
"2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": "ec2:Describe*",
"Resource": "*"
},{ "Effect": "Allow"
"Action": [
"cloudwatch:ListMetrics",
"cloudwatch:GetMetricStatistics",
"cloudwatch:Describe*"
], "Resource": "*"
},{ "Effect": "Allow",
"Action": "autoscaling:Describe*",
"Resource": "*"
}]}
 : An organization has created one IAM user and applied the below mentioned policy to the user. What entitlements do the IAM users avail with this policy? {
1. The policy will allow the user to perform all read only activities on the EC2 services
2. The policy will allow the user to list all the EC2 resources except EBS
3. The policy will allow the user to perform all read and write activities on the EC2 services
4. The policy will allow the user to perform all read only activities on the EC2 services except load Balancing



Question : A user has enabled session stickiness with ELB. The user does not want ELB to manage the cookie; instead he wants the application to manage
the cookie. What will happen when the server instance, which is bound to a cookie, crashes?
 : A user has enabled session stickiness with ELB. The user does not want ELB to manage the cookie; instead he wants the application to manage
1. The response will have a cookie but stickiness will be deleted
2. The session will not be sticky until a new cookie is inserted
3. ELB will throw an error due to cookie unavailability
4. The session will be sticky and ELB will route requests to another server as ELB keeps replicating the Cookie


Question : A user is observing the EC CPU utilization metric on CloudWatch. The user has observed some interesting patterns while filtering over the
week period for a particular hour. The user wants to zoom that data point to a more granular period. How can the user do that easily with
CloudWatch?
 : A user is observing the EC CPU utilization metric on CloudWatch. The user has observed some interesting patterns while filtering over the
1. The user can zoom a particular period by selecting that period with the mouse and then releasing the mouse
2. The user can zoom a particular period by double clicking on that period with the mouse
3. The user can zoom a particular period by specifying the aggregation data for that period
4. The user can zoom a particular period by specifying the period in the Time Range


Question : A user has created an Auto Scaling group with default configurations from CLI. The user wants to setup the CloudWatch alarm on the EC
instances, which are launched by the Auto Scaling group. The user has setup an alarm to monitor the CPU utilization every minute. Which of the
below mentioned statements is true?
 : A user has created an Auto Scaling group with default configurations from CLI. The user wants to setup the CloudWatch alarm on the EC
1. It will fetch the data at every minute but the four data points [corresponding to 4 minutes] will not have value since the EC2 basic monitoring metrics are collected
every five minutes
2. It will fetch the data at every minute as detailed monitoring on EC2 will be enabled by the default launch configuration of Auto Scaling
3. The alarm creation will fail since the user has not enabled detailed monitoring on the EC2 instances
4. The user has to first enable detailed monitoring on the EC2 instances to support alarm monitoring at every minute



Question : QuickAdmin.com has created a VPC with public and private subnets using the VPC wizard. Which of the below
mentioned statements is not true in this scenario?
 : QuickAdmin.com has created a VPC with public and private subnets using the VPC wizard. Which of the below
1. The VPC will create a routing instance and attach it with a public subnet
2. The VPC will create two subnets
3. The VPC will create one internet gateway and attach it to VPC
4. The VPC will launch one NAT instance with an elastic IP


Question : A user has configured ELB with a TCP listener at ELB as well as on the back-end instances. The user wants to enable a proxy protocol to capture
the source and destination IP information in the header. Which of the below mentioned statements helps the user understand a proxy protocol with TCP configuration?
 : A user has configured ELB with a TCP listener at ELB as well as on the back-end instances. The user wants to enable a proxy protocol to capture
1. If the end user is requesting behind a proxy server then the user should not enable a proxy protocol on ELB
2. ELB does not support a proxy protocol when it is listening on both the load balancer and the back-end instances
3. Whether the end user is requesting from a proxy server or directly, it does not make a difference for the proxy protocol
4. If the end user is requesting behind the proxy then the user should add the "isproxy" flag to the ELB Configuration