AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)
Question : Which types of applications, when running on an EC instance, would you consider using provisioned IOPS for?
1. Web Servers
2. File Servers
3. Access Mostly Uused Products by 50000+ Subscribers
4. All of the above
Correct Answer : Get Lastest Questions and Answer :
For any production application that requires fast and consistent I/O performance, we recommend Provisioned IOPS: input/output operations per second storage. Provisioned IOPS storage
is a storage option that delivers fast, predictable, and consistent throughput performance. When you create a DB instance, you specify an IOPS rate and storage space allocation.
Amazon RDS provisions that IOPS rate and storage for the lifetime of the DB instance or until you change it. Provisioned IOPS storage is optimized for I/O intensive, online
transaction processing (OLTP) workloads that have consistent performance requirements.
Your actual realized IOPS may vary from the value that you specify depending on your database workload, DB instance size, and the page size and channel bandwidth that are available
for your DB engine.
Question : When using provisioned IOPS, you will pay for the IOPS even if you do not use them.
1. True
2. False
Correct Answer : Get Lastest Questions and Answer :
Explanation: Because Provisioned IOPS storage reserves resources for your use, you are charged for the resources whether or not you use them in a given month. When you use Provisioned IOPS
storage, you are not charged the monthly Amazon RDS I/O charge. If you prefer to pay only for I/O that you consume, a DB instance that uses standard storage may be a better choice
Correct Answer : Get Lastest Questions and Answer :
Explanation:
Question : You are currently hosting multiple applications in a VPC and have logged numerous port scans
coming in from a specific IP address block. Your security team has requested that all access from
the offending IP address block be denied for the next 24 hours.
Which of the following is the best method to quickly and temporarily deny access from the specified IP address block?
1. Create an AD policy to modify Windows Firewall settings on all hosts in the VPC to deny access from the IP address block
2. Modify the Network ACLs associated with all public subnets in the VPC to deny access from the IP address block
3. Access Mostly Uused Products by 50000+ Subscribers
4. Modify the Windows Firewall settings on all Amazon Machine Images (AMIs) that your organization uses in that VPC to deny access from the IP address block
Correct Answer : Get Lastest Questions and Answer :
Explanation: As questions is clearly asking blcok the IP addresses, and needs to be denied.
One of the difference between Security Group and ACL is
Security Groups : Supports allow rules only
While ACL : Supports allow rules and deny rules
Ans another difference is that
Security group : Operates at the instance level (first layer of defense)
Network ACL : Operates at the subnet level (second layer of defense)
Related Questions
Question : What is the below cloudwatch command mean
Prompt>aws cloudwatch put-metric-alarm --alarm-name ebs-mon --alarm-description "Alarm when EBS volume exceeds 100MB throughput"
--metric-name VolumeReadBytes --namespace AWS/EBS --statistic Average --period 300 --threshold 100000000 --comparison-operator GreaterThanThreshold
--dimensions Name=VolumeId,Value=my-volume-id --evaluation-periods 3 --alarm-actions arn:aws:sns:us-east-1:1234567890:my-alarm-topic
--insufficient-data-actions arn:aws:sns:us-east-1:1234567890:my-insufficient-data-topic
1. Command has syntex error.
2. To send an Amazon Simple Notification Service email message when EBS exceeds 100 MB throughput
3. Access Mostly Uused Products by 50000+ Subscribers
Question :
Correct use cases of the Amazon Glacier is :
1. Offsite Enterprise Information Archiving
2. Archiving Media Assets
3. Access Mostly Uused Products by 50000+ Subscribers
4. Magnetic Tape Replacement
5. All of the above
Question :
Your web application front end consists of multiple EC2 instances behind an Elastic Load Balancer.
You configured ELb to perform health checks on these EC2 instances. If an instance fails to pass health checks, which statement will be true?
1. The instance is replace automatically by the ELB.
2. The instance gets terminated automatically by the ELB.
3. Access Mostly Uused Products by 50000+ Subscribers
4. The instance gets quarantined by the ELB for root cause analyis
Question : You are building a system to distribute confidential training videos to employees. Using CloudFront,
what method would be used to serve content that is stored in S3, but not publicly accessible from S3 directly?
1. Create an Origin Access Identify (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.
2. Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM user.
3. Access Mostly Uused Products by 50000+ Subscribers
Question :
Which of the following will occur when an EC2 instance in a VPC (Virtual Private Cloud) with an associated Elastic IP is stopped and started?
1. The Elastic IP will be dissociated from the instance
2. All data on instance-store devices will be lost
3. Access Mostly Uused Products by 50000+ Subscribers
4. The underlying host for the instance is changed
Question :
To protect S3 data from both accidental deletion and accidental overwriting, you should
1. enable S3 versioning on the bucket
2. access S3 data using only signed URLs
3. Access Mostly Uused Products by 50000+ Subscribers
4. enable Multi-Factor Authentication (MFA) protected access