Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : What is a placement group?
: What is a placement group?
1. A collection of Auto Scaling groups in the same Region
2. Feature that enables EC2 instances to interact with each other via high bandwidth, low latency connections
 3. Access Mostly Uused Products by 50000+ Subscribers
4. A collection of authorized Cloud Front edge locations for a distribution

Correct Answer : Get Lastest Questions and Answer :

Explanation: A placement group is a logical grouping of instances within a single Availability Zone. Using placement groups enables applications to participate in a low-latency, 10 Gbps
network. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both. To provide the lowest latency, and the highest
packet-per-second network performance for your placement group, choose an instance type that supports enhanced networking.







Question : Your entire AWS infrastructure lives inside of one Amazon VPC You have an infrastructure
monitoring application running on an Amazon instance in Availability Zone (AZ) A of the region,
and another application instance running in AZ B. The monitoring application needs to make use
of ICMP ping to confirm network reachability of the instance hosting the application.
Can you configure the security groups for these instances to only allow the ICMP ping to pass
from the monitoringinstance to the application instance and nothing else, If so how?
: Your entire AWS infrastructure lives inside of one Amazon VPC You have an infrastructure
1. No Two instances in two different AZ's can't talk directly to each other via ICMP ping as that
protocol is not allowed across subnet (iebroadcast) boundaries
2. Yes Both the monitoring instance and the application instance have to be a part of the same
security group, and that security group needs to allow inbound ICMP
 3. Access Mostly Uused Products by 50000+ Subscribers
application instance's security group needs to allow Inbound ICMP.
4. Yes, Both the monitoring instance's security group and the application instance's security group
need to allow both inbound and outbound ICMP ping packets since ICMP is not a connection oriented protocol


Correct Answer : Get Lastest Questions and Answer :

Explanation: Ping (ICMP Echo Request and Echo Reply) requests to the router in your VPC is not supported. Ping between Amazon EC2 instances within VPC is supported as long as your
operating systems firewalls, VPC security groups and network access control lists permit such traffic.

Your security groups use connection tracking to track information about traffic to and from the instance. Rules are applied based on the connection state of the traffic to
determine if the traffic is allowed or denied. This allows security groups to be stateful - responses to inbound traffic are allowed to flow out of the instance regardless of
outbound security group rules, and vice versa. For example, if you initiate an ICMP ping command to your instance from your home computer, and your inbound security group rules
allow ICMP traffic, information about the connection (including the port information) is tracked. Response traffic from the instance for the ping command is not tracked as new
request, but rather as an established connection and is allowed to flow out of the instance, even if your outbound security group rules restrict outbound ICMP traffic.

Only inbound on the app server and outbound on the monitoring server is needed for ICMP.





Question : You have two Elastic Compute Cloud (EC) instances inside a Virtual Private Cloud (VPC) in the
same Availability Zone (AZ) but in different subnets.One instance is running a database and the
other instance an application that will interface with the database. You want to confirm that they
can talk to each other for your application to work properly.
Which two things do we need to confirm in the VPC settings so that these EC2 instances can
communicate inside the VPC?

Choose 2 answers
A. A network ACL that allows communication between the two subnets.
B. Both instances are the same instance class and using the same Key-pair.
C. That the default route is set to a NAT instance or internet Gateway (IGW) for them to communicate.
D. Security groups are set to allow the application host to talk to the database on the right port/protocol.

: You have two Elastic Compute Cloud (EC) instances inside a Virtual Private Cloud (VPC) in the
1. A,B
2. A,D
 3. Access Mostly Uused Products by 50000+ Subscribers
4. C,D


Correct Answer : Get Lastest Questions and Answer :


Explanation: Complete scenerio described at
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html

A - An acl is by default configured for subnets in the same vpc to communicate. However, if it is configured not to, the subnets will not communicate.
D - An acl takes care of subnets being able to recognize each other. The security group takes care of the authorization to do it.

B - it is just not it.
C - The question does not mention internet. You could be using a VPN to connect.


Related Questions

Question :
In which section of instance creation are you able to select Multi-AZ deployment?
 :
1. Launch Screen
2. DB Instance Details
3. Access Mostly Uused Products by 50000+ Subscribers
4. The operating system
5. Management Options



Question :
Amazon Glacier is designed for:

 :
1. active database storage
2. infrequently accessed data
 3. Access Mostly Uused Products by 50000+ Subscribers
4. quick backups
5. Management



Question : In the Amazon Elastic Compute Cloud (Amazon EC) console
you have setup the Alarm as given setting, what would it implies

 : In the Amazon Elastic Compute Cloud (Amazon EC) console
1. Create an alarm that sends email when an instance exceeds 10 GB of outbound network traffic per day.
2. Create an alarm that sends sms when an instance exceeds 10 GB of outbound network traffic per day.
 3. Access Mostly Uused Products by 50000+ Subscribers



Question : What is the below command implies
aws cloudwatch put-metric-alarm --alarm-name ec2billing --comparison-operator GreaterThanOrEqualToThreshold --evaluation-periods 1
--metric-name EstimatedCharges --namespace AWS/Billing --dimensions Name=Currency,Value=USD" --period 21600 --statistic Maximum
--threshold 50 --actions-enabled --alarm-actions arn:aws:sns:us-east-1:111111111111:NotifyMe

 : What is the below command implies
1. creates an alarm that will send an email message when your estimated month-to-date charges for Amazon EC2 exceed $50.
2. creates an alarm that will send an email message when your estimated month-to-date charges for Amazon EC2 exceed $50 for consecutive 3 months.
 3. Access Mostly Uused Products by 50000+ Subscribers



Question : In the Amazon Elastic Compute Cloud (Amazon EC) console
you have setup the Alarm as given setting, what would it implies

 : In the Amazon Elastic Compute Cloud (Amazon EC) console
1. Create an alarm that stops an instance and send a text message (SMS) if outbound traffic exceeds 1 GB per hour.
2. Create an alarm that terminates an instance and send a text message (SMS) if outbound traffic exceeds 1 GB per hour.
 3. Access Mostly Uused Products by 50000+ Subscribers



Question : In the Amazon Elastic Compute Cloud (Amazon EC) console
you have setup the Alarm as given setting, what would it implies

 : In the Amazon Elastic Compute Cloud (Amazon EC) console
1. Create an alarm that stops an instance when cpu utilization reaches or exceeds 90%, so that application logs can be retrieved for troubleshooting.
2. Create an alarm that stops an instance when memory utilization reaches or exceeds 90%, so that application logs can be retrieved for troubleshooting.
 3. Access Mostly Uused Products by 50000+ Subscribers