Premium

AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)



Question : Your EC-Based Multi-tier application includes a monitoring instance that periodically makes application-level read only requests of various application components and
if any of those fail more than three times in 30 seconds calls. CloudWatch to fire an alarm, and the alarm notifies your operations team by email and SMS of a possible application
health problem. However, you also need to watch the watcher the monitoring instance itself - and be notified if it becomes unhealthy.
Which of the following Is a simple way to achieve that goal?
: Your EC-Based Multi-tier application includes a monitoring instance that periodically makes application-level read only requests of various application components and
1. Run another monitoring instance that pings the monitoring instance and fires a could watch alarm mat notifies your operations teamshould the primary monitoring
instance become unhealthy.
2. Set a Cloud Watch alarm based on EC2 system and instance status checks and have the alarm notify your operations team of any detected problem with the monitoring
instance.
 3. Access Mostly Uused Products by 50000+ Subscribers
than one minute: then have your monitoring application go into a CPU-bound loop should Detect any application problems.
4. Have the monitoring instances post messages to an SQS queue and then dequeue those messages on another instance should the queue cease to have new messages, the second
instance should first terminate the original monitoring instance start another backup monitoring instance and assume the role of the previous monitoring instance and beginning adding
messages to the SQS queue.


Correct Answer : Get Lastest Questions and Answer :

Explanation: The requirement is not high availability of the monitoring instance, just to check if it is unhealthy.





Question : You have decided to change the Instance type for instances running In your application tier that
are using Auto Scaling.
In which area below would you change the instance type definition?
: You have decided to change the Instance type for instances running In your application tier that
1. Auto Scaling launch configuration
2. Auto Scaling group
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Auto Scaling tags

Correct Answer : Get Lastest Questions and Answer :
Ans : A launch configuration is a template for the EC2 instances launched into an Auto Scaling group. You must specify a launch configuration when you create an Auto Scaling group.
You can't modify a launch configuration after you've created it. However, you can change which launch configuration is associated with an Auto Scaling group at any time.uto Scaling
provides you with an option to create a new launch configuration using the attributes from a running EC2 instance. When you use this option, Auto Scaling copies the attributes from
the specified instance into a template from which you can launch one or more Auto Scaling groups.

Tip

You can create an Auto Scaling group directly from an EC2 instance. When you use this feature, Auto Scaling automatically creates a launch configuration for you as well.
If the specified instance has properties that are not currently supported by Auto Scaling, instances launched by Auto Scaling using the launch configuration created from the
identified instance might not be identical to the identified instance.
There are differences between creating a launch configuration from scratch and creating a launch configuration from an existing EC2 instance. When you create a launch configuration
from scratch, you specify the image ID, instance type, optional resources (such as storage devices), and optional settings (like monitoring). When you create a launch configuration
from a running instance, by default Auto Scaling derives attributes for the launch configuration from the specified instance, plus the block device mapping for the AMI that the
instance was launched from (ignoring any additional block devices that were added to the instance after launch).
When you create a launch configuration using a running instance, you can override the following attributes by specifying then as part of the same request: AMI, block devices, key
pair, instance profile, instance type, kernel, monitoring, placement tenancy, ramdisk, security groups, Spot Price, user data, whether the instance has a public IP address is
associated, and whether the instance is EBS-optimized.






Question : You are attempting to connect to an instance in Amazon VPC without success You have already
verified that the VPC has an Internet Gateway (IGW) the instance has an associated Elastic IP
(EIP) and correct security group rules are in place.
Which VPC component should you evaluate next?
: You are attempting to connect to an instance in Amazon VPC without success You have already
1. The configuration of a NAT instance
2. The configuration of the Routing Table
 3. Access Mostly Uused Products by 50000+ Subscribers
4. The configuration of SRC'DST checking


Correct Answer : Get Lastest Questions and Answer :

Explanation: By design, each subnet must be associated with a route table, which specifies the allowed routes for outbound traffic leaving the subnet. Every subnet that you create is
automatically associated with the main route table for the VPC. You can change the association, and you can change the contents of the main route table. For more information, see
Route Tables.

In the previous diagram, the route table associated with subnet 1 routes all traffic (0.0.0.0/0) to an Internet gateway (for example, igw-1a2b3c4d). Because instance V1 has an
Elastic IP address, it can be reached from the Internet.

Note

The Elastic IP address or public IP address that's associated with your instance is accessed through the Internet gateway of your VPC. Traffic that goes through a VPN connection
between your instance and another network traverses a virtual private gateway, not the Internet gateway, and therefore does not access the Elastic IP address or public IP address.

The instance V2 can't reach the Internet, but can reach other instances in the VPC. You can allow an instance in your VPC to initiate outbound connections to the Internet but prevent
unsolicited inbound connections from the Internet using a network address translation (NAT) instance. Because you can allocate a limited number of Elastic IP addresses, we recommend
that you use a NAT instance if you have more instances that require a static public IP address. For more information, see NAT Instances.

The route table associated with subnet 3 routes all traffic (0.0.0.0/0) to a virtual private gateway (for example, vgw-1a2b3c4d).

If the VPC has an IGW attached and the instance has an EIP. You need to check the Route Tables of the subnet to verify if the default route is going through the IGW.




Related Questions

Question : A user is displaying the CPU utilization, and Network in and Network out CloudWatch metrics data of a single instance on the same graph. The
graph uses one Y-axis for CPU utilization and Network in and another Y-axis for Network out. Since Network in is too high, the CPU utilization
data is not visible clearly on graph to the user. How can the data be viewed better on the same graph?
 : A user is displaying the CPU utilization, and Network in and Network out CloudWatch metrics data of a single instance on the same graph. The
1. It is not possible to show multiple metrics with the different units on the same graph
2. Add a third Y-axis with the console to show all the data in proportion
3. Access Mostly Uused Products by 50000+ Subscribers
4. Change the units of CPU utilization so it can be shown in proportion with Network



Question :

When stopping an EC2 classic instance, which ONE is true?

 :
1. Ephemeral storage is lost.
2. An attached Elastic IP Address is detached from the instance.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above



Question : An EBS volume can be attached to more than one instance at a time.
 : An EBS volume can be attached to more than one instance at a time.
1. True
2. False


Question : Which types of applications, when running on an EC instance, would you consider using provisioned IOPS for?

 : Which types of applications, when running on an EC instance, would you consider using provisioned IOPS for?
1. Web Servers
2. File Servers
 3. Access Mostly Uused Products by 50000+ Subscribers
4. All of the above


Question : When using provisioned IOPS, you will pay for the IOPS even if you do not use them.


 : When using provisioned IOPS, you will pay for the IOPS even if you do not use them.
1. True
2. False


Question : You are currently hosting multiple applications in a VPC and have logged numerous port scans
coming in from a specific IP address block. Your security team has requested that all access from
the offending IP address block be denied for the next 24 hours.
Which of the following is the best method to quickly and temporarily deny access from the specified IP address block?
 : You are currently hosting multiple applications in a VPC and have logged numerous port scans
1. Create an AD policy to modify Windows Firewall settings on all hosts in the VPC to deny access from the IP address block
2. Modify the Network ACLs associated with all public subnets in the VPC to deny access from the IP address block
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Modify the Windows Firewall settings on all Amazon Machine Images (AMIs) that your organization uses in that VPC to deny access from the IP address block