AWS Certified SysOps Administrator - Associate Questions and Answers (Dumps and Practice Questions)
Question : When you put objects in Amazon S, what is the indication that an object was successfully stored?
1. Each S3 account has a special bucket named_s3_logs. Success codes are written to this bucket with a timestamp and checksum.
2. A success code is inserted into the S3 object metadata.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Amazon S3 is engineered for 99.999999999% durability. Therefore there is no need to confirm that data was inserted.
Correct Answer : Get Lastest Questions and Answer : This implementation of the PUT operation adds an object to a bucket. You must have WRITE permissions on a bucket to add an object to it.
Amazon S3 never adds partial objects; if you receive a success response, Amazon S3 added the entire object to the bucket.
Amazon S3 is a distributed system. If it receives multiple write requests for the same object simultaneously, it overwrites all but the last object written. Amazon S3 does not
provide object locking; if you need this, make sure to build it into your application layer or use versioning instead.
To ensure that data is not corrupted traversing the network, use the Content-MD5 header. When you use this header, Amazon S3 checks the object against the provided MD5 value and, if
they do not match, returns an error. Additionally, you can calculate the MD5 while putting an object to Amazon S3 and compare the returned ETag to the calculated MD5 value.
There are two opportunities for a copy request to return an error. One can occur when Amazon S3 receives the copy request and the other can occur while Amazon S3 is copying the
files. If the error occurs before the copy operation starts, you receive a standard Amazon S3 error. If the error occurs during the copy operation, the error response is embedded in
the 200 OK response. This means that a 200 OK response can contain either a success or an error. Make sure to design your application to parse the contents of the response and handle
it appropriately.
If the copy is successful, you receive a response that contains the information about the copied object.
Question : Which services allow the customer to retain run administrative privileges or the undertying
EC2 instances? Choose 2 answers
A. AWS Elastic Beanstalk
B. Amazon Elastic Map Reduce
C. Elastic Load Balancing
D. Amazon Relational Database Service
E. Amazon Elasti Cache
1. A,C
2. A,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. B,D
5. A,B
Correct Answer : Get Lastest Questions and Answer :
Explanation:
A.
AWS Elastic Beanstalk
B.
Amazon Elastic Map Reduce
Question : You have a business-to-business web application running in a VPC consisting of an Elastic
Load Balancer (ELB), web servers, application servers and a database. Your web
application should only accept traffic from pre-defined customer IP addresses.
Which two options meet this security requirement? Choose 2 answers
A. Configure web server VPC security groups to allow traffic from your customers' IPs
B. Configure your web servers to filter traffic based on the ELB's "X-forwarded-for" header
C. Configure ELB security groups to allow traffic from your customers' IPs and deny all outbound traffic
D. Configure a VPC NACL to allow web traffic from your customers' IPs and deny all outbound traffic
1. A,C
2. A,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. B,D
5. A,B
Correct Answer : Get Lastest Questions and Answer :
Explanation: Since security groups can only allow the traffic and cann't deny the traffic. So C is wrong
Since X-forwarded-for is used for proxy redirection at webserver level. Here we need to deny all the IP to access our B2B application except specified IPs.
Related Questions
Question : How can software determine the public and private IP addresses of the Amazon EC instance that it is running on?
1. Query the local instance metadata.
2. Query the appropriate Amazon CloudWatch metric.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Use ipconfig or ifconfig command.
Question : Which method can be used to prevent an IP address block from accessing public objects in an S bucket?
1. Create a bucket policy and apply it to the bucket
2. Create a NACL and attach it to the VPC of the bucket
3. Access Mostly Uused Products by 50000+ Subscribers
4. Modify the IAM policies of any users that would access the bucket
Question : Amazon EBS snapshots have which of the following two characteristics?
Choose 2 answers
A. EBS snapshots only save incremental changes from snapshot to snapshot
B. EBS snapshots can be created in real-time without stopping an EC2 instance
C. EBS snapshots can only be restored to an EBS volume of the same size or smaller
D. EBS snapshots can only be restored and mounted to an instance in the same Availability Zone as the original EBS volume
1. A,C
2. A,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. B,D
5. A,B
Question : An application you maintain consists of multiple EC instances in a default tenancy VPC.
This application has undergone an internal audit and has been determined to require dedicated hardware for one instance. Your compliance team has given you a week to move
this instance to single-tenant hardware. Which process will have minimal impact on your application while complying with this requirement?
1. Create a new VPC with tenancy=dedicated and migrate to the new VPC
2. Use ec2-reboot-instances command line and set the parameter "dedicated=true"
3. Access Mostly Uused Products by 50000+ Subscribers
4. Stop the instance, create an AMI, launch a new instance with tenancy=dedicated, and terminate the old instance
Question : You have private video content in S that you want to serve to subscribed users on the
Internet. User IDs, credentials, and subscriptions are stored in an Amazon RDS database.
Which configuration will allow you to securely serve private content to your users?
1. Generate pre-signed URLs for each user as they request access to protected S3 content
2. Create an IAM user for each subscribed user and assign the GetObject permission to each IAM user
3. Access Mostly Uused Products by 50000+ Subscribers
4. Create a CloudFront Origin Identity user for your subscribed users and assign the GetObject permission to this user
Question : The compliance department within your multi-national organization requires that all data for
your customers that reside in the European Union (EU) must not leave the EU and also
data for customers that reside in the US must not leave the US without explicit
authorization.
What must you do to comply with this requirement for a web based profile management
application running on EC2?
1. Run EC2 instances in multiple AWS Availability Zones in single Region and
leverage an Elastic Load Balancer with session stickiness to route traffic to the appropriate
zone to create their profile
2. Run EC2 instances in multiple Regions and leverage Route 53's Latency Based
Routing capabilities to route traffic to the appropriate region to create their profile
3. Access Mostly Uused Products by 50000+ Subscribers
determine if a user needs to be redirect to the appropriate region to create their profile
4. Run EC2 instances in multiple AWS Availability Zones in a single Region and
leverage a third party data provider to determine if a user needs to be redirect to the
appropriate zone to create their profile