AWS Certified SysOps Administrator v1.0

Page:    1 / 57   
Exam contains 853 questions

You have set up Individual AWS accounts for each project. You have been asked to make sure your AWS Infrastructure costs do not exceed the budget set per project for each month.
Which of the following approaches can help ensure that you do not exceed the budget each month?

  • A. Consolidate your accounts so you have a single bill for all accounts and projects
  • B. Set up auto scaling with CloudWatch alarms using SNS to notify you when you are running too many Instances in a given account
  • C. Set up CloudWatch billing alerts for all AWS resources used by each project, with a notification occurring when the amount for each resource tagged to a particular project matches the budget allocated to the project.
  • D. Set up CloudWatch billing alerts for all AWS resources used by each account, with email notifications when it hits 50%. 80% and 90% of its budgeted monthly spend


Answer : D

Explanation:
Consolidate your accounts so you have a single bill for all accounts and projects (Consolidation will not help limit per account)
Set up auto scaling with CloudWatch alarms using SNS to notify you when you are running too many Instances in a given account (many instances do not directly map to cost and would not give exact cost).
Set up CloudWatch billing alerts for all AWS resources used by each project, with a notification occurring when the amount for each resource tagged to a particular project matches the budget allocated to the project. (as each project already has an account, no need for resource tagging).

When creation of an EBS snapshot Is initiated but not completed the EBS volume?

  • A. Cannot De detached or attached to an EC2 instance until me snapshot completes
  • B. Can be used in read-only mode while me snapshot is in progress
  • C. Can be used while me snapshot Is in progress
  • D. Cannot be used until the snapshot completes


Answer : C

Explanation:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html

You are using ElastiCache Memcached to store session state and cache database queries in your infrastructure. You notice in CloudWatch that Evictions and
GetMisses are Doth very high.
What two actions could you take to rectify this? (Choose two.)

  • A. Increase the number of nodes in your cluster
  • B. Tweak the max_item_size parameter
  • C. Shrink the number of nodes in your cluster
  • D. Increase the size of the nodes in the duster


Answer : AD

https://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/CacheMetrics.WhichShouldIMonitor.html

You are running a database on an EC2 instance, with the data stored on Elastic Block Store (EBS) for persistence. At times throughout the day, you are seeing large variance in the response times of the database queries Looking into the instance with the isolate command you see a lot of wait time on the disk volume that the database's data is stored on.
What two ways can you improve the performance of the database's storage while maintaining the current persistence of the data? (Choose two.)

  • A. Move to an SSD backed instance
  • B. Move the database to an EBS-Optimized Instance
  • C. T Use Provisioned IOPs EBS
  • D. Use the ephemeral storage on an m2 4xiarge Instance Instead


Answer : BC

Your EC2-Based Multi-tier application includes a monitoring instance that periodically makes application -level read only requests of various application components and if any of those fail more than three times 30 seconds calls CloudWatch lo fire an alarm, and the alarm notifies your operations team by email and
SMS of a possible application health problem. However, you also need to watch the watcher -the monitoring instance itself - and be notified if it becomes unhealthy.
Which of the following is a simple way to achieve that goal?

  • A. Run another monitoring instance that pings the monitoring instance and fires a could watch alarm mat notifies your operations team should the primary monitoring instance become unhealthy.
  • B. Set a CloudWatch alarm based on EC2 system and instance status checks and have the alarm notify your operations team of any detected problem with the monitoring instance.
  • C. Set a CloudWatch alarm based on the CPU utilization of the monitoring instance and have the alarm notify your operations team if C r the CPU usage exceeds 50% few more than one minute: then have your monitoring application go into a CPU-bound loop should it Detect any application problems.
  • D. Have the monitoring instances post messages to an SOS queue and then dequeue those messages on another instance should the queue cease to have new messages, the second instance should first terminate the original monitoring instance start another backup monitoring instance and assume (he role of the previous monitoring instance and beginning adding messages to the SQSqueue.


Answer : B

You have decided to change the Instance type for instances running in your application tier that are using Auto Scaling.
In which area below would you change the instance type definition?

  • A. Auto Scaling launch configuration
  • B. Auto Scaling group
  • C. Auto Scaling policy
  • D. Auto Scaling tags


Answer : A

Explanation:
http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/WhatIsAutoScaling.html

You are attempting to connect to an instance in Amazon VPC without success. You have already verified that the VPC has an Internet Gateway (IGW) the instance has an associated Elastic IP (EIP) and correct security group rules are in place.
Which VPC component should you evaluate next?

  • A. The configuration of a NAT instance
  • B. The configuration of the Routing Table
  • C. The configuration of the internet Gateway (IGW)
  • D. The configuration of SRC/DST checking


Answer : B

Explanation:
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/UserScenariosForVPC.html

You are tasked with the migration of a highly trafficked Node JS application to AWS in order to comply with organizational standards Chef recipes must be used to configure the application servers that host this application and to support application lifecycle events.
Which deployment option meets these requirements while minimizing administrative burden?

  • A. Create a new stack within Opsworks add the appropriate layers to the stack and deploy the application
  • B. Create a new application within Elastic Beanstalk and deploy this application to a new environment
  • C. Launch a Mode JS server from a community AMI and manually deploy the application to the launched EC2 instance
  • D. Launch and configure Chef Server on an EC2 instance and leverage the AWS CLI to launch application servers and configure those instances using Chef.


Answer : A

Explanation:
OpsWorks has integrated support for Chef and lifecycle events. http://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html

You have been asked to automate many routine systems administrator backup and recovery activities. Your current plan is to leverage AWS-managed solutions as much as possible and automate the rest with the AWS CLI and scripts.
Which task would be best accomplished with a script?

  • A. Creating daily EBS snapshots with a monthly rotation of snapshots
  • B. Creating daily RDS snapshots with a monthly rotation of snapshots
  • C. Automatically detect and stop unused or underutilized EC2 instances
  • D. Automatically add Auto Scaled EC2 instances to an Amazon Elastic Load Balancer


Answer : A

Your organization's security policy requires that all privileged users either use frequently rotated passwords or one-time access credentials in addition to username/password.
Which two of the following options would allow an organization to enforce this policy for AWS users? (Choose two.)

  • A. Configure multi-factor authentication for privileged 1AM users
  • B. Create 1AM users for privileged accounts
  • C. Implement identity federation between your organization's Identity provider leveraging the 1AM Security Token Service
  • D. Enable the 1AM single-use password policy option for privileged users


Answer : AB

What are characteristics of Amazon S3? (Choose two.)

  • A. Objects are directly accessible via a URL
  • B. S3 should be used to host a relational database
  • C. S3 allows you to store objects or virtually unlimited size
  • D. S3 allows you to store virtually unlimited amounts of data
  • E. S3 offers Provisioned IOPS


Answer : AD

The total volume of data and number of objects you can store are unlimited. Individual Amazon S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes. The largest object that can be uploaded in a single PUT is 5 gigabytes. For objects larger than 100 megabytes, customers should consider using the Multipart Upload capability.
Reference:
https://aws.amazon.com/s3/faqs/

You receive a frantic call from a new DBA who accidentally dropped a table containing all your customers.
Which Amazon RDS feature will allow you to reliably restore your database to within 5 minutes of when the mistake was made?

  • A. Multi-AZ RDS
  • B. RDS snapshots
  • C. RDS read replicas
  • D. RDS automated backup


Answer : D

Explanation:
https://aws.amazon.com/rds/details/#ha
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html

A media company produces new video files on-premises every day with a total size of around 100 GBS after compression All files have a size of 1 -2 GB and need to be uploaded to Amazon S3 every night in a fixed time window between 3am and 5am Current upload takes almost 3 hours, although less than half of the available bandwidth is used.
What step(s) would ensure that the file uploads are able to complete in the allotted time window?

  • A. Increase your network bandwidth to provide faster throughput to S3
  • B. Upload the files in parallel to S3
  • C. Pack all files into a single archive, upload it to S3, then extract the files in AWS
  • D. Use AWS Import/Export to transfer the video files


Answer : B

Explanation:
https://aws.amazon.com/blogs/aws/amazon-s3-multipart-upload/

You are running a web-application on AWS consisting of the following components an Elastic Load Balancer (ELB) an Auto-Scaling Group of EC2 instances running Linux/PHP/Apache, and Relational DataBase Service (RDS) MySQL.
Which security measures fall into AWS's responsibility?

  • A. Protect the EC2 instances against unsolicited access by enforcing the principle of least-privilege access
  • B. Protect against IP spoofing or packet sniffing
  • C. Assure all communication between EC2 instances and ELB is encrypted
  • D. Install latest security patches on ELB. RDS and EC2 instances


Answer : B

https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf

You use S3 to store critical data for your company Several users within your group currently have lull permissions to your S3 buckets You need to come up with a solution mat does not impact your users and also protect against the accidental deletion of objects.
Which two options will address this issue? (Choose two.)

  • A. Enable versioning on your S3 Buckets
  • B. Configure your S3 Buckets with MFA delete
  • C. Create a Bucket policy and only allow read only permissions to all users at the bucket level
  • D. Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier


Answer : AB

Explanation:
Versioning allows easy recovery of previous file version.
MFA delete requires additional MFA authentication to delete files.
Won"™t impact the users current access.
Reference:
http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html

Page:    1 / 57   
Exam contains 853 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.