Amazon AWS-SysOps AWS Certified SysOps Administrator – Associate Online Training
Amazon AWS-SysOps Online Training
The questions for AWS-SysOps were last updated at Apr 23,2024.
- Exam Code: AWS-SysOps
- Exam Name: AWS Certified SysOps Administrator – Associate
- Certification Provider: Amazon
- Latest update: Apr 23,2024
You are currently hosting multiple applications in a VPC and have logged numerous port scans coming in from a specific IP address block. Your security team has requested that all access from the offending IP address block be denied for the next 24 hours.
Which of the following is the best method to quickly and temporarily deny access from the specified IP address block?
- A . Create an AD policy to modify Windows Firewall settings on all hosts in the VPC to deny access from the IP address block
- B . Modify the Network ACLs associated with all public subnets in the VPC to deny access from the IP address block
- C . Add a rule to all of the VPC 5 Security Groups to deny access from the IP address block
- D . Modify the Windows Firewall settings on all Amazon Machine Images (AMIs) that your organization uses in that VPC to deny access from the IP address block
When preparing for a compliance assessment of your system built inside of AWS.
What are three best-practices for you to prepare for an audit? (Choose three.)
- A . Gather evidence of your IT operational controls
- B . Request and obtain applicable third-party audited AWS compliance reports and certifications
- C . Request and obtain a compliance and security tour of an AWS data center for a pre-assessment security review
- D . Request and obtain approval from AWS to perform relevant network scans and in-depth penetration tests of your system’s Instances and endpoints
- E . Schedule meetings with AWS’s third-party auditors to provide evidence of AWS compliance that maps to your control objectives
You have started a new job and are reviewing your company’s infrastructure on AWS You notice one web application where they have an Elastic Load Balancer (&B) in front of web instances in an Auto Scaling Group When you check the metrics for the ELB in CloudWatch you see four healthy instances in Availability Zone (AZ) A and zero in AZ B There are zero unhealthy instances.
What do you need to fix to balance the instances across AZs?
- A . Set the ELB to only be attached to another AZ
- B . Make sure Auto Scaling is configured to launch in both AZs
- C . Make sure your AMI is available in both AZs
- D . Make sure the maximum size of the Auto Scaling Group is greater than 4
You have been asked to leverage Amazon VPC BC2 and SOS to implement an application that submits and receives millions of messages per second to a message queue. You want to ensure your application has sufficient bandwidth between your EC2 instances and SQS
Which option will provide the most scalable solution for communicating between the application and SQS?
- A . Ensure the application instances are properly configured with an Elastic Load Balancer
- B . Ensure the application instances are launched in private subnets with the EBS-optimized option enabled
- C . Ensure the application instances are launched in public subnets with the associate-public-IPaddress=true option enabled
- D . Launch application instances in private subnets with an Auto Scaling group and Auto Scaling triggers configured to watch the SQS queue size
You have identified network throughput as a bottleneck on your m1.small EC2 instance when uploading data Into Amazon S3 In the same region.
How do you remedy this situation?
- A . Add an additional ENI
- B . Change to a larger Instance
- C . Use DirectConnect between EC2 and S3
- D . Use EBS PIOPS on the local volume
When attached to an Amazon VPC, which two components provide connectivity with external networks? (Choose two.)
- A . Elastic IPS (EIP)
- B . NAT Gateway (NAT)
- C . Internet Gateway {IGW)
- D . Virtual Private Gateway (VGW)
Your application currently leverages AWS Auto Scaling to grow and shrink as load Increases/decreases and has been performing well. Your marketing team expects a steady ramp up in traffic to follow an upcoming campaign that will result in a 20x growth in traffic over 4 weeks. Your forecast for the approximate number of Amazon EC2 instances necessary to meet the peak demand is 175.
What should you do to avoid potential service disruptions during the ramp up in traffic?
- A . Ensure that you have pre-allocated 175 Elastic IP addresses so that each server will be able to obtain one as it launches
- B . Check the service limits in Trusted Advisor and adjust as necessary so the forecasted count remains within limits.
- C . Change your Auto Scaling configuration to set a desired capacity of 175 prior to the launch of the marketing campaign
- D . Pre-warm your Elastic Load Balancer to match the requests per second anticipated during peak demand prior to the marketing campaign
You have an Auto Scaling group associated with an Elastic Load Balancer (ELB). You have noticed that instances launched via the Auto Scaling group are being marked unhealthy due to an ELB health check, but these unhealthy instances are not being terminated.
What do you need to do to ensure trial instances marked unhealthy by the ELB will be terminated and replaced?
- A . Change the thresholds set on the Auto Scaling group health check
- B . Add an Elastic Load Balancing health check to your Auto Scaling group
- C . Increase the value for the Health check interval set on the Elastic Load Balancer
- D . Change the health check set on the Elastic Load Balancer to use TCP rather than HTTP checks
Which two AWS services provide out-of-the-box user configurable automatic backup-as-a-service and backup rotation options? (Choose two.)
- A . Amazon S3
- B . Amazon RDS
- C . Amazon EBS
- D . Amazon Red shift
An organization has configured a VPC with an Internet Gateway (IGW). pairs of public and private subnets (each with one subnet per Availability Zone), and an Elastic Load Balancer (ELB) configured to use the public subnets. The application s web tier leverages the ELB. Auto Scaling and a mum-AZ RDS database instance The organization would like to eliminate any potential single points ft failure in this design.
What step should you take to achieve this organization’s objective?
- A . Nothing, there are no single points of failure in this architecture.
- B . Create and attach a second IGW to provide redundant internet connectivity.
- C . Create and configure a second Elastic Load Balancer to provide a redundant load balancer.
- D . Create a second multi-AZ RDS instance in another Availability Zone and configure replication to provide a redundant database.
Latest AWS-SysOps Dumps Valid Version with 853 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Great