Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Amazon AWS-SysOps

Amazon AWS-SysOps Exam Practice Questions (P. 1)

  • Full Access (932 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
You are currently hosting multiple applications in a VPC and have logged numerous port scans coming in from a specific IP address block. Your security team has requested that all access from the offending IP address block be denied for the next 24 hours.
Which of the following is the best method to quickly and temporarily deny access from the specified IP address block?
  1. A
    Create an AD policy to modify Windows Firewall settings on all hosts in the VPC to deny access from the IP address block
  2. B
    Modify the Network ACLs associated with all public subnets in the VPC to deny access from the IP address block
  3. C
    Add a rule to all of the VPC 5 Security Groups to deny access from the IP address block
  4. D
    Modify the Windows Firewall settings on all Amazon Machine Images (AMIs) that your organization uses in that VPC to deny access from the IP address block

Correct Answer:
B
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html

Question #2
When preparing for a compliance assessment of your system built inside of AWS. what are three best-practices for you to prepare for an audit? (Choose three.)
  1. A
    Gather evidence of your IT operational controls
  2. B
    Request and obtain applicable third-party audited AWS compliance reports and certifications
  3. C
    Request and obtain a compliance and security tour of an AWS data center for a pre-assessment security review
  4. D
    Request and obtain approval from AWS to perform relevant network scans and in-depth penetration tests of your system's Instances and endpoints
  5. E
    Schedule meetings with AWS's third-party auditors to provide evidence of AWS compliance that maps to your control objectives

Correct Answer:
ABD

Question #3
You have started a new job and are reviewing your company's infrastructure on AWS You notice one web application where they have an Elastic Load Balancer
(&B) in front of web instances in an Auto Scaling Group When you check the metrics for the ELB in CloudWatch you see four healthy instances in Availability Zone
(AZ) A and zero in AZ B There are zero unhealthy instances.
What do you need to fix to balance the instances across AZs?
  1. A
    Set the ELB to only be attached to another AZ
  2. B
    Make sure Auto Scaling is configured to launch in both AZs
  3. C
    Make sure your AMI is available in both AZs
  4. D
    Make sure the maximum size of the Auto Scaling Group is greater than 4

Correct Answer:
B

Question #4
You have been asked to leverage Amazon VPC BC2 and SOS to implement an application that submits and receives millions of messages per second to a message queue. You want to ensure your application has sufficient bandwidth between your EC2 instances and SQS.
Which option will provide the most scalable solution for communicating between the application and SQS?
  1. A
    Ensure the application instances are properly configured with an Elastic Load Balancer
  2. B
    Ensure the application instances are launched in private subnets with the EBS-optimized option enabled
  3. C
    Ensure the application instances are launched in public subnets with the associate-public-IP-address=true option enabled
  4. D
    Launch application instances in private subnets with an Auto Scaling group and Auto Scaling triggers configured to watch the SQS queue size

Correct Answer:
D
Bandwidth literally means network not IO Bandwidth. Having alerts to scale the Autoscaling is most sophisticated option.

Question #5
You have identified network throughput as a bottleneck on your m1.small EC2 instance when uploading data Into Amazon S3 In the same region.
How do you remedy this situation?
  1. A
    Add an additional ENI
  2. B
    Change to a larger Instance
  3. C
    Use DirectConnect between EC2 and S3
  4. D
    Use EBS PIOPS on the local volume

Correct Answer:
B
Reference:
https://media.amazonwebservices.com/AWS_Amazon_EMR_Best_Practices.pdf

Question #6
When attached to an Amazon VPC, which two components provide connectivity with external networks? (Choose two.)
  1. A
    Elastic IPS (EIP)
  2. B
    NAT Gateway (NAT)
  3. C
    Internet Gateway {IGW)
  4. D
    Virtual Private Gateway (VGW)

Correct Answer:
CD

Question #7
Your application currently leverages AWS Auto Scaling to grow and shrink as load Increases/ decreases and has been performing well. Your marketing team expects a steady ramp up in traffic to follow an upcoming campaign that will result in a 20x growth in traffic over 4 weeks. Your forecast for the approximate number of Amazon EC2 instances necessary to meet the peak demand is 175.
What should you do to avoid potential service disruptions during the ramp up in traffic?
  1. A
    Ensure that you have pre-allocated 175 Elastic IP addresses so that each server will be able to obtain one as it launches
  2. B
    Check the service limits in Trusted Advisor and adjust as necessary so the forecasted count remains within limits.
  3. C
    Change your Auto Scaling configuration to set a desired capacity of 175 prior to the launch of the marketing campaign
  4. D
    Pre-warm your Elastic Load Balancer to match the requests per second anticipated during peak demand prior to the marketing campaign

Correct Answer:
D
Amazon ELB is able to handle the vast majority of use cases for our customers without requiring ג€pre-warmingג€ (configuring the load balancer to have the appropriate level of capacity based on expected traffic).
Reference:
https://aws.amazon.com/articles/1636185810492479#pre-warming

Question #8
You have an Auto Scaling group associated with an Elastic Load Balancer (ELB). You have noticed that instances launched via the Auto Scaling group are being marked unhealthy due to an ELB health check, but these unhealthy instances are not being terminated.
What do you need to do to ensure trial instances marked unhealthy by the ELB will be terminated and replaced?
  1. A
    Change the thresholds set on the Auto Scaling group health check
  2. B
    Add an Elastic Load Balancing health check to your Auto Scaling group
  3. C
    Increase the value for the Health check interval set on the Elastic Load Balancer
  4. D
    Change the health check set on the Elastic Load Balancer to use TCP rather than HTTP checks

Correct Answer:
A

Question #9
Which two AWS services provide out-of-the-box user configurable automatic backup-as-a-service and backup rotation options? (Choose two.)
  1. A
    Amazon S3
  2. B
    Amazon RDS
  3. C
    Amazon EBS
  4. D
    Amazon Red shift

Correct Answer:
BD
By default, and at no additional charge, Amazon RDS enables automated backups of your DB Instance with a 1-day retention period.
By default, Amazon Redshift enables automated backups of your data warehouse cluster with a 1-day retention period.

Question #10
An organization has configured a VPC with an Internet Gateway (IGW). pairs of public and private subnets (each with one subnet per Availability Zone), and an
Elastic Load Balancer (ELB) configured to use the public subnets. The application s web tier leverages the ELB. Auto Scaling and a mum-AZ RDS database instance The organization would like to eliminate any potential single points ft failure in this design.
What step should you take to achieve this organization's objective?
  1. A
    Nothing, there are no single points of failure in this architecture.
  2. B
    Create and attach a second IGW to provide redundant internet connectivity.
  3. C
    Create and configure a second Elastic Load Balancer to provide a redundant load balancer.
  4. D
    Create a second multi-AZ RDS instance in another Availability Zone and configure replication to provide a redundant database.

Correct Answer:
A
You need multiple ELB if you want HA across regions.
ג€AWS Load Balancer ג€"Cross Network
Many times it happens that after setting up your ELB, you experience significant drops in your performance. The best way to handle this situation is to start with identifying whether your ELB is single AZ or multiple AZ, as single AZ ELB is also considered as one of the Single Points of Failures on AWS Cloud. Once you identify your ELB, it is necessary to make sure ELB loads are kept cross regions.ג€
Reference:
https://www.botmetric.com/blog/eliminating-single-points-of-failures-on-aws-cloud/

Next Questions

All Pages