Pass4sure sysops aws Questions are updated and all aws sysops exam questions answers are verified by experts. Once you have completely prepared with our aws sysops exam exam prep kits you will be ready for the real aws sysops training exam without a problem. We have Update Amazon aws sysops certification dumps study guide. PASSED sysops aws First attempt! Here What I Did.
2017 NEW RECOMMEND
Free VCE & PDF File for Amazon AWS-SysOps Real Exam
Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions
Q111. – (Topic 2)
A user has enabled detailed CloudWatch metric monitoring on an Auto Scaling group. Which of the below
mentioned metrics will help the user identify the total number of instances in an Auto Scaling group cluding pending, terminating and running instances?
C. It is not possible to get a count of all the three metrics together. The user has to find the individual number of running, terminating and pending instances and sum it
CloudWatch is used to monitor AWS as well as the custom services. For Auto Scaling, CloudWatch provides various metrics to get the group information, such as the Number of Pending, Running or Terminating instances at any moment. If the user wants to get the total number of Running, Pending and Terminating instances at any moment, he can use the GroupTotalInstances metric.
Q112. – (Topic 3)
A user is planning to set up the Multi AZ feature of RDS. Which of the below mentioned conditions won't take advantage of the Multi AZ feature?
A. Availability zone outage
B. A manual failover of the DB instance using Reboot with failover option
C. Region outage
D. When the user changes the DB instanceâs server type
Amazon RDS when enabled with Multi AZ will handle failovers automatically. Thus, the user can resume database operations as quickly as possible without administrative intervention. The primary DB instance switches over automatically to the standby replica if any of the following conditions occur: An Availability Zone outage The primary DB instance fails The DB instance's server type is changed The DB instance is undergoing software patching A manual failover of the DB instance was initiated using Reboot with failover
Q113. – (Topic 2)
A user has setup a billing alarm using CloudWatch for $200. The usage of AWS exceeded $200 after some days. The user wants to increase the limit from $200 to $400? What should the user do?
A. Create a new alarm of $400 and link it with the first alarm
B. It is not possible to modify the alarm once it has crossed the usage limit
C. Update the alarm to set the limit at $400 instead of $200
D. Create a new alarm for the additional $200 amount
AWS CloudWatch supports enabling the billing alarm on the total AWS charges. The estimated charges are calculated and sent several times daily to CloudWatch in the form of metric data. This data will be stored for 14 days. This data also includes the estimated charges for every service in AWS used by the user, as well as the estimated overall AWS charges. If the user wants to increase the limit, the user can modify the alarm and specify a new threshold.
Q114. – (Topic 1)
A customer has a web application that uses cookie Based sessions to track logged in users It Is deployed on AWS using ELB and Auto Scaling The customer observes that when load increases. Auto Scaling launches new Instances but the load on the easting Instances does not decrease, causing all existing users to have a sluggish experience.
Which two answer choices independently describe a behavior that could be the cause of the sluggish user experience? Choose 2 answers
A. ELB's normal behavior sends requests from the same user to the same backend instance
B. ELB's behavior when sticky sessions are enabled causes ELB to send requests in the same session to the same backend instance
C. A faulty browser is not honoring the TTL of the ELB DNS name.
D. The web application uses long polling such as comet or websockets. Thereby keeping a connection open to a web server tor a long time
E. The web application uses long polling such as comet or websockets. Thereby keeping a connection open to a web server for a long time.
Q115. – (Topic 3)
A user has created a VPC with a subnet and a security group. The user has launched an instance in that
subnet and attached a public IP. The user is still unable to connect to the instance. The internet gateway has also been created. What can be the reason for the error?
A. The internet gateway is not configured with the route table
B. The private IP is not present
C. The outbound traffic on the security group is disabled
D. The internet gateway is not configured with the security group
A Virtual Private Cloud (VPC. is a virtual network dedicated to the userâs AWS account. AWS provides two features the user can use to increase security in VPC: security groups and network ACLs. Security groups work at the instance level. When a user launches an instance and wants to connect to an instance, he needs an internet gateway. The internet gateway should be configured with the route table to allow traffic from the internet.
Q116. A user has deployed an application on his private cloud. The user is using his own monitoring tool. He wants to configure that whenever there is an error, the monitoring tool should notify him via SMS. Which of the below mentioned AWS services will help in this scenario?
A. None because the user infrastructure is in the private cloud/
B. AWS SNS
C. AWS SES
D. AWS SMS
Amazon Simple Notification Service (Amazon SNS. is a fast, flexible, and fully managed push messaging service. Amazon SNS can be used to make push notifications to mobile
devices. Amazon SNS can deliver notifications by SMS text message or email to the Amazon Simple Queue Service (SQS. queues or to any HTTP endpoint. In this case user can use the SNS apis to send SMS.
Q117. – (Topic 3)
An organization has setup multiple IAM users. The organization wants that each IAM user accesses the IAM console only within the organization and not from outside. How can it achieve this?
A. Create an IAM policy with the security group and use that security group for AWS console login
B. Create an IAM policy with a condition which denies access when the IP address range is not from the organization
C. Configure the EC2 instance security group which allows traffic only from the organizationâs IP range
D. Create an IAM policy with VPC and allow a secure gateway between the organization and AWS Console
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. The user can add conditions as a part of the IAM policies. The condition can be set on AWS Tags, Time, and Client IP as well as on many other parameters. If the organization wants the user to access only from a specific IP range, they should set an IAM policy condition which denies access when the IP is not in a certain range. E.g. The sample policy given below denies all traffic when the IP is not in a certain range.
"aws:SourceIp": ["10.10.10.0/24", "188.8.131.52/24"]
Q118. – (Topic 3)
Which of the below mentioned AWS RDS logs cannot be viewed from the console for MySQL?
A. Error Log
B. Slow Query Log
C. Transaction Log
D. General Log
The user can view, download, and watch the database logs using the Amazon RDS console, the Command Line Interface (CLI., or the Amazon RDS API. For the MySQL RDS, the user can view the error log, slow querylog, and general logs. RDS does not support viewing the transaction logs.
Q119. – (Topic 2)
A user is trying to connect to a running EC2 instance using SSH. However, the user gets a connection time out error. Which of the below mentioned options is not a possible reason for rejection?
A. The access key to connect to the instance is wrong
B. The security group is not configured properly
C. The private key used to launch the instance is not correct
D. The instance CPU is heavily loaded
If the user is trying to connect to a Linux EC2 instance and receives the connection time out error the probable reasons are: Security group is not configured with the SSH port The private key pair is not right The user name to login is wrong The instance CPU is heavily loaded, so it does not allow more connections
Q120. – (Topic 3)
A user is trying to setup a security policy for ELB. The user wants ELB to meet the cipher supported by the client by configuring the server order preference in ELB security policy. Which of the below mentioned
preconfigured policies supports this feature?
A. ELBSecurity Policy-2014-01
B. ELBSecurity Policy-2011-08
C. ELBDefault Negotiation Policy
D. ELBSample- OpenSSLDefault Cipher Policy
Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. If the load balancer is configured to support the Server Order Preference, then the load balancer gets to select the first cipher in its list that matches any one of the ciphers in the client's list. When the user verifies the preconfigured policies supported by ELB, the policy âELBSecurity Policy-2014-01â supports server order preference.