[Full Version] AWS-SysOps Exam Questions Free Download From Lead2pass (101-120)

2017 February Amazon Official New Released AWS-SysOps Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

Lead2pass AWS-SysOps latest updated braindumps including all new added AWS-SysOps exam questions from exam center which guarantees you can 100% success AWS-SysOps exam in your first try!

Following questions and answers are all new published by Amazon Official Exam Center: http://www.lead2pass.com/aws-sysops.html

QUESTION 101
A user has setup Auto Scaling with ELB on the EC2 instances.
The user wants to configure that whenever the CPU utilization is below 10%, Auto Scaling should remove one instance.
How can the user configure this?

A.    The user can get an email using SNS when the CPU utilization is less than 10%.
The user can use the desired capacity of Auto Scaling to remove the instance
B.    Use CloudWatch to monitor the data and Auto Scaling to remove the instances using
scheduled actions
C.    Configure CloudWatch to send a notification to Auto Scaling Launch configuration when the
CPU utilization is less than 10% and configure the Auto Scaling policy to remove the
instance
D.    Configure CloudWatch to send a notification to the Auto Scaling group when the CPU
Utilization is less than 10% and configure the Auto Scaling policy to remove the instance

Answer: D
Explanation:
Amazon CloudWatch alarms watch a single metric over a time period that the user specifies and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. The user can setup to receive a notification on the Auto Scaling group with the CloudWatch alarm when the CPU utilization is below a certain threshold. The user can configure the Auto Scaling policy to take action for removing the instance. When the CPU utilization is below 10% CloudWatch will send an alarm to the Auto Scaling group to execute the policy.

QUESTION 102
A customer is using AWS for Dev and Test.
The customer wants to setup the Dev environment with Cloudformation.
Which of the below mentioned steps are not required while using Cloudformation?

A.    Create a stack
B.    Configure a service
C.    Create and upload the template
D.    Provide the parameters configured as part of the template

Answer: B
Explanation:
AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and related activities. AWS CloudFormation introduces two concepts: the template and the stack. The template is a JSON-format, text-based file that describes all the AWS resources required to deploy and run an application. The stack is a collection of AWS resources which are created and managed as a single unit when AWS CloudFormation instantiates a template. While creating a stack, the user uploads the template and provides the data for the parameters if required.

QUESTION 103
A user is planning to setup infrastructure on AWS for the Christmas sales.
The user is planning to use Auto Scaling based on the schedule for proactive scaling.
What advise would you give to the user?

A.    It is good to schedule now because if the user forgets later on it will not scale up
B.    The scaling should be setup only one week before Christmas
C.    Wait till end of November before scheduling the activity
D.    It is not advisable to use scheduled based scaling

Answer: C
Explanation:
Auto Scaling based on a schedule allows the user to scale the application in response to predictable load changes. The user can specify any date in the future to scale up or down during that period. As per Auto Scaling the user can schedule an action for up to a month in the future. Thus, it is recommended to wait until end of November before scheduling for Christmas.

QUESTION 104
An organization is planning to use AWS for their production roll out.
The organization wants to implement automation for deployment such that it will automatically create a LAMP stack, download the latest PHP installable from S3 and setup the ELB.
Which of the below mentioned AWS services meets the requirement for making an orderly deployment of the software?

A.    AWS Elastic Beanstalk
B.    AWS Cloudfront
C.    AWS Cloudformation
D.    AWS DevOps

Answer: C
Explanation:
AWS Cloudformation is an application management tool which provides application modelling, deployment, configuration, management and related activities. Cloudformation provides an easy way to create and delete the collection of related AWS resources and provision them in an orderly way. AWS CloudFormation automates and simplifies the task of repeatedly and predictably creating groups of related resources that power the user’s applications. AWS Cloudfront is a CDN; Elastic Beanstalk does quite a few of the required tasks. However, it is a PAAS which uses a ready AMI. AWS Elastic Beanstalk provides an environment to easily develop and run applications in the cloud.

QUESTION 105
You are building an online store on AWS that uses SQS to process your customer orders.
Your backend system needs those messages in the same sequence the customer orders have been put in.
How can you achieve that?

A.    It is not possible to do this with SQS
B.    You can use sequencing information on each message
C.    You can do this with SQS but you also need to use SWF
D.    Messages will arrive in the same order by default

Answer: B
Explanation:
Amazon SQS makes a best effort to preserve order in messages, but due to the distributed nature of the queue, we cannot guarantee that you will receive messages in the exact order you sent them. You typically place sequencing information or timestamps in your messages so that you can reorder them upon receipt.

QUESTION 106
A user is trying to connect to a running EC2 instance using SSH.
However, the user gets a connection time out error.
Which of the below mentioned options is not a possible reason for rejection?

A.    The access key to connect to the instance is wrong
B.    The security group is not configured properly
C.    The private key used to launch the instance is not correct
D.    The instance CPU is heavily loaded

Answer: A
Explanation:
If the user is trying to connect to a Linux EC2 instance and receives the connection time out error the probable reasons are:
Security group is not configured with the SSH port
The private key pair is not right
The user name to login is wrong
The instance CPU is heavily loaded, so it does not allow more connections

QUESTION 107
An organization has setup consolidated billing with 3 different AWS accounts.
Which of the below mentioned advantages will organization receive in terms of the AWS pricing?

A.    The consolidated billing does not bring any cost advantage for the organization
B.    All AWS accounts will be charged for S3 storage by combining the total storage of each
account
C.    The EC2 instances of each account will receive a total of 750*3 micro instance hours free
D.    The free usage tier for all the 3 accounts will be 3 years and not a single year

Answer: B
Explanation:
AWS consolidated billing enables the organization to consolidate payments for multiple Amazon Web Services (AWS. accounts within a single organization by making a single paying account. For billing purposes, AWS treats all the accounts on the consolidated bill as one account. Some services, such as Amazon EC2 and Amazon S3 have volume pricing tiers across certain usage dimensions that give the user lower prices when he uses the service more.

QUESTION 108
A user has configured Elastic Load Balancing by enabling a Secure Socket Layer (SSL. negotiation configuration known as a Security Policy.
Which of the below mentioned options is not part of this secure policy while negotiating the SSL connection between the user and the client?

A.    SSL Protocols
B.    Client Order Preference
C.    SSL Ciphers
D.    Server Order Preference

Answer: B
Explanation:
Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. A security policy is a combination of SSL Protocols, SSL Ciphers, and the Server Order Preference option.

QUESTION 109
A user has recently started using EC2.
The user launched one EC2 instance in the default subnet in EC2-VPC.
Which of the below mentioned options is not attached or available with the EC2 instance when it is launched?

A.    Public IP address
B.    Internet gateway
C.    Elastic IP
D.    Private IP address

Answer: C
Explanation:
A Virtual Private Cloud (VPC. is a virtual network dedicated to a user’s AWS account.
A subnet is a range of IP addresses in the VPC. The user can launch the AWS resources into a subnet. There are two supported platforms into which a user can launch instances: EC2-Classic and EC2-VPC (default subnet.. A default VPC has all the benefits of EC2-VPC and the ease of use of EC2-Classic. Each instance that the user launches into a default subnet has a private IP address and a public IP address. These instances can communicate with the internet through an internet gateway. An internet gateway enables the EC2 instances to connect to the internet through the Amazon EC2 network edge.

QUESTION 110
A user has created a VPC with CIDR 20.0.0.0/16 using the wizard.
The user has created a public subnet CIDR (20.0.0.0/24. and VPN only subnets CIDR (20.0.1.0/24. along with the VPN gateway (vgw-12345. to connect to the user’s data centre. Which of the below mentioned options is a valid entry for the main route table in this scenario?

A.    Destination: 20.0.0.0/24 and Target: vgw-12345
B.    Destination: 20.0.0.0/16 and Target: ALL
C.    Destination: 20.0.1.0/16 and Target: vgw-12345
D.    Destination: 0.0.0.0/0 and Target: vgw-12345

Answer: D
Explanation:
The main route table came with the VPC, and it also has a route for the VPN-only subnet. A custom route table is associated with the public subnet. The custom route table has a route over the Internet gateway (the destination is 0.0.0.0/0, and the target is the Internet gateway).
If you create a new subnet in this VPC, it’s automatically associated with the main route table, which routes its traffic to the virtual private gateway. If you were to set up the reverse configuration (the main route table with the route to the Internet gateway, and the custom route table with the route to the virtual private gateway), then a new subnet automatically has a route to the Internet gateway.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html

QUESTION 111
A user has created a VPC with a public subnet.
The user has terminated all the instances which are part of the subnet.
Which of the below mentioned statements is true with respect to this scenario?

A.    The user cannot delete the VPC since the subnet is not deleted
B.    All network interface attached with the instances will be deleted
C.    When the user launches a new instance it cannot use the same subnet
D.    The subnet to which the instances were launched with will be deleted

Answer: B
Explanation:
A Virtual Private Cloud (VPC. is a virtual network dedicated to the user’s AWS account. A user can create a subnet with VPC and launch instances inside that subnet. When an instance is launched it will have a network interface attached with it. The user cannot delete the subnet until he terminates the instance and deletes the network interface. When the user terminates the instance all the network interfaces attached with it are also deleted.

QUESTION 112
A user is using the AWS EC2.
The user wants to make so that when there is an issue in the EC2 server, such as instance status failed, it should start a new instance in the user’s private cloud.
Which AWS service helps to achieve this automation?

A.    AWS CloudWatch + Cloudformation
B.    AWS CloudWatch + AWS AutoScaling + AWS ELB
C.    AWS CloudWatch + AWS VPC
D.    AWS CloudWatch + AWS SNS

Answer: D
Explanation:
Amazon SNS can deliver notifications by SMS text message or email to the Amazon Simple Queue Service (SQS. queues or to any HTTP endpoint. The user can configure a web service (HTTP End point. in his data centre which receives data and launches an instance in the private cloud. The user should configure the CloudWatch alarm to send a notification to SNS when the “StatusCheckFailed” metric is true for the EC2 instance. The SNS topic can be configured to send a notification to the user’s HTTP end point which launches an instance in the private cloud.

QUESTION 113
A user is trying to connect to a running EC2 instance using SSH.
However, the user gets an Unprotected Private Key File error.
Which of the below mentioned options can be a possible reason for rejection?

A.    The private key file has the wrong file permission
B.    The ppk file used for SSH is read only
C.    The public key file has the wrong permission
D.    The user has provided the wrong user name for the OS login

Answer: A
Explanation:
While doing SSH to an EC2 instance, if you get an Unprotected Private Key File error it means that the private key file’s permissions on your computer are too open. Ideally the private key should have the Unix permission of 0400. To fix that, run the command:

chmod 0400/path/to/private.key

QUESTION 114
A user has launched an EC2 instance from an instance store backed AMI.
If the user restarts the instance, what will happen to the ephermal storage data?

A.    All the data will be erased but the ephermal storage will stay connected
B.    All data will be erased and the ephermal storage is released
C.    It is not possible to restart an instance launched from an instance store backed AMI
D.    The data is preserved

Answer: D
Explanation:
A user can reboot an EC2 instance using the AWS console, the Amazon EC2 CLI or the Amazon EC2 API. Rebooting an instance is equivalent to rebooting an operating system. However, it is recommended that the user use Amazon EC2 to reboot the instance instead of running the operating system reboot command from the instance. When an instance launched from an instance store backed AMI is rebooted all the ephermal storage data is still preserved.

QUESTION 115
An organization has created one IAM user and applied the below mentioned policy to the user. What entitlements do the IAM users avail with this policy?

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: “ec2:Describe*”,
“Resource”: “*”
},
{
“Effect”: “Allow”
“Action”: [
“cloudwatch:ListMetrics”,
“cloudwatch:GetMetricStatistics”,
“cloudwatch:Describe*”
],
“Resource”: “*”
},
{
“Effect”: “Allow”,
“Action”: “autoscaling:Describe*”,
“Resource”: “*”
}
]
}

A.    The policy will allow the user to perform all read only activities on the EC2 services
B.    The policy will allow the user to list all the EC2 resources except EBS
C.    The policy will allow the user to perform all read and write activities on the EC2 services
D.    The policy will allow the user to perform all read only activities on the EC2 services except
load Balancing

Answer: D
Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If an organization wants to setup read only access to EC2 for a particular user, they should mention the action in the IAM policy which entitles the user for Describe rights for EC2, CloudWatch, Auto Scaling and ELB. In the policy shown below, the user will have read only access for EC2 and EBS, CloudWatch and Auto Scaling. Since ELB is not mentioned as a part of the list, the user will not have access to ELB.

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: “ec2:Describe*”,
“Resource”: “*”
},
{
“Effect”: “Allow”,
“Action”: [
“cloudwatch:ListMetrics”,
“cloudwatch:GetMetricStatistics”,
“cloudwatch:Describe*”
],
“Resource”: “*”
},
{
“Effect”: “Allow”,
“Action”: “autoscaling:Describe*”,
“Resource”: “*”
}
]
}

QUESTION 116
A user has deployed an application on an EBS backed EC2 instance.
For a better performance of application, it requires dedicated EC2 to EBS traffic.
How can the user achieve this?

A.    Launch the EC2 instance as EBS dedicated with PIOPS EBS
B.    Launch the EC2 instance as EBS enhanced with PIOPS EBS
C.    Launch the EC2 instance as EBS dedicated with PIOPS EBS
D.    Launch the EC2 instance as EBS optimized with PIOPS EBS

Answer: D
Explanation:
Any application which has performance sensitive workloads and requires minimal variability with dedicated EC2 to EBS traffic should use provisioned IOPS EBS volumes, which are attached to an EBS-optimized EC2 instance or it should use an instance with 10 Gigabit network connectivity. Launching an instance that is EBSoptimized provides the user with a dedicated connection between the EC2 instance and the EBS volume.

QUESTION 117
A system admin wants to add more zones to the existing ELB.
The system admin wants to perform this activity from CLI.
Which of the below mentioned command helps the system admin to add new zones to the existing ELB?

A.    elb-enable-zones-for-lb
B.    elb-add-zones-for-lb
C.    It is not possible to add more zones to the existing ELB
D.    elb-configure-zones-for-lb

Answer: A
Explanation:
The user has created an Elastic Load Balancer with the availability zone and wants to add more zones to the existing ELB. The user can do so in two ways: From the console or CLI, add new zones to ELB;

QUESTION 118
A user runs the command “dd if=/dev/xvdf of=/dev/null bs=1M” on an EBS volume created from a snapshot and attached to a Linux instance.
Which of the below mentioned activities is the user performing with the step given above?

A.    Pre warming the EBS volume
B.    Initiating the device to mount on the EBS volume
C.    Formatting the volume
D.    Copying the data from a snapshot to the device

Answer: A
Explanation:
When the user creates an EBS volume and is trying to access it for the first time it will encounter reduced IOPS due to wiping or initiating of the block storage. To avoid this as well as achieve the best performance it is required to pre warm the EBS volume. For a volume created from a snapshot and attached with a Linux OS, the “dd” command pre warms the existing data on EBS and any restored snapshots of volumes that have been previously fully pre warmed. This command maintains incremental snapshots; however, because this operation is read-only, it does not pre warm unused space that has never been written to on the original volume. In the command “dd if=/dev/xvdf of=/dev/null bs=1M” , the parameter “if=input file” should be set to the drive that the user wishes to warm. The “of=output file” parameter should be set to the Linux null virtual device,/dev/null. The “bs” parameter sets the block size of the read operation; for optimal performance, this should be set to 1 MB.

QUESTION 119
A user is trying to launch an EBS backed EC2 instance under free usage.
The user wants to achieve encryption of the EBS volume.
How can the user encrypt the data at rest?

A.    Use AWS EBS encryption to encrypt the data at rest
B.    The user cannot use EBS encryption and has to encrypt the data manually or using a third
party tool
C.    The user has to select the encryption enabled flag while launching the EC2 instance
D.    Encryption of volume is not available as a part of the free usage tier

Answer: B
Explanation:
AWS EBS supports encryption of the volume while creating new volumes. It supports encryption of the data at rest, the I/O as well as all the snapshots of the EBS volume. The EBS supports encryption for the selected instance type and the newer generation instances, such as m3, c3, cr1, r3, g2. It is not supported with a micro instance.

QUESTION 120
A user has launched a Windows based EC2 instance.
However, the instance has some issues and the user wants to check the log.
When the user checks the Instance console output from the AWS console, what will it display?

A.    All the event logs since instance boot
B.    The last 10 system event log error
C.    The Windows instance does not support the console output
D.    The last three system events’ log errors

Answer: D
Explanation:
The AWS EC2 console provides a useful tool called Console output for problem diagnosis. It is useful to find out any kernel issues, termination reasons or service configuration issues. For a Windows instance it lists the last three system event log errors. For Linux it displays the exact console output.

Lead2pass regular updates of Amazon AWS-SysOps dumps, with accurate answers, keeps the members one step ahead in the real AWS-SysOps exam. The experts with more than 10 years experience in Certification Field work with us.

AWS-SysOps new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDekE1aUpSVGNHbWM

2017 Amazon AWS-SysOps exam dumps (All 332 Q&As) from Lead2pass:

http://www.lead2pass.com/aws-sysops.html [100% Exam Pass Guaranteed]

You may also like