https://www.certbus.com/AWS-SysOps.

html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

Vendor:
Exam Code: AWS-SYSOPS
Exam Name: AWS Certified SysOps Administrator – Associate
Q&As: 324

CertBus 2018 Latest AWS-SYSOPS AWS Certified SysOps

Administrator – Associate Exam VCE and PDF Dumps for
Free Download!

CertBus AWS-SYSOPS Questions and Answers are all new published

by Official Exam Center : 324 QAs

>>> Instant Download AWS-SYSOPS Real QAs (PDF and VCE) test dump from:

https://www.certbus.com/AWS-SysOps.html

>>> Free View Online PDF to Test AWS-SYSOPS exam:

https://www.certbus.com/online-pdf/AWS-SysOps.pdf

>>> Download AWS-SYSOPS PDF or VCE test dumps from [Google Drive] :

https://drive.google.com/file/d/0B_3QX8HGRR1mTkNFTk5SQmdQZXM/view?usp=
sharing

100% Pass AWS-SYSOPS Exam Guaranteed or Money

Refund!!!

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 1/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

QUESTION 1

A user is planning to scale up an application by 8 AM and scale down by 7 PM daily using Auto Scaling. What should
the user do in this case?

A. Setup the scaling policy to scale up and down based on the CloudWatch alarms

B. The user should increase the desired capacity at 8 AM and decrease it by 7 PM manually

C. The user should setup a batch process which launches the EC2 instance at a specific time

D. Setup scheduled actions to scale up or down at a specific time

Correct Answer: A

Explanation/Reference:

Auto Scaling based on a schedule allows the user to scale the application in response to predictable load

changes. To configure the Auto Scaling group to scale based on a schedule, the user n

QUESTION 2

A user has setup Auto Scaling with ELB on the EC2 instances. The user wants to configure that whenever the CPU
utilization is below 10%, Auto Scaling should

remove one instance.

How can the user configure this?

A. The user can get an email using SNS when the CPU utilization is less than 10%. The user can use the desired
capacity of Auto Scaling to remove the instance

B. Use CloudWatch to monitor the data and Auto Scaling to remove the instances using scheduled actions

C. Configure CloudWatch to send a notification to Auto Scaling Launch configuration when the CPU utilization is less
than 10% and configure the Auto Scaling policy to remove the instance

D. Configure CloudWatch to send a notification to the Auto Scaling group when the CPU Utilization is less than 10% and
configure the Auto Scaling policy to remove the instance

Correct Answer: D

Explanation/Reference:

Amazon CloudWatch alarms watch a single metric over a time period that the user specifies and performs one or more
actions based on the value of the metric relative to a given threshold over a number

QUESTION 3

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 2/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

A sysadmin has created the below mentioned policy on an S3 bucket named cloudacademy. What does this policy
define?

andquot;Statementandquot;: [{

andquot;Sidandquot;: andquot;Stmt1388811069831andquot;,

andquot;Effectandquot;: andquot;Allowandquot;,

andquot;Principalandquot;: { andquot;AWSandquot;: andquot;*andquot;},

andquot;Actionandquot;: [ andquot;s3:GetObjectAclandquot;, andquot;s3:ListBucketandquot;],

andquot;Resourceandquot;: [ andquot;arn:aws:s3:::cloudacademy]

}]

A. It will make the cloudacademy bucket as well as all its objects as public

B. It will allow everyone to view the ACL of the bucket

C. It will give an error as no object is defined as part of the policy while the action defines the rule about the object

D. It will make the cloudacademy bucket as public

Correct Answer: D

Explanation/Reference:

A sysadmin can grant permission to the S3 objects or the buckets to any user or make objects public using the bucket
policy and user policy. Both use the JSON-

based access policy language. Ge

QUESTION 4

A user has created a VPC with CIDR 20.0.0.0/24. The user has created a public subnet with CIDR 20.0.0.0/25. The
user is trying to create the private subnet with CIDR 20.0.0.128/25. Which of the below mentioned statements is true in
this scenario?

A. It will not allow the user to create the private subnet due to a CIDR overlap

B. It will allow the user to create a private subnet with CIDR as 20.0.0.128/25

C. This statement is wrong as AWS does not allow CIDR 20.0.0.0/25

D. It will not allow the user to create a private subnet due to a wrong CIDR range

Correct Answer: B

Explanation/Reference:

When the user creates a subnet in VPC, he specifies the CIDR block for the subnet. The CIDR block of a subnet can be
the same as the CIDR block for the VPC (for a single subnet in the VPC., or a subs

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 3/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

QUESTION 5

Your entire AWS infrastructure lives inside of one Amazon VPC You have an Infrastructure monitoring application
running on an Amazon instance in Availability Zone (AZ) A of the region, and another application instance running in AZ
B. The monitoring application needs to make use of ICMP ping to confirm network reachability of the instance hosting
the application.

Can you configure the security groups for these instances to only allow the ICMP ping to pass from the monitoring
instance to the application instance and nothing else\'\' If so how?

A. No Two instances in two different AZ\'s can\'t talk directly to each other via ICMP ping as that protocol is not allowed
across subnet (iebroadcast) boundaries

B. Yes Both the monitoring instance and the application instance have to be a part of the same security group, and that
security group needs to allow inbound ICMP

C. Yes, The security group for the monitoring instance needs to allow outbound ICMP and the application instance\'s
security group needs to allow Inbound ICMP

D. Yes, Both the monitoring instance\'s security group and the application instance\'s security group need to allow both
inbound and outbound ICMP ping packets since ICMP is not a connection-oriented protocol

Correct Answer: D

QUESTION 6

A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB.
During a planned outage how will AWS ensure that a switch from DB to a standby replica will not affect access to the
application?

A. RDS will have an internal IP which will redirect all requests to the new DB

B. RDS uses DNS to switch over to stand by replica for seamless transition

C. The switch over changes Hardware so RDS does not need to worry about access

D. RDS will have both the DBs running independently and the user has to manually switch over

Correct Answer: B

Explanation/Reference:

In the event of a planned or unplanned outage of a DB instance, Amazon RDS automatically switches to a standby
replica in another Availability Zone if the user has enabled Multi AZ. The automatic fai

QUESTION 7

A user has created a VPC with CIDR 20.0.0.0/16. The user has created one subnet with CIDR 20.0.0.0/16 by mistake.
The user is trying to create another subnet of CIDR 20.0.0.1/24. How can the user create the second subnet?

A. There is no need to update the subnet as VPC automatically adjusts the CIDR of the first subnet based on the
second subnet\'s CIDR

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 4/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

B. The user can modify the first subnet CIDR from the console

C. It is not possible to create a second subnet as one subnet with the same CIDR as the VPC has been created

D. The user can modify the first subnet CIDR with AWS CLI

Correct Answer: D

Explanation/Reference:

A Virtual Private Cloud (VPC. is a virtual network dedicated to the user\'s AWS account. A user can create a subnet with
VPC and launch instances inside the subnet. The user can create a subnet with

QUESTION 8

A user has created numerous EBS volumes. What is the general limit for each AWS account for the maximum number
of EBS volumes that can be created?

A. 10000

B. 5000

C. 100

D. 1000

Correct Answer: B

Explanation/Reference:

A user can attach multiple EBS volumes to the same instance within the limits specified by his AWS account. Each
AWS account has a limit on the number of Amazon EBS volumes that the user can create,

QUESTION 9

You are currently hosting multiple applications in a VPC and have logged numerous port scans coming in from a
specific IP address block. Your security team has requested that all access from the offending IP address block be
denied for the next 24 hours.

Which of the following is the best method to quickly and temporarily deny access from the specified IP address block?

A. Create an AD policy to modify Windows Firewall settings on all hosts in the VPC to deny access from the IP address
block

B. Modify the Network ACLs associated with all public subnets in the VPC to deny access from the IP address block

C. Add a rule to all of the VPC 5 Security Groups to deny access from the IP address block

D. Modify the Windows Firewall settings on all Amazon Machine Images (AMIs) that your organization uses in that VPC
to deny access from the IP address block

Correct Answer: B

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 5/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

Explanation/Reference:

Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html

QUESTION 10

How can the domain\'s zone apex for example andquot;myzoneapexdomain comandquot; be pointed towards an Elastic
Load Balancer?

A. By using an AAAA record

B. By using an A record

C. By using an Amazon Route 53 CNAME record

D. By using an Amazon Route 53 Alias record

Correct Answer: D

Explanation/Reference:

Reference:

http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets- choosing-alias-non-alias.html

QUESTION 11

You have a Linux EC2 web server instance running inside a VPC The instance is In a public subnet and has an EIP
associated with it so you can connect to It

over the Internet via HTTP or SSH The instance was also fully accessible when you last logged in via SSH.

and was also serving web requests on port 80.

Now you are not able to SSH into the host nor does it respond to web requests on port 80 that were working fine last
time you checked You have double-checked

that all networking configuration parameters (security groups route tables. IGW\'EIP. NACLs etc) are properly
configured {and you haven\'t made any changes to

those anyway since you were last able to reach the Instance). You look at the EC2 console and notice that system
status check shows andquot;impaired."

Which should be your next step in troubleshooting and attempting to get the instance back to a healthy state so that you
can log in again?

A. Stop and start the instance so that it will be able to be redeployed on a healthy host system that most likely will fix the
andquot;impairedandquot; system status

B. Reboot your instance so that the operating system will have a chance to boot in a clean healthy state that most likely
will fix the \'impairedandquot; system status

C. Add another dynamic private IP address to me instance and try to connect via mat new path, since the networking

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 6/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

stack of the OS may be locked up causing the andquot;impairedandquot; system status.

D. Add another Elastic Network Interface to the instance and try to connect via that new path since the networking stack
of the OS may be locked up causing the andquot;impairedandquot; system status

E. un-map and then re-map the EIP to the instance, since the IGWVNAT gateway may not be working properly, causing
the andquot;impairedandquot; system status

Correct Answer: A

QUESTION 12

An organization has created a Queue named andquot;modularqueueandquot; with SQS. The organization is not
performing any operations such as SendMessage, ReceiveMessage, DeleteMessage, GetQueueAttributes,
SetQueueAttributes, AddPermission, and RemovePermission on the queue. What can happen in this scenario?

A. AWS SQS sends notification after 15 days for inactivity on queue

B. AWS SQS can delete queue after 30 days without notification

C. AWS SQS marks queue inactive after 30 days

D. AWS SQS notifies the user after 2 weeks and deletes the queue after 3 weeks.

Correct Answer: B

Explanation/Reference:

Amazon SQS can delete a queue without notification if one of the following actions hasn\'t been performed on it for 30
consecutive days: SendMessage,

ReceiveMessage, DeleteMessage, GetQueueAtt

QUESTION 13

A user is collecting 1000 records per second. The user wants to send the data to CloudWatch using the

custom namespace. Which of the below mentioned options is recommended for this activity?

A. Aggregate the data with statistics, such as Min, max, Average, Sum and Sample data and send the data to
CloudWatch

B. Send all the data values to CloudWatch in a single command by separating them with a comma. CloudWatch will
parse automatically

C. Create one csv file of all the data and send a single file to CloudWatch

D. It is not possible to send all the data in one call. Thus, it should be sent one by one. CloudWatch will aggregate the
data automatically

Correct Answer: A

Explanation/Reference:

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 7/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to
CloudWatch using CLI or APIs. The user can publish data to CloudWatch as single data po

QUESTION 14

A user has configured the AWS CloudWatch alarm for estimated usage charges in the US East region. Which of the
below mentioned statements is not true with respect to the estimated charges?

Exhibit:

A. It will store the estimated charges data of the last 14 days

B. It will include the estimated charges of every AWS service

C. The metric data will represent the data of all the regions

D. The metric data will show data specific to that region

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 8/9

 https://www.certbus.com/AWS-SysOps.html
2018 Latest CertBus AWS-SYSOPS PDF and VCE dumps Download

Correct Answer: D

Explanation/Reference:

When the user has enabled the monitoring of estimated charges for the AWS account with AWS CloudWatch, the
estimated charges are calculated and sent several times daily to CloudWatch in the form of m

QUESTION 15

Your application currently leverages AWS Auto Scaling to grow and shrink as load Increases/ decreases and has been
performing well Your marketing team expects a steady ramp up in traffic to follow an upcoming campaign that will result
in a 20x growth in traffic over 4 weeks Your forecast for the approximate number of Amazon EC2 instances necessary
to meet the peak demand is 175.

What should you do to avoid potential service disruptions during the ramp up in traffic?

A. Ensure that you have pre-allocated 175 Elastic IP addresses so that each server will be able to obtain one as it
launches

B. Check the service limits in Trusted Advisor and adjust as necessary so the forecasted count remains within limits.

C. Change your Auto Scaling configuration to set a desired capacity of 175 prior to the launch of the marketing
campaign

D. Pre-warm your Elastic Load Balancer to match the requests per second anticipated during peak demand prior to the
marketing campaign

Correct Answer: D

AWS-SYSOPS PDF Dumps AWS-SYSOPS VCE Dumps AWS-SYSOPS Braindumps

AWS-SYSOPS PDF Dumps | AWS-SYSOPS VCE Dumps | AWS-SYSOPS Braindumps 9/9

Powered by TCPDF (www.tcpdf.org)

:K\6HOHFW&KRRVH&HUW%XVFRP"
CertBus Certification Exam Features

- CertBus offers over 7000 Certification exams for professionals.

- More than 398,800 Satisfied Customers Worldwide.
- Average 99.8% Success Rate.
- Over 130 Global Certification Vendors Covered.
- Services of Professional & Certified Experts available via support.
- Free 365 days updates to match real exam scenarios.
- Instant Download Access! No Setup required.
- Price as low as $45, which is 80% more cost effective than others.
- Verified answers researched by industry experts.
- Study Material updated on regular basis.
- Questions / Answers are downloadable in PDF format.
- Mobile Device Supported (Android, iPhone, iPod, iPad)
- No authorization code required to open exam.
- Portable anywhere.
- Guaranteed Success.
- Fast, helpful support 24x7.
View list of All Certification Exams offered: https://www.certbus.com/allproducts
Free Download All Certification Exams Demo : https://www.certbus.com/samples.html