• Home
  • Articles
  • Updated Jan-2024 AWS-SysOps Free Exam Files Downloaded Instantly [Q345-Q367]

Updated Jan-2024 AWS-SysOps Free Exam Files Downloaded Instantly [Q345-Q367]

Share

Updated Jan-2024 AWS-SysOps Free Exam Files Downloaded Instantly

Practice Exams and Training Solutions for Certifications


Amazon AWS-SysOps exam is an industry-recognized certification for professionals who are interested in validating their skills in managing and deploying AWS systems. It is designed to validate the expertise of individuals working in the role of a SysOps administrator. AWS Certified SysOps Administrator - Associate certification is ideal for professionals who want to advance their careers in cloud computing and AWS.

 

NEW QUESTION # 345
A user is trying to understand the detailed CloudWatch monitoring concept. Which of the below mentioned services provides detailed monitoring with CloudWatch without charging the user extra?

  • A. AWS EMR
  • B. AWS SNS
  • C. AWS Route 53
  • D. AWS Auto Scaling

Answer: C

Explanation:
CloudWatch is used to monitor AWS as well as the custom services. It provides either basic or detailed monitoring for the supported AWS products. In basic monitoring, a service sends data points to CloudWatch every five minutes, while in detailed monitoring a service sends data points to CloudWatch every minute. Services, such as RDS, ELB, OpsWorks, and Route 53 can provide the monitoring data every minute without charging the user.


NEW QUESTION # 346
An environment company has discovered that a number of Amazon EC2 instances in a VPC are marked as high risk according to a Common Vulnerabilities and Expressures (CVE) report. The Security tea, requests that all these instances be upgraded.
Who is responsible for upgrading the EC2 instances?

  • A. The Amazon EC2 team
  • B. The AWS Security team
  • C. The company's System Administrator
  • D. The AWS Premium Support team

Answer: C


NEW QUESTION # 347
In IAM, can you attach more than one inline policy to a particular entity such a user, role, or group?

  • A. No
  • B. Yes
  • C. Yes, you can but only if you attach the policy within a VPC.
  • D. Yes, you can but only if you attach the policy within the GovCloud.

Answer: B

Explanation:
Explanation/Reference:
Explanation:
In AWS IAM, you can add as many inline policies as you want to a user, role, or group, but the total aggregate policy size (the sum size of all inline policies) per entity cannot exceed the following lim-its: User policy size cannot exceed 2,048 characters.
Role policy size cannot exceed 10,240 characters. Group policy size cannot exceed 5,120 characters.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html


NEW QUESTION # 348
A sys admin is maintaining an application on AWS. The application is installed on EC2 and user has configured ELB and Auto Scaling. Considering future load increase, the user is planning to launch new servers proactively so that they get registered with ELB. How can the user add these instances with Auto Scaling?

  • A. Decrease the minimum limit of the Auto Scaling grou
  • B. Launch an instance manually and register it with ELB on the fly
  • C. Increase the desired capacity of the Auto Scaling group
  • D. Increase the maximum limit of the Auto Scaling group

Answer: C

Explanation:
A user can increase the desired capacity of the Auto Scaling group and Auto Scaling will launch a new instance as per the new capacity. The newly launched instances will be registered with ELB if Auto Scaling group is configured with ELB. If the user decreases the minimum size the instances will be removed from Auto Scaling. Increasing the maximum size will not add instances but only set the maximum instance cap.


NEW QUESTION # 349
The CFO of a company wants to allow one of his employees to view only the AWS usage report page. Which of the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?

  • A. "Effect": "Allow", "Action": ["aws-portal:ViewUsage"], "Resource": "*"
  • B. "Effect": "Allow", "Action": ["Describe"], "Resource": "Billing"
  • C. "Effect": "Allow", "Action": ["aws-portal: ViewBilling"], "Resource": "*"
  • D. "Effect": "Allow", "Action": ["AccountUsage], "Resource": "*"

Answer: A

Explanation:
Explanation
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the CFO wants to allow only AWS usage report page access, the policy for that IAM user will be as given below:


NEW QUESTION # 350
A SysOps Administrator is notified that an automated failover of an Amazon RDS database has occurred.
What are possible causes for this? (Choose two.)

  • A. Database corruption errors.
  • B. A write contention on the database.
  • C. A storage failure on the primary database.
  • D. The database instance type was changed.
  • E. A read contention on the database.

Answer: A,C

Explanation:
Explanation/Reference: https://medium.com/@hk_it_er/summary-on-the-aws-rds-faq-90dd443f983


NEW QUESTION # 351
A company's static website hosted on Amazon S3 was launched recently, and is being used by tens of
thousands of users. Subsequently, website users are experiencing 503 service unavailable errors.
Why are these errors occurring?

  • A. The request rate to Amazon S3 is too high.
  • B. The users are in different geographical region and Amazon Route 53 is restricting access.
  • C. There is an error with the Amazon RDS database.
  • D. The requests to Amazon S3 do not have the proper permissions.

Answer: A

Explanation:
Explanation/Reference: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/http-503-service-
unavailable.html


NEW QUESTION # 352
___________ is a task coordination and state management service for cloud applications.

  • A. Amazon SES
  • B. Amazon SWF
  • C. Amazon FPS
  • D. Amazon SNS

Answer: B

Explanation:
Explanation
Amazon Simple Workflow (Amazon SWF) is a task coordination and state management service for cloud applications. With Amazon SWF, you can stop writing complex glue-code and state machinery and invest more in the business logic that makes your applications unique.
References:


NEW QUESTION # 353
A web-based application is running in AWS. The application is using a MySQL Amazon RDS database instance for persistence. The application stores transactional data and is read-heavy. The RDS instance gets busy during the peak usage, which shows the overall application response times.
The SysOps Administrator is asked to improve the read queries performance using a scalable solution.
Which options will meet these requirements? (Choose two.)

  • A. Create a read replica of the RDS instance
  • B. Use Amazon DynamoDB instead of RDS
  • C. Scale up the RDS instance to a larger instance size
  • D. Use Amazon ElastiCache to cache read queries
  • E. Enable the RDS database Multi-AZ option

Answer: A,D


NEW QUESTION # 354
A company is hosting a website on an Amazon EC2 instance that runs in a public subnet inside a VPC. The company uses Amazon CloudWatch Logs for web server log analysis.
A SysOps administrator has installed and configured the CloudWatch Logs agent on the EC2 instance and has confirmed that the agent is running. However, logs are not showing up in CloudWatch Logs.
Which solution will resolve this issue?

  • A. Create an IAM role that has the proper permissions for CloudWatch logs. Create an IAM instance profile, and associate it with the IAM role. Associate the instance profile with the EC2 instance.
  • B. Create an IAM user that has the proper permissions for CloudWatch logs. Create an IAM instance profile, and associate it with the IAM user. Associate the instance profile with the EC2 instance.
  • C. Modify the EC2 instance security group rules to allow inbound traffic on port 80.
  • D. Modify the VPC's network ACL rules for the public subnet to allow inbound traffic on port 80.

Answer: B


NEW QUESTION # 355
A SysOps Administrator is trying to set up an Amazon Route 53 domain namo to route traffic to a website hosted on Amazon S3 The domain name of the website is www anycompany com and the S3 bucket name is anycompany-static After the record set is set up in Route 53, the domain name www anycompany com does not seem to work, and the static website is not displayed in the browser Which of the following is a cause of this?

  • A. The S3 bucket must be configured with Amazon CloudFront first.
  • B. The Route 53 record set must be in the same region as the S3 bucket
  • C. The Route 53 record set must have an IAM role that allows access to the S3 bucket
  • D. The S3 bucket name must match the record sot name in Route 53.

Answer: D


NEW QUESTION # 356
AMIs can be ______________.

  • A. public or private
  • B. only private unless created by Amazon
  • C. created only for Linux instances
  • D. created only by Amazon

Answer: A

Explanation:
Explanation
After you create an AMI, you can keep it private so that only you can use it, or you can share it with a specified list of AWS accounts. You can also make your custom AMI public so that the community can use it.
Building a safe, secure, usable AMI for public consumption is a fairly straightforward process, if you follow a few simple guidelines.
References:


NEW QUESTION # 357
If you want to launch Amazon Elastic Compute Cloud (EC2) Instances and assign each Instance a predetermined private IP address you should:

  • A. Launch the Instance from a private Amazon Machine image (Mil)
  • B. Assign a group or sequential Elastic IP address to the instances
  • C. Use standard EC2 instances since each instance gets a private Domain Name Service (DNS) already
  • D. Launch the instances in a Placement Group
  • E. Launch the instances in the Amazon virtual Private Cloud (VPC).

Answer: E


NEW QUESTION # 358
What does the Server-side encryption provide in Amazon S3?

  • A. Server-side encryption doesn't exist for Amazon S3, but only for Amazon EC2.
  • B. Server-side encryption allows to upload files using an SSL endpoint for a secure transfer.
  • C. Server-side encryption provides an encrypted virtual disk in the cloud.
  • D. Server-side encryption protects data at rest using Amazon S3-managed encryption keys (SSE-S3).

Answer: D

Explanation:
Explanation
Server-side encryption is about protecting data at rest. Server-side encryption with Amazon S3-managed encryption keys (SSE-S3) employs strong multi-factor encryption. Amazon S3 encrypts each object with a unique key. As an additional safeguard, it encrypts the key itself with a master key that it regularly rotates.


NEW QUESTION # 359
What happens if the instance launched by Auto Scaling becomes unhealthy?

  • A. Auto Scaling will terminate the instance but not launch a new instance.
  • B. Auto Scaling will terminate the instance and launch a new healthy instance.
  • C. Auto Scaling will notify the user and the user can update the instance.
  • D. The instance cannot become unhealthy.

Answer: B

Explanation:
Auto Scaling keeps checking the health of the EC2 instances launched by it at regular intervals. If an instance is observed as unhealthy, Auto Scaling will automatically terminate the instance and launch a new healthy instance. Thus, it maintains the number of instances as per the Auto Scaling group configuration.
Reference:
http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/AutoScalingLifecycleHooks.html


NEW QUESTION # 360
An organization is planning to create a user with IAM. They are trying to understand the limitations of IAM so that they can plan accordingly. Which of the below mentioned statements is not true with respect to the limitations of IAM?

  • A. One IAM user can be a part of a maximum of 5 groups
  • B. One AWS account can have 250 roles
  • C. One AWS account can have a maximum of 5000 IAM users
  • D. The organization can create 100 groups per AWS account

Answer: A

Explanation:
Explanation/Reference:
Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. The default maximums for each of the IAM entities is given below:
Groups per AWS account: 100
Users per AWS account: 5000
Roles per AWS account: 250
Number of groups per user: 10 (that is, one user can be part of these many groups).


NEW QUESTION # 361
An organization (Account ID 123412341234. has attached the below mentioned IAM policy to a user. What does this policy statement entitle the user to perform?

  • A. The policy allows the IAM user to modify all IAM users' access keys using the console, SDK, CLI or APIs
  • B. The policy allows the IAM user to modify all credentials using only the console
  • C. The policy allows the IAM user to modify the IAM user's own credentials using the console, SDK, CLI or APIs
  • D. The policy allows the IAM user to modify all IAM users' credentials using the console, SDK, CLI or APIs

Answer: A

Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the organization (Account ID 123412341234. wants some of their users to manage keys (access and secret access keys. of all IAM users, the organization should set the below mentioned policy which entitles the IAM user to modify keys of all IAM users with CLI, SDK or API.


NEW QUESTION # 362
A user has launched an ELB which has 5 instances registered with it. The user deletes the ELB by
mistake. What will happen to the instances?

  • A. Instances will keep running
  • B. ELB will ask the user whether to delete the instances or not
  • C. ELB cannot be deleted if it has running instances registered with it
  • D. Instances will be terminated

Answer: A

Explanation:
When the user deletes the Elastic Load Balancer, all the registered instances will be deregistered.
However, they will continue to run. The user will incur charges if he does not take any action on those
instances.
Reference:
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/US_EndLoadBalancing02.htm
l


NEW QUESTION # 363
Which of the following statements about this S3 bucket policy is true?

  • A. Grants all the servers within the 192 168 100 188/32 subnet full access to the "mybucket" bucket
  • B. Denies the server with the IP address 192.166 100.188 full access to the "mybucket bucket
  • C. Denies the server with the IP address 192.166 100.0 full access to the "mybucket" bucket
  • D. Grants all the servers within the 192 168 100 0/24 subnet full access to the "mybucket" bucket

Answer: D


NEW QUESTION # 364
A root account owner is trying to understand the S3 bucket ACL. Which of the below mentioned options cannot be used to grant ACL on the object using the authorized predefined group?

  • A. Log Delivery Group
  • B. Canonical user group
  • C. All users group
  • D. Authenticated user group

Answer: B

Explanation:
Explanation
An S3 bucket ACL grantee can be an AWS account or one of the predefined Amazon S3 groups. Amazon S3 has a set of predefined groups. When granting account access to a group, the user can specify one of the URLs of that group instead of a canonical user ID. AWS S3 has the following predefined groups:
Authenticated Users group: It represents all AWS accounts. All Users group: Access permission to this group allows anyone to access the resource. Log Delivery group: WRITE permission on a bucket enables this group to write server access logs to the bucket.


NEW QUESTION # 365
You have private video content in S3 that you want to serve to subscribed users on the Internet. User IDs, credentials, and subscriptions are stored in an Amazon RDS database.
Which configuration will allow you to securely serve private content to your users?

  • A. Create an IAM user for each subscribed user and assign the GetObject permission to each IAM user
  • B. Create a CloudFront Origin Identity user for your subscribed users and assign the GetObject permission to this user
  • C. Create an S3 bucket policy that limits access to your private content to only your subscribed users' credentials
  • D. Generate pre-signed URLs for each user as they request access to protected S3 content

Answer: D

Explanation:
Explanation
"You can optionally secure the content in your Amazon S3 bucket so users can access it through CloudFront but cannot access it directly by using Amazon S3 URLs. This prevents anyone from bypassing CloudFront and using the Amazon S3 URL to get content that you want to restrict access to. This step isn't required to use signed URLs, but we recommend it."


NEW QUESTION # 366
A user has scheduled the maintenance window of an RDS DB on Monday at 3 AM. Which of the below
mentioned events may force to take the DB instance offline during the maintenance window?

  • A. DB password change
  • B. Security patching
  • C. Enabling Read Replica
  • D. Making the DB Multi AZ

Answer: B

Explanation:
Amazon RDS performs maintenance on the DB instance during a user-definable maintenance window. The system may be offline or experience lower performance during that window. The only maintenance events that may require RDS to make the DB instance offline are: Scaling compute operations Software patching. Required software patching is automatically scheduled only for patches that are security
and durability related. Such patching occurs infrequently (typically once every few months.
and seldom
requires more than a fraction of the maintenance window.


NEW QUESTION # 367
......

Q&As with Explanations Verified & Correct Answers: https://actual4test.practicetorrent.com/AWS-SysOps-practice-exam-torrent.html

Related Articles

more
Amazon AWS-SysOps Certification Practice Exam

We offer you the latest exam questions in three versions which you can choose as you like. The pdf version supports the printing and is easy to be read. You can try the free demo questions to check the validity. Our practice material is the key to success.

Tags

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 PracticeTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy