RealValidExam AWS-SysOps Dumps PDF - 100% Passing Guarantee [Q362-Q382]

RealValidExam AWS-SysOps Dumps PDF - 100% Passing Guarantee

AWS-SysOps Braindumps Real Exam Updated on Nov 29, 2024 with 991 Questions

NEW QUESTION # 362
A user is publishing custom metrics to CloudWatch. Which of the below mentioned statements will help the user understand the functionality better?

• A. If the user is uploading the custom data, the user must supply the namespace, timezone, and metric name as part of the command
• B. The user can use the CloudWatch Import tool
• C. The user should be able to see the data in the console after around 15 minutes
• D. The user can view as well as upload data using the console, CLI and APIs

Answer: C

Explanation:
Explanation
AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to CloudWatch using CLI or APIs. The user has always to include the namespace as a part of the request.
However, the other parameters are optional. If the user has uploaded data using CLI, he can view it as a graph inside the console. The data will take around 2 minutes to upload but can be viewed only after around 15 minutes.

NEW QUESTION # 363
A SysOps Administrator is analyzing how Reserved Instance discounts are allocated to Amazon EC2 instances across accounts in the company's consolidated bill. Which AWS tool will provide the details necessary to understand the billing charges?

• A. AWS Organizations
• B. AWS Cost and Usage report
• C. AWS Trusted Advisor
• D. AWS Budgets

Answer: A

NEW QUESTION # 364
A company's use of AWS Cloud services is quickly growing, so a SysOps Administrator has been asked to generate details of daily spending to share with management.
Which method should the Administrator choose to produce this data?

• A. Use AWS CloudTrail Logs to access daily costs in JSON format.
• B. Set up daily Cost and Usage Report and download the output from Amazon S3.
• C. Share the monthly AWS bill with management.
• D. Monitor AWS costs with Amazon Cloud Watch and create billing alerts and notifications.

Answer: B

NEW QUESTION # 365
Which command must be present in a Cisco device configuration to enable the device to resolve an FQDN?

• A. ip name-server
• B. ip host
• C. ip domain-lookup
• D. ip domain-name

Answer: C

NEW QUESTION # 366
A user is planning to setup notifications on the RDS DB for a snapshot. Which of the below mentioned event categories is not supported by RDS for this snapshot source type?

• A. Deletion
• B. Restoration
• C. Backup
• D. Creation

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Amazon RDS uses the Amazon Simple Notification Service to provide a notification when an Amazon RDS event occurs. Event categories for a snapshot source type include: Creation, Deletion, and Restoration.
The Backup is a part of DB instance source type.

NEW QUESTION # 367
A sys admin has created the below mentioned policy and applied to an S3 object named aws.jpg. The aws.jpg is inside a bucket named cloudacademy. What does this policy define?

• A. the aws.jpg object as public
• B. It is not possible to define a policy at the object level
• C. It will make all the objects of the bucket cloudacademy as public
• D. It will make the bucket cloudacademy as public

Answer: B

Explanation:
Explanation/Reference:
Explanation:
A system admin can grant permission to the S3 objects or buckets to any user or make objects public using the bucket policy and user policy. Both use the JSON-based access policy language. Generally, if the user is defining the ACL on the bucket, the objects in the bucket do not inherit it and vice a versa. The bucket policy can be defined at the bucket level which allows the objects as well as the bucket to be public with a single policy applied to that bucket. It cannot be applied at the object level.

NEW QUESTION # 368
In configuring an Amazon Route 53 health check, a SysOps Administrator selects `Yes' to the String Matching option in the Advanced Configuration section. In the Search String box, the Administrator types the following text: /html.
This is to ensure that the entire page is loading during the health check. Within 5 minutes of enabling the health check, the Administrator receives an alert stating that the check failed.
However, when the Administrator navigates to the page, it loads successfully.
What is the MOST likely cause of this false alarm?

• A. The search string is not HTML-encoded.
• B. The search string must be escaped with a backslash (\) before the forward slash (/).
• C. The search string must be put in quotes.
• D. The search string is not in the first 5120 bytes of the tested page.

Answer: A

NEW QUESTION # 369
An organization with a large IT department has decided to migrate to AWS. With different job functions in the IT department, it is not desirable to give all users access to all AWS resources. Currently the organization handles access via LDAP credentials?

• A. Create a Lambda function to read LDAP groups and automate the creation of IAM users.
• B. Create an AWS Directory Service Simple AD. Replicate the on-premises LDAP directory to Simple AD.
• C. Federate the LDAP directory with IAM using SAML. Create different IAM roles to correspondent to different LDAP groups to limit permissions.
• D. Use AWS CloudFormation to create IAM roles. Deploy Direct Connect to allow access to the on- premises LDAP server.

Answer: C

NEW QUESTION # 370
According to the shared responsibility model, for which of the following Amazon EC2 activities is AWS responsible? (Choose two.)

• A. Configuring network ACLs
• B. Patching the hypervisor
• C. Patching the guest operating system
• D. Maintaining network infrastructure
• E. Monitoring memory utilization

Answer: B,D

Explanation:
Explanation/Reference:
Reference https://aws.amazon.com/compliance/shared-responsibility-model/

NEW QUESTION # 371
A user is trying to create a PIOPS EBS volume with 8 GB size and 200 IOPS. Will AWS create the volume?

• A. No, the EBS size is less than 10 GB
• B. No, since the PIOPS and EBS size ratio is less than 30
• C. Yes, since PIOPS is higher than 100
• D. Yes, since the ratio between EBS and IOPS is less than 30

Answer: A

Explanation:
A provisioned IOPS EBS volume can range in size from 10 GB to 1 TB and the user can provision up to 4000 IOPS per volume. The ratio of IOPS provisioned to the volume size requested should be a maximum of 30; for example, a volume with 3000 IOPS must be at least 100 GB.

NEW QUESTION # 372
A SysOps Administrator needs to retrieve a file from the GLACIER storage class of Amazon S3.
The Administrator wants to receive an Amazon SNS notification when the file is available for access.
What action should be taken to accomplish this?

• A. Create an AWS Lambda function that performs a HEAD request on the object being restored and checks the storage class of the object. Then send a notification to an SNS topic the Administrator has subscribed to when the storage class changes to STANDARD.
• B. Create an Amazon CloudWatch Events event for file restoration from Amazon S3 Glacier using the API and send the event to an SNS topic the Administrator has subscribed GlacierJobDescription to.
• C. Enable an Amazon S3 event notification for the s3:ObjectCreated:Post event that sends a notification to an SNS topic the Administrator has subscribed to.
• D. Enable S3 event notification for the s3:ObjectCreated:Completed event that sends a notification to an SNS topic the Administrator has subscribed to.

Answer: C

NEW QUESTION # 373
An ecommerce company uses an Amazon ElastiCache for Memcached cluster for in-memory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the sysops administrator notices a large number of evictions.
Which of the following actions will reduce these evictions? (Choose two.)

• A. Increase the individual node size inside the ElastiCache cluster
• B. Add an additional node to the ElastiCache cluster
• C. Put an Elastic Load Balancer in front of the ElastiCache cluster
• D. Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster
• E. Increase the ElastiCache time to live (TTL)

Answer: A,B

Explanation:
https://shaikmdrafi.wordpress.com/2017/05/30/aws-certified-sysops-administrator-associate-level/

NEW QUESTION # 374
You use S3 to store critical data for your company Several users within your group currently have lull permissions to your S3 buckets You need to come up with a solution mat does not impact your users and also protect against the accidental deletion of objects.
Which two options will address this issue? (Choose two.)

• A. Create a Bucket policy and only allow read only permissions to all users at the bucket level
• B. Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier
• C. Enable versioning on your S3 Buckets
• D. Configure your S3 Buckets with MFA delete

Answer: C,D

NEW QUESTION # 375
What was the recommended use case for S3 Reduced Redundancy storage before its deprecation was planned?

• A. It was used to reduce storage costs by providing 500 times the durability of a typical disk drive at lower levels of redundancy.
• B. It was used to reduce storage costs for reproducible data at high levels of redundancy in a single facility.
• C. It was used to reduce storage costs for noncritical data at lower levels of redundancy.
• D. It was used to reduce storage costs by allowing you to destroy any copy of your files outside a specific jurisdiction.

Answer: C

Explanation:
Explanation/Reference:
Explanation
Reduced Redundancy Storage (RRS) was introduced in order to reduce storage costs. When first developed, you could use reduced redundancy storage for noncritical, reproducible data at lower levels of redundancy than Amazon S3 provides with standard storage. Now Standard is a more af-fordable from a cost perspective, because Amazon is deprecating RRS and has changed the pricing structure.
Reference: http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingRRS.html

NEW QUESTION # 376
What does Amazon RDS perform?

• A. It tests the functionalities in websites.
• B. It blocks users from creating DB instances.
• C. It provides sensory feedback.
• D. It manages the work involved in setting up a relational database.

Answer: D

Explanation:
Explanation
Amazon RDS manages the work involved in setting up a relational database: from provisioning the infrastructure capacity you request to installing the database software.
References:

NEW QUESTION # 377
A user is collecting 1000 records per second. The user wants to send the data to CloudWatch using a custom namespace, Which of the below mentioned options is recommended for this activity?

• A. It is not possible to send all the data in one call. Thus, it should be sent one by one.
  CloudWatch will aggregate the data automatically
• B. Aggregate the data with statistics, such as Min, max, Average, Sum and Sample data and send the data to CloudWatch
• C. Send all the data values to CloudWatch in a single command by separating them with a comma.
  CloudWatch will parse automatically
• D. Create one csv file of all the data and send a single file to CloudWatch

Answer: B

Explanation:
AWS CloudWatch supports the custom metrics. The user can always capture the custom data and upload the data to CloudWatch using CLI or APIs. The user can publish data to CloudWatch as single data points or as an aggregated set of data points called a statistic set using the command put-metric-data. It is recommended that when the user is having multiple data points per minute, he should aggregate the data so that it will minimize the number of calls to put-metric- data. In this case it will be single call to CloudWatch instead of 1000 calls if the data is aggregated.
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html

NEW QUESTION # 378
A SysOps Administrator is implementing SSL for a domain of an internet-facing application running behind an Application Load Balancer (ALB). The Administrator decides to use an SSL certificate from Amazon Certificate Manager (ACM) to secure it.
Upon creating a request for the ALB fully qualified domain name (FQDN), it fails, and the error message
"Domain Not Allowed" is displayed.
How can the Administrator fix this issue?

• A. Contact AWS Support and verify the request by answering security challenge questions.
• B. Place a new request with the proper domain name instead of the ALB FQDN
• C. Select the certificate request in the ACM console and resend the validation email.
• D. Contact the domain registrar and ask them to provide the verification required by AWS.

Answer: C

NEW QUESTION # 379
Does Amazon RDS support SSL encryption for SQL Server DB Instances?

• A. Yes, but only when the instances are in a single region
• B. No, encryption using SSL is supported only in the GovCloud.
• C. Yes, for all supported SQL Server editions
• D. No

Answer: C

Explanation:
Amazon RDS supports SSL encryption for SQL Server DB Instances. Using SSL, you can encrypt connections
between your applications and your SQL Server DB Instances. This is available for all the versions of Microsoft
SQL Server.
Reference:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBEngine.SQLServer.html

NEW QUESTION # 380
An Amazon S3 Inventory report reveals that more than 1 million objects in an S3 bucket are not encrypted.
These objects must be encrypted, and all future objects must be encrypted at the time they are written.
Which combination of actions should a SysOps administrator take to meet these requirements? (Choose two.)

• A. Use S3 Event Notifications to invoke an AWS Lambda function on all new object-created events for the S3 bucket. Configure the Lambda function to check whether the object is encrypted and to run an AWS Systems Manager Automation document to encrypt the object in place when an unencrypted object is found.
• B. Filter the S3 Inventory report by using S3 Select to find all objects that are not encrypted. Create an S3 Batch Operations job to copy each object in place with encryption enabled.
• C. Filter the S3 Inventory report by using S3 Select to find all objects that are not encrypted. Send each object name as a message to an Amazon Simple Queue Service (Amazon SQS) queue. Use the SQS queue to invoke an AWS Lambda function to tag each object with a key of "Encryption" and a value of "SSE-KMS".
• D. Edit the properties of the S3 bucket to enable default server-side encryption.
• E. Create an AWS Config rule that runs evaluations against configuration changes to the S3 bucket. When an unencrypted object is found, run an AWS Systems Manager Automation document to encrypt the object in place.
  https://www.fast2test.com/AWS-SysOps-practice-test.html 13
  Valid Fast2test AWS-SysOps Exam PDF Dumps - New AWS-SysOps Real Exam Questions

Answer: A,D

NEW QUESTION # 381
If an IAM policy has multiple conditions, or if a condition has multiple keys, its boolean outcome will be calculated using a logical ______ operation.

• A. None of these
• B. OR
• C. AND
• D. NAND

Answer: C

Explanation:
If there are multiple condition operators, or if there are multiple keys attached to a single condition operator, the conditions are evaluated using a logical AND.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/AccessPolicyLanguage_ElementDescriptions.
html

NEW QUESTION # 382
......

AWS-SysOps Dumps With 100% Verified Q&As - Pass Guarantee or Full Refund: https://actualtests.realvalidexam.com/AWS-SysOps-real-exam-dumps.html