Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

AWS-SysOpsFree trial

By amazon

Verified

25Q per page

Question 51

A user is planning to setup infrastructure on AWS for the Christmas sales. The user is planning to use Auto Scaling based on the schedule for proactive scaling.
What advice would you give to the user?

A: It is good to schedule now because if the user forgets later on it will not scale up
B: The scaling should be setup only one week before Christmas
C: Wait till end of November before scheduling the activity
D: It is not advisable to use scheduled based scaling

—

Question 52

A user is trying to understand the ACL and policy for an S3 bucket. Which of the below mentioned policy permissions is equivalent to the WRITE ACL on a bucket?

A: s3:GetObjectAcl
B: s3:GetObjectVersion
C: s3:ListBucketVersions
D: s3:DeleteObject

—

Question 53

A user has created an ELB with Auto Scaling. Which of the below mentioned offerings from ELB helps the user to stop sending new requests traffic from the load balancer to the EC2 instance when the instance is being deregistered while continuing in-flight requests?

A: ELB sticky session
B: ELB deregistration check
C: ELB connection draining
D: ELB auto registration Off

—

Question 54

A user has launched an EC2 instance from an instance store backed AMI. The infrastructure team wants to create an AMI from the running instance. Which of the below mentioned steps will not be performed while creating the AMI?

A: Define the AMI launch permissions
B: Upload the bundled volume
C: Register the AMI
D: Bundle the volume

—

Question 55

You are managing the AWS account of a big organization. The organization has more than 1000+ employees and they want to provide access to the various services to most of the employees. Which of the below mentioned options is the best possible solution in this case?

A: The user should create a separate IAM user for each employee and provide access to them as per the policy
B: The user should create an IAM role and attach STS with the role. The user should attach that role to the EC2 instance and setup AWS authentication on that server
C: The user should create IAM groups as per the organization's departments and add each user to the group for better access control
D: Attach an IAM role with the organization's authentication service to authorize each user for various AWS services

—

Question 56

A user has configured a VPC with a new subnet. The user has created a security group. The user wants to configure that instances of the same subnet communicate with each other. How can the user configure this with the security group?

A: There is no need for a security group modification as all the instances can communicate with each other inside the same subnet
B: Configure the subnet as the source in the security group and allow traffic on all the protocols and ports
C: Configure the security group itself as the source and allow traffic on all the protocols and ports
D: The user has to use VPC peering to configure this

—

Question 57

The majority of your Infrastructure is on premises and you have a small footprint on AWS Your company has decided to roll out a new application that is heavily dependent on low latency connectivity to LOAP for authentication Your security policy requires minimal changes to the company's existing application user management processes.
What option would you implement to successfully launch this application1?

A: Create a second, independent LOAP server in AWS for your application to use for authentication
B: Establish a VPN connection so your applications can authenticate against your existing on-premises LDAP servers
C: Establish a VPN connection between your data center and AWS create a LDAP replica on AWS and configure your application to use the LDAP replica for authentication
D: Create a second LDAP domain on AWS establish a VPN connection to establish a trust relationship between your new and existing domains and use the new domain for authentication

—

Question 58

A user is launching an instance. He is on the Tag the instance screen. Which of the below mentioned information will not help the user understand the functionality of an AWS tag?

A: Each tag will have a key and value
B: The user can apply tags to the S3 bucket
C: The maximum value of the tag key length is 64 unicode characters
D: AWS tags are used to find the cost distribution of various resources

—

Question 59

A user has created a VPC with CIDR 20.0.0.0/16. The user has created public and VPN only subnets along with hardware VPN access to connect to the user's datacenter. The user wants to make so that all traffic coming to the public subnet follows the organization's proxy policy. How can the user make this happen?

A: Setting up a NAT with the proxy protocol and configure that the public subnet receives traffic from NAT
B: Setting up a proxy policy in the internet gateway connected with the public subnet
C: It is not possible to setup the proxy policy for a public subnet
D: Setting the route table and security group of the public subnet which receives traffic from a virtual private gateway

—

Question 60

A user has created a VPC with CIDR 20.0.0.0/24. The user has created a public subnet with CIDR 20.0.0.0/25 and a private subnet with CIDR 20.0.0.128/25. The user has launched one instance each in the private and public subnets. Which of the below mentioned options cannot be the correct IP address (private IP. assigned to an instance in the public or private subnet?

A: 20.0.0.255
B: 20.0.0.132
C: 20.0.0.122
D: 20.0.0.55

—

Question 61

A user has launched an EBS backed EC2 instance. The user has rebooted the instance. Which of the below mentioned statements is not true with respect to the reboot action?

A: The private and public address remains the same
B: The Elastic IP remains associated with the instance
C: The volume is preserved
D: The instance runs on a new host computer

—

Question 62

A user has setup a web application on EC2. The user is generating a log of the application performance at every second. There are multiple entries for each second. If the user wants to send that data to CloudWatch every minute, what should he do?

A: The user should send only the data of the 60th second as CloudWatch will map the receive data timezone with the sent data timezone
B: It is not possible to send the custom metric to CloudWatch every minute
C: Give CloudWatch the Min, Max, Sum, and SampleCount of a number of every minute
D: Calculate the average of one minute and send the data to CloudWatch

—

Question 63

An AWS root account owner is trying to create a policy to access RDS. Which of the below mentioned statements is true with respect to the above information?

A: Create a policy which allows the users to access RDS and apply it to the RDS instances
B: The user cannot access the RDS database if he is not assigned the correct IAM policy
C: The root account owner should create a policy for the IAM user and give him access to the RDS services
D: The policy should be created for the user and provide access for RDS

—

Question 64

A user is using a small MySQL RDS DB. The user is experiencing high latency due to the Multi AZ feature. Which of the below mentioned options may not help the user in this situation?

A: Schedule the automated back up in non-working hours
B: Use a large or higher size instance
C: Use PIOPS
D: Take a snapshot from standby Replica

—

Question 65

A user is displaying the CPU utilization, and Network in and Network out CloudWatch metrics data of a single instance on the same graph. The graph uses one Y- axis for CPU utilization and Network in and another Y-axis for Network out. Since Network in is too high, the CPU utilization data is not visible clearly on graph to the user. How can the data be viewed better on the same graph?

A: It is not possible to show multiple metrics with the different units on the same graph
B: Add a third Y-axis with the console to show all the data in proportion
C: Change the axis of Network by using the Switch command from the graph
D: Change the units of CPU utilization so it can be shown in proportion with Network

—

Question 66

A user is planning to use AWS services for his web application. If the user is trying to set up his own billing management system for AWS, how can he configure it?

A: Set up programmatic billing access. Download and parse the bill as per the requirement
B: It is not possible for the user to create his own billing management service with AWS
C: Enable the AWS CloudWatch alarm which will provide APIs to download the alarm data
D: Use AWS billing APIs to download the usage report of each service from the AWS billing console

—

Question 67

A user is planning to schedule a backup for an EBS volume. The user wants security of the snapshot data. How can the user achieve data encryption with a snapshot?

A: Use encrypted EBS volumes so that the snapshot will be encrypted by AWS
B: While creating a snapshot select the snapshot with encryption
C: By default, the snapshot is encrypted by AWS
D: Enable server side encryption for the snapshot using S3

—

Question 68

You need to design a VPC for a web-application consisting of an Elastic Load Balancer (ELB). a fleet of web/application servers, and an RDS database. The entire Infrastructure must be distributed over 2 availability zones.
Which VPC configuration works while assuring the database is not available from the Internet?

A: One public subnet for ELB one public subnet for the web-servers, and one private subnet for the database
B: One public subnet for ELB two private subnets for the web-servers, two private subnets for RDS
C: Two public subnets for ELB two private subnets for the web-servers and two private subnets for RDS
D: Two public subnets for ELB two public subnets for the web-servers, and two public subnets for RDS

—

Question 69

A user has created a public subnet with VPC and launched an EC2 instance within it. The user is trying to delete the subnet. What will happen in this scenario?

A: It will delete the subnet and make the EC2 instance as a part of the default subnet
B: It will not allow the user to delete the subnet until the instances are terminated
C: It will delete the subnet as well as terminate the instances
D: The subnet can never be deleted independently, but the user has to delete the VPC first

—

Question 70

A user has setup an EBS backed instance and attached 2 EBS volumes to it. The user has setup a CloudWatch alarm on each volume for the disk data. The user has stopped the EC2 instance and detached the EBS volumes. What will be the status of the alarms on the EBS volume?

A: OK
B: Insufficient Data
C: Alarm
D: The EBS cannot be detached until all the alarms are removed

—

Question 71

A user has launched an EC2 instance from an instance store backed AMI. The infrastructure team wants to create an AMI from the running instance. Which of the below mentioned credentials is not required while creating the AMI?

A: AWS account ID
B: X.509 certificate and private key
C: AWS login ID to login to the console
D: Access key and secret access key

—

Question 72

A user has configured an SSL listener at ELB as well as on the back-end instances. Which of the below mentioned statements helps the user understand ELB traffic handling with respect to the SSL listener?

A: It is not possible to have the SSL listener both at ELB and back-end instances
B: ELB will modify headers to add requestor details
C: ELB will intercept the request to add the cookie details if sticky session is enabled
D: ELB will not modify the headers

—

Question 73

A user has created a Cloudformation stack. The stack creates AWS services, such as EC2 instances, ELB, AutoScaling, and RDS. While creating the stack it created EC2, ELB and AutoScaling but failed to create RDS. What will Cloudformation do in this scenario?

A: Cloudformation can never throw an error after launching a few services since it verifies all the steps before launching
B: It will warn the user about the error and ask the user to manually create RDS
C: Rollback all the changes and terminate all the created services
D: It will wait for the user's input about the error and correct the mistake after the input

—

Question 74

A user is trying to launch an EBS backed EC2 instance under free usage. The user wants to achieve encryption of the EBS volume. How can the user encrypt the data at rest?

A: Use AWS EBS encryption to encrypt the data at rest
B: The user cannot use EBS encryption and has to encrypt the data manually or using a third party tool
C: The user has to select the encryption enabled flag while launching the EC2 instance
D: Encryption of volume is not available as a part of the free usage tier

—

Question 75

A user has created a VPC with public and private subnets using the VPC wizard. The user has not launched any instance manually and is trying to delete the
VPC. What will happen in this scenario?

A: It will not allow to delete the VPC as it has subnets with route tables
B: It will not allow to delete the VPC since it has a running route instance
C: It will terminate the VPC along with all the instances launched by the wizard
D: It will not allow to delete the VPC since it has a running NAT instance

—

Page 3 of 38 • Questions 51-75 of 928

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!