Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

AWS-SysOpsFree trial

By amazon

Verified

25Q per page

Question 151

A user is receiving a notification from the RDS DB whenever there is a change in the DB security group. The user does not want to receive these notifications for only a month. Thus, he does not want to delete the notification. How can the user configure this?

A: Change the Disable button for notification to ג€Yesג€ in the RDS console
B: Set the send mail flag to false in the DB event notification console
C: The only option is to delete the notification from the console
D: Change the Enable button for notification to ג€Noג€ in the RDS console

—

Question 152

A user has created a VPC with CIDR 20.0.0.0/16. The user has created one subnet with CIDR 20.0.0.0/16 by mistake. The user is trying to create another subnet of CIDR 20.0.0.1/24. How can the user create the second subnet?

A: There is no need to update the subnet as VPC automatically adjusts the CIDR of the first subnet based on the second subnet's CIDR
B: The user can modify the first subnet CIDR from the console
C: It is not possible to create a second subnet as one subnet with the same CIDR as the VPC has been created
D: The user can modify the first subnet CIDR with AWS CLI

—

Question 153

A user has created a VPC with the public and private subnets using the VPC wizard. The VPC has CIDR 20.0.0.0/16. The public subnet uses CIDR 20.0.1.0/24.
The user is planning to host a web server in the public subnet (port 80) and a DB server in the private subnet (port 3306). The user is configuring a security group for the public subnet (WebSecGrp) and the private subnet (DBSecGrp). Which of the below mentioned entries is required in the web server security group
(WebSecGrp)?

A: Configure Destination as DB Security group ID (DbSecGrp) for port 3306 Outbound
B: 80 for Destination 0.0.0.0/0 Outbound
C: Configure port 3306 for source 20.0.0.0/24 InBound
D: Configure port 80 InBound for source 20.0.0.0/16

—

Question 154

A user is trying to understand the detailed CloudWatch monitoring concept. Which of the below mentioned services provides detailed monitoring with CloudWatch without charging the user extra?

A: AWS Auto Scaling
B: AWS Route 53
C: AWS EMR
D: AWS SNS

—

Question 155

A user is trying to understand the CloudWatch metrics for the AWS services. It is required that the user should first understand the namespace for the AWS services. Which of the below mentioned is not a valid namespace for the AWS services?

A: AWS/StorageGateway
B: AWS/CloudTrail
C: AWS/ElastiCache
D: AWS/SWF

—

Question 156

A system admin is planning to encrypt all objects being uploaded to S3 from an application. The system admin does not want to implement his own encryption algorithm; instead he is planning to use server side encryption by supplying his own key (SSE-C). Which parameter is not required while making a call for SSE-C?

A: x-amz-server-side-encryption-customer-key-AES-256
B: x-amz-server-side-encryption-customer-key
C: x-amz-server-side-encryption-customer-algorithm
D: x-amz-server-side-encryption-customer-key-MD5

—

Question 157

You have a web-style application with a stateless but CPU and memory-intensive web tier running on a cc2 8xlarge EC2 instance inside of a VPC The instance when under load is having problems returning requests within the SLA as defined by your business The application maintains its state in a DynamoDB table, but the data tier is properly provisioned and responses are consistently fast.
How can you best resolve the issue of the application responses not meeting your SLA?

A: Add another cc2 8xlarge application instance, and put both behind an Elastic Load Balancer
B: Move the cc2 8xlarge to the same Availability Zone as the DynamoDB table
C: Cache the database responses in ElastiCache for more rapid access
D: Move the database from DynamoDB to RDS MySQL in scale-out read-replica configuration

—

Question 158

A user is using the AWS SQS to decouple the services. Which of the below mentioned operations is not supported by SQS?

A: SendMessageBatch
B: DeleteMessageBatch
C: CreateQueue
D: DeleteMessageQueue

—

Question 159

A user has configured Auto Scaling with 3 instances. The user had created a new AMI after updating one of the instances. If the user wants to terminate two specific instances to ensure that Auto Scaling launches an instances with the new launch configuration, which command should he run?

A: as-delete-instance-in-auto-scaling-group <Instance ID> --no-decrement-desired-capacity
B: as-terminate-instance-in-auto-scaling-group <Instance ID> --update-desired-capacity
C: as-terminate-instance-in-auto-scaling-group <Instance ID> --decrement-desired-capacity
D: as-terminate-instance-in-auto-scaling-group <Instance ID> --no-decrement-desired-capacity

—

Question 160

A user has launched an EC2 instance from an instance store backed AMI. If the user restarts the instance, what will happen to the ephemeral storage data?

A: All the data will be erased but the ephemeral storage will stay connected
B: All data will be erased and the ephemeral storage is released
C: It is not possible to restart an instance launched from an instance store backed AMI
D: The data is preserved

—

Question 161

A user has launched an EC2 instance. However, due to some reason the instance was terminated. If the user wants to find out the reason for termination, where can he find the details?

A: It is not possible to find the details after the instance is terminated
B: The user can get information from the AWS console, by checking the Instance description under the State transition reason label
C: The user can get information from the AWS console, by checking the Instance description under the Instance Status Change reason label
D: The user can get information from the AWS console, by checking the Instance description under the Instance Termination reason label

—

Question 162

A user has created a VPC with CIDR 20.0.0.0/24. The user has used all the IPs of CIDR and wants to increase the size of the VPC. The user has two subnets: public (20.0.0.0/28) and private (20.0.1.0/28). How can the user change the size of the VPC?

A: The user can delete all the instances of the subnet. Change the size of the subnets to 20.0.0.0/32 and 20.0.1.0/32, respectively. Then the user can increase the size of the VPC using CLI
B: It is not possible to change the size of the VPC once it has been created
C: The user can add a subnet with a higher range so that it will automatically increase the size of the VPC
D: The user can delete the subnets first and then modify the size of the VPC

—

Question 163

A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. Which of the below mentioned security policies is supported by ELB?

A: Dynamic Security Policy
B: All the other options
C: Predefined Security Policy
D: Default Security Policy

—

Question 164

A user has granted read/write permission of his S3 bucket using ACL. Which of the below mentioned options is a valid ID to grant permission to other AWS accounts (grantee. using ACL?

A: IAM User ID
B: S3 Secure ID
C: Access ID
D: Canonical user ID

—

Question 165

A user has configured an ELB to distribute the traffic among multiple instances. The user instances are facing some issues due to the back-end servers. Which of the below mentioned CloudWatch metrics helps the user understand the issue with the instances?

A: HTTPCode_Backend_3XX
B: HTTPCode_Backend_4XX
C: HTTPCode_Backend_2XX
D: HTTPCode_Backend_5XX

—

Question 166

A user has launched an EC2 instance store backed instance in the US-East-1a zone. The user created AMI #1 and copied it to the Europe region. After that, the user made a few updates to the application running in the US-East-1a zone. The user makes an AMI#2 after the changes. If the user launches a new instance in
Europe from the AMI #1 copy, which of the below mentioned statements is true?

A: The new instance will have the changes made after the AMI copy as AWS just copies the reference of the original AMI during the copying. Thus, the copied AMI will have all the updated data
B: The new instance will have the changes made after the AMI copy since AWS keeps updating the AMI
C: It is not possible to copy the instance store backed AMI from one region to another
D: The new instance in the EU region will not have the changes made after the AMI copy

—

Question 167

A user runs the command dd if=/dev/zero of=/dev/xvdfbs=1M on a fresh blank EBS volume attached to a Linux instance. Which of the below mentioned activities is the user performing with the command given above?

A: Creating a file system on the EBS volume
B: Mounting the device to the instance
C: Pre warming the EBS volume
D: Formatting the EBS volume

—

Question 168

You are managing a legacy application Inside VPC with hard coded IP addresses in its configuration.
Which two mechanisms will allow the application to failover to new instances without the need for reconfiguration? (Choose two.)

A: Create an ELB to reroute traffic to a failover instance
B: Create a secondary ENI that can be moved to a failover instance
C: Use Route53 health checks to fail traffic over to a failover instance
D: Assign a secondary private IP address to the primary ENIO that can be moved to a failover instance

—

Question 169

A user has created an Auto Scaling group using CLI. The user wants to enable CloudWatch detailed monitoring for that group. How can the user configure this?

A: When the user sets an alarm on the Auto Scaling group, it automatically enables detail monitoring
B: By default detailed monitoring is enabled for Auto Scaling
C: Auto Scaling does not support detailed monitoring
D: Enable detail monitoring from the AWS console

—

Question 170

A user has created a VPC with a public subnet. The user has terminated all the instances which are part of the subnet. Which of the below mentioned statements is true with respect to this scenario?

A: The user cannot delete the VPC since the subnet is not deleted
B: All network interface attached with the instances will be deleted
C: When the user launches a new instance it cannot use the same subnet
D: The subnet to which the instances were launched with will be deleted

—

Question 171

A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. The ELB security policy supports various ciphers. Which of the below mentioned options helps identify the matching cipher at the client side to the ELB cipher list when client is requesting ELB DNS over
SSL?

A: Cipher Protocol
B: Client Configuration Preference
C: Server Order Preference
D: Load Balancer Preference

—

Question 172

A user has created a VPC with public and private subnets. The VPC has CIDR 20.0.0.0/16. The private subnet uses CIDR 20.0.1.0/24 and the public subnet uses
CIDR 20.0.0.0/24. The user is planning to host a web server in the public subnet (port 80. and a DB server in the private subnet (port 3306). The user is configuring a security group of the NAT instance. Which of the below mentioned entries is not required for the NAT security group?

A: For Inbound allow Source: 20.0.1.0/24 on port 80
B: For Outbound allow Destination: 0.0.0.0/0 on port 80
C: For Inbound allow Source: 20.0.0.0/24 on port 80
D: For Outbound allow Destination: 0.0.0.0/0 on port 443

—

Question 173

A user has created an application which will be hosted on EC2. The application makes calls to DynamoDB to fetch certain data. The application is using the
DynamoDB SDK to connect with from the EC2 instance. Which of the below mentioned statements is true with respect to the best practice for security in this scenario?

A: The user should attach an IAM role with DynamoDB access to the EC2 instance
B: The user should create an IAM user with DynamoDB access and use its credentials within the application to connect with DynamoDB
C: The user should create an IAM role, which has EC2 access so that it will allow deploying the application
D: The user should create an IAM user with DynamoDB and EC2 access. Attach the user with the application so that it does not use the root account credentials

—

Question 174

An organization (Account ID 123412341234) has attached the below mentioned IAM policy to a user. What does this policy statement entitle the user to perform?

A: The policy allows the IAM user to modify all IAM user's credentials using the console, SDK, CLI or APIs
B: The policy will give an invalid resource error
C: The policy allows the IAM user to modify all credentials using only the console
D: The policy allows the user to modify all IAM user's password, sign in certificates and access keys using only CLI, SDK or APIs

—

Question 175

A sys admin is trying to understand the sticky session algorithm. Please select the correct sequence of steps, both when the cookie is present and when it is not, to help the admin understand the implementation of the sticky session:

ELB inserts the cookie in the response
ELB chooses the instance based on the load balancing algorithm
Check the cookie in the service request
The cookie is found in the request
The cookie is not found in the request

A: 3,1,4,2 [Cookie is not Present] & 3,1,5,2 [Cookie is Present]
B: 3,4,1,2 [Cookie is not Present] & 3,5,1,2 [Cookie is Present]
C: 3,5,2,1 [Cookie is not Present] & 3,4,2,1 [Cookie is Present]
D: 3,2,5,4 [Cookie is not Present] & 3,2,4,5 [Cookie is Present]

—

Page 7 of 38 • Questions 151-175 of 928

←

5 6 7 8 9

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!