Topic 1: Mix Questions
A company has a mobile app that uses Amazon S3 to store images The images are popular for a week, and then the number of access requests decreases over time The images must be highly available and must be immediately accessible upon request A SysOps administrator must reduce S3 storage costs for the company Which solution will meet these requirements MOST cost-effectively?
A. Create an S3 Lifecycle policy to transition the images to S3 Glacier after 7 days
B. Create an S3 Lifecycle policy to transition the images to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 7 days
C. Create an S3 Lifecycle policy to transition the images to S3 Standard after 7 days
D. Create an S3 Lifecycle policy to transition the images to S3 Standard-Infrequent Access (S3 Standard-IA) after 7 days
A web application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an Auto Scaling group across multiple Availability Zones. A SysOpe administrator notices that some of these EC2 instances show up as heathy in the Auto Scaling g-out but show up as unhealthy in the ALB target group. What is a possible reason for this issue?
A. Security groups ate rot allowing traffic between the ALB and the failing EC2 instances
B. The Auto Seating group health check is configured for EC2 status checks
C. The EC2 instances are failing to launch and failing EC2 status checks.
D. The target group health check is configured with an incorrect port or path
Explanation: The issue where EC2 instances show up as healthy in the Auto Scaling group but unhealthy in the ALB target group is likely due to the target group health check being configured with an incorrect port or path.
A company's SysOps administrator deploys a public Network Load Balancer (NLB) in front of the company's web application. The web application does not use any Elastic IP addresses. Users must access the web application by using the company's domain name. The SysOps administrator needs to configure Amazon Route 53 to route traffic to the NLB. Which solution will meet these requirements MOST cost-effectively?
A. Create a Route 53 AAAA record for the NLB.
B. Create a Route 53 alias record for the NLB.
C. Create a Route 53 CAA record for the NLB.
D. Create a Route 53 CNAME record for the NLB.
Explanation: To route traffic to the Network Load Balancer (NLB) using Amazon Route 53 cost-effectively, creating an alias record is the best solution.
A company has developed a service that is deployed on a fleet of Linux-based Amazon EC2 instances that are in an Auto Scaling group. The service occasionally fails unexpectedly because of an error in the application code. The company's engineering team determines that resolving the underlying cause of the service failure could take several weeks. A SysOps administrator needs to create a solution to automate recovery if the service crashes on any of the EC2 instances. Which solutions will meet this requirement? (Select TWO.)
A. Install the Amazon CloudWatch agent on the EC2 instances. Configure the CloudWatch agent to monitor the service. Set the CloudWatch action to restart if the service health check fails.
B. Tag the EC2 instances. Create an AWS Lambda function that uses AWS Systems Manager Session Manager to log in to the tagged EC2 instances and restart the service. Schedule the Lambda function to run every 5 minutes.
C. Tag the EC2 instances. Use AWS Systems Manager State Manager to create an association that uses the AWS-RunSheIIScript document. Configure the association command with a script that checks if the service is running and that starts the service if the service is not running. For targets, specify the EC2 instance tag. Schedule the association to run every 5 minutes.
D. Update the EC2 user data that is specified in the Auto Scaling group's launch template to include a script that runs on a cron schedule every 5 minutes.
E. Update the EC2 user data that is specified in the Auto Scaling group's launch template to ensure that the service runs during startup. Redeploy all the EC2 instances in the Auto Scaling group with the updated launch template.
Explanation:
The requirement is to automate recovery if the service crashes on any of the EC2
instances.
Option A: Install the Amazon CloudWatch agent on the EC2 instances. Configure the
CloudWatch agent to monitor the service. Set the CloudWatch action to restart if the
service health check fails . This is a valid solution because the CloudWatch agent can be
configured to monitor the service and take action (restart the service) if the health check
fails .
Option C: Tag the EC2 instances. Use AWS Systems Manager State Manager to create an
association that uses the AWS-RunShellScript document. Configure the association
command with a script that checks if the service is running and that starts the service if the
service is not running. For targets, specify the EC2 instance tag. Schedule the association
to run every 5 minutes678. This is a valid solution because AWS Systems Manager State
Manager can be used to maintain a consistent state of the EC2 instances. It can run a
script to check if the service is running and start the service if it’s not running678.
Option B: Tag the EC2 instances. Create an AWS Lambda function that uses AWS
Systems Manager Session Manager to log in to the tagged EC2 instances and restart the
service. Schedule the Lambda function to run every 5 minutes . This is not a valid solution
because AWS Lambda functions are not designed to log in to EC2 instances and restart
services. They are used for running serverless applications.
Option D: Update the EC2 user data that is specified in the Auto Scaling group’s launch
template to include a script that runs on a cron schedule every 5 minutes131415. This is
not a valid solution because user data scripts are run only during the launch of an EC2
instance. They are not designed to run on a schedule.
Option E: Update the EC2 user data that is specified in the Auto Scaling group’s launch
template to ensure that the service runs during startup. Redeploy all the EC2 instances in
the Auto Scaling group with the updated launch template131416. This is not a valid solution
because while user data can be used to ensure that the service runs during startup, it does
not provide a solution for when the service crashes after the EC2 instance has started.
A company is using an Amazon CloudWatch alarm lo monitor the FreeLocalStorage metric for an Amazon Aurora PostgreSQL production database The alarm goes into ALARM state and indicates that the database is running low on temporary storage. A SysOps administrator discovers that a weekly report is using most of the temporary storage that is currently allocated. What should the SysOps administrator do to solve this problem?
A. Turn on Aurora PostgreSQL query plan management.
B. Modify the configuration of the DB cluster to turn on storage auto scaling.
C. Add an Aurora read replica to the DB cluster. Modify the report lo use the new read replica.
D. Modify the DB instance class for each DB instance In the DB cluster to increase the instance size.
Explanation:
Storage Auto Scaling:
Aurora storage auto scaling automatically increases the storage capacity of the database cluster when free storage space is running low.
Steps:
: Aurora Storage Auto Scaling
A SysOps administrator must ensure that all of a company's current and future Amazon S3 buckets have logging enabled If an S3 bucket does not have logging enabled an automated process must enable logging for the S3 bucket. Which solution will meet these requirements?
A. Use AWS Trusted Advisor 10 perform a check for S3 buckets that do not have logging enabled Configure the check to enable logging for S3 buckets that do not have logging enabled.
B. Configure an S3 bucket policy that requires all current and future S3 buckets to have logging enabled
C. Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses an AWS Lambda function to enable logging.
D. Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses the AWS-ConfigureS3BucketLoggmg AWS Systems Manager Automation runbook to enable logging.
Explanation:
AWS Config Managed Rule for S3 Logging:
The s3-bucket-logging-enabled AWS Config rule checks whether S3 buckets have
logging enabled.
Steps:
: AWS Config Managed Rules
Using AWS Lambda for Remediation:
Create a Lambda function that enables logging on S3 buckets.
Steps:
Write a Lambda function in Python or Node.js to enable logging.
Configure the function to trigger on non-compliant buckets.
Reference: AWS Lambda
Using AWS Systems Manager Automation:
The AWS-ConfigureS3BucketLogging runbook automates enabling logging.
Steps:
Go to the AWS Management Console.
Navigate to Systems Manager.
Create an Automation document or use the existing AWS-ConfigureS3BucketLogging
runbook.
Configure the remediation action to use this runbook.
A SysOps administrator needs to implement a backup strategy for Amazon EC2 resources
and Amazon RDS resources. The backup strategy must meet the following retention
requirements:
• Daily backups: must be kept for 6 days
• Weekly backups: must be kept for 4 weeks:
• Monthly backups: must be kept for 11 months
• Yearly backups: must be kept for 7 years
Which backup strategy will meet these requirements with the LEAST administrative effort?
A. Use Amazon Data Lifecycle Manager to create an Amazon Elastic Block Store (Amazon EBS) snapshot policy. Create tags on each resource that needs to be backed up. Create multiple schedules according to the requirements within the policy. Set the appropriate frequency and retention period.
B. Use AWS Backup to create a new backup plan for each retention requirement with a backup frequency of daily, weekly, monthly, or yearly. Set the retention period to match the requirement. Create tags on each resource that needs to be backed up. Set up resource assignment by using the tags.
C. Create an AWS Lambda function. Program the Lambda function to use native tooling to take backups of file systems in Amazon EC2 and to make copies of databases in Amazon RDS. Create an Amazon EventBridge rule to invoke the Lambda function.
D. Use Amazon Data Lifecycle Manager to create an Amazon Elastic Block Store (Amazon EBS) snapshot policy. Create tags on each resource that needs to be backed up. Set up resource assignment by using the tags. Create multiple schedules according to the requirements within the policy. Set the appropriate frequency and retention period. In Amazon RDS, activate automated backups on the required DB instances.
Explanation:
AWS Backup provides a centralized way to manage backups across AWS services. Here's
how to implement the required backup strategy with minimal administrative effort:
Create Backup Plans: Set up different backup plans in AWS Backup, each
configured for a specific backup frequency—daily, weekly, monthly, and yearly.
Set Retention Periods: For each backup plan, configure the retention settings to
align with the required retention durations: 6 days, 4 weeks, 11 months, and 7
years respectively.
Tag Resources: Apply tags to each EC2 and RDS resource that needs to be
backed up. This allows for the automated inclusion of these resources in the
respective backup plans based on their tags.
Assign Resources to Backup Plans: Use the tags to define which resources are
included in each backup plan, ensuring that all necessary resources are backed up
according to the defined schedules and retention policies.
A Sysops administrator configured AWS Backup to capture snapshots from a single Amazon EC2 instance that has one Amazon Elastic Block Store (Amazon EBS) volume attached. On the first snapshot, the EBS volume has 10 GiB of data. On the second snapshot, the EBS volume still contains 10 GiB of data, but 4 GiB have changed. On the third snapshot, 2 GiB of data have been added to the volume, for a total of 12 GiB. How much total storage is required to store these snapshots?
A. 12 GiB
B. 16 GiB
C. 26 GiB
D. 32 GiB
Explanation:
AWS EBS snapshots are incremental, meaning that after the initial full snapshot, only the
blocks that have changed since the last snapshot are saved. Here’s how the storage adds up based on your scenario:
First Snapshot: Captures all 10 GiB of data.
Second Snapshot: Only 4 GiB have changed, so only these changed blocks are
stored.
Third Snapshot: An additional 2 GiB of data are added, making only these new 2
GiB stored.
Thus, the total storage required is 10 GiB (initial snapshot) + 4 GiB (second snapshot) + 2
GiB (third snapshot) = 16 GiB.
A SysOps administrator must configure a resilient tier of Amazon EC2 instances for a high performance computing (HPC) application. The HPC application requires minimum latency between nodes Which actions should the SysOps administrator take to meet these requirements? (Select TWO.)
A. Create an Amazon Elastic File System (Amazon EPS) file system Mount the file system to the EC2 instances by using user data
B. Create a Multi-AZ Network Load Balancer in front of the EC2 instances
C. Place the EC2 instances in an Auto Scaling group within a single subnet
D. Launch the EC2 instances into a cluster placement group
E. Launch the EC2 instances into a partition placement group
A company needs to take an inventory of applications that are running on multiple Amazon EC2 instances. The company has configured users and roles with the appropriate permissions for AWS Systems Manager. An updated version of Systems Manager Agent has been installed and is running on every instance. While configuring an inventory collection, a SysOps administrator discovers that not all the instances in a single subnet are managed by Systems Manager. What must the SysOps administrator do to fix this issue?
A. Ensure that all the EC2 instances have the correct tags for Systems Manager access.
B. Configure AWS Identity and Access Management Access Analyzer to determine and automatically remediate the issue.
C. Ensure that all the EC2 instances have an instance profile with Systems Manager access.
D. Configure Systems Manager to use an interface VPC endpoint.
Explanation: Ensuring that all the EC2 instances have an instance profile with Systems Manager access is the most effective way to fix this issue. Having an instance profile with Systems Manager access will allow the SysOps administrator to configure the inventory collection for all the instances in the subnet, regardless of whether or not they are managed by Systems Manager.
A user working in the Amazon EC2 console increased the size of an Amazon Elastic Block Store (Amazon EBS) volume attached to an Amazon EC2 Windows instance. The change is not reflected in the file system. What should a SysOps administrator do to resolve this issue?
A. Extend the file system with operating system-level tools to use the new storage capacity.
B. Reattach the EBS volume to the EC2 instance.
C. Reboot the EC2 instance that is attached to the EBS volume.
D. Take a snapshot of the EBS volume. Replace the original volume with a volume that is created from the snapshot.
Explanation: After increasing the size of an Amazon EBS volume, the operating system must be configured to use the additional space. For a Windows instance, you need to extend the file system using disk management tools.
A SysOps administrator has Nocked public access to all company Amazon S3 buckets. The SysOps administrator wants to be notified when an S3 bucket becomes publicly readable in the future. What is the MOST operationally efficient way to meet this requirement?
A. Create an AWS Lambda function that periodically checks the public access settings for each S3 bucket. Set up Amazon Simple Notification Service (Amazon SNS) to send notifications.
B. Create a cron script that uses the S3 API to check the public access settings for each S3 bucket. Set up Amazon Simple Notification Service (Amazon SNS) to send notifications
C. Enable S3 Event notified tons for each S3 bucket. Subscribe S3 Event Notifications to an Amazon Simple Notification Service (Amazon SNS) topic.
D. Enable the s3-bucket-public-read-prohibited managed rule in AWS Config. Subscribe the AWS Config rule to an Amazon Simple Notification Service (Amazon SNS) topic.
Explanation: AWS Config can continuously monitor and record your AWS resource configurations. It provides AWS Config rules that automatically check the configuration of AWS resources and notify you of compliance and non-compliance.
| Page 13 out of 41 Pages |
| Previous |