Your team used CloudWatch Event rules to manage system events and trigger different targets to process the events. Your manager asks you to check if the event rules can be reconfigured through Amazon Event Bridge since Event Bridge uses the same CloudWatch Events API. For which of the following options, can you ONLY use Amazon Event Bridge instead of CloudWatch Event? (Select 2)
Correct
Incorrect
Question 2 of 50
2. Question
1 point(s)
Your company’s security team starts to configure firewall rules in AWS WAF to filter and monitor the HTTP(s) request. You need to monitor the web ACLs and rules using Amazon CloudWatch. The CloudWatch metrics to be monitored include Allowed Requests. In terms of these CloudWatch metrics, which of the following statements is true?
Correct
Incorrect
Question 3 of 50
3. Question
1 point(s)
The team is configuring a WAF ACL to filter the ingress traffic for a new Application Load Balancer. The team needs to check which requests were blocked, allowed, or counted and whether the requests matched the WAF ACL rule properly. Which of the following options is suitable?
Correct
Incorrect
Question 4 of 50
4. Question
1 point(s)
Your team is developing a clickstream analysis application and creating an Elastic search cluster in Amazon Elastic search Service (Amazon ES). The service needs to be highly available. The downtime of the Elastic search cluster should be minimized. Which of the following options can help to achieve this requirement? (Select 2)
Correct
Incorrect
Question 5 of 50
5. Question
1 point(s)
CloudTrail has been enabled in your AWS account, and the CloudTrail logs are saved in a CloudWatch Log group. You want to create a metric filter in the log group that can filter all the EC2 Auto Scaling groups and Launch Configuration. How would you define the filter pattern in the metric filter?
Correct
Incorrect
Question 6 of 50
6. Question
1 point(s)
A start-up firm is planning to build a new multi-account environment with AWS. They are looking for a managed service that will recommend best practices and provide guardrails to manage the AWS environment at scale. The new environment should be secure and scale well with future growth.
Which service is best suited to be used to meet this requirement?
Correct
Incorrect
Question 7 of 50
7. Question
1 point(s)
Junior Engineer has performed changes on AWS resources leading to an outage
The operations team is looking for the resource on which changes were performed and its impact on other resources in a network.
Which component of the AWS Config can be viewed to check the required information?
Correct
Incorrect
Question 8 of 50
8. Question
1 point(s)
Operations Team has created a new AWS Config dashboard. Management wants to know details of the resources which will be displayed on the AWS Config dashboard.
Which of the following are correct statements for information provided by AWS Config Dashboard?
Correct
Incorrect
Question 9 of 50
9. Question
1 point(s)
A Global IT firm has created multiple accounts across multiple regions users to create AWS resources. AWS Config is set up to capture all resources data for multiple accounts in the us-east-1 region. Operations Lead is looking for the total count of resources across all the regions along with the total non-compliant resources.
Which of the following dashboards can be viewed to get the required details?
Correct
Incorrect
Question 10 of 50
10. Question
1 point(s)
A global engineering firm stores project-related sensitive data files in the Amazon S3 bucket in the us-west-1 region. Security Head is looking for a detail of the API calls mode to modify files in this bucket.
Which additional configuration can be done in AWS CloudTrail to capture these details?
Correct
Incorrect
Question 11 of 50
11. Question
1 point(s)
An engineering firm wants to capture all unusual activities performed on resources deployed in AWS Cloud. As an AWS Consult, you have recommended enabling AWS CloudTrail Insight events for all trails. Management is looking for the details of the events which will be monitored using Insight events.
Which is the correct statement with regards to AWS CloudTrail Insight events?
Correct
Incorrect
Question 12 of 50
12. Question
1 point(s)
A three-tier application is deployed within AW Cloud infrastructure. The Operations team is analyzing logs from multiple resources to identify ERROR and associated details with the application. Due to the large size of logs, searching takes a longer time. The team is looking up to your suggestion which will speed up the search.
Which setting can be applied to identify the error from logs quickly?
Correct
Incorrect
Question 13 of 50
13. Question
1 point(s)
An IT firm has deployed a legacy application on an Amazon EC2 instance. The operations team wants to analyze custom metric data for this application published 30 days back with a standard resolution to Amazon CloudWatch. Team Lead is concerned about the resolution of metric data.
Which is the correct statement depicting the resolution of metric data?
Correct
Incorrect
Question 14 of 50
14. Question
1 point(s)
An IT firm has deployed a new Java-based application on the Amazon EC2 instance. The Operations Team is looking for an end-to-end application view that can help to identify latency and errors while accessing this application. AWS Consultant has suggested deploying Service Lens for this purpose. SysOps team has already deployed AWS X-Ray for this requirement.
Which additional configuration needs to be done to complete this deployment? (Select 2)
Correct
Incorrect
Question 15 of 50
15. Question
1 point(s)
An IT firm runs a .NET application on Amazon EC2 instance with SQL Server running on Amazon RDS. Operations Head is looking for the performance data for .NET and SQL servers which can help analyze data and identify issues with the dashboard for errors across all components of the application.
As a SysOps administrator, which setting can be configured? (Select two options)
Correct
Incorrect
Question 16 of 50
16. Question
1 point(s)
An Organization has copies of user’s files stored in Amazon S3. While conducting analysis, a SysOps Administrator noticed that files are rarely accessed after 45 days.
What is the most cost-effective way for the Administrator to reduce storage cost while providing access to the files for the users within 3 to 5 hours if needed?
Correct
Incorrect
Question 17 of 50
17. Question
1 point(s)
Your development team has currently made changes to an application that is hosted in AWS. Currently, the application is in production, and route 53 is being used as the DNS service. The new version of the application has undergone testing and now needs to be promoted to a separate environment. They need an initial set of traffic to be directed to the new version of the application for testing before the final cutover can be made. Which of the following would you implement?
Correct
Incorrect
Question 18 of 50
18. Question
1 point(s)
You have created your own VPC with public and private subnets. You have EC2 instances set up in the public and private subnets. An application has been deployed on an instance in the private subnet. This instance needs to interact with the S3 service. But the instance is not able to interact with the S3 service. You have ensured that an IAM Role with the right permission has been assigned to the EC2 instance. Which of the following could be the underlying issue?
Correct
Incorrect
Question 19 of 50
19. Question
1 point(s)
A financial firm has a web application configured on an EC2 instance behind an ELB. A static website is configured using an Amazon S3 bucket. Hosted Zone for this website is configured using Amazon Route 53. This static website should ac=t as a backup if any outage in ELB or associated ECX2 instance. Failover from a dynamic website to a static website should be seamless and fully automatic.
What will health checks at Amazon Route 53 help to meet this requirement? (Select 2)?
Correct
Incorrect
Question 20 of 50
20. Question
1 point(s)
You are working as a SysOps administrator for a large financial organization using AWS EC2 instance for its extranet applications. To enhance the security of new Linux-based EC2 instances, management has decided to automate vulnerability checks for future instance launches, including Amazon Inspector. You are evaluating different ways to install Amazon Inspector on these new EC2 instances that are launched on these new EC2 instances that are launched continuously in a large number based upon user demand. The security team has a mandate that no additional agent needs to be part of this installation process. Which of the following would help install Amazon Inspector automatically in the most secure way with the least effort?
Correct
Incorrect
Question 21 of 50
21. Question
1 point(s)
A company has a bucket that has a set of documents. These documents have sensitive information. The IT management staff needs to be notified whenever a change is made to the documents in the S3 bucket. How can you achieve this? (Select 2)
Correct
Incorrect
Question 22 of 50
22. Question
1 point(s)
A team has developed an application that works with a DynamoDB table. Now the application is going to be hosted as an EC2 instance. Which of the following would you implement to ensure that the application has the relevant permissions to access the DynamoDB table?
Correct
Incorrect
Question 23 of 50
23. Question
1 point(s)
A company currently uses a Redshift cluster for managing its data warehouse. Now there is a requirement to ensure that all the data that gets transferred to the Redshift cluster is done via a VPC. as a System administrator; how would you accomplish this requirement?
Correct
Incorrect
Question 24 of 50
24. Question
1 point(s)
Your company has a set of EC2 instances and also servers in their on-premises environment. The configuration management team wants to collect information on these servers, such as the software’s installed. For that, they can record it in their configuration management database. How would you achieve this in the easiest way possible?
Correct
Incorrect
Question 25 of 50
25. Question
1 point(s)
Your company is hosting an application that consists of a blogging site where some static articles get a lot of hits and sometimes cause the application to behave slowly. Which of the following can be used to alleviate the issue of many users hitting the application for such pages?
Correct
Incorrect
Question 26 of 50
26. Question
1 point(s)
One of your team members launched an EC2-EBS backed Linux-based instance and installed an application on it. A couple of weeks later, the user lost the private key and could not log into the instance. What can you do in such a situation? (Select 2)
Correct
Incorrect
Question 27 of 50
27. Question
1 point(s)
Your team is planning to host a database using the AWS RDS service. You have to come up with the forecasted costs. Which of the following do you need to consider for the part of the costing aspects for the database? (Select three options)
Correct
Incorrect
Question 28 of 50
28. Question
1 point(s)
Your company needs to implement a web application on AWS. They need to expose APIs which customers can invoke. They do not want to manage the underlying infrastructure for the web service. Which of the following 2 services would you implement for this purpose?
Correct
Incorrect
Question 29 of 50
29. Question
1 point(s)
A company wants to move a database from its on-premises infrastructure to AWS. This is a MySQL database. They want you as a SysOps administrator to facilitate this move. Which of the following service would you choose for hosting the database?
Correct
Incorrect
Question 30 of 50
30. Question
1 point(s)
You have set up an AWS VPC for creating a test environment for the R&D team. R&D team, members launch a new RDS instance for testing database services in the cloud. You are concerned about the number of these instances that may exceed beyond the supported number of RDS instance in a region. Which of the following features can be enabled to get notified once 75% of the RDS instance of the service limits are launched?
Correct
Incorrect
Question 31 of 50
31. Question
1 point(s)
A company has an application architecture that is used to distribute software patches. The application architecture is hosted on a set of EC2 instances. Users download patch updates. The users are complaining o slow response. Which of the following can be used as an efficient and cost-effective option to mitigate this issue?
Correct
Incorrect
Question 32 of 50
32. Question
1 point(s)
Your company has the following architecture for its application on AWS.
• A set of EC2 Instances hosting the web part of the application.
• A relational database for the backend using AWS RDS.
• A load balancer for distribution of traffic.
• A NAT Gateway for routing traffic from the database server to the internet.
Which of the following can be used to increase the scalability and availability of the option given below?
Correct
Incorrect
Question 33 of 50
33. Question
1 point(s)
You are working as a SysOps Administrator for a large oil company. They are using AWS Organization to manage multiple accounts, which are created as per departments. There is a new requirement of denying access to S3 for all root users in all accounts while permitting only IAM users to access S3 for all root users in all accounts while permitting only IAM users to access S3 buckets. Which of the following can be done to achieve this with the least admin work?
Correct
Incorrect
Question 34 of 50
34. Question
1 point(s)
A company wants to set up EC2 instances in AWS. These instances will be hosting databases that will have a lot of read and write activity. You need to provision the volumes with high IO throughput. These instances will be hosting the mission-critical transactional database, and they will require consistent baseline performance with low latency
Which of the following would you implement?
Correct
Incorrect
Question 35 of 50
35. Question
1 point(s)
You have been tasked with the setup of an application that will consist of Ec2 instances and an Elastic Load Balancer. The Ec2 instances need to be able to withstand CPU bursts for long periods of time. Also, the application requests to the backend servers need to be routed based on the URL paths. Which of the following need to be considered in the implementation plan? (Select 2)
Correct
Incorrect
Question 36 of 50
36. Question
1 point(s)
You are working as a SysOps admin for an HR firm. They are storing resumes of all probable candidates in an S3 bucket. A separate bucket is being created based on the domain of each candidate. HR head is concerned about policy violations that may grant public read/write access to these S3 buckets. He wants to have a tool for monitoring all these buckets and rectify if any violations. Which of the following may be used to achieve these processors? (Select four options)
Correct
Incorrect
Question 37 of 50
37. Question
1 point(s)
You are setting AWS Config via AWS CLI, and you have created an S3 Bucket in your account named 12345. You are not receiving any change configuration notifications in this bucket. What could be the reason for this? (Select 2)
Correct
Incorrect
Question 38 of 50
38. Question
1 point(s)
You are working as a SysOps architect with a global advertising firm. Information for all clients is stored in the RDS DB instance using the Oracle database. Last month due to a natural disaster, AZ ap-southeast-2a was down, which caused an outage in the RDS DB instance. To avoid such outages in the future, you are concerned about the RDS DB instance running in the production environment within a single AZ and are not Multi-AZ enabled. Which of the following tools can be used to determine RDS DB instances across all regions which are not Multi-AZ enabled? (Select two options)
Correct
Incorrect
Question 39 of 50
39. Question
1 point(s)
You are working as a SysOps architect in a start-up company. A mission-critical application is deployed on EC2 instances. Last week, changes were made to the Security Group for this Ec2 instance. This, in turn, blocked the access for all users to the application. To avoid such issues in the future, you need to configure a notification whenever changes to the EC2 instances security group are done. Which of the following can be configured to meet this requirement?
Correct
Incorrect
Question 40 of 50
40. Question
1 point(s)
You are working as a SysOps architect with a financial company. You have a finance application on Ec2 instance behind an application load balancer. There is a third-party audit to be scheduled next month. As a pre-requisite, on a daily basis, the Auditors require a complete report of configuration changes on EC2 servers regardless of changes made to these servers. Which of the following can be configured to meet this requirement?
Correct
Incorrect
Question 41 of 50
41. Question
1 point(s)
You are working as a SysOps administrator for a global IT firm having IT infrastructure spread across multiple regions. Based upon business verticals, a separate AWS account is created. The operations director wants a consolidated report of resources count and compliance in all accounts across all regions. Which of the following can be used to achieve these requirements?
Correct
Incorrect
Question 42 of 50
42. Question
1 point(s)
You are working as a solution architect for a media firm. Your technical manager asks you to evaluate the cost of implementing AWS Config. Which of the following are components of AWS Config pricing? (Select 2)
Correct
Incorrect
Question 43 of 50
43. Question
1 point(s)
For a test setup of a new application, team members are initiating a large number of EC2 instances. Finance Team wants to evaluate how many of these EC2 instances are m4.large EC2 instances for cost projection. You created an AWS Config Custom rule along with the Lambda function. After successful rule creation, you get an error as “No resources in scope” under the Compliance section. Which of the following may be the reason for this error?
Correct
Incorrect
Question 44 of 50
44. Question
1 point(s)
You are working as a SysOps admin for a large pharma company. They are using infrastructure with a large number of EC2 instances. You are concerned about some critical EC2 servers for which any unplanned changes will be catastrophic. You want to be notified by an application team whenever there is a change to these instances. Notification emails should consist of user details performing those changes made. Which of the following services will you use for this purpose?
Correct
Incorrect
Question 45 of 50
45. Question
1 point(s)
You are working as a SysOps architect for a media firm. All news footage files are uploaded in the S3 bucket. To achieve old video footage, you set S3 lifecycle policies to move these files to STANDARD_IA after 30 days and to S3 glacier vaults after 90 days. For all compliance and audit requirements, you are looking for a tool to gather records across all regions. Which of the following can be used to evaluate AWS Glacier vaults? (Select 2)
Correct
Incorrect
Question 46 of 50
46. Question
1 point(s)
All of an educational institute’s digital learning materials are saved in an Amazon S3 bucket. Last month, during a routine security assessment, it was discovered that the malicious IP address was used to access the learning material using Amazon S3 API. The Security Head is seeking a proactive alert for API operations like these to take corrective action quickly. To read these security notifications, which service can be used?
Correct
Incorrect
Question 47 of 50
47. Question
1 point(s)
You work for a large corporation and want to set up a multi-account AWS setup that is secure and compliant. End-users should be able to provision their AWS accounts using that service swiftly. At the same time, the AWS Organizations’ central management staff should ensure that all accounts adhere to industry-wide compliance regulations. Which of the following services is the best fit for the situation?
Correct
Incorrect
Question 48 of 50
48. Question
1 point(s)
During an outage, it was discovered that an operations team member had made a mistake when configuring the Amazon EC2 instance. The team lead examines AWS CloudTrail logs for more information, looking for the individual who made the modifications and the tool from which they were made. To obtain these details, which fields of the AWS CloudTrail Logs should be examined?
Correct
Incorrect
Question 49 of 50
49. Question
1 point(s)
You work for a fintech startup as an AWS administrator. You gain access to all of the Trusted Advisor inspections and suggestions with the AWS Business Support plan. One month ago, Trusted Advisor detected a security problem with an EC2 instance Security Group. However, it was not until a recent security breach that the team became aware of the problem. You must now set up weekly email notifications for the outcomes of the Trusted Advisor check. Which of the following approaches is the most straightforward?
Correct
Incorrect
Question 50 of 50
50. Question
1 point(s)
The database administrator seeks to save credentials for a database set up on an Amazon EC2 instance. Credentials must be rotated regularly to comply with security rules. For storing configuration files, these instances are already connected with the AWS Parameter Store. The Team Lead is searching for a means to call secrets from the existing configuration scripts consistently. What can be done to meet this criterion?
Correct
Incorrect
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.