無料セールまもなく終了！100%有効AWS-SysOps試験問題集に991問題と解答が待ってます [Q291-Q308]

無料セールまもなく終了！100%有効AWS-SysOps試験問題集に991問題と解答が待ってます

検証済みAWS-SysOps問題集と解答であなたを合格確定させるSysOps Administrator試験解答！

質問 # 291
A user is running one instance for only 3 hours every day. The user wants to save some cost with the instance.
Which of the below mentioned Reserved Instance categories is advised in this case?

• A. The user should use the AWS medium utilized RI
• B. The user should not use RI; instead only go with the on-demand pricing
• C. The user should use the AWS low utilized RI
• D. The user should use the AWS high utilized RI

正解：B

解説：
The AWS Reserved Instance provides the user with an option to save some money by paying a one-time fixed
amount and then save on the hourly rate. It is advisable that if the user is having 30% or more usage of an
instance per day, he should go for a RI. If the user is going to use an EC2 instance for more than 2200-2500
hours per year, RI will help the user save some cost. Here, the instance is not going to run for less than 1500
hours. Thus, it is advisable that the user should use the on-demand pricing.

質問 # 292
A SysOps Administrator is writing a utility that publishes resources from an AWS Lambda function in AWS Account A to an Amazon S3 bucket in AWS Account B. The Lambda function is able to successfully write new objects to the S3 bucket, but IAM users in Account B are unable to delete objects written to the bucket by Account A.
Which step will fix this issue?

• A. Disable server-side encryption for objects written to the S3 bucket by the Lambda function.
• B. Call the S3:PutObjectAcl API operation from the Lambda function in Account A to specify bucket owner, full control.
• C. Change the bucket policy of the S3 bucket in Account B to allow s3:DeleteObjectpermission for Account A.
• D. Add s3:DeleteObjectpermission to the IAM execution role of the AWS Lambda function in Account A.

正解：B

質問 # 293
An HTTP web application is launched on Amazon EC2 instances behind an ELB Application Load Balancer. The EC2 instances run across multiple Availability Zones. A network ACL and a security group for the load balancer and EC2 instances allow inbound traffic on port 80. After launch, the website cannot be reached over the internet.
What additional step should be taken?

• A. Add a rule to the network ACL allowing outbound traffic on port 80.
• B. Add a rule to the network ACL allowing outbound traffic on ports 1024 through 65535.
• C. Add a rule to the security group allowing outbound traffic on ports 1024 through 65535.
• D. Add a rule to the security group allowing outbound traffic on port 80.

正解：B

解説：
https://aws.amazon.com/premiumsupport/knowledge-center/connect-http-https-ec2/

質問 # 294
A user is planning to set up the Multi AZ feature of RDS.
Which of the below mentioned conditions won't take advantage of the Multi AZ feature?

• A. Region outage
• B. A manual failover of the DB instance using Reboot with failover option
• C. Availability zone outage
• D. When the user changes the DB instance's server type

正解：A

解説：
Amazon RDS when enabled with Multi AZ will handle failovers automatically. Thus, the user can resume database operations as quickly as possible without administrative intervention. The primary DB instance switches over automatically to the standby replica if any of the following conditions occur:
- An Availability Zone outage
- The primary DB instance fails
- The DB instance's server type is changed
- The DB instance is undergoing software patching
- A manual failover of the DB instance was initiated using Reboot with
failover

質問 # 295
A user has created a VPC with CIDR 20.0.0.0/16 using the wizard. The user has created public and VPN only subnets along with hardware VPN access to connect to the user's data center. The user has not yet launched any instance as well as modified or deleted any setup. He wants to delete this VPC from the console. Will the console allow the user to delete the VPC?

• A. No, since the NAT instance is running
• B. Yes, the console will delete all the setups and also delete the virtual private gateway
• C. Yes, the console will delete all the setups and detach the virtual private gateway
• D. No, the console will ask the user to manually detach the virtual private gateway first and then allow deleting the VPC

正解：C

解説：
Explanation
The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data center, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data center. When the user has configured this setup with Wizard, it will create a virtual private gateway to route all traffic of the VPN subnet. If the virtual private gateway is attached with VPC and the user deletes the VPC from the console it will first detach the gateway automatically and only then delete the VPC.

質問 # 296
You use S3 to store critical data for your company Several users within your group currently have lull permissions to your S3 buckets You need to come up with a solution mat does not impact your users and also protect against the accidental deletion of objects.
Which two options will address this issue?
Choose 2 answers

• A. Configure your S3 Buckets with MFA delete
• B. Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier
• C. Create a Bucket policy and only allow read only permissions to all users at the bucket level
• D. Enable versioning on your S3 Buckets

正解：A、C

質問 # 297
A SysOps Administrator must use a bastion host to administer a fleet of Amazon EC2 instances.
All access to the bastion host is managed by the Security team.
What is the MOST secure way for the Security team to provide the SysOps Administrator access to the bastion host?

• A. Create a new IAM role with the same permissions as the Security team, and assign it to the Administrator.
• B. Assign the same IAM role to the Administrator that is assigned to the bastion host.
• C. Create a new administrative account on the bastion host, and provide those credentials to the Administrator using AWS Secrets Manager.
• D. Provide the Administrator with the SSH key that was used for the bastion host when it was originally launched.

正解：D

解説：
https://cloud.ibm.com/docs/tutorials?topic=solution-tutorials-vpc-secure-management-bastion- server

質問 # 298
An ecommerce company uses an Amazon ElastiCache for Memcached cluster for in-memory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the sysops administrator notices a large number of evictions.
Which of the following actions will reduce these evictions? (Choose two.)

• A. Add an additional node to the ElastiCache cluster
• B. Increase the individual node size inside the ElastiCache cluster
• C. Put an Elastic Load Balancer in front of the ElastiCache cluster
• D. Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster
• E. Increase the ElastiCache time to live (TTL)

正解：A、B

解説：
Explanation/Reference: https://shaikmdrafi.wordpress.com/2017/05/30/aws-certified-sysops-administrator-associate-level/

質問 # 299
What does Amazon EBS stand for?

• A. Elastic Basic Storage
• B. Elastic Blade Server
• C. Elastic Block Store
• D. Elastic Business Server

正解：C

解説：
Amazon EBS stands for Elastic Block Store. It is a persistent storage that allows you to store the data of the Amazon EC2 Instances in a separated virtual storage automatically replicated within its Availability Zone in order to prevent component failure; with Amazon EBS the customer can add more storage every time they need it, and also add more performances with Amazon EBS Provisioned IOPS.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html

質問 # 300
A sys admin has created the below mentioned policy and applied to an S3 object named aws.jpg. The aws.jpg is inside a bucket named cloudacademy. What does this policy define?
"Statement": [{
"Sid": "Stmt1388811069831",
"Effect": "Allow",
"Principal": { "AWS": "*"},
"Action": [ "s3:GetObjectAcl", "s3:ListBucket", "s3:GetObject"],
"Resource": [ "arn:aws:s3:::cloudacademy/*.jpg"]
}]

• A. It will make all the objects of the bucket cloudacademy as public
• B. the aws.jpg object as public
• C. It is not possible to define a policy at the object level
• D. It will make the bucket cloudacademy as public

正解：C

解説：
A system admin can grant permission to the S3 objects or buckets to any user or make objects public using the bucket policy and user policy. Both use the JSON-based access policy language. Generally if the user is defining the ACL on the bucket, the objects in the bucket do not inherit it and vice a versa. The bucket policy can be defined at the bucket level which allows the objects as well as the bucket to be public with a single policy applied to that bucket. It cannot be applied at the object level.

質問 # 301
A user has configured ELB with three instances. The user wants to achieve High Availability as well as redundancy with ELB. Which of the below mentioned AWS services helps the user achieve this for ELB?

• A. AWS EMR
• B. AWS Mechanical Turk
• C. Auto Scaling
• D. Route 53

正解：D

解説：
Explanation
The user can provide high availability and redundancy for applications running behind Elastic Load Balancer by enabling the Amazon Route 53 Domain Name System (DNS. failover for the load balancers. Amazon Route 53 is a DNS service that provides reliable routing to the user's infrastructure.

質問 # 302
An organization recently faced a network outage while uploading data into one of their S3 buckets. This outage generated many incomplete multipart uploads in that S3 bucket. A sysops administrator wants to delete the incomplete multipart uploads and ensure that the incomplete multipart uploads are deleted automatically the next time such an event occurs.
How should this be done?

• A. Create an Amazon S3 Event Notification to trigger an AWS Lambda function that deletes incomplete multipart uploads.
• B. Use the AWS Management Console to abort all the incomplete uploads from the day of the event so that they are deleted.
• C. Create an Amazon S3 lifecycle rule to abort incomplete multipart uploads so that they are deleted this time and in the future.
• D. Use the AWS CLI to list all the multipart uploads, and abort all the incomplete uploads from the day of the event so that they are deleted.

正解：C

解説：
Explanation:https://aws.amazon.com/blogs/aws/s3-lifecycle-management-update-support-for- multipart-uploads-and-delete-markers/

質問 # 303
A company is managing a website with a global user base hosted on Amazon EC2 with an Application Load Balancer (ALB). To reduce the load on the web servers, a SysOps administrator configures an Amazon CloudFront distribution with the ALB as the origin. After a week of monitoring the solution, the administrator notices that requests are still being served by the ALB and there is no change in the web server load.
What are possible causes for this problem? (Choose two.)

• A. The ALB security group is not permitting inbound traffic from CloudFront.
• B. CloudFront does not have the ALB configured as the origin access identity.
• C. The target groups associated with the ALB are configured for sticky sessions.
• D. The default, minimum, and maximum Time to Live (TTL) are set to 0 seconds on the CloudFront distribution.
• E. The DNS is still pointing to the ALB instead of the CloudFront distribution.

正解：B、E

質問 # 304
You have two Elastic Compute Cloud (EC2) instances inside a Virtual Private Cloud (VPC) in the same Availability Zone (AZ) but in different subnets. One instance is running a database and the other instance an application that will interface with the database. You want to confirm that they can talk to each other for your application to work properly.
Which two things do we need to confirm in the VPC settings so that these EC2 instances can communicate inside the VPC?
Choose 2 answers

• A. Both instances are the same instance class and using the same Key-pair.
• B. Security groups are set to allow the application host to talk to the database on the right port/protocol.
• C. That the default route is set to a NAT instance or internet Gateway (IGW) for them to communicate.
• D. A network ACL that allows communication between the two subnets.

正解：B、D

質問 # 305
When an EC2 instance that is backed by an S3-based AMI Is terminated, what happens to the data on me root volume?

• A. Data is automatically saved as an E8S volume.
• B. Data is automatically deleted.
• C. Data is automatically saved as an ESS snapshot.
• D. Data is unavailable until the instance is restarted.

正解：D

解説：
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html

質問 # 306
Can you configure multiple Load Balancers with a single Auto Scaling group?

• A. Yes
• B. Yes, you can but only if it is configured with Amazon Redshift.
• C. Yes, you can provide the ELB is configured with Amazon AppStream.
• D. No

正解：A

解説：
Yes, you can configure more than one load balancer with an autoscaling group. Auto Scaling inte-grates with
Elastic Load Balancing to enable you to attach one or more load balancers to an existing Auto Scaling group.
After you attach the load balancer, it automatically registers the instances in the group and distributes incoming
traffic across the instances.
Reference:
http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/AS_Concepts.html

質問 # 307
A company has created an online retail application that is hosted on a fleet of Amazon EC2 instances behind an ELB Application Load Balancer. User authentication is handled at the individual EC2 instance level. Once a user is authenticated; all requests from that user must go to the same EC2 instance.
What should the SysOps Administrator enable to meet these requirements?

• A. ELB cross-zone load balancing
• B. ELB TCP listeners
• C. ELB sticky sessions
• D. ELB connection draining

正解：C

解説：
ELB can be configured to use sticky session feature (also called session affinity) which enables it to bind a user's session to an instance and ensures all requests are sent to the same instance.
Stickiness remains for a period of time which can be controlled by the application's session cookie, if one exists, or through cookie, named AWSELB, created through Elastic Load balancer.
Sticky sessions for ELB are disabled, by default.

質問 # 308
......

AWS-SysOps試験問題集で100%合格率AWS-SysOps試験：https://www.jpntest.com/shiken/AWS-SysOps-mondaishu

試験問題集リアルSysOps Administrator問題集991問題と解答が待ってますを試そう：https://drive.google.com/open?id=1owxwR3vxm120Bq8HZoqiBhZhM6bSmsUx