AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 5

A user has launched an EC2 instance from an instance store backed AMI. The user has attached an additional instance store volume to the instance. The user wants to create an AMI from the running instance. WII the AMI have the additional Instance store volume data?


Options are :

  • No, since this is ethereal storage it will not be a part of the AMI
  • Yes, the block device mapping will have information about the additional instance store volume (Correct)
  • It is not possible to attach an additional instance store volume to the existing instance store backed AMI instance
  • No, since the instance store backed AMI can have only the root volume bundled

Answer : Yes, the block device mapping will have information about the additional instance store volume

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 8

A sys admin is trying to understand the sticky session algorithm. Please select the correct sequence of steps, both when the cookie is present and when it is not, to help the admin understand the implementation of the sticky session: ELB inserts the cookie In the response ELB chooses the instance based on the load balancing algorithm Check the cookie in the service request The cookie is found in the request The cookie is not found in the request


Options are :

  • 3, 5, 2, 1 [Cookie is not Present] & 3, 4, 2, 1 (Cookie is Present i (Correct)
  • 3, 2, 5, 4 (Cookie is not Present] & 3, 2, 4, 5 [Cookie is Present]
  • 3, 1,4, 2 (Cookie is not Present j & 3, 1, 5, 2 (Cookie is Present j
  • 3, 4, 1, 2 I Cookie Is not Present i & 3, 5, 1, 2 (Cookie is Present i

Answer : 3, 5, 2, 1 [Cookie is not Present] & 3, 4, 2, 1 (Cookie is Present i

A user is creating a Cloud formation stack. Which of the below mentioned limitations does not hold true for Cloud formation?


Options are :

  • The template, parameter, output, and resource description fields are limited to 4096 characters
  • One account by default is limited to 20 stacks
  • One account by default is limited to 100 templates (Correct)
  • The user can use 60 parameters and 60 outputs in a single template

Answer : One account by default is limited to 100 templates

An organization has created a Queue named „modular queue” with SOS. The organization is not performing any operations such as Send Message, Receive Message, Delete Message, Get Queue Attributes, Set Queue Attributes, Add Permission, and Remove Permission on the queue. What can happen in this scenario?


Options are :

  • AWS SQS can delete queue after 30 days without notification (Correct)
  • AWS SQS notifies the user after 2 weeks and deletes the queue after 3 weeks.
  • AWS SQS sends notification after 15 days for inactivity on queue
  • AWS SQS marks queue inactive after 30 days

Answer : AWS SQS can delete queue after 30 days without notification

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 9

A user has created a VPC with public and private subnets. The VPC has CIDR 20.0.0.0/16. The private subnet uses CIDR 20.0.1.0/24 and the public subnet uses CIDR 20.0.0.0/24. The user Is planning to host a web server in the public subnet (port 80. and a DB server in the private subnet (port 3306.. The user is configuring a security group of the NAT instance. Which of the below mentioned entries is not required for the NAT security group?


Options are :

  • For Outbound allow Destination: 0.0.0.0/0 on port 80
  • For Inbound allow Source: 20.0.1.0/24 on port 80
  • For Outbound allow Destination: 0.0.0.0/0 on port 443
  • For Inbound allow Source: 20.0.0.0/24 on port 80 (Correct)

Answer : For Inbound allow Source: 20.0.0.0/24 on port 80

A user has created a VPC with two subnets: one public and one private. The user is planning to run the patch update for the instances in the private subnet. How can the instances in the private subnet connect to the internet?


Options are :

  • . Allow outbound traffic in the security group for port 80 to allow internet updates
  • The private subnet can never connect to the internet
  • Use NAT with an elastic IP (Correct)
  • Use the internet gateway with a private IP

Answer : Use NAT with an elastic IP

A user has provisioned 2000 IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of the below mentioned options does not affect the IOPS of the volume?


Options are :

  • The EC2 instance has 10 Gigabit Network connectivity
  • The instance is EBS optimized
  • The application does not have enough 10 for the volume
  • The volume size is too large (Correct)

Answer : The volume size is too large

AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 4

A user has launched an EC2 instance store backed instance in the US-East-la zone. The user created AMI #1 and copied it to the Europe region. After that, the user made a few updates to the application running in the US-East-l a zone. The user makes an AMI#2 after the changes. If the user launches a new instance in Europe from the AMI #1 copy, which of the below mentioned statements is true?


Options are :

  • The new instance will have the changes made after the AMI copy as AWS just copies the reference of the original AMI during the copying. Thus, the copied AMI will have all the updated data
  • It is not possible to copy the instance store backed AMI from one region to another
  • The new instance will have the changes made after the AMI copy since AWS keeps updating the AMI
  • The new instance in the EU region will not have the changes made after the AMI copy (Correct)

Answer : The new instance in the EU region will not have the changes made after the AMI copy

A user has created a VPC with a public subnet. The user has terminated at the instances which are part of the subnet. Which of the below mentioned statements is true with respect to this scenario?


Options are :

  • The user cannot delete the VPC since the subnet is not deleted
  • All network interface attached with the instances will be deleted (Correct)
  • The subnet to which the instances were launched with wit be deleted
  • When the user launches a new instance it cannot use the same subnet

Answer : All network interface attached with the instances will be deleted

A user has created an EBS volume of 10 GB and attached it to a running instance. The user is trying to access EBS for first time. Which of the below mentioned options is the correct statement with respect to a first time EBS access?


Options are :

  • The volume will show a size of 8 GB
  • The volume will be blank
  • The volume will show a loss of the IOPS performance the first time (Correct)
  • If the EBS is mounted ii will ask the user to create a file system

Answer : The volume will show a loss of the IOPS performance the first time

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 9

A user runs the command “dd if=ldev / xvdf of=/dev/null bs=1 M? on an EBS volume created from a snapshot and attached to a Linux instance. Which of the below mentioned activities is the user performing with the step given above?


Options are :

  • Copying the data from a snapshot to the device
  • Pre warming the EBS volume (Correct)
  • Formatting the volume
  • Initiating the device to mount on the EBS volume

Answer : Pre warming the EBS volume

A user has two EC2 instances running in two separate regions. The user is running an internal memory management tool, which captures the data and sends it to Cloud Watch In US East, using a CLI with the same namespace and metric. Which of the below mentioned options is true with respect to the above statement?


Options are :

  • Cloud Watch Will receive and aggregate the data based on the namespace and metric (Correct)
  • Cloud Watch will give an error since the data will conflict due to two sources
  • Cloud Watch will take the data of the server, which sends the data first
  • The setup will not work as Cloud Watch cannot receive data across regions

Answer : Cloud Watch Will receive and aggregate the data based on the namespace and metric

An organization has created 10 1AM users. The organization wants each of the IAM users to have access to a separate Dynamo DB table. Al the users are added to the same group and the organization wants to setup a group level policy for this. How can the organization achieve this?


Options are :

  • Create a separate Dynamo DB database for each user and configure a policy in the group based on the DB variable
  • Define the group policy and add a condition which allows the access based on the IAM name
  • It is not possible to have a group level policy which allows different IAM users to different Dynamo DB Tables (Correct)
  • Create a Dynamo OB table with the same name as the IAM user name and define the policy rule which grants access based on the Dynamo DB ARN using a variable

Answer : It is not possible to have a group level policy which allows different IAM users to different Dynamo DB Tables

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 16

An organization is planning to create a user with IAM. They are trying to understand the limitations of IAM so that they can plan accordingly. Which of the below mentioned statements is not true with respect to the limitations of IAM?


Options are :

  • One IAM user can be a part of a maximum of 5 groups (Correct)
  • One AWS account can have a maximum of 5000 1AM users
  • The organization can create 100 groups per AWS account
  • One AWS account can have 250 roles

Answer : One IAM user can be a part of a maximum of 5 groups

A user is collecting 1000 records per second. The user wants to send the data to Cloud Watch using the custom namespace. Which of the below mentioned options is recommended for this activity?


Options are :

  • Send all the data values to Cloud Watch in a single command by separating them with a comma. Cloud Watch will parse automatically
  • Create one CSV file of all the data and send a single file to Cloud Watch
  • Aggregate the data with statistics, such as Mm, max, Average, Sum and Sample data and send the data to Cloud Watch
  • It is not possible to send all the data in one call. Thus, it should be sent one by one. Cloud Watch will aggregate the data automatically (Correct)

Answer : It is not possible to send all the data in one call. Thus, it should be sent one by one. Cloud Watch will aggregate the data automatically

An organization has configured Auto Scaling for hosting their application. The system admin wants to understand the Auto Scaling health check process. If the Instance Is unhealthy, Auto Scaling launches an instance and terminates the unhealthy instance. What is the order execution?


Options are :

  • Auto Scaling launches and terminates the instances simultaneously
  • Auto Scaling launches a new instance first and then terminates the unhealthy instance
  • Auto Scaling performs the launch and terminate processes in a random order
  • Auto Scaling terminates the instance first and then launches a new instance (Correct)

Answer : Auto Scaling terminates the instance first and then launches a new instance

AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 5

A user is having data generated randomly based on a certain event. The user wants to upload that data to Cloud Watch. It may happen that event may not have data generated for some period due to and omens. Which of the below mentioned options is a recommended option for this case?


Options are :

  • For the period when there is no data? the user should not send the data at all
  • For the period when there is no data the user should send a blank value
  • For the period when there is no data the user should send the value as 0 (Correct)
  • The user must upload the data to Cloud Watch as having no data for some period will cause an error at Cloud Watch monitoring

Answer : For the period when there is no data the user should send the value as 0

An organization has setup Auto Scaling with ELB. Due to some manual error, one of the Instances got rebooted. Thus, It failed the Auto Scaling health check. Auto Scaling has marked It for replacement. How can the system admin ensure that the instance does not get terminated?


Options are :

  • Change the health of the instance to healthy using the Auto Scaling commands (Correct)
  • It Is not possible to change the status once ills marked for replacement
  • Manual y add that instance to the Auto Scaling group after reboot to avoid replacement
  • Update the Auto Scaling group to ignore the instance reboot event

Answer : Change the health of the instance to healthy using the Auto Scaling commands

A user has scheduled the maintenance window of an RDS DB on Monday at 3 AM, Which of the below mentioned events may force to take the DB instance offline during the maintenance window?


Options are :

  • DB password change
  • Making the DB Multi AZ
  • Enabling Read Replica
  • Security patching (Correct)

Answer : Security patching

AWS Develops Engineer Professional Practice Final File Exam Set 4

A sys admin has enabled a log on ELB. Which of the below mentioned activities are not captured by the log?


Options are :

  • Request processing time
  • Response processing time
  • Backend processing time
  • Front end processing time (Correct)

Answer : Front end processing time

A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. The ELB security policy supports various ciphers. Which of the below mentioned options helps identify the matching cipher at the client side to the ELB cipher list when client is requesting [LB DNS over SSL?


Options are :

  • Server Order Preference (Correct)
  • Client Configuration Preference
  • Load Balancer Preference
  • Cipher Protocol

Answer : Server Order Preference

A user has configured ELB with Auto Scaling. The user suspended the Auto Scaling Add To Load Balancer (which adds instances to the load balancer. process for a while. What will happen to the instances launched during the suspension period?


Options are :

  • Auto Scaling will not launch the instance during this period due to process suspension
  • The instances will not be registered with ELB and the user has to manually register when the process is resumed (Correct)
  • It is not possible to suspend only the Add To Load Balancer process
  • The instances will be registered with ELB only once the process has resumed

Answer : The instances will not be registered with ELB and the user has to manually register when the process is resumed

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 3

A user has granted read/write permission of his S3 bucket using ACL. Which of the below mentioned options is a valid ID to grant permission to other AWS accounts


Options are :

  • Canonical user ID (Correct)
  • S3 Secure ID
  • Access ID
  • IAM User ID

Answer : Canonical user ID

An organization is trying to create various IAM users. Which of the below mentioned options is not a valid IAM username?


Options are :

  • John=cloud
  • john #cloud (Correct)
  • ,john @cloud
  • John .cloud

Answer : john #cloud

A user has configured an ELB to distribute the traffic among multiple instances. The user instances are facing some issues due to the back-end servers. Which of the below mentioned Cloud Watch metrics helps the user understand the issue with the instances?


Options are :

  • HTTPCode_Backend_3XX
  • HTTPCode_Backend_5XX (Correct)
  • HTTPCode_Backend_4XX
  • HTTPCode_Backend_2XX

Answer : HTTPCode_Backend_5XX

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 3

An organization (Account ID 123412341234. has attached the below mentioned lAM policy to a user. What does this policy statement entitle the user to perform? “Version”: “201 2-10-17”, “Statement”: If “Sid: “Allow Users All Actions For Credentials”, “Effect: “Allow”, “Action”: I l am:*Log In Profile, I am:*Access Key*, I am:*Signing Certificate*? “Resource”: [“ARN : AWS : I am:: 123412341 234:user/$(AWS:username)”j


Options are :

  • The policy allows the user to modify all IAM user?s password, sign in certificates and access Keys using only CLI. SDK or APIs (Correct)
  • The policy will give an invalid resource error
  • The policy allows the IAM user to modify all IAM user?s credentials using the console, SDK, CLI or APIs
  • The policy allows the IAM user to modify all credentials using only the console

Answer : The policy allows the user to modify all IAM user?s password, sign in certificates and access Keys using only CLI. SDK or APIs

The CFO of a company wants to allow one of his employees to view only the AWS usage report page. Which of the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?


Options are :

  • “Effect”: “Allow”, “Action”: [“Account usage], “Resource”: “i”
  • “Effect”: “Allow?, “Action”: (“AWS-portal: View Billing?], „Resource”:
  • Effect”: A1low, Action”: I Describe, “Resource”: “Billing
  • “Effect”: “Allow, “Action”: [“AWS- portal : View Usage”], “Resource”: (Correct)

Answer : “Effect”: “Allow, “Action”: [“AWS- portal : View Usage”], “Resource”:

A system admin wants to add more zones to the existing ELB. The system admin wants to perform this activity from CLI. Which of the below mentioned command helps the system admin to add new zones to the existing ELB?


Options are :

  • elb-enable-zones-for-1b (Correct)
  • e1b-configure-zones-f or-lb
  • e1b-add-zones-for-lb
  • It is not possible to add more zones to the existing ELB

Answer : elb-enable-zones-for-1b

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 17

A user is trying to connect to a running EC2 instance using SSH. However, the user gets an Unprotected Private Key File error. Which of the below mentioned options can be a possible reason for rejection?


Options are :

  • The public key file has the wrong permission
  • The private key file has the wrong file permission (Correct)
  • The PPK file used for SSH is read only
  • The user has provided the wrong user name for the OS login

Answer : The private key file has the wrong file permission

A user has launched an EBS backed EC2 instance in the US-East-la region. The user stopped the instance and started it back after 20 days. AWS throws up an Insufficient instance Capacity? error. What can be the possible reason for this?


Options are :

  • The user account has reached the maximum EC2 instance limit
  • AWS zone mapping is changed for that user account
  • There is some issue with the host capacity on which the instance is launched
  • AWS does not have sufficient capacity In that availability zone (Correct)

Answer : AWS does not have sufficient capacity In that availability zone

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions