AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 8

A user has setup an RDS DB with Oracle. The user wants to get notifications when someone modifies the security group of that DB. How can the user configure that?


Options are :

  • Configure SNS to monitor security group changes
  • It is not possible to get the notifications on a change in the security group
  • Configure event notification on the DB security group (Correct)
  • Configure the Cloud Watch alarm on the DB for a change in the security group

Answer : Configure event notification on the DB security group

A user is displaying the CPU utilization, and Network in and Network out Cloud Watch metrics data of a single instance on the same graph. The graph uses one Y-axis for CPU utilization and Network in and another V-axis for Network out. Since Network in is too high, the CPU utilization data is not visible clearly on graph to the user. How can the data be viewed better on the same graph?


Options are :

  • It is not possible to show multiple metrics with the different units on the same graph
  • Change the units of CPU utilization so it can be shown in proportion with Network
  • Change the axis of Network by using the Switch command from the graph (Correct)
  • Add a third Y-axis with the console to show all the data in proportion

Answer : Change the axis of Network by using the Switch command from the graph

A user is running one instance for only 3 hours every day. The user wants to save some cost with the instance. Which of the below mentioned Reserved Instance categories is advised in this case?


Options are :

  • The user should use the AWS high utilized RI
  • The user should not use RI; instead only go with the on-demand pricing (Correct)
  • The user should use the AWS low utilized RI
  • The user should use the AWS medium utilized RI

Answer : The user should not use RI; instead only go with the on-demand pricing

A user has created a VPC with CIDR 20.0.0.0/16. The user has created public and VPN only subnets along with hardware VPN access to connect to the users datacenter. The user wants to make so that all traffic coming to the public subnet follows the organization?s proxy policy. How can the user make this happen?


Options are :

  • It is not possible to setup the proxy policy for a public subnet
  • Setting the route table and security group of the public subnet which receives traffic from a virtual private gateway (Correct)
  • Setting up a proxy policy in the internet gateway connected with the public subnet
  • Setting up a NAT with the proxy protocol and configure that the public subnet receives traffic from NAT

Answer : Setting the route table and security group of the public subnet which receives traffic from a virtual private gateway

A user has created a Cloud formation stack. The stack creates AWS services, such as EC2 instances, ELB, Auto Scaling, and RDS. While creating the stack it created EC2, ELB and Auto Scaling but failed to create RDS. What will Cloud formation do in this scenario?


Options are :

  • It will warn the user about the error and ask the user to manually create RDS
  • It will wait for the users input about the error and correct the mistake after the input
  • Rollback all the changes and terminate all the created services (Correct)
  • Cloud formation can never throw an error after launching a few services since it verifies all the steps before launching

Answer : Rollback all the changes and terminate all the created services

A user has launched an EBS backed instance with EC2-Classic. The user stops and starts the instance. Which of the below mentioned statements is not true with respect to the stop/start action?


Options are :

  • The instance may run on a anew host computer
  • The instance gets new private and public IP addresses
  • The Elastic IP remains associated with the instance (Correct)
  • The volume is preserved

Answer : The Elastic IP remains associated with the instance

A user is using Cloud formation to launch an EC2 instance and then configure an application after the instance is launched. The user wants the stack creation of ELB and Auto Scaling to wait until the EC2 instance is launched and configured properly. How can the user configure this?


Options are :

  • It is not possible that the stack creation will wait until one service is created and launched
  • The user can use the Hold Condition resource to wait for the creation of the other dependent resources
  • The user can use the Wait Condition resource to hold the creation of the other dependent resources (Correct)
  • The user can use the Dependent Condition resource to hold the creation of the other dependent resources

Answer : The user can use the Wait Condition resource to hold the creation of the other dependent resources

You are managing the AWS account of a big organization. The organization has more than 1 000+ employees and they want to provide access to the various services to most of the employees. Which of the below mentioned options is the best possible solution in this case?


Options are :

  • The user should create IAM groups as per the organization?s departments and add each
  • Attach an IAM role with the organizations authentication service to authorize each user for various AWS services (Correct)
  • The user should create an IAM role and attach STS with the role. The user should attach that role to the EC2 instance and setup AWS authentication on that server
  • The user should create a separate IAM user for each employee and provide access to them as per the policy

Answer : Attach an IAM role with the organizations authentication service to authorize each user for various AWS services

A user is planning to use AWS services for his web application. If the user is trying to set up his own billing management system for AWS, how can he configure it?


Options are :

  • Set up programmatic billing access. Download and parse the bill as per the requirement (Correct)
  • Enable the AWS Cloud Watch alarm which will provide APIs to download the alarm data
  • Use AWS billing APIs to download the usage report of each service from the AWS billing console.
  • It is not possible for the user to create his own billing management service with AWS

Answer : Set up programmatic billing access. Download and parse the bill as per the requirement

A user has configured an SSL listener at ELB as wel as on the back-end instances. Which of the below mentioned statements helps the user understand ELB traffic handling with respect to the SSL listener?


Options are :

  • ELB will modify headers to add requestor details
  • ELB will not modify the headers (Correct)
  • It is not possible to have the SSL listener both at ELB and back-end instances
  • ELB will intercept the request to add the cookie details if sticky session is enabled

Answer : ELB will not modify the headers

A user is trying to setup a recurring Auto Scaling process. The user has setup one process to scale up every day at 8 am and scale down at 7 PM. The user is trying to setup another recurring process which scales up on the 1 St of every month at 8 AM and scales down the same day at 7 PM. What will Auto Scaling do in this scenario?


Options are :

  • Auto Scaling will execute both processes but will add just one instance on the 1st
  • Auto Scaling will add two instances on the 1st of the month
  • Auto Scaling will schedule both the processes but execute only one process randomly
  • Auto Scaling will throw an error since there is a conflict in the schedule of two separate Auto Scaling Processes (Correct)

Answer : Auto Scaling will throw an error since there is a conflict in the schedule of two separate Auto Scaling Processes

A user wants to make so that whenever the CPU utilization of the AWS EC2 instance is above 90%, the red light of his bedroom turns on. Which of the below mentioned AWS services is helpful for this purpose?


Options are :

  • None. It is not possible to configure the light with the AWS infrastructure services
  • AWS Cloud Watch + AWS SES
  • AWS Cloud Watch + AWS SNS (Correct)
  • None. It is not possible to configure the light with the AWS infrastructure services

Answer : AWS Cloud Watch + AWS SNS

A user has launched an EC2 instance from an instance store backed AMI. The infrastructure team wants to create an AMI from the running instance. Which of the below mentioned credentials is not required while creating the AMI?


Options are :

  • AWS account ID
  • Access key and secret access key
  • X.509 certificate and private key
  • AWS login ID to login to the console (Correct)

Answer : AWS login ID to login to the console

A user has created a public subnet with VPC and launched an EC2 instance within it. The user is trying to delete the subnet. What will happen in this scenario?


Options are :

  • It will delete the subnet as well as terminate the instances
  • It will not allow the user to delete the subnet until the instances are terminated (Correct)
  • It will delete the subnet and make the EC2 instance as a part of the default subnet
  • The subnet can never be deleted independently, but the user has to delete the VPC first

Answer : It will not allow the user to delete the subnet until the instances are terminated

A user is using a small My SQL RDS DB. The user is experiencing high latency due to the Multi AZ feature. Which of the below mentioned options may not help the user in this situation?


Options are :

  • Use PIOPS
  • Schedule the automated back up in non-working hours
  • Take a snapshot from standby Replica (Correct)
  • Use a large or higher size instance

Answer : Take a snapshot from standby Replica

A user has setup a web application on EC2. The user is generating a log of the application performance at every second. There are multiple entries for each second. If the user wants to send that data to Cloud Watch every minute, what should he do?


Options are :

  • Calculate the average of one minute and send the data to Cloud Watch
  • The user should send only the data of the 60th second as Cloud Watch will map the receive data time zone with the sent data time zone
  • Give Cloud Watch the Mm, Max, Sum, and Sample Count of a number of every minute (Correct)
  • It is not possible to send the custom metric to Cloud Watch every minute

Answer : Give Cloud Watch the Mm, Max, Sum, and Sample Count of a number of every minute

A user is planning to schedule a backup for an EBS volume. The user wants security of the snapshot data. How can the user achieve data encryption with a snapshot?


Options are :

  • Use encrypted EBS volumes so that the snapshot will be encrypted by AWS (Correct)
  • By default the snapshot is encrypted by AWS
  • Enable server side encryption for the snapshot using S3
  • While creating a snapshot select the snapshot with encryption

Answer : Use encrypted EBS volumes so that the snapshot will be encrypted by AWS

A user has launched an EC2 instance from an instance store backed AMI. The infrastructure team wants to create an AMI from the running instance. Which of the below mentioned steps will not be performed while creating the AMI?


Options are :

  • Upload the bundled volume
  • Define the AMI launch permissions (Correct)
  • Register the AMI
  • Bundle the volume

Answer : Define the AMI launch permissions

A user has created an ELB with Auto Scaling. Which of the below mentioned offerings from ELB helps the user to stop sending new requests traffic from the load balancer to the EC2 instance when the instance is being deregistered while continuing in-flight requests?


Options are :

  • ELB sticky session
  • ELB connection draining (Correct)
  • ELB auto registration Off
  • ELB deregistration check

Answer : ELB connection draining

A user has configured an SSL listener at ELB as wel as on the back-end instances. Which of the below mentioned statements helps the user understand ELB traffic handling with respect to the SSL listener?


Options are :

  • ELB will intercept the request to add the cookie details if sticky session is enabled
  • ELB will not modify the headers (Correct)
  • It is not possible to have the SSL listener both at ELB and back-end instances
  • ELB will modify headers to add requestor details

Answer : ELB will not modify the headers

A user has launched an EBS backed EC2 instance. What will be the difference while performing the restart or stop/start options on that instance?


Options are :

  • Every restart is charged by AWS as a separate hour, while multiple start/stop actions during a single hour will be counted as a single hour
  • For restart it does not charge for an extra hour, while every stop/start it wil be charged as a separate hour (Correct)
  • For every restart or start/stop it will be charged as a separate hour
  • For restart it charges extra only once, while for every stop/start it will be charged as a separate hour

Answer : For restart it does not charge for an extra hour, while every stop/start it wil be charged as a separate hour

A user is checking the Cloud Watch metrics from the AWS console. The user notices that the Cloud Watch data is coming in UTC. The user wants to convert the data to a local time zone. How can the user perform this?


Options are :

  • In the Cloud Watch dashboard the user should set the local time zone so that Cloud Watch shows the data only in the local time zone
  • In the Cloud Watch console select the local time zone under the Time Range tab to view the data as per the local time zone (Correct)
  • The user should have send the local time zone while uploading the data so that Cloud Watch will show the data only in the local time zone
  • The Cloud Watch data is always in UTC; the user has to manually convert the data

Answer : In the Cloud Watch console select the local time zone under the Time Range tab to view the data as per the local time zone

A user has setup an EBS backed instance and attached 2 EBS volumes to it. The user has setup a Cloud Watch alarm on each volume for the disk data. The user has stopped the EC2 instance and detached the EBS volumes. What will be the status of the alarms on the EBS volume?


Options are :

  • OK
  • Insufficient Data (Correct)
  • Alarm
  • The EBS cannot be detached until all the alarms are removed

Answer : Insufficient Data

An organization has configured two single availability zones. The Auto Scaling groups are configured in separate zones. The user wants to merge the groups such that one group spans across multiple zones. How can the user configure this?


Options are :

  • Run the command as-copy-auto-scaling-group to join the two groups (Correct)
  • Run the command as-update-auto-scaling-group to configure one group to span across zones and delete the other group
  • Run the command as-join-auto-scaling-group to join the two groups
  • Run the command as-merge-auto-scaling-group to merge the groups

Answer : Run the command as-copy-auto-scaling-group to join the two groups

A user is trying to launch an EBS backed EC2 instance under free usage. The user wants to achieve encryption of the EBS volume. How can the user encrypt the data at rest?


Options are :

  • The user cannot use EBS encryption and has to encrypt the data manually or using a third party tool (Correct)
  • The user has to select the encryption enabled flag while launching the EC2 instance
  • Use AWS EBS encryption to encrypt the data at rest
  • Encryption of volume is not available as a part of the free usage tier

Answer : The user cannot use EBS encryption and has to encrypt the data manually or using a third party tool

An organization is using AWS since a few months. The finance team wants to visualize th pattern of AWS spending. Which of the below AWS tool wil help for this requirement?


Options are :

  • AWS Consolidated Billing
  • AWS Cost Manager
  • AWS Cloud Watch
  • AWS Cost Explorer (Correct)

Answer : AWS Cost Explorer

A user has configured the AWS Cloud Watch alarm for estimated usage charges in the US East region. Which of the below mentioned statements is not true with respect to the estimated charges?


Options are :

  • It will include the estimated charges of every AWS service
  • The metric data will represent the data of all the regions
  • It will store the estimated charges data of the last 14 days
  • The metric data will show data specific to that region (Correct)

Answer : The metric data will show data specific to that region

An organization wants to move to Cloud. They are looking for a secure encrypted database storage option. Which of the below mentioned AWS functionalities helps them to achieve this?


Options are :

  • AWS MFA with EBS
  • Multi-tier encryption with Red shift
  • AWS EBS encryption (Correct)
  • AWS S3 server side storage

Answer : AWS EBS encryption

A user has a refrigerator plant. The user is measuring the temperature of the plant every 1 5 minutes. If the user wants to send the data to Cloud Watch to view the data visual y, which of the below mentioned statements is true with respect to the information given above?


Options are :

  • The user can use the AWS Import Export facility to import data to Cloud Watch
  • The user will upload data from the AWS console
  • The user cannot upload data to Cloud Watch since it is not an AWS service metric
  • The user needs to use AWS CLI or API to upload the data (Correct)

Answer : The user needs to use AWS CLI or API to upload the data

A user has setup connection draining with ELB to allow in-flight requests to continue while the instance is being deregistered through Auto Scaling. If the user has not specified the draining time, how long will ELB allow in flight requests traffic to continue?


Options are :

  • 600 seconds
  • 3600 seconds
  • 0 seconds
  • 300 seconds (Correct)

Answer : 300 seconds

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions