10 Trial Questions for AWS SysOps Administrator – Associate Certification

Disclaimer: These are not the original questions from the AWS certification, but are some question we designed to help you check your knowledge for this certification.

Amazon Web Services (AWS) Certification is fast becoming the must have certificates for any IT professional working with AWS. AWS SysOps Certification has attained as the most recommended certification for any System Administrator especially working with AWS.It is meant to be the perfect validation of technical expertise of system administration in AWS. This certification approves the experience of provisioning, operating and maintaining the AWS infrastructure.

Here are some sample questions for AWS Certified SysOps Administrator – Associate. Answers and explanation are provided for each question. If you need more clarification on the questions, feel free to comment below the post.

Questions:

1)You have an Auto Scaling group associated with an Elastic Load Balancer (ELB). Instances launched via Auto Scaling group are being marked unhealthy by the ELB, but these unhealthy instances are not being terminated. What do you need to modify to ensure these instances marked unhealthy by ELB will be terminated and replaced?

A. Change the thresholds set on the Auto Scaling group health check

B. Add an Elastic Load Balancer health check to your Auto Scaling group

C. Increase the value for the Health check interval set on the Elastic Load Balancer

D. Change the health check set on the Elastic Load Balancer to use TCP rather than HTTP checks

[showhide type=”Q1″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: B

B. If you have attached a load balancer to your Auto Scaling group, you can optionally have Auto Scaling include the results of Elastic Load Balancing health checks when determining the health status of an instance. After you add ELB health checks, Auto Scaling also marks an instance as unhealthy if Elastic Load Balancing reports the instance state as OutOfService. Now Auto Scaling will terminate the unhealthy instances.
[/showhide]
2) An organization uses AWS ELB and Auto Scaling for deploying a web application. They use cookie-based sessions for tracking the logged-in users. Auto Scaling spawns new instance when the load on the servers increase, but still the load on existing servers does not reduce immediately. What must be the cause of the poor user experience in spite of increasing the number of instance?

A. TTL at the ELB DNS record is too high

B. New instances are not added under the ELB during the Auto Scaling cooldown period.

C. Website uses the dynamic content which is serving from CloudFront that causes the connection delay.

D. ELB is continuing to send traffic to the previously established sessions on the same instances rather than spreading the traffic across the new instances.

[showhide type=”Q2″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: D

D. To keep track of the session logins, sticky sessions will be enabled in the ELB. This makes sure that the existing users will land in the same instance, where they are initially logged in. In spite of new servers being added under the ELB, sticky sessions will not spread the traffic. Disabling the sticky session on the ELB would be an ideal solution for this issue.
[/showhide]
3)What action is required to establish an Amazon Virtual Private Cloud (VPC) VPN connection between an on-premises datacentre and an Amazon VPC virtual private gateway?

A. Establish a dedicated networking connection using AWS Direct Connect

B. Assign a static Internet-routable IP address to an Amazon VPC customer gateway

C. Modify the main route table to allow traffic to a network address translation instance

D. Use a dedicated network address translation instance in the public subnet
[showhide type=”Q3″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: B

B. Customer Gateway needs to be configured in the on-premises datacentre which establishes connection with the Virtual Private Gateway at the AWS VPC. For the Customer gateway to establish connection with the VPG, it must be assigned a static Internet-routable IP address.
[/showhide]
4)You have created 4 weighted resource record sets with weights 1, 2, 3 and 4. The probability of 3rd record set being selected by Route53.

A. 3/10th of the time

B. 3/7th of the time

C. 1/4th of the time

D. 1/7th of the time
[showhide type=”Q4″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: A

A. Total Probability: 1+2+3+4=10

Probability of 3rd record to be selected = 3/10
[/showhide]
5) An organization is hosting 2 application servers within a VPC. Which two mechanisms will make sure that in an event of one application server going down, new connections to the application are sent only to the other application server, without having to make any modifications manually?

A. Setting an ELB to route traffic to both the application servers.

B. Create a secondary ENI that can be moved from one application server to another.

C. Use Route 53 health checks to route traffic to a failover instance.

D. Assign a secondary private IP address to the primary ENI that can be moved to a secondary instance.
[showhide type=”Q5″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: A, C

A. ELB will route traffic only to the healthy instances under the load balancer. If an instance is unhealthy, ELB makes sure the traffic is routed only to the healthy instances.

C. Route53 provides Failover Routing Policy that allows to mention the secondary ip address to route the traffic in case of failure of primary instance.
[/showhide]
6)Company ABC has a t2.small instance with 300 GB volume, they want to increase the disk I/O performance. What should be done?

A. Increase the number of instances

B. Use Provisioned IOPS volumes

C. Use spot instances

D. Increase the volume size
[showhide type=”Q6″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: B, D

B. Disk I/O performance can be increased with usage of EBS optimized volume with Provisioned IOPS.

D. Increasing the size of the EBS volume also increases the default disk I/O performance
[/showhide]
7)Given ELB health check interval is 30 secs, unhealthy threshold of 4 and healthy threshold of 8 which of below is true?

A. If an instance fails a health check 4 times consecutively, ELB will stop routing traffic to it

B. After an instance recovers from a long failure, and is up for 2.5 mins, ELB will start routing traffic to it

C. If an instance stops responding continuously for 2.5 mins ELB will stop routing traffic to it

D. As soon as an instance recovers from failure, ELB will start routing traffic to it
[showhide type=”Q7″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: A, C

A. The unhealthy threshold is 4, so it checks if the instance is unhealthy, ELB will stop routing traffic to the instance.

C. Since unhealthy threshold is 4, it checks for 2 minutes(4checks at 30seconds interval). So when the instance stops responding for 2 minutes, ELB stops routing traffic.
[/showhide]
8)Which of the following requires a custom CloudWatch metric to monitor?

A. Data transfer of an EC2 instance

B. Available disk space of an EC2 instance

C. Memory Utilization of an EC2 instance

D. CPU Utilization of an EC2 instance
[showhide type=”Q8″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: B, C

Disk utilization & Memory utilization are the OS level metrics whereas data transfer & CPU utilization are hardware level metrics, which are built-in by AWS.
[/showhide]
9)A user has setup Auto Scaling with ELB on the EC2 instances. The user wants to configure that whenever the CPU utilization is below 20%, Auto Scaling should remove one instance. How can the user configure this?

A. The user can get an email using SNS when the CPU utilization is less than 20%. The user can use the desired capacity of Auto Scaling to remove the instance

B. Use CloudWatch to monitor the data and Auto Scaling to remove the instances using scheduled actions

C. Configure CloudWatch to send a notification to Auto Scaling Launch Configuration when the CPU utilization is less than 20% and configure the Auto Scaling policy to remove the instance

D. Configure CloudWatch to send a notification to the Auto Scaling group when the aggregated CPU Utilization is less than 20% and configure the Auto Scaling policy to remove the instance.
[showhide type=”Q9″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: D

Auto Scaling Policy removes an instance based on the aggregated CloudWatch metric of the ELB. Here, if the CPU Utilization is less than 20%, Auto Scaling Policy removes an instance from the ELB.
[/showhide]
10) What does the following S3 bucket policy do? { “Version”: “2012-10-17”, “Id”: “S3PolicyId1”, “Statement”: [ { “Sid”: “IPAllow”, “Effect”: “Allow”, “Principal”: “*”, “Action”: “s3:*”, “Resource”: “arn:aws:s3:::cloudthat-training/*”, “Condition”: { “IpAddress”: {“aws:SourceIp”: “54.240.143.0/24”}, “NotIpAddress”: {“aws:SourceIp”: “54.240.143.188/32″} } } ] }

A. Allows everyone access to an object called “training” in “cloudthat” bucket only from 54.240.143.0 IP address.

B. Allows everyone access to “cloudthat-training” bucket only from 54.240.143.0 IP address.

C. Allows everyone access to “cloudthat-training” bucket from 54.240.143.0 subnet, except from 54.240.143.188 IP address.

D. Denies access to “cloudthat-training” bucket from 54.240.143.188 IP address and allows access to 54.240.143.0/24 subnet
[showhide type=”Q10″ more_text=”Show Answer and Description” less_text=”Hide Answer” hidden=”yes”]
Ans: C

The policy has the effect of “Allow” and the name of bucket is “cloudthat-training”. In the conditions section we are specifying the source as “54.240.143.0/24” which basically denotes the entire subnet (ranging from 54.240.143.0 to 54.240.143.255). Setting NotIPaddress is setting an exception for 54.240.143.188 from the above range. Remember: Having an exception on the Allow policy does not mean a deny on that IP address, 54.240.143.188 may still be able to access it objects is it is made public.
[/showhide]
How to take the AWS SysOps Certification – Associate

If you have not booked your AWS SysOps Certification exam already, you can do it here.

How to Prepare for the exam?

Overall it’s an all-inclusive exam and hands-on experience is a must. CloudThat Technologies conducts training to prepare you for the certification exam, if you are interested in attending our training, check out details of AWS SysOps Administrator Certification BootCamp.

Good luck!!! If you have any questions, please mention them below and will try to answer them. Also if you like the article please share it with others.

Disclaimer: These questions are NOT which was in my certification exam. I personally or CloudThat do not have any official tie-up with Amazon regarding the certification or the kind of questions asked. These are my best guesses for the kind of questions to expect, given my experience with AWS in general and with the examination.

WRITTEN BY CloudThat