AWS Certified SysOps Administrator Associate Sample Test

1. Question

Category: SOA-C02 – Deployment, Provisioning, and Automation

A cloud engineer is assigned to write two AWS CloudFormation templates in YAML format. The first template contains configuration about a VPC and its associated resources like subnets, route tables, and an internet gateway. The second template is written to deploy application resources using the VPC that was created in the first template.

What is the best way to accomplish the task that takes the LEAST administrative effort after the stacks are deployed?

On the first template, create Outputs and use export fields to send the values of the VPC resources. Use import functions in the second template to reference the values.
On the second template, build a custom resource that queries the resource created by the first template.
Using the Mappings section, create name-value pairs that will be referenced by the second template.
Store the names of the resources in the first template as a Parameter and reference those values in the second template.

2. Question

Category: SOA-C02 – Deployment, Provisioning, and Automation

An online learning platform hosts its website application on Amazon EC2 instances in an Auto Scaling group (ASG). Occasionally, the site’s traffic increases during peak hours. This traffic spike causes the CPU Utilization to hit 80%, which triggers the ASG to scale out.

The SysOps administrator noticed that the new instances created by ASG take a lot of time to be available because of a long-running user data script that installs several software dependencies. She has to decrease the time it takes for the new instances to become available.

Which action should the SysOps administrator perform to ensure that the requirement is met?

Reduce the scaling threshold to 40% so that when the ASG's CPU Utilization hits 80%, new instances are already created.
Modify the ASG to launch EC2 instances with a storage optimized instance type.
Provision Reserved Instances to reach the maximum capacity of the ASG.
Utilize the EC2 Image Builder to prepare an Amazon Machine Image (AMI) pre-installed with the required software dependencies.

3. Question

Category: SOA-C02 – Security and Compliance

A tech company uses AWS Organizations to manage multiple AWS accounts. The SysOps administrator wants to ensure that all security groups attached to EC2 instances do not allow SSH traffic. She needs to aggregate the configuration data from different AWS accounts in multiple AWS regions.

What should the SysOps administrator do to achieve the requirements?

Create an AWS Config aggregator resource for all AWS accounts in the organization. Enable AWS Config and create a config rule on all accounts to monitor security groups.
Create an AWS Config aggregator resource for each resource in the organization. Create config rules on each AWS account to monitor security groups.
Create a custom config rule to monitor changes to the security group in all EC2 instances provisioned in the management account.
Create a managed config rule to monitor all security groups when they don't comply with the rules.

4. Question

Category: SOA-C02 – Cost and Performance Optimization

A software development company allows its 75 developers to create and manage resources using a Developer AWS Account. The finance team notices a significant spending increase in the account. The SysOps Administrator is assigned to collect information about the service costs of each developer to optimize costs.

How can the SysOps Administrator achieve this requirement? (Select TWO.)

Enable the createdBy tag in the Billing and Management console.
Use Cost Explorer to gain insight into the resources created by developers.
Utilize Budget Alerts to view cost allocation for each developer.
Utilize Trusted Advisor to track the resources created by an IAM User.
Create Amazon CloudWatch dashboards to analyze the usage of each developer.

5. Question

Category: SOA-C02 – Security and Compliance

A large IT solutions company with 200 technical personnel uses AWS Organizations to manage its multi-account AWS environment. All AWS accounts should be able to read a specific Amazon S3 bucket in the management account. Based on the company policy, the S3 bucket should not be accessible outside the organization. The SysOps administrator needs to create a bucket policy to create the necessary permissions.

Which parameters should be specified on the bucket policy to accomplish this task in the MOST efficient approach?

Declare a (*) wildcard as the principal and set PrincipalOrgId as a condition.
Manually list all AWS member accounts as the principal.
Define PrincipalOrgId as the principal.
Declare the organization's root account ID as the principal.

AWS Certified SysOps Administrator Associate Sample Test

JeyvieTutorialsDojo

Quiz Summary

Information

Results