Exact2Pass
A company is concerned about its ability to recover from a disaster because all of its Amazon EC2 instances are located in a single Amazon VPC in us-east-1. A second Amazon VPC has been configured in eu-west-1 to act as a backup VPC in case of an outage. Data will be replicated from the primary region to the secondary region. The Information Security team’s compliance requirements specify that all data must be encrypted and must not traverse the public internet.
How should the SysOps Administrator connect the two VPCs while meeting the compliance requirements?
A sysops administrator is implementing SSL for a domain of an internet facing application running behind an Application load balancer (ALB). The administrator decides to use an SSL certificates from Amazon certificate Manager (ACM) to secure it. Upon creating a request for the ALB fully qualified domain name (FQND), it fails, and the error message “Domain not allowed” is displayed.
How can the administrator fix this issue?
An application is running on Amazon EC2 Instances behind an Application Load Balancer (ALB). An operations team wants to be notified in near-teal time when the ALB has issues connecting to backend EC2 instances.
Which solution will meet these requirements with the LEAST amount of effort?
A company’s Information Security team has requested information on AWS environment compliance for Payment Card Industry (PCI) workloads. They have requested assistance in understanding what specific areas of the PCI standards are the responsibility of the company.
Which AWS tool will provide the necessary information?
A company’s static website hosted on Amazon S3 was launched recently, and is being used by tens of thousands of users. Subsequently, website users are experiencing 503 service unavailable errors.
Why are these errors occurring?
A SysOps Administrator is required to monitor free space on Amazon EBS volumes attached to Microsoft Windows-based Amazon EC2 instances within a company’s account. The Administrator must be alerted to potential issues. What should the Administrator do to receive email alerts before low storage space affects EC2 instance performance?
A SysOps Administrator is troubleshooting an AWS CloudFormation template whereby multiple Amazon EC2 instances are being created. The template is working in us-east-1, but it is failing in us-west-2 with the error code:
AMI [ami-12345678] does not exist.
How should the Administrator ensure that the AWS CloudFormation template is working in every region?
A company has an application running on a fleet of Microsoft Windows instances. Patches to the operating system need to be applied each month. AWS Systems Manager Patch Manager is used to apply the patches on a schedule.
When the fleet is being patched, customers complain about delayed service responses.
What can be done to ensure patches are deployed with MINIMAL customer impact?
A company recently implemented an Amazon S3 lifecycle rule that accidentally deleted objects from one of its S3 buckets. The bucket has S3 versioning enabled.
Which actions will restore the objects? (Choose two.)
A company’s use of AWS Cloud services is quickly growing, so a SysOps Administrator has been asked to generate details of daily spending to share with management.
Which method should the Administrator choose to produce this data?
A company is concerned about a security vulnerability impacting its Linux operating system.
What should the SysOps Administrator do to alleviate this concern?
A SysOps Administrator must find a way to set up alerts when Amazon EC2 service limits are close to being reached.
How can the Administrator achieve this requirement?
A SysOps Administrator is running Amazon EC2 instances in multiple AWS Regions. The Administrator wants to aggregate the CPU utilization for all instances onto an Amazon CloudWatch dashboard. Each region should be present on the dashboard and represented by a single graph that contains the CPU utilization for all instances in that region.
How can the Administrator meet these requirements?
A SysOps Administrator is deploying a test site running on Amazon EC2 instances. The application requires both incoming and outgoing connectivity to the Internet.
Which combination of steps are required to provide internet connectivity to the EC2 instances? (Choose two.)
A SysOps Administrator needs an Amazon EBS volume type for a big data application. The application data is accessed infrequently and stored sequentially.
What EBS volume type will be the MOST cost-effective solution?
A SysOps Administrator must find a way to set up alerts when Amazon EC2 service limits are close to being reached.
How can the Administrator achieve this requirement?
A company has a sales department and a marketing department. The company uses one AWS account. There Is a need to determine what charges are incurred on the AWS platform by each department. There is also a need to receive notifications when a specified cost level is approached or exceeded.
Which actions must a SysOps administrator take to achieve both requirements with the LEAST amount of administrative overhead? (Select TWO.)
A company has multiple AWS accounts. The company uses AWS Organizations with an organizational unit (OU) tor the production account and another OU for the development account. Corporate policies state that developers may use only approved AWS services in the production account.
What is the MOST operationally efficient solution to control the production account?
The Chief Financial Officer (CFO) of an organization has seen a spike in Amazon S3 storage costs over the last few months A sysops administrator suspects that these costs are related to storage for older versions of S3 objects from one of its S3 buckets
What can the administrator do to confirm this suspicion1?
A SysOps Administrator is deploying a legacy web application on AWS. The application has four Amazon EC2 instances behind Classic Load Balancer and stores data in an Amazon RDS instance. The legacy application has known vulnerabilities to SQL injection attacks, but the application code is no longer available to update.
What cost-effective configuration change should the Administrator make to migrate the risk of SQL injection attacks?
A company wants to increase the availability and durability of a critical business application. The application currently uses a MySQL database running on an Amazon EC2 instance. The company wants to minimize application changes.
How should the company meet these requirements?
An organization has been running their website on several m2 Linux instances behind a Classic Load Balancer for more than two years. Traffic and utilization have been constant and predictable.
What should the organization do to reduce costs?
A company is using AWS Storage Gateway to create block storage volumes and mount them as Internet Small Computer Systems Interlace (iSCSI) devices from on-premise! servers As the Storage Gateway has taken on several new projects some of the Development teams report that the performance of the iSCSI drives has degraded. When checking the Amazon CloudWatch metrics a SysOps Administrator notices that the cachePercentUsed metric is below 60% and the cachePercentUsed metric is above 90%.
What steps should the Administrator take to increase Storage Gateway performance?
Developers are using 1AM access keys to manage AWS resources using AWS CL1 Company policy requires that access keys are automatically disabled when the access key age is greater than 90 days
Which solution will accomplish this?
A company has deployed a fleet of Amazon EC2 web servers for the upcoming release of a new product. The SysOps Administrator needs to test the Amazon CloudWatch notification settings for this deployment to ensure that a notification is sent using Amazon SNS if the CPU utilization of an EC2 instance exceeds 70%.
How should the Administrator accomplish this?
A company has received a notification in its AWS Personal Health Dashboard that one of its Amazon EBS-backed Amazon EC2 instances is on hardware that is scheduled maintenance The instance runs a critical production workload that must be available during normal business hours
Which steps will ensure that the instance maintenance does not produce an outage?
Security has identified an IP address that should be explicity denied for both ingress and egress requests for all services in an Amazon VPC immediately.
Which feature can be used to meet this requirement?
A sysops administrator must monitor a fleet of Amazon EC2 Linux instances with the constraint that no agents be installed. The sysops administrator chooses Amazon CloudWatch as the monitoring tool.
Which metric can be measured given the constraints? (Select Three)
A SysOps Administrator working on an Amazon EC2 instance has misconfigured the clock by one hour. The EC2 instance is sending data to Amazon CloudWatch through the CloudWatch agent. The timestamps on the logs are 45 minutes in the future.
What will be the result of this configuration?
A company’s application stores documents within an Amazon S3 bucket. The application is running on Amazon EC2 in a VPC. A recent change in security requirements states that traffic between the company’s application and the S3 bucket must never leave the Amazon network.
What AWS feature can provide this functionality?
A SysOps administrator implemented the following bucket policy to allow only the corporate IP address range of 54.240.143.0/24 to access objects in an Amazon S3 bucket. 
Some employees are reporting that they are able to access the S3 bucket from IP addresses outside the corporate IP address range.
How can the Administrator address this issue?
A SysOps Administrator observes a large number of rogue HTTP requests on an Application Load Balancer (ALB). The requests originate from various IP addresses.
Which action should be taken to block this traffic?
A popular auctioning platform requires near-real-time access to dynamic bidding information The platform must be available at all times The current Amazon RDS instance often reaches 100% CPU utilization during peak bidding sessions and can no longer be resized. To improve application performance, a SysOps Administrator is evaluating Amazon ElastiCache and has chosen Redis over Memcached
What advantages will this solution provide? (Select TWO )
A company would like to review each change in the infrastructure before deploying updates in its AWS CloudFormation stacks.
Which action will allow an Administrator to understand the impact of these changes before implementation?
A SysOps Administrator has been able to consolidate multiple, secure websites onto a single server, and each site is running on a different port. The Administrator now wants to start a duplicate server in a second Availability Zone and put both behind a load balancer for high availability.
What would be the command line necessary to deploy one of the sites’ certificates to the load balancer?
An application running on Amazon EC2 needs login credentials to access a database. The login credentials are stored in AWS Systems Manager Parameter Store as secure string parameters.
What is the MOST secure way to grant the application access to the credentials?