Cloud Practice

#251 (Accuracy: 100% / 1 votes)

When performing an audit on an S3 bucket, a SysOps Administrator discovered that Amazon CloudWatch reports that there are 12,345,678 objects in the bucket, whereas the AWS CLI reports that there are 98,765,432 objects in the same bucket.
Which Amazon S3 feature can the SysOps Administrator use to obtain the definitive answer to the number of objects in the bucket?

A. Amazon S3 analytics
B. Amazon S3 inventory
C. AWS Management Console
D. Object tags

#252 (Accuracy: 100% / 1 votes)

A sysops administrator is managing a VPC network consisting of public and private subnets. Instances in the private subnets access the Internet through a NAT gateway. A recent AWS bill shows that the NAT gateway charges have doubled. The administrator wants to identify which instances are creating the most network traffic.
How should this be accomplished?

A. Enable flow logs on the NAT gateway elastic network interface and use Amazon CloudWatch insights to filter data based on the source IP addresses.
B. Run an AWS Cost and Usage report and group the findings by instance ID.
C. Use the VPC traffic mirroring feature to send traffic to Amazon QuickSight.
D. Use Amazon CloudWatch metrics generated by the NAT gateway for each individual instance.

#253 (Accuracy: 100% / 2 votes)

A company has a multi-tier web application. In the web tier, all the servers are in private subnets inside a VPC. The development team wants to make changes to the application that requires access to Amazon S3.
What should be done to accomplish this?

A. Create a customer gateway to connect to Amazon S3. Modify the route table of the private subnets to use the customer gateway.
B. Create a gateway VPC endpoint for Amazon S3. Modify the route table of the private subnets to use the gateway VPC endpoint.
C. Create a NAT gateway in the private subnets. Modify the route table of the subnets to use the NAT gateway.
D. Create an S3 bucket policy to allow connections from the private subnets. Modify the route table.

#254 (Accuracy: 100% / 1 votes)

A sysops administrator has an AWS Lambda function that performs maintenance on various AWS resources. This function must be run nightly.
Which is the MOST cost-effective solution?

A. Launch a single t2.nano Amazon EC2 instance and create a Linux cron job to invoke the Lambda function at the same time every night.
B. Set up an Amazon CloudWatch metrics alarm to invoke the Lambda function at the same time every night.
C. Schedule an Amazon EventBridge (Amazon CloudWatch Events) rule to invoke the Lambda function at the same time every night.
D. Implement a Chef recipe in AWS OpsWorks stack to invoke the Lambda function at the same time every night.

#255 (Accuracy: 100% / 1 votes)

A company runs an image-processing application on a serverless infrastructure. Each processing job runs in a single AWS Lambda execution. A sysops administrator is tasked with ensuring there is enough capacity to run 500 simultaneous jobs even if other Lambda functions are being run for other applications.
The administrator has already increased service limits within the Region.
Which action should be taken?

A. Configure a dead-letter queue to retry any throttled executions
B. Modify the memory settings on the Lambda function to allow for 500 parallel executions
C. Move the image-processing logic to AWS Step Functions
D. Set the reserved concurrency for the image-processing Lambda function to 500

#256 (Accuracy: 100% / 2 votes)

A company manages multiple AWS accounts and wants to provide access to AWS from a single management account using an existing on-premises Microsoft
Active Directory domain.
Which solution will meet these requirements with the LEAST amount of effort?

A. Create an Active Directory connector using AWS Directory Service. Create IAM users in the target accounts with the appropriate trust policy.
B. Create an Active Directory connector using AWS Directory Service. Associate the directory with AWS Single Sign-On (AWS SSO). Configure user access to target accounts through AWS SSO.
C. Create an Amazon Cognito federated identity pool. Associate the pool identity with the on-premises directory. Configure the IAM roles with the appropriate trust policy.
D. Create an identity provider in AWS IAM associated with the on-premises directory. Create IAM roles in the target accounts with the appropriate trust policy.

#257 (Accuracy: 100% / 2 votes)

An Application team has asked a SysOps Administrator to provision an additional environment for an application in four additional regions. The application is running on more than 100 instances in us-east-1, using fully baked AMIs. An AWS CloudFormation template has been created to deploy resources in us-east-1.
What must the SysOps Administrator do to provision the application quickly?

A. Copy the AMI to each region using aws ec2 copy-image. Update the CloudFormation mapping to include mappings for the copied AMIs.
B. Create a snapshot of the running instance and copy the snapshot to the other regions. Create an AMI from the snapshots. Update the CloudFormation template for each region to use the new AMI.
C. Run the existing CloudFormation template in each additional region based on the success of the template used currently in us-east-1.
D. Update the CloudFormation template to include the additional regions in the Auto Scaling group. Update the existing stack in us-east-1.

#258 (Accuracy: 100% / 2 votes)

A company designed a specialized Amazon EC2 instance configuration for its Data Scientists. The Data Scientists want to create and delete EC2 instances on their own, but are not comfortable with configuring all the settings for EC2 instances without assistance. The configuration runs proprietary software that must be kept private within the company's AWS accounts, and should be available to the Data Scientists, but no other users within the accounts.
Which solution should a SysOps Administrator use to allow the Data Scientists to deploy their workloads with MINIMAL effort?

A. Create an Amazon Machine Image (AMI) of the EC2 instance. Share the AMI with authorized accounts owned by the company. Allow the Data Scientists to create EC2 instances with this AMI.
B. Distribute an AWS CloudFormation template containing the EC2 instance configuration to the Data Scientists from an Amazon S3 bucket. Set the S3 template object to be readable from the AWS Organizations orgId.
C. Publish the instance configuration to the Private Marketplace. Share the Private Marketplace with the company's AWS accounts. Allow the Data Scientists to subscribe and launch the product from the Private Marketplace.
D. Upload an AWS CloudFormation template to AWS Service Catalog. Allow the Data Scientists to provision and deprovision products from the company's AWS Service Catalog portfolio.

#259 (Accuracy: 100% / 2 votes)

A sysops administrator created an AWS Lambda function within a VPC with no access to the Internet. The Lambda function pulls messages from an Amazon SQS queue and stores them in an Amazon RDS instance in the same VPC. After executing the Lambda function, the data is not showing up on the RDS instance.
Which of the following are possible causes for this? (Choose two.)

A. A VPC endpoint has not been created for Amazon RDS
B. A VPC endpoint has not been created for Amazon SQS
C. The RDS security group is not allowing connections from the Lambda function
D. The subnet associated with the Lambda function does not have an internet gateway attached
E. The subnet associated with the Lambda function has a NAT gateway

#260 (Accuracy: 100% / 2 votes)

A developer is deploying a web application on Amazon EC2 instances behind an Application Load Balancer (ALB) and notices that the application is not receiving all the expected elements from HTTP requests. The developer suspects users are not sending the correct query string.
How should a sysops administrator verify this?

A. Monitor the ALB default Amazon CloudWatch metrics. Verify that the requests contain the expected query string.
B. ׀¡onfigure the ALB to store access logs within Amazon S3. Verify that log entries contain the expected query string.
C. Open the ALB logs in Amazon CloudWatch. Verify that requests contain the expected query string.
D. Create a custom Amazon CloudWatch metric to store requests. Verify that the metric contains the expected query string.

There are 439 results