Cloud Practice

#41 (Accuracy: 100% / 3 votes)

A company deploys a new application to Amazon EC2 instances. The application code is stored in an AWS CodeCommit repository. The company uses an AWS CodePipeline pipeline to deploy the code to the EC2 instances through a continuous integration and continuous delivery (CI/CD) process.

A SysOps administrator needs to ensure that sensitive database information is configured properly on the EC2 instances to prevent accidental leakage of credentials.

Which solutions will store and retrieve the sensitive information in the MOST secure manner? (Choose two.)

A. Store the values in AWS Secrets Manager. Update the code to retrieve these values when the application starts. Store the values as environmental variables that the application can use.
B. Store the values in AWS Systems Manager Parameter Store as secret strings. Update the code to retrieve these values when the application starts. Store the values as environmental variables that the application can use.
C. Store the values in an AWS Lambda function. Update the code to invoke the Lambda function when the application starts. Configure the Lambda function to inject the values as environmental variables that the application can use.
D. Store the configuration information in a file on the EC2 instances. Ensure that the underlying drives are encrypted by AWS Key Management Service (AWS KMS). Update the application to read the file when the application starts. Store the values as environmental variables.
E. Store the values in a text file in an Amazon S3 bucket. In the CI/CD pipeline, copy the file to the EC2 instance in an appropriate location on a disk that the application can read.

#42 (Accuracy: 92% / 4 votes)

A company wants to track its expenditures for Amazon EC2 and Amazon RDS within AWS. The company decides to implement more rigorous tagging requirements for resources in its AWS accounts. A SysOps administrator needs to identify all noncompliant resources.

What is the MOST operationally efficient solution that meets this requirement?

A. Create a rule in Amazon EventBridge that invokes a custom AWS Lambda function that will evaluate all created or updated resources for the specified tags.
B. Create a rule in AWS Config that invokes a custom AWS Lambda function that will evaluate all resources for the specified tags.
C. Create a rule in AWS Config with the required-tags managed rule to evaluate all resources for the specified tags.
D. Create a rule in Amazon EventBridge with a managed rule to evaluate all created or updated resources for the specified tags.

#43 (Accuracy: 94% / 6 votes)

A company’s architecture team must receive immediate email notification whenever new Amazon EC2 instances are launched in the company's main AWS production account.

‘What should a SysOps administrator do to meet this requirement?

A. Create a user data script that sends an email message through a smart host connector. Include the architecture team's email address in the user data script as the recipient. Ensure that all new EC2 instances include the user data script as part of a standardized build process.
B. Create an Amazon Simple Notification Service (Amazon SNS) topic and a subscription that uses the email protocol. Enter the architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched. Specify the SNS topic as the rule's target.
C. Create an Amazon Simple Queue Service (Amazon SQS) queue and a subscription that uses the email protocol. Enter the architecture team's email address as the subscriber. Create an Amazon EventBridge rule that reacts when EC2 instances are launched. Specify the SQS queue as the rule's target.
D. Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure AWS Systems Manager to publish EC2 events to the SNS topic. Create an AWS Lambda function to poll the SNS topic. Configure the Lambda function to send any messages to the architecture team's email address.

#44 (Accuracy: 96% / 9 votes)

An ecommerce company uses an Amazon ElastiCache for Memcached cluster for in-memory caching of popular product queries on the shopping site. When viewing recent Amazon CloudWatch metrics data for the ElastiCache cluster, the SysOps administrator notices a large number of evictions.
Which of the following actions will reduce these evictions? (Choose two.)

A. Add an additional node to the ElastiCache cluster.
B. Increase the ElastiCache time to live (TTL).
C. Increase the individual node size inside the ElastiCache cluster.
D. Put an Elastic Load Balancer in front of the ElastiCache cluster.
E. Use Amazon Simple Queue Service (Amazon SQS) to decouple the ElastiCache cluster.

#45 (Accuracy: 100% / 3 votes)

A company runs a stateless application that is hosted on an Amazon EC2 instance. Users are reporting performance issues. A SysOps administrator reviews the
Amazon CloudWatch metrics for the application and notices that the instance's CPU utilization frequently reaches 90% during business hours.
What is the MOST operationally efficient solution that will improve the application's responsiveness?

A. Configure CloudWatch logging on the EC2 instance. Configure a CloudWatch alarm for CPU utilization to alert the SysOps administrator when CPU utilization goes above 90%.
B. Configure an AWS Client VPN connection to allow the application users to connect directly to the EC2 instance private IP address to reduce latency.
C. Create an Auto Scaling group, and assign it to an Application Load Balancer. Configure a target tracking scaling policy that is based on the average CPU utilization of the Auto Scaling group.
D. Create a CloudWatch alarm that activates when the EC2 instance's CPU utilization goes above 80%. Configure the alarm to invoke an AWS Lambda function that vertically scales the instance.

#46 (Accuracy: 100% / 3 votes)

A company is expanding its fleet of Amazon EC2 instances before an expected increase of traffic. When a SysOps administrator attempts to add more instances, an InstanceLimitExceeded error is returned.
What should the SysOps administrator do to resolve this error?

A. Add an additional CIDR block to the VPC.
B. Launch the EC2 instances in a different Availability Zone.
C. Launch new EC2 instances in another VPC.
D. Use Service Quotas to request an EC2 quota increase.

#47 (Accuracy: 91% / 4 votes)

A company runs a worker process on three Amazon EC2 instances. The instances are in an Auto Scaling group that is configured to use a simple scaling policy. The instances process messages from an Amazon Simple Queue Service (Amazon SQS) queue.

Random periods of increased messages are causing a decrease in the performance of the worker process. A SysOps administrator must scale the instances to accommodate the increased number of messages.

Which solution will meet these requirements?

A. Use CloudWatch to create a metric math expression to calculate the approximate age of the oldest message in the SQS queue. Create a target tracking scaling policy for the metric math expression to modify the Auto Scaling group.
B. Use CloudWatch to create a metric math expression to calculate the approximate number of messages visible in the SQS queue for each instance. Create a target tracking scaling policy for the metric math expression to modify the Auto Scaling group.
C. Create an Application Load Balancer (ALB). Attach the ALB to the Auto Scaling group. Create a target tracking scaling policy for the ALBRequestCountPerTarget metric to modify the Auto Scaling group.
D. Create an Application Load Balancer (ALB). Attach the ALB to the Auto Scaling group. Create a scheduled scaling policy for the Auto Scaling group.

#48 (Accuracy: 100% / 5 votes)

A company's SysOps administrator needs to change the AWS Support plan for one of the company's AWS accounts. The account has multi-factor authentication (MFA) activated, and the MFA device is lost.

What should the SysOps administrator do to sign in?

A. Sign in as a root user by using email and phone verification. Set up a new MFA device. Change the root user password.
B. Sign in as an IAM user with administrator permissions. Resynchronize the MFA token by using the IAM console.
C. Sign in as an IAM user with administrator permissions. Reset the MFA device for the root user by adding a new device.
D. Use the forgot-password process to verify the email address. Set up a new password and MFA device.

#49 (Accuracy: 100% / 8 votes)

A SysOps administrator is troubleshooting an AWS CloudFormation template whereby multiple Amazon EC2 instances are being created. The template is working in us-east-1, but it is failing in us-west-2 with the error code:
AMI [ami-12345678] does not exist
How should the Administrator ensure that the AWS CloudFormation template is working in every region?

A. Copy the source region's Amazon Machine Image (AMI) to the destination region and assign it the same ID.
B. Edit the AWS CloudFormation template to specify the region code as part of the fully qualified AMI ID.
C. Edit the AWS CloudFormation template to offer a drop-down list of all AMIs to the user by using the AWS::EC2::AMI::ImageID control.
D. Modify the AWS CloudFormation template by including the AMI IDs in the ג€Mappingsג€ section. Refer to the proper mapping within the template for the proper AMI ID.

#50 (Accuracy: 100% / 18 votes)

A SysOps administrator is deploying an application on 10 Amazon EC2 instances. The application must be highly available. The instances must be placed on distinct underlying hardware.
What should the SysOps administrator do to meet these requirements?

A. Launch the instances into a cluster placement group in a single AWS Region.
B. Launch the instances into a partition placement group in multiple AWS Regions.
C. Launch the instances into a spread placement group in multiple AWS Regions.
D. Launch the instances into a spread placement group in a single AWS Region.

There are 349 results