Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS Certified SysOps Administrator - Associate

Amazon AWS Certified SysOps Administrator - Associate Exam
AWS Certified SysOps Administrator (Page 21 )

Updated On: 12-Jan-2026
Page 19 of 97
PDF with 477 Questions

A company plans to migrate several of its high performance computing (HPC) virtual machines (VMs) to Amazon EC2 instances on AWS. A SysOps administrator must identify a placement group for this deployment. The strategy must minimize network latency and must maximize network throughput between the HPC VMs.
Which strategy should the SysOps administrator choose to meet these requirements?

  1. Deploy the instances in a cluster placement group in one Availability Zone.
  2. Deploy the instances in a partition placement group in two Availability Zones.
  3. Deploy the instances in a partition placement group in one Availability Zone.
  4. Deploy the instances in a spread placement group in two Availability Zones.

Answer(s): A



A SysOps administrator configures an Amazon S3 gateway endpoint in a VPC. The private subnets inside the VPC do not have outbound internet access. User logs in to an Amazon EC2 instance in one of the private subnets and cannot upload a file to an Amazon S3 bucket in the same AWS Region.
Which solution will solve this problem?

  1. Update the EC2 instance role policy to include s3:PutObject access to the target S3 bucket.
  2. Update the EC2 security group to allow outbound traffic to 0.0.0.0/0 for port 80.
  3. Update the EC2 subnet route table to include the S3 prefix list destination routes to the S3 gateway endpoint.
  4. Update the S3 bucket policy to allow s3:PutObject access from the private subnet CIDR block.

Answer(s): C



A company is using an Amazon DynamoDB table for data. A SysOps administrator must configure replication of the table to another AWS Region for disaster recovery.
What should the SysOps administrator do to meet this requirement?

  1. Enable DynamoDB Accelerator (DAX).
  2. Enable DynamoDB Streams, and add a global secondary index (GSI).
  3. Enable DynamoDB Streams, and add a global table Region.
  4. Enable point-in-time recovery.

Answer(s): C



A company manages a set of accounts on AWS by using AWS Organizations. The company's security team wants to use a native AWS service to regularly scan all AWS accounts against the Center for Internet Security (CIS) AWS Foundations Benchmark.
What is the MOST operationally efficient way to meet these requirements?

  1. Designate a central security account as the AWS Security Hub administrator account. Create a script that sends an invitation from the Security Hub administrator account and accepts the invitation from the member account. Run the script every time a new account is created. Configure Security Hub to run the CIS AWS Foundations Benchmark scans.
  2. Run the CIS AWS Foundations Benchmark across all accounts by using Amazon Inspector.
  3. Designate a central security account as the Amazon GuardDuty administrator account. Create a script that sends an invitation from the GuardDuty administrator account and accepts the invitation from the member account. Run the script every time a new account is created. Configure GuardDuty to run the CIS AWS Foundations Benchmark scans.
  4. Designate an AWS Security Hub administrator account. Configure new accounts in the organization to automatically become member accounts. Enable CIS AWS Foundations Benchmark scans.

Answer(s): D



A SysOps administrator needs to collect the content of log files from a custom application that is deployed across hundreds of Amazon EC2 instances running Ubuntu. The log files need to be stored in Amazon CloudWatch Logs.
How should the SysOps administrator collect the application log files with the LOWEST operational overhead?

  1. Configure the syslogd service on each EC2 instance to collect and send the application log files to CloudWatch Logs.
  2. Install the CloudWatch agent by using the Amazon Linux package manager on each EC2 instance. Configure each agent to collect the application log files.
  3. Install the CloudWatch agent on each EC2 instance by using AWS Systems Manager. Create an agent configuration on each instance by using the CloudWatch configuration wizard. Configure each agent to collect the application log files.
  4. Store a CloudWatch agent configuration in the AWS Systems Manager Parameter Store. Install the CloudWatch agent on each EC2 instance by using Systems Manager. Configure each agent to collect the application log files.

Answer(s): D



Viewing page 21 of 97
Viewing questions 101 - 105 out of 477 questions



Post your Comments and Discuss Amazon AWS Certified SysOps Administrator - Associate exam prep with other Community members:

Join the AWS Certified SysOps Administrator - Associate Discussion