Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS Certified SysOps Administrator - Associate

Amazon AWS Certified SysOps Administrator - Associate Exam
AWS Certified SysOps Administrator (Page 4 )

Updated On: 12-Jan-2026
Page 4 of 97
PDF with 477 Questions

A company’s SysOps administrator manages a fleet of Windows Amazon EC2 instances that run in a single AWS account. The instances have a tag that includes a key of “OS" and a value of "Windows." The company uses AWS Systems Manager to patch the instances.
The company has installed the Amazon CloudWatch agent on the instances, but the configuration is inconsistent. The SysOps administrator needs to reconfigure every instance to use the same predefined CloudWatch configuration.
Which combination of steps will meet these requirements? (Choose two.)

  1. Store the CloudWatch agent configuration file in an Amazon S3 bucket.
  2. Store the contents of the CloudWatch agent configuration file in Systems Manager OpsCenter.
  3. Store the contents of the CloudWatch agent configuration file in Systems Manager Parameter Store.
  4. Create a Systems Manager State Manager association to run the AmazonCloudWatch-ManageAgent Systems Manager Run Command document. Select Systems Manager as an optional configuration source. Target the instances based on tag values.
  5. Create a Systems Manager State Manager association to run the AmazonCloudWatch-ManageAgent Systems Manager Run Command document. Configure the document to use the S3 bucket location as the configuration source. Target the instances based on tag value.

Answer(s): C,D



A company decides to stop non-production Amazon EC2 instances during the EC2 instances. The company's IT manager must receive notification in near real time whenever an EC2 instance that has an environment type tag value of non-production is started during the night.
Which solution will meet this requirement with the MOST operational efficiency?

  1. Configure an AWS Lambda function with an SMTP client library. Subscribe the Lambda function to the AWS Health Dashboard to receive notification whenever an EC2 instance is in the running state. Configure the Lambda function to use Amazon Pinpoint to send email notifications to the IT manager. Deploy a second Lambda function to throttle calls from the first Lambda function during the daytime.
  2. Deploy an AWS Lambda function that queries the Amazon EC2 API to determine the state of each EC2 instance. Use the EC2 instance scheduler to configure the Lambda function to run every minute during the night and to send an email notification to the IT manager for each non-production EC2 instance that is in the running state.
  3. Create an Amazon EventBridge rule that includes the EC2 Instance State-change Notification event type. Filter the event to capture only the running state. Create an AWS Lambda function as a target of the rule. Configure the Lambda function to check the current time and the EC2 instances’ tags to determine the environment type. Create an Amazon Simple Notification Service (Amazon SNS) topic as a target of the Lambda function for notifications. Subscribe the IT manager's email address to the SNS topic.
  4. Store the EC2 instance metadata, including the environment type, in an Amazon DynamoDB table. Deploy a custom application to an EC2 instance. Configure the custom application to poll the DynamoDB data every minute during the night and to query the Amazon EC2 API to determine the state of each instance. Additionally, configure the custom application to send an email notification to the IT manager for each non-production EC2 instance that is in the running state.

Answer(s): C



A company creates a new Amazon FSx for Windows File Server file system. To help manage costs, the company configures the storage capacity for the file system with minimal room for growth.
The company creates an Amazon Simple Notification Service (Amazon SNS) topic in the same AWS account whore the file system resides. The company subscribes a SysOps administrator's email address to the SNS topic. The SysOps administrator needs to receive email notification when the file system has less than 100 GB of space available.
Which combination of steps should the SysOps administrator take to meet this requirement? (Choose two.)

  1. Create an Amazon EventBridge rule for when the FreeStorageCapacity metric is less than or equal to 100,000,000,000 bytes (100 GB).
  2. Create an Amazon CloudWatch alarm for when the FreeStorageCapacity metric is less than or equal to 100,000,000,000 bytes (100 GB).
  3. Create an AWS Lambda function that will run when the Amazon CloudWatch alarm enters ALARM state. Configure the Lambda function to publish to the SNS topic.
  4. Configure the Amazon EventBridge rule's alarm action to publish to the SNS topic when the rule enters ALARM state.
  5. Configure the Amazon CloudWatch alarm action to publish to the SNS topic when the alarm enters ALARM state.

Answer(s): B,E



A company wants to track its expenditures for Amazon EC2 and Amazon RDS within AWS. The company decides to implement more rigorous tagging requirements for resources in its AWS accounts. A SysOps administrator needs to identify all noncompliant resources.
What is the MOST operationally efficient solution that meets this requirement?

  1. Create a rule in Amazon EventBridge that invokes a custom AWS Lambda function that will evaluate all created or updated resources for the specified tags.
  2. Create a rule in AWS Config that invokes a custom AWS Lambda function that will evaluate all resources for the specified tags.
  3. Create a rule in AWS Config with the required-tags managed rule to evaluate all resources for the specified tags.
  4. Create a rule in Amazon EventBridge with a managed rule to evaluate all created or updated resources for the specified tags.

Answer(s): C



A SysOps administrator needs to secure the credentials for an Amazon RDS database that is created by an AWS CloudFormation template. The solution must encrypt the credentials and must support automatic rotation.
Which solution will meet these requirements?

  1. Create an AWS::SecretsManager::Secret resource in the CloudF ormation template. Reference the credentials in the AWS::RDS::DBInstance resource by using the resolve:secretsmanager dynamic reference.
  2. Create an AWS::SecretsManager::Secret resource in the CloudFormation template. Reference the credentials in the AWS::RDS::DBInstance resource by using the resolve:ssm-secure dynamic reference.
  3. Create an AWS::SSM::Parameter resource in he CloudFormation template. Reference the credentias in the AWS::RDS::DBInstance resource by using the resolve:ssm dynamic reference.
  4. Create parameters for the database credentials in the CloudFormation template. Use the Ref intrinsic function to provide the credentials to the AWS::RDS::DBInstance resource.

Answer(s): A



Viewing page 4 of 97
Viewing questions 16 - 20 out of 477 questions



Post your Comments and Discuss Amazon AWS Certified SysOps Administrator - Associate exam prep with other Community members:

Join the AWS Certified SysOps Administrator - Associate Discussion