CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-SysOps

Free AWS-SysOps Exam Braindumps (page: 19)

Page 19 of 106
PDF with 927 Questions

A company wants to create an automated solution for all accounts managed by AWS Organizations to detect any security groups that use 0.0.0.0/0 as the source address for inbound traffic. The company also wants to automatically remediate any noncompliant security groups by restricting access to a specific CIDR block that corresponds with the company's intranet.
Which set of actions should the SysOps administrator take to create a solution?

  1. Create an AWS Config rule to detect noncompliant security groups. Set up automatic remediation to change the 0.0.0.0/0 source address to the approved CIDR block.
  2. Create an IAM policy to deny the creation of security groups that have 0.0.0.0/0 as the source address. Attach this IAM policy to every user in the company.
  3. Create an AWS Lambda function to inspect new and existing security groups. Check for a noncompliant 0.0.0.0/0 source address and change the source address to the approved CIDR block.
  4. Create a service control policy (SCP) for the organizational unit (OU) to deny the creation of security groups that have the 0.0.0.0/0 source address. Set up automatic remediation to change the 0.0.0.0/0 source address to the approved CIDR block.

Answer(s): A



A company requires that all activity in its AWS account be logged using AWS CloudTrail. Additionally, a SysOps administrator must know when CloudTrail log files are modified or deleted.
How should the SysOps administrator meet these requirements?

  1. Enable log file integrity validation. Use the AWS CLI to validate the log files.
  2. Enable log file integrity validation. Use the AWS CloudTrail Processing Library to validate the log files.
  3. Use CloudTrail Insights to monitor the log files for modifications.
  4. Use Amazon CloudWatch Logs to monitor the log files for modifications.

Answer(s): A



A company is planning to host its stateful web-based applications on AWS. A SysOps administrator is using an Auto Scaling group of Amazon EC2 instances. The web applications will run 24 hours a day, 7 days a week throughout the year. The company must be able to change the instance type within the same instance family later in the year based on the traffic and usage patterns.
Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

  1. Convertible Reserved Instances
  2. On-Demand Instances
  3. Spot Instances
  4. Standard Reserved Instances

Answer(s): A



An application runs on Amazon EC2 instances in an Auto Scaling group. Following the deployment of a new feature on the EC2 instances, some instances were marked as unhealthy and then replaced by the Auto Scaling group. The EC2 instances terminated before a SysOps administrator could determine the cause of the health status changes. To troubleshoot this issue, the SysOps administrator wants to ensure that an AWS Lambda function is invoked in this situation.
How should the SysOps administrator meet these requirements?

  1. Activate the instance scale-in protection setting for the Auto Scaling group. Invoke the Lambda function through Amazon EventBridge (Amazon CloudWatch Events).
  2. Activate the instance scale-in protection setting for the Auto Scaling group. Invoke the Lambda function through Amazon Route 53.
  3. Add a lifecycle hook to the Auto Scaling group to invoke the Lambda function through Amazon EventBridge (Amazon CloudWatch Events).
  4. Add a lifecycle hook to the Auto Scaling group to invoke the Lambda function through Amazon Route 53.

Answer(s): C



Page 19 of 106



Post your Comments and Discuss Amazon AWS-SysOps exam with other Community members:

Lori commented on August 03, 2019
I managed to pass the exam with good score sing this dump. I failed this exam before. It is too hard to know all the topics. This braindump questions and answers is a life-saver!
UNITED STATES
upvote

Norman commented on May 21, 2019
I love this site and their braindumps material. They have helped me pass 3 of my exams so far. This is the 4th one I am going for. Wish me luck. I hope I can clear it as easy as I did the other 3.
UNITED STATES
upvote

Arian commented on May 17, 2019
I normally don't go for braindumps and cheat sheets but for this exam I had to since I did not have time and there was a deadline set by company. So I used these dumps and it worked. I passed in first try.
UNITED STATES
upvote

streetbites commented on April 26, 2019
Great price will study and post results...
UNITED STATES
upvote

zxczx commented on September 10, 2018
where are my downloads?
UNITED STATES
upvote

db commented on September 10, 2018
website had to navigate and download exams.
UNITED STATES
upvote

sam commented on July 19, 2018
later
INDIA
upvote

Karthik commented on March 20, 2018
Hi Team, Shared dumps answers are wrong, I have cross check most of the answer are wrong. Please refund / share the valid one?. Regards, Karthik M
GERMANY
upvote

Yogi commented on January 23, 2018
Excellant product. Cleared exam with 95%.
UNITED STATES
upvote

Ronnie commented on September 05, 2017
I have heard great things from a colleague ! He has passed every exam by 80+% Thanks to BrainDumps... I'll let you know in 2 weeks how i go!
UNITED STATES
upvote

Rai commented on June 09, 2017
Very helpful content, definitely will help me to pass the certification
UNITED STATES
upvote

musma21 commented on March 05, 2017
I've been using AWS and Azure for a time however I've never tried to take this exam. I'm really thrilled to get the AWS cert with help of this dump!
UNITED STATES
upvote