CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-SysOps

Free AWS-SysOps Exam Braindumps (page: 59)

Page 58 of 121
PDF with 477 Questions

A company is creating a new multi-account architecture. A SysOps administrator must implement a login solution to centrally manage user access and permissions across all AWS accounts. The solution must be integrated with AWS Organizations and must be connected to a third-party Security Assertion Markup Language (SAML) 2.0 identity provider (IdP).
What should the SysOps administrator do to meet these requirements?

  1. Configure an Amazon Cognito user pool. Integrate the user pool with the third-party IdP.
  2. Enable and configure AWS Single Sign-On with the third-party IdP.
  3. Federate the third-party IdP with AWS Identity and Access Management (IAM) for each AWS account in the organization.
  4. Integrate the third-party IdP directly with AWS Organizations.

Answer(s): B



A company is managing many accounts by using a single organization in AWS Organizations. The organization has all features enabled. The company wants to turn on AWS Config in all the accounts of the organization and in all AWS Regions.
What should a SysOps administrator do to meet these requirements in the MOST operationally efficient way?

  1. Use AWS CloudFormation Stack Sets to deploy stack instances that turn on AWS Config in all accounts and in all Regions.
  2. Use AWS CloudFormation Stack Sets to deploy stack policies that turn on AWS Config in all accounts and in all Regions.
  3. Use service control policies (SCPs) to configure AWS Config in all accounts and in all Regions.
  4. Create a script that uses the AWS CLI to turn on AWS Config in all accounts in the organization. Run the script from the organization's management account.

Answer(s): A



A SysOps administrator needs to delete an AWS CloudFormation stack that is no longer in use. The CloudFormation stack is in the DELETE_FAILED state. The SysOps administrator has validated the permissions that are required to delete the CloudFormation stack.
Which of the following are possible causes of the DELETE_FAILED state? (Choose two.)

  1. The configured timeout to delete the stack was too low for the delete operation to complete.
  2. The stack contains nested stacks that must be manually deleted first.
  3. The stack was deployed with the --disable-rollback option.
  4. There are additional resources associated with a security group in the stack.
  5. There are Amazon S3 buckets that still contain objects in the stack.

Answer(s): D,E



A SysOps administrator needs to configure a solution that will deliver digital content to a set of authorized users through Amazon CloudFront. Unauthorized users must be restricted from access.
Which solution will meet these requirements?

  1. Store the digital content in an Amazon S3 bucket that does not have public access blocked. Use signed URLs to access the S3 bucket through CloudFront.
  2. Store the digital content in an Amazon S3 bucket that has public access blocked. Use an origin access identity (OAI) to deliver the content through CloudFront. Restrict S3 bucket access with signed URLs in CloudFront.
  3. Store the digital content in an Amazon S3 bucket that has public access blocked. Use an origin access identity (OAI) to deliver the content through CloudFront. Enable field-level encryption.
  4. Store the digital content in an Amazon S3 bucket that does not have public access blocked. Use signed cookies for restricted delivery of the content through CloudFront.

Answer(s): B






Post your Comments and Discuss Amazon AWS-SysOps exam with other Community members:

AWS-SysOps Discussions & Posts