CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-SysOps

Free AWS-SysOps Exam Braindumps (page: 60)

Page 59 of 121
PDF with 477 Questions

A SysOps administrator must ensure that a company's Amazon EC2 instances auto scale as expected. The SysOps administrator configures an Amazon EC2 Auto Scaling lifecycle hook to send an event to Amazon EventBridge (Amazon CloudWatch Events), which then invokes an AWS Lambda function to configure the EC2 instances. When the configuration is complete, the Lambda function calls the complete-lifecycle-action event to put the EC2 instances into service. In testing, the SysOps administrator discovers that the Lambda function is not invoked when the EC2 instances auto scale.
What should the SysOps administrator do to resolve this issue?

  1. Add a permission to the Lambda function so that it can be invoked by the EventBridge (CloudWatch Events) rule.
  2. Change the lifecycle hook action to CONTINUE if the lifecycle hook experiences a failure or timeout.
  3. Configure a retry policy in the EventBridge (CloudWatch Events) rule to retry the Lambda function invocation upon failure.
  4. Update the Lambda function execution role so that it has permission to call the complete-lifecycle-action event.

Answer(s): A



A company has mandated the use of multi-factor authentication (MFA) for all IAM users, and requires users to make all API calls using the CLI. However, users are not prompted to enter MFA tokens, and are able to run CLI commands without MFA. In an attempt to enforce MFA, the company attached an IAM policy to all users that denies API calls that have not been authenticated with MFA.
What additional step must be taken to ensure that API calls are authenticated using MFA?

  1. Enable MFA on IAM roles, and require IAM users to use role credentials to sign API calls.
  2. Ask the IAM users to log into the AWS Management Console with MFA before making API calls using the CLI.
  3. Restrict the IAM users to use of the console, as MFA is not supported for CLI use.
  4. Require users to use temporary credentials from the get-session token command to sign API calls.

Answer(s): D



A SysOps administrator has blocked public access to all company Amazon S3 buckets. The SysOps administrator wants to be notified when an S3 bucket becomes publicly readable in the future.
What is the MOST operationally efficient way to meet this requirement?

  1. Create an AWS Lambda function that periodically checks the public access settings for each S3 bucket. Set up Amazon Simple Notification Service (Amazon SNS) to send notifications.
  2. Create a cron script that uses the S3 API to check the public access settings for each S3 bucket. Set up Amazon Simple Notification Service (Amazon SNS) to send notifications.
  3. Enable S3 Event Notifications for each S3 bucket. Subscribe S3 Event Notifications to an Amazon Simple Notification Service (Amazon SNS) topic.
  4. Enable the s3-bucket-public-read-prohibited managed rule in AWS Config. Subscribe the AWS Config rule to an Amazon Simple Notification Service (Amazon SNS) topic.

Answer(s): D



A company plans to launch a static website on its domain example.com and subdomain www.example.com using Amazon S3.
How should the SysOps administrator meet this requirement?

  1. Create one S3 bucket named example.com for both the domain and subdomain.
  2. Create one S3 bucket with a wildcard named *.example.com for both the domain and subdomain.
  3. Create two S3 buckets named example.com and www.example.com. Configure the subdomain bucket to redirect requests to the domain bucket.
  4. Create two S3 buckets named http://example.com and http://*.example.com. Configure the wildcard (*) bucket to redirect requests to the domain bucket.

Answer(s): C






Post your Comments and Discuss Amazon AWS-SysOps exam with other Community members:

AWS-SysOps Discussions & Posts