Time limit: 0
Quiz Summary
0 of 60 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Quiz complete. Results are being recorded.
Results
0 of 60 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the practice exam, but hey, you have unlimited access.π
Practice makes you perfect! π -
Congratulations! π₯³
You have passed the practice exam successfully! You are one step closer to pass the real exam!
We hope to see you again on another certification path. βοΈ
Good luck with the exam! Stay strong. π
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 60
1. Question
You are using AWS Trusted Advisor as it provides you real-time guidance to help you provision your resources following AWS best practices. Which of the following categories is NOT included in the AWS Trusted Advisorβs best practice recommendations?
CorrectIncorrect -
Question 2 of 60
2. Question
A Linux instance running in your VPC requires some configuration changes to be implemented locally and you need to run some commands.
Which of the following can be used to securely access the instance?
CorrectIncorrect -
Question 3 of 60
3. Question
In compliance with PCI DSS, an EU-based company is required to provide compliance documents, such as Payment Card Industry (PCI). Where are these AWS compliance documents located?
CorrectIncorrect -
Question 4 of 60
4. Question
A company needs to create an AWS multi-account strategy for its AWS Control Tower landing zone as a well-architected AWS environment following the best practices.
Which action should a SysOps administrator take to meet these requirements?
CorrectIncorrect -
Question 5 of 60
5. Question
A company starts growing rapidly and they need to implement a solution to centrally manage billing; control access, and security; and share resources across the AWS accounts.
Which of the following AWS services will meet this requirement?
CorrectIncorrect -
Question 6 of 60
6. Question
Which of the following AWS Key Management Service (AWS KMS) practice encrypts plaintext data with a data key, and then encrypts the data key under another key?
CorrectIncorrect -
Question 7 of 60
7. Question
A company just installed a new WordPress website on an Amazon EC2 Linux instance. Although the website is installed on an Amazon EC2 instance, they cannot directly deploy an ACM Certificate on that instance.
Which action should the SysOps administrator take to fix this issue?
CorrectIncorrect -
Question 8 of 60
8. Question
A company wants to set up an AWS Site-to-Site VPN connection with a virtual private gateway as the target gateway.
Which of the following is the FIRST step to meet the requirement?
CorrectIncorrect -
Question 9 of 60
9. Question
The instances that you launch into an Amazon VPC canβt communicate with your own (remote) network. Which of the following services do you need to create and configure in order to enable access to your remote network from your VPC?
CorrectIncorrect -
Question 10 of 60
10. Question
You are working for Examsdigest LLC, as a SysOps Administrator. You have been tasked to connect the on-premises infrastructure to their AWS cloud as secure as possible.
Which of the following AWS services can you use to accomplish this? (Choose all that apply)
CorrectIncorrect -
Question 11 of 60
11. Question
Which of the following AWS Services enables you to replace hardcoded credentials in your code with an API to ensure that the secret canβt be compromised by someone examining your code?
CorrectIncorrect -
Question 12 of 60
12. Question
A company for compliance purposes needs to assess how well its resource configurations comply with internal practices, industry guidelines, and regulations.
Which tool should a SysOps administrator use to meet these requirements?
CorrectIncorrect -
Question 13 of 60
13. Question
A company is hosted the new application in an Auto Scaling group of EC2 instances. The company wants to implement an SSL solution for the app to improve its security. The certificate is obtained from a third-party issuer.
Where can you import the SSL/TLS certificate to improve the security of the application?
CorrectIncorrect -
Question 14 of 60
14. Question
A company wants to implement a solution to automate security vulnerability assessments throughout the development and deployment pipelines.
Which service should a SysOps administrator enable to meet the requirement?
CorrectIncorrect -
Question 15 of 60
15. Question
You can configure a Lambda function to connect to private subnets in a virtual private cloud (VPC) in your AWS account.
What happens when you connect a function to a VPC?
CorrectIncorrect -
Question 16 of 60
16. Question
A company wants to monitor the traffic that is reaching its instance by capturing information about the IP traffic going to and from the network interfaces in its VPC.
Which solution will meet this requirement?
CorrectIncorrect -
Question 17 of 60
17. Question
Which of the following VPC features acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level?
CorrectIncorrect -
Question 18 of 60
18. Question
You have been tasked to improve the security of the data flow between your Amazon Redshift cluster and other resources. The very first step is to use VPC flow logs to monitor all the COPY and UNLOAD traffic of your Redshift cluster that moves in and out of your VPC.
Which of the following option is the most suitable solution to improve the security of your data?
CorrectIncorrect -
Question 19 of 60
19. Question
A company has a VPC for the IT department and another VPC for the accounting department. Which type of networking connection in AWS should a SysOps administrator use for the IT department in order to get access to all resources that are in the accounting department, and vice versa?
CorrectIncorrect -
Question 20 of 60
20. Question
A company wants to create a VPC with a dedicated tenancy for the 10.0.0.0/16 IPv4 CIDR block.
Which command should a SysOps administrator type in the command-line tool to meet the requirement?
CorrectIncorrect -
Question 21 of 60
21. Question
A company needs to increase the security of its VPC. The company wants to control traffic in and out of its subnets.
Which service should a SysOps administrator use to meet the requirement?
CorrectIncorrect -
Question 22 of 60
22. Question
Which of the following ACL rules allows inbound HTTP traffic from any IPv4 address.
CorrectIncorrect -
Question 23 of 60
23. Question
A company just launched an EC2 instance in a subnet into its VPC. After investigation, a SysOps administrator has realized that the EC2 instance isnβt accessible from the Internet.
What could be the primary cause of this issue?
CorrectIncorrect -
Question 24 of 60
24. Question
A company just finalized the process of hosting its WordPress blog on a new Amazon EC2 Linux instance. After trying to connect to the instance the SysOps administrator gets the following error message:
Network error: Connection timed out or Error connecting
Which actions should the SysOps administrator take to fix this issue? (Select TWO.)
CorrectIncorrect -
Question 25 of 60
25. Question
Ξ company handles sensitive data in their private subnet, the data is processed by the EC2 instances and then delivered to S3. The company wants the data to NOT be passed through the public Internet.
How could a SysOps administrator design this solution so that the data does not pass through the public Internet?
CorrectIncorrect -
Question 26 of 60
26. Question
A company wants to use a network address translation (NAT) gateway to enable the instances in its private subnet to connect to the internet and prevent the internet from initiating a connection with those instances.
Sort the steps from the top (first step) to the bottom (last step) to create a NAT gateway using the console.
-
Select the allocation ID of an Elastic IP address to associate with the NAT gateway
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc
-
Choose Create a NAT Gateway
-
Specify the subnet in which to create the NAT gateway
-
In the navigation pane, choose NAT Gateways, Create NAT Gateway
View Answers:
CorrectIncorrect -
-
Question 27 of 60
27. Question
A company wants to use a security group to control inbound and outbound traffic. The company has already launched an instance in a VPC and now they want to assign two security groups to the instance.
Sort the steps from the top (first step) to the bottom (last step) to create a security group using the console.
-
In the navigation pane, choose Security Groups
-
Choose Create
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc
-
Enter a name for the security group (for example, my-security-group), and then provide a description
-
From VPC, select the ID of your VPC
-
Choose Create security group
View Answers:
CorrectIncorrect -
-
Question 28 of 60
28. Question
A company wants to add an additional layer of protection from web attacks that attempt to exploit vulnerabilities to its web app. The company needs to create rules to filter web traffic based on specific IP addresses and block common web exploits like SQL injection and cross-site scripting.
Which of the following AWS service meet these requirements?
CorrectIncorrect -
Question 29 of 60
29. Question
A company that has a MySQL on Amazon Relational Database Service discovers common attack patterns, such as SQL injection and cross-site scripting. You have been hired to implement a solution to improve web traffic visibility by monitoring the entire inbound traffic and improve the security against web attacks.
Which of the following services should you implement to meet the requirements?
CorrectIncorrect -
Question 30 of 60
30. Question
Which of the following AWS service is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization?
CorrectIncorrect -
Question 31 of 60
31. Question
A company is using Amazon Elastic Container Service (Amazon ECS) containers to host its applications. The company wants to use AWS WAF to protect the applications that are hosted in Amazon ECS containers.
Which actions should a SysOps administrator take to meet these requirements?
CorrectIncorrect -
Question 32 of 60
32. Question
A company is using Amazon CloudFront distributions and Amazon Route 53 hosted zones. The company wants to add protection against DDoS attacks for those resource types using AWS Shield Advanced.
Which of the following is the THIRD step in the AWS Shield Advanced configuration process?
CorrectIncorrect -
Question 33 of 60
33. Question
Your Online Travel Agent (OTA) startup in California recently faced tremendous growth. Users from all over the world started using the APP. After investigation, you noticed 60% of the traffic was originated from Germany. Because of this, you decide to localize your content and present all of your websiteβs content in German to the users from Germany and English to the rest of the users. Also, you want all queries from Europe to be routed to an ELB load balancer in the Frankfurt region.
Which of the following services would allow you to fulfill this requirement?
CorrectIncorrect -
Question 34 of 60
34. Question
A company wants to configure a public hosted zone to provide information about how they want to route traffic on the internet for its domain (examsdigest.com).
Which solution will meet these requirements with the LEAST amount of effort?
CorrectIncorrect -
Question 35 of 60
35. Question
A SysOps Administrator is configuring a Route 53 Resolver using the wizard. Which of the following steps has to be done before choosing the direction that you want to forward DNS queries?
CorrectIncorrect -
Question 36 of 60
36. Question
A company wants to create a secure static website for its domain name. The company’sΒ website uses only files like HTML, CSS, JavaScript, and doesnβt need servers or server-side processing.
Which of the following are prerequisites to deploy this secure static website solution using the console? (Select TWO.)
CorrectIncorrect -
Question 37 of 60
37. Question
A SysOps administrator tries to add an alternate domain name (CNAME) to its distribution butΒ CloudFront returns an
InvalidViewerCertificate
error.Which actions should the SysOps administrator take to fix this issue? (Select TWO.)
CorrectIncorrect -
Question 38 of 60
38. Question
A company is using VPC Flow Logs to capture information about the IP traffic going to and from the network interfaces in its VPC. The company has created a flow log, and the Amazon VPC console displays the flow log as
Active
. However, they cannot see any log streams in CloudWatch Logs or log files in its Amazon S3 bucket.Which actions should the SysOps administrator take to fix this issue?
CorrectIncorrect -
Question 39 of 60
39. Question
A company just created a subnet and configured a routing. The company wants to launch an instance of typeΒ t2.micro into the default subnet for the current Region using a command-line tool.
Which action should a SysOps administrator take to meet these requirements?
CorrectIncorrect -
Question 40 of 60
40. Question
A company wants a tool that provides real-time guidance on how to optimize its AWS infrastructure, increase security and performance and reduce its overall costs
Which solution will meet this requirement?
CorrectIncorrect -
Question 41 of 60
41. Question
You are working in a bootstrapping start-up and you need to keep the operational expenses as low as possible. The most cost-effective and viable solution at this stage is to automatically stop the EC2 instances after some predefined thresholds are met.
Which of the following services can help the start-up to reduce billing overages?
CorrectIncorrect -
Question 42 of 60
42. Question
A company wants to receive an alert once the EC2 cost budget reaches the threshold of $2,500.00.
Which action should a SysOps administrator take to track and inspect the company’s budget?
CorrectIncorrect -
Question 43 of 60
43. Question
Your new online event management application is hosted in AWS. The application uses Multi-AZ RDS for its database tier, which has a standby replica.
What are the events that will make Amazon RDS automatically perform a failover to the standby replica? (Select THREE.)
CorrectIncorrect -
Question 44 of 60
44. Question
You are building an application that will be hosted in ECS which needs to be configured to run its tasks and services using the Fargate launch type. The application will have four different tasks where each task will access various AWS resources that are different from the other tasks.
Which of the following solutions can provide your application in ECS access to the required AWS resources?
CorrectIncorrect -
Question 45 of 60
45. Question
A tech-educational company uses EC2, CloudFront, and S3 for its tutorial videos. The company uses a standard S3 storage class to store all tutorials. The wants to transfer the tutorials automatically from the S3 bucket to Amazon S3 Glacier storage.
Which action should a SysOps administrator take to meet the requirement?
CorrectIncorrect -
Question 46 of 60
46. Question
You are working on a bookkeeping accountant application for a startup. Your project manager asked you to have the ability to automatically transfer obsolete data from their S3 bucket to a low-cost storage system in AWS.
Which of the following solution will you use to meet the requirement?
CorrectIncorrect -
Question 47 of 60
47. Question
A company wants to use an RDS Proxy to make its applications more resilient to database failures by automatically connecting to a standby DB instance while preserving application connections.
Which networking resources should a SysOps administrator set in place in order to use an RDS Proxy? (Select THREE.)
CorrectIncorrect -
Question 48 of 60
48. Question
A company has customers from all over the world that upload files to a centralized bucket. The company needs to provide fast, easy, and secure transfer of the files over long distances between its clients and an S3 bucket.
Which solution will meet this requirement?
CorrectIncorrect -
Question 49 of 60
49. Question
A company is building a text to speech conversion service in which a fleet of EC2 worker instances processes an uploaded text file and generates an audio file as an output. The company wants toΒ enable enhanced networking with the Elastic Network Adapter (ENA).
What should the SysOps administrator do to set up the EC2 instance for enhanced networking? (Select TWO.)
CorrectIncorrect -
Question 50 of 60
50. Question
Your company has just launched a new application that will be deployed on AWS which runs multiple components in Docker containers. Your company decides to use AWS managed infrastructure for running the containers as they do not want to manage EC2 instances.
Which of the following solution would address the requirement? (Select TWO.)
CorrectIncorrect -
Question 51 of 60
51. Question
The previous AWS SysOps administrator in the Acme Corporation was using Amazon CloudWatch dashboards, as he was able to monitor the resources in a single view, even those resources that are spread across different Regions. Now, you took over the position as AWS SysOps administrator and you are responsible to create a new CloudWatch dashboard using the console.
Which of the following steps is NOT required to create the new CloudWatch dashboard?
CorrectIncorrect -
Question 52 of 60
52. Question
Your new application is hosted in an Auto Scaling group of EC2 instances. To improve the monitoring process, you have to configure it to keep the average aggregate CPU utilization of your Auto Scaling group at 50 percent. This should be done by specifying the scaling metrics and threshold values for the CloudWatch alarms that trigger the scaling process.
Which of the following scaling policy type you should use?
CorrectIncorrect -
Question 53 of 60
53. Question
A company uses EventBridge as it delivers a stream of real-time data from their own applications, and AWS services and routes that data to targets such as AWS Lambda. Also, they can set up routing rules to determine where to send their data to build application architectures. Now, the company needs to configure the EventBridge with more targets.
Which of the following is NOT a target for EventBridge?
CorrectIncorrect -
Question 54 of 60
54. Question
A company is creating an EventBridge rule that triggers on an AWS API Call Using AWS CloudTrail. After configuring the Service provider and the Service name of the service that emits the event, now they are configuring the Event type.
Which of the following Event type should they choose to create the EventBridge rule?
CorrectIncorrect -
Question 55 of 60
55. Question
A company is creating a new Amazon Relational Database Service (Amazon RDS) as it provides a cost-efficient relational database and manages common database administration tasks.
Sort the steps from the top (first step) to the bottom (last step) to create a read replica using the console with the following.
-
Choose the MySQL or PostgreSQL DB instance
-
Choose the custom Availability Zone for Destination Custom AZ
-
Choose Create read replica
-
For DB instance identifier, enter a name for the read replica
-
In the navigation pane, choose Databases
-
Choose the MySQL DB instance that you want to use as the source for a read replica
-
Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/
-
For Actions, choose Create read replica
-
Choose the instance specifications that you want to use
-
For Destination Custom AZ, choose the custom Availability Zone where you want to create the read replica
View Answers:
CorrectIncorrect -
-
Question 56 of 60
56. Question
Your web application is on a fleet of EC2 instances located in three Availability Zones which are behind an Application Load Balancer. Which health check configuration will you implement to ensure that your web app is highly-available?
CorrectIncorrect -
Question 57 of 60
57. Question
Suppose you have ELB load balancers in the US West (Oregon) Region and in the Asia Pacific (Singapore) Region and you created a latency record for each load balancer. What will happen when a user in London enters the name of your domain in a browser? (Choose all that apply.)
CorrectIncorrect -
Question 58 of 60
58. Question
A company runs an application on a large fleet of Amazon EC2 instances to process financial transactions. The company needs to restore the DB instance to the latest possible time after experiencing a power outage.
Which action should a SysOps administrator take to meet this requirement?
CorrectIncorrect -
Question 59 of 60
59. Question
You are working for a content management company as a SysOps Administrator. The company needs a storage service that provides the scale and performance the content management applications require such as high throughput and low-latency file operations. In addition, their data needs to be stored redundantly across multiple AZs and allows concurrent connections from multiple EC2 instances hosted on multiple AZs.
Which of the following AWS storage services is most suitable for the project?
CorrectIncorrect -
Question 60 of 60
60. Question
A company runs several production workloads on Amazon EC2 instances. The company wants to create an automated pipeline to build and maintain a customized EC2 Image Builder image using the Create image pipeline console wizard.
Which of the following is the FIRST step to create an image pipeline workflow?
CorrectIncorrect