試験科目：AWS Certified SysOps Administrator - Associate
問題と解答：全303問 AWS-SysOps 対策
NO.1 A user is configuring a CloudWatch alarm on RDS to receive a notification when the CPU
utilization of RDS is higher than 50%. The user has setup an alarm when there is some inactivity on
RDS, such as RDS unavailability. How can the user configure this?
A. Setup the notification when the CPU is more than 75% on RDS
B. Setup the notification when the state is Insufficient Data
C. It is not possible to setup the alarm on RDS
D. Setup the notification when the CPU utilization is less than 10%
Amazon CloudWatch alarms watch a single metric over a time period that the user specifies and
performs one or more actions based on the value of the metric relative to a given threshold over a
number of time periods. The alarm has three states: Alarm, OK and Insufficient data. The Alarm will
change to Insufficient Data when any of the three situations arise: when the alarm has just started,
when the metric is not available or when enough data is not available for the metric to determine the
alarm state. If the user wants to find that RDS is not available, he can setup to receive the notification
when the state is in Insufficient data.
NO.2 A user has created a Cloudformation stack. The stack creates AWS services, such as EC2
instances, ELB, AutoScaling, and RDS. While creating the stack it created EC2, ELB and AutoScaling but
failed to create RDS. What will Cloudformation do in this scenario?
A. Cloudformation can never throw an error after launching a few services since it verifies all the
steps before launching
B. It will wait for the user's input about the error and correct the mistake after the input
C. Rollback all the changes and terminate all the created services
D. It will warn the user about the error and ask the user to manually create RDS
AWS Cloudformation is an application management tool which provides application modelling,
deployment, configuration, management and related activities. The AWS Cloudformation stack is a
collection of AWS resources which are created and managed as a single unit when AWS
CloudFormation instantiates a template. If any of the services fails to launch, Cloudformation will
rollback all the changes and terminate or delete all the created services.
NO.3 A user has configured ELB with SSL using a security policy for secure negotiation between the
client and load balancer. The ELB security policy supports various ciphers. Which of the below
mentioned options helps identify the matching cipher at the client side to the ELB cipher list when
client is requesting ELB DNS over SSL?
A. Server Order Preference
B. Client Configuration Preference
C. Load Balancer Preference
D. Cipher Protocol
Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a
Security Policy. It is used to negotiate the SSL connections between a client and the load balancer.
When client is requesting ELB DNS over SSL and if the load balancer is configured to support the
Server Order Preference, then the load balancer gets to select the first cipher in its list that matches
any one of the ciphers in the client's list. Server Order Preference ensures that the load balancer
determines which cipher is used for the SSL connection.
NO.4 A user is launching an EC2 instance in the US East region.
Which of the below mentioned options is recommended by AWS with respect to the selection of the
A. Do not select the AZ; instead let AWS select the AZ
B. Always select the US-East-1-a zone for HA
C. The user can never select the availability zone while launching an instance
D. Always select the AZ while launching an instance
When launching an instance with EC2, AWS recommends not to select the availability zone (AZ.. AWS
specifies that the default Availability Zone should be accepted. This is because it enables AWS to
select the best Availability Zone based on the system health and available capacity. If the user
launches additional instances, only then an Availability Zone should be specified. This is to specify the
same or different AZ from the running instances.