試験科目：AWS Certified SysOps Administrator - Associate
問題と解答：全325問 AWS-SysOps 関連復習問題集
NO.1 Your business is building a new application that will store its entire customer database on a
RDS MySQL database, and will have various applications and users that will query that data for
Large analytics jobs on the database are likely to cause other applications to not be able to get the
query results they need to, before time out. Also, as your data grows, these analytics jobs will start to
take more time, increasing the negative effect on the other applications.
How do you solve the contention issues between these different workloads on the same data?
A. Use ElastiCache to offload the analytics job data
B. Create RDS Read-Replicas for the analytics work
C. Run the RDS instance on the largest size possible
D. EnableMulti-AZ mode on the RDS instance
NO.2 A user has created a subnet in VPC and launched an EC2 instance within it. The user has not
selected the option to assign the IP address while launching the instance. Which of the below
mentioned statements is true with respect to this scenario?
A. The user can directly attach an elastic IP to the instance
B. The user would need to create an internet gateway and then attach an elastic IP to the instance to
connect from internet
C. The instance will always have a public DNS attached to the instance by default
D. The instance will never launchif the public IP is not assigned
A Virtual Private Cloud (VPC. is a virtual network dedicated to the user's AWS account. A user can
create a subnet with VPC and launch instances inside that subnet. When the user is launching an
instance he needs to select an option which attaches a public IP to the instance. If the user has not
selected the option to attachthe public IP then it will only have a private IP when launched. The user
cannot connectto the instance from the internet. If the user wants an elastic IP to connect to the
instance from the internet he should create an internet gateway and assign an elastic IP to instance.
NO.3 A user has launched an EC2 instance and deployed a production application in it. The user
wants to prohibit any mistakes from the production team to avoid accidental termination. How can
the user achieve this?
A. The usercan the set DisableApiTermination attribute to avoid accidental termination
B. It is not possible to avoid accidental termination
C. The user can set the Deletion termination flag to avoid accidental termination
D. The user can set the InstanceInitiatedShutdownBehavior flag to avoid accidental termination
AWS-SysOps 更新版 AWS-SysOps 合格点
It is always possible that someone can terminate an EC2 instance using the Amazon EC2 console,
command line interface or API by mistake. If the admin wants to prevent the instancefrom being
accidentally terminated, he can enable termination protection for that instance. The
DisableApiTermination attribute controls whether the instance can be terminated using the console,
CLI or API. By default, termination protection is disabled for an EC2 instance. When it is set it will not
allow the user to terminate the instance from CLI, API or the console.
NO.4 A user has created a VPC with CIDR 18.104.22.168/16 using the wizard. The user has created a public
subnet CIDR (22.214.171.124/24. and VPN only subnets CIDR (126.96.36.199/24. along with the VPN gateway (vgw-
12345. to connect to the user's data center. The user's data center has CIDR 172.28.0.0/12. The user
has also setup a NAT instance (i-123456. to allow traffic to the internet from the VPN subnet. Which
of the below mentioned options is not a valid entry for the main route table in this scenario?
A. Destination: 0.0.0.0/0 and Target: i-12345
B. Destination: 172.28.0.0/12 and Target: vgw-12345
C. Destination:188.8.131.52/24 and Target: i-12345
D. Destination: 184.108.40.206/16 and Target: local
The user can create subnets as per the requirementwithin a VPC. If the user wants to connect VPC
from his own data center, he can setup a public and VPN only subnet which uses hardware VPN
access to connect with his data center. When the user has configured this setup with Wizard, it will
create a virtualprivate gateway to route all traffic of the VPN subnet. If the user has setup a NAT
instance to route all the internet requests then all requests to the internet should be routed to it. All
requests to the organization's DC will be routed to the VPN gateway.
Here are the valid entries for the main route table in this scenario:
Destination: 0.0.0.0/0 & Target: i-12345 (To route all internet traffic to the NAT Instance.
Destination: 172.28.0.0/12 & Target: vgw-12345 (To route all the organization's data center traffic to
the VPN gateway.
Destination: 220.127.116.11/16 & Target: local (To allow local routing in VPC.