FREE PRACTICE QUESTIONS
AWS Certified SysOps Administrator
Are you ready to sit your AWS SysOps Administrator Associate exam? Test your knowledge with these free practice questions. To give you a taste of our popular AWS Certified SysOps practice exams, we have compiled these free AWS quiz questions. No sign-up required. Simply click on the AWS sample questions below to reveal the right answers along with explanations and reference links. If you’re looking for more free AWS practice questions, sign-up for our free AWS practice test for the AWS Certified SysOps Administrator Associate.
Click on the AWS SysOps sample questions below to reveal the correct answers and explanations with reference links.
The correct answer is C. “Create a change set for the running stack”.
Explanation:
Change sets allow you to preview how proposed changes to a stack might impact your running resources. For example, you can check whether your changes will delete or replace any critical resources.
AWS CloudFormation makes the changes to your stack only when you decide to execute the change set, allowing you to decide whether to proceed with your proposed changes or explore other changes by creating another change set. You can create and manage change sets using the AWS CloudFormation console, AWS CLI, or AWS CloudFormation API.
A. “Implement a blue/green strategy using AWS Elastic Beanstalk” is incorrect. In this case, Elastic Beanstalk is not being used, the Administrator needs to review changes directly to an AWS CloudFormation infrastructure stack. If you use Elastic Beanstalk you would make change in the EB console, not in the CloudFormation stack.
B. “Perform a canary deployment using Application Load Balancers and target groups” is incorrect. You cannot perform canary deployments of CloudFormation updates using ALBs and target groups. This is a strategy you might use with AWS CodeDeploy.
D. “Submit the update using the UpdateStack API call” is incorrect. This API action will immediately start the update. The correct API action would be “create-change-set”.
References:
The correct answer is A. “Enable flow logs on the NAT gateway elastic network interface and use Amazon CloudWatch insights to filter data based on the source IP addresses”.
Explanation:
VPC flow logs can be enabled on either the NAT gateway elastic network interface or the VPC. Amazon CloudWatch Insights can then be used to filter the data based on the source IP addresses.
For example, to find which instances are sending the most traffic through your NAT gateway, run the following query:
Note: you don’t need to know the specifics of how to define a filter; the above is purely to illustrate how you might do this if you’re interested (also see article linked below).
B. “Run an AWS Cost and Usage report and group the findings by instance ID” is incorrect. You cannot find this information in the cost and usage report.
C. “Use an Elastic IP on each instance, monitor the metrics generated in Amazon CloudWatch, and filter by instance ID” is incorrect. There is no need to add an EIP to each instance and you will not find this information in CloudWatch (it has performance metrics, not flow logs).
D. “View the Amazon CloudTrail logs and look for the API actions to use the NAT gateway” is incorrect. CloudTrail monitors API actions and there are no API actions issued to send data through a NAT gateway.
References:
https://aws.amazon.com/premiumsupport/knowledge-center/vpc-find-traffic-sources-nat-gateway/
The correct answers are B. “Attach a virtual private gateway to the VPC and configure routing” and D. “Configure a VPN connection back to the corporate office”.
Explanation:
The best solution for this requirement is to configure an AWS site-to-site virtual private network (VPN). To do this you must add a virtual private gateway to the VPC, update the route table, and configure the customer gateway to connect the VPN to the corporate office.
The following diagram shows the key components of the configuration for this scenario.
A. “Attach a NAT gateway to the VPC and configure routing” is incorrect. NAT gateways are used to enable internet connectivity for instances in private subnets. In this case, internet connectivity should be restricted.
C. “Attach an internet gateway to the VPC and configure routing” is incorrect. An internet gateway is used for internet connectivity which should be restricted in this case. An internet gateway is not required for a VPN connection.
E. “Configure a Network Load Balancer in front of the EC2 instances” is incorrect. This does not enable secure access to the corporate network that avoids the internet.
References:
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario4.html
Free AWS SysOps Practice Test
Access more free AWS SysOps practice questions with detailed answers, explanations and reference links
20
questions
Pass mark
72%
Exam
Coverage
This free AWS practice exam for the AWS SysOps Administrator Associate consists of 20 questions with a mix of questions on core AWS services, including Amazon EC2, AWS Systems Manager, and Amazon S3. Please note that unlike our exam simulator, this free AWS practice test is not timed – so you can take as much time as required to answer each question. At the end of the AWS practice exam, you get to review your answers and find detailed explanations why each answer is correct or incorrect along with reference links for each question. This will help you identify your strength and weaknesses.
Practice makes perfect! To maximize your chances of success, enroll in our training courses for the AWS SysOps Administrator that include a video course, practice exams / exam simulator and training notes (PDF).
The AWS SysOps Administrator practice exam course consists of 4 full-length practice tests with 65 questions each.
Our Practice Exams are delivered in 4 different modes:
(1) Exam Mode (timed)
Full-length practice exams are timed and scored – mirroring the difficulty of the real exam questions.
(2) Training Mode (not timed)
When taking the practice exam in training mode, the answers and explanations for every question are revealed instantly when clicking “check”.
(3) Knowledge Reviews (Deep Dive)
You are presented with a series of questions that focus on one specific topic.
(4) Final Exam Simulator (timed and scored)
Assess your exam readiness with the final exam simulator that mimics the real AWS exam environment. 65 Practice questions are randomly selected from our pool of exam-difficulty questions.
Sign up for our monthly or yearly plans to access our popular AWS SysOps Administrator training – simply the best way to ensure you pass your exam the first time with a great score.
Everything you need to know about the official AWS Certified SysOps Administrator Associate Exam (SOA-C02)
| Exam Name: | AWS Certified SysOps Administrator Associate |
| Exam Duration: | 180 Minutes |
| Exam Level: | Associate |
| Passing Score: | 72% |
| Eligibility/Pre-requisite: | None |
| Validity: | 3 years |
| Exam Code: | SOA-C02 |
| Exam Format: | Multiple choice, multiple response, exam lab |
| Number of Questions: | 55 Questions |
| Exam Fee: | $150 |
| Exam Language: | English, Japanese, Korean, Simplified Chinese |
| Exam Delivery Format: | Pearson VUE testing center or online proctored exam |
| Official Exam Guide | Download the Offical Exam Guide |