The scenarios and solutions in the tables below are commonly found on the AWS Certified SysOps Administrator Associate certification exam. Use these to gain an understanding of the type of knowledge required to pass this challenging exam. You can learn all of this knowledge and more and get access to hundreds more exam scenarios in the value-packed video course from Digital Cloud Training. These scenarios and many more are also covered in our practice test course for the SOA-C02 exam.
Amazon EC2 and AWS Lambda
Administrator needs to check if any Amazon EC2 instances will be affected by scheduled hardware maintenance
Check the AWS Personal Health Dashboard
Scheduled hardware maintenance will affect a critical EC2 instance
Stop and start the instance to move it to different underlying hardware
When launching an EC2 instance the InsufficientInstanceCapacity error is experienced
This means AWS does not currently have enough capacity to service the request for that instance type. Try a different AZ or instance type
The error InstanceLimitExceeded is experienced when launching EC2 instances
EC2 instance limits have been reached, need to contact support to request an increased limit
System status checks are failing for an EC2 instance
Stop and start again to move to a new host
Elastic Load Balancing and Auto Scaling
Design required for highly available and secure website on EC2 with ALB, and DB on EC2
Launch ALB in public subnets, web servers in private subnets and DB layer in private subnets – all layers across AZs
HealthyHostCount metrics for an ALB have dropped from 6 to 2. Need to determine the cause
The health checks on target EC2 instances are failing
An instance attached to an ALB exceeded the UnhealthyThresholdCount for consecutive health check failures. What will happen?
Health checks will continue and the ALB will take the instance out of service
Requirement to track the source IP of clients and the instance that processes the request
Check the ALB access logs for this information
503 and 504 errors experienced and instances have high CPU utilization
Need to restrict access to a bucket based on source IP range
Use bucket policy with “Condition”: “NotIpAddress”: statement
Need to control access to group of EC2 instances with specific tags
Use an IAM policy with a condition element granting access based on the tag and attach an IAM policy to the user or groups that require access
IAM policy for SQS queue allows too much access. Who is responsible for correcting the issue?
According the AWS shared responsibility mode, this is a customer responsibility
Data is encrypted with AWS KMS customer-managed CMKs. Need to enable rotation ensuring the data remains readable
Just enable key rotation in AWS KMS for the CMK (backing key is rotated, data key is not changed)
You can gain all of the knowledge required to pass this challenging exam using our ultimate training package for the AWS SysOps Administrator Associate exam. Get access to many more AWS SysOps exam scenarios, 260 practice questions, and over 15 hours of on-demand videos. Enroll now!