Amazon Web Services (AWS) - Set #1

Powered by Techhyme.com

You have a total of 130 minutes to finish the practice test of AWS Certified SysOps Administrator to test your knowledge.

1. You are a system administrator and you need to view the metrics that are available in the Amazon EC2 instance namespace. What command can you type into the Amazon CLI?
  • A. aws cloudwatch list-instances --namespace AWS/EC2
  • B. aws cloudwatch list-metrics --name AWS/EC2
  • C. aws cloudwatch list-metrics --namespace AWS/EC2
  • D. aws cloudwatch list-instances --name AWS/EC2
Answer - C
Explanation - The correct command to view the metrics available in the Amazon EC2 instance namespace is aws cloudwatch list-metrics --namespace AWS/EC2. The others are not using the appropriate commands/syntax.
2. Where can you look up metrics that are available in Amazon CloudWatch?
  • A. EC2 Console
  • B. CloudWatch Console
  • C. CloudTrail Console
  • D. Trusted Advisor Console
Answer - B
Explanation - You can look up available Amazon CloudWatch metrics in the CloudWatch Console, which is available inside of the AWS Management Console. Once you are in the CloudWatch Console, simply click Metrics and then you can search for the desired metric. You can’t look up Amazon CloudWatch metrics in the Amazon EC2 Console, the Amazon CloudTrail Console or the Amazon Trusted Advisor Console.
3. How can you access Amazon CloudWatch?
  • A. Amazon CloudWatch Console
  • B. AWS CLI
  • C. CloudWatch API
  • D. All of the above
Answer - D
Explanation - You can access Amazon CloudWatch via the Amazon CloudWatch Console, the AWS CLI, the Amazon CloudWatch API, and the AWS SDK (this was not listed as an option in this question but is a valid method to access Amazon CloudWatch).
4. Which service can use Amazon CloudWatch alarms to increase or decrease capacity based on compute load (CPU utilization, etc.)?
  • A. AWS Lambda
  • B. Amazon S3
  • C. Amazon EC2 Auto Scaling
  • D. Amazon VPC
Answer - C
Explanation - Amazon EC2 Auto Scaling can be set up to utilize Amazon CloudWatch alarms to trigger when an autoscaling event needs to occur. AWS Lambda scales automatically as needed, and Amazon S3 and Amazon VPC are not related to compute load.
5. Which of the following are valid alarm states for Amazon CloudWatch? (Choose three.)
  • A. ALARM
  • B. OK
  • C. READY
  • D. INSUFFICIENT_DATA
  • E. OFFLINE
  • F. WARNING
Answer - A, B and D
Explanation - ALARM, OK, and INSUFFICIENT_DATA are valid alarm states for AWS CloudWatch. READY, OFFLINE, and WARNING were made up for this question.
6. You have been asked to create Amazon CloudWatch alarms for each of your organization’s 600 servers, which all reside within the same region. Assuming you create five alarms per server, will you be able to create alarms for each of the servers?
  • A. Yes, because the limit is 5000 alarms per region.
  • B. Yes, because the limit is 3500 alarms per region.
  • C. Yes, because the limit is 10,000 alarms per region.
  • D. No, you can’t create that many alarms in a single region.
Answer - A
Explanation - You will be able to do as you have been asked since a single region can have up to 5000 Amazon CloudWatch alarms.
7. You are a system administrator at your company, and you have been asked to check why an existing Amazon CloudWatch alarm is showing INSUFFICIENT_DATA for one of your established servers. What is the best explanation for why this is occurring?
  • A. CloudWatch is experiencing an outage.
  • B. Not enough data is available for the metric to determine whether it should be OK or ALARM.
  • C. The alarm has only just been started, so it doesn’t have enough data to determine if the state should be OK or ALARM.
  • D. The server is offline so no metrics are available.
Answer - B
Explanation - INSUFFICIENT_DATA occurs for a few reasons. In this case, an existing alarm was showing this alarm state on an established server. The best explanation as to why this is occurring is that there is not enough data available for the metric to determine whether it should be in OK or ALARM, so the data is most likely missing. It is highly unlikely that CloudWatch is experiencing an outage, especially since this is a single server having the issue. As this is a server that is established and has been monitored for a while, it is unlikely that the alarm has just been started. If your server is offline, you will most likely be getting calls stating that an application or service is unavailable. Since this is not the case, the server is probably online.
8. You are a system administrator at your company, and you have been asked to check why a new Amazon CloudWatch alarm is showing INSUFFICIENT_DATA for one of your established servers. What is the best explanation for why this is occurring?
  • A. CloudWatch is experiencing an outage.
  • B. Not enough data is available for the metric to determine whether it should be OK or ALARM.
  • C. The alarm has only just been started, so it doesn’t have enough data to determine if the state should be OK or ALARM.
  • D. The server is offline so no metrics are available.
Answer - C
Explanation - INSUFFICIENT_DATA occurs for a few reasons. In this case, a new alarm was showing this alarm state on an established server. The best explanation as to why this is occurring is that there is not enough data available for the metric to determine whether it should be in OK or ALARM because the alarm has just started. It is highly unlikely that CloudWatch is experiencing an outage, especially since this is a single server having the issue. If your server is offline, you will most likely be getting calls stating that an application or service is unavailable. Since this is not the case, the server is probably online.
9. Your bosses have come to you and have asked you if there is a way for them to get real-time notifications if a certain Amazon CloudWatch alarm is triggered. What should your bosses do to ensure that they can get realtime notifications? The answer should minimize administrative overhead.
  • A. Subscribe to an SNS topic that will send an SMS text message when the Amazon CloudWatch alarm is triggered.
  • B. Write a custom AWS Lambda function that will send an email when the Amazon CloudWatch alarm is triggered.
  • C. Use an SQS queue to deliver messages when an Amazon CloudWatch alarm is triggered.
  • D. Use a third-party solution to send notifications via SMS text message when an Amazon CloudWatch alarm is triggered.
Answer - A
Explanation - An SNS topic can send text (SMS) messages when an Amazon CloudWatch alarm is triggered. Your bosses would need to subscribe to the SNS topic, and then they will be able to receive text messages when the Amazon CloudWatch alarm is triggered. While you could write a custom Lambda function to send an email, emails are not real-time notification. Since the Lambda function would need to be written and maintained, it would have higher administrative overhead than the SNS topic would. An SQS queue is wrong in this case as these queues are designed to handle communications between applications, services and microservices. SQS queues don’t sent SMS text messages. The answer to questions on AWS exams will never be third-party solutions.
10. You need to set up an Amazon CloudWatch alarm that will trigger after four failed evaluations of the alarm metrics in a 5-minute period. What do you need to set the evaluation period and the data points to alarm to so that you get the desired result?
  • A. Data points to alarm should be set to 5. Evaluation period should be set to 1 minute.
  • B. Data points to alarm should be set to 4. Evaluation period should be set to 5 minutes.
  • C. Data points to alarm should be set to 5. Evaluation period should be set to 5 minutes.
  • D. Data points to alarm should be set to 4. Evaluation period should be set to 1 minute.
Answer - D
Explanation - You can get to your evaluation interval (the 5-minute time period) by multiplying the number of data points by the number of units in the time period. Since you want Amazon CloudWatch to trigger an alarm after four failed evaluations in a 5-minute period, you would set data points to alarm at 4, and the evaluation period would need to be 1 minute.
11. Your boss has asked you to ensure that the 5-minute data points from CloudWatch are available for at least 60 days. What do you need to change within Amazon CloudWatch to ensure that you have at least 60 days’ worth of 5-minute data points?
  • A. Nothing, Amazon CloudWatch can’t retain data points that long.
  • B. Nothing. By default, Amazon CloudWatch keeps 5-minute data points for 63 days.
  • C. Create an archive to maintain 5-minute data points for at least 60 days.
  • D. Set Amazon CloudWatch to never delete the 5-minute data points.
Answer - B
Explanation - Amazon CloudWatch keeps 1-minute data points for 15 days, 5-minute data points for 63 days, and 1 hour data points for 455 days. You can’t “create” an archive for data points, though you can archive them with an API call using GetMetricStatistics. You can’t set CloudWatch to never delete data points.
12. What is a namespace in Amazon CloudFront?
  • A. A logical grouping of Amazon CloudWatch metrics
  • B. A logical grouping of Amazon CloudWatch alerts
  • C. A logical grouping of Amazon CloudWatch logs
  • D. A logical grouping of report names for Amazon CloudWatch
Answer - A
Explanation - Namespaces are used to group together Amazon CloudWatch metrics that are used for a similar source. For instance, AWS/EC2 is the namespace for Amazon EC2 metrics in Amazon CloudWatch.
13. In which Amazon CloudWatch namespace would the metrics for EC2 be located?
  • A. AWS/ELB
  • B. AWS/EBS
  • C. AWS/EC2
  • D. AWS/Auto Scaling
Answer - C
Explanation - Metrics for Amazon EC2 are located in the AWS/EC2 namespace. AWS/ELB contains the metrics for classic load balancers, AWS/EBS contains the metrics for Amazon EBS, and AWS/Auto Scaling contains the metrics for autoscaling. The names of the namespaces are usually straightforward depending on the service for which you want to locate metrics.
14. In which Amazon CloudWatch namespace would the metrics for an Application Load Balancer be located?
  • A. AWS/ELB
  • B. AWS/ApplicationELB
  • C. AWS/EBS
  • D. AWS/Auto Scaling
Answer - B
Explanation - Metrics for an Application Load Balancer are located in the AWS/ApplicationELB namespace. AWS/ELB contains the metrics for classic load balancers, AWS/EBS contains the metrics for Amazon EBS, and AWS/Auto Scaling contains the metrics for autoscaling. The names of the namespaces are usually straightforward depending on the service for which you want to locate metrics.
15. You have been asked to retrieve some statistics from Amazon CloudWatch for a production server that is having issues. Your organization uses dimensions to further identify custom metrics. You know that the published dimension for the metric contains the following: Dimensions: Server=Production, Site=Location1 Which of the following could be used to retrieve the statistics that you need?
  • A. Server=Production
  • B. Server=Production, Site=Location
  • C. Server=Prod
  • D. Server=Production, Site=Location1
Answer - D
Explanation - You need to search for the statistic with a dimension in the same format that it was published. To retrieve statistics for a server metric that was created with the dimension listed in the question, you would need to specify the dimension in the same format: Server = Production, Site = Location1. Server = Production would not work by itself, and Server = Prod would not work as it is not a valid dimension either. Last, Server = Production, Site = Location is not valid because of the value after Site. It does not match the published dimension.
16. Which of these Amazon EC2 metrics require that an agent be installed on the server so that Amazon CloudWatch can gather the statistics for the system?
  • A. Disk performance
  • B. Network utilization
  • C. Memory utilization
  • D. CPU utilization
Answer - C
Explanation - Memory utilization, including memory used and memory available, requires that an agent be installed on the EC2 instance for Amazon CloudWatch to gather statistics from it. Disk performance, network utilization and CPU utilization work with no agent installed.
17. When using Amazon CloudWatch, there are two types of health checks used for EC2 instances. Which of the following options are valid status checks? (Choose two.)
  • A. Performance status check
  • B. System status check
  • C. Health status check
  • D. Virtual machine status check
  • E. Instance status check
Answer - B and E
Explanation - EC2 instances have two types of status checks in Amazon CloudWatch, system status checks and instance status checks. System status checks monitor the hardware that the instance is using, whereas instance status checks monitor the network configuration and the software on your individual EC2 instances. The other types of checks were made up for this question.
18. You are a system administrator for a mid-size financial institution. You are checking the health of your company’s assets when you notice that CloudWatch is indicating that one of your EC2 instances has failed its instance status check. Which of the following is a possible cause?
  • A. Exhausted memory
  • B. Incompatible application installed
  • C. Software license key has expired.
  • D. Wrong OS is installed.
Answer - A
Explanation - There are many reasons an instance status check might fail. The most common issues include exhausted memory, a filesystem that has become corrupted, an incompatible kernel version, incorrect networking configurations, and possibly incorrect startup configurations.
19. You are a system administrator for a mid-size financial institution. You are checking the health of your company’s assets when you notice that CloudWatch is indicating that one of your EC2 instances has failed its instance status check. Which of the following is a possible cause?
  • A. Wrong OS is installed.
  • B. The filesystem is NTFS.
  • C. Corrupted filesystem
  • D. The filesystem is ext4.
Answer - C
Explanation - There are many reasons an instance status check might fail. The most common issues include exhausted memory, a filesystem that has become corrupted, an incompatible kernel version, incorrect networking configurations, and possibly incorrect startup configurations.
20. You are a system administrator for a mid-size financial institution. You are checking the health of your company’s assets when you notice that CloudWatch is indicating that one of your EC2 instances has failed its instance status check. Which of the following is a possible cause?
  • A. IPv4 is enabled.
  • B. Subnet is too large.
  • C. Wrong OS is installed.
  • D. Incorrect network configurations
Answer - D
Explanation - There are many reasons an instance status check might fail. The most common issues include exhausted memory, a filesystem that has become corrupted, an incompatible kernel version, incorrect networking configurations, and possibly incorrect startup configurations.
21. You want to check the status of your Amazon EC2 instances. What is the command that you would enter into the AWS CLI to check the status of your instances?
  • A. aws cloudfront check-instance-status
  • B. aws cloudfront describe-instance-status
  • C. aws ec2 check-instance-status
  • D. aws ec2 describe-instance-status
Answer - D
Explanation - The command to check the status of your Amazon EC2 instances is aws ec2 describe-instance-status. The others were made up for this question and are not actual commands.
22. You have been asked to ensure that some of your organization’s junior system administrators can access Amazon CloudWatch to look at metrics. They have very limited credentials currently. Which policy can they be given that will enable them to view CloudWatch metrics without granting them additional access to the other AWS services?
  • A. CloudWatchReadOnlyAccess
  • B. CloudWatchMetricsAccess
  • C. MetricsReadOnlyAccess
  • D. AmazonEC2ReadOnly
Answer - A
Explanation - The managed policy CloudWatchReadOnlyAccess will give users the ability to view the metrics in CloudWatch without needing to gain access to the other AWS services. AmazonEC2ReadOnly would give them read-only permissions to EC2 but would not give them the permissions they need for Amazon CloudFront to work properly. The other two options, CloudWatchMetricsAccess and MetricsReadOnlyAccess, don’t actually exist.
23. Your boss has asked you to ensure that your Amazon EC2 instances have metrics being measured every 5 minutes. What type of monitoring should you use?
  • A. Standard
  • B. Basic
  • C. Advanced
  • D. Detailed
Answer - B
Explanation - Basic monitoring provides metrics every 5 minutes, whereas detailed monitoring provides metrics every minute. The other two options are not valid monitoring types.
24. Your boss has asked you to ensure that your Amazon EC2 instances have metrics being measured every minute. What type of monitoring should you use?
  • A. Standard
  • B. Basic
  • C. Advanced
  • D. Detailed
Answer - D
Explanation - Basic monitoring provides metrics every 5 minutes, whereas detailed monitoring provides metrics every minute. The other two options are not valid monitoring types.
25. You want to be able to store all of your log files from onpremises systems and AWS systems. Which AWS solution will allow you to store all of your log files in one place that will allow Amazon cloudWatch to monitor them?
  • A. Amazon S3
  • B. Amazon CloudWatch Events
  • C. Amazon CloudWatch Logs
  • D. Amazon EBS
Answer - C
Explanation - With Amazon CloudWatch Logs you can monitor logs from systems that are running in your on-premises datacenter or that are running in your AWS environment. Amazon CloudWatch Events is what sends the metrics to Amazon CloudWatch. Amazon S3 and Amazon EBS are both storage solutions but in this case would not be the correct response.
26. You are wanting to move some Solaris servers to AWS from your on-prem datacenter and you would like to take advantage of CloudWatch Logs. Will you be able to install the agent for Linux on your Solaris servers?
  • A. Yes. All versions of Unix and Linux support the Amazon CloudWatch Logs agent.
  • B. Yes. Solaris is supported with the Amazon CloudWatch Logs agent.
  • C. No. Solaris doesn’t support Python, which is a requirement of the Amazon CloudWatch Logs agent.
  • D. No. Solaris isn’t supported with the Amazon CloudWatch Logs agent.
Answer - D
Explanation - Supported Linux versions are Amazon Linux, Ubuntu, CentOS, Red Hat Enterprise Linux, and Debian. Solaris is not on the supported list. This is one of those things that you will just have to remember for the exam. As a side note, the Amazon CloudWatch Logs agent does in fact require Python. You can run version 2.6 and up.
27. You want to ensure that you are able to update your Amazon CloudWatch Logs agent on your Red Hat Linux servers without having to manually copy and install the update package. How can you accomplish this task with the least amount of administrative overhead?
  • A. Use wget to copy the package to the server then run it.
  • B. Use the Red Hat Package Manager to install awslogs.
  • C. Copy the package via FTP with an automated file transfer service.
  • D. You can’t update the CloudWatch Logs agent automatically.
Answer - B
Explanation - You can use Red Hat Package Manager to install awslogs updates by using the sudo yum update -y command. This command can be scheduled in a cron job so that it is done automatically on a scheduled basis. Using wget to copy the package still results in a manual process, which is what you are trying to avoid in this question. Copying the package via FTP still results in manual process. While you could script the installation of the package, the creation and the maintenance of the script result in higher administrative overhead.
28. You have chosen to update an existing server’s Amazon CloudWatch agent using the Red Hat Package Manager (RPM). When the agent was first installed, a Python script was used. Since the update through RPM, you are no longer receiving logs in Amazon CloudWatch. When you check the server, you find that the configuration has changed. What is the most likely cause?
  • A. Configuration issues are caused by updating the agent with Red Hat Package Manager because RPM has technical limitations.
  • B. The Linux server needs to be restarted for the updated agent installation to take effect and start sending logs to Amazon CloudWatch.
  • C. Configuration issues are caused by updating the agent with Red Hat Package Manager when it was installed by Python initially.
  • D. The wrong agent installation package was used; you mistakenly ran the Debian package instead of the RPM package.
Answer - C
Explanation - When the Amazon CloudWatch Agent for Linux is originally installed by a Python script, then is later updated with RPM, configuration issues may result. RPM has no technical limitations that would result in the configuration issue mentioned. The update package in question would not require a restart for the agent to start sending logs to Amazon CloudWatch. A Debian package will generally not install on a Red Hat Linux–based system.
29. Which is a type of log that you can get from the Amazon CloudWatch Logs agent for Windows?
  • A. Firmware log
  • B. Proprietary logs
  • C. Website
  • D. IIS logs
Answer - D
Explanation - The Amazon CloudWatch Logs agent for Windows can be used to send IIS logs to CloudWatch.
30. Which is a type of log that you can get from the Amazon CloudWatch Logs agent for Windows?
  • A. Firmware log
  • B. System logs
  • C. Website
  • D. Boot diagnostics logs
Answer - B
Explanation - The Amazon CloudWatch Logs agent for Windows can be used to send system logs to CloudWatch.
31. The Amazon CloudWatch Logs agent for Windows has been installed on an EC2 instance running Windows Server 2016. You look for the EC2Config service but can’t find it running. Logs are flowing into Amazon CloudWatch, but why do you not see the EC2Config service as you would on other older servers?
  • A. EC2Config service is not supported for Windows Server 2016.
  • B. There is an issue with the CloudWatch Logs Agent for Windows.
  • C. Your installation of Windows Server 2016 needs to be updated.
  • D. The CloudWatch Logs Agent didn’t actually install; the logs are getting to Amazon CloudWatch another way.
Answer - A
Explanation - The EC2Config service is no longer supported in Windows Server 2016. Instead, you must use the Systems Manager (SSM) Agent. Since logs are getting to Amazon CloudWatch, you can rule out an issue with the log agent. The log agent does not rely on any specific update…the EC2Config service is not supported on Windows Server 2016 regardless of patch level. Amazon CloudWatch has no visibility into the internal workings of the server, including OS- and application-level logs without the log agent. If the log agent was not installed, you would not be getting logs sent to Amazon CloudWatch at all.
32. You work for a hospital and must ensure that your log data is encrypted at all times. Does Amazon CloudWatch meet this requirement?
  • A. Yes, but you have to configure it when you install the log agent.
  • B. No. Log data is only encrypted in transit.
  • C. Yes. Log data is encrypted at rest and in transit.
  • D. No. Log data is only encrypted at rest.
Answer - C
Explanation - Log data is encrypted in transit and at rest within Amazon CloudWatch. This requires no special configuration on the part of a system administrator.
33. Your supervisor has asked you if there is a way to create reports with billing data so that they can view billing by usage, or the cost per individual log group. What should you tell your boss?
  • A. Yes. AWS allows you to get this information with detailed billing.
  • B. Yes. AWS allows you to get this information with basic billing.
  • C. No. AWS does not allow you to get this information.
  • D. No. AWS does not give you the ability to create reports in this way.
Answer - A
Explanation - Detailed billing was made available to AWS customers back in December 2016. Detailed billing gives customers the ability to create reports to review usage in the AWS account, or the cost associated with individual log groups. There’s no such thing as basic billing.
34. How many tags can you have in an Amazon CloudWatch log group?
  • A. 35
  • B. 50
  • C. 100
  • D. 500
Answer - B
Explanation - Each log group in Amazon CloudWatch can utilize up to 50 tags.
35. Your accounting department wants to know if there is a way to identify resources in Amazon cloudWatch so that they can bill back to the individual departments that are utilizing AWS resources. What is the best method you can tell your accounting department to use?
  • A. Accounting will need to manually track which department needs to get billed for various resources.
  • B. You can add a prefix to all of the alert names and resource names and Accounting can search on the prefix.
  • C. Tags can be used for resources and log groups in order to identify which department to bill.
  • D. There is no way to track which department is using which resources.
Answer - C
Explanation - The best solution for your accounting department would be to use tags to identify the department that resources should be billed to. Tags will allow them to filter views in Amazon Cost Explorer. While your accounting department could certainly track usage manually, it is not the best method. You could prefix the names of most things with a department code, but that is a very manual process and not as easy to filter on.
36. Your security team has contacted you with concerns regarding the activity of a user in the AWS Management Console. Which service allows you to view all of the activity that was generated under their account?
  • A. AWS IAM
  • B. AWS Trusted Advisor
  • C. Amazon CloudWatch
  • D. AWS CloudTrail
Answer - D
Explanation - AWS CloudTrail allows you to audit all API access including access from the AWS Management Console, AWS API, and the AWS CLI. While AWS IAM gives you the ability to add users and specify how they will authenticate and be authorized to use services, it does not provide auditing. AWS Trusted Advisor provides recommendations based on security, cost savings, etc., but does not provide auditing. Amazon CloudWatch is used to monitor systems and logs but does not audit access either.
37. By default, where are AWS CloudTrail trails stored?
  • A. S3
  • B. EBS
  • C. EFS
  • D. Glacier
Answer - A
Explanation - By default, the trails created by AWS CloudTrail are stored in an S3 bucket that was specified when the trails were created. EBS is used to create drives for EC2 instances, EFS provides a filesystem that systems can map drives to, and Glacier is used for long-term storage archival options.
38. How do Amazon CloudWatch and AWS CloudTrail work together?
  • A. Amazon CloudWatch and AWS CloudTrail don’t work together at all; they are two separate products.
  • B. Amazon CloudWatch monitors performance and availability, and AWS CloudTrail feeds API activity into Amazon CloudWatch.
  • C. Amazon CloudWatch uses AWS CloudTrail to send alerts to end users when a security event occurs.
  • D. Amazon CloudWatch uses AWS CloudTrail to monitor costs related to alerting and monitoring.
Answer - B
Explanation - Amazon CloudWatch monitors performance and availability metrics, and AWS CloudTrail feeds API activity into Amazon CloudWatch Logs. By sending the API activity into Amazon CloudWatch, you are able to configure alarms on events of interest. CloudTrail does not send alerts—it only logs API activity. To get alerts from your trails, you must send the trail data to Amazon CloudWatch Logs. While Amazon CloudWatch can be used for billing alerts, AWS CloudTrail does not have anything to do with billing. It logs API activity.
39. Which type of monitoring is free and updates in 5-minute periods in Amazon CloudWatch?
  • A. Detailed
  • B. Advanced
  • C. Basic
  • D. Simple
Answer - C
Explanation - In Amazon CloudWatch, basic monitoring updates using 5-minute periods, where detailed monitoring updates using 1-minute periods. The other two options were made up for this question.
40. Which type of monitoring updates in 1-minute periods for an additional charge in Amazon CloudWatch?
  • A. Detailed
  • B. Advanced
  • C. Basic
  • D. Simple
Answer - A
Explanation - In Amazon CloudWatch, basic monitoring updates using 5-minute periods, where detailed monitoring updates using 1-minute periods. The other two options were made up for this question.
41. How would you enable Amazon CloudWatch detailed monitoring via the AWS CLI?
  • A. aws ec2 monitor-instances --instance-ids <instance-id>
  • B. aws ec2 watch-instances --instance-ids <instance-id>
  • C. aws cloudwatch monitor-instances --instanceids <instance-id>
  • D. aws cloudwatch watch-instances --instanceids <instance-id>
Answer - A
Explanation - aws ec2 monitor-instances --instance-ids <instance-id> will enable detailed monitoring for the EC2 instance specified by the instance-id provided in the command. The other commands don’t exist.
42. How would you disable Amazon CloudWatch detailed monitoring via the AWS CLI?
  • A. aws cloudwatch unmonitor-instances -- instance-ids <instance-id>
  • B. aws cloudwatch nomonitor-instances -- instance-ids <instance-id>
  • C. aws ec2 unmonitor-instances --instance-ids <instance-id>
  • D. aws ec2 nomonitor-instances --instance-ids <instance-id>
Answer - C
Explanation - aws ec2 unmonitor-instances --instance-ids <instance-id> will disable detailed monitoring for the EC2 instance specified by the instance-id provided in the command. The other commands don’t exist.
43. Your boss wants to know how many read operations are happening across your Amazon EC2 instances. Which type of statistic will be most useful to give your boss the information they want?
  • A. Average
  • B. Maximum
  • C. Minimum
  • D. Sum
Answer - D
Explanation - Using the Sum statistic adds together all of the metrics and is very useful when trying to determine the total amount for any metric. In this example, you might use Sum on the DiskReadOps metric to get the information your boss requested. Average would not give you a total; instead it provides the average of all the metrics. Minimum and Maximum are used to find the highest and lowest metrics, so they would also not meet the criteria.
44. Your boss wants to know the average number of read operations that are happening across your Amazon EC2 instances. Which type of statistic will be most useful to give your boss the information they want?
  • A. Average
  • B. Maximum
  • C. Minimum
  • D. Sum
Answer - A
Explanation - Admittedly this question was a bit easier…if you want to know the average of metrics, then you use an Average statistic. Minimum and Maximum are used to find the highest and lowest metrics so they would not meet the criteria. Sum is used to find the total of a given metric, not the average.
45. Your boss wants to know the highest number of read operations that have occurred across your Amazon EC2 instances within a set span of time. Which type of statistic will be most useful to give your boss the information they want?
  • A. Average
  • B. Maximum
  • C. Minimum
  • D. Sum
Answer - B
Explanation - Using the Maximum statistic will give you the highest metric that has been measured. Minimum would give you the lowest metric measured. Sum is used to find the total of a given metric, and Average is used to find the average metric.
46. Your boss wants to know the lowest number of read operations that have occurred across your Amazon EC2 instances within a set span of time. Which type of statistic will be most useful to give your boss the information they want?
  • A. Average
  • B. Maximum
  • C. Minimum
  • D. Sum
Answer - C
Explanation - Minimum will yield the lowest numbered metric. Maximum would return the highest number, Sum would return the total amount of the metrics that were measured, and Average would return an average of all the metrics that were measured.
47. Your boss wants to know the total number of read operations metrics that have been gathered from across your Amazon EC2 instances within a set span of time. Which type of statistic will be most useful to give your boss the information they want?
  • A. SampleCount
  • B. Sample
  • C. Number
  • D. Sum
Answer - A
Explanation - SampleCount can give you the total number of metrics that are being used in a statistical calculation. This can be helpful if you are trying to determine sample size. Sum gives you the total value of all the metrics added together but not the number of metrics. Sample and Number are not statistics that you can use.
48. Which steps are necessary to be able to aggregate statistics across multiple instances? (Choose two.)
  • A. Choose the Amazon EC2 namespace and select Across All Instances.
  • B. Enable basic monitoring.
  • C. Choose the Amazon CloudWatch namespace and select Across All Instances.
  • D. Enable detailed monitoring.
  • E. Enable standard monitoring.
Answer - A and D
Explanation - In order to aggregate statistics across multiple Amazon EC2 instances, you must first enable detailed monitoring; then in Amazon CloudWatch, you can select the Amazon EC2 namespace, and select Across All Instances. Basic monitoring is enabled by default, but you need detailed monitoring to be able to do what the question asks. The Amazon CloudWatch namespace will not have Amazon EC2–related metrics. Standard monitoring is not a real thing; it was invented for this question.
49. Which are ways that you can choose to filter which statistics you want to view? (Choose three.)
  • A. By specific trails
  • B. By specific instance
  • C. By Auto Scaling group
  • D. By Elastic Load Balancer
  • E. By AMI
  • F. By application load balancer
Answer - B, C and E
Explanation - You can choose to filter statistics by a specific Amazon EC2 instance, an Auto Scaling group, or by the AMI in use. You can’t filter statistics by an AWS CloudTrail trail or by the elastic/application load balancer in use.
50. When an alarm is triggered in Amazon CloudWatch, your boss wants the Amazon EC2 instance to self-heal. How can you automatically reboot an Amazon EC2 instance when it is having issues?
  • A. Set an alarm action to trigger a reboot.
  • B. Set an alarm action to stop the instance.
  • C. Set an alarm action to terminate the instance.
  • D. Set an alarm action to recover the instance.
Answer - A
Explanation - When the desired action is to reboot the Amazon EC2 instance that is having difficulty (failing its health checks for example), you can set the alarm action to trigger a reboot when a particular alarm is activated. Stopping and terminating don’t reboot an Amazon EC2 instance. Recovering the instance does cause a reboot, but it will also migrate the Amazon EC2 instance to another physical host.