10 Trial Questions for AWS SysOps Administrator – Associate Certification

May 5, 2016 | Comments(1) |

Disclaimer: These are not the original questions from the AWS certification, but are some question we designed to help you check your knowledge for this certification.

Amazon Web Services (AWS) Certification is fast becoming the must have certificates for any IT professional working with AWS. AWS SysOps Certification has attained as the most recommended certification for any System Administrator especially working with AWS.It is meant to be the perfect validation of technical expertise of system administration in AWS. This certification approves the experience of provisioning, operating and maintaining the AWS infrastructure.

Here are some sample questions for AWS Certified SysOps Administrator – Associate. Answers and explanation are provided for each question. If you need more clarification on the questions, feel free to comment below the post.


1)You have an Auto Scaling group associated with an Elastic Load Balancer (ELB). Instances launched via Auto Scaling group are being marked unhealthy by the ELB, but these unhealthy instances are not being terminated. What do you need to modify to ensure these instances marked unhealthy by ELB will be terminated and replaced?

A. Change the thresholds set on the Auto Scaling group health check

B. Add an Elastic Load Balancer health check to your Auto Scaling group

C. Increase the value for the Health check interval set on the Elastic Load Balancer

D. Change the health check set on the Elastic Load Balancer to use TCP rather than HTTP checks

2) An organization uses AWS ELB and Auto Scaling for deploying a web application. They use cookie-based sessions for tracking the logged-in users. Auto Scaling spawns new instance when the load on the servers increase, but still the load on existing servers does not reduce immediately. What must be the cause of the poor user experience in spite of increasing the number of instance?

A. TTL at the ELB DNS record is too high

B. New instances are not added under the ELB during the Auto Scaling cooldown period.

C. Website uses the dynamic content which is serving from CloudFront that causes the connection delay.

D. ELB is continuing to send traffic to the previously established sessions on the same instances rather than spreading the traffic across the new instances.

3)What action is required to establish an Amazon Virtual Private Cloud (VPC) VPN connection between an on-premises datacentre and an Amazon VPC virtual private gateway?

A. Establish a dedicated networking connection using AWS Direct Connect

B. Assign a static Internet-routable IP address to an Amazon VPC customer gateway

C. Modify the main route table to allow traffic to a network address translation instance

D. Use a dedicated network address translation instance in the public subnet

4)You have created 4 weighted resource record sets with weights 1, 2, 3 and 4. The probability of 3rd record set being selected by Route53.

A. 3/10th of the time

B. 3/7th of the time

C. 1/4th of the time

D. 1/7th of the time

5) An organization is hosting 2 application servers within a VPC. Which two mechanisms will make sure that in an event of one application server going down, new connections to the application are sent only to the other application server, without having to make any modifications manually?

A. Setting an ELB to route traffic to both the application servers.

B. Create a secondary ENI that can be moved from one application server to another.

C. Use Route 53 health checks to route traffic to a failover instance.

D. Assign a secondary private IP address to the primary ENI that can be moved to a secondary instance.

6)Company ABC has a t2.small instance with 300 GB volume, they want to increase the disk I/O performance. What should be done?

A. Increase the number of instances

B. Use Provisioned IOPS volumes

C. Use spot instances

D. Increase the volume size

7)Given ELB health check interval is 30 secs, unhealthy threshold of 4 and healthy threshold of 8 which of below is true?

A. If an instance fails a health check 4 times consecutively, ELB will stop routing traffic to it

B. After an instance recovers from a long failure, and is up for 2.5 mins, ELB will start routing traffic to it

C. If an instance stops responding continuously for 2.5 mins ELB will stop routing traffic to it

D. As soon as an instance recovers from failure, ELB will start routing traffic to it

8)Which of the following requires a custom CloudWatch metric to monitor?

A. Data transfer of an EC2 instance

B. Available disk space of an EC2 instance

C. Memory Utilization of an EC2 instance

D. CPU Utilization of an EC2 instance

9)A user has setup Auto Scaling with ELB on the EC2 instances. The user wants to configure that whenever the CPU utilization is below 20%, Auto Scaling should remove one instance. How can the user configure this?

A. The user can get an email using SNS when the CPU utilization is less than 20%. The user can use the desired capacity of Auto Scaling to remove the instance

B. Use CloudWatch to monitor the data and Auto Scaling to remove the instances using scheduled actions

C. Configure CloudWatch to send a notification to Auto Scaling Launch Configuration when the CPU utilization is less than 20% and configure the Auto Scaling policy to remove the instance

D. Configure CloudWatch to send a notification to the Auto Scaling group when the aggregated CPU Utilization is less than 20% and configure the Auto Scaling policy to remove the instance.

10) What does the following S3 bucket policy do? { “Version”: “2012-10-17″, “Id”: “S3PolicyId1″, “Statement”: [ { "Sid": "IPAllow", "Effect": "Allow", "Principal": "*", "Action": "s3:*", "Resource": "arn:aws:s3:::cloudthat-training/*", "Condition": { "IpAddress": {"aws:SourceIp": ""}, "NotIpAddress": {"aws:SourceIp": ""} } } ] }

A. Allows everyone access to an object called “training” in “cloudthat” bucket only from IP address.

B. Allows everyone access to “cloudthat-training” bucket only from IP address.

C. Allows everyone access to “cloudthat-training” bucket from subnet, except from IP address.

D. Denies access to “cloudthat-training” bucket from IP address and allows access to subnet

How to take the AWS SysOps Certification – Associate

If you have not booked your AWS SysOps Certification exam already, you can do it here.

How to Prepare for the exam?

Overall it’s an all-inclusive exam and hands-on experience is a must. CloudThat Technologies conducts training to prepare you for the certification exam, if you are interested in attending our training, check out details of AWS SysOps Administrator Certification BootCamp.

Good luck!!! If you have any questions, please mention them below and will try to answer them. Also if you like the article please share it with others.


The above mentioned questions are not directly from AWS Certification. I personally or CloudThat does not have any official tie-up with Amazon regarding the certification or the kind of questions asked.

One Response to “10 Trial Questions for AWS SysOps Administrator – Associate Certification”

  1. Sandhiya Mohandas

    For those who are planning to give SysOps exam the following are the topics to be focused more on:

    S3, EC2, more questions on Autoscaling and Elastic Load Balancer, VPC, Route53, RDS, CloudFormation, Elastic BeanStalk, Opswork, IAM.

    CloudThat also provides exclusive training & hands-on for SysOps certification. For further details on SysOps training, check out details of AWS SysOps Administrator Certification BootCamp.


Leave a Reply