- (Exam Topic 1)
A SysOps administrator notices a scale-up event for an Amazon EC2 Auto Scaling group Amazon CloudWatch shows a spike in the RequestCount metric for the associated Application Load Balancer The administrator would like to know the IP addresses for the source of the requests
Where can the administrator find this information?

1. A. Auto Scaling logs
2. B. AWS CloudTrail logs
3. C. EC2 instance logs
4. D. Elastic Load Balancer access logs

Correct Answer: D
Elastic Load Balancing provides access logs that capture detailed information about requests sent to your load balancer. Each log contains information such as the time the request was received, the client's IP address, latencies, request paths, and server responses. You can use these access logs to analyze traffic patterns and troubleshoot issues.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html

- (Exam Topic 1)
A SysOps Administrator is managing a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an EC2 Auto Scaling group. The administrator wants to set an alarm for when all target instances associated with the ALB are unhealthy.
Which condition should be used with the alarm?

1. A. AWS/ApplicationELB HealthyHostCount <= 0
2. B. AWS/ApplicationELB UnhealthyHostCount >= 1
3. C. AWS/EC2 StatusCheckFailed <= 0
4. D. AWS/EC2 StatusCheckFailed >= 1

Correct Answer: A
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-cloudwatch-metrics.html

- (Exam Topic 1)
A company needs to archive all audit logs for 10 years. The company must protect the logs from any future edits.
Which solution will meet these requirements?

1. A. Store the data in an Amazon Elastic Block Store (Amazon EBS) volum
2. B. Configure AWS Key Management Service (AWS KMS) encryption.
3. C. Store the data in an Amazon S3 Glacier vaul
4. D. Configure a vault lock policy for write-once, read-many (WORM) access.
5. E. Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA). Configure server-side encryption.
6. F. Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA). Configure multi-factor authentication (MFA).

Correct Answer: B
To meet the requirements of the workload, a company should store the data in an Amazon S3 Glacier vault and configure a vault lock policy for write-once, read-many (WORM) access. This will ensure that the data is stored securely and cannot be edited in the future. The other solutions (storing the data in an Amazon Elastic Block Store (Amazon EBS) volume and configuring AWS Key Management Service (AWS KMS) encryption, storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring server-side encryption, or storing the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) and configuring multi-factor authentication (MFA)) will not meet the requirements, as they do not provide a way to protect the audit logs from future edits.
https://docs.aws.amazon.com/zh_tw/AmazonS3/latest/userguide/object-lock.html

- (Exam Topic 1)
A company’s application currently uses an IAM role that allows all access to all AWS services. A SysOps administrator must ensure that the company’s IAM policies allow only the permissions that the application requires.
How can the SysOps administrator create a policy to meet this requirement?

1. A. Turn on AWS CloudTrai
2. B. Generate a policy by using AWS Security Hub.
3. C. Turn on Amazon EventBridge (Amazon CloudWatch Events). Generate a policy by using AWS Identity and Access Management Access Analyzer.
4. D. Use the AWS CLI to run the get-generated-policy command in AWS Identity and Access Management Access Analyzer.
5. E. Turn on AWS CloudTrai
6. F. Generate a policy by using AWS Identity and Access Management Access Analyzer.

Correct Answer: D
Generate a policy by using AWS Identity and Access Management Access Analyzer. AWS CloudTrail is a service that records all API calls made on your account. You can use this data to generate a policy with AWS Identity and Access Management Access Analyzer that only allows the permissions that the application requires. This will ensure that the application only has the necessary permissions and will protect the company from any unauthorized access.
https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html#what-is-access-analyzer-poli

- (Exam Topic 1)
A company's SysOps administrator needs to change the AWS Support plan for one of the company's AWS accounts. The account has multi-factor authentication (MFA) activated, and the MFA device is lost.
What should the SysOps administrator do to sign in?

1. A. Sign in as a root user by using email and phone verificatio
2. B. Set up a new MFA devic
3. C. Change the root user password.
4. D. Sign in as an 1AM user with administrator permission
5. E. Resynchronize the MFA token by using the 1AM console.
6. F. Sign in as an 1AM user with administrator permission
7. G. Reset the MFA device for the root user by adding a new device.
8. H. Use the forgot-password process to verify the email addres
9. I. Set up a new password and MFA device.

Correct Answer: A