- (Exam Topic 1)
A company needs to take an inventory of applications that are running on multiple Amazon EC2 instances. The company has configured users and roles with the appropriate permissions for AWS Systems Manager. An updated version of Systems Manager Agent has been installed and is running on every instance. While configuring an inventory collection, a SysOps administrator discovers that not all the instances in a single subnet are managed by Systems Manager.
What must the SysOps administrator do to fix this issue?

1. A. Ensure that all the EC2 instances have the correct tags for Systems Manager access.
2. B. Configure AWS Identity and Access Management Access Analyzer to determine and automatically remediate the issue.
3. C. Ensure that all the EC2 instances have an instance profile with Systems Manager access.
4. D. Configure Systems Manager to use an interface VPC endpoint.

Correct Answer: C
Ensuring that all the EC2 instances have an instance profile with Systems Manager access is the most effective way to fix this issue. Having an instance profile with Systems Manager access will allow the SysOps administrator to configure the inventory collection for all the instances in the subnet, regardless of whether or not they are managed by Systems Manager.

- (Exam Topic 1)
A SysOps administrator noticed that a large number of Elastic IP addresses are being created on the company's AWS account, but they are not being associated with Amazon EC2 instances, and are incurring Elastic IP address charges in the monthly bill.
How can the administrator identify who is creating the Elastic IP addresses?

1. A. Attach a cost-allocation tag to each requested Elastic IP address with the IAM user name of the developer who creates it.
2. B. Query AWS CloudTrail logs by using Amazon Athena to search for Elastic IP address events.
3. C. Create a CloudWatch alarm on the ElPCreated metric and send an Amazon SNS notification when the alarm triggers.
4. D. Use Amazon Inspector to get a report of all Elastic IP addresses created in the last 30 days.

Correct Answer: B

- (Exam Topic 1)
A company has an internal web application that runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Amazon EC2 Auto Scaling group in a single Availability Zone. A SysOps administrator must make the application highly available.
Which action should the SysOps administrator take to meet this requirement?

1. A. Increase the maximum number of instances in the Auto Scaling group to meet the capacity that is required at peak usage.
2. B. Increase the minimum number of instances in the Auto Scaling group to meet the capacity that is required at peak usage.
3. C. Update the Auto Scaling group to launch new instances in a second Availability Zone in the same AWS Region.
4. D. Update the Auto Scaling group to launch new instances in an Availability Zone in a second AWS Region.

Correct Answer: C
"An Auto Scaling group can contain EC2 instances in one or more Availability Zones within the same Region. However, Auto Scaling groups cannot span multiple Regions". As stated in https://docs.aws.amazon.com/autoscaling/ec2/userguide/auto-scaling-benefits.htm

- (Exam Topic 1)
A company has multiple Amazon EC2 instances that run a resource-intensive application in a development environment. A SysOps administrator is implementing a solution to stop these EC2 instances when they are not in use.
Which solution will meet this requirement?

1. A. Assess AWS CloudTrail logs to verify that there is no EC2 API activit
2. B. Invoke an AWS Lambda function to stop the EC2 instances.
3. C. Create an Amazon CloudWatch alarm to stop the EC2 instances when the average CPU utilization is lower than 5% for a 30-minute period.
4. D. Create an Amazon CloudWatch metric to stop the EC2 instances when the VolumeReadBytes metric is lower than 500 for a 30-minute period.
5. E. Use AWS Config to invoke an AWS Lambda function to stop the EC2 instances based on resource configuration changes.

Correct Answer: B
https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html#AddingStopActi

- (Exam Topic 1)
A company has a web application with a database tier that consists of an Amazon EC2 instance that runs MySQL. A SysOps administrator needs to minimize potential data loss and the time that is required to recover in the event of a database failure.
What is the MOST operationally efficient solution that meets these requirements?

1. A. Create an Amazon CloudWatch alarm for the StatusCheckFailed_System metric to invoke an AWS Lambda function that stops and starts the EC2 instance.
2. B. Create an Amazon RDS for MySQL Multi-AZ DB instanc
3. C. Use a MySQL native backup that is stored in Amazon S3 to restore the data to the new databas
4. D. Update the connection string in the web application.
5. E. Create an Amazon RDS for MySQL Single-AZ DB instance with a read replic
6. F. Use a MySQL native backup that is stored in Amazon S3 to restore the data to the new databas
7. G. Update the connection string in the web application.
8. H. Use Amazon Data Lifecycle Manager (Amazon DLM) to take a snapshot of the Amazon Elastic Block Store (Amazon EBS) volume every hou
9. I. In the event of an EC2 instance failure, restore the EBS volume from a snapshot.

Correct Answer: D