SysOps Associate Exam Flashcards
What services can CloudWatch Monitor?
EC2 instances EBS volumes Elastic Load Balancers Auto Scaling groups EMR job flows RDS DB instances DynamoDB tables ElastiCache clusters RedShift clusters OpsWorks stacks Route 53 health checks SNS topics SQS queues SWF workflows Storage Gateways.
What EC2 Metrics can CloudWatch monitor by default?
CPU
Network
Disk
Status Check
Can CloudWatch Monitor Ram (memory) by default?
No
What is the default monitoring interval of CloudWatch?
5 minutes
Enabling this level of monitoring allows CloudWatch to monitor every minute instead of the default 5.
Detailed Monitoring
When can CloudWatch Detailed Monitoring be turned on?
At launch or after the instance is running or stopped
By default, how far back will CloudWatch show metrics in the console?
2 weeks after a metric is last ingested
How can I get CloudWatch metric data older than 2 weeks?
Use GetMetricStatistics API call
How long are EC2 and ELB metrics available after termination?
2 weeks
Can CloudWatch default metrics be any less than 1 minute?
No
List the two types of EC2 status checks
System Status Check
Instance Status Check
How do you repair an EC2 System Status Check?
Stop and Start to resolve the issue
How do you repair an EC2 Instance Status Check?
Reboot the instance to resolve the issue
How many IOPS/GiB can an General Purpose SSD provide?
3 IOPS/GiB
What is the maximum volume size and IOPS of a General Purpose SSD?
16 TiB
10,000 IOPS
EBS volume can consume _% to __% of IOPS when attached for the first time to an instance.
5% to 50%
Do new EBS volumes need to be pre-warmed?
No
(Outdated but potentially important)
How can you pre-warm a new EBS volume?
Write to all blocks
How can you pre-warm an existing EBS volume with data in it from S3?
Read all blocks
EBS _____________ Metrics show how many read/write request in queue which can slow down performance.
volumeQueueLength
EBS Queue length should be ______if this is more, then upgrade to more ______.
Zero
IOPS
What are the 4 EBS Volume status checks?
Ok
Warning
Impaired
Insufficient Data
[EBS Volume Status Checks]
What does the EBS volume status ‘OK’ mean?
EBS Volume is normal
[EBS Volume Status Checks]
What does the EBS volume status ‘Warning’ mean?
EBS Volume is Degraded or Severely Degraded
[EBS Volume Status Checks]
What does the EBS volume status ‘Impaired’ mean?
EBS Volume is Stalled/Not Available
[EBS Volume Status Checks]
What does the EBS volume status ‘Insufficient Data’ mean?
Insufficient Data on EBS Volume
What two ways can RDS metrics be monitored?
Cloudwatch
RDS Events
What are the 8 key RDS metrics?
DatabaseConnections DiskQueueDepth FreeStorageSpace ReplicaLog ReadIOPS WriteIOPS ReadLatency WriteLatency
How frequently does ELB report metrics by default?
Every minute
Does ELB report metrics if there is no traffic?
No
What are the two key ELB metrics?
SurgeQueueLength
SpillOverCount
What is the ELB metric SurgeQueueLength?
No. of requests pending for submission
What is the ELB metric SpillOverCount?
No. of requests that got rejected when queue was full
What are the two types of Elasticache?
Memcache
Reddis
Memcache is _________ and can handle a CPU load of up to __%.
Multithreaded
90%
Reddis is _________ and can only handle a low CPU utilization of ___%
Not Multithreaded
(90/no. of nodes)%
Swap Usage is the amount of ______ file usage
Swap
Swap size = _____ size
RAM
Memcache swap use should be __ Mb but not more than __Mb
0; 50
If Memcache swap size is greater than 50Mb what API call should you check?
memchached_connections_overhead
Reddis uses _____ memory which means what?
Reserve memory; No swap usage metrics
General rule of Evictions in Elasticache says if a _____ item is added then an ____ item must be removed.
new item; old item;
To handle evictions for Memcache, how should you scale?
Scale up
Scale out
How do you decide you eviction threshold with Memcache?
Based on your application
To handle evictions for Reddis, how should you scale?
Scale Up
How do you decide you eviction threshold with Reddis?
There is no standard threshold
If there is a concurrent Connection issue with Memcache and/or Reddis, what does this indicate?
Large traffic spike or application is not releasing connection
Which services offer root access?
Elastic Beanstalk
EMR
EC2
Opswork
To handle a sudden spike in ELB, you need to contact AWS support with what details?
Timeline
Requests/Second
Request/Response Size
OpsWork consists of ________ and ________.
Stacks; Layers
OpsWorks runs on _____.
Chef
In OpsWork, layers contain AWS resources such as…
EC2
ELB
RDS
In OpsWork, layers are like _____, ______, and _______ layer.
Web; Application; Database
In OpsWork, each stack will have how many layers?
1 or more
What are the preconfigured layers in OpsWork?
Application
Database
Load Balancers
Caching
What happens to any EC2 instance added outside of the OpsWork stack in ELB?
OpsWork will remove
How can you simulate a CloudWatch Alarm?
Use the CLI to trigger an alarm
What are the three CloudWatch alarm states?
OK
ALARM
INSUFFICIENT_DATA
What does the CloudWatch Alarm state ‘OK’ mean?
Metrics is within threshold
What does the CloudWatch Alarm state ‘ALARM’ mean?
Metrics is outside of threshold
What does the CloudWatch Alarm state ‘INSUFFICIENT_DATA’ mean?
Not enough data available
What is the only way you can temporarily disable a CloudWatch Alarm?
Using the CLI
CloudWatch doesn’t have Aggregate metrics available. Instead it has which five metrics?
average min max sum data samples
What do you need to enable first before you can setup a billing alarm on CloudWatch?
Billing Alert
What is the default timestamp in CloudWatch and how can you change it?
UTC;
Change it to local timezone in the console
CloudWatch detailed monitoring is not available for which services?
EMR and SNS
To send your own metrics to cloudwatch, use the ____________ command with __________ parameter.
put-metrics-data
statics-value
In CloudWatch, the size of HTTP GET request is __ and POST request is ____ and it is mandatory to pass what?
8KB
40KB
Mandatory to pass namespace
[Review Question]
When sending metrics to Cloudwatch it can have ___ weeks past time stamp and ____ hours future time stamp.
2 week; 2 hours
If you are sending metrics to CloudWatch and there is no timestamp, what will CloudWatch mark the timestamp as?
In case of no timestamp , CloudWatch will mark timestamp as current timestamp
To find exact time data in CloudWatch, the user can use what to get an exact time range?
‘Absolute’ tab under CloudWatch
You can publish your own metrics in CloudWatch by using API or CLI by supplying what?
The file as an input command
How can you see more granular data in CloudWatch?
Select interval using the mouse
You can aggregate CPU utilization data in cloudwatch by….
AMD ID
What is the CloudWatch end point format for zone us-east-1?
monitoring.us-east-1.amazonaws.com
If you delete your ELB then what will happen to your registered EC2 instances?
They will keep running
What is the ELB connection draining default timeout?
300 seconds
What is the max ELB connection draining timeout?
3600 seconds (1 Hour)
What do you have enable for ELB in an auto scaling group so that autoscaling can terminate an unhealthy instance?
Health Check
What happens if you try to schedule two auto scaling processes at one?
It won’t allow you to schedule the second and will throw a conflict error.
Autoscaling process will be suspend if it can not launch resource in ____ hours.
24 hours
If you suspend termination then Auto scaling can grow __% beyond max instance size due to AZ rebalance.
10%
In Auto Scaling, if AddToELB is suspended, what will happen if you add an EC2 instance?
Instance will not register with ELB and user have to register them manually after resume.
Which three services offer free detail monitoring?
Auto Scaling
ELB
Route 53
AutoScaling will ______ the unhealthy instance first and then ______ the new instance.
Terminate; Launch
You can add more subnets in ELB while it is running using what command?
elb-enable-availability-zone-for-load-balancer
To avoid new instance launch during reboot from Auto Scaling you need to use what auto scaling command to change the instance state to healthy?
set-instance-health
If detailed monitoring is disabled for an current auto-scaling group, how would you enable it?
The user will need to define new launch configuration group with detail monitoring enable and attach it to ASG.
ELB has _______________ check which will ensure if one region fails then hop request to another region.
evaluate target health
ELB’s ____________ command can log client IP addresses so you can filter traffic using particular ip address if required .
x-forwarded-for
ELB creates __ security group by default for EC2-VPC however EC2-classic creates __ security group by default.
1; 2
What do you need to define during AMI creation?
You need AWS account ID
X.509 certificate with private key
AWS account access key id/secret access key.
During AMI creation you don’t need to define the AMI _______.
AMI launch permission
For EC2-Classic, Elastic IP (EIP) gets _________ when you stop it.
disassociated
For EC2-VPC, what happens to the Elastic IP (EIP) when you stop the instance?
It remains attached
How many Elastic IPs can you have per region?
5
What happens if you connect to an EC2 instance but enter the wrong user id?
EC2 throws a “host key not found” error if you enter wrong user id.
If an EC2 instance gets terminated, where can you find the reason for the termination
Under “state transition reason” property in the console
[True or false]
Taking snapshot of a EBS volume can cause performance issue due to increase I/O.
True
A user can set which attribute to avoid accidental termination of EC2. instance?
DisableApiTermination
EC2 Optimized EBS instances are just instances with what?
A “dedicated” connection to EBS volumes
CloudFormation has capability to add bootstrap scripts to an EC2 instance while spinning up but you can not configure a ______ using it.
service
During an AMI copy AWS does not copy what?
launch permission
user defined tags
Amazon S3 bucket permissions
A windows based instance store backed AMI can or can’t be converted to EBS backed AMI.
can’t be converted to EBS backed AMI.
For a Windows instance, the instance console output displays how many of the last system events log errors.
3
S3 ACL permission [can/cannot] be provided to an individual IAM user
cannot
In S3, if you don’t want to use the AWS provided AES-256 encryption then you need to send what with each API call?
You need to send encryption key and algorithm
Can you have different encryption for different versions of same object?
Yes
In S3, what can you use to see storage and access pattern to identify less frequent storage?
S3 storage analytics
S3 bucket policies will provide what level access to all objects in bucket by default?
bucket level access
How do you enable folder upload in S3?
Enable enhanced upload option from S3 console
Once you restore object from Glacier, will its object class change?
Object class always going to stay as Glacier and will not change to RRS or IA.
When creating event for RDS Snapshots, what event categories are available?
creation
deletion
notification
restoration
[True/False]
You can enable/disable a event from console to stop notifications temporarily .
True
What is the default maintenance window for RDS if the user has not provided one?
30 minutes
What will AWS use default maintenance windows on RDS for?
Security patching and scale operation only
Can a PostgreSQL read replica be cross region?
No
Can a MySQL read replica be cross region?
Yes
Creating a read replica for RDA can impact minor performance due to suspension of what during snapshot creation?
IO
For MySQL always use _____ engine for better backup and restore.
InnoDB
______ for MySQL does not support reliable crash recovery mechanism.
MyISAM
The three RDS metrics in Cloudwatch are…
DiskQueueDepth (should be 0)
Write Latency
Replica log
How do you implement failover for hardcoded IP addresses inside of a VPC?
Create a secondary ENI and assign a secondary private IP address to primary ENI that can be move to failover instance.
CloudFormation uses ________ to resolve dependency between resource creation.
wait condition
Can you delete an SQS queue if it has a message in it?
Yes
What happens to the messages in an SQS queue if you delete the queue.
All message will get deleted automatically.
SQS queue sample URL is :
https://sqs.us-east-1.amazonaws.com/789211807855/myfirstqueue
In case of inactivity in SQS, AWS will delete it after __ days.
30
How many tags per resource are allowed?
50
What is the max value of a tag?
255 characters
Are key values case sensistive?
Yes
In a tag, what prefix is reserved?
aws:
How could a user setup his own billing management?
Setting up programmatic access to aws billing and parse that according to his need.
______ account send request to _____ account to make them part of consolidated billing.
Payee; link
You can add up to ___ DNS in DHCP along with domain name.
4
An account can have ___ groups.
100
An account can have ___ users.
500
An account can have ___ roles.
250
Does CloudWatch aggregate data across regions?
No, metrics are completely separate between regions.
If you manage resources in multiple regions, you can create a ___________ to view resources from different regions on the same screen.
resource group
Do you have to wait for a snapshot to finish before using it?
No
Which SSL protocols does AWS ELB support?
TLS 1.0
TLS 1.1
TLS 1.2
True or False: There is a surcharge when using Enhanced Networking with EC2.
False
True or False: New changes to IAM allow you associate an email address with any IAM user.
False
Which of the following are valid IAM access keys? Public Access Key Private Access Key Secret Access Key Access key
Secret Access Key
Access key
You have set CloudWatch billing alarms for your instances running in eu-west-2. However, when you try to access the billing information and alarms, no information is visible. Why might this be?
Billing and Alarm data can be accessed only from the us-east-1 region.
Which of the API call displays the details of a given CloudWatch dashboard?
GetDashboard
You’re using CloudFormation to launch a stack that will host your application. However, you want to configure the application on your EC2 instance before CloudFormation spins-up your autoscaling group and your ELB. How can you accomplish this?
Associate a CreationPolicy with the AutoScaling Group and a WaitCondition with the load balancer, delaying their completion until after the EC2 instance has been configured.
There are issues with your RDS database, and you need to restore it to the way it was at 4:00 am yesterday. What RDS option would allow you to do so?
RDS Automated Backups
If you use an IAM user to copy an instance-store-backed AMI, the user must have which Amazon S3 permissions?
s3: PutObject
s3: CreateBucket
s3: GetObject
A member of the Operations team has done some analysis and discovered that at certain times of the day your cost per message processed jumps enormously. Which parameter would you suggest she change?
WaitTimeSeconds
What is the maximum S3 object size?
5TB
True or False: EBS encryption does not support boot volumes.
False
You’re an ops manager, and you want one of your AWS accounts to receive the price breaks associated with Consolidated Billing for Organizations. What needs to happen for you to be included in the Organization and receive the discounted pricing?
The Master account must send you an invitation to join your account with theirs, and you must accept.
Which of the API call is used to return a subset of CloudWatch Log events?
FilterLogEvents
What is the default limit for the number of subnets you can have in a Region?
200
What is the CLI command used to remove a subnet from and Elastic Load Balancer?
detach-load-balancer-from-subnets
By default, what’s the maximum number of launch configurations you may have per region?
100
What is the correct CloudWatch metrics namespace for CloudWatch Logs?
AWS/Logs
What are the two types of Elastic Load Balancer (Classic) sticky sessions?
Duration-based session stickiness and application-controlled session stickiness.
Is it possible to share an AMI across AWS Regions?
AMIs must be copied to another region. One cannot simply share them.
True or False: A CloudFormation template may use only the JSON format.
False. CloudFormation may use either a JSON or YAML-format.
True or False: Network ACLs are stateless.
True
True or False: Security Groups are stateless.
False
True or False: In a Multi-AZ RDS deployment, the Standby instance serves read operations and will be promoted to Primary in the event of a failure.
False
You do not interact directly with the Standby instance (e.g. for read operations) at any point prior to its promotion to Primary.
True or False: You can use Paths to order IAM users hierarchically.
True
To register targets and correctly route requests, the Application Load Balancer’s listeners need a rule that specifies a ________ .
Target Group
Following a multi-AZ RDS failover, which record is changed from the primary to the standby?
CNAME
What is the name of the document that tells Auto Scaling how to respond to events and alarms?
Policy
True or False: CloudWatch Logs cannot be used to monitor your applications and systems in real-time.
False
When creating an EBS volume, which parameters can be chosen from the AWS Console?
Size
Encryption
SnapshotID
True or False: S3 provides read-after-write consistency for POSTs of new objects.
False
S3 provides read-after-write consistency for PUTs of new objects and eventual consistency of overwrite PUTs and DELETEs.
Which API call is used to describe the state of a specified instance with respect to the specified load balancer?
DescribeInstanceHealth
What are the valid EC2 Auto-Scaling instance health statuses?
Healthy
Unhealthy
What is the general limit for each AWS account for the maximum umber of EBS snapshots that can be created by default?
10,000
