Print this page Share

AWS Certified SysOps Administrator Official Study Guide: Associate Exam

AWS Certified SysOps Administrator Official Study Guide: Associate Exam (1119377420) cover image


Comprehensive, interactive exam preparation and so much more

The AWS Certified SysOps Administrator Official Study Guide: Associate Exam is a comprehensive exam preparation resource. This book bridges the gap between exam preparation and real-world readiness, covering exam objectives while guiding you through hands-on exercises based on situations you'll likely encounter as an AWS Certified SysOps Administrator. From deployment, management, and operations to migration, data flow, cost control, and beyond, this guide will help you internalize the processes and best practices associated with AWS. The Sybex interactive online study environment gives you access to invaluable preparation aids, including an assessment test that helps you focus your study on areas most in need of review, and chapter tests to help you gauge your mastery of the material. Electronic flashcards make it easy to study anytime, anywhere, and a bonus practice exam gives you a sneak preview so you know what to expect on exam day.

Cloud computing offers businesses a cost-effective, instantly scalable IT infrastructure. The AWS Certified SysOps Administrator - Associate credential shows that you have technical expertise in deployment, management, and operations on AWS.  

  • Study exam objectives
  • Gain practical experience with hands-on exercises
  • Apply your skills to real-world scenarios
  • Test your understanding with challenging review questions

Earning your AWS Certification is much more than just passing an exam—you must be able to perform the duties expected of an AWS Certified SysOps Administrator in a real-world setting. This book does more than coach you through the test: it trains you in the tools, procedures, and thought processes to get the job done well. If you're serious about validating your expertise and working at a higher level, the AWS Certified SysOps Administrator Official Study Guide: Associate Exam is the resource you've been seeking.

See More

Table of Contents

Foreword xix

Introduction xxi

Assessment Test xxvi

Chapter 1 Introduction to Systems Operations on AWS 1

Systems Operators 2

Deploying Systems 2

Monitoring Systems 2

Optimizing Systems 3

Fortifying Systems 3

Securing Systems 3

AWS Certified SysOps Administrator - Associate 4

Which AWS Services Should You Study? 4

Reference Architecture: The Three-Tier Design 5

Introduction to the Three-Tier Design 5

Sample Scenario 6

Reference Architecture: The Serverless Design 14

Key Product: Serverless Design 17

Summary 18

Exam Essentials 18

Key Pieces to Study 19

Review Questions 20

Chapter 2 Working with AWS Cloud Services 23

Introduction to AWS Cloud Services 24

Systems Operations Using the AWS Toolset 24

AWS Software Development Kits (SDKs) 30

AWS Internet of Things (IoT) and Mobile Software

Development Kits (SDKs) 33

Summary 34

Exam Essentials 35

Resources to Review 35

Exercises 35

Review Questions 38

Chapter 3 Security and AWS Identity and Access

Management (IAM) 41

Security on AWS 43

Shared Responsibility Model 43

AWS Security Responsibilities 43

Customer Security Responsibilities 44

AWS Global Infrastructure Security 44

Physical and Environmental Security 46

Business Continuity Management 47

Network Security 48

Network Monitoring and Protection 49

AWS Compliance Program 50

Securing Your AWS Account with AWS Identity and

Access Management (IAM) 51

IAM User 52

IAM Groups 56

IAM Policies 56

IAM Roles 57

Best Practices for Securing Your AWS Account 58

Securing Your AWS Cloud Services 59

Key Pairs 59

Monitoring to Enhance Security 62

AWS CloudTrail 62

Amazon Virtual Private Cloud (Amazon VPC) Flow Logs 62

Amazon CloudWatch 63

AWS Config 63

Amazon Inspector 64

AWS Certificate Manager 64

AWS Web Application Firewall (AWS WAF) 64

AWS Trusted Advisor 64

AWS Cloud Service-Specific Security 65

Compute Services 65

Networking 69

Storage 75

AWS Storage Gateway Security 80

Database 80

Application Services 88

Analytics Services 89

Deployment and Management Services 91

Mobile Services 92

Applications 94

Summary 95

Exam Essentials 96

Exercises 98

Review Questions 103

Chapter 4 Compute 107

Introduction to AWS Compute Services 109

Amazon Elastic Compute Cloud (Amazon EC2) 111

Implementation 111

Management 117

Security 122

Amazon EC2 Container Service (Amazon ECS) 123

Implementation 124

Management 124

Security 125

AWS Elastic Beanstalk 125

Languages Supported in AWS Elastic Beanstalk 126

Services that AWS Elastic Beanstalk Deploys 126

Management 126

Security 127

AWS Lambda 128

Implementation 128

Management 130

Security 130

Amazon Lightsail 130

Implementation 131

Management 131

Security 133

AWS Batch 133

Implementation 133

Management 135

Security 135

Summary 135

Exam Essentials 136

Resources to Review 139

Exercises 140

Review Questions 146

Chapter 5 Networking 151

Introduction to Networking on AWS 153

Amazon Virtual Private Cloud (Amazon VPC) 154

Amazon VPC Implementation 154

Amazon VPC Management 164

AWS Direct Connect 166

AWS Direct Connect Implementation 167

AWS Direct Connect Management 169

AWS Direct Connect Security 170

Load Balancing 171

Load Balancing Implementation 172

Load Balancing Management 176

Load Balancing Security 178

Virtual Private Network (VPN) 178

VPN Installation 178

VPN Management 179

Amazon Route 53 179

Amazon Route 53 Implementation 180

Amazon Route 53 Management 185

xii Contents

Amazon CloudFront 185

Amazon CloudFront Implementation 186

Amazon CloudFront Management 194

Amazon CloudFront Security 194

Summary 195

Resources to Review 195

Exam Essentials 196

Exercises 198

Review Questions 201

Chapter 6 Storage Systems 207

Understanding Different Storage Options 209

Block Storage vs. Object Storage 209

Block Storage Basics 210

Object Storage Basics 210

Retrieval Times (Hot vs. Cold Storage) 211

Cost Efficiency 211

Block Storage on AWS 212

Amazon Elastic Block Store (Amazon EBS) 212

Instance Store 221

Amazon Elastic File System (Amazon EFS) 222

Object Storage on AWS 224

Amazon Simple Storage Service (Amazon S3) 224

Amazon Glacier 230

Systems Operator Scenario: The Newspaper 232

Storage Needs 233

Solution Breakdown 233

Additional Storage Solutions 234

Amazon CloudFront 234

AWS Storage Gateway 235

AWS Snowball 235

Summary 236

Resources to Review 236

Exam Essentials 237

Exercises 239

Review Questions 244

Chapter 7 Databases 249

Introduction to AWS Databases 250

SQL vs. NoSQL 251

Relational Databases Overview 252

Relational Database Design 252

Non-Relational Database Overview 253

Amazon RDS Features and Benefits 254

Amazon Aurora 256

Monitoring Amazon RDS 278

Monitoring Tools 278

Amazon RDS Pricing 282

Non-Relational Databases 283

Amazon DynamoDB 283

Amazon DynamoDB Core Components 284

Amazon Redshift 292

Cluster Management 293

Cluster Access and Security 293

Databases 294

Monitoring Clusters 295

Amazon ElastiCache 296

Summary 298

Resources to Review 298

Exam Essentials 299

Exercises 300

Review Questions 307

Chapter 8 Application Deployment and Management 313

Introduction to Application Deployment and Management 314

Deployment Strategies 314

Provisioning Infrastructure 314

Deploying Applications 315

Configuration Management 315

Scalability Capabilities 318

Monitoring Resources 318

Continuous Deployment 319

Deployment Services 322

AWS Elastic Beanstalk 323

Amazon EC2 Container Service 325

AWS OpsWorks Stacks 328

AWS CloudFormation 330

AWS Command Line Interface (AWS CLI) 345

Summary 346

Resources to Review 347

Exam Essentials 347

Exercises 349

Review Questions 358

Chapter 9 Monitoring and Metrics 363

Introduction to Monitoring and Metrics 364

An Overview of Monitoring 364

Why Monitor? 364

Amazon CloudWatch 365

AWS CloudTrail 365

AWS Config 365

AWS Trusted Advisor 366

AWS Service Health Dashboard 366

AWS Personal Health Dashboard 367

Amazon CloudWatch 367

Metrics 369

Custom Metrics 369

Amazon CloudWatch Metrics Retention 370

Namespaces 371

Dimensions 372

Statistics 373

Units 374

Periods 374

Aggregation 375

Dashboards 376

Percentiles 376

Monitoring Baselines 377

Amazon EC2 Status Checks 378

Authentication and Access Control 379

AWS Cloud Services Integration 382

Amazon CloudWatch Limits 382

Amazon CloudWatch Alarms 384

Alarms and Thresholds 384

Missing Data Points 386

Common Amazon CloudWatch Metrics 386

Amazon CloudWatch Events 395

Events 396

Rules 397

Targets 397

Metrics and Dimensions 398

Amazon CloudWatch Logs 399

Archived Data 400

Log Monitoring 400

Amazon CloudWatch Logs: Agents and IAM 401

Searching and Filtering Log Data 403

Monitoring AWS Charges 406

Detailed Billing 407

Cost Explorer 409

AWS Billing and Cost Management Metrics

and Dimensions 410

AWS CloudTrail 411

What Are Trails? 411

Types of Trails 411

Multiple Trails per Region 412

Encryption 412

AWS CloudTrail Log Delivery 412

Overview: Creating a Trail 413

Monitoring with AWS CloudTrail 413

AWS CloudTrail vs. Amazon CloudWatch 414

AWS CloudTrail: Trail Naming Requirements 414

Getting and Viewing AWS CloudTrail Log Files 414

AWS Config 417

Ways to Use AWS Config 418

AWS Config Rules 419

AWS Config and AWS CloudTrail 420

Pricing 421

Summary 421

Resources to Review 422

Exam Essentials 423

Exercises 425

Review Questions 438

Chapter 10 High Availability 441

Introduction to High Availability 443

Amazon Simple Queue Service 444

Using Amazon Simple Queue Service to Decouple an Application 444

Standard Queues 448

First-In, First-Out Queues 448

Dead Letter Queues 449

Shared Queues 449

Amazon Simple Notification Service 450

Mobile Push Messaging 451

Amazon SNS Fan-Out Scenario 451

Highly Available Architectures 452

Network Address Translation (NAT) Gateways 453

Elastic Load Balancing 453

Auto Scaling 454

Session State Management 455

Amazon Elastic Compute Cloud Auto Recovery 455

Scaling Your Amazon Relational Database Service Deployment 456

Multi-Region High Availability 457

Amazon Simple Storage Service 457

Amazon DynamoDB 457

Amazon Route 53 457

Highly Available Connectivity Options 463

Redundant Active-Active VPN Connections 463

Redundant Active-Active AWS Direct Connect Connections 465

AWS Direct Connect with Backup VPN Connection 466

Disaster Recovery 467

Backup and Restore Method 467

Pilot Light Method 468

Warm-Standby Method 470

Multi-Site Solution Method 470

Failing Back from a Disaster 471

Summary 472

Resources to Review 473

Exam Essentials 473

Exercises 474

Review Questions 478

Appendix Answers to the Review Questions 481

Chapter 1: Introduction to Systems Operations on AWS 482

Chapter 2: Working with AWS Cloud Services 483

Chapter 3: Security and AWS Identity and Access Management (IAM) 483

Chapter 4: Compute 485

Chapter 5: Networking 486

Chapter 6: Storage Systems 488

Chapter 7: Databases 490

Chapter 8: Application Deployment and Management 492

Chapter 9: Monitoring and Metrics 494

Chapter 10: High Availability 496

Index 499

See More


Do you think you've discovered an error in this book? Please check the list of errata below to see if we've already addressed the error. If not, please submit the error via our Errata Form. We will attempt to verify your error; if you're right, we will post a correction below.

ChapterPageDetailsDatePrint Run
FM v Errata in text
In the front matter, on page v, in the "About the Authors" section, Gareth Digby's biography should read:
Technical Trainer for AWS, delivers training on AWS services to students throughout North America. Gareth holds a B.Sc. and Ph.D. in Electrical and Electronic Engineering from the University of Swansea. Gareth has held full time faculty posts in the Electrical and Electronic Engineering Department, at University of Swansea and at the School of Electrical and Electronic Engineering, University of Birmingham. He has taught as adjunct faculty in the Department of Computer Science at University of Oxford and the Penn State Great Valley School of Graduate Professional Studies. Prior to joining AWS, in addition to his academic posts, Gareth has held systems engineering and system architecture roles on a variety of public sector projects. Gareth wants to thank Enfield Grammar School for introducing him to computers, the Electrical and Electronic Engineering Department and the Computer Science Department at University of Wales, Swansea for inspiring him to teach about computers, and his family for allowing him to pursue these passions for far too many years.
4 138 Errata in text
In the section "Know the different tools available to manage security for Amazon EC2," please change "RPD" to "RDP."
5 157 Errata in text
Table 5.1 -
Table 5.1 -
Paragraph 2 -
Paragraphs 2 -
Table 5.2 -
Table 5.2 -
8 493 Errata in text
Appendix: Answers to Review Questions
Answer/Question #5
B. AWS Elastic Beanstalk does not support the C language. It provides platforms for other programming languages (such as Java, PHP, Python, Ruby, and Go), web containers (Tomcat, Passenger, and Puma), and Docker containers, with multiple configurations of each.
See More
Back to Top