Free DOP-C02 Practice Exam Questions Online

Why Amazon DOP-C02 Practice Exam Questions?

Ready to level up your Amazon DOP-C02 exam study? Just TheExamsLab DOP-C02 practice tests free.

DOP-C02 exam questions are expertly crafted practice tests designed to simulate the real Amazon certification exam environment and help you assess your knowledge and figure out where you are lacking. From our free AWS Certified DevOps Engineer- Professional DOP-C02 practice exam, you will feel secure in passing any question type or time limit. TheExamsLab offers the DOP-C02 exam questions 2024. Don’t settle or do it half-heartedly get the best and invest in the best what you want is what you get.

Page: 1 / 88

Total 436 Questions | Updated On: Nov 20, 2024

Add To Cart

Question 1

A leading software development company has various web applications hosted in an Auto Scaling group of EC2 instances which are designed for high availability and fault tolerance. They are using AWS CloudFormation to easily manage their cloud infrastructure as code as well as for deployment. Currently, they have to manually update their CloudFormation templates for every new available AMI of their application. This procedure is prone to human errors and entails a high management overhead on their deployment process.

Which of the following is the MOST suitable and cost-effective solution that the DevOps engineer should implement to automate this process?

A : Pull the new AMI IDs using an AWS Lambda-backed custom resource in the CloudFormation template. Reference the AMI ID that the custom resource fetched in the launch configuration resource block.

B : Configure the CloudFormation template to use AMI mappings. Integrate AWS Lambda and Amazon CloudWatch Events to create a function that regularly runs every hour to detect new AMIs as well as update the mapping in the template. Reference the AMI mappings in the launch configuration resource block.

C : Configure the AWS CloudFormation template to use conditional statements to check if new AMIs are available. Fetch the new AMI ID using the cfn-init helper script and reference it in the launch configuration resource block.

D : Launch an EC2 instance to run a custom shell script every hour to check for new AMIs. The script should update the launch configuration resource block of the CloudFormation template with the new AMI ID if there are new ones available.

Answer: A

Question 2

A company manages an application that stores logs in Amazon CloudWatch Logs. The company wants to archive the logs to an Amazon S3 bucket. Logs are rarely accessed after 90 days and must be retained for 10 years.

Which combination of steps should a DevOps engineer take to meet these requirements? (Choose two.)

A : Configure a CloudWatch Logs subscription filter to use AWS Glue to transfer all logs to an S3 bucket.

B : Configure a CloudWatch Logs subscription filter to use Amazon Kinesis Data Firehose to stream all logs to an S3 bucket.

C : Configure a CloudWatch Logs subscription filter to stream all logs to an S3 bucket.

D : Configure the S3 bucket lifecycle policy to transition logs to S3 Glacier after 90 days and to expire logs after 3.650 days.

E : Configure the S3 bucket lifecycle policy to transition logs to Reduced Redundancy after 90 days and to expire logs after 3.650 days.

Answer: B,D

Question 3

A company deploys an application to Amazon EC2 instances. The application runs Amazon Linux 2 and uses AWS CodeDeploy. The application has the following file structure for its code repository:

The appspec.yml file has the following contents in the files section:

What will the result be for the deployment of the config.txt file?

A : The config.txt file will be deployed to only /var/www/html/config/config.txt.

B : The config.txt file will be deployed to /usr/local/src/config.txt and to /var/www/html/config/config.txt.

C : The config.txt file will be deployed to only /usr/local/src/config.txt.

D : The config.txt file will be deployed to /usr/local/src/config.txt and to /var/www/html/application/web/config.txt.

Answer: C

Question 4

A company is re-architecting its monolithic system to a serverless application in AWS to save on cost. The deployment of the succeeding new version of the application must be initially rolled out to a small number of users first for testing before the full release. If the post-hook tests fail, there should be an easy way to roll back the deployment. The DevOps Engineer was assigned to design an efficient deployment setup that mitigates any unnecessary outage that impacts their production environment.

As a DevOps Engineer, how should you satisfy this requirement? (Select TWO.)

A : Create a new record in Route 53 with a Failover routing policy. Configure the primary record to route 20% of incoming traffic to the new version and set the secondary record to route the rest of the traffic to the current version. Once the new version stabilizes, update the primary record to route all traffic to the new version.

B : Launch an Application Load Balancer with an Amazon API Gateway private integration. Attach a single target group to the load balancer and select the 'Canary' routing option which will automatically route incoming traffic to the new version.

C : Launch a Network Load Balancer with an Amazon API Gateway private integration. Attach two target groups to the load balancer. Configure the first target group with the current version and the second target group with the new version. Configure the load balancer to route 20% of the incoming traffic to the new version and once it becomes stable, detach the first target group from the load balancer.

D : Set up a canary deployment in Amazon API Gateway that routes 20% of the incoming traffic to the canary release. Promote the canary release to production once the initial tests have passed.

E : Set up one AWS Lambda Function Alias that points to both the current and new versions. Route 20% of incoming traffic to the new version and once it is considered stable, update the alias to route all traffic to the new version.

Answer: A,D

Question 5

A company must encrypt all AMIs that the company shares across accounts. A DevOps engineer has access to a source account where an unencrypted custom AMI has been built. The DevOps engineer also has access to a target account where an Amazon EC2 Auto Scaling group will launch EC2 instances from the AMI. The DevOps engineer must share the AMI with the target account.

The company has created an AWS Key Management Service (AWS KMS) key in the source account.

Which additional steps should the DevOps engineer perform to meet the requirements? (Choose three.)

A : In the source account, copy the unencrypted AMI to an encrypted AMI. Specify the KMS key in the copy action.

B : In the source account, copy the unencrypted AMI to an encrypted AMI. Specify the default Amazon Elastic Block Store (Amazon EBS) encryption key in the copy action.

C : In the source account, create a KMS grant that delegates permissions to the Auto Scaling group service-linked role in the target account.

D : In the source account, modify the key policy to give the target account permissions to create a grant. In the target account, create a KMS grant that delegates permissions to the Auto Scaling group service-linked role

E : In the source account, share the unencrypted AMI with the target account.

F : In the source account, share the encrypted AMI with the target account.

Answer: A,D

Page: 1 / 88

Total 436 Questions | Updated On: Nov 20, 2024

Add To Cart