Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors

Amazon AWS DevOps Engineer - Professional (DOP-C02) AWS DevOps Engineer Professional Exam Questions in PDF

Free Amazon AWS DevOps Engineer Professional Dumps Questions (page: 12)

AWS DevOps Engineer Professional PDF — 429 Questions

A healthcare services company is concerned about the growing costs of software licensing for an application for monitoring patient wellness. The company wants to create an audit process to ensure that the application is running exclusively on Amazon EC2 Dedicated Hosts. A DevOps Engineer must create a work ow to audit the application to ensure compliance. What steps should the Engineer take to meet this requirement with the LEAST administrative overhead?

  1. Use AWS Systems Manager Con guration Compliance. Use calls to the put-compliance-items API action to scan and build a database of noncompliant EC2 instances based on their host placement con guration. Use an Amazon DynamoDB table to store these instance IDs for fast access. Generate a report through Systems Manager by calling the list-compliance-summaries API action.
  2. Use custom Java code running on an EC2 instance. Set up EC2 Auto Scaling for the instance depending on the number of instances to be checked. Send the list of noncompliant EC2 instance IDs to an Amazon SQS queue. Set up another worker instance to process instance IDs from the SQS queue and write them to Amazon DynamoD Use an AWS Lambda function to terminate noncompliant instance IDs obtained from the queue, and send them to an Amazon SNS email topic for distribution.
  3. Use AWS Con g. Identify all EC2 instances to be audited by enabling Con g Recording on all Amazon EC2 resources for the region. Create a custom AWS Con g rule that triggers an AWS Lambda function by using the con g-rule-change-triggered blueprint. Modify the Lambda evaluateCompliance() function to verify host placement to return a NON_COMPLIANT result if the instance is not running on an EC2 Dedicated Host. Use the AWS Con g report to address noncompliant instances.
  4. Use AWS CloudTrail. Identify all EC2 instances to be audited by analyzing all calls to the EC2 RunCommand API action. Invoke an AWS Lambda function that analyzes the host placement of the instance. Store the EC2 instance ID of noncompliant resources in an Amazon RDS MySQL DB instance. Generate a report by querying the RDS instance and exporting the query results to a CSV text le.

Answer(s): C



A company has 100 GB of log data in an Amazon S3 bucket stored in .csv format. SQL developers want to query this data and generate graphs to visualize it.
They also need an e cient, automated way to store metadata from the .csv le. Which combination of steps should be taken to meet these requirements with the LEAST amount of effort? (Choose three.)

  1. Filter the data through AWS X-Ray to visualize the data.
  2. Filter the data through Amazon QuickSight to visualize the data.
  3. Query the data with Amazon Athena.
  4. Query the data with Amazon Redshift.
  5. Use AWS Glue as the persistent metadata store.
  6. Use Amazon S3 as the persistent metadata store.

Answer(s): B,C,E



A DevOps Engineer has several legacy applications that all generate different log formats. The Engineer must standardize the formats before writing them to
Amazon S3 for querying and analysis.
How can this requirement be met at the LOWEST cost?

  1. Have the application send its logs to an Amazon EMR cluster and normalize the logs before sending them to Amazon S3
  2. Have the application send its logs to Amazon QuickSight, then use the Amazon QuickSight SPICE engine to normalize the logs. Do the analysis directly from Amazon QuickSight
  3. Keep the logs in Amazon S3 and use Amazon Redshift Spectrum to normalize the logs in place
  4. Use Amazon Kinesis Agent on each server to upload the logs and have Amazon Kinesis Data Firehose use an AWS Lambda function to normalize the logs before writing them to Amazon S3

Answer(s): D



A company needs to implement a robust CI/CD pipeline to automate the deployment of an application in AWS. The pipeline must support continuous integration, continuous delivery, and automatic rollback upon deployment failure. The entire CI/CD pipeline must be capable of being re-provisioned in alternate AWS accounts or Regions within minutes. A DevOps engineer has already created an AWS CodeCommit repository to store the source code.
Which combination of actions should be taken when building this pipeline to meet these requirements? (Choose three.)

  1. Con gure an AWS CodePipeline pipeline with a build stage using AWS CodeBuild.
  2. Copy the build artifact from CodeCommit to Amazon S3.
  3. Create an Auto Scaling group of Amazon EC2 instances behind an Application Load Balancer (ALB) and set the ALB as the deployment target in AWS CodePipeline.
  4. Create an AWS Elastic Beanstalk environment as the deployment target in AWS CodePipeline.
  5. Implement an Amazon SQS queue to decouple the pipeline components.
  6. Provision all resources using AWS CloudFormation.

Answer(s): A,D,F



A company is building a solution for storing les containing Personally Identi able Information (PII) on AWS.
Requirements state:
All data must be encrypted at rest and in transit.
All data must be replicated in at least two locations that are at least 500 miles (805 kilometers) apart.
Which solution meets these requirements?

  1. Create primary and secondary Amazon S3 buckets in two separate Availability Zones that are at least 500 miles (805 kilometers) apart. Use a bucket policy to enforce access to the buckets only through HTTPS. Use a bucket policy to enforce Amazon S3 SSE-C on all objects uploaded to the bucket. Con gure cross- region replication between the two buckets.
  2. Create primary and secondary Amazon S3 buckets in two separate AWS Regions that are at least 500 miles (805 kilometers) apart. Use a bucket policy to enforce access to the buckets only through HTTPS. Use a bucket policy to enforce S3-Managed Keys (SSE-S3) on all objects uploaded to the bucket. Con gure cross-region replication between the two buckets.
  3. Create primary and secondary Amazon S3 buckets in two separate AWS Regions that are at least 500 miles (805 kilometers) apart. Use an IAM role to enforce access to the buckets only through HTTPS. Use a bucket policy to enforce Amazon S3-Managed Keys (SSE-S3) on all objects uploaded to the bucket. Con gure cross-region replication between the two buckets.
  4. Create primary and secondary Amazon S3 buckets in two separate Availability Zones that are at least 500 miles (805 kilometers) apart. Use a bucket policy to enforce access to the buckets only through HTTPS. Use a bucket policy to enforce AWS KMS encryption on all objects uploaded to the bucket. Con gure cross-region replication between the two buckets. Create a KMS Customer Master Key (CMK) in the primary region for encrypting objects.

Answer(s): B



A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS accounts.
The buildspec.yml le contains the following:



The DevOps Engineer has noticed that anybody with an AWS account is able to download the artifacts.
What steps should the DevOps Engineer take to stop this?

  1. Modify the post_build to command to use "-acl public-read and con gure a bucket policy that grants read access to the relevant AWS accounts only.
  2. Con gure a default ACL for the S3 bucket that de nes the set of authenticated users as the relevant AWS accounts only and grants read- only access.
  3. Create an S3 bucket policy that grants read access to the relevant AWS accounts and denies read access to the principal *
  4. Modify the post_build command to remove "-acl authenticated-read and con gure a bucket policy that allows read access to the relevant AWS accounts only.

Answer(s): D



A DevOps engineer needs to grant several external contractors access to a legacy application that runs on an Amazon Linux Amazon EC2 instance. The application server is available only in a private subnet. The contractors are not authorized for VPN access. What should the DevOps engineer do to grant the contactors access to the application server?

  1. Create an IAM user and SSH keys for each contractor. Add the public SSH key to the application server's SSH authorized_keys le. Instruct the contractors to install the AWS CLI and AWS Systems Manager Session Manager plugin, update their AWS credentials les with their private keys, and use the aws ssm start-session command to gain access to the target application server instance ID.
  2. Ask each contractor to securely send their SSH public key. Add this public key to the application server's SSH authorized-keys le. Instruct the contractors to use their private key to connect to the application server through SSH.
  3. Ask each contractor to securely send their SSH public key. Use EC2 pairs to import their key. Update the application server's SSH authorized_keys le. Instruct the contractors to use their private key to connect to the application server through SSH.
  4. Create an IAM user for each contractor with programmatic access. Add each user to an IAM group that has a policy that allows the ssm:StartSession action. Instruct the contractors to install the AWS CLI and AWS Systems Manager Session Manager plugin, update their AWS credentials les with their access keys, and use the aws ssm start-session to gain access to the target application server instance I

Answer(s): D



A company hosts its staging website using an Amazon EC2 instance backed with Amazon EBS storage. The company wants to recover quickly with minimal data losses in the event of network connectivity issues or power failures on the EC2 instance.
Which solution will meet these requirements?

  1. Add the instance to an EC2 Auto Scaling group with the minimum, maximum, and desired capacity set to 1.
  2. Add the instance to an EC2 Auto Scaling group with a lifecycle hook to detach the EBS volume when the EC2 instance shuts down or terminates.
  3. Create an Amazon CloudWatch alarm for the StatusCheckFailed_System metric and select the EC2 action to recover the instance.
  4. Create an Amazon CloudWatch alarm for the StatusCheckFailed_Instance metric and select the EC2 action to reboot the instance.

Answer(s): C


Reference:

https://aws.amazon.com/ru/blogs/aws/ec2-instance-status-metrics/
https://docs.amazonaws.cn/en_us/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html



Viewing page 12 of 27

Share your comments for Amazon AWS DevOps Engineer Professional exam with other users:

D
Dave Gregen
9/4/2023 3:17:00 PM

please upload p_sapea_2023

SWEDEN
S
Sarah
6/13/2023 1:42:00 PM

anyone use this? the question dont seem to follow other formats and terminology i have been studying im getting worried

CANADA
S
Shuv
10/3/2023 8:19:00 AM

good questions

UNITED STATES
R
Reb974
8/5/2023 1:44:00 AM

hello are these questions valid for ms-102

CANADA
M
Mchal
7/20/2023 3:38:00 AM

some questions are wrongly answered but its good nonetheless

POLAND
S
Sonbir
8/8/2023 1:04:00 PM

how to get system serial number using intune

Anonymous
M
Manju
10/19/2023 1:19:00 PM

is it really helpful to pass the exam

Anonymous
L
LeAnne Hair
8/24/2023 12:47:00 PM

#229 in incorrect - all the customers require an annual review

UNITED STATES
A
Abdul SK
9/28/2023 11:42:00 PM

kindy upload

Anonymous
A
Aderonke
10/23/2023 12:53:00 PM

fantastic assessment on psm 1

UNITED KINGDOM
S
SAJI
7/20/2023 2:51:00 AM

56 question correct answer a,b

Anonymous
R
Raj Kumar
10/23/2023 8:52:00 PM

thank you for providing the q bank

CANADA
P
piyush keshari
7/7/2023 9:46:00 PM

true quesstions

Anonymous
B
B.A.J
11/6/2023 7:01:00 AM

i can´t believe ms asks things like this, seems to be only marketing material.

Anonymous
G
Guss
5/23/2023 12:28:00 PM

hi, could you please add the last update of ns0-527

Anonymous
R
Rond65
8/22/2023 4:39:00 PM

question #3 refers to vnet4 and vnet5. however, there is no vnet5 listed in the case study (testlet 2).

UNITED STATES
C
Cheers
12/13/2023 9:55:00 AM

sometimes it may be good some times it may be

GERMANY
S
Sumita Bose
7/21/2023 1:01:00 AM

qs 4 answer seems wrong- please check

AUSTRALIA
A
Amit
9/7/2023 12:53:00 AM

very detailed explanation !

HONG KONG
F
FisherGirl
5/16/2022 10:36:00 PM

the interactive nature of the test engine application makes the preparation process less boring.

NETHERLANDS
C
Chiranthaka
9/20/2023 11:15:00 AM

very useful.

Anonymous
S
SK
7/15/2023 3:51:00 AM

complete question dump should be made available for practice.

Anonymous
G
Gamerrr420
5/25/2022 9:38:00 PM

i just passed my first exam. i got 2 exam dumps as part of the 50% sale. my second exam is under work. once i write that exam i report my result. but so far i am confident.

AUSTRALIA
K
Kudu hgeur
9/21/2023 5:58:00 PM

nice create dewey stefen

CZECH REPUBLIC
A
Anorag
9/6/2023 9:24:00 AM

i just wrote this exam and it is still valid. the questions are exactly the same but there are about 4 or 5 questions that are answered incorrectly. so watch out for those. best of luck with your exam.

CANADA
N
Nathan
1/10/2023 3:54:00 PM

passed my exam today. this is a good start to 2023.

UNITED STATES
1
1
10/28/2023 7:32:00 AM

great sharing

Anonymous
A
Anand
1/20/2024 10:36:00 AM

very helpful

UNITED STATES
K
Kumar
6/23/2023 1:07:00 PM

thanks.. very helpful

FRANCE
U
User random
11/15/2023 3:01:00 AM

i registered for 1z0-1047-23 but dumps qre available for 1z0-1047-22. help me with this...

UNITED STATES
K
kk
1/17/2024 3:00:00 PM

very helpful

UNITED STATES
R
Raj
7/24/2023 10:20:00 AM

please upload oracle 1z0-1110-22 exam pdf

INDIA
B
Blessious Phiri
8/13/2023 11:58:00 AM

becoming interesting on the logical part of the cdbs and pdbs

Anonymous
L
LOL what a joke
9/10/2023 9:09:00 AM

some of the answers are incorrect, i would be wary of using this until an admin goes back and reviews all the answers

UNITED STATES
AI Tutor 👋 I’m here to help!