Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. DOP-C02

Amazon AWS Certified DevOps Engineer - Professional DOP-C02 DOP-C02 Exam Questions in PDF

Free Amazon DOP-C02 Dumps Questions (page: 10)

DOP-C02 PDF — 447 Questions

A company has an application that runs on Amazon EC2 instances that are in an Auto Scaling group. When the application starts up, the application needs to process data from an Amazon S3 bucket before the application can start to serve requests.

The size of the data that is stored in the S3 bucket is growing. When the Auto Scaling group adds new instances, the application now takes several minutes to download and process the data before the application can serve requests. The company must reduce the time that elapses before new EC2 instances are ready to serve requests.

Which solution is the MOST cost-effective way to reduce the application startup time?

  1. Configure a warm pool for the Auto Scaling group with warmed EC2 instances in the Stopped state.
    Configure an autoscaling:EC2_INSTANCE_LAUNCHING lifecycle hook on the Auto Scaling group. Modify the application to complete the lifecycle hook when the application is ready to serve requests.
  2. Increase the maximum instance count of the Auto Scaling group. Configure an autoscaling:EC2_INSTANCE_LAUNCHING lifecycle hook on the Auto Scaling group. Modify the application to complete the lifecycle hook when the application is ready to serve requests.
  3. Configure a warm pool for the Auto Scaling group with warmed EC2 instances in the Running state.
    Configure an autoscaling:EC2_INSTANCE_LAUNCHING lifecycle hook on the Auto Scaling group. Modify the application to complete the lifecycle hook when the application is ready to serve requests.
  4. Increase the maximum instance count of the Auto Scaling group. Configure an autoscaling:EC2_INSTANCE_LAUNCHING lifecycle hook on the Auto Scaling group. Modify the application to complete the lifecycle hook and to place the new instance in the Standby state when the application is ready to serve requests.

Answer(s): A



A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS accounts.

The buildspec.yml file contains the following:



The DevOps engineer has noticed that anybody with an AWS account is able to download the artifacts.

What steps should the DevOps engineer take to stop this?

  1. Modify the post_build command to use --acl public-read and configure a bucket policy that grants read access to the relevant AWS accounts only.
  2. Configure a default ACL for the S3 bucket that defines the set of authenticated users as the relevant AWS accounts only and grants read-only access.
  3. Create an S3 bucket policy that grants read access to the relevant AWS accounts and denies read access to the principal "*".
  4. Modify the post_build command to remove --acl authenticated-read and configure a bucket policy that allows read access to the relevant AWS accounts only.

Answer(s): D



A company has developed a serverless web application that is hosted on AWS. The application consists of Amazon S3. Amazon API Gateway, several AWS Lambda functions, and an Amazon RDS for MySQL database. The company is using AWS CodeCommit to store the source code. The source code is a combination of AWS Serverless Application Model (AWS SAM) templates and Python code.

A security audit and penetration test reveal that user names and passwords for authentication to the database are hardcoded within CodeCommit repositories. A DevOps engineer must implement a solution to automatically detect and prevent hardcoded secrets.

What is the MOST secure solution that meets these requirements?

  1. Enable Amazon CodeGuru Profiler. Decorate the handler function with @with_lambda_profiler(). Manually review the recommendation report. Write the secret to AWS Systems Manager Parameter Store as a secure string. Update the SAM templates and the Python code to pull the secret from Parameter Store.
  2. Associate the CodeCommit repository with Amazon CodeGuru Reviewer. Manually check the code review for any recommendations. Choose the option to protect the secret. Update the SAM templates and the Python code to pull the secret from AWS Secrets Manager.
  3. Enable Amazon CodeGuru Profiler. Decorate the handler function with @with_lambda_profiler(). Manually review the recommendation report. Choose the option to protect the secret. Update the SAM templates and the Python code to pull the secret from AWS Secrets Manager.
  4. Associate the CodeCommit repository with Amazon CodeGuru Reviewer. Manually check the code review for any recommendations. Write the secret to AWS Systems Manager Parameter Store as a string. Update the SAM templates and the Python code to pull the secret from Parameter Store.

Answer(s): B



A company is using Amazon S3 buckets to store important documents. The company discovers that some S3 buckets are not encrypted. Currently, the company's IAM users can create new S3 buckets without encryption. The company is implementing a new requirement that all S3 buckets must be encrypted.

A DevOps engineer must implement a solution to ensure that server-side encryption is enabled on all existing S3 buckets and all new S3 buckets. The encryption must be enabled on new S3 buckets as soon as the S3 buckets are created. The default encryption type must be 256-bit Advanced Encryption Standard (AES-256).

Which solution will meet these requirements?

  1. Create an AWS Lambda function that is invoked periodically by an Amazon EventBridge scheduled rule.
    Program the Lambda function to scan all current S3 buckets for encryption status and to set AES-256 as the default encryption for any S3 bucket that does not have an encryption configuration.
  2. Set up and activate the s3-bucket-server-side-encryption-enabled AWS Config managed rule. Configure the rule to use the AWS-EnableS3BucketEncryption AWS Systems Manager Automation runbook as the remediation action. Manually run the re-evaluation process to ensure that existing S3 buckets are compliant.
  3. Create an AWS Lambda function that is invoked by an Amazon EventBridge event rule. Define the rule with an event pattern that matches the creation of new S3 buckets. Program the Lambda function to parse the EventBridge event, check the configuration of the S3 buckets from the event, and set AES-256 as the default encryption.
  4. Configure an IAM policy that denies the s3:CreateBucket action if the s3:x-amz-server-side-encryption condition key has a value that is not AES-256. Create an IAM group for all the company's IAM users.
    Associate the IAM policy with the IAM group.

Answer(s): D



A DevOps engineer is architecting a continuous development strategy for a company's software as a service (SaaS) web application running on AWS. For application and security reasons, users subscribing to this application are distributed across multiple Application Load Balancers (ALBs), each of which has a dedicated Auto Scaling group and fleet of Amazon EC2 instances. The application does not require a build stage, and when it is committed to AWS CodeCommit, the application must trigger a simultaneous deployment to all ALBs, Auto Scaling groups, and EC2 fleets.

Which architecture will meet these requirements with the LEAST amount of configuration?

  1. Create a single AWS CodePipeline pipeline that deploys the application in parallel using unique AWS CodeDeploy applications and deployment groups created for each ALB-Auto Scaling group pair.
  2. Create a single AWS CodePipeline pipeline that deploys the application using a single AWS CodeDeploy application and single deployment group.
  3. Create a single AWS CodePipeline pipeline that deploys the application in parallel using a single AWS CodeDeploy application and unique deployment group for each ALB-Auto Scaling group pair.
  4. Create an AWS CodePipeline pipeline for each ALB-Auto Scaling group pair that deploys the application using an AWS CodeDeploy application and deployment group created for the same ALB-Auto Scaling group pair.

Answer(s): C



A company is hosting a static website from an Amazon S3 bucket. The website is available to customers at example.com. The company uses an Amazon Route 53 weighted routing policy with a TTL of 1 day. The company has decided to replace the existing static website with a dynamic web application. The dynamic web application uses an Application Load Balancer (ALB) in front of a fleet of Amazon EC2 instances.

On the day of production launch to customers, the company creates an additional Route 53 weighted DNS record entry that points to the ALB with a weight of 255 and a TTL of 1 hour. Two days later, a DevOps engineer notices that the previous static website is displayed sometimes when customers navigate to example.com.

How can the DevOps engineer ensure that the company serves only dynamic content for example.com?

  1. Delete all objects, including previous versions, from the S3 bucket that contains the static website content.
  2. Update the weighted DNS record entry that points to the S3 bucket. Apply a weight of 0. Specify the domain reset option to propagate changes immediately.
  3. Configure webpage redirect requests on the S3 bucket with a hostname that redirects to the ALB.
  4. Remove the weighted DNS record entry that points to the S3 bucket from the example.com hosted zone.
    Wait for DNS propagation to become complete.

Answer(s): D



A company is implementing AWS CodePipeline to automate its testing process. The company wants to be notified when the execution state fails and used the following custom event pattern in Amazon EventBridge:



Which type of events will match this event pattern?

  1. Failed deploy and build actions across all the pipelines
  2. All rejected or failed approval actions across all the pipelines
  3. All the events across all pipelines
  4. Approval actions across all the pipelines

Answer(s): B



An application running on a set of Amazon EC2 instances in an Auto Scaling group requires a configuration file to operate. The instances are created and maintained with AWS CloudFormation. A DevOps engineer wants

the instances to have the latest configuration file when launched, and wants changes to the configuration file to be reflected on all the instances with a minimal delay when the CloudFormation template is updated. Company policy requires that application configuration files be maintained along with AWS infrastructure configuration files in source control.

Which solution will accomplish this?

  1. In the CloudFormation template, add an AWS Config rule. Place the configuration file content in the rule's InputParameters property, and set the Scope property to the EC2 Auto Scaling group. Add an AWS Systems Manager Resource Data Sync resource to the template to poll for updates to the configuration.
  2. In the CloudFormation template, add an EC2 launch template resource. Place the configuration file content in the launch template. Configure the cfn-init script to run when the instance is launched, and configure the cfn-hup script to poll for updates to the configuration.
  3. In the CloudFormation template, add an EC2 launch template resource. Place the configuration file content in the launch template. Add an AWS Systems Manager Resource Data Sync resource to the template to poll for updates to the configuration.
  4. In the CloudFormation template, add CloudFormation init metadata. Place the configuration file content in the metadata. Configure the cfn-init script to run when the instance is launched, and configure the cfn-hup script to poll for updates to the configuration.

Answer(s): D



Viewing page 10 of 57

Share your comments for Amazon DOP-C02 exam with other users:

F
francesco
10/30/2023 11:08:00 AM

helpful on 2017 scrum guide

EUROPEAN UNION
A
Amitabha Roy
10/5/2023 3:16:00 AM

planning to attempt for the exam.

Anonymous
P
Prem Yadav
7/29/2023 6:20:00 AM

pleaseee upload

INDIA
A
Ahmed Hashi
7/6/2023 5:40:00 PM

thanks ly so i have information cia

EUROPEAN UNION
M
mansi
5/31/2023 7:58:00 AM

hello team, i need sap qm dumps for practice

INDIA
J
Jamil aljamil
12/4/2023 4:47:00 AM

it’s good but not senatios based

UNITED KINGDOM
C
Cath
10/10/2023 10:19:00 AM

q.119 - the correct answer is b - they are not captured in an update set as theyre data.

VIET NAM
P
P
1/6/2024 11:22:00 AM

good matter

Anonymous
S
surya
7/30/2023 2:02:00 PM

please upload c_sacp_2308

CANADA
S
Sasuke
7/11/2023 10:30:00 PM

please upload the dump. thanks very much !!

Anonymous
V
V
7/4/2023 8:57:00 AM

good questions

UNITED STATES
T
TTB
8/22/2023 5:30:00 AM

hi, could you please update the latest dump version

Anonymous
T
T
7/28/2023 9:06:00 PM

this question is keep repeat : you are developing a sales application that will contain several azure cloud services and handle different components of a transaction. different cloud services will process customer orders, billing, payment, inventory, and shipping. you need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using xml messages. what should you include in the recommendation?

NEW ZEALAND
G
Gurgaon
9/28/2023 4:35:00 AM

great questions

UNITED STATES
W
wasif
10/11/2023 2:22:00 AM

its realy good

UNITED ARAB EMIRATES
S
Shubhra Rathi
8/26/2023 1:12:00 PM

oracle 1z0-1059-22 dumps

Anonymous
L
Leo
7/29/2023 8:48:00 AM

please share me the pdf..

INDIA
A
AbedRabbou Alaqabna
12/18/2023 3:10:00 AM

q50: which two functions can be used by an end user when pivoting an interactive report? the correct answer is a, c because we do not have rank in the function pivoting you can check in the apex app

GREECE
R
Rohan Limaye
12/30/2023 8:52:00 AM

best to practice

Anonymous
A
Aparajeeta
10/13/2023 2:42:00 PM

so far it is good

Anonymous
V
Vgf
7/20/2023 3:59:00 PM

please provide me the dump

Anonymous
D
Deno
10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.

Anonymous
C
CiscoStudent
11/15/2023 5:29:00 AM

in question 272 the right answer states that an autonomous acces point is "configured and managed by the wlc" but this is not what i have learned in my ccna course. is this a mistake? i understand that lightweight aps are managed by wlc while autonomous work as standalones on the wlan.

Anonymous
P
pankaj
9/28/2023 4:36:00 AM

it was helpful

Anonymous
U
User123
10/8/2023 9:59:00 AM

good question

UNITED STATES
V
vinay
9/4/2023 10:23:00 AM

really nice

Anonymous
U
Usman
8/28/2023 10:07:00 AM

please i need dumps for isc2 cybersecuity

Anonymous
Q
Q44
7/30/2023 11:50:00 AM

ans is coldline i think

UNITED STATES
A
Anuj
12/21/2023 1:30:00 PM

very helpful

Anonymous
G
Giri
9/13/2023 10:31:00 PM

can you please provide dumps so that it helps me more

UNITED STATES
A
Aaron
2/8/2023 12:10:00 AM

thank you for providing me with the updated question and answers. this version has all the questions from the exam. i just saw them in my exam this morning. i passed my exam today.

SOUTH AFRICA
S
Sarwar
12/21/2023 4:54:00 PM

how i can see exam questions?

CANADA
C
Chengchaone
9/11/2023 10:22:00 AM

can you please upload please?

Anonymous
M
Mouli
9/2/2023 7:02:00 AM

question 75: option c is correct answer

Anonymous
AI Tutor 👋 I’m here to help!