Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. DOP-C02

Amazon AWS Certified DevOps Engineer - Professional DOP-C02 DOP-C02 Exam Questions in PDF

Free Amazon DOP-C02 Dumps Questions (page: 11)

DOP-C02 PDF — 447 Questions

A company manages an application that stores logs in Amazon CloudWatch Logs. The company wants to archive the logs to an Amazon S3 bucket. Logs are rarely accessed after 90 days and must be retained for 10 years.

Which combination of steps should a DevOps engineer take to meet these requirements? (Choose two.)

  1. Configure a CloudWatch Logs subscription filter to use AWS Glue to transfer all logs to an S3 bucket.
  2. Configure a CloudWatch Logs subscription filter to use Amazon Kinesis Data Firehose to stream all logs to an S3 bucket.
  3. Configure a CloudWatch Logs subscription filter to stream all logs to an S3 bucket.
  4. Configure the S3 bucket lifecycle policy to transition logs to S3 Glacier after 90 days and to expire logs after 3,650 days.
  5. Configure the S3 bucket lifecycle policy to transition logs to Reduced Redundancy after 90 days and to expire logs after 3,650 days.

Answer(s): B,D



A company is developing a new application. The application uses AWS Lambda functions for its compute tier. The company must use a canary deployment for any changes to the Lambda functions. Automated rollback must occur if any failures are reported.

The company's DevOps team needs to create the infrastructure as code (IaC) and the CI/CD pipeline for this solution.

Which combination of steps will meet these requirements? (Choose three.)

  1. Create an AWS CloudFormation template for the application. Define each Lambda function in the template
    by using the AWS::Lambda::Function resource type. In the template, include a version for the Lambda function by using the AWS::Lambda::Version resource type. Declare the CodeSha256 property. Configure an AWS::Lambda::Alias resource that references the latest version of the Lambda function.
  2. Create an AWS Serverless Application Model (AWS SAM) template for the application. Define each Lambda function in the template by using the AWS::Serverless::Function resource type. For each function, include configurations for the AutoPublishAlias property and the DeploymentPreference property. Configure the deployment configuration type to LambdaCanary10Percent10Minutes.
  3. Create an AWS CodeCommit repository. Create an AWS CodePipeline pipeline. Use the CodeCommit repository in a new source stage that starts the pipeline. Create an AWS CodeBuild project to deploy the AWS Serverless Application Model (AWS SAM) template. Upload the template and source code to the CodeCommit repository. In the CodeCommit repository, create a buildspec.yml file that includes the commands to build and deploy the SAM application.
  4. Create an AWS CodeCommit repository. Create an AWS CodePipeline pipeline. Use the CodeCommit repository in a new source stage that starts the pipeline. Create an AWS CodeDeploy deployment group that is configured for canary deployments with a DeploymentPreference type of Canary10Percent10Minutes. Upload the AWS CloudFormation template and source code to the CodeCommit repository. In the CodeCommit repository, create an appspec.yml file that includes the commands to deploy the CloudFormation template.
  5. Create an Amazon CloudWatch composite alarm for all the Lambda functions. Configure an evaluation period and dimensions for Lambda. Configure the alarm to enter the ALARM state if any errors are detected or if there is insufficient data.
  6. Create an Amazon CloudWatch alarm for each Lambda function. Configure the alarms to enter the ALARM state if any errors are detected. Configure an evaluation period, dimensions for each Lambda function and version, and the namespace as AWS/Lambda on the Errors metric.

Answer(s): B,C,F



A DevOps engineer is deploying a new version of a company's application in an AWS CodeDeploy deployment group associated with its Amazon EC2 instances. After some time, the deployment fails. The engineer realizes that all the events associated with the specific deployment ID are in a Skipped status, and code was not deployed in the instances associated with the deployment group.

What are valid reasons for this failure? (Choose two.)

  1. The networking configuration does not allow the EC2 instances to reach the internet via a NAT gateway or internet gateway, and the CodeDeploy endpoint cannot be reached.
  2. The IAM user who triggered the application deployment does not have permission to interact with the CodeDeploy endpoint.
  3. The target EC2 instances were not properly registered with the CodeDeploy endpoint.
  4. An instance profile with proper permissions was not attached to the target EC2 instances.
  5. The appspec.yml file was not included in the application revision.

Answer(s): A,D



A company has a guideline that every Amazon EC2 instance must be launched from an AMI that the company's security team produces. Every month, the security team sends an email message with the latest approved AMIs to all the development teams.

The development teams use AWS CloudFormation to deploy their applications. When developers launch a new

service, they have to search their email for the latest AMIs that the security department sent. A DevOps engineer wants to automate the process that the security team uses to provide the AMI IDs to the development teams.

What is the MOST scalable solution that meets these requirements?

  1. Direct the security team to use CloudFormation to create new versions of the AMIs and to list the AMI ARNs in an encrypted Amazon S3 object as part of the stack's Outputs section. Instruct the developers to use a cross-stack reference to load the encrypted S3 object and obtain the most recent AMI ARNs.
  2. Direct the security team to use a CloudFormation stack to create an AWS CodePipeline pipeline that builds new AMIs and places the latest AMI ARNs in an encrypted Amazon S3 object as part of the pipeline output.
    Instruct the developers to use a cross-stack reference within their own CloudFormation template to obtain the S3 object location and the most recent AMI ARNs.
  3. Direct the security team to use Amazon EC2 Image Builder to create new AMIs and to place the AMI ARNs as parameters in AWS Systems Manager Parameter Store. Instruct the developers to specify a parameter of type SSM in their CloudFormation stack to obtain the most recent AMI ARNs from Parameter Store.
  4. Direct the security team to use Amazon EC2 Image Builder to create new AMIs and to create an Amazon Simple Notification Service (Amazon SNS) topic so that every development team can receive notifications.
    When the development teams receive a notification, instruct them to write an AWS Lambda function that will update their CloudFormation stack with the most recent AMI ARNs.

Answer(s): C



An application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). A DevOps engineer is using AWS CodeDeploy to release a new version. The deployment fails during the AllowTraffic lifecycle event, but a cause for the failure is not indicated in the deployment logs.

What would cause this?

  1. The appspec.yml file contains an invalid script that runs in the AllowTraffic lifecycle hook.
  2. The user who initiated the deployment does not have the necessary permissions to interact with the AL
  3. The health checks specified for the ALB target group are misconfigured.
  4. The CodeDeploy agent was not installed in the EC2 instances that are part of the ALB target group.

Answer(s): C



A company has 20 service teams. Each service team is responsible for its own microservice. Each service team uses a separate AWS account for its microservice and a VPC with the 192.168.0.0/22 CIDR block. The company manages the AWS accounts with AWS Organizations.

Each service team hosts its microservice on multiple Amazon EC2 instances behind an Application Load Balancer. The microservices communicate with each other across the public internet. The company's security team has issued a new guideline that all communication between microservices must use HTTPS over private network connections and cannot traverse the public internet.

A DevOps engineer must implement a solution that fulfills these obligations and minimizes the number of changes for each service team.

Which solution will meet these requirements?

  1. Create a new AWS account in AWS Organizations. Create a VPC in this account, and use AWS Resource Access Manager to share the private subnets of this VPC with the organization. Instruct the service teams to launch a new Network Load Balancer (NLB) and EC2 instances that use the shared private subnets. Use the NLB DNS names for communication between microservices.
  2. Create a Network Load Balancer (NLB) in each of the microservice VPCs. Use AWS PrivateLink to create VPC endpoints in each AWS account for the NLBs. Create subscriptions to each VPC endpoint in each of the other AWS accounts. Use the VPC endpoint DNS names for communication between microservices.
  3. Create a Network Load Balancer (NLB) in each of the microservice VPCs. Create VPC peering connections between each of the microservice VPCs. Update the route tables for each VPC to use the peering links.
    Use the NLB DNS names for communication between microservices.
  4. Create a new AWS account in AWS Organizations. Create a transit gateway in this account, and use AWS Resource Access Manager to share the transit gateway with the organization. In each of the microservice VPCs, create a transit gateway attachment to the shared transit gateway. Update the route tables of each VPC to use the transit gateway. Create a Network Load Balancer (NLB) in each of the microservice VPCs.
    Use the NLB DNS names for communication between microservices.

Answer(s): B



An Amazon EC2 instance is running in a VPC and needs to download an object from a restricted Amazon S3 bucket. When the DevOps engineer tries to download the object, an AccessDenied error is received.

What are the possible causes for this error? (Choose two.)

  1. The S3 bucket default encryption is enabled.
  2. There is an error in the S3 bucket policy.
  3. The object has been moved to S3 Glacier.
  4. There is an error in the IAM role configuration.
  5. S3 Versioning is enabled.

Answer(s): B,D



A company wants to use a grid system for a proprietary enterprise in-memory data store on top of AWS. This system can run in multiple server nodes in any Linux-based distribution. The system must be able to reconfigure the entire cluster every time a node is added or removed. When adding or removing nodes, an /etc/ cluster/nodes.config file must be updated, listing the IP addresses of the current node members of that cluster.

The company wants to automate the task of adding new nodes to a cluster.

What can a DevOps engineer do to meet these requirements?

  1. Use AWS OpsWorks Stacks to layer the server nodes of that cluster. Create a Chef recipe that populates the content of the /etc/cluster/nodes.config file and restarts the service by using the current members of the layer. Assign that recipe to the Configure lifecycle event.
  2. Put the file nodes.config in version control. Create an AWS CodeDeploy deployment configuration and deployment group based on an Amazon EC2 tag value for the cluster nodes. When adding a new node to the cluster, update the file with all tagged instances, and make a commit in version control. Deploy the new file and restart the services.
  3. Create an Amazon S3 bucket and upload a version of the /etc/cluster/nodes.config file. Create a crontab script that will poll for that S3 file and download it frequently. Use a process manager, such as Monit or
    systemd, to restart the cluster services when it detects that the new file was modified. When adding a node to the cluster, edit the file's most recent members. Upload the new file to the S3 bucket.
  4. Create a user data script that lists all members of the current security group of the cluster and automatically updates the /etc/cluster/nodes.config file whenever a new instance is added to the cluster.

Answer(s): A



Viewing page 11 of 57

Share your comments for Amazon DOP-C02 exam with other users:

S
Stephen
8/4/2023 9:08:00 PM

please upload cima e2 managing performance dumps

Anonymous
H
hp
6/16/2023 12:44:00 AM

wonderful questions

Anonymous
P
Priyo
11/14/2023 2:23:00 AM

i used this site since 2000, still great to support my career

INDONESIA
J
Jude
8/29/2023 1:56:00 PM

why is the answer to "which of the following is required by scrum?" all of the following stated below since most of them are not mandatory? sprint retrospective. members must be stand up at the daily scrum. sprint burndown chart. release planning.

UNITED STATES
M
Marc blue
9/15/2023 4:11:00 AM

great job. hope this helps out.

UNITED STATES
A
Anne
9/13/2023 2:33:00 AM

upload please. many thanks!

Anonymous
P
pepe el toro
9/12/2023 7:55:00 PM

this is so interesting

Anonymous
A
Antony
11/28/2023 12:13:00 AM

great material thanks

AUSTRALIA
T
Thembelani
5/30/2023 2:22:00 AM

anyone who wrote this exam recently

Anonymous
P
P
9/16/2023 1:27:00 AM

ok they re good

Anonymous
J
Jorn
7/13/2023 5:05:00 AM

relevant questions

UNITED KINGDOM
A
AM
6/20/2023 7:54:00 PM

please post

UNITED STATES
N
Nagendra Pedipina
7/13/2023 2:22:00 AM

q:42 there has to be a image in the question to choose what does it mean from the options

INDIA
B
BrainDumpee
11/18/2023 1:36:00 PM

looking for cphq dumps, where can i find these for free? please and thank you.

UNITED STATES
S
sheik
10/14/2023 11:37:00 AM

@aarun , thanks for the information. it would be great help if you share your email

Anonymous
R
Random user
12/11/2023 1:34:00 AM

1z0-1078-23 need this dumps

Anonymous
L
labuschanka
11/16/2023 6:06:00 PM

i gave the microsoft azure az-500 tests and prepared from this site as it has latest mock tests available which helped me evaluate my performance and score 919/1000

Anonymous
M
Marianne
10/22/2023 11:57:00 PM

i cannot see the button to go to the questions

Anonymous
S
sushant
6/28/2023 4:52:00 AM

good questions

EUROPEAN UNION
A
A\MAM
6/27/2023 5:17:00 PM

q-6 ans-b correct. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-cli-quick-start/use-the-cli/commit-configuration-changes

UNITED STATES
U
unanimous
12/15/2023 6:38:00 AM

very nice very nice

Anonymous
A
akminocha
9/28/2023 10:36:00 AM

please help us with 1z0-1107-2 dumps

INDIA
J
Jefi
9/4/2023 8:15:00 AM

please upload the practice questions

Anonymous
T
Thembelani
5/30/2023 2:45:00 AM

need this dumps

Anonymous
A
Abduraimov
4/19/2023 12:43:00 AM

preparing for this exam is overwhelming. you cannot pass without the help of these exam dumps.

UNITED KINGDOM
P
Puneeth
10/5/2023 2:06:00 AM

new to this site but i feel it is good

EUROPEAN UNION
A
Ashok Kumar
1/2/2024 6:53:00 AM

the correct answer to q8 is b. explanation since the mule app has a dependency, it is necessary to include project modules and dependencies to make sure the app will run successfully on the runtime on any other machine. source code of the component that the mule app is dependent of does not need to be included in the exported jar file, because the source code is not being used while executing an app. compiled code is being used instead.

Anonymous
M
Merry
7/30/2023 6:57:00 AM

good questions

Anonymous
V
VoiceofMidnight
12/17/2023 4:07:00 PM

Delayed the exam until December 29th.

UNITED STATES
U
Umar Ali
8/29/2023 2:59:00 PM

A and D are True

Anonymous
V
vel
8/28/2023 9:17:09 AM

good one with explanation

Anonymous
G
Gurdeep
1/18/2024 4:00:15 PM

This is one of the most useful study guides I have ever used.

CANADA
AI Tutor 👋 I’m here to help!