Amazon DOP-C01 Practice Test - Questions Answers, Page 20
List of questions
Question 191
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A DevOps Engineer has a single Amazon DynamoDB table that receives shipping orders and tracks inventory. The Engineer has three AWS Lambda functions reading from a DymamoDB stream on that table. The Lambda functions perform various functions such as doing an item count, moving items to Amazon Kinesis Data Firehose, monitoring inventory levels, and creating vendor orders when parts are low. While reviewing logs, the Engineer notices the Lambda functions occasionally fail under increased load, receiving a stream throttling error. Which is the MOST cost-effective solution that requires the LEAST amount of operational management?
Question 192
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
In which Docker Swarm model does the swarm manager distribute a specific number of replica tasks among the nodes based upon the scale you set in the desired state?
Explanation:
A service is the definition of the tasks to execute on the worker nodes. It is the central structure of the swarm system and the primary root of user interaction with the swarm. When you create a service, you specify which container image to use and which commands to execute inside running containers. In the replicated services model, the swarm manager distributes a specific number of replica tasks among the nodes based upon the scale you set in the desired state. For global services, the swarm runs one task for the service on every available node in the cluster. A task carries a Docker container and the commands to run inside the container. It is the atomic scheduling unit of swarm. Manager nodes assign tasks to worker nodes according to the number of replicas set in the service scale. Once a task is assigned to a node, it cannot move to another node. It can only run on the assigned node or fail.
Reference: https://docs.docker.com/engine/swarm/key-concepts/#services-and-tasks
Question 193
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You need to scale an RDS deployment. You are operating at 10% writes and 90% reads, based on your logging. How best can you scale this in a simple way?
Explanation:
The high-availability feature is not a scaling solution for read-only scenarios; you cannot use a standby replica to serve read traffic. To service read-only traffic, you should use a Read Replica. For more information, see Working with PostgreSQL, MySQL, and MariaDB Read Replicas.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html
Question 194
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A web application for healthcare services runs on Amazon EC2 instances behind an ELB Application Load Balancer. The instances run in an Amazon EC2 Auto Scaling group across multiple Availability Zones. A DevOps Engineer must create a mechanism in which an EC2 instance can be taken out of production so its system logs can be analyzed for issues to quickly troubleshoot problems on the web tier. How can the Engineer accomplish this task while ensuring availability and minimizing downtime?
Question 195
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A healthcare provider has a hybrid architecture that includes 120 on-premises VMware servers running RedHat and 50 Amazon EC2 instances running Amazon Linux. The company is in the middle of an all-in migration to AWS and wants to implement a solution for collecting information from the on-premises virtual machines and the EC2 instances for data analysis. The information includes:
- Operating system type and version
- Data for installed applications
- Network configuration information, such as MAC and IP addresses
- Amazon EC2 instance AMI ID and IAM profile
How can these requirements be met with the LEAST amount of administration?
Question 196
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Which is the proper syntax for referencing a variable's value in an Ansible task?
Explanation:
We use the variable's name to reference the variable which we encapsulate in curly brackets `{{ }}'; however, the YAML syntax dictates that a string beginning with a curly bracket denotes a dictionary value. To get around this, it is proper to wrap the variable declaration in quotes.
Reference: http://docs.ansible.com/ansible/playbooks_variables.html#hey-wait-a-yaml-gotcha
Question 197
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
The operations team and the development team want a single place to view both operating system and application logs. How should you implement this using AWS services? (Choose two.)
Question 198
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
What is the expected behavior if Ansible is called with ‘ansible-playbook -i localhost playbook.yml’?
Explanation:
Ansible expects an inventory filename with the ‘-i’ option, regardless if it is a valid hostname. For this to execute on the host `localhost' resolves to, a comma needs to be appended to the end.
Reference: http://docs.ansible.com/ansible/intro_inventory.html#inventory
Question 199
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
After presenting a working proof of concept for a new application that uses AWS API Gateway, a Developer must set up a team development environment for the project. Due to a tight timeline, the Developer wants to minimize time spent on infrastructure setup, and would like to reuse the code repository created for the proof of concept. Currently, all source code is stored in AWS CodeCommit. Company policy mandates having alpha, beta, and production stages with separate Jenkins servers to build code and run tests for every stage. The Development Manager must have the ability to block code propagation between admins at any time. The Security team wants to make sure that users will not be able to modify the environment without permission. How can this be accomplished?
Question 200
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A root account has created an IAM group and defined the policy as:
What will this policy do?
Explanation:
This IAM policy grants access to the ChangePassword action, which lets the users use the console, the CLI, or the API to change their passwords. The Resource element uses a policy variable (aws:username), which is useful in policies that are attached to groups. The aws:username key resolves to the name of the current IAM user when a request is made, so that each user is allowed permission to change only his or her own password . This policy will allow all the users of this group to modify the passwords of all the IAM users.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
Question