ExamGecko
Search Search Login
Home Home / Amazon / DOP-C01

Amazon DOP-C01 Practice Test - Questions Answers, Page 21

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of these is not an instrinsic function in AWS CloudFormation?
After a daily scrum with your development teams, you've agreed that using Blue/Green style deployments would benefit the team. Which technique should you use to deliver this new requirement?
An application has microservices spread across different AWS accounts and is integrated with an on-premises legacy system for some of its functionality. Because of the segmented architecture and missing logs, every time the application experiences issues, it is taking too long to gather the logs to identify the issues. A DevOps Engineer must fix the log aggregation process and provide a way to centrally analyze the logs. Which is the MOST efficient and cost-effective solution?
For AWS Auto Scaling, what is the first transition state an existing instance enters after leaving steady state in Standby mode?
A DevOps Engineer must create a Linux AMI in an automated fashion. The newly created AMI identification must be stored in a location where other build pipelines can access the new identification programmatically What is the MOST cost-effective way to do this?
A company hosts parts of a Python-based application using AWS Elastic Beanstalk. An Elastic Beanstalk CLI is being used to create and update the environments. The Operations team detected an increase in requests in one of the Elastic Beanstalk environments that caused downtime overnight. The team noted that the policy used for AWS Auto Scaling is NetworkOut. Based on load testing metrics, the team determined that the application needs to scale CPU utilization to improve the resilience of the environments. The team wants to implement this across all environments automatically. Following AWS recommendations, how should this automation be implemented?
If you want CloudFormation stack status updates to show up in a continuous delivery system in as close to real time as possible, how should you achieve this?
A company updated the AWS CloudFormation template for a critical business application. The stack update process failed due to an error in the updated template, and AWS CloudFormation automatically began the stack rollback process. Later, a DevOps engineer discovered that the application was still unavailable and that the stack was in the UPDATE_ROLLBACK_FAILED state. Which combination of actions should the DevOps engineer perform so that the stack rollback can complete successfully? (Choose two.)
You have an application running on an Amazon EC2 instance and you are using IAM roles to securely access AWS Service APIs. How can you configure your application running on that instance to retrieve the API keys for use with the AWS SDKs?
A user has attached an EBS volume to a running Linux instance as a "/dev/sdf" device. The user is unable to see the attached device when he runs the command "df -h". What is the possible reason for this?

Question 201

Report
Export
Collapse

You are experiencing performance issues writing to a DynamoDB table. Your system tracks high scores for video games on a marketplace. Your most popular game experiences all of the performance issues. What is the most likely problem?

A.
DynamoDB's vector clock is out of sync, because of the rapid growth in request for the most popular game.
A.
DynamoDB's vector clock is out of sync, because of the rapid growth in request for the most popular game.
Answers
B.
You selected the Game ID or equivalent identifier as the primary partition key for the table.
B.
You selected the Game ID or equivalent identifier as the primary partition key for the table.
Answers
C.
Users of the most popular video game each perform more read and write requests than average.
C.
Users of the most popular video game each perform more read and write requests than average.
Answers
D.
You did not provision enough read or write throughput to the table.
D.
You did not provision enough read or write throughput to the table.
Answers
Suggested answer: B

Explanation:

The primary key selection dramatically affects performance consistency when reading or writing to DynamoDB. By selecting a key that is tied to the identity of the game, you forced DynamoDB to create a hotspot in the table partitions, and overrequest against the primary key partition for the popular game. When it stores data, DynamoDB divides a table's items into multiple partitions, and distributes the data primarily based upon the partition key value. The provisioned throughput associated with a table is also divided evenly among the partitions, with no sharing of provisioned throughput across partitions.

Question 202

Report
Export
Collapse

You are running a Docker daemon on a Linux host and it becomes unresponsive. Which signal, when sent to a Docker process with the kill command, forces the full stack trace to be logged for debugging purposes?

A.
–TRACE
A.
–TRACE
Answers
B.
–IOTRACE
B.
–IOTRACE
Answers
C.
-SIGUSER1
C.
-SIGUSER1
Answers
D.
–KILLTRACE
D.
–KILLTRACE
Answers
Suggested answer: C

Explanation:

If the daemon is unresponsive, you can force a full stack trace to be logged by sending a SIGUSR1 signal to the daemon. Linux:

$ sudo kill -SIGUSR1 $(pidof dockerd) Windows Server:

Download docker-signal.

Run the executable with the flag --pid=.

Reference:

https://docs.docker.com/engine/admin/#force-a-stack-trace-to-be-logged

Question 203

Report
Export
Collapse

To access the AWS Security Token Service (STS) you can issue calls directly to the AWS STS Query API. This API is a web service interface that accepts ______ requests.

A.
PUT
A.
PUT
Answers
B.
HTTPS
B.
HTTPS
Answers
C.
POST
C.
POST
Answers
D.
GET
D.
GET
Answers
Suggested answer: B

Explanation:

The Query API for IAM and AWS STS lets you call service actions. Query API requests are HTTPS requests that mustcontain an Action parameter to indicate the action to be performed. IAM and AWS STS support GET and POST requests forall actions, that is, the API does not require you to use GET for some actions and POST for others.

Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html

Question 204

Report
Export
Collapse

A new zero-day vulnerability was found in OpenSSL requiring the immediate patching of a production web fleet running on Amazon Linux. Currently, OS updates are performed manually on a monthly basis and deployed using updates to the production Auto Scaling Group’s launch configuration.

Which method should a DevOps Engineer use to update packages in-place without downtime?

A.
Use AWS CodePipline and AWS CodeBuild to generate new copies of these packages, and update the Auto Scaling group’s launch configuration.
A.
Use AWS CodePipline and AWS CodeBuild to generate new copies of these packages, and update the Auto Scaling group’s launch configuration.
Answers
B.
Use AWS Inspector to run “yum upgrade” on all running production instances, and manually update the AMI for the next maintenance window.
B.
Use AWS Inspector to run “yum upgrade” on all running production instances, and manually update the AMI for the next maintenance window.
Answers
C.
Use Amazon EC2 Run Command to issue a package update command to all running production instances, and update the AMI for future deployments.
C.
Use Amazon EC2 Run Command to issue a package update command to all running production instances, and update the AMI for future deployments.
Answers
D.
Define a new AWS OpsWorks layer to match the running production instances, and use a recipe to issue a package update command to all running production instances.
D.
Define a new AWS OpsWorks layer to match the running production instances, and use a recipe to issue a package update command to all running production instances.
Answers
Suggested answer: C

Question 205

Report
Export
Collapse

You have a playbook that includes a task to install a package for a service, put a configuration file for that package on the system and restart the service. The playbook is then run twice in a row. What would you expect Ansible to do on the second run?

A.
Remove the old package and config file and reinstall and then restart the service.
A.
Remove the old package and config file and reinstall and then restart the service.
Answers
B.
Take no action on the target host.
B.
Take no action on the target host.
Answers
C.
Check if the package is installed, check if the file matches the source file, if not reinstall it; restart the service.
C.
Check if the package is installed, check if the file matches the source file, if not reinstall it; restart the service.
Answers
D.
Attempt to reinstall the package, copy the file and restart the service.
D.
Attempt to reinstall the package, copy the file and restart the service.
Answers
Suggested answer: C

Explanation:

Ansible follows an idempotence model and will not touch or change the system unless a change is warranted.

Reference: http://docs.ansible.com/ansible/glossary.html

Question 206

Report
Export
Collapse

Fill the blanks: __________ helps us track AWS API calls and transitions, _________ helps to understand what resources we have now, and ________ allows auditing credentials and logins.

A.
AWS Config, CloudTrail, IAM Credential Reports
A.
AWS Config, CloudTrail, IAM Credential Reports
Answers
B.
CloudTrail, IAM Credential Reports, AWS Config
B.
CloudTrail, IAM Credential Reports, AWS Config
Answers
C.
CloudTrail, AWS Config, IAM Credential Reports
C.
CloudTrail, AWS Config, IAM Credential Reports
Answers
D.
AWS Config, IAM Credential Reports, CloudTrail
D.
AWS Config, IAM Credential Reports, CloudTrail
Answers
Suggested answer: C

Explanation:

You can use AWS CloudTrail to get a history of AWS API calls and related events for your account. This includes calls made by using the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services.

Reference: http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html

Question 207

Report
Export
Collapse

A DevOps engineer is tasked with creating a more stable deployment solution for a web application in AWS. Previous deployments have resulted in user-facing bugs, premature user traffic, and inconsistencies between web servers running behind an Application Load Balancer. The current strategy uses AWS CodeCommit to store the code for the application. When developers push to the master branch of the repository, CodeCommit triggers an AWS Lambda deploy function, which invokes an AWS Systems Manager run command to build and deploy the new code to all Amazon EC2 instances. Which combination of actions should be taken to implement a more stable deployment solution? (Choose two.)

A.
Create a pipeline in AWS CodePipeline with CodeCommit as a source provider. Create parallel pipeline stages to build and test the application. Pass the build artifact to AWS CodeDeploy.
A.
Create a pipeline in AWS CodePipeline with CodeCommit as a source provider. Create parallel pipeline stages to build and test the application. Pass the build artifact to AWS CodeDeploy.
Answers
B.
Create a pipeline in AWS CodePipeline with CodeCommit as a source provider. Create separate pipeline stages to build and then test the application. Pass the build artifact to AWS CodeDeploy.
B.
Create a pipeline in AWS CodePipeline with CodeCommit as a source provider. Create separate pipeline stages to build and then test the application. Pass the build artifact to AWS CodeDeploy.
Answers
C.
Create and use an AWS CodeDeploy application and deployment group to deploy code updates to the EC2 fleet. Select the Application Load Balancer for the deployment group.
C.
Create and use an AWS CodeDeploy application and deployment group to deploy code updates to the EC2 fleet. Select the Application Load Balancer for the deployment group.
Answers
D.
Create individual Lambda functions to run all build, test, and deploy actions using AWS CodeDeploy instead of AWS Systems Manager.
D.
Create individual Lambda functions to run all build, test, and deploy actions using AWS CodeDeploy instead of AWS Systems Manager.
Answers
E.
Modify the Lambda function to build a single application package to be shared by all instances. Use AWS CodeDeploy instead of AWS Systems Manager to update the code on the EC2 fleet.
E.
Modify the Lambda function to build a single application package to be shared by all instances. Use AWS CodeDeploy instead of AWS Systems Manager to update the code on the EC2 fleet.
Answers
Suggested answer: A, D

Question 208

Report
Export
Collapse

For AWS Auto Scaling, what is the first transition state an instance enters after leaving steady state when scaling in due to health check failure or decreased load?

A.
Terminating
A.
Terminating
Answers
B.
Detaching
B.
Detaching
Answers
C.
Terminating:Wait
C.
Terminating:Wait
Answers
D.
EnteringStandby
D.
EnteringStandby
Answers
Suggested answer: A

Explanation:

When Auto Scaling responds to a scale in event, it terminates one or more instances. These instances are detached from the Auto Scaling group and enter the Terminating state.

Reference: http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/AutoScalingGroupLifecycle.html

Question 209

Report
Export
Collapse

A company is deploying a container-based application using AWS CodeBuild. The Security team mandates that all containers are scanned for vulnerabilities prior to deployment using a password-protected endpoint. All sensitive information must be stored securely.

Which solution should be used to meet these requirements?

A.
Encrypt the password using AWS KMS. Store the encrypted password in the buildspec.yml file as an environment variable under the variables mapping. Reference the environment variable to initiate scanning.
A.
Encrypt the password using AWS KMS. Store the encrypted password in the buildspec.yml file as an environment variable under the variables mapping. Reference the environment variable to initiate scanning.
Answers
B.
Import the password into an AWS CloudHSM key. Reference the CloudHSM key in the buildpec.yml file as an environment variable under the variables mapping. Reference the environment variable to initiate scanning.
B.
Import the password into an AWS CloudHSM key. Reference the CloudHSM key in the buildpec.yml file as an environment variable under the variables mapping. Reference the environment variable to initiate scanning.
Answers
C.
Store the password in the AWS Systems Manager Parameter Store as a secure string. Add the Parameter Store key to the buildspec.yml file as an environment variable under the parameter-store mapping. Reference the environment variable to initiate scanning.
C.
Store the password in the AWS Systems Manager Parameter Store as a secure string. Add the Parameter Store key to the buildspec.yml file as an environment variable under the parameter-store mapping. Reference the environment variable to initiate scanning.
Answers
D.
Use the AWS Encryption SDK to encrypt the password and embed in the buildspec.yml file as a variable under the secrets mapping. Attach a policy to CodeBuild to enable access to the required decryption key.
D.
Use the AWS Encryption SDK to encrypt the password and embed in the buildspec.yml file as a variable under the secrets mapping. Attach a policy to CodeBuild to enable access to the required decryption key.
Answers
Suggested answer: C

Question 210

Report
Export
Collapse

What is the scope of an EC2 security group?

A.
Availability Zone
A.
Availability Zone
Answers
B.
Placement Group
B.
Placement Group
Answers
C.
Region
C.
Region
Answers
D.
VPC
D.
VPC
Answers
Suggested answer: C

Explanation:

A security group is tied to a region and can be assigned only to instances in the same region. You can’t enable an instance.

Total 557 questions
Go to page: of 56
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms