ExamGecko
Search Search Login
Home Home / Amazon / DOP-C01

Amazon DOP-C01 Practice Test - Questions Answers, Page 5

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of these is not an instrinsic function in AWS CloudFormation?
After a daily scrum with your development teams, you've agreed that using Blue/Green style deployments would benefit the team. Which technique should you use to deliver this new requirement?
An application has microservices spread across different AWS accounts and is integrated with an on-premises legacy system for some of its functionality. Because of the segmented architecture and missing logs, every time the application experiences issues, it is taking too long to gather the logs to identify the issues. A DevOps Engineer must fix the log aggregation process and provide a way to centrally analyze the logs. Which is the MOST efficient and cost-effective solution?
A company hosts parts of a Python-based application using AWS Elastic Beanstalk. An Elastic Beanstalk CLI is being used to create and update the environments. The Operations team detected an increase in requests in one of the Elastic Beanstalk environments that caused downtime overnight. The team noted that the policy used for AWS Auto Scaling is NetworkOut. Based on load testing metrics, the team determined that the application needs to scale CPU utilization to improve the resilience of the environments. The team wants to implement this across all environments automatically. Following AWS recommendations, how should this automation be implemented?
A DevOps Engineer must create a Linux AMI in an automated fashion. The newly created AMI identification must be stored in a location where other build pipelines can access the new identification programmatically What is the MOST cost-effective way to do this?
If you want CloudFormation stack status updates to show up in a continuous delivery system in as close to real time as possible, how should you achieve this?
A company updated the AWS CloudFormation template for a critical business application. The stack update process failed due to an error in the updated template, and AWS CloudFormation automatically began the stack rollback process. Later, a DevOps engineer discovered that the application was still unavailable and that the stack was in the UPDATE_ROLLBACK_FAILED state. Which combination of actions should the DevOps engineer perform so that the stack rollback can complete successfully? (Choose two.)
For AWS Auto Scaling, what is the first transition state an existing instance enters after leaving steady state in Standby mode?
You have an application running on an Amazon EC2 instance and you are using IAM roles to securely access AWS Service APIs. How can you configure your application running on that instance to retrieve the API keys for use with the AWS SDKs?
You were just hired as a DevOps Engineer for a startup. Your startup uses AWS for 100% of their infrastructure. They currently have no automation at all for deployment, and they have had many failures while trying to deploy to production. The company has told you deployment process risk mitigation is the most important thing now, and you have a lot of budget for tools and AWS resources. Their stack: The scaling group properly varies between 4 and 12 EC2 servers. Which of the following approaches, given this company's stack and their priorities, best meets the company's needs?

Question 41

Report
Export
Collapse

To monitor API calls against our AWS account by different users and entities, we can use ________ to create a history of calls in bulk for later review, and use ___________ for reacting to AWS API calls in real-time.

A.
AWS Config; AWS Inspector
A.
AWS Config; AWS Inspector
Answers
B.
AWS CloudTrail; AWS Config
B.
AWS CloudTrail; AWS Config
Answers
C.
AWS CloudTrail; CloudWatch Events
C.
AWS CloudTrail; CloudWatch Events
Answers
D.
AWS Config; AWS Lambda
D.
AWS Config; AWS Lambda
Answers
Suggested answer: C

Explanation:

CloudTrail is a batch API call collection service, CloudWatch Events enables real-time monitoring of calls through the Rules object interface.

Reference: https://aws.amazon.com/whitepapers/security-at-scale-governance-in-aws/

Question 42

Report
Export
Collapse

A company has many applications. Different teams in the company developed the applications by using multiple languages and frameworks. The applications run on premises and on different servers with different operating systems. Each team has its own release protocol and process. The company wants to reduce the complexity of the release and maintenance of these applications. The company is migrating its technology stacks, including these applications, to AWS. The company wants centralized control of source code, a consistent and automatic delivery pipeline, and as few maintenance tasks as possible on the underlying infrastructure.

What should a DevOps engineer do to meet these requirements?

A.
Create one AWS CodeCommit repository for all applications. Put each application’s code in different branch. Merge the branches, and use AWS CodeBuild to build the applications. Use AWS CodeDeploy to deploy the applications to one centralized application server.
A.
Create one AWS CodeCommit repository for all applications. Put each application’s code in different branch. Merge the branches, and use AWS CodeBuild to build the applications. Use AWS CodeDeploy to deploy the applications to one centralized application server.
Answers
B.
Create one AWS CodeCommit repository for each of the applications Use AWS CodeBuild to build the applications one at a time. Use AWS CodeDeploy to deploy the applications to one centralized application server.
B.
Create one AWS CodeCommit repository for each of the applications Use AWS CodeBuild to build the applications one at a time. Use AWS CodeDeploy to deploy the applications to one centralized application server.
Answers
C.
Create one AWS CodeCommit repository for each of the applications. Use AWS CodeBuild to build the applications one at a time to create one AMI for each server. Use AWS CloudFormation StackSets to automatically provision and decommission Amazon EC2 fleets by using these AMIs.
C.
Create one AWS CodeCommit repository for each of the applications. Use AWS CodeBuild to build the applications one at a time to create one AMI for each server. Use AWS CloudFormation StackSets to automatically provision and decommission Amazon EC2 fleets by using these AMIs.
Answers
D.
Create one AWS CodeCommit repository for each of the applications. Use AWS CodeBuild to build one Docker image for each application in Amazon Elastic Container Registry (Amazon ECR). Use AWS CodeDeploy to deploy the applications to Amazon Elastic Container Service (Amazon ECS) on infrastructure that AWS Fargate manages.
D.
Create one AWS CodeCommit repository for each of the applications. Use AWS CodeBuild to build one Docker image for each application in Amazon Elastic Container Registry (Amazon ECR). Use AWS CodeDeploy to deploy the applications to Amazon Elastic Container Service (Amazon ECS) on infrastructure that AWS Fargate manages.
Answers
Suggested answer: B

Explanation:

Reference: https://towardsdatascience.com/ci-cd-logical-and-practical-approach-to-build-four-step-pipeline-on-aws-3f54183068ec

Question 43

Report
Export
Collapse

Your team is responsible for an AWS Elastic Beanstalk application. The business requires that you move to a continuous deployment model, thus releasing updates to the application multiple times per day with zero downtime. What should you do to enable this and still be able to roll back to the previous version almost immediately in an emergency?

A.
Enable roiling updates in the Elastic Beanstalk environment and set an appropriate pause time for application startup.
A.
Enable roiling updates in the Elastic Beanstalk environment and set an appropriate pause time for application startup.
Answers
B.
Create a second Elastic Beanstalk environment that runs the new application version, and swap the environment CNAMEs.
B.
Create a second Elastic Beanstalk environment that runs the new application version, and swap the environment CNAMEs.
Answers
C.
Configure the application to poll for a new application version in your code repository; download and install the new version to each running Elastic Beanstalk instance.
C.
Configure the application to poll for a new application version in your code repository; download and install the new version to each running Elastic Beanstalk instance.
Answers
D.
Create a second Elastic Beanstalk environment with the new application version, and configure the old environment to use the HTTP 301 response code to redirect clients to the new environment.
D.
Create a second Elastic Beanstalk environment with the new application version, and configure the old environment to use the HTTP 301 response code to redirect clients to the new environment.
Answers
Suggested answer: B

Question 44

Report
Export
Collapse

An Engineering team manages a Node.js e-commerce application. The current environment consists of the following components:

• Amazon S3 buckets for storing content

• Amazon EC2 for the front-end web servers

• AWS Lambda for executing image processing

• Amazon DynamoDB for storing session-related data

The team expects a significant increase in traffic to the site. The application should handle the additional load without interruption. The team ran initial tests by adding new servers to the EC2 front-end to handle the larger load, but the instances took up to 20 minutes to become fully configured. The team wants to reduce this configuration time. What changes will the Engineering team need to implement to make the solution the MOST resilient and highly available while meeting the expected increase in demand?

A.
Use AWS OpsWorks to automatically configure each new EC2 instance as it is launched. Configure the EC2 instances by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Application Load Balancer.
A.
Use AWS OpsWorks to automatically configure each new EC2 instance as it is launched. Configure the EC2 instances by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Application Load Balancer.
Answers
B.
Deploy a fleet of EC2 instances, doubling the current capacity, and place them behind an Application Load Balancer. Increase the Amazon DynamoDB read and write capacity units. Add an alias record that contains the Application Load Balancer endpoint to the existing Amazon Route 53 DNS record that points to the application.
B.
Deploy a fleet of EC2 instances, doubling the current capacity, and place them behind an Application Load Balancer. Increase the Amazon DynamoDB read and write capacity units. Add an alias record that contains the Application Load Balancer endpoint to the existing Amazon Route 53 DNS record that points to the application.
Answers
C.
Configure Amazon CloudFront and have its origin point to Amazon S3 to host the web application. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the CloudFront DNS name.
C.
Configure Amazon CloudFront and have its origin point to Amazon S3 to host the web application. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the CloudFront DNS name.
Answers
D.
Use AWS Elastic Beanstalk with a custom AMI including all web components. Deploy the platform by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Elastic Beanstalk load balancer.
D.
Use AWS Elastic Beanstalk with a custom AMI including all web components. Deploy the platform by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Elastic Beanstalk load balancer.
Answers
Suggested answer: D

Question 45

Report
Export
Collapse

A DevOps Engineer uses Docker container technology to build an image-analysis application. The application often sees spikes in traffic. The Engineer must automatically scale the application in response to customer demand while maintaining cost effectiveness and minimizing any impact on availability. What will allow the FASTEST response to spikes in traffic while fulfilling the other requirements?

A.
Create an Amazon ECS cluster with the container instances in an Auto Scaling group. Configure the ECS service to use Service Auto Scaling. Set up Amazon CloudWatch alarms to scale the ECS service and cluster.
A.
Create an Amazon ECS cluster with the container instances in an Auto Scaling group. Configure the ECS service to use Service Auto Scaling. Set up Amazon CloudWatch alarms to scale the ECS service and cluster.
Answers
B.
Deploy containers on an AWS Elastic Beanstalk Multicontainer Docker environment. Configure Elastic Beanstalk to automatically scale the environment based on Amazon CloudWatch metrics.
B.
Deploy containers on an AWS Elastic Beanstalk Multicontainer Docker environment. Configure Elastic Beanstalk to automatically scale the environment based on Amazon CloudWatch metrics.
Answers
C.
Create an Amazon ECS cluster using Spot Instances. Configure the ECS service to use Service Auto Scaling. Set up Amazon CloudWatch alarms to scale the ECS service and cluster.
C.
Create an Amazon ECS cluster using Spot Instances. Configure the ECS service to use Service Auto Scaling. Set up Amazon CloudWatch alarms to scale the ECS service and cluster.
Answers
D.
Deploy containers on Amazon EC2 instances. Deploy a container scheduler to schedule containers onto EC2 instances. Configure EC2 Auto Scaling for EC2 instances based on available Amazon CloudWatch metrics.
D.
Deploy containers on Amazon EC2 instances. Deploy a container scheduler to schedule containers onto EC2 instances. Configure EC2 Auto Scaling for EC2 instances based on available Amazon CloudWatch metrics.
Answers
Suggested answer: B

Question 46

Report
Export
Collapse

A DevOps engineer is building a centralized CI/CD pipeline using AWS CodeBuild, AWS CodeDeploy, and Amazon S3. The engineer is required to have least privilege access and individual encryption at rest for all artifacts in Amazon S3. The engineer must be able to prune old artifacts without the ability to download or read them.

The engineer has already completed the following steps:

A.
Created a unique AWS Key Management Service (AWS KMS) CMK and S3 bucket for each project’s builds. 2. Updated the S3 bucket policy to only allow uploads that use the associated KMS encryption.Which final step should be taken to meet these requirements?
A.
Created a unique AWS Key Management Service (AWS KMS) CMK and S3 bucket for each project’s builds. 2. Updated the S3 bucket policy to only allow uploads that use the associated KMS encryption.Which final step should be taken to meet these requirements?
Answers
B.
Update the attached IAM policies to allow access to the appropriate KMS key from the CodeDeploy role where the application will be deployed.
B.
Update the attached IAM policies to allow access to the appropriate KMS key from the CodeDeploy role where the application will be deployed.
Answers
C.
Update the attached IAM policies to allow access to the appropriate KMS key from the EC2 instance roles where the application will be deployed.
C.
Update the attached IAM policies to allow access to the appropriate KMS key from the EC2 instance roles where the application will be deployed.
Answers
D.
Update the CMK’s key policy to allow access to the appropriate KMS key from the CodeDeploy role where the application will be deployed.
D.
Update the CMK’s key policy to allow access to the appropriate KMS key from the CodeDeploy role where the application will be deployed.
Answers
E.
Update the CMK’s key policy to allow access to the appropriate KMS key from the EC2 instance roles where the application will be deployed.
E.
Update the CMK’s key policy to allow access to the appropriate KMS key from the EC2 instance roles where the application will be deployed.
Answers
Suggested answer: A

Question 47

Report
Export
Collapse

A DevOps engineer is creating a CI/CD pipeline for an Amazon ECS service. The ECS container instances run behind an Application Load Balancer as the web tier of a three-tier application. An acceptance criterion for a successful deployment is the verification that the web tier can communicate with the database and middleware tiers of the application upon deployment. How can this be accomplished in an automated fashion?

A.
Create a health check endpoint in the web application that tests connectivity to the data and middleware tiers. Use this endpoint as the health check URL for the load balancer.
A.
Create a health check endpoint in the web application that tests connectivity to the data and middleware tiers. Use this endpoint as the health check URL for the load balancer.
Answers
B.
Create an approval step for the quality assurance team to validate connectivity. Reject changes in the pipeline if there is an issue with connecting to the dependent tiers.
B.
Create an approval step for the quality assurance team to validate connectivity. Reject changes in the pipeline if there is an issue with connecting to the dependent tiers.
Answers
C.
Use an Amazon RDS active connection count and an Amazon CloudWatch ELB metric to alarm on a significant change to the number of open connections.
C.
Use an Amazon RDS active connection count and an Amazon CloudWatch ELB metric to alarm on a significant change to the number of open connections.
Answers
D.
Use Amazon Route 53 health checks to detect issues with the web service and roll back the CI/CD pipeline if there is an error.
D.
Use Amazon Route 53 health checks to detect issues with the web service and roll back the CI/CD pipeline if there is an error.
Answers
Suggested answer: A

Question 48

Report
Export
Collapse

A development team is building an ecommerce application and is using Amazon Simple Notification Service (Amazon SNS) to send order messages to multiple endpoints. One of the endpoints is an external HTTP endpoint that is not always available. The development team needs to receive a notification if an order message is not delivered to the HTTP endpoint. What should a DevOps engineer do to meet these requirements?

A.
Create an Amazon Simple Queue Service (Amazon SQS) queue. On the SNS topic, configure a redrive policy that sends undelivered messages to the SQS queue. Create an Amazon CloudWatch alarm for the new SQS queue to notify the development team when messages are delivered to the queue.
A.
Create an Amazon Simple Queue Service (Amazon SQS) queue. On the SNS topic, configure a redrive policy that sends undelivered messages to the SQS queue. Create an Amazon CloudWatch alarm for the new SQS queue to notify the development team when messages are delivered to the queue.
Answers
B.
Create an Amazon Simple Queue Service (Amazon SQS) queue. On the HTTP endpoint subscription of the SNS topic,configure a redrive policy that sends undelivered messages to the SQS queue. Create an Amazon CloudWatch alarm for thenew SQS queue to notify the development team when messages are delivered to the queue.
B.
Create an Amazon Simple Queue Service (Amazon SQS) queue. On the HTTP endpoint subscription of the SNS topic,configure a redrive policy that sends undelivered messages to the SQS queue. Create an Amazon CloudWatch alarm for thenew SQS queue to notify the development team when messages are delivered to the queue.
Answers
C.
On the SNS topic, configure an HTTPS delivery policy that will retry delivery until the order message is deliveredsuccessfully. Configure the backoffFunction parameter in the policy to notify the development team when a message cannotbe delivered within the set constraints.
C.
On the SNS topic, configure an HTTPS delivery policy that will retry delivery until the order message is deliveredsuccessfully. Configure the backoffFunction parameter in the policy to notify the development team when a message cannotbe delivered within the set constraints.
Answers
D.
On the HTTP endpoint subscription of the SNS topic, configure an HTTPS delivery policy that will retry delivery until theorder message is delivered successfully. Configure the backoffFunction parameter in the policy to notify the developmentteam when a message cannot be delivered within the set constraints.
D.
On the HTTP endpoint subscription of the SNS topic, configure an HTTPS delivery policy that will retry delivery until theorder message is delivered successfully. Configure the backoffFunction parameter in the policy to notify the developmentteam when a message cannot be delivered within the set constraints.
Answers
Suggested answer: C

Explanation:

Reference: https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html

Question 49

Report
Export
Collapse

A company plans to stop using Amazon EC2 key pairs for SSH access, and instead plans to use AWS Systems Manager Session Manager. To further enhance security, access to Session Manager must take place over a private network only.

Which combinations of actions will accomplish this? (Choose two.)

A.
Allow inbound access to TCP port 22 in all associated EC2 security groups from the VPC CIDR range.
A.
Allow inbound access to TCP port 22 in all associated EC2 security groups from the VPC CIDR range.
Answers
B.
Attach an IAM policy with the necessary Systems Manager permissions to the existing IAM instance profile.
B.
Attach an IAM policy with the necessary Systems Manager permissions to the existing IAM instance profile.
Answers
C.
Create a VPC endpoint for Systems Manager in the desired Region.
C.
Create a VPC endpoint for Systems Manager in the desired Region.
Answers
D.
Deploy a new EC2 instance that will act as a bastion host to the rest of the EC2 instance fleet.
D.
Deploy a new EC2 instance that will act as a bastion host to the rest of the EC2 instance fleet.
Answers
E.
Remove any default routes in the associated route tables.
E.
Remove any default routes in the associated route tables.
Answers
Suggested answer: B, C

Question 50

Report
Export
Collapse

On which local address does the Docker DNS server listen?

A.
127.0.0.1127.0.0.111
A.
127.0.0.1127.0.0.111
Answers
B.
127.0.0.254
B.
127.0.0.254
Answers
C.
127.0.0.11
C.
127.0.0.11
Answers
Suggested answer: C

Explanation:

Note: If you need access to a host's localhost resolver, you must modify your DNS service on the host to listen on a nonlocalhost address that is reachable from within the container. Note: The DNS server is always at 127.0.0.11.

Reference:

https://docs.docker.com/engine/userguide/networking/configure-dns/

Total 557 questions
Go to page: of 56
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms