• Home
  • Articles
  • [Jan 16, 2022] Dumps Collection AWS-DevOps Test Engine Dumps Training With 275 Questions [Q27-Q45]

[Jan 16, 2022] Dumps Collection AWS-DevOps Test Engine Dumps Training With 275 Questions [Q27-Q45]

Share

[Jan 16, 2022] Dumps Collection AWS-DevOps Test Engine Dumps Training With 275 Questions

Amazon AWS-DevOps Dumps - 100% Cover Real Exam Questions


Topics Covered by AWS DOP-C01 Certification Exam

The candidates who want to take the AWS DOP-C01 exam will need to demonstrate that they possess the following skills:

  • Ensure management and infrastructure configuration as Code;
  • Know how to handle SDLC automation;
  • Define and manage event response and incident;
  • Be effective in managing fault tolerance and disaster recovery.
  • Policies and Standards Automation;

AWS DevOps Engineer Professional Exam formate below

Format: Multiple choices, multiple answers

  • Passing score: 750
  • Length of Examination: 180 minutes
  • Language: English

 

NEW QUESTION 27
An application is running on Amazon EC2. It has an attached IAM role that is receiving an AccessDenied error while trying to access a SecureString parameter resource in the AWS Systems Manager Parameter Store. The SecureString parameter is encrypted with a customer- managed Customer Master Key (CMK), What steps should the DevOps Engineer take to grant access to the role while granting least privilege? (Select three.)

  • A. Set kms:Decrypt for the parameter resource in the customer-managed CMK policy.
  • B. Set kms:GenerateDataKey for the user on the AWS managed SSM KMS key.
  • C. Set kms:Decrypt for the instance role in the customer-managed CMK policy.
  • D. Set ssm:DecryptParameter for the parameter resource in the instance role IAM policy.
  • E. Set ssm:GetParamter for the parameter resource in the instance role's IAM policy.
  • F. Set kms:Decrypt for the customer-managed CMK resource in the role's IAM policy.

Answer: C,E,F

Explanation:
F is not right, no need to give access to the parameter resource.
Here we need below access:
1. Instance profile can get parameter from SSM, A provide
2. Instance profile can use CMK to decrypt the parameter, C provide
3. CMK policy allow instance to use CMK decrypt action, B provide

 

NEW QUESTION 28
You have an Auto Scaling group with 2 AZs. One AZ has 4 EC2 instances and the other has 3 EC2 instances.
None of the instances are protected from scale in. Based on the default Auto Scaling termination policy what
will happen?

  • A. Auto Scaling terminates which unprotected instances are closest to the next billing hour.
  • B. Auto Scaling selects an instance to terminate randomly
  • C. Auto Scaling will terminate unprotected instances in the Availability Zone with the oldest launch
    configuration.
  • D. Auto Scaling will select the AZ with 4 EC2 instances and terminate an instance.

Answer: D

Explanation:
Explanation
The default termination policy is designed to help ensure that your network architecture spans Availability
Zones evenly. When using the default termination policy.
Auto Scaling selects an instance to terminate as follows:
Auto Scaling determines whether there are instances in multiple Availability Zones. If so, it selects the
Availability Zone with the most instances and at least one instance that is not protected from scale in. If there
is more than one Availability Zone with this number of instances. Auto Scaling selects the Availability Zone
with the instances that use the oldest launch configuration. For more information on Autoscaling instance
termination please refer to the below link:
* http://docs.aws.amazon.com/autoscaling/latest/userguide/as-instance-termi
nation.html

 

NEW QUESTION 29
A company runs an application on Amazon EC2 instances behind an Application Load Balancer.
The instances run in an Amazon EC2 Auto Scaling group across multiple Availability Zones in us- east1. The application stores data in an Amazon RDS MySQL Multi-AZ DB instance. A DevOps Engineer wants to modify the current solution and create a hot standby of the environment in another region to minimize downtime if a problem occurs in us-east-1. Which combination of steps should the DevOps Engineer take to meet these requirements? (Select THREE.)

  • A. Enable multi-region failover for the RDS configuration for the database instance.
  • B. Add a health check to the Amazon Route 53 alias record to evaluate the health of the primary region.
    Use AWS Lambda, configured with an Amazon CloudWatch Events trigger, to elect the Amazon RDS master in the disaster recovery region.
  • C. Deploy a read replica of the RDS instance in the disaster recovery region.
  • D. Create a new Application Load Balancer and Auto Scaling group in the disaster recovery region.
  • E. Extend the current Auto Scaling group to the subnets in the disaster recovery region.
  • F. Create an AWS Lambda function to evaluate the health of the primary region. If it fails, modify the Amazon Route 53 record to point at the disaster recovery region and elect the RDS master.

Answer: B,C,D

 

NEW QUESTION 30
During metric analysis, your team has determined that the company's website during peak hours is experiencing response times higher than anticipated. You currently rely on Auto Scaling to make sure that you are scaling your environment during peak windows. How can you improve your Auto Scaling policy to reduce this high response time? Choose 2 answers.

  • A. Create a script that runs and monitors your servers; when it detects an anomaly in load, it posts to an Amazon SNS topic that triggers Elastic Load Balancing to add more servers to the load balancer.
  • B. IncreaseyourAutoScalinggroup'snumberofmaxservers.
  • C. Push custom metrics to CloudWatch for your application that include more detailed information about your web application, such as how many requests it is handling and how many are waiting to be processed.
  • D. Push custom metrics to CloudWatch to monitor your CPU and network bandwidth from your servers, which will allow your Auto Scaling policy to have betterfine-grain insight.

Answer: B,C

Explanation:
Option B makes sense because maybe the max servers is low hence the application cannot handle the peak load.
Option D helps in ensuring Autoscaling can scale the group on the right metrics.
For more information on Autoscaling health checks, please refer to the below document link: from AWS
http://docs.aws.a mazon.com/autoscaling/latest/userguide/healthcheck.html

 

NEW QUESTION 31
You have a web application that is currently running on a collection of micro instance types in a single AZ behind a single load balancer.
You have an Auto Scaling group configured to scale from 2 to 64 instances. When reviewing your CloudWatch metrics, you see that sometimes your Auto Scaling group is running 64 micro instances. The web application is reading and writing to a DynamoDB-configured backend and configured with 800 Write Capacity Units and 800 Read Capacity Units.
Your customers are complaining that they are experiencing long load times when viewing your website.
You have investigated the DynamoDB CloudWatch metrics; you are under the provisioned Read and write Capacity Units and there is no throttling.
How do you scale your service to improve the load times and ensure the principles of high availability?

  • A. Change your Auto Scaling group configuration to include multiple AZs.
  • B. Change your Auto Scaling group configuration to use larger instances and include multiple AZ's instead of one.
  • C. Change your Auto Scaling group configuration to include multiple AZs, and increase the number of Read Capacity Units in your DynamoDB table by a factor of three, because you will need to be calling DynarnoDB from three AZs.
  • D. Add a second load balancer to your Auto Scaling group so that you can support more inbound connections per second.

Answer: B

 

NEW QUESTION 32
A mobile application running on eight Amazon EC2 instances is relying on a third-party API endpoint. The third-party service has a high failure rate because of limited capacity, which is expected to be resolved in a few weeks.
In the meantime, the mobile application developers have added a retry mechanism and are logging failed API requests. A DevOps Engineer must automate the monitoring of application logs and count the specific error messages; if there are more than 10 errors within a 1-minute window, the system must issue an alert.
How can the requirements be met with MINIMAL management overhead?

  • A. Install the Amazon CloudWatch Logs agent on all instances to push the application logs to CloudWatch Logs. Use metric filters to count the error messages every minute, and trigger a CloudWatch alarm if the count exceeds 10 errors.
  • B. Deploy a custom script on all instances to check application logs regularly in a cron job. Count the number of error messages every minute, and push a data point to a custom. CloudWatch metric.
    Trigger a CloudWatch alarm if the custom metric reaches 10 errors in a 1-minute period.
  • C. Install the Amazon CloudWatch Logs agent on all instances to push the access logs to CloudWatch Logs. Create CloudWatch Events rule to count the error messages every minute, and trigger a CloudWatch alarm if the count exceeds 10 errors.
  • D. Install the Amazon CloudWatch Logs agent on all instances to push the application logs to CloudWatchLogs. Use a metric filter to generate a custom CloudWatch metric that records the number of failures and triggers a CloudWatch alarm if the custom metric reaches 10 errors in a 1- minute period.

Answer: D

 

NEW QUESTION 33
A DevOps Engineer must improve the monitoring of a Finance team payments microservice that handles transactions for an e-commerce platform. The microservice runs on multiple Amazon EC2 instances. The Finance team would like to know the number of payments per minute, and the team would like to be notified when this metric falls below a specified threshold. How can this be cost-effectively automated?

  • A. Have the Development team log successful transactions to an application log. Set up Logstash on each instance, which sends logs to an Amazon ES cluster. Create a Kibana dashboard for the Finance team that graphs the metric.
  • B. Have the Development team log successful transactions to an application log. Set up the Amazon CloudWatch agent on each instance. Create a CloudWatch alarm when the threshold is breached, and use Amazon SNS to notify the Finance team.
  • C. Have the Development team post the number of successful transactions to Amazon CloudWatch as a custom metric. Create a CloudWatch alarm when the threshold is breached, and use Amazon SNS to notify the Finance team.
  • D. Have the Development team log successful transactions to an application log. On each instance, set up the Amazon CloudWatch Logs agent to send application logs to CloudWatch Logs. Use an EC2 instance to monitor a metric filter, and send notifications to the Finance team.

Answer: C

 

NEW QUESTION 34
A DevOps Engineer is researching the least-expensive way to implement an image batch processing cluster in AWS. The application cannot run in Docker containers and must run on Amazon EC2. The batch job stores checkpoint data on a Network File System (NFS) and can tolerate interruptions. Configuring the cluster software from a bare EC2 Amazon Linux image takes 30 minutes.
Which is the MOST cost-effective solution?

  • A. Use Amazon EFS for checkpoint data. To complete the job, use an EC2 Auto Scaling group and an On-Demand pricing model to provision EC2 instances temporarily.
  • B. Use Amazon EFS for checkpoint data. Use EC2 Fleet to launch EC2 Spot Instances, and use user data to configure the EC2 Amazon Linux instance on startup.
  • C. Use Amazon EFS for checkpoint data. Use EC2 Fleet to launch EC2 Spot Instances. Create a standard cluster AMI and use the latest AMI when creating instances.
  • D. Use ClusterFS on EC2 instances for checkpoint data. To run the batch job, configure EC2 instances manually. When the job completes, shut down the instances manually.

Answer: B

Explanation:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances- unlimited-mode.html

 

NEW QUESTION 35
You are working with a customer who is using Chef Configuration management in their data center. Which service is designed to let the customer leverage existing Chef recipes in AWS?

  • A. AWSOpsWorks
  • B. AmazonSimple Workflow Service
  • C. AWSEIastic Beanstalk
  • D. AWSCIoudFormation

Answer: A

Explanation:
Explanation
AWS OpsWorks is a configuration management service that helps you configure and operate applications of all shapes and sizes using Chef. You can define the application's architecture and the specification of each component including package installation, software configuration and resources such as storage. Start from templates for common technologies like application servers and databases or build your own to perform any task that can be scripted. AWS OpsWorks includes automation to scale your application based on time or load and dynamic configuration to orchestrate changes as your environment scales.
For more information on Opswork, please visit the link:
* https://aws.amazon.com/opsworks/

 

NEW QUESTION 36
An application runs on Amazon EC2 instances behind an Application Load Balancer. Amazon RDS MySOL is used on the backend. The instances run in an Auto Scaling group across multiple Availability Zones. The Application Load Balancer health check ensures the web servers are operating and able to make read/write SQL connections. Amazon Route 53 provides DNS functionality with a record pointing to the Application Load Balancer. A new policy requires a geographically isolated disaster recovery site with an RTO of 4 hours and an RPO of 15 minutes.
Which disaster recovery strategy will require the LEAST amount of changes to the application stack?

  • A. Launch a replica stack of everything except RDS in a different Availability Zone. Create an RDS read- only replica in a new Availability Zone and configure the new stack to point to the local RDS instance.
    Add the new stack to the Route 53 record set with a failover routing policy.
  • B. Launch a replica stack of everything except RDS in a different region. Upon failure, copy the snapshot over from the primary region to the disaster recovery region. Adjust the Amazon Route
    53 record set to point to the disaster recovery region's Application Load Balancer.
  • C. Launch a replica stack of everything except RDS in a different region. Create an RDS read-only replica in a new region and configure the new stack to point to the local RDS instance. Add the new stack to the Route 53 record set with a latency routing policy.
  • D. Launch a replica stack of everything except RDS in a different region. Create an RDS read-only replica in a new region and configure the new stack to point to the local RDS instance. Add the new stack to the Amazon Route 53 record set with a failover routing policy.

Answer: D

 

NEW QUESTION 37
A DevOps Engineer is building a continuous deployment pipeline for a serverless application using AWS CodePipeline and AWS CodeBuild. The source, build, and test stages have been created with the deploy stage remaining. The company wants to reduce the risk of an unsuccessful deployment by deploying to a specified subset of customers and monitoring prior to a full release to all customers.
How should the deploy stage be configured to meet these requirements?

  • A. Use AWS CloudFormation to define the serverless application and AWS CodeDeploy to deploy the AWS Lambda functions using DeploymentPreference: Canary10Percentl5Minutes.
  • B. Use CodeBuild to use the AWS CLI to update the AWS Lambda function code, then publish a new version of the function and update the production alias to point to the new version of the function.
  • C. Use AWS CloudFormation to publish a new version on every stack update. Then set up a CodePipeline approval action for a Developer to test and approve the new version. Finally, use a CodePipeline invoke action to update an AWS Lambda function to use the production alias
  • D. Use AWS CloudFormation to publish a new version on every stack update. Use the RoutingConfig property of the AWS : :Lambda: : Alias resource to update the traffic routing during the stack update.

Answer: C

 

NEW QUESTION 38
You have just developed a new mobile application that handles analytics workloads on large scale datasets that are stored on Amazon Redshift. Consequently, the application needs to access Amazon Redshift tables. Which of the below methods would be the best, both practically and security-wise, to access the tables? Choose the correct answer from the options below

  • A. Createa RedShift read-only access policy in 1AM and embed those credentials in theapplication.
  • B. Createan 1AM user and generate encryption keys for that user. Create a policy for RedShiftread-only access. Embed the keys in the application.
  • C. Createa HSM client certificate in Redshift and authenticate using this certificate.
  • D. Useroles that allow a web identity federated user to assume a role that allowsaccess to the RedShift table by providing temporary credentials.

Answer: D

Explanation:
Explanation
For access to any AWS service, the ideal approach for any application is to use Roles. This is the first preference. Hence option A and C are wrong.
For more information on 1AM policies please refer to the below link:
http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
Next for any web application, you need to use web identity federation. Hence option D is the right option. This along with the usage of roles is highly stressed in the AWS documentation.
"When you write such an app, you'll make requests to AWS services that must be signed with an AWS access key. However, we strongly recommend that you do not embed or distribute long-term AWS credentials with apps that a user downloads to a device, even in an encrypted store. Instead, build your app so that it requests temporary AWS security credentials dynamically when needed using web identity federation. The supplied temporary credentials map to an AWS role that has only the permissions needed to perform the tasks required by the mobile app".
For more information on web identity federation please refer to the below link:
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html

 

NEW QUESTION 39
A DevOps Engineer has a single Amazon Dynamo DB table that received shipping orders and tracks inventory. The Engineer has three AWS Lambda functions reading from a DymamoDB stream on that table. The Lambda functions perform various functions such as doing an item count, moving items to Amazon Kinesis Data Firehose, monitoring inventory levels, and creating vendor orders when parts are low.
While reviewing logs, the Engineer notices the Lambda functions occasionally fail under increased load, receiving a stream throttling error.
Which is the MOST cost-effective solution that requires the LEAST amount of operational management?

  • A. Create a fourth Lambda function and configure it to be the only Lambda reading from the stream.
    Then use this Lambda function to pass the payload to the other three Lambda functions.
  • B. Use Amazon Kinesis streams instead of Dynamo DB streams, then use Kinesis analytics to trigger the Lambda functions.
  • C. Have the Lambda functions query the table directly and disable DynamoDB streams. Then have the Lambda functions query from a global secondary index.
  • D. Use AWS Glue integration to ingest the DynamoDB stream, then migrate the Lambda code to an AWS Fargate task.

Answer: A

 

NEW QUESTION 40
You have a high-traffic application running behind a load balancer with clients that are very sensitive to latency.
How should you determine which back-end Amazon Elastic Compute Cloud application instances are causing increased latency so that they can be replaced?

  • A. By using the HTTP X-Forwarded-For header for requests from the load balancer.
  • B. By running a distributed load test to the load balancer.
  • C. By using the load balancer access logs.
  • D. By using the Elastic Load Balancing Latency CloudWatch metric.

Answer: C

 

NEW QUESTION 41
Currently, your deployment process consists of setting your load balancer to point to a maintenance page, turning off ea web application servers, deploying your code, turning the web application servers back on, and removing the maintenance page. Working with your development team, you've agreed that performing rolling deployments of your software would provide a better user experience and a more agile deployment process.
Which techniques could you use to provide a cost-effective rolling deployment process? (Choose two.)

  • A. Use the Amazon Elastic Cloud Compute (EC2) API to write a service to return a list of servers based on the tags for the application that needs deployment, and use Amazon Simple Queue Service to queue up all servers for a rolling deployment.
  • B. Re-deploy your application on an AWS OpsWorks stack, and take advantage of OpsWorks rolling deployments.
  • C. Re-deploy your application on AWS Elastic Beanstalk, and use Elastic Beanstalk rolling deployments.
  • D. Using Amazon Simple Workflow Service, create a workflow application that talks to the Amazon EC2 API to deploy your new code in a rolling fashion.
  • E. Re-deploy your application using an AWS CloudFormation template, launch a new CloudFormation stack during each deployment, and then tear down the old stack.
  • F. Re-deploy your application using an AWS CloudFormation template with Auto Scaling group, and use update policies to provide rolling updates.

Answer: C,F

 

NEW QUESTION 42
A company wants to use a grid system for a proprietary enterprise in-memory data store on top of AWS. This system can run in multiple server nodes in any Linux-based distribution. The system must be able to reconfigure the entire cluster every time a node is added or removed. When adding or removing nodes, an / etc./cluster/nodes.config file must be updated, listing the IP addresses of the current node members of that cluster The company wants to automate the task of adding new nodes to a cluster.
What can a DevOps Engineer do to meet these requirements?

  • A. Create an Amazon S3 bucket and upload a version of the etc/cluster/nodes.config file. Create a crontab script that will poll for that S3 file and download it frequently. Use a process manager, such as Monit or systemd, to restart the cluster services when it detects that the new file was modified. When adding a node to the cluster, edit the file's most recent members. Upload the new file to the S3 bucket.
  • B. Create a user data script that lists all members of the current security group of the cluster and automatically updates the /etc/cluster/nodes.config file whenever a new instance is added to the cluster
  • C. Put the file nodes.config in version control. Create an AWS CodeDeploy deployment configuration and deployment group based on an Amazon EC2 tag value for the cluster nodes. When adding a new node to the cluster, update the file with all tagged instances, and make a commit in version control. Deploy the new file and restart the services.
  • D. Use AWS OpsWorks Stacks to layer the server nodes of that cluster. Create a Chef recipe that populates the content of the /etc/cluster/nodes.config file and restarts the service by using the current members of the layer. Assign that recipe to the Configure lifecycle event.

Answer: C

 

NEW QUESTION 43
You want to build an application that coordinates work across distributed components, and you find Amazon Simple Workflow Service (Amazon SWF) does this easily. You have enabled logging in CloudTrail, but you are unsure about Amazon SWF actions supported. Which of the following actions is NOT supported?

  • A. RegisterDomain
  • B. RegisterWorkflowType
  • C. RegisterActivityType
  • D. RegisterWorkflowActivity

Answer: D

Explanation:
Amazon SWF is integrated with AWS CloudTrail, a service that captures API calls made by or on behalf of Amazon SWF and delivers the log files to an Amazon S3 bucket that you specify. The API calls can be made indirectly by using the Amazon SWF console or directly by using the Amazon SWF API.
When CloudTrail logging is enabled, calls made to Amazon SWF actions are tracked in log files.
Amazon SWF records are written together with any other AWS service records in a log file.
CloudTrail determines when to create and write to a new file based on a specified time period and file size.
The following actions are supported:
DeprecateActivityType
DeprecateDomain
DeprecateWorkflowType
RegisterActivityType
RegisterDomain
RegisterWorkflowType
Reference: http://docs.aws.amazon.com/amazonswf/latest/developerguide/ct-logging.html

 

NEW QUESTION 44
For AWS CloudFormation, which stack state refuses UpdateStack calls?

  • A. <code>UPDATE_ROLLBACK_COMPLETE</code>
  • B. <code>CREATE_COMPLETE</code>
  • C. <code>UPDATE_COMPLETE</code>
  • D. <code>UPDATE_ROLLBACK_FAILED</code>

Answer: D

Explanation:
When a stack is in the UPDATE_ROLLBACK_FAILED state, you can continue rolling it back to return it to a working state (to UPDATE_ROLLBACK_COMPLETE). You cannot update a stack that is in the UPDATE_ROLLBACK_FAILED state. However, if you can continue to roll it back, you can return the stack to its original settings and try to update it again.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks- continueu pdaterollback.html

 

NEW QUESTION 45
......


AWS DevOps Engineer Professional Exam certified salary below

  • Europe: 97902 Euro
  • United States: 107,786 USD
  • India: 712503 INR
  • England: 82930 Pound

 

Realistic Pass4cram AWS-DevOps Dumps PDF - 100% Passing Guarantee: https://tesking.pass4cram.com/AWS-DevOps-dumps-torrent.html

Related Articles

more
Amazon AWS-DevOps Certification Practice Exam

The most valid exam cram is the best study and review material for your upcoming IT exam. With the useful and accurate pass4cram study material, you will pass your exam with a high core.

Latest Valid Exams

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Pass4cram NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy