11.11 Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65pass65

Good News !!! DOP-C02 AWS Certified DevOps Engineer - Professional is now Stable and With Pass Result

  1. Home
  2. Amazon Web Services
  3. AWS Certified Professional
  4. DOP-C02
  5. AWS Certified DevOps Engineer - Professional

DOP-C02 Practice Exam Questions and Answers

AWS Certified DevOps Engineer - Professional

Last Update 4 hours ago
Total Questions : 366

AWS Certified Professional is stable now with all latest exam questions are added 4 hours ago. Incorporating DOP-C02 practice exam questions into your study plan is more than just a preparation strategy.

DOP-C02 exam questions often include scenarios and problem-solving exercises that mirror real-world challenges. Working through DOP-C02 dumps allows you to practice pacing yourself, ensuring that you can complete all AWS Certified Professional practice test within the allotted time frame.

DOP-C02 PDF

DOP-C02 PDF (Printable)
$43.75
$124.99
 Add to Cart

DOP-C02 Testing Engine

DOP-C02 PDF (Printable)
$50.75
$144.99
 Add to Cart

DOP-C02 PDF + Testing Engine

DOP-C02 PDF (Printable)
$63.7
$181.99
 Add to Cart
Question # 1

A company uses AWS Key Management Service (AWS KMS) keys and manual key rotation to meet regulatory compliance requirements. The security team wants to be notified when any keys have not been rotated after 90 days.

Which solution will accomplish this?

Options:

A.  

Configure AWS KMS to publish to an Amazon Simple Notification Service (Amazon SNS) topic when keys are more than 90 days old.

B.  

Configure an Amazon EventBridge event to launch an AWS Lambda function to call the AWS Trusted Advisor API and publish to an Amazon Simple Notification Service (Amazon SNS) topic.

C.  

Develop an AWS Config custom rule that publishes to an Amazon Simple Notification Service (Amazon SNS) topic when keys are more than 90 days old.

D.  

Configure AWS Security Hub to publish to an Amazon Simple Notification Service (Amazon SNS) topic when keys are more than 90 days old.

Discussion 0
Question # 2

A company provides an application to customers. The application has an Amazon API Gateway REST API that invokes an AWS Lambda function. On initialization, the Lambda function loads a large amount of data from an Amazon DynamoDB table. The data load process results in long cold-start times of 8-10 seconds. The DynamoDB table has DynamoDB Accelerator (DAX) configured.

Customers report that the application intermittently takes a long time to respond to requests. The application receives thousands of requests throughout the day. In the middle of the day, the application experiences 10 times more requests than at any other time of the day. Near the end of the day, the application's request volume decreases to 10% of its normal total.

A DevOps engineer needs to reduce the latency of the Lambda function at all times of the day.

Which solution will meet these requirements?

Options:

A.  

Configure provisioned concurrency on the Lambda function with a concurrency value of 1. Delete the DAX cluster for the DynamoDB table.

B.  

Configure reserved concurrency on the Lambda function with a concurrency value of 0.

C.  

Configure provisioned concurrency on the Lambda function. Configure AWS Application Auto Scaling on the Lambda function with provisioned concurrency values set to a minimum of 1 and a maximum of 100.

D.  

Configure reserved concurrency on the Lambda function. Configure AWS Application Auto Scaling on the API Gateway API with a reserved concurrency maximum value of 100.

Discussion 0
Question # 3

A company has an organization in AWS Organizations. A DevOps engineer needs to maintain multiple AWS accounts that belong to different OUs in the organization. All resources, including 1AM policies and Amazon S3 policies within an account, are deployed through AWS CloudFormation. All templates and code are maintained in an AWS CodeCommit repository Recently, some developers have not been able to access an S3 bucket from some accounts in the organization.

The following policy is attached to the S3 bucket.

What should the DevOps engineer do to resolve this access issue?

Options:

A.  

Modify the S3 bucket policy Turn off the S3 Block Public Access setting on the S3 bucket In the S3 policy, add the awsSourceAccount condition. Add the AWS account IDs of all developers who are experiencing the issue.

B.  

Verify that no 1AM permissions boundaries are denying developers access to the S3 bucket Make the necessary changes to IAM permissions boundaries. Use an AWS Config recorder in the individual developer accounts that are experiencing the issue to revert any changes that are blocking access. Commit the fix back into the CodeCommit repository. Invoke deployment through Cloud Formation to apply the changes.

C.  

Configure an SCP that stops anyone from modifying 1AM resources in developer OUs. In the S3 policy, add the awsSourceAccount condition. Add the AWS account IDs of all developers who are experiencing the issue Commit the fix back into the CodeCommit repository Invoke deployment through CloudFormation to apply the changes

D.  

Ensure that no SCP is blocking access for developers to the S3 bucket Ensure that no 1AM policy permissions boundaries are denying access to developer 1AM users Make the necessary changes to the SCP and 1AM policy permissions boundaries in the CodeCommit repository Invoke deployment through CloudFormation to apply the changes

Discussion 0
Question # 4

An IT team has built an AWS CloudFormation template so others in the company can quickly and reliably deploy and terminate an application. The template creates an Amazon EC2 instance with a user data script to install the application and an Amazon S3 bucket that the application uses to serve static webpages while it is running.

All resources should be removed when the CloudFormation stack is deleted. However, the team observes that CloudFormation reports an error during stack deletion, and the S3 bucket created by the stack is not deleted.

How can the team resolve the error in the MOST efficient manner to ensure that all resources are deleted without errors?

Options:

A.  

Add a DelelionPolicy attribute to the S3 bucket resource, with the value Delete forcing the bucket to be removed when the stack is deleted.

B.  

Add a custom resource with an AWS Lambda function with the DependsOn attribute specifying the S3 bucket, and an IAM role. Write the Lambda function to delete all objects from the bucket when RequestType is Delete.

C.  

Identify the resource that was not deleted. Manually empty the S3 bucket and then delete it.

D.  

Replace the EC2 and S3 bucket resources with a single AWS OpsWorks Stacks resource. Define a custom recipe for the stack to create and delete the EC2 instance and the S3 bucket.

Discussion 0
Question # 5

A company wants to set up a continuous delivery pipeline. The company stores application code in a private GitHub repository. The company needs to deploy the application components to Amazon Elastic Container Service (Amazon ECS). Amazon EC2, and AWS Lambda. The pipeline must support manual approval actions.

Which solution will meet these requirements?

Options:

A.  

Use AWS CodePipeline with Amazon ECS. Amazon EC2, and Lambda as deploy providers.

B.  

Use AWS CodePipeline with AWS CodeDeploy as the deploy provider.

C.  

Use AWS CodePipeline with AWS Elastic Beanstalk as the deploy provider.

D.  

Use AWS CodeDeploy with GitHub integration to deploy the application.

Discussion 0
Question # 6

A company is hosting a web application in an AWS Region. For disaster recovery purposes, a second region is being used as a standby. Disaster recovery requirements state that session data must be replicated between regions in near-real time and 1% of requests should route to the secondary region to continuously verify system functionality. Additionally, if there is a disruption in service in the main region, traffic should be automatically routed to the secondary region, and the secondary region must be able to scale up to handle all traffic.

How should a DevOps engineer meet these requirements?

Options:

A.  

In both regions, deploy the application on AWS Elastic Beanstalk and use Amazon DynamoDB global tables for session data. Use an Amazon Route 53 weighted routing policy with health checks to distribute the traffic across the regions.

B.  

In both regions, launch the application in Auto Scaling groups and use DynamoDB for session data. Use a Route 53 failover routing policy with health checks to distribute the traffic across the regions.

C.  

In both regions, deploy the application in AWS Lambda, exposed by Amazon API Gateway, and use Amazon RDS for PostgreSQL with cross-region replication for session data. Deploy the web application with client-side logic to call the API Gateway directly.

D.  

In both regions, launch the application in Auto Scaling groups and use DynamoDB global tables for session data. Enable an Amazon CloudFront weighted distribution across regions. Point the Amazon Route 53 DNS record at the CloudFront distribution.

Discussion 0
Question # 7

A company hosts its staging website using an Amazon EC2 instance backed with Amazon EBS storage. The company wants to recover quickly with minimal data losses in the event of network connectivity issues or power failures on the EC2 instance.

Which solution will meet these requirements?

Options:

A.  

Add the instance to an EC2 Auto Scaling group with the minimum, maximum, and desired capacity set to 1.

B.  

Add the instance to an EC2 Auto Scaling group with a lifecycle hook to detach the EBS volume when the EC2 instance shuts down or terminates.

C.  

Create an Amazon CloudWatch alarm for the StatusCheckFailed System metric and select the EC2 action to recover the instance.

D.  

Create an Amazon CloudWatch alarm for the StatusCheckFailed Instance metric and select the EC2 action to reboot the instance.

Discussion 0
Question # 8

A company is testing a web application that runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The company uses a blue green deployment process with immutable instances when deploying new software.

During testing users are being automatically logged out of the application at random times. Testers also report that when a new version of the application is deployed all users are logged out. The development team needs a solution to ensure users remain logged m across scaling events and application deployments.

What is the MOST operationally efficient way to ensure users remain logged in?

Options:

A.  

Enable smart sessions on the load balancer and modify the application to check tor an existing session.

B.  

Enable session sharing on the toad balancer and modify the application to read from the session store.

C.  

Store user session information in an Amazon S3 bucket and modify the application to read session information from the bucket.

D.  

Modify the application to store user session information in an Amazon ElastiCache cluster.

Discussion 0
Question # 9

A company wants governance where only specific Regions and services can be used, with centralized AD authentication and job-function-based roles.

Which solution meets these requirements?

Options:

A.  

Use OUs with group policies and StackSets for IAM roles.

B.  

Use permission boundaries and StackSets.

C.  

Use SCPs to restrict Regions/services and Resource Access Manager to share roles.

D.  

Use SCPs to restrict Regions/services and StackSets for IAM roles with trust to A

D.  

Discussion 0
Question # 10

A company hired a penetration tester to simulate an internal security breach The tester performed port scans on the company's Amazon EC2 instances. The company's security measures did not detect the port scans.

The company needs a solution that automatically provides notification when port scans are performed on EC2 instances. The company creates and subscribes to an Amazon Simple Notification Service (Amazon SNS) topic.

What should the company do next to meet the requirement?

Options:

A.  

Ensure that Amazon GuardDuty is enabled Create an Amazon CloudWatch alarm for detected EC2 and port scan findings. Connect the alarm to the SNS topic.

B.  

Ensure that Amazon Inspector is enabled Create an Amazon EventBridge event for detected network reachability findings that indicate port scans Connect the event to the SNS topic.

C.  

Ensure that Amazon Inspector is enabled. Create an Amazon EventBridge event for detected CVEs that cause open port vulnerabilities. Connect the event to the SNS topic

D.  

Ensure that AWS CloudTrail is enabled Create an AWS Lambda function to analyze the CloudTrail logs for unusual amounts of traffic from an IP address range Connect the Lambda function to the SNS topic.

Discussion 0
Get DOP-C02 dumps and pass your exam in 24 hours!

Free Exams Sample Questions

101 Exam Questions
220-1101 Exam Questions
220-1102 Exam Questions
312-40 Exam Questions
312-50v12 Exam Questions
350-401 Exam Questions
700-250 Exam Questions
AZ-900 Exam Questions
HPE0-V26 Exam Questions
HPE0-V27 Exam Questions
HPE7-A02 Exam Questions
300-715 Exam Questions
P_SAPEA_2023 Questions
PT0-003 Exam Questions
ITIL Exam Questions
JN0-231 Exam Questions
MS-102 Exam Questions
N10-009 Exam Questions
NCS-Core Exam Questions
NS0-521 Exam Questions
PDI Exam Questions
PMP Exam Questions
SPLK-1002 Exam Questions
SY0-701 Exam Questions
Sales-Cloud-Consultant Exam Questions
Salesforce-AI-Associate Exam Questions
MCD-Level-2 Exam Questions
Financial-Services-Cloud Exam Questions
IIA-CIA-Part2 Exam Questions
JavaScript-Developer-I Exam Questions
Marketing-Cloud-Email-Specialist Dumps
Service-Cloud-Consultant Dumps
Platform-App-Builder Dumps
PDI Dumps
200-901 Dumps
350-401 Dumps
MCIA-Level-1 Dumps
AZ-104 Dumps
NCS-Core Dumps
3V0-21.23 Dumps
JN0-214 Dumps
CFCS Dumps
2V0-13.24 Dumps
Fire-Inspector-II Dumps
SPLK-5002 Dumps
SC-401 Dumps