Free Test
Question: / 10
Quiz
Question 1/101/10
A company runs an application on one Amazon EC2 instance. Application metadata is stored in Amazon S3 and must be retrieved if the instance is restarted. The instance must restart or relaunch automatically if the instance becomes unresponsive.
Which solution will meet these requirements?
Select the answer:Select the answer
1 correct answerA.
Create an Amazon CloudWatch alarm for the StatusCheckFailed metric. Use the recover action to stop and start the instance. Use an S3 event notification to push the metadata to the instance when the instance is back up and running.
B.
Configure AWS OpsWorks, and use the auto healing feature to stop and start the instance. Use a lifecycle event in OpsWorks to pull the metadata from Amazon S3 and update it on the instance.
C.
Use EC2 Auto Recovery to automatically stop and start the instance in case of a failure. Use an S3 event notification to push the metadata to the instance when the instance is back up and running.
D.
Use AWS CloudFormation to create an EC2 instance that includes the UserData property for the EC2 resource. Add a command in UserData to retrieve the application metadata from Amazon S3.
Quiz
Question 2/102/10
A company has a mobile application that makes HTTP API calls to an Application Load Balancer (ALB).
The ALB routes requests to an AWS Lambda function. Many different versions of the application are
in use at any given time, including versions that are in testing by a subset of users. The version of the
application is defined in the user-agent header that is sent with all requests to the API.
After a series of recent changes to the API, the company has observed issues with the application.
The company needs to gather a metric for each API operation by response code for each version of
the application that is in use. A DevOps engineer has modified the Lambda function to extract the
API operation name, version information from the user-agent header and response code.
Which additional set of actions should the DevOps engineer take to gather the required metrics?
Select the answer:Select the answer
1 correct answerA.
Modify the Lambda function to write the API operation name, response code, and version number
as a log line to an Amazon CloudWatch Logs log group. Configure a CloudWatch Logs metric filter that
increments a metric for each API operation name. Specify response code and application version as
dimensions for the metric.
B.
Modify the Lambda function to write the API operation name, response code, and version number
as a log line to an Amazon CloudWatch Logs log group. Configure a CloudWatch Logs Insights query
to populate CloudWatch metrics from the log lines. Specify response code and application version as
dimensions for the metric.
C.
Configure the ALB access logs to write to an Amazon CloudWatch Logs log group. Modify the
Lambda function to respond to the ALB with the API operation name, response code, and version
number as response metadata. Configure a CloudWatch Logs metric filter that increments a metric
for each API operation name. Specify response code and application version as dimensions for the
metric.
D.
Configure AWS X-Ray integration on the Lambda function. Modify the Lambda function to create
an X-Ray subsegment with the API operation name, response code, and version number. Configure X-
Ray insights to extract an aggregated metric for each API operation name and to publish the metric
to Amazon CloudWatch. Specify response code and application version as dimensions for the metric.
Quiz
Question 3/103/10
A company provides an application to customers. The application has an Amazon API Gateway REST
API that invokes an AWS Lambda function. On initialization, the Lambda function loads a large
amount of data from an Amazon DynamoDB table. The data load process results in long cold-start
Questions PDF 2/43
times of 8-10 seconds. The DynamoDB table has DynamoDB Accelerator (DAX) configured.
Customers report that the application intermittently takes a long time to respond to requests. The
application receives thousands of requests throughout the day. In the middle of the day, the
application experiences 10 times more requests than at any other time of the day. Near the end of
the day, the application's request volume decreases to 10% of its normal total.
A DevOps engineer needs to reduce the latency of the Lambda function at all times of the day.
Which solution will meet these requirements?
Select the answer:Select the answer
1 correct answerA.
Configure provisioned concurrency on the Lambda function with a concurrency value of 1. Delete
the DAX cluster for the DynamoDB table.
B.
Configure reserved concurrency on the Lambda function with a concurrency value of 0.
C.
Configure provisioned concurrency on the Lambda function. Configure AWS Application Auto
Scaling on the Lambda function with provisioned concurrency values set to a minimum of 1 and a
maximum of 100.
D.
Configure reserved concurrency on the Lambda function. Configure AWS Application Auto Scaling
on the API Gateway API with a reserved concurrency maximum value of 100.
Quiz
Question 4/104/10
A company is adopting AWS CodeDeploy to automate its application deployments for a Java-Apache
Tomcat application with an Apache Webserver. The development team started with a proof of
concept, created a deployment group for a developer environment, and performed functional tests
within the application. After completion, the team will create additional deployment groups for
staging and production.
The current log level is configured within the Apache settings, but the team wants to change this
configuration dynamically when the deployment occurs, so that they can set different log level
configurations depending on the deployment group without having a different application revision
for each group.
How can these requirements be met with the LEAST management overhead and without requiring
different script versions for each deployment group?
Select the answer:Select the answer
1 correct answerA.
Tag the Amazon EC2 instances depending on the deployment group. Then place a script into the
application revision that calls the metadata service and the EC2 API to identify which deployment
group the instance is part of. Use this information to configure the log level settings. Reference the
script as part of the AfterInstall lifecycle hook in the appspec.yml file.
B.
Create a script that uses the CodeDeploy environment variable DEPLOYMENT_GROUP_ NAME to
identify which deployment group the instance is part of. Use this information to configure the log
level settings. Reference this script as part of the BeforeInstall lifecycle hook in the appspec.yml file.
C.
Create a CodeDeploy custom environment variable for each environment. Then place a script into
the application revision that checks this environment variable to identify which deployment group
the instance is part of. Use this information to configure the log level settings. Reference this script as
part of the ValidateService lifecycle hook in the appspec.yml file.
D.
Create a script that uses the CodeDeploy environment variable DEPLOYMENT_GROUP_ID to
identify which deployment group the instance is part of to configure the log level settings. Reference
this script as part of the Install lifecycle hook in the appspec.yml file.
Questions PDF 3/43
Quiz
Question 5/105/10
A company requires its developers to tag all Amazon Elastic Block Store (Amazon EBS) volumes in an
account to indicate a desired backup frequency. This requirement Includes EBS volumes that do not
require backups. The company uses custom tags named Backup_Frequency that have values of none,
dally, or weekly that correspond to the desired backup frequency. An audit finds that developers are
occasionally not tagging the EBS volumes.
A DevOps engineer needs to ensure that all EBS volumes always have the Backup_Frequency tag so
that the company can perform backups at least weekly unless a different value is specified.
Which solution will meet these requirements?
Select the answer:Select the answer
1 correct answerA.
Set up AWS Config in the account. Create a custom rule that returns a compliance failure for all
Amazon EC2 resources that do not have a Backup Frequency tag applied. Configure a remediation
action that uses a custom AWS Systems Manager Automation runbook to apply the
Backup_Frequency tag with a value of weekly.
B.
Set up AWS Config in the account. Use a managed rule that returns a compliance failure for
EC2::Volume resources that do not have a Backup Frequency tag applied. Configure a remediation
action that uses a custom AWS Systems Manager Automation runbook to apply the
Backup_Frequency tag with a value of weekly.
C.
Turn on AWS CloudTrail in the account. Create an Amazon EventBridge rule that reacts to EBS
CreateVolume events. Configure a custom AWS Systems Manager Automation runbook to apply the
Backup_Frequency tag with a value of weekly. Specify the runbook as the target of the rule.
D.
Turn on AWS CloudTrail in the account. Create an Amazon EventBridge rule that reacts to EBS
CreateVolume events or EBS ModifyVolume events. Configure a custom AWS Systems Manager
Automation runbook to apply the Backup_Frequency tag with a value of weekly. Specify the runbook
as the target of the rule.
Quiz
Question 6/106/10
A company is using an Amazon Aurora cluster as the data store for its application. The Aurora cluster
is configured with a single DB instance. The application performs read and write operations on the
database by using the cluster's instance endpoint.
The company has scheduled an update to be applied to the cluster during an upcoming maintenance
window. The cluster must remain available with the least possible interruption during the
maintenance window.
What should a DevOps engineer do to meet these requirements?
Select the answer:Select the answer
1 correct answerA.
Add a reader instance to the Aurora cluster. Update the application to use the Aurora cluster
endpoint for write operations. Update the Aurora cluster's reader endpoint for reads.
B.
Add a reader instance to the Aurora cluster. Create a custom ANY endpoint for the cluster. Update
Questions PDF 4/43
the application to use the Aurora cluster's custom ANY endpoint for read and write operations.
C.
Turn on the Multi-AZ option on the Aurora cluster. Update the application to use the Aurora cluster
endpoint for write operations. Update the Aurora cluster’s reader endpoint for reads.
D.
Turn on the Multi-AZ option on the Aurora cluster. Create a custom ANY endpoint for the cluster.
Update the application to use the Aurora cluster's custom ANY endpoint for read and write
operations.
Quiz
Question 7/107/10
A company must encrypt all AMIs that the company shares across accounts. A DevOps engineer has
access to a source account where an unencrypted custom AMI has been built. The DevOps engineer
also has access to a target account where an Amazon EC2 Auto Scaling group will launch EC2
instances from the AMI. The DevOps engineer must share the AMI with the target account.
The company has created an AWS Key Management Service (AWS KMS) key in the source account.
Which additional steps should the DevOps engineer perform to meet the requirements? (Choose
three.)
Select multiple answer: (Choose 3)Select the answer
3 correct answersA.
In the source account, copy the unencrypted AMI to an encrypted AMI. Specify the KMS key in the
copy action.
B.
In the source account, copy the unencrypted AMI to an encrypted AMI. Specify the default
Amazon Elastic Block Store (Amazon EBS) encryption key in the copy action.
C.
In the source account, create a KMS grant that delegates permissions to the Auto Scaling group
service-linked role in the target account.
D.
In the source account, modify the key policy to give the target account permissions to create a
grant. In the target account, create a KMS grant that delegates permissions to the Auto Scaling group
service-linked role.
E.
In the source account, share the unencrypted AMI with the target account.
F.
In the source account, share the encrypted AMI with the target account.
Quiz
Question 8/108/10
A company uses AWS CodePipeline pipelines to automate releases of its application A typical
pipeline consists of three stages build, test, and deployment. The company has been using a separate
AWS CodeBuild project to run scripts for each stage. However, the company now wants to use AWS
CodeDeploy to handle the deployment stage of the pipelines.
The company has packaged the application as an RPM package and must deploy the application to a
fleet of Amazon EC2 instances. The EC2 instances are in an EC2 Auto Scaling group and are launched
from a common AMI.
Which combination of steps should a DevOps engineer perform to meet these requirements?
(Choose two.)
Questions PDF 5/43
Select multiple answer: (Choose 2)Select the answer
2 correct answersA.
Create a new version of the common AMI with the CodeDeploy agent installed. Update the IAM
role of the EC2 instances to allow access to CodeDeploy.
B.
Create a new version of the common AMI with the CodeDeploy agent installed. Create an AppSpec
file that contains application deployment scripts and grants access to CodeDeploy.
C.
Create an application in CodeDeploy. Configure an in-place deployment type. Specify the Auto
Scaling group as the deployment target. Add a step to the CodePipeline pipeline to use EC2 Image
Builder to create a new AMI. Configure CodeDeploy to deploy the newly created AMI.
D.
Create an application in CodeDeploy. Configure an in-place deployment type. Specify the Auto
Scaling group as the deployment target. Update the CodePipeline pipeline to use the CodeDeploy
action to deploy the application.
E.
Create an application in CodeDeploy. Configure an in-place deployment type. Specify the EC2
instances that are launched from the common AMI as the deployment target. Update the
CodePipeline pipeline to use the CodeDeploy action to deploy the application.
Quiz
Question 9/109/10
A company’s security team requires that all external Application Load Balancers (ALBs) and Amazon
API Gateway APIs are associated with AWS WAF web ACLs. The company has hundreds of AWS
accounts, all of which are included in a single organization in AWS Organizations. The company has
configured AWS Config for the organization. During an audit, the company finds some externally
facing ALBs that are not associated with AWS WAF web ACLs.
Which combination of steps should a DevOps engineer take to prevent future violations? (Choose
two.)
Select multiple answer: (Choose 2)Select the answer
2 correct answersA.
Delegate AWS Firewall Manager to a security account.
B.
Delegate Amazon GuardDuty to a security account.
C.
Create an AWS Firewall Manager policy to attach AWS WAF web ACLs to any newly created ALBs
and API Gateway APIs.
D.
Create an Amazon GuardDuty policy to attach AWS WAF web ACLs to any newly created ALBs and
API Gateway APIs.
E.
Configure an AWS Config managed rule to attach AWS WAF web ACLs to any newly created ALBs
and API Gateway APIs.
Quiz
Question 10/1010/10
A company uses AWS Key Management Service (AWS KMS) keys and manual key rotation to meet
regulatory compliance requirements. The security team wants to be notified when any keys have not
been rotated after 90 days.
Which solution will accomplish this?
Select the answer:Select the answer
1 correct answerA.
Configure AWS KMS to publish to an Amazon Simple Notification Service (Amazon SNS) topic when
Questions PDF 6/43
keys are more than 90 days old.
B.
Configure an Amazon EventBridge event to launch an AWS Lambda function to call the AWS
Trusted Advisor API and publish to an Amazon Simple Notification Service (Amazon SNS) topic.
C.
Develop an AWS Config custom rule that publishes to an Amazon Simple Notification Service
(Amazon SNS) topic when keys are more than 90 days old.
D.
Configure AWS Security Hub to publish to an Amazon Simple Notification Service (Amazon SNS)
topic when keys are more than 90 days old.
Looking for more questions?Buy now
Amazon-DOP-C02 Practice test unlocks all online simulator questions
Thank you for choosing the free version of the Amazon-DOP-C02 practice test! Further deepen your knowledge on Amazon Simulator; by unlocking the full version of our Amazon-DOP-C02 Simulator you will be able to take tests with over 75 constantly updated questions and easily pass your exam. 98% of people pass the exam in the first attempt after preparing with our 75 questions.
BUY NOWWhat to expect from our Amazon-DOP-C02 practice tests and how to prepare for any exam?
The Amazon-DOP-C02 Simulator Practice Tests are part of the Amazon Database and are the best way to prepare for any Amazon-DOP-C02 exam. The Amazon-DOP-C02 practice tests consist of 75 questions and are written by experts to help you and prepare you to pass the exam on the first attempt. The Amazon-DOP-C02 database includes questions from previous and other exams, which means you will be able to practice simulating past and future questions. Preparation with Amazon-DOP-C02 Simulator will also give you an idea of the time it will take to complete each section of the Amazon-DOP-C02 practice test . It is important to note that the Amazon-DOP-C02 Simulator does not replace the classic Amazon-DOP-C02 study guides; however, the Simulator provides valuable insights into what to expect and how much work needs to be done to prepare for the Amazon-DOP-C02 exam.
BUY NOWAmazon-DOP-C02 Practice test therefore represents an excellent tool to prepare for the actual exam together with our Amazon practice test . Our Amazon-DOP-C02 Simulator will help you assess your level of preparation and understand your strengths and weaknesses. Below you can read all the quizzes you will find in our Amazon-DOP-C02 Simulator and how our unique Amazon-DOP-C02 Database made up of real questions:
Info quiz:
- Quiz name:Amazon-DOP-C02
- Total number of questions:75
- Number of questions for the test:50
- Pass score:80%
You can prepare for the Amazon-DOP-C02 exams with our mobile app. It is very easy to use and even works offline in case of network failure, with all the functions you need to study and practice with our Amazon-DOP-C02 Simulator.
Use our Mobile App, available for both Android and iOS devices, with our Amazon-DOP-C02 Simulator . You can use it anywhere and always remember that our mobile app is free and available on all stores.
Our Mobile App contains all Amazon-DOP-C02 practice tests which consist of 75 questions and also provide study material to pass the final Amazon-DOP-C02 exam with guaranteed success. Our Amazon-DOP-C02 database contain hundreds of questions and Amazon Tests related to Amazon-DOP-C02 Exam. This way you can practice anywhere you want, even offline without the internet.
BUY NOW