• Home
  • Articles
  • Latest AWS-DevOps-Engineer-Professional Pass Guaranteed Exam Dumps with Accurate & Updated Questions [Q268-Q286]

Latest AWS-DevOps-Engineer-Professional Pass Guaranteed Exam Dumps with Accurate & Updated Questions [Q268-Q286]

Share

Latest AWS-DevOps-Engineer-Professional Pass Guaranteed Exam Dumps with Accurate & Updated Questions

AWS-DevOps-Engineer-Professional Exam Brain Dumps - Study Notes and Theory


The AWS-DevOps certification exam is an essential certification for professionals who want to validate their skills and knowledge in DevOps practices using AWS technologies. AWS-DevOps-Engineer-Professional exam covers a wide range of topics and skills that are essential for professionals in the field. Passing this certification exam is an excellent way to demonstrate your expertise to potential employers and clients and can help you take your career to the next level.

 

NEW QUESTION # 268
What is the scope of an EC2 EIP?

  • A. Placement Group
  • B. VPC
  • C. Region
  • D. Availability Zone

Answer: C

Explanation:
An Elastic IP address is tied to a region and can be associated only with an instance in the same region.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resources.html


NEW QUESTION # 269
A development team is using AWS CodeCommit to version control application code and AWS CodePipeline to orchestrate software deployments. The team has decided to use a remote master branch as the trigger (or the pipeline to integrate code changes. A developer has pushed code changes to the CodeCommit repository, but noticed that the pipeline had no reaction, even after 10 minutes.
Which of the following actions should be taken to troubleshoot this issue?

  • A. Check to see if the pipeline failed to start because of CodeCommit errors in Amazon CloudWatch Logs.
  • B. Check that the CodePipeline service role has permission to access the CodeCommit repository.
  • C. Check that an Amazon CloudWatch Events rule has been created for the master branch to trigger the pipeline.
  • D. Check that the developer's IAM role has permission to push to the CodeCommit repository.

Answer: D


NEW QUESTION # 270
A company is using AWS Organizations to create separate AWS accounts for each of its departments. It needs to automate the following tasks:
Updating the Linux AMIs with new patches periodically and generating a golden image Installing a new version of Chef agents in the golden image, if available Enforcing the use of the newly generated golden AMIs in the department's account Which option requires the LEAST management overhead?

  • A. Use an AWS Systems Manager Run Command to update the Chef agent first, use Amazon EC2 Systems Manager Automation to generate an updated AMI, and then assume an IAM role to copy the new golden AMI into the departments' accounts.
  • B. Write a script to launch an Amazon EC2 instance from the previous golden AMI, apply the patch updates, install the new version of the Chef agent, generate a new golden AMI, and then modify the AMI permissions to share only the new image with the departments' accounts.
  • C. Use AWS Systems Manager Automation to update the Linux AMI from the previous golden image, provide the URL for the script that will update the Chef agent, and then share only the newly generated AMI with the departments' accounts.
  • D. Use AWS Systems Manager Automation to update the Linux AMI using the previous image, provide the URL for the script that will update the Chef agent, and then use AWS Organizations to replace the previous golden AMI into the departments' accounts.

Answer: A


NEW QUESTION # 271
A DevOps Engineer discovered a sudden spike in a website's page load times and found that a recent deployment occurred. A brief diff of the related commit shows that the URL for an external API call was altered and the connecting port changed from 80 to 443. The external API has been verified and works outside the application. The application logs show that the connection is now timing out, resulting in multiple retries and eventual failure of the call.
Which debug steps should the Engineer take to determine the root cause of the issue'?

  • A. Check the application logs being written to Amazon CloudWatch Logs for debug information. Check the ingress security group rules and routing rules for the VPC.
  • B. Check the egress security group rules and network ACLs for the VPC. Also check the VPC flow logs looking for accepts originating from the web Auto Scaling group.
  • C. Check the VPC Flow Logs looking for denies originating from Amazon EC2 instances that are part of the web Auto Scaling group. Check the ingress security group rules and routing rules for the VPC.
  • D. Check the existing egress security group rules and network ACLs for the VPC. Also check the application logs being written to Amazon CloudWatch Logs for debug information.

Answer: B


NEW QUESTION # 272
You work for a startup that has developed a new photo-sharing application for mobile devices.
Over recent months your application has increased in popularity; this has resulted in a decrease in the performance of the application clue to the increased load.
Your application has a two-tier architecture that is composed of an Auto Scaling PHP application tier and a MySQL RDS instance initially deployed with AWS CloudFormation.
Your Auto Scaling group has a min value of 4 and a max value of 8. The desired capacity is now at 8 because of the high CPU utilization of the instances.
After some analysis, you are confident that the performance issues stem from a constraint in CPU capacity, although memory utilization remains low.
You therefore decide to move from the general-purpose M3 instances to the compute-optimized C3 instances.
How would you deploy this change while minimizing any interruption to your end users?

  • A. Update the launch configuration specified in the AWS CloudFormation template with the new C3 instance type.
    Run a stack update with the new template.
    Auto Scaling will then update the instances with the new instance type.
  • B. Update the launch configuration specified in the AWS CloudFormation template with the new C3 instance type.
    Also add an UpdatePolicy attribute to your Auto Scaling group that specifies AutoScalingRollingUpdate.
    Run a stack update with the new template.
  • C. Sign into the AWS Management Console, copy the old launch configuration, and create a new launch configuration that specifies the C3 instances.
    Update the Auto Scaling group with the new launch configuration.
    Auto Scaling will then update the instance type of all running instances.
  • D. Sign into the AWS Management Console, and update the existing launch configuration with the new C3 instance type.
    Add an UpdatePolicy attribute to your Auto Scaling group that specifies AutoScalingRollingUpdate.

Answer: B


NEW QUESTION # 273
Your social media marketing application has a component written in Ruby running on AWS Elastic Beanstalk.
This application component posts messages to social media sites in support of various marketing campaigns.
Your management now requires you to record replies to these social media messages to analyze the effectiveness of the marketing campaign in comparison to past and future efforts. You've already developed a new application component to interface with the social media site APIs in order to read the replies. Which process should you use to record the social media replies in a durable data store that can be accessed at any time for analytics of historical data?

  • A. Deploythe new application component as an Elastic Beanstalk application, read thedata from the social media sites, store it in DynamoDB, and use Apache Hivewith Amazon Elastic MapReduce for analytics.
  • B. Deploythe new application component as an Amazon Elastic Beanstalk application, readthe data from the social media site, store it with Amazon Elastic Block store,and use Amazon Kinesis to stream the data to Amazon Cloud Watch for analytics
  • C. Deploythe new application component in an Auto Scaling group of Amazon EC2 instances,read the data from the social media sites, store it with Amazon Elastic BlockStore, and use AWS Data Pipeline to publish it to Amazon Kinesis for analytics.
  • D. Deploythe new application component in an Auto Scaling group of Amazon EC2 instances,read the data from the social media sites, store it in Amazon Glacier, and useAWS Data Pipeline to publish it to Amazon RedShift for analytics.

Answer: A

Explanation:
Explanation
The AWS Documentation mentions the below
Amazon DynamoDB is a fast and flexible NoSQL database sen/ice for all applications that need consistent, single-digit millisecond latency at any scale. It is a fully managed cloud database and supports both document and key-value store models. Its flexible data model, reliable performance, and automatic scaling of throughput capacity, makes it a great fit for mobile, web, gaming, ad tech, loT, and many other applications.
For more information on AWS DynamoDB please see the below link:
* https://aws.amazon.com/dynamodb/


NEW QUESTION # 274
You are a Devops engineer for your company.There is a requirement to host a custom application which has custom dependencies for a development team. This needs to be done using AWS service. Which of the following is the ideal way to fulfil this requirement.

  • A. Packagethe application and dependencies with Docker, and deploy the Docker containerwith Elastic Beanstalk.
  • B. Packagethe application and dependencies in an S3 file, and deploy the Docker containerwith Elastic Beanstalk.
  • C. Packagethe application and dependencies with Docker, and deploy the Docker containerwith CloudFormation.
  • D. Packagethe application and dependencies with in Elastic Beanstalk, and deploy withElastic Beanstalk

Answer: A

Explanation:
Explanation
The AWS Documentation mentions
Clastic Beanstalk supports the deployment of web applications from Docker containers. With Docker containers, you can define your own runtime environment. You can choose your own platform, programming language, and any application dependencies (such as package managers or tools), that aren't supported by other platforms. Docker containers are self-contained and include all the configuration information and software your web application requires to run.
For more information on Elastic beanstalk and Docker, please visit the below URL:
* http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.
html


NEW QUESTION # 275
A software company wants to automate the build process for a project where the code is stored in GitHub.
When the repository is updated, source code should be compiled, tested, and pushed to Amazon S3.
Which combination of steps would address these requirements? (Select THREE.)

  • A. Create an AWS OpsWorks deployment with the install dependencies command.
  • B. Provision an Amazon EC2 instance to perform the build.
  • C. Create an AWS CodeBuild project with GitHub as the source repository.
  • D. Configure a GitHub webhook to trigger a build every time a code change is pushed to the repository.
  • E. Add a buildspec.yml file to the source code with build instructions.
  • F. Create an AWS CodeDeploy application with the Amazon EC2/On-Premises compute platform.

Answer: C,E,F


NEW QUESTION # 276
A company is creating a software solution that executes a specific parallel-processing mechanism. The software can scale to tens of servers in some special scenarios. This solution uses a proprietary library that is license-based, requiring that each individual server have a single, dedicated license installed. The company has 200 licenses and is planning to run 200 server nodes concurrently at most.
The company has requested the following features:
* A mechanism to automate the use of the licenses at scale.
* Creation of a dashboard to use in the future to verify which licenses are available at any moment.
What is the MOST effective way to accomplish these requirements?

  • A. Upload the licenses to a private Amazon S3 bucket. Populate an Amazon SQS queue with the list of licenses stored in S3. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script acquire an available license from SQS. Create an Auto Scaling lifecycle hook, then use it to put the license back in SQS after the instance is terminated.
  • B. Upload the licenses to an Amazon DynamoDB table. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the DynamoDB table. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.
  • C. Upload the licenses to a private Amazon S3 bucket. Create an AWS CloudFormation template with a Mappings section for the licenses. In the template, create an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the Mappings section. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.
  • D. Upload the licenses to an Amazon DynamoDB table. Create an AWS CLI script to launch the servers by using the parameter --count, with min:max instances to launch. In the user data script, acquire an available license from the DynamoDB table. Monitor each instance and, in case of failure, replace the instance, then manually update the DynamoDB table.

Answer: D


NEW QUESTION # 277
You need to migrate 10 million records in one hour into DynamoDB. All records are 1.5KB in size.
The data is evenly distributed across the partition key. How many write capacity units should you provision during this batch load?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D

Explanation:
You need 2 units to make a 1.5KB write, since you round up. You need 20 million total units to perform this load. You have 3600 seconds to do so. Divide and round up for 5556.
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ProvisionedT hroughp ut.html


NEW QUESTION # 278
A DevOps Engineer has several legacy applications that all generate different log formats. The Engineer must standardize the formats before writing them to Amazon S3 for querying and analysis.
How can this requirement be met at the LOWEST cost?

  • A. Use Amazon Kinesis Agent on each server to upload the logs and have Amazon Kinesis Data Firehose use an AWS Lambda function to normalize the logs before writing them to Amazon S3
  • B. Have the application send its logs to an Amazon EMR cluster and normalize the logs before sending them to Amazon S3
  • C. Keep the logs in Amazon S3 and use Amazon Redshift Spectrum to normalize the logs in place
  • D. Have the application send its logs to Amazon QuickSight, then use the Amazon QuickSight SPICE engine to normalize the logs. Do the analysis directly from Amazon QuickSight

Answer: A


NEW QUESTION # 279
A vendor needs access to your AWS account. They need to be able to read protected messages in a private S3
bucket. They have a separate AWS account. Which of the solutions below is the best way to do this?

  • A. Createan S3 bucket policy that allows the vendor to read from the bucket from theirAWS account.
  • B. Allowthe vendor to ssh into your EC2 instance and grant them an 1AM role with fullaccess to the
    bucket.
  • C. Createa cross-account 1AM role with permission to access the bucket, and grantpermission to use the
    role to the vendor AWS account.
  • D. Createan 1AM User with API Access Keys. Give the vendor the AWS Access Key ID and AWSSecret
    Access Key for the user.

Answer: C

Explanation:
Explanation
The AWS Documentation mentions the following on cross account roles
You can use AWS Identity and Access Management (I AM) roles and AWS Security Token Service (STS) to
set up cross-account access between AWS accounts. When you assume an 1AM role in another AWS account
to obtain cross-account access to services and resources in that account, AWS CloudTrail logs the
cross-account activity. For more information on Cross account roles, please visit the below URL
* http://docs.aws.amazon.com/IAM/latest/UserGuide/tuto
rial_cross-account-with-roles.htm I
* https://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example2.htm


NEW QUESTION # 280
An interactive, dynamic website runs on Amazon EC2 instances in a single subnet behind an ELB Classic
Load Balancer.
Which design changes will make the site more highly available?

  • A. Move some Amazon EC2 instances to a subnet in a different way.
  • B. Change the ELB to an Application Load Balancer.
  • C. Move some Amazon EC2 instances to a subnet in the same Availability Zone.
  • D. Move the website to Amazon S3.

Answer: B


NEW QUESTION # 281
A company's DevOps team launches a WorkSpace using Amazon WorkSpaces for each new user. Recently, the Security team said that WorkSpaces for these new users are not consistently being tagged. Company policy requires that all WorkSpaces be tagged with USERNAME automatically upon creation.
Which combination of steps should the DevOps Engineer take to address this requirement? (Choose two.)

  • A. Enable custom tagging for Amazon WorkSpaces from the directory details.
  • B. Add an AWS Lambda function policy allowing cloudtrail.amazonaws.com to use the lambda:InvokeFunction action.
  • C. Create a new Amazon CloudWatch Events event pattern rule based on Amazon WorkSpaces with an AWS API Call via CloudTrail event type. Select the CreateWorkspaces operation, and target an AWS Lambda function that will tag the Workspace.
  • D. Ensure AWS CloudTrail is enabled in all Regions where WorkSpaces are created.
  • E. Create a new Amazon CloudWatch Events scheduled event rule based on Amazon WorkSpaces with an interval of 1 minute. Target an AWS Lambda function that will tag the Workspace.

Answer: A,C


NEW QUESTION # 282
Your company needs to automate 3 layers of a large cloud deployment. You want to be able to track this deployment's evolution as it changes over time, and carefully control any alterations. What is a good way to automate a stack to meet these requirements?

  • A. Use AWS Config to declare a configuration set that AWS should roll out to your cloud.
  • B. Use CloudFormation Nested Stack Templates, with three child stacks to represent the three logical layers of your cloud.
  • C. Use OpsWorks Stacks with three layers to model the layering in your stack.
  • D. Use Elastic Beanstalk Linked Applications, passing the important DNS entires between layers using the metadata interface.

Answer: B

Explanation:
Explanation
As your infrastructure grows, common patterns can emerge in which you declare the same components in each of your templates. You can separate out these common components and create dedicated templates for them.
That way, you can mix and match different templates but use nested stacks to create a single, unified stack. Nested stacks are stacks that create other stacks. To create nested stacks, use the AWS:: Cloud Form ation::Stackresource in your template to reference other templates.
For more information on nested stacks, please visit the below URL:
* http://docs^ws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.html#nested Note:
The query is, how you can automate a stack over the period of time, when changes are required, with out recreating the stack.
The function of Nested Stacks are to reuse Common Template Patterns.
For example, assume that you have a load balancer configuration that you use for most of your stacks. Instead of copying and pasting the same configurations into your templates, you can create a dedicated template for the load balancer. Then, you just use the resource to reference that template from within other templates.
Yet another example is if you have a launch configuration with certain specific configuration and you need to change the instance size only in the production environment and to leave it as it is in the development environment.
AWS also recommends that updates to nested stacks are run from the parent stack.
When you apply template changes to update a top-level stack, AWS CloudFormation updates the top-level stack and initiates an update to its nested stacks. AWS Cloud Formation updates the resources of modified nested stacks, but does not update the resources of unmodified nested stacks.


NEW QUESTION # 283
A security review has identified that an AWS CodeBuild project is downloading a database population script from an Amazon S3 bucket using an unauthenticated request. The Security team does not allow unauthenticated requests to S3 buckets for this project.
How can this issue be corrected in the MOST secure manner?

  • A. Remove unauthenticated access from the S3 bucket with a bucket policy. Modify the service role for the CodeBuild project to include Amazon S3 access. Use the AWS CLI to download the database population script.
  • B. Add the bucket name to the AllowedBuckets section of the CodeBuild project settings. Update the build spec to use the AWS CLI to download the database population script.
  • C. Modify the S3 bucket settings to enable HTTPS basic authentication and specify a token. Update the build spec to use cURL to pass the token and download the database population script.
  • D. Remove unauthenticated access from the S3 bucket with a bucket policy. Use the AWS CLI to download the database population script using an IAM access key and a secret access key.

Answer: A

Explanation:
You'd need to remove unauthenticated access to secure the bucket and by adding S3 access to the service role you're not having to pass credentials which could be intercepted.


NEW QUESTION # 284
The project you are working on currently uses a single AWS CloudFormation template to deploy its AWS infrastructure, which supports a multi-tier web application.
You have been tasked with organizing the AWS CloudFormation resources so that they can be maintained in the future, and so that different departments such as Networking and Security can review the architecture before it goes to Production.
How should you do this in a way that accommodates each department, using their existing workflows?

  • A. Separate the AWS CloudFormation template into a nested structure that has individual templates for the resources that are to be governed by different departments, and use the outputs from the networking and security stacks for the application template that you control
  • B. Organize the AWS CloudFormation template so that related resources are next to each other in the template, such as VPC subnets and routing rules for Networking and security groups and IAM information for Security.
  • C. Organize the AWS CloudFormation template so that related resources are next to each other in the template for each department's use, leverage your existing continuous integration tool to constantly deploy changes from all parties to the Production environment, and then run tests for validation.
  • D. Use a custom application and the AWS SDK to replicate the resources defined in the current AWS CloudFormation template, and use the existing code review system to allow other departments to approve changes before altering the application for future deployments.

Answer: A


NEW QUESTION # 285
The Security team depends on AWS CloudTrail to detect sensitive security issues in the company's AWS account. The DevOps Engineer needs a solution to auto-remediate CloudTrail being turned off in an AWS account.
What solution ensures the LEAST amount of downtime for the CloudTrail log deliveries?

  • A. Deploy the AWS-managed CloudTrail-enabled AWS Config rule, set with a periodic interval of 1 hour.
    Create an Amazon CloudWatch Events rule for AWS Config rules compliance change. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on the ARN of the resource in which StopLogging was called. Add the Lambda function ARN as a target to the CloudWatch Events rule.
  • B. Launch a t2.nano instance with a script running every 5 minutes that uses the AWS SDK to query CloudTrail in the current account. If the CloudTrail trail is disabled, have the script re-enable the trail.
  • C. Create an Amazon CloudWatch Events rule for a scheduled event every 5 minutes. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on an CloudTrail trail in the AWS account. Add the Lambda function ARN as a target to the CloudWatch Events rule.
  • D. Create an Amazon CloudWatch Events rule for the CloudTrail StopLogging event. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on the ARN of the resource in which StopLogging was called. Add the Lambda function ARN as a target to the CloudWatch Events rule.

Answer: D


NEW QUESTION # 286
......


The AWS Certified DevOps Engineer - Professional (DOP-C01) exam is a challenging but rewarding certification for experienced DevOps professionals. It requires a deep understanding of AWS services and DevOps principles, as well as a significant amount of preparation. However, earning this certification can help IT professionals advance their careers and demonstrate their expertise in AWS DevOps.

 

Pass Amazon AWS-DevOps-Engineer-Professional Test Practice Test Questions Exam Dumps: https://certification-questions.pdfvce.com/Amazon/AWS-DevOps-Engineer-Professional-exam-pdf-dumps.html

Related Articles

more
Amazon AWS-DevOps-Engineer-Professional Certification Practice Exam