Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

DOP-C02 Exam Dumps - AWS Certified DevOps Engineer - Professional

Searching for workable clues to ace the Amazon Web Services DOP-C02 Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s DOP-C02 PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 17

A business has an application that consists of five independent AWS Lambda functions.

The DevOps engineer has built a CI/CD pipeline using AWS CodePipeline and AWS CodeBuild that builds tests packages and deploys each Lambda function in sequence. The pipeline uses an Amazon EventBridge rule to ensure the pipeline starts as quickly as possible after a change is made to the application source code.

After working with the pipeline for a few months the DevOps engineer has noticed the pipeline takes too long to complete.

What should the DevOps engineer implement to BEST improve the speed of the pipeline?

A.

Modify the CodeBuild projects within the pipeline to use a compute type with more available network throughput.

B.

Create a custom CodeBuild execution environment that includes a symmetric multiprocessing configuration to run the builds in parallel.

C.

Modify the CodePipeline configuration to run actions for each Lambda function in parallel by specifying the same runorder.

D.

Modify each CodeBuild protect to run within a VPC and use dedicated instances to increase throughput.

Full Access
Question # 18

A DevOps engineer needs a solution to catalog all applications that are installed on on-premises servers and Amazon EC2 instances. The solution must track historical changes and retain the data for 7 years.

Which solution will meet these requirements with the LEAST operational overhead?

A.

Install the AWS Systems Manager Agent (SSM Agent) on the on-premises servers and the EC2 instances. Use Systems Manager Inventory to collect inventory data. Set the retention period for the inventory data to 7 years.

B.

Install the AWS Systems Manager Agent (SSM Agent) on the on-premises servers and the EC2 instances. Use Systems Manager Inventory to collect inventory data. Use a Systems Manager resource data sync to send inventory data from all the managed nodes to a single Amazon S3 bucket. Set an object lifecycle rule to delete objects after 7 years.

C.

Install the AWS Systems Manager Agent (SSM Agent) on the on-premises servers and the EC2 instances. Use Systems Manager Inventory to collect inventory data. Use AWS Config to capture history and track changes. Set the retention period for the AWS Config data to 7 years.

D.

Configure an Amazon S3 bucket with an object lifecycle rule that deletes objects after 7 years. Create a custom script to collect inventory data from the on-premises servers and the EC2 instances. Configure the script to send the inventory data to the S3 bucket. Configure an IAM role for the EC2 instances and IAM Roles Anywhere for the on-premises servers with appropriate permissions.

Full Access
Question # 19

A company ' s production environment uses an AWS CodeDeploy blue/green deployment to deploy an application. The deployment incudes Amazon EC2 Auto Scaling groups that launch instances that run Amazon Linux 2.

A working appspec. ymi file exists in the code repository and contains the following text.

A DevOps engineer needs to ensure that a script downloads and installs a license file onto the instances before the replacement instances start to handle request traffic. The DevOps engineer adds a hooks section to the appspec. yml file.

Which hook should the DevOps engineer use to run the script that downloads and installs the license file?

A.

AfterBlockTraffic

B.

BeforeBlockTraffic

C.

Beforelnstall

D.

Down load Bundle

Full Access
Question # 20

A company hired a penetration tester to simulate an internal security breach The tester performed port scans on the company ' s Amazon EC2 instances. The company ' s security measures did not detect the port scans.

The company needs a solution that automatically provides notification when port scans are performed on EC2 instances. The company creates and subscribes to an Amazon Simple Notification Service (Amazon SNS) topic.

What should the company do next to meet the requirement?

A.

Ensure that Amazon GuardDuty is enabled Create an Amazon CloudWatch alarm for detected EC2 and port scan findings. Connect the alarm to the SNS topic.

B.

Ensure that Amazon Inspector is enabled Create an Amazon EventBridge event for detected network reachability findings that indicate port scans Connect the event to the SNS topic.

C.

Ensure that Amazon Inspector is enabled. Create an Amazon EventBridge event for detected CVEs that cause open port vulnerabilities. Connect the event to the SNS topic

D.

Ensure that AWS CloudTrail is enabled Create an AWS Lambda function to analyze the CloudTrail logs for unusual amounts of traffic from an IP address range Connect the Lambda function to the SNS topic.

Full Access
Question # 21

A company provides an application to customers. The application has an Amazon API Gateway REST API that invokes an AWS Lambda function. On initialization, the Lambda function loads a large amount of data from an Amazon DynamoDB table. The data load process results in long cold-start times of 8-10 seconds. The DynamoDB table has DynamoDB Accelerator (DAX) configured.

Customers report that the application intermittently takes a long time to respond to requests. The application receives thousands of requests throughout the day. In the middle of the day, the application experiences 10 times more requests than at any other time of the day. Near the end of the day, the application ' s request volume decreases to 10% of its normal total.

A DevOps engineer needs to reduce the latency of the Lambda function at all times of the day.

Which solution will meet these requirements?

A.

Configure provisioned concurrency on the Lambda function with a concurrency value of 1. Delete the DAX cluster for the DynamoDB table.

B.

Configure reserved concurrency on the Lambda function with a concurrency value of 0.

C.

Configure provisioned concurrency on the Lambda function. Configure AWS Application Auto Scaling on the Lambda function with provisioned concurrency values set to a minimum of 1 and a maximum of 100.

D.

Configure reserved concurrency on the Lambda function. Configure AWS Application Auto Scaling on the API Gateway API with a reserved concurrency maximum value of 100.

Full Access
Question # 22

A development team manually builds a local artifact. The development team moves the artifact to an Amazon S3 bucket to support an application. The application has a local cache that must be cleared when the development team deploys the application to Amazon EC2 instances. For each deployment, the development team runs a command to clear the cache, download the artifact from the S3 bucket, and unzip the artifact to complete the deployment.

The development team wants to migrate the deployment process to a CI/CD process and to track the progress of each deployment.

Which combination of actions will meet these requirements with the MOST operational efficiency? (Select THREE.)

A.

Set up an AWS CodeConnections compatible Git repository. Allow developers to merge code into the repository. Use AWS CodeBuild to build an artifact and copy the object into the S3 bucket. Configure CodeBuild to run for every merge into the main branch.

B.

Create a custom script to clear the cache. Specify the script in the BeforeInstall lifecycle hook in the AppSpec file.

C.

Create user data for each EC2 instance that contains the cache clearing script. Test the application after deployment. If the deployment is not successful, then redeploy.

D.

Use AWS CodePipeline to deploy the application. Set up an AWS CodeConnections compatible Git repository. Allow developers to merge code into the repository as a source for the pipeline.

E.

Use AWS CodeBuild to build the artifact and place the artifact in the S3 bucket. Use AWS CodeDeploy to deploy the artifact to EC2 instances.

F.

Use AWS Systems Manager to fetch the artifact from the S3 bucket and to deploy the artifact to all the EC2 instances.

Full Access
Question # 23

The security team depends on AWS CloudTrail to detect sensitive security issues in the company ' s AWS account. The DevOps engineer needs a solution to auto-remediate CloudTrail being turned off in an AWS account.

What solution ensures the LEAST amount of downtime for the CloudTrail log deliveries?

A.

Create an Amazon EventBridge rule for the CloudTrail StopLogging event. Create an AWS Lambda (unction that uses the AWS SDK to call StartLogging on the ARN of the resource in which StopLogging was called. Add the Lambda function ARN as a target to the EventBridge rule.

B.

Deploy the AWS-managed CloudTrail-enabled AWS Config rule set with a periodic interval to 1 hour. Create an Amazon EventBridge rule tor AWS Config rules compliance change. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on the ARN of the resource in which StopLoggmg was called. Add the Lambda function ARN as a target to the EventBridge rule.

C.

Create an Amazon EventBridge rule for a scheduled event every 5 minutes. Create an AWS Lambda function that uses the AWS SDK to call StartLogging on a CloudTrail trail in the AWS account. Add the Lambda function ARN as a target to the EventBridge rule.

D.

Launch a t2 nano instance with a script running every 5 minutes that uses the AWS SDK to query CloudTrail in the current account. If the CloudTrail trail is disabled have the script re-enable the trail.

Full Access
Question # 24

A company has multiple member accounts that are part of an organization in AWS Organizations. The security team needs to review every Amazon EC2 security group and their inbound and outbound rules. The security team wants to programmatically retrieve this information from the member accounts using an AWS Lambda function in the management account of the organization.

Which combination of access changes will meet these requirements? (Choose three.)

A.

Create a trust relationship that allows users in the member accounts to assume the management account IAM role.

B.

Create a trust relationship that allows users in the management account to assume the IAM roles of the member accounts.

C.

Create an IAM role in each member account that has access to the AmazonEC2ReadOnlyAccess managed policy.

D.

Create an I AM role in each member account to allow the sts:AssumeRole action against the management account IAM role ' s ARN.

E.

Create an I AM role in the management account that allows the sts:AssumeRole action against the member account IAM role ' s ARN.

F.

Create an IAM role in the management account that has access to the AmazonEC2ReadOnlyAccess managed policy.

Full Access
Go to page: