• Home
  • Blogs
  • 100% Updated Amazon DOP-C01 Enterprise PDF Dumps [Q17-Q34]

100% Updated Amazon DOP-C01 Enterprise PDF Dumps [Q17-Q34]

Share

100% Updated Amazon DOP-C01 Enterprise PDF Dumps

Use Valid Exam DOP-C01 by Prep4away Books For Free Website

NEW QUESTION 17
A company wants to use a grid system for a proprietary enterprise in-memory data store on top of AWS. This system can run in multiple server nodes in any Linux-based distribution. The system must be able to reconfigure the entire cluster every time a node is added or removed. When adding or removing nodes, an / etc./cluster/nodes.config file must be updated, listing the IP addresses of the current node members of that cluster The company wants to automate the task of adding new nodes to a cluster.
What can a DevOps Engineer do to meet these requirements?

  • A. Put the file nodes.config in version control. Create an AWS CodeDeploy deployment configuration and deployment group based on an Amazon EC2 tag value for the cluster nodes. When adding a new node to the cluster, update the file with all tagged instances, and make a commit in version control. Deploy the new file and restart the services.
  • B. Create a user data script that lists all members of the current security group of the cluster and automatically updates the /etc/cluster/nodes.config file whenever a new instance is added to the cluster
  • C. Use AWS OpsWorks Stacks to layer the server nodes of that cluster. Create a Chef recipe that populates the content of the /etc/cluster/nodes.config file and restarts the service by using the current members of the layer. Assign that recipe to the Configure lifecycle event.
  • D. Create an Amazon S3 bucket and upload a version of the etc/cluster/nodes.config file. Create a crontab script that will poll for that S3 file and download it frequently. Use a process manager, such as Monit or systemd, to restart the cluster services when it detects that the new file was modified. When adding a node to the cluster, edit the file's most recent members. Upload the new file to the S3 bucket.

Answer: C

Explanation:
Explanation
https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-events.html

 

NEW QUESTION 18
Your IT company is currently hosting a production environment in Elastic beanstalk. You understand that the
Elastic beanstalk service provides a facility known as Managed updates which are minor and patch version
updates which are periodically required for your system. Your IT supervisor is worried about the impact that
these updates would have on the system. What can you tell about the Elastic beanstalk service with regards to
managed updates

  • A. All of the above
  • B. Elastic Beanstalk applies managed updates with no reduction in capacity
  • C. Elastic Beanstalk applies managed updates with no downtime
  • D. Package updates can be configurable weekly maintenance window

Answer: A

Explanation:
Explanation
The AWS Documentation mentions the following on package updates for the Clastic beanstalk environment
You can configure your environment to apply minor and patch version updates automatically during a
configurable weekly maintenance window with Managed
Platform Updates. Elastic Beanstalk applies managed updates with no downtime or reduction in capacity, and
cancels the update immediately if instances running
your application on the new version fail health checks.
For more information on Elastic beanstalk managed updates please refer to the URL:
* https://docs.aws.a mazon.com/elasticbeanstalk/latest/dg/environment- platform -update-managed, html
* http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.platform.upgrade.html

 

NEW QUESTION 19
A DevOps Engineer has a single Amazon Dynamo DB table that received shipping orders and tracks inventory. The Engineer has three AWS Lambda functions reading from a DymamoDB stream on that table.
The Lambda functions perform various functions such as doing an item count, moving items to Amazon Kinesis Data Firehose, monitoring inventory levels, and creating vendor orders when parts are low.
While reviewing logs, the Engineer notices the Lambda functions occasionally fail under increased load, receiving a stream throttling error.
Which is the MOST cost-effective solution that requires the LEAST amount of operational management?

  • A. Use AWS Glue integration to ingest the DynamoDB stream, then migrate the Lambda code to an AWS Fargate task.
  • B. Create a fourth Lambda function and configure it to be the only Lambda reading from the stream. Then use this Lambda function to pass the payload to the other three Lambda functions.
  • C. Have the Lambda functions query the table directly and disable DynamoDB streams. Then have the Lambda functions query from a global secondary index.
  • D. Use Amazon Kinesis streams instead of Dynamo DB streams, then use Kinesis analytics to trigger the Lambda functions.

Answer: B

 

NEW QUESTION 20
A media customer has several thousand Amazon EC2 instances in an AWS account. The customer is using a Slack channel for team communications and important updates. A DevOps Engineer was told to send all AWS-scheduled EC2 maintenance notifications to the company Slack channel.
Which method should the Engineer use to implement this process in the LEAST amount of steps?

  • A. Integrate EC2 events with Amazon CloudWatch monitoring. Based on the CloudWatch Alarm created, the alarm can invoke an AWS Lambda function to send EC2 maintenance notifications to the Slack channel.
  • B. Integrate AWS Personal Health Dashboard with Amazon CloudWatch Events. Based on the CloudWatch Events created, the event can invoke an AWS Lambda function to send notifications to the Slack channel.
  • C. Integrate AWS Support with AWS CloudTrail. Based on the CloudTrail lookup event created, the event can invoke an AWS Lambda function to pass EC2 maintenance notifications to the Slack channel.
  • D. Integrate AWS Trusted Advisor with AWS Config. Based on the AWS Config rules created, the AWS Config event can invoke an AWS Lambda function to send notifications to the Slack channel.

Answer: A

 

NEW QUESTION 21
You have ana video processing application hosted in AWS. The video's are uploaded by users onto the site.
You have a program that is custom built to process those videos. The program is able to recover incase there are any failures when processing the videos. Which of the following mechanisms can be used to deploy the instances for carrying out the video processing activities, ensuring that the cost is kept at a minimum.

  • A. Create a launch configuration with Spot Instances. Ensure the User Data section details the installation of the custom software. Create an Autoscalinggroupwith the launch configuration.
  • B. Create a launch configuration with Dedicated Instances. Ensure the User Data section details the installation of the custom software. Create an Autoscaling group with the launch configuration.
  • C. Create a launch configuration with Reserved Instances. Ensure the User Data section details the installation of the custom software. Create an Autoscalinggroup with the launch configuration.
  • D. Create a launch configuration with On-Demand Instances. Ensure the User Data section details the installation of the custom software. Create an Autoscaling group with the launch configuration.

Answer: A

Explanation:
Explanation
Since the application can recover from failures and cost is the priority, then Spot instances are the best bet for this requirement. The launch configuration has the facility to request for Spot Instances.
The below snapshot from the Launch configuration section shows that Spot Instances can be used for AutoScaling Groups.

For more information on Spot Instances and Autoscaling, please visit the below URL:
* http://docs^ws.amazon.com/autoscaling/latest/userguide/US-Spotlnstances.html

 

NEW QUESTION 22
A DevOps Engineer manages an application that has a cross-region failover requirement. The application stores its data in an Amazon Aurora on Amazon RDS database in the primary region with a read replica in the secondary region. The application uses Amazon Route 53 to direct customer traffic to the active region.
Which steps should be taken to MINIMIZE downtime if a primary database fails?

  • A. Set up Route 53 to balance traffic between both regions equally. Enable the Aurora multi-master option, then set up a Route 53 health check to analyze the health of the databases. Configure Route 53 to automatically direct all traffic to the secondary region when a primary database fails.
  • B. Use Amazon CloudWatch to monitor the status of the RDS instance. In the event of a failure, use a CloudWatch Events rule to send a short message service (SMS) to the Systems Operator using Amazon SNS. Have the Systems Operator redirect traffic to an Amazon S3 static website that displays a downtime message. Promote the RDS read replica to the master. Confirm that the application is working normally, then redirect traffic from the Amazon S3 website to the secondary region.
  • C. Set up an Amazon CloudWatch Events rule to periodically invoke an AWS Lambda function that checks the health of the primary database. If a failure is detected, the Lambda function promotes the read replica. Then, update Route 53 to redirect traffic from the primary to the secondary region.
  • D. Use RDS Event Notification to publish status updates to an Amazon SNS topic. Use an AWS Lambda function subscribed to the topic to monitor database health. In the event of a failure, the Lambda function promotes the read replica, then updates Route 53 to redirect traffic from the primary region to the secondary region.

Answer: D

Explanation:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html

 

NEW QUESTION 23
A startup company is developing a web application on AWS. It plans to use Amazon RDS for persistence and deploy the application to Amazon EC2 with an Auto Scaling group. The company would also like to separate the environments for development, testing, and production. What is the MOST secure and flexible approach to manage the application configuration?

  • A. Create a property file to include the configuration and the encrypted passwords. Check in the property file to the source repository, package the property file with the application, and deploy the application.
    Create an environment tag for the EC2 instances and tag the instances respectively. The application will extract the necessary property values based on the environment tag.
  • B. Create a property file for each environment to include the environment-specific configuration and an encrypted password. Check in the property files to the source repository. During deployment, use only the environment-specific property file with the application. The application will read the needed property values from the deployed property file.
  • C. Create a property file for each environment to include the environment-specific configuration.
    Create a private Amazon S3 bucket and save the property files in the bucket. Save the encrypted passwords in the AWS Systems Manager Parameter Store. Create an environment tag for the EC2 instances and tag the instances respectively. The application will read the needed property values from the environment-specific property file in the S3 bucket and the parameter store.
  • D. Create a property file for each environment to include the environment-specific configuration.
    Create a private Amazon S3 bucket and save the property files in the bucket. Save the passwords in the bucket with AWS KMS encryption. During deployment, the application will read the needed property values from the environment-specific property file in the S3 bucket.

Answer: C

Explanation:
D is right, as tagging is widely used for different env deployment.
Also SSM for storing passwords.

 

NEW QUESTION 24
You have an AWS OpsWorks Stack running Chef Version 11.10. Your company hosts its own proprietary cookbook on Amazon S3, and this is specified as a custom cookbook in the stack. You want to use an open-source cookbook located in an external Git repository. What tasks should you perform to enable the use of both custom cookbooks?

  • A. Inthe AWS OpsWorks stack settings, enable Berkshelf. Create a new cookbook with aBerksfile that specifies the other two cookbooks. Configure the stack to usethis new cookbook.
  • B. Inthe OpsWorks stack settings add the open source project's cookbook details inaddition to your cookbook.
  • C. Contactthe open source project's maintainers and request that they pull your cookbookinto theirs. Update the stack to use their cookbook.
  • D. Inyour cookbook create an S3 symlink object that points to the open sourceproject's cookbook.

Answer: A

Explanation:
Explanation
To use an external cookbook on an instance, you need a way to install it and manage any dependencies. The preferred approach is to implement a cookbook that supports a dependency manager named Berkshelf.
Berkshelf works on Amazon CC2 instances, including AWS OpsWorks Stacks instances, but it is also designed to work with Test Kitchen and Vagrant.
For more information on Opswork and Berkshelf, please visit the link:
* http://docs.aws.amazon.com/opsworks/latest/userguide/cookbooks-101-opsworks-berkshelf.html

 

NEW QUESTION 25
Which of the below services can be used to deploy application code content stored in Amazon S3 buckets,
GitHub repositories, or Bitbucket repositories

  • A. CodeCommit
  • B. Route53
  • C. S3Lifecycles
  • D. CodeDeploy

Answer: D

Explanation:
Explanation
The AWS documentation mentions
AWS CodeDeploy is a deployment service that automates application deployments to Amazon EC2 instances
or on-premises instances in your own facility.
For more information on Code Deploy please refer to the below link:
* http://docs.ws.amazon.com/codedeploy/latest/userguide/welcome.html

 

NEW QUESTION 26
A company has deployed several applications globally. Recently, Security Auditors found that few Amazon EC2 instances were launched without Amazon EBS disk encryption. The Auditors have requested a report detailing all EBS volumes that were not encrypted in multiple AWS accounts and regions. They also want to be notified whenever this occurs in future.
How can this be automated with the LEAST amount of operational overhead?

  • A. Create an AWS CloudFormation template that adds an AWS Config managed rule for EBS encryption. Use a CloudFormation stack set to deploy the template across all accounts and regions. Store consolidated evaluation results from config rules in Amazon S3. Send a notification using Amazon SNS when non- compliant resources are detected.
  • B. Set up AWS CloudTrail to deliver all events to an Amazon S3 bucket in a centralized account. Use the S3 event notification feature to invoke an AWS Lambda function to parse AWS CloudTrail logs whenever logs are delivered to the S3 bucket. Publish the output to an Amazon SNS topic using the same Lambda function.
  • C. Using AWS CLI, run a script periodically that invokes the aws ec2 describe-volumes query with a JMESPATH query filter. Then, write the output to an Amazon S3 bucket. Set up an S3 event notification to send events using Amazon SNS when new data is written to the S3 bucket.
  • D. Create an AWS Lambda function to set up an AWS Config rule on all the target accounts. Use AWS Config aggregators to collect data from multiple accounts and regions. Export the aggregated report to an Amazon S3 bucket and use Amazon SNS to deliver the notifications.

Answer: C

Explanation:
Explanation

 

NEW QUESTION 27
An application is being deployed with two Amazon EC2 Auto Scaling groups, each configured with an Application Load Balancer. The application is deployed to one of the Auto Scaling groups and an Amazon Route 53 alias record is pointed to the Application Load Balancer of the last deployed Auto Scaling group.
Deployments alternate between the two Auto Scaling groups.
Home security devices are making requests into the application. The Development team notes that new requests are coming into the old stack days after the deployment. The issue is caused by devices that are not observing the Time to Live (TTL) setting on the Amazon Route 53 alias record.
What steps should the DevOps Engineer take to address the issue with requests coming to the old stacks, while creating minimal additional resources?

  • A. Reduce the application to one Application Load Balancer. Create two target groups named Blue and Green. Create a rule on the Application Load Balancer pointed to a single target group. Add logic to the deployment to update the Application Load Balancer rule to the target group of the newly deployed Auto Scaling group.
  • B. Create an Amazon CloudFront distribution. Set the two existing Application Load Balancers as origins on the distribution. After a deployment, update the CloudFront distribution behavior to send requests to the newly deployed Auto Scaling group.
  • C. Move the application to an AWS Elastic Beanstalk application with two environments. Perform new deployments on the non-live environment. After a deployment, perform an Elastic Beanstalk CNAME swap to make the newly deployed environment the live environment.
  • D. Create a fleet of Amazon EC2 instances running HAProxy behind an Application Load Balancer. The HAProxy instances will proxy the requests to one of the existing Auto Scaling groups. After a deployment the HAProxy instances are updated to send requests to the newly deployed Auto Scaling group.

Answer: A

 

NEW QUESTION 28
You have a large number of web servers in an Auto Scaling group behind a load balancer. On an hourly basis, you want to filter and process the logs to collect data on unique visitors, and then put that data in a durable data store in order to run reports. Web servers in the Auto Scaling group are constantly launching and terminating based on your scaling policies, but you do not want to lose any of the log data from these servers during a stop/termination initiated by a user or by Auto Scaling.
What two approaches will meet these requirements?
Choose 2 answers

  • A. Install an Amazon Cloudwatch Logs Agent on every web server during the bootstrap process.
    Create a CloudWatch log group and define Metric Filters to create custom metrics that track unique visitors from the streaming web server logs.
    Create a scheduled task on an Amazon EC2 instance that runs every hour to generate a new report based on the Cloudwatch custom metrics.
  • B. On the web servers, create a scheduled task that executes a script to rotate and transmit the logs to Amazon Glacier.
    Ensure that the operating system shutdown procedure triggers a logs transmission when the Amazon EC2 instance is stopped/terminated.
    Use Amazon Data Pipeline to process the data in Amazon Glacier and run reports every hour.
  • C. On the web servers, create a scheduled task that executes a script to rotate and transmit the logs to an Amazon S3 bucket.
    Ensure that the operating system shutdown procedure triggers a logs transmission when the Amazon EC2 instance is stopped/terminated.
    Use AWS Data Pipeline to move log data from the Amazon S3 bucket to Amazon Redshift In order to process and run reports every hour.
  • D. Install an AWS Data Pipeline Logs Agent on every web server during the bootstrap process.
    Create a log group object in AWS Data Pipeline, and define Metric Filters to move processed log data directly from the web servers to Amazon Redshift and run reports every hour.

Answer: A,C

 

NEW QUESTION 29
You set up a scalable continuous integration platform on AWS.
The platform consists of a master node that can delegate project build jobs to multiple slave nodes, all running on Amazon EC2.
The build output will be stored in Amazon S3.
You always have five slave nodes deployed. Each slave node can handle 10 build jobs simultaneously.
Your master node publishes a custom Amazon CloudWatch metric with the name
"RunningBuildiobs" that Slows you to programmatically track how many build jobs are running across your platform.
Which two configuration options will allow you to flexibly scale your platform to support more than
50 simultaneous build jobs while minimizing costs? Choose 2 answers

  • A. Configure your fleet of slave nodes to fully utilize all of your purchased Amazon EC2 Heavy Utilization Reserved Instances.
    Configure a CloudWatch alarm that launches new Amazon EC2 instances when
    "RunningBuildJobs" is less than 40 for more than five minutes.
  • B. Run your fleet of slave nodes in an Auto Scaling group.
    Configure a Cloudwatch alarm that launches new Amazon EC2 Dedicated Instances when
    "RunningBuildJobs" is less than 40 for more than five minutes.
  • C. Configure a CloudWatch alarm that sends an alert when "RunningBuildJobs" is greater than 45 for more than five minutes.
    Use Amazon Simple Queue Service to process additional build jobs when the CloudWatch alarm is triggered.
  • D. Place your fleet of slave nodes in an Auto Scaling group.
    Configure a CloudWatch alarm that triggers an Auto Scaling policy to terminate Amazon EC2 instances when "RunningBuildJobs" is less than 40 for more than five minutes.
  • E. Place your fleet of slave nodes in an Auto Scaling group.
    Configure a CloudWatch alarm that triggers an Auto Scaling policy to launch Amazon EC2 Instances when "RunningBuildJobs" is greater than 45 for more than five minutes.

Answer: D,E

 

NEW QUESTION 30
You are creating a new API for video game scores. Reads are 100 times more common than writes, and the top
1% of scores are read 100 times more frequently than the rest of the scores. What's the best design for this
system, using DynamoDB?

  • A. DynamoDB table with 100x higher read than write throughput, with CloudFront caching.
  • B. DynamoDB table with 100x higher read than write throughput, with ElastiCache caching.
  • C. DynamoDB table with roughly equal read and write throughput, with CloudFront caching.
  • D. DynamoDB table with roughly equal read and write throughput, with ElastiCache caching.

Answer: D

Explanation:
Explanation
Because the lOOx read ratio is mostly driven by a small subset, with caching, only a roughly equal number of
reads to writes will miss the cache, since the supermajority will hit the top 1% scores. Knowing we need to set
the values roughly equal when using caching, we select AWS OastiCache, because CloudFront
cannot directly cache DynamoDB queries, and OastiCache is an excellent in-memory cache for database
queries, rather than a distributed proxy cache for content delivery.
For more information on DynamoDB table gudelines please refer to the below link:
* http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GuidelinesForTables.html

 

NEW QUESTION 31
From a compliance and security perspective, which of these statements is true?

  • A. You do not ever need to rotate access keys for AWS IAM Users.
  • B. You do not ever need to rotate access keys for AWS IAM Roles.
  • C. You do not ever need to rotate access keys for AWS IAM Roles, nor AWS IAM Users.
  • D. None of the other statements are true.

Answer: B

Explanation:
IAM Role Access Keys are auto-rotated by AWS on your behalf; you do not need to rotate them.
The application is granted the permissions for the actions and resources that you've defined for the role through the security credentials associated with the role. These security credentials are temporary and we rotate them automatically. We make new credentials available at least five minutes prior to the expiration of the old credentials.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

 

NEW QUESTION 32
As part of your deployment pipeline, you want to enable automated testing of your AWS CloudFormation template. What testing should be performed to enable faster feedback while minimizing costs and risk? Select three answers from the options given below

  • A. Validatethe AWS CloudFormation template against the official XSD scheme definitionpublished by Amazon Web Services.
  • B. Usethe AWS CloudFormation Validate Template to validate the properties ofresources defined in the template.
  • C. When creating the stack, specify an Amazon SNS topic to which your testing system is subscribed. Your testing system runs tests when it receives notification that the stack is created or updated.
  • D. Validatethe template's is syntax using a generalJSON parser.
  • E. Updatethe stack with the template. If the template fails rollback will return thestack and its resources to exactly the same state.
  • F. Usethe AWS CloudFormation Validate Template to validate the syntax of the template

Answer: C,E,F

Explanation:
Explanation
The AWS documentation mentions the following
The aws cloudformation validate-template command is designed to check only the syntax of your template. It does not ensure that the property values that you have specified for a resource are valid for that resource. Nor does it determine the number of resources that will exist when the stack is created.
To check the operational validity, you need to attempt to create the stack. There is no sandbox or test area for AWS Cloud Formation stacks, so you are charged for the resources you create during testing.
Option F is needed for notification.
For more information on Cloudformation template validation, please visit the link:
* http://docs.aws.a
mazon.com/AWSCIoudFormation/latest/UserGuide/using-cfn-va I idate-template.html

 

NEW QUESTION 33
A DevOps Engineer just joined a new company that is already running workloads on Amazon EC2 instances. AWS has been adopted incrementally with no central governance. The Engineer must now assess how well the existing deployments comply with the following requirements:
- EC2 instances are running only approved AMIs.
- Amazon EBS volumes are encrypted.
- EC2 instances have an Owner tag.
- Root login over SSH is disabled on EC2 instances.
Which services should the Engineer use to perform this assessment with the LEAST amount of effort? (Select TWO.)

  • A. Amazon Inspector
  • B. Amazon GuardDuty
  • C. AWS System Manager
  • D. AWS Directory Service
  • E. AWS Config

Answer: A,E

Explanation:
https://docs.aws.amazon.com/ja_jp/inspector/latest/userguide/inspector_security-best- practices.html

 

NEW QUESTION 34
......


How can you start study for the AWS DevOps Engineer Professional Exam

Get the best preparation guide For AWS DevOps Engineer Professional Exam

Quick guide if you don’t have time to read whole the page

AWS Certified DevOps Engineer Professional is the professional-level certification for those who have already passed the AWS SysOps Associate Administrator and the AWS Associate Developer. Although there are no prerequisites for any AWS certification, it is still recommended to follow a level learning path.

The DevOps Engineer Professional exam of the AWS exam recognizes the technical skills and experience of candidates in the supply, management and management of application systems distributed on the AWS platform.

This exam validates the candidate’s ability to:

  • Define and implement metrics, monitoring and recording systems on the AWS platform
  • Implementation of highly available, reliable, scalable, robust and secure systems in AWS
  • There are no prerequisites for the AWS DevOps Engineer Professional exam, but applicants must have -
  • Implementation and management of methodologies and continuous delivery systems on the AWS platform
  • Design, maintenance and management of tools for the automation of operational processes.
  • Implementation and automation of government processes, security controls and validation of compliance.

some recommended AWS knowledge that will help them pass the certification exam. Some of the recommended and necessary knowledge for the DevOps Engineer exam are:

  • Experience in building automated infrastructures and administering operating systems.
  • Understanding of the latest development and operational methods and processes.
  • Ability to develop code in at least one high level programming language.
  • Minimum 2 years of experience in the operation, procurement and administration of the AWS environment

 

Amazon DOP-C01 Official Cert Guide PDF: https://www.prep4away.com/Amazon-certification/braindumps.DOP-C01.ete.file.html

Free AWS Certified DevOps Engineer DOP-C01 Official Cert Guide PDF Download: https://drive.google.com/open?id=1oCNyUXpQFg7nDR3PTWQSFxTgzqB_wnbn 

Related Blogs

more
Amazon DOP-C01 Certification Practice Exam