CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS Certified DevOps Engineer - Professional DOP-C02

Free AWS Certified DevOps Engineer - Professional DOP-C02 Exam Braindumps (page: 29)

Page 29 of 72
PDF with 281 Questions

A company has a data ingestion application that runs across multiple AWS accounts. The accounts are in an organization in AWS Organizations. The company needs to monitor the application and consolidate access to the application. Currently, the company is running the application on Amazon EC2 instances from several Auto Scaling groups. The EC2 instances have no access to the internet because the data is sensitive. Engineers have deployed the necessary VPC endpoints. The EC2 instances run a custom AMI that is built specifically for the application.

To maintain and troubleshoot the application, system administrators need the ability to log in to the EC2 instances. This access must be automated and controlled centrally. The company's security team must receive a notification whenever the instances are accessed.

Which solution will meet these requirements?

  1. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send notifications to the security team whenever a user logs in to an EC2 instance. Use EC2 Instance Connect to log in to the instances. Deploy Auto Scaling groups by using AWS CloudFormation. Use the cfn-init helper script to deploy appropriate VPC routes for external access. Rebuild the custom AMI so that the custom AMI includes AWS Systems Manager Agent.
  2. Deploy a NAT gateway and a bastion host that has internet access. Create a security group that allows incoming traffic on all the EC2 instances from the bastion host. Install AWS Systems Manager Agent on all the EC2 instances. Use Auto Scaling group lifecycle hooks for monitoring and auditing access. Use Systems Manager Session Manager to log in to the instances. Send logs to a log group in Amazon CloudWatch Logs. Export data to Amazon 83 for auditing. Send notifications to the security team by using S3 event notifications.
  3. Use EC2 Image Builder to rebuild the custom AMI. Include the most recent version of AWS Systems Manager Agent in the image. Configure the Auto Scaling group to attach the AmazonSSMManagedlnstanceCore role to all the EC2 instances. Use Systems Manager Session Manager to log in to the instances. Enable logging of session details to Amazon S3. Create an S3 notification for new file uploads to send a message to the security team through an Amazon Simple Notification Service (Amazon SNS) topic.
  4. Use AWS Systems Manager Automation to build Systems Manager Agent into the custom AMI. Configure AWS Config to attach an SCP to the root organization account to allow the EC2 instances to connect to Systems Manager. Use Systems Manager Session Manager to log in to the instances. Enable logging of session details to Amazon S3. Create an S3 notification for new file uploads to send a message to the security team through an Amazon Simple Notification Service (Amazon SNS) topic.

Answer(s): C



A company uses Amazon S3 to store proprietary information. The Development team creates buckets for new projects on a daily basis. The Security team wants to ensure that all existing and future buckets have encryption, logging, and versioning enabled. Additionally, no buckets should ever be publicly read or write accessible.

What should a DevOps Engineer do to meet these requirements?

  1. Enable AWS CloudTrail and configure automatic remediation using AWS Lambda.
  2. Enable AWS Config rules and configure automatic remediation using AWS Systems Manager documents.
  3. Enable AWS Trusted Advisor and configure automatic remediation using Amazon CloudWatch Events.
  4. Enable AWS Systems Manager and configure automatic remediation using Systems Manager documents.

Answer(s): B



A DevOps engineer is researching the least expensive way to implement an image batch processing cluster on AWS. The application cannot run in Docker containers and must run on Amazon EC2. The batch job stores checkpoint data on an NFS and can tolerate interruptions. Configuring the cluster software from a generic EC2 Linux image takes 30 minutes.

What is the MOST cost-effective solution?

  1. Use Amazon EFS for checkpoint data. To complete the job, use an EC2 Auto Scaling group and an On-Demand pricing model to provision EC2 instances temporarily.
  2. Use GlusterFS on EC2 instances for checkpoint data. To run the batch job, configure EC2 instances manually. When the job completes, shut down the instances manually.
  3. Use Amazon EFS for checkpoint data. Use EC2 Fleet to launch EC2 Spot Instances, and utilize user data to configure the EC2 Linux instance on startup.
  4. Use Amazon EFS for checkpoint data. Use EC2 Fleet to launch EC2 Spot Instances. Create a custom AMI for the cluster and use the latest AMI when creating instances.

Answer(s): D



A company recently migrated its legacy application from on-premises to AWS. The application is hosted on Amazon EC2 instances behind an Application Load Balancer, which is behind Amazon API Gateway. Thecompany wants to ensure users experience minimal disruptions during any deployment of a new version of the application. The company also wants to ensure it can quickly roll back updates if there is an issue.

Which solution will meet these requirements with MINIMAL changes to the application?

  1. Introduce changes as a separate environment parallel to the existing one. Configure API Gateway to use a canary release deployment to send a small subset of user traffic to the new environment.
  2. Introduce changes as a separate environment parallel to the existing one. Update the application’s DNS alias records to point to the new environment.
  3. Introduce changes as a separate target group behind the existing Application Load Balancer. Configure API Gateway to route user traffic to the new target group in steps.
  4. Introduce changes as a separate target group behind the existing Application Load Balancer. Configure API Gateway to route all traffic to the Application Load Balancer, which then sends the traffic to the new target group.

Answer(s): A



Page 29 of 72



Post your Comments and Discuss Amazon AWS Certified DevOps Engineer - Professional DOP-C02 exam with other Community members:

Frank Smith commented on December 30, 2024
Excellent material for exam preparation
COSTA RICA
upvote

Anonymous commented on December 30, 2024
thank you for sharing
Anonymous
upvote

NB commented on December 30, 2024
good support
Anonymous
upvote

Karanpeet Sachdeva commented on December 30, 2024
Preparing for exam
INDIA
upvote

Harshini commented on December 30, 2024
Good Practice
Anonymous
upvote

Uzman commented on December 30, 2024
great collection
Anonymous
upvote

Md Habibur Rahman commented on December 30, 2024
Very helpful
BANGLADESH
upvote

Kollur commented on December 29, 2024
Best questions for preparation
JAPAN
upvote

Kollur commented on December 29, 2024
Usefull data
JAPAN
upvote

dinesh commented on December 29, 2024
Useful data
AUSTRALIA
upvote

Max commented on December 29, 2024
You’re the best
Anonymous
upvote

Deepika Deshmukh commented on December 29, 2024
very helpful content it helps a lot
Anonymous
upvote

Criss commented on December 29, 2024
Very nice and very good questions
Anonymous
upvote

Real truth commented on December 29, 2024
this is crap
Anonymous
upvote

Md commented on December 29, 2024
Totally worth it!
Anonymous
upvote

Datahighway commented on December 29, 2024
nice very good Stuff
UNITED STATES
upvote

Mon88 commented on December 29, 2024
is this dumps still valid to take the exam
UNITED STATES
upvote

Ashu commented on December 29, 2024
The best IT guide I have ever used. The content is well designed and nicely formatted. The software is very user-friendly and doesn't need an additional purchase like other websites. I highly recommend this.
UNITED STATES
upvote

Unknown Man commented on December 29, 2024
good stuff, but can you clarify the source
Anonymous
upvote

Unknown Man commented on December 29, 2024
Are these questions valid?
Anonymous
upvote

hnt commented on December 29, 2024
very good content
UNITED STATES
upvote

Subham commented on December 29, 2024
Good practice set
Anonymous
upvote

Vinod commented on December 28, 2024
very good questions
INDIA
upvote

Anon commented on December 28, 2024
Very helpful
UNITED STATES
upvote

Sachin Kamble commented on December 28, 2024
useful information
Anonymous
upvote

Sachin Kamble commented on December 28, 2024
very interesting and useful onformation
Anonymous
upvote

Bosco Oico commented on December 28, 2024
Yes. i have used this dump for CFE Investigations test yesterday- i found it useful because questions about 60% were closely related and some were exact. The only thing that needs to be improved is the accuracy of the answers. If some one read the CFE manual well, you will notice that some answers as they are answered according to the ACFE standard. So, i encourage anyone using Brain to verify answers, otherwise, its a good source to create confidence and sure pass
UGANDA
upvote

velu commented on December 28, 2024
nice,very useful
Anonymous
upvote

Sai commented on December 28, 2024
I need okta dumps
Anonymous
upvote

Edison Vásquez commented on December 28, 2024
Muy bueno todo muy bien explicado
Anonymous
upvote

TMUNI commented on December 28, 2024
Questions are addressed, but need clarification
UNITED STATES
upvote

TRYY commented on December 28, 2024
Does it work
UNITED STATES
upvote

Ama commented on December 27, 2024
are the comments real
UNITED STATES
upvote

manikanta commented on December 27, 2024
Hi may i know the exam fee and how to apply
UNITED STATES
upvote