CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-DEVOPS-ENGINEER-PROFESSIONAL

Free AWS-DEVOPS-ENGINEER-PROFESSIONAL Exam Braindumps (page: 19)

Page 19 of 53
PDF with 208 Questions

An Engineering team manages a Node.js e-commerce application. The current environment consists of the following components:
Amazon S3 buckets for storing content
Amazon EC2 for the front-end web servers
AWS Lambda for image processing
Amazon DynamoDB for storing session-related data
The team expects a signi cant increase in tra c to the site. The application should handle the additional load without interruption. The team ran initial tests by adding new servers to the EC2 front-end to handle the larger load, but the instances took up to 20 minutes to become fully con gured. The team wants to reduce this con guration time.
What changes will the Engineering team need to implement to make the solution the MOST resilient and highly available while meeting the expected increase in demand?

  1. Use AWS OpsWorks to automatically con gure each new EC2 instance as it is launched. Con gure the EC2 instances by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Application Load Balancer.
  2. Deploy a eet of EC2 instances, doubling the current capacity, and place them behind an Application Load Balancer. Increase the Amazon DynamoDB read and write capacity units. Add an alias record that contains the Application Load Balancer endpoint to the existing Amazon Route 53 DNS record that points to the application.
  3. Con gure Amazon CloudFront and have its origin point to Amazon S3 to host the web application. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the CloudFront DNS name.
  4. Use AWS Elastic Beanstalk with a custom AMI including all web components. Deploy the platform by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Elastic Beanstalk load balancer.

Answer(s): D



A company's application development team uses Linux-based Amazon EC2 instances as bastion hosts. Inbound SSH access to the bastion hosts is restricted to speci c IP addresses, as de ned in the associated security groups. The company's security team wants to receive a noti cation if the security group rules are modi ed to allow SSH access from any IP address.
What should a DevOps engineer do to meet this requirement?

  1. Create an Amazon EventBridge (Amazon CloudWatch Events) rule with a source of aws.cloudtrail and the event name AuthorizeSecurityGroupIngress. De ne an Amazon Simple Noti cation Service (Amazon SNS) topic as the target.
  2. Enable Amazon GuardDuty and check the ndings for security group in AWS Security Hub. Con gure an Amazon EventBridge (Amazon CloudWatch Events) rule with a custom pattern that matches GuardDuty events with an output of NON_COMPLIANT. De ne an Amazon Simple Noti cation Service (Amazon SNS) topic as the target.
  3. Create an AWS Con g rule by using the restricted-ssh managed rule to check whether security groups disallow unrestricted incoming SSH tra c. Con gure automatic remediation to publish a message to an Amazon Simple Noti cation Service (Amazon SNS) topic.
  4. Enable Amazon Inspector. Include the Common Vulnerabilities and Exposures-1.1 rules package to check the security groups that are associated with the bastion hosts. Con gure Amazon Inspector to publish a message to an Amazon Simple Noti cation Service (Amazon SNS) topic.

Answer(s): C


Reference:

https://docs.aws.amazon.com/con g/latest/developerguide/restricted-ssh.html



A company is using AWS Organizations to create separate AWS accounts for each of its departments. The company needs to automate the following tasks:
Update the Linux AMIs with new patches periodically and generate a golden image Install a new version of Chef agents in the golden image, if available
Provide the newly generated AMIs to the department's accounts
Which solution meets these requirements with the LEAST management overhead?

  1. Write a script to launch an Amazon EC2 instance from the previous golden image. Apply the patch updates. Install the new version of the Chef agent, generate a new golden image, and then modify the AMI permissions to share only the new image with the department's accounts.
  2. Use Amazon EC2 Image Builder to create an image pipeline that consists of the base Linux AMI and components to install the Chef agent.
    Use AWS Resource Access Manager to share EC2 Image Builder images with the department's accounts.
  3. Use an AWS Systems Manager Automation runbook to update the Linux AMI by using the previous image. Provide the URL for the script that will update the Chef agent. Use AWS Organizations to replace the previous golden image in the department's accounts.
  4. Use Amazon EC2 Image Builder to create an image pipeline that consists of the base Linux AMI and components to install the Chef agent.
    Create a parameter in AWS Systems Manager Parameter Store to store the new AMI ID that can be referenced by the department's accounts.

Answer(s): B

Explanation:


Reference:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html



A company has an application that runs on 12 Amazon EC2 instances. The instances run in an Amazon EC2 Auto Scaling group across three Availability Zones.
On a typical day each EC2 instance has 30% CPU utilization during business hours and 10% CPU utilization after business hours. The CPU utilization increases suddenly in the rst few minutes of business hours each day. Other increases in CPU utilization are gradual. A DevOps engineer needs to optimize costs while maintaining or improving the application's reliability.
Which solution meets these requirements?

  1. Con gure a target tracking scaling policy that is based on the Auto Scaling group's average CPU utilization, and set a target of 75%. Create a scheduled action for the Auto Scaling group to adjust the desired capacity to six instances just before business hours begin.
  2. Con gure the Auto Scaling group with two scheduled actions for Amazon EC2 Auto Scaling. Con gure one action to start nine EC2 instances at the start of business hours. Con gure the other action to stop nine instances at the end of business hours.
  3. Change to an AWS Application Auto Scaling group. Con gure a target tracking scaling policy that is based on the Auto Scaling group's average CPU utilization, and set a target of 75%. Create a scheduled action for the Auto Scaling group to adjust the minimum number of instances to three instances at the end of business hours and to reset the number to six instances before business hours begin.
  4. Change to an AWS Application Auto Scaling group. Con gure a target tracking scaling policy that is based on the Auto Scaling group's average CPU utilization, and set a target of 75%. Create a scheduled action to terminate nine instances each evening at the end of business hours.

Answer(s): A



Page 19 of 53



Post your Comments and Discuss Amazon AWS-DEVOPS-ENGINEER-PROFESSIONAL exam with other Community members:

Devopsengineer commented on November 21, 2024
review my knowledge to take an exam
UNITED STATES
upvote

Steven commented on April 20, 2020
I have a suggestion for your Xengine Test Engine software. Can you provide the Mobiel version of it too?
CANADA
upvote

CertRunner commented on May 20, 2019
As promised to provide feedback on my previous post, I took the exam today and did well. These dumps really help.
UNITED STATES
upvote

Zion commented on March 27, 2019
Just Purchase this material, will be back to give my review!
UNITED STATES
upvote

explo commented on July 08, 2018
verry good
UNITED STATES
upvote

exploguy commented on June 28, 2018
this is pretty good
UNITED STATES
upvote

centos commented on June 12, 2018
Any one using this for 2019 exam yet? Legit? No response from the support team!?>?
UNITED STATES
upvote

muzammal commented on December 10, 2017
I need this in MS word format please
UNITED STATES
upvote

ncik commented on November 07, 2017
This dump is good, I wrote my exam last week and passed.
MALAYSIA
upvote

nick commented on November 07, 2017
Thanks, this is awesome. Good quality and good support.
UNITED STATES
upvote

Diego commented on September 06, 2017
Very good support and very fast. I recommend this to anyone willing to go for a quick pass.
SWITZERLAND
upvote

Rajesh commented on July 17, 2017
Nice to have it and got a good discount
UNITED STATES
upvote