Free AWS-DEVOPS-ENGINEER-PROFESSIONAL Exam Braindumps (page: 26)

Page 26 of 53

A company uses Amazon S3 to store proprietary information. The development team creates buckets for new projects on a daily basis. The security team wants to ensure that all existing and future buckets have encryption, logging, and versioning enabled. Additionally, no buckets should ever be publicly read or write accessible.

What should a DevOps engineer do to meet these requirements?

  1. Enable AWS CloudTrail and con gure automatic remediation using AWS Lambda.
  2. Enable AWS Con g rules and con gure automatic remediation using AWS Systems Manager documents.
  3. Enable AWS Trusted Advisor and con gure automatic remediation using Amazon CloudWatch Events.
  4. Enable AWS Systems Manager and con gure automatic remediation using Systems Manager documents.

Answer(s): B



A company runs an application on one Amazon EC2 instance. Application metadata is stored in Amazon S3 and must be retrieved if the instance is restarted. The instance must restart or relaunch automatically if the instance becomes unresponsive.

Which solution will meet these requirements?

  1. Create an Amazon CloudWatch alarm for the StatusCheckFailed metric. Use the recover action to stop and start the instance. Use an S3 event noti cation to push the metadata to the instance when the instance is back up and running.
  2. Con gure AWS OpsWorks, and use the auto healing feature to stop and start the instance. Use a lifecycle event in OpsWorks to pull the metadata from Amazon S3 and update it on the instance.
  3. Use EC2 Auto Recovery to automatically stop and start the instance in case of a failure. Use an S3 event noti cation to push the metadata to the instance when the instance is back up and running.
  4. Use AWS CloudFormation to create an EC2 instance that includes the UserData property for the EC2 resource. Add a command in UserData to retrieve the application metadata from Amazon S3.

Answer(s): B



A devops team uses AWS CloudFormation to build their infrastructure. The security team is concerned about sensitive parameters, such as passwords, being exposed.

Which combination of steps will enhance the security of AWS CloudFormation? (Choose three.)

  1. Create a secure string with AWS KMS and choose a KMS encryption key. Reference the ARN of the secure string, and give AWS CloudFormation permission to the KMS key for decryption.
  2. Create secrets using the AWS Secrets Manager AWS::SecretsManager::Secret resource type. Reference the secret resource return attributes in resources that need a password, such as an Amazon RDS database.
  3. Store sensitive static data as secure strings in the AWS Systems Manager Parameter Store. Use dynamic references in the resources that need access to the data.
  4. Store sensitive static data in the AWS Systems Manager Parameter Store as strings. Reference the stored value using types of Systems Manager parameters.
  5. Use AWS KMS to encrypt the CloudFormation template.
  6. Use the CloudFormation NoEcho parameter property to mask the parameter value.

Answer(s): B,C,F



A company has a mission-critical application on AWS that uses automatic scaling. The company wants the deployment lifecycle to meet the following parameters:

· The application must be deployed one instance at a time to ensure the remaining eet continues to serve tra c.
· The application is CPU intensive and must be closely monitored.
· The deployment must automatically roll back if the CPU utilization of the deployment instance exceeds 85%.

Which solution will meet these requirements?

  1. Use AWS CloudFormation to create an AWS Step Functions state machine and Auto Scaling lifecycle hooks to move to one instance at a time into a wait state. Use AWS Systems Manager automation to deploy the update to each instance and move it back into the Auto Scaling group using the heartbeat timeout.
  2. Use AWS CodeDeploy with Amazon EC2 Auto Scaling. Con gure an alarm tied to the CPU utilization metric. Use the CodeDeployDefault.OneAtAtime con guration as a deployment strategy. Con gure automatic rollbacks within the deployment group to roll back the deployment if the alarm thresholds are breached.
  3. Use AWS Elastic Beanstalk for load balancing and AWS Auto Scaling. Con gure an alarm tied to the CPU utilization metric. Con gure rolling deployments with a xed batch size of one instance. Enable enhanced health to monitor the status of the deployment and roll back based on the alarm previously created.
  4. Use AWS Systems Manager to perform a blue/green deployment with Amazon EC2 Auto Scaling. Con gure an alarm tied to the CPU utilization metric. Deploy updates one at a time. Con gure automatic rollbacks within the Auto Scaling group to roll back the deployment if the alarm thresholds are breached.

Answer(s): B



Page 26 of 53



Post your Comments and Discuss Amazon AWS-DEVOPS-ENGINEER-PROFESSIONAL exam with other Community members:

Devopsengineer commented on November 21, 2024
review my knowledge to take an exam
UNITED STATES
upvote

Steven commented on April 20, 2020
I have a suggestion for your Xengine Test Engine software. Can you provide the Mobiel version of it too?
CANADA
upvote

CertRunner commented on May 20, 2019
As promised to provide feedback on my previous post, I took the exam today and did well. These dumps really help.
UNITED STATES
upvote

Zion commented on March 27, 2019
Just Purchase this material, will be back to give my review!
UNITED STATES
upvote

explo commented on July 08, 2018
verry good
UNITED STATES
upvote

exploguy commented on June 28, 2018
this is pretty good
UNITED STATES
upvote

centos commented on June 12, 2018
Any one using this for 2019 exam yet? Legit? No response from the support team!?>?
UNITED STATES
upvote

muzammal commented on December 10, 2017
I need this in MS word format please
UNITED STATES
upvote

ncik commented on November 07, 2017
This dump is good, I wrote my exam last week and passed.
MALAYSIA
upvote

nick commented on November 07, 2017
Thanks, this is awesome. Good quality and good support.
UNITED STATES
upvote

Diego commented on September 06, 2017
Very good support and very fast. I recommend this to anyone willing to go for a quick pass.
SWITZERLAND
upvote

Rajesh commented on July 17, 2017
Nice to have it and got a good discount
UNITED STATES
upvote