CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-DEVOPS-ENGINEER-PROFESSIONAL

Free AWS-DEVOPS-ENGINEER-PROFESSIONAL Exam Braindumps (page: 8)

Page 8 of 53
PDF with 208 Questions

A company's DevOps engineer is working in a multi-account environment. The company uses AWS Transit Gateway to route all outbound tra c through a network operations account. In the network operations account, all account tra c passes through a rewall appliance for inspection before the tra c goes to an internet gateway.
The rewall appliance sends logs to Amazon CloudWatch Logs and includes event severities of CRITICAL, HIGH, MEDIUM, LOW, and INFO. The security team wants to receive an alert if any CRITICAL events occur.
What should the DevOps engineer do to meet these requirements?

  1. Create an Amazon CloudWatch Synthetics canary to monitor the rewall state. If the rewall reaches a CRITICAL state or logs a CRITICAL event, use a CloudWatch alarm to publish a noti cation to an Amazon Simple Noti cation Service (Amazon SNS) topic. Subscribe the security team's email address to the topic.
  2. Create an Amazon CloudWatch mettic lter by using a search for CRITICAL events. Publish a custom metric for the nding. Use a CloudWatch alarm based on the custom metric to publish a noti cation to an Amazon Simple Noti cation Service (Amazon SNS) topic.
    Subscribe the security team's email address to the topic.
  3. Enable Amazon GuardDuty in the network operations account. Con gure GuardDuty to monitor ow logs. Create an Amazon EventBridge (Amazon CloudWatch Events) event rule that is invoked by GuardDuty events that are CRITICAL. De ne an Amazon Simple Noti cation Service (Amazon SNS) topic as a target. Subscribe the security team's email address to the topic.
  4. Use AWS Firewall Manager to apply consistent policies across all accounts. Create an Amazon EventBridge (Amazon CloudWatch Events) event rule that is invoked by Firewall Manager events that are CRITICAL. De ne an Amazon Simple Noti cation Service (Amazon SNS) topic as a target. Subscribe the security team's email address to the topic.

Answer(s): B


Reference:

https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_ ndings_cloudwatch.html



A company recently migrated its legacy application from on-premises to AWS. The application is hosted on Amazon EC2 instances behind an Application Load
Balancer, which is behind Amazon API Gateway. The company wants to ensure users experience minimal disruptions during any deployment of a new version of the application. The company also wants to ensure it can quickly roll back updates if there is an issue. Which solution will meet these requirements with MINIMAL changes to the application?

  1. Introduce changes as a separate environment parallel to the existing one. Con gure API Gateway to use a canary release deployment to send a small subset of user tra c to the new environment.
  2. Introduce changes as a separate environment parallel to the existing one. Update the application's DNS alias records to point to the new environment.
  3. Introduce changes as a separate target group behind the existing Application Load Balancer. Con gure API Gateway to route user tra c to the new target group in steps.
  4. Introduce changes as a separate target group behind the existing Application Load Balancer. Con gure API Gateway to route all tra c to the Application Load Balancer, which then sends the tra c to the new target group.

Answer(s): A



A company recently launched an application that is more popular than expected. The company wants to ensure the application can scale to meet increasing demands and provide reliability using multiple Availability Zones (AZs). The application runs on a eet of Amazon EC2 instances behind an Application Load
Balancer (ALB). A DevOps engineer has created an Auto Scaling group across multiple AZs for the application. Instances launched in the newly added AZs are not receiving any tra c for the application.
What is likely causing this issue?

  1. Auto Scaling groups can create new instances in a single AZ only.
  2. The EC2 instances have not been manually associated to the AL
  3. The ALB should be replaced with a Network Load Balancer (NLB).
  4. The new AZ has not been added to the ALB.

Answer(s): D



A DevOps Engineer manages a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an EC2
Auto Scaling group across multiple Availability Zones. The engineer needs to implement a deployment strategy that:
Launches a second eet of instances with the same capacity as the original eet.
Maintains the original eet unchanged while the second eet is launched.
Transitions tra c to the second eet when the second eet is fully deployed.
Terminates the original eet automatically 1 hour after transition.
Which solution will satisfy these requirements?

  1. Use an AWS CloudFormation template with a retention policy for the ALB set to 1 hour. Update the Amazon Route 53 record to re ect the new ALB.
  2. Use two AWS Elastic Beanstalk environments to perform a blue/green deployment from the original environment to the new one. Create an application version lifecycle policy to terminate the original environment in 1 hour.
  3. Use AWS CodeDeploy with a deployment group con gured with a blue/green deployment con guration. Select the option Terminate the original instances in the deployment group with a waiting period of 1 hour.
  4. Use AWS Elastic Beanstalk with the con guration set to Immutable. Create an .ebextension using the Resources key that sets the deletion policy of the ALB to 1 hour, and deploy the application.

Answer(s): D



Page 8 of 53



Post your Comments and Discuss Amazon AWS-DEVOPS-ENGINEER-PROFESSIONAL exam with other Community members:

Devopsengineer commented on November 21, 2024
review my knowledge to take an exam
UNITED STATES
upvote

Steven commented on April 20, 2020
I have a suggestion for your Xengine Test Engine software. Can you provide the Mobiel version of it too?
CANADA
upvote

CertRunner commented on May 20, 2019
As promised to provide feedback on my previous post, I took the exam today and did well. These dumps really help.
UNITED STATES
upvote

Zion commented on March 27, 2019
Just Purchase this material, will be back to give my review!
UNITED STATES
upvote

explo commented on July 08, 2018
verry good
UNITED STATES
upvote

exploguy commented on June 28, 2018
this is pretty good
UNITED STATES
upvote

centos commented on June 12, 2018
Any one using this for 2019 exam yet? Legit? No response from the support team!?>?
UNITED STATES
upvote

muzammal commented on December 10, 2017
I need this in MS word format please
UNITED STATES
upvote

ncik commented on November 07, 2017
This dump is good, I wrote my exam last week and passed.
MALAYSIA
upvote

nick commented on November 07, 2017
Thanks, this is awesome. Good quality and good support.
UNITED STATES
upvote

Diego commented on September 06, 2017
Very good support and very fast. I recommend this to anyone willing to go for a quick pass.
SWITZERLAND
upvote

Rajesh commented on July 17, 2017
Nice to have it and got a good discount
UNITED STATES
upvote