CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-DEVOPS-ENGINEER-PROFESSIONAL

Free AWS-DEVOPS-ENGINEER-PROFESSIONAL Exam Braindumps (page: 20)

Page 19 of 53
PDF with 208 Questions

An Engineering team manages a Node.js e-commerce application. The current environment consists of the following components:
Amazon S3 buckets for storing content
Amazon EC2 for the front-end web servers
AWS Lambda for image processing
Amazon DynamoDB for storing session-related data
The team expects a signi cant increase in tra c to the site. The application should handle the additional load without interruption. The team ran initial tests by adding new servers to the EC2 front-end to handle the larger load, but the instances took up to 20 minutes to become fully con gured. The team wants to reduce this con guration time.
What changes will the Engineering team need to implement to make the solution the MOST resilient and highly available while meeting the expected increase in demand?

  1. Use AWS OpsWorks to automatically con gure each new EC2 instance as it is launched. Con gure the EC2 instances by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Application Load Balancer.
  2. Deploy a eet of EC2 instances, doubling the current capacity, and place them behind an Application Load Balancer. Increase the Amazon DynamoDB read and write capacity units. Add an alias record that contains the Application Load Balancer endpoint to the existing Amazon Route 53 DNS record that points to the application.
  3. Con gure Amazon CloudFront and have its origin point to Amazon S3 to host the web application. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the CloudFront DNS name.
  4. Use AWS Elastic Beanstalk with a custom AMI including all web components. Deploy the platform by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Elastic Beanstalk load balancer.

Answer(s): D



A company's application development team uses Linux-based Amazon EC2 instances as bastion hosts. Inbound SSH access to the bastion hosts is restricted to speci c IP addresses, as de ned in the associated security groups. The company's security team wants to receive a noti cation if the security group rules are modi ed to allow SSH access from any IP address.
What should a DevOps engineer do to meet this requirement?

  1. Create an Amazon EventBridge (Amazon CloudWatch Events) rule with a source of aws.cloudtrail and the event name AuthorizeSecurityGroupIngress. De ne an Amazon Simple Noti cation Service (Amazon SNS) topic as the target.
  2. Enable Amazon GuardDuty and check the ndings for security group in AWS Security Hub. Con gure an Amazon EventBridge (Amazon CloudWatch Events) rule with a custom pattern that matches GuardDuty events with an output of NON_COMPLIANT. De ne an Amazon Simple Noti cation Service (Amazon SNS) topic as the target.
  3. Create an AWS Con g rule by using the restricted-ssh managed rule to check whether security groups disallow unrestricted incoming SSH tra c. Con gure automatic remediation to publish a message to an Amazon Simple Noti cation Service (Amazon SNS) topic.
  4. Enable Amazon Inspector. Include the Common Vulnerabilities and Exposures-1.1 rules package to check the security groups that are associated with the bastion hosts. Con gure Amazon Inspector to publish a message to an Amazon Simple Noti cation Service (Amazon SNS) topic.

Answer(s): C


Reference:

https://docs.aws.amazon.com/con g/latest/developerguide/restricted-ssh.html



A company is using AWS Organizations to create separate AWS accounts for each of its departments. The company needs to automate the following tasks:
Update the Linux AMIs with new patches periodically and generate a golden image Install a new version of Chef agents in the golden image, if available
Provide the newly generated AMIs to the department's accounts
Which solution meets these requirements with the LEAST management overhead?

  1. Write a script to launch an Amazon EC2 instance from the previous golden image. Apply the patch updates. Install the new version of the Chef agent, generate a new golden image, and then modify the AMI permissions to share only the new image with the department's accounts.
  2. Use Amazon EC2 Image Builder to create an image pipeline that consists of the base Linux AMI and components to install the Chef agent.
    Use AWS Resource Access Manager to share EC2 Image Builder images with the department's accounts.
  3. Use an AWS Systems Manager Automation runbook to update the Linux AMI by using the previous image. Provide the URL for the script that will update the Chef agent. Use AWS Organizations to replace the previous golden image in the department's accounts.
  4. Use Amazon EC2 Image Builder to create an image pipeline that consists of the base Linux AMI and components to install the Chef agent.
    Create a parameter in AWS Systems Manager Parameter Store to store the new AMI ID that can be referenced by the department's accounts.

Answer(s): B

Explanation:


Reference:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html



A company has an application that runs on 12 Amazon EC2 instances. The instances run in an Amazon EC2 Auto Scaling group across three Availability Zones.
On a typical day each EC2 instance has 30% CPU utilization during business hours and 10% CPU utilization after business hours. The CPU utilization increases suddenly in the rst few minutes of business hours each day. Other increases in CPU utilization are gradual. A DevOps engineer needs to optimize costs while maintaining or improving the application's reliability.
Which solution meets these requirements?

  1. Con gure a target tracking scaling policy that is based on the Auto Scaling group's average CPU utilization, and set a target of 75%. Create a scheduled action for the Auto Scaling group to adjust the desired capacity to six instances just before business hours begin.
  2. Con gure the Auto Scaling group with two scheduled actions for Amazon EC2 Auto Scaling. Con gure one action to start nine EC2 instances at the start of business hours. Con gure the other action to stop nine instances at the end of business hours.
  3. Change to an AWS Application Auto Scaling group. Con gure a target tracking scaling policy that is based on the Auto Scaling group's average CPU utilization, and set a target of 75%. Create a scheduled action for the Auto Scaling group to adjust the minimum number of instances to three instances at the end of business hours and to reset the number to six instances before business hours begin.
  4. Change to an AWS Application Auto Scaling group. Con gure a target tracking scaling policy that is based on the Auto Scaling group's average CPU utilization, and set a target of 75%. Create a scheduled action to terminate nine instances each evening at the end of business hours.

Answer(s): A






Post your Comments and Discuss Amazon AWS-DEVOPS-ENGINEER-PROFESSIONAL exam with other Community members:

AWS-DEVOPS-ENGINEER-PROFESSIONAL Discussions & Posts