CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-DEVOPS-ENGINEER-PROFESSIONAL

Free AWS-DEVOPS-ENGINEER-PROFESSIONAL Exam Braindumps (page: 28)

Page 27 of 53
PDF with 208 Questions

A company's legacy application uses IAM user credentials to access resources in the company's AWS Organizations organization. A DevOps engineer must ensure that new IAM users cannot be created unless the employee who creates the IAM user is on an exception list.

Which solution will meet these requirements?

  1. Attach an Organizations SCP with an explicit deny for all iam:CreateAccessKey actions with a condition that excludes StringEquals for aws:username with a value of the exception list.
  2. Attach an Organizations SCP with an explicit deny for all iam:CreateUser actions with a condition that includes StringNotLike for aws:username with a value of the exception list.
  3. Create an Amazon EventBridge (Amazon CloudWatch Events) rule with a pattern that matches the iam:CreateAccessKey action with an AWS Lambda function target. The function will check the user name and account against an exception list. If the user is not on the exception list, the function will delete the user.
  4. Create an Amazon EventBridge (Amazon CloudWatch Events) rule with a pattern that matches the iam:CreateUser action with an AWS Lambda function target. The function will check the user name and account against an exception list. If the user is not on the exception list, the function will delete the user.

Answer(s): B



A company must collect user consent to a privacy agreement. The company deploys an application in six AWS Regions: two Regions in North America, two Regions in Europe, and two Regions in Asia. The application has a user base of 20 million to 30 million users.

The company needs to read and write data that is related to each user's response. The company also must ensure that the responses are available in all six Regions.

Which solution will meet these requirements with the LOWEST latency of reads and writes?

  1. Implement Amazon DocumentDB (with MongoDB compatibility) in each of the six Regions.
  2. Implement Amazon DynamoDB global tables in each of the six Regions.
  3. Implement Amazon ElastiCache for Redis replication groups in each of the six Regions.
  4. Implement Amazon Elasticsearch Service (Amazon ES) in each of the six Regions.

Answer(s): B



A company is testing a web application that runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The company uses a blue/green deployment process with immutable instances when deploying new software.

During testing, users are being automatically logged out of the application at random times. Testers also report that, when a new version of the application is deployed, all users are logged out. The development team needs a solution to ensure users remain logged in across scaling events and application deployments.

What is the MOST e cient way to ensure users remain logged in?

  1. Enable smart sessions on the load balancer and modify the application to check for an existing session.
  2. Enable session sharing on the load balancer and modify the application to read from the session store.
  3. Store user session information in an Amazon S3 bucket and modify the application to read session information from the bucket.
  4. Modify the application to store user session information in an Amazon ElastiCache cluster.

Answer(s): D



A DevOps engineer is troubleshooting deployments to a new application that runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones. Instances sometimes come online before they are ready, which is leading to increased error rates among users. The current health check con guration gives instances a 60-second grace period and considers instances healthy after two 200 response codes from /index.php, a page that may respond intermittently during the deployment process. The development team wants instances to come online as soon as possible.

Which strategy would address this issue?

  1. Increase the instance grace period from 60 seconds to 180 seconds, and the consecutive health check requirement from 2 to 3.
  2. Increase the instance grace period from 60 seconds to 120 seconds, and change the response code requirement from 200 to 204.
  3. Modify the deployment script to create a /health-check.php le when the deployment begins, then modify the health check path to point to that le.
  4. Modify the deployment script to create a /health-check.php le when all tasks are complete, then modify the health check path to point to that le.

Answer(s): D






Post your Comments and Discuss Amazon AWS-DEVOPS-ENGINEER-PROFESSIONAL exam with other Community members:

AWS-DEVOPS-ENGINEER-PROFESSIONAL Discussions & Posts