1. Home
  2. Amazon
  3. DOP-C01

Amazon DOP-C01 Online Practice Questions and Exam Preparation

DOP-C01 Exam Details

  • Exam Code
    :DOP-C01
  • Exam Name
    :AWS Certified DevOps Engineer - Professional (DOP-C01)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :559 Q&As
  • Last Updated
    :Dec 22, 2024

Amazon DOP-C01 Online Questions & Answers

  • Question 491:

    Which one of the following is a restriction of AWS EBS Snapshots?

    A. Snapshot restorations are restricted to the region in which the snapshots are created.
    B. You cannot share unencrypted snapshots.
    C. To share a snapshot with a user in other region the snapshot has to be created in that region first.
    D. You cannot share a snapshot containing sensitive data such as an AWS Access Key ID or AWS Secret Access Key.

  • Question 492:

    You are responsible for a large-scale video transcoding system that operates with an Auto Scaling group of video transcoding workers. The Auto Scaling group is configured with a minimum of 750 Amazon EC2 instances and a maximum of 1000 Amazon EC2 instances. You are using Amazon SQS to pass a message containing the URI for a video stored in Amazon S3 to the transcoding workers. An Amazon CloudWatch alarm has notified you that the queue depth is becoming very large. How can you resolve the alarm without the risk of increasing the time to transcode videos? (Choose two.)

    A. Create a second queue in Amazon SQS.
    B. Adjust the Amazon CloudWatch alarms for a higher queue depth.
    C. Create a new Auto Scaling group with a launch configuration that has a larger Amazon EC2 instance type.
    D. Add an additional Availability Zone to the Auto Scaling group configuration.
    E. Change the Amazon CloudWatch alarm so that it monitors the CPU utilization of the Amazon EC2 instances rather than the Amazon SQS queue depth.
    F. Adjust the Auto Scaling group configuration to increase the maximum number of Amazon EC2 instances.

  • Question 493:

    There is a very serious outage at AWS. EC2 is not affected, but your EC2 instance deployment scripts stopped working in the region with the outage. What might be the issue?

    A. The AWS Console is down, so your CLI commands do not work.
    B. S3 is unavailable, so you can't create EBS volumes from a snapshot you use to deploy new volumes.
    C. AWS turns off the DeployCode API call when there are major outages, to protect from system floods.
    D. None of the other answers make sense. If EC2 is not affected, it must be some other issue.

  • Question 494:

    Within an IAM policy, can you add an IfExists condition at the end of a Null condition?

    A. Yes, you can add an IfExists condition at the end of a Null condition but not in all Regions.
    B. Yes, you can add an IfExists condition at the end of a Null condition depending on the condition.
    C. No, you cannot add an IfExists condition at the end of a Null condition.
    D. Yes, you can add an IfExists condition at the end of a Null condition.

  • Question 495:

    You need to deploy an AWS stack in a repeatable manner across multiple environments. You have selected CloudFormation as the right tool to accomplish this, but have found that there is a resource type you need to create and model, but is unsupported by CloudFormation. How should you overcome this challenge?

    A. Use a CloudFormation Custom Resource Template by selecting an API call to proxy for create, update, and delete actions. CloudFormation will use the AWS SDK, CLI, or API method of your choosing as the state transition function for the resource type you are modeling.
    B. Submit a ticket to the AWS Forums. AWS extends CloudFormation Resource Types by releasing tooling to the AWS Labs organization on GitHub. Their response time is usually 1 day, and they complete requests within a week or two.
    C. Instead of depending on CloudFormation, use Chef, Puppet, or Ansible to author Heat templates, which are declarative stack resource definitions that operate over the OpenStack hypervisor and cloud environment.
    D. Create a CloudFormation Custom Resource Type by implementing create, update, and delete functionality, either by subscribing a Custom Resource Provider to an SNS topic, or by implementing the logic in AWS Lambda.

  • Question 496:

    What is the main difference between calling the commands `ansible' and `ansible-playbook' on the command line?

    A. `ansible' is for setting configuration and environment variables which `ansible-playbook' will use when running plays.
    B. `ansible-playbook' is for running entire Playbooks while `ansible' is for calling ad-hoc commands.
    C. `ansible-playbook' runs the playbooks by using the `ansible' command to run the individual plays
    D. `ansible' is for running individual plays and `ansible-playbook' is for running the entire playbook.

  • Question 497:

    Your company wants to understand where cost is coming from in the company's production AWS account. There are a number of applications and services running at any given time. Without expending too much initial development time, how best can you give the business a good understanding of which applications cost the most per month to operate?

    A. Create an automation script which periodically creates AWS Support tickets requesting detailed intra- month information about your bill.
    B. Use custom CloudWatch Metrics in your system, and put a metric data point whenever cost is incurred.
    C. Use AWS Cost Allocation Tagging for all resources which support it. Use the Cost Explorer to analyze costs throughout the month.
    D. Use the AWS Price API and constantly running resource inventory scripts to calculate total price based on multiplication of consumed resources over time.

  • Question 498:

    A DevOps Engineer is implementing a mechanism for canary testing an application on AWS. The application was recently modified and went through security, unit, and functional testing. The application needs to be deployed on an

    AutoScaling group and must use a Classic Load Balancer.

    Which design meets the requirement for canary testing?

    A. Create a different Classic Load Balancer and Auto Scaling group for blue/green environments. Use Amazon Route 53 and create weighted A records on Classic Load Balancer.
    B. Create a single Classic Load Balancer and an Auto Scaling group for blue/green environments. Use Amazon Route 53 and create A records for Classic Load Balancer IPs. Adjust traffic using A records.
    C. Create a single Classic Load Balancer and an Auto Scaling group for blue/green environments. Create an Amazon CloudFront distribution with the Classic Load Balancer as the origin. Adjust traffic using CloudFront.
    D. Create a different Classic Load Balancer and Auto Scaling group for blue/green environments. Create an Amazon API Gateway with a separate stage for the Classic Load Balancer. Adjust traffic by giving weights to this stage.

  • Question 499:

    You have an application running on an Amazon EC2 instance and you are using IAM roles to securely access AWS Service APIs. How can you configure your application running on that instance to retrieve the API keys for use with the AWS SDKs?

    A. When assigning an EC2 IAM role to your instance in the console, in the "Chosen SDK" dropdown list, select the SDK that you are using, and the instance will configure the correct SDK on launch with the API keys.
    B. Within your application code, make a GET request to the IAM Service API to retrieve credentials for your user.
    C. When using AWS SDKs and Amazon EC2 roles, you do not have to explicitly retrieve API keys, because the SDK handles retrieving them from the Amazon EC2 MetaData service.
    D. Within your application code, configure the AWS SDK to get the API keys from environment variables, because assigning an Amazon EC2 role stores keys in environment variables on launch.

  • Question 500:

    You are building a mobile app for consumers to post cat pictures online. You will be storing the images in AWS S3. You want to run the system very cheaply and simply. Which one of these options allows you to build a photo sharing application without needing to worry about scaling expensive uploads processes, authentication/authorization and so forth?

    A. Build the application out using AWS Cognito and web identity federation to allow users to log in using Facebook or Google Accounts. Once they are logged in, the secret token passed to that user is used to directly access resources on AWS, like AWS S3.
    B. Use JWT or SAML compliant systems to build authorization policies. Users log in with a username and password, and are given a token they can use indefinitely to make calls against the photo infrastructure.
    C. Use AWS API Gateway with a constantly rotating API Key to allow access from the client-side. Construct a custom build of the SDK and include S3 access in it.
    D. Create an AWS oAuth Service Domain ad grant public signup and access to the domain. During setup, add at least one major social media site as a trusted Identity Provider for users.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DOP-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.