DOP-C01 Exam Details

  • Exam Code
    :DOP-C01
  • Exam Name
    :AWS Certified DevOps Engineer - Professional (DOP-C01)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :559 Q&As
  • Last Updated
    :Dec 22, 2024

Amazon DOP-C01 Online Questions & Answers

  • Question 531:

    A company is implementing a well-architected design for its globally accessible API stack. The design needs to ensure both high reliability and fast response times for users located in North America and Europe.

    The API stack contains the following three tiers:

    1.

    Amazon API Gateway

    2.

    AWS Lambda

    3.

    Amazon DynamoDB

    Which solution will meet the requirements?

    A. Configure Amazon Route 53 to point to API Gateway APIs in North America and Europe using health checks. Configure the APIs to forward requests to a Lambda function in that Region. Configure the Lambda functions to retrieve and update the data in a DynamoDB table in the same Region as the Lambda function.
    B. Configure Amazon Route 53 to point to API Gateway APIs in North America and Europe using latency- based routing and health checks. Configure the APIs to forward requests to a Lambda function in that Region. Configure the Lambda functions to retrieve and update the data in a DynamoDB global table.
    C. Configure Amazon Route 53 to point to API Gateway in North America, create a disaster recovery API in Europe, and configure both APIs to forward requests to the Lambda functions in that Region. Retrieve the data from a DynamoDB global table. Deploy a Lambda function to check the North America API health every 5 minutes. In the event of a failure, update Route 53 to point to the disaster recovery API.
    D. Configure Amazon Route 53 to point to API Gateway API in North America using latency-based routing. Configure the API to forward requests to the Lambda function in the Region nearest to the user. Configure the Lambda function to retrieve and update the data in a DynamoDB table.

  • Question 532:

    Some of your EC2 instances are configured to use a Proxy. Can you use Amazon Inspector for regular assessment of instances behind proxy?

    A. Only Windows-based systems are supported as Linux-based systems use custom configurations that are not supported by AWS Agent in the current release.
    B. Only Linux-based systems are supported, and AWS agent supports HTTPS proxy on these systems.
    C. No, AWS Agent does NOT support proxy environments.
    D. Yes, AWS Agent supports proxy environments on both Linux-based and Windows-based systems.

  • Question 533:

    A company is creating a software solution that executes a specific parallel-processing mechanism. The software can scale to tens of servers in some special scenarios. This solution uses a proprietary library that is license-based, requiring

    that each individual server have a single, dedicated license installed. The company has 200 licenses and is planning to run 200 server nodes concurrently at most.

    The company has requested the following features:

    1.

    A mechanism to automate the use of the licenses at scale.

    2.

    Creation of a dashboard to use in the future to verify which licenses are available at any moment.

    What is the MOST effective way to accomplish these requirements?

    A. Upload the licenses to a private Amazon S3 bucket. Create an AWS CloudFormation template with a Mappings section for the licenses. In the template, create an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the Mappings section. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.
    B. Upload the licenses to an Amazon DynamoDB table. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the DynamoDB table. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.
    C. Upload the licenses to a private Amazon S3 bucket. Populate an Amazon SQS queue with the list of licenses stored in S3. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script acquire an available license from SQS. Create an Auto Scaling lifecycle hook, then use it to put the license back in SQS after the instance is terminated.
    D. Upload the licenses to an Amazon DynamoDB table. Create an AWS CLI script to launch the servers by using the parameter --count, with min:max instances to launch. In the user data script, acquire an available license from the DynamoDB table. Monitor each instance and, in case of failure, replace the instance, then manually update the DynamoDB table.

  • Question 534:

    A company is adopting serverless computing and is migrating some of its existing applications to AWS Lambda. A DevOps engineer must come up with an automated deployment strategy using AWS CodePipeline that should include proper version controls, branching strategies, and rollback methods.

    Which combination of steps should the DevOps engineer follow when setting up the pipeline? (Choose three.)

    A. Use Amazon S3 as the source code repository.
    B. Use AWS CodeCommit as the source code repository.
    C. Use AWS CloudFormation to create an AWS Serverless Application Model (AWS SAM) template for deployment.
    D. Use AWS CodeBuild to create an AWS Serverless Application Model (AWS SAM) template for deployment.
    E. Use AWS CloudFormation to deploy the application.
    F. Use AWS CodeDeploy to deploy the application.

  • Question 535:

    A developer tested an application locally and then deployed it to AWS Lambda. While testing the application remotely, the Lambda function fails with an access denied message. How can this issue be addressed?

    A. Update the Lambda function's execution role to include the missing permissions.
    B. Update the Lambda function's resource policy to include the missing permissions.
    C. Include an IAM policy document at the root of the deployment package and redeploy the Lambda function.
    D. Redeploy the Lambda function using an account with access to the AdministratorAccess policy.

  • Question 536:

    An application has microservices spread across different AWS accounts and is integrated with an on- premises legacy system for some of its functionality. Because of the segmented architecture and missing logs, every time the application

    experiences issues, it is taking too long to gather the logs to identify the issues. A DevOps Engineer must fix the log aggregation process and provide a way to centrally analyze the logs.

    Which is the MOST efficient and cost-effective solution?

    A. Collect system logs and application logs by using the Amazon CloudWatch Logs agent. Use the Amazon S3 API to export on-premises logs, and store the logs in an S3 bucket in a central account. Build an Amazon EMR cluster to reduce the logs and derive the root cause.
    B. Collect system logs and application logs by using the Amazon CloudWatch Logs agent. Use the Amazon S3 API to import on-premises logs. Store all logs in S3 buckets in individual accounts. Use Amazon Macie to write a query to search for the required specific event-related data point.
    C. Collect system logs and application logs using the Amazon CloudWatch Logs agent. Install the CloudWatch Logs agent on the on-premises servers. Transfer all logs from AWS to the on-premises data center. Use an Amazon Elasticsearch Logstash Kibana stack to analyze logs on premises.
    D. Collect system logs and application logs by using the Amazon CloudWatch Logs agent. Install a CloudWatch Logs agent for on-premises resources. Store all logs in an S3 bucket in a central account. Set up an Amazon S3 trigger and an AWS Lambda function to analyze incoming logs and automatically identify anomalies. Use Amazon Athena to run ad hoc queries on the logs in the central account.

  • Question 537:

    Which of these configuration or deployment practices is a security risk for RDS?

    A. Storing SQL function code in plaintext
    B. Non-Multi-AZ RDS instance
    C. Having RDS and EC2 instances exist in the same subnet
    D. RDS in a public subnet

  • Question 538:

    When logging with Amazon CloudTrail, API call information for services with single end points is ____.

    A. captured and processed in the same region as to which the API call is made and delivered to the region associated with your Amazon S3 bucket
    B. captured, processed, and delivered to the region associated with your Amazon S3 bucket
    C. captured in the same region as to which the API call is made and processed and delivered to the region associated with your Amazon S3 bucket
    D. captured in the region where the end point is located, processed in the region where the CloudTrail trail is configured, and delivered to the region associated with your Amazon S3 bucket

  • Question 539:

    Your application has an Auto Scaling group of m3.large instances running an application that receives messages born an Amazon SQS queue. After a while, the number of instances reaches the maximum set for the group and the number of messages on the queue continues to increase. You have discovered that a third- party library used by the application has a bug that causes a memory leak. What cost-effective steps can you take to continue message processing while the library developer fixes the bug?

    A. Enable Elastic Load Balancing health checks for the Auto Scaling group. When Elastic Load Balancing has detected a failure, Auto Scaling will terminate the failing application's instance and launch a new one.
    B. Use Amazon EC2 instance memory usage CloudWatch metrics to raise alerts when they reach a defined level and send a message to Auto Scaling to fail the instance health check.
    C. Use application monitoring on the instance to restart the application when memory usage reaches a defined level.
    D. Create a new Auto Scaling launch configuration to use the r3.large instance type. Update the Auto Scaling group with the new launch configuration.

  • Question 540:

    A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS accounts.

    The buildspec.yml file contains the following:

    The DevOps Engineer has noticed that anybody with an AWS account is able to download the artifacts.

    What steps should the DevOps Engineer take to stop this?

    A. Modify the post_build to command to use ?acl public-read and configure a bucket policy that grants read access to the relevant AWS accounts only.
    B. Configure a default ACL for the S3 bucket that defines the set of authenticated users as the relevant AWS accounts only and grants read-only access.
    C. Create an S3 bucket policy that grants read access to the relevant AWS accounts and denies read access to the principal "*"
    D. Modify the post_build command to remove ?acl authenticated-read and configure a bucket policy that allows read access to the relevant AWS accounts only.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DOP-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.