Vendor: Amazon
Certifications: AWS Certified Professional
Exam Name: AWS Certified DevOps Engineer - Professional
Exam Code: DOP-C02
Total Questions: 332 Q&As ( View Details)
Last Updated: Mar 24, 2024
Note: Product instant download. Please sign in and click My account to download your product.
VCE
Amazon DOP-C02 Last Month Results
DOP-C02 Q&A's Detail
Exam Code: | DOP-C02 |
Total Questions: | 332 |
Single & Multiple Choice | 332 |
CertBus Has the Latest DOP-C02 Exam Dumps in Both PDF and VCE Format
DOP-C02 Online Practice Questions and Answers
A user is defining a policy for the IAM user. Which of the below mentioned elements can be found in an IAM policy?
A. Not Effect
B. Supported Data Types
C. Principal Resource
D. Version Management
A company is running an application on Amazon EC2 instances in an Auto Scaling group. Recently an issue occurred that prevented EC2 instances from launching successfully and it took several hours for the support team to discover the issue. The support team wants to be notified by email whenever an EC2 instance does not start successfully.
Which action will accomplish this?
A. Add a health check to the Auto Scaling group to invoke an AWS Lambda function whenever an instance status is impaired.
B. Configure the Auto Scaling group to send a notification to an Amazon SNS topic whenever a failed instance launch occurs.
C. Create an Amazon CloudWatch alarm that invokes an AWS Lambda function when a failed Attachinstances Auto Scaling API call is made.
D. Create a status check alarm on Amazon EC2 to send a notification to an Amazon SNS topic whenever a status check fail occurs.
A company has many AWS accounts. During AWS account creation the company uses automation to create an Amazon CloudWatch Logs log group in every AWS Region that the company operates in. The automaton configures new resources in the accounts to publish logs to the provisioned log groups in their Region.
The company has created a logging account to centralize the logging from all the other accounts. A DevOps engineer needs to aggregate the log groups from all the accounts to an existing Amazon S3 bucket in the logging account.
Which solution will meet these requirements in the MOST operationally efficient manner?
A. In the logging account create a CloudWatch Logs destination with a destination policy. For each new account subscribe the CloudWatch Logs log groups to the. Destination Configure a single Amazon Kinesis data stream and a single Amazon Kinesis Data Firehose delivery stream to deliver the logs from the CloudWatch Logs destination to the S3 bucket.
B. In the logging account create a CloudWatch Logs destination with a destination policy for each Region. For each new account subscribe the CloudWatch Logs log groups to the destination. Configure a single Amazon Kinesis data stream and a single Amazon Kinesis Data Firehose delivery stream to deliver the logs from all the CloudWatch Logs destinations to the S3 bucket.
C. In the logging account create a CloudWatch Logs destination with a destination policy for each Region. For each new account subscribe the CloudWatch Logs log groups to the destination Configure an Amazon Kinesis data stream and an Amazon Kinesis Data Firehose delivery stream for each Region to deliver the logs from the CloudWatch Logs destinations to the S3 bucket.
D. In the logging account create a CloudWatch Logs destination with a destination policy. For each new account subscribe the CloudWatch Logs log groups to the destination. Configure a single Amazon Kinesis data stream to deliver the logs from the CloudWatch Logs destination to the S3 bucket.
To run an application, a DevOps engineer launches an Amazon EC2 instance with public IP addresses in a public subnet. A user data script obtains the application artifacts and installs them on the instances upon launch. A change to the security classification of the application now requires the instances to run with no access to the internet. While the instances launch successfully and show as healthy, the application does not seem to be installed.
Which of the following should successfully install the application while complying with the new rule?
A. Launch the instances in a public subnet with Elastic IP addresses attached. Once the application is installed and running, run a script to disassociate the Elastic IP addresses afterwards.
B. Set up a NAT gateway. Deploy the EC2 instances to a private subnet. Update the private subnet's route table to use the NAT gateway as the default route.
C. Publish the application artifacts to an Amazon S3 bucket and create a VPC endpoint for S3. Assign an IAM instance profile to the EC2 instances so they can read the application artifacts from the S3 bucket.
D. Create a security group for the application instances and allow only outbound traffic to the artifact repository. Remove the security group rule once the install is complete.
A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS accounts.
The buildspec.yml file contains the following:
The DevOps engineer has noticed that anybody with an AWS account is able to download the artifacts. What steps should the DevOps engineer take to stop this?
A. Modify the post_build command to use --acl public-read and configure a bucket policy that grants read access to the relevant AWS accounts only.
B. Configure a default ACL for the S3 bucket that defines the set of authenticated users as the relevant AWS accounts only and grants read-only access.
C. Create an S3 bucket policy that grants read access to the relevant AWS accounts and denies read access to the principal "*".
D. Modify the post_build command to remove --acl authenticated-read and configure a bucket policy that allows read access to the relevant AWS accounts only.
Add Comments
I got all questions from this dumps. I think I answered 2 questions wrong because I passed my exam with 96% of the full score. Questions may change in the real exam. So be sure to read your questions carefully in your actual exam. Pay attention to the orders of each option, too.
thanks god and thank you all. 100% valid. you can trust on it.
I honestly started reading through the questions and re-reading it every night starting one month out from the test. I don't think I saw anything on the test that I didn't see at least tangentially covered in these questions.
hi guys, thanks for your help. I passed the exam with good score yesterday. Thanks a million.
This dumps is valid, and this dumps is the only study material i used for this exam. Surprisingly i met the same question in the exam, so i passed the exam without doubt. Thanks for this dumps and i will recommend it to my friends.
I'm only part way through the dumps, but I've been impressed with the writing, content, and presentation of the material. I've read several of the other study guides, and those authors seem more disorganized or believe more words rather than concise content make the material.
hi guys , i passed this exam today. Really thanks for this dumps,Recommend strongly.
yes, i passed the exam in the morning, thanks for this study material. Recommend.
i have achieved high score by using this dumps good luck to you.
Pass the exam easily with there dumps! The questions are valid and correct. I got no new question in my actual exam. I prepare for my exam only with this dumps.
Amazon DOP-C02 exam official information: To earn this certification, you’ll need to take and pass the AWS Certified DevOps Engineer - Professional exam (DOP-C02). The exam features a combination of two question formats: multiple choice and multiple response. Additional information, such as the exam content outline and passing score, is in the exam guide.