From the latest update of Lead4pass Amazon DOP-C01 dumps, with PDF and VCE to facilitate learning and passing the exam. All exam questions and answers are updated in December, to ensure that all questions and answers are true and valid. To choose Amazon DOP-C01 Dumps PDF, Amazon DOP-C01 Dumps VCE, please visit: https://www.leads4pass.com/aws-devops-engineer-professional.html (Total Questions: 548 Q&A).
Not only that, lead4pass also shared a part of free Amazon DOP-C01 Dumps to help you take the exam.
Amazon DOP-C01 exam PDF collection
Google Drive:
https://drive.google.com/file/d/1CxJ0SUwQGHmG0XpVDqLLyo4gU07s9uYH/view?usp=sharing
https://drive.google.com/file/d/14htAaSJkza-jq8eCy3OxnIwh8ruK_eyG/view?usp=sharing
https://drive.google.com/file/d/1bBK32fCYG0hsSPiU3xOvRRmWjvtXymZz/view?usp=sharing (today)
Free Amazon DOP-C01 Dumps exam questions
Participate in the test to check the true strength, the answer will be announced at the end of the article
QUESTION 1
Your company currently runs a large multi-tier web application. One component is an API service that all other
components of your application rely on to perform read/write operations. This service must have high availability and
zero downtime during deployments. Which technique should you use to provide cost-effective, zero-downtime
deployments for this component?
A. Use an AWS CloudFormation template to re-deploy your application behind a load balancer, and launch a new AWS
CloudFormation stack during each deployment. Update your load balancer to send traffic to the new stack, and then
deploy your software. Leave your old stacks running, and tag their resources with the version for rollback.
B. Re-deploy your application on Elastic Beanstalk. During deployment, create a new version of your application, and
create a new environment running that version in Elastic BeanStalk. Finally, take advantage of the Elastic Beanstalk
Swap CNAME operation to switch to the new environment.
C. Re-deploy your application behind a load balancer that uses Auto Scaling groups. Create a new identical Auto
Scaling group and associate it to your Amazon Route53 zone. Configure Amazon Route53 to auto- weight traffic over to the new Auto Scaling group when all instances are marked as healthy.
D. Re-deploy your application behind a load balancer using an AWS OpsWorks stack and use AWS OpsWorks stack
versioning, during deployment create a new version of your application, tell AWS OpsWorks to launch the new version
behind your load balancer, and when the new version is launched, terminate the old AWS OpsWorks stack.
QUESTION 2
A DevOps engineer at a company is supporting an AWS environment in which all users use AWS Single Sign-On. The
company wants to immediately disable credentials of any new IAM user and wants the security team to receive a
notification.
Which combination of steps should the DevOps engineer take to meet these requirements? (Choose three.)
A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that reacts to an IAM CreateUser API call in AWS
CloudTrail.
B. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that reacts to an IAM GetLoginProfile API call in
AWS CloudTrail.
C. Create an AWS Lambda function that is a target of the EventBridge (CloudWatch Events) rule. Configure the Lambda
function to disable any access keys and delete the login profiles that are associated with the IAM user.
D. Create an AWS Lambda function that is a target of the EventBridge (CloudWatch Events) rule. Configure the Lambda
function to delete the login profiles that are associated with the IAM user.
E. Create an Amazon Simple Notification Service (Amazon SNS) topic that is a target of the EventBridge (CloudWatch
Events) rule. Subscribe the security team\\’s group email address to the topic.
F. Create an Amazon Simple Queue Service (Amazon SQS) queue that is a target of the Lambda
function. Subscribe the security team\\’s group email address to the queue.
QUESTION 3
When thinking of AWS Elastic Beanstalk, the \\’Swap Environment URLs\\’ feature most directly aids in what?
A. Immutable Rolling Deployments
B. Mutable Rolling Deployments
C. Canary Deployments
D. Blue-Green Deployments
Simply upload the new version of your application and let your deployment service (AWS Elastic Beanstalk, AWS
CloudFormation, or AWS OpsWorks) deploy a new version (green). To cut over to the new version, you simply replace
the ELB URLs in your DNS records. Elastic Beanstalk has a Swap Environment URLs feature to facilitate a simpler
cutover process. Reference: https://d0.awsstatic.com/whitepapers/overview-of-deployment-options-on-aws.pdf
QUESTION 4
A DevOps Engineer is responsible for the deployment of a PHP application. The Engineer is working in a hybrid
deployment, with the application running on both on-premises servers and Amazon EC2 instances. The application
needs access to a database containing highly confidential information. Application instances need access to database
credentials, which must be encrypted at rest and in transit before reaching the instances.
How should the Engineer automate the deployment process while also meeting the security requirements?
A. Use AWS Elastic Beanstalk with a PHP platform configuration to deploy application packages to the instances. Store
database credentials on AWS Systems Manager Parameter Store using the Secure String data type. Define an IAM role
for Amazon EC2 allowing access, and decrypt only the database credentials. Associate this role to all the instances.
B. Use AWS CodeDeploy to deploy application packages to the instances. Store database credentials on AWS Systems
Manager Parameter Store using the Secure String data type. Define an IAM policy for allowing access, and decrypt only
the database credentials. Attach the IAM policy to the role associated to the instance profile for CodeDeploy-managed
instances, and to the role used for on-premises instances registration on CodeDeploy.
C. Use AWS CodeDeploy to deploy application packages to the instances. Store database credentials on AWS Systems
Manager Parameter Store using the Secure String data type. Define an IAM role with an attached policy that allows
decryption of the database credentials. Associate this role to all the instances and on-premises servers.
D. Use AWS CodeDeploy to deploy application packages to the instances. Store database credentials in the AppSpec
file. Define an IAM policy for allowing access to only the database credentials. Attach the IAM policy to the role
associated to the instance profile for CodeDeploy-managed instances and the role used for on-premises instances
registration on CodeDeploy.
QUESTION 5
A company\\’s application is running on Amazon EC2 instances in an Auto Scaling group. A DevOps engineer needs to
ensure there are at least four application servers running at all times. Whenever an update has to be made to the
application, the engineer creates a new AMI with the updated configuration and updates the AWS CloudFormation
template with the new AMI ID. After the stack finishes, the engineer manually terminates the old instances one by one,
verifying that the new instance is operational before proceeding. The engineer needs to automate this process.
Which action will allow for the LEAST number of manual steps moving forward?
A. Update the CloudFormation template to include the UpdatePolicy attribute with the AutoScalingRollingUpdate policy.
B. Update the CloudFormation template to include the UpdatePolicy attribute with the AutoScalingReplacingUpdate
policy.
C. Use an Auto Scaling lifecycle hook to verify that the previous instance is operational before allowing the DevOps
engineer\\’s selected instance to terminate.
D. Use an Auto Scaling lifecycle hook to confirm there are at least four running instances before allowing the DevOps
engineer\\’s selected instance to terminate.
QUESTION 6
By default, Amazon CloudTrail logs ____ actions defined by the CloudTrail ____ APIs.
A. bucket-level; RESTful
B. object-level; RESTful
C. object-level; SDK
D. bucket-level; SDK
By default, CloudTrail logs bucket-level actions. Amazon S3 records are written together with other AWS service
records in a log file. Amazon S3 bucket-level actions supported for logging by CloudTrail are defined in its RESTful API.
Reference: http://docs.aws.amazon.com/AmazonS3/latest/dev/cloudtrail-logging.html
QUESTION 7
You need your API backed by DynamoDB to stay online during a total regional AWS failure. You can
tolerate a couple minutes of lag or slowness during a large failure event, but the system should recover
with normal operation after those few minutes.
What is a good approach?
A. Set up DynamoDB cross-region replication in a master-standby configuration, with a single standby in another region. Create an Auto Scaling Group behind an ELB in each of the two regions DynamoDB is running in. Add a Route53 Latency DNS Record with DNS Failover, using the ELBs in the two regions as the resource records.
B. Set up a DynamoDB Multi-Region table. Create an Auto Scaling Group behind an ELB in each of the two regions
DynamoDB is running in. Add a Route53 Latency DNS Record with DNS Failover, using the ELBs in the two regions as
the resource records.
C. Set up a DynamoDB Multi-Region table. Create a cross-region ELB pointing to a cross-region Auto Scaling Group,
and direct a Route53 Latency DNS Record with DNS Failover to the cross-region ELB.
D. Set up DynamoDB cross-region replication in a master-standby configuration, with a single standby in another region. Create a cross-region ELB pointing to a cross-region Auto Scaling Group, and direct a Route53 Latency DNS Record with DNS Failover to the cross-region ELB.
There is no such thing as a cross-region ELB, nor such thing as a cross-region Auto Scaling Group, nor such thing as a
DynamoDB Multi-Region Table. The only option that makes sense is the cross-regional replication version with two
ELBs and ASGs with Route53 Failover and Latency DNS. Reference:
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Streams.CrossRegionRepl.html
QUESTION 8
You currently run your infrastructure on Amazon EC2 instances behind an Auto Scaling group. All logs for you
application are currently written to ephemeral storage. Recently your company experienced a major bug in code that
made it through testing and was ultimately deployed to your fleet. This bug triggered your Auto Scaling group to scale
up and back down before you could successfully retrieve the logs off your server to better assist you in troubleshooting the bug. Which technique should you use to make sure you are able to review your logs after your instances have shut down?
A. Configure the ephemeral policies on your Auto Scaling group to back up on terminate.
B. Configure your Auto Scaling policies to create a snapshot of all ephemeral storage on terminate.
C. Install the CloudWatch Logs Agent on your AMI, and configure CloudWatch Logs Agent to stream your logs.
D. Install the CloudWatch monitoring agent on your AMI, and set up new SNS alert for CloudWatch metrics that triggers the CloudWatch monitoring agent to backup all logs on the ephemeral drive.
E. Install the CloudWatch monitoring agent on your AMI, Update your Auto Scaling policy to enable automated
CloudWatch Log copy.
QUESTION 9
What is the expected behavior if Ansible is called with `ansible-playbook -i localhost playbook.yml\\’?
A. Ansible will attempt to read the inventory file named `localhost\\’
B. Ansible will run the plays locally.
C. Ansible will run the playbook on the host named `localhost\\’
D. Ansible won\\’t run, this is invalid command line syntax
Ansible expects an inventory filename with the `-i\\’ option, regardless if it is a valid hostname. For this to execute on the host `localhost\\’ resolves to, a comma needs to be appended to the end.
Reference: http://docs.ansible.com/ansible/intro_inventory.html#inventory
QUESTION 10
When writing custom Ansible modules, which language is not supported?
A. Python
B. C++
C. Bash
D. All of the languages listed are supported
Ansible modules can be written in any language that is executable on the target system. The only requirement is that
the module can write its results as JSON output to STDOUT for Ansible to consume.
Reference: http://docs.ansible.com/ansible/developing_modules.html
QUESTION 11
An n-tier application requires a table in an Amazon RDS MySQL DB instance to be dropped and repopulated at each
deployment. This process can take several minutes and the web tier cannot come online until the process is complete.
Currently, the web tier is configured in an Amazon EC2 Auto Scaling group, with instances being terminated and
replaced at each deployment. The MySQL table is populated by running a SQL query through an AWS CodeBuild job.
What should be done to ensure that the web tier does not come online before the database is completely configured?
A. Use Amazon Aurora as a drop-in replacement for RDS MySQL. Use snapshots to populate the table with the correct
data.
B. Modify the launch configuration of the Auto Scaling group to pause user data execution for 600 seconds, allowing the table to be populated.
C. Use AWS Step Functions to monitor and maintain the state of data population. Mark the database in service before
continuing with the deployment.
D. Use an EC2 Auto Scaling lifecycle hook to pause the configuration of the web tier until the table is populated.
QUESTION 12
A DevOps engineer is creating a CI/CD pipeline for an Amazon ECS service. The ECS container instances run behind
an Application Load Balancer as the web tier of a three-tier application. An acceptance criterion for a successful
deployment is the verification that the web tier can communicate with the database and middleware tiers of the
application upon deployment.
How can this be accomplished in an automated fashion?
A. Create a health check endpoint in the web application that tests connectivity to the data and middleware tiers. Use
this endpoint as the health check URL for the load balancer.
B. Create an approval step for the quality assurance team to validate connectivity. Reject changes in the pipeline if there is an issue with connecting to the dependent tiers.
C. Use an Amazon RDS active connection count and an Amazon CloudWatch ELB metric to alarm on a significant
change to the number of open connections.
D. Use Amazon Route 53 health checks to detect issues with the web service and roll back the CI/CD pipeline if there is
an error.
QUESTION 13
Which statement is true about configuring proxy support for Amazon Inspector agent on a Windows-based system?
A. Amazon Inspector agent supports proxy usage on Windows-based systems through the use of the WinHTTP proxy.
B. Amazon Inspector agent supports proxy usage on Linux-based systems but not on Windows.
C. Amazon Inspector proxy support on Windows-based systems is achieved through installing proxy-enabled version of the agent which comes with preconfigured files that you need to edit to match your environment.
D. Amazon Inspector agent supports proxy usage on Windows-based systems through awsagent.env configuration file.
Proxy support for AWS agents is achieved through the use of the WinHTTP proxy.
Publish the answer:
Q1 | Q2 | Q3 | Q4 | Q5 | Q6 | Q7 | Q8 | Q9 | Q10 | Q11 | Q12 | Q13 |
B | CDE | D | B | B | A | A | C | A | D | D | A | A |
Get more Amazon DOP-C01 dumps: https://www.leads4pass.com/aws-devops-engineer-professional.html (Total Questions: 548 Q&A)
Amazon DOP-C01 exam PDF collection
Google Drive:
https://drive.google.com/file/d/1CxJ0SUwQGHmG0XpVDqLLyo4gU07s9uYH/view?usp=sharing
https://drive.google.com/file/d/14htAaSJkza-jq8eCy3OxnIwh8ruK_eyG/view?usp=sharing
https://drive.google.com/file/d/1bBK32fCYG0hsSPiU3xOvRRmWjvtXymZz/view?usp=sharing (today)
Choose Lead4Pass DOP-C01 dumps to get 548 newly updated exam questions and answers to help you successfully pass the exam.