Amazon Web Services DOP-C02 Practice Exam Dumps 2025

Amazon Web Services Related Exams

Amazon Web Services SOA-C01

AWS Certified SysOps Administrator - Associate

View Detail

Amazon Web Services MLS-C01

AWS Certified Machine Learning - Specialty

View Detail

Amazon Web Services AXS-C01

AWS Certified Alexa Skill Builder-Specialty

View Detail

Amazon Web Services SAA-C03

AWS Certified Solutions Architect - Associate (SAA-C03)

View Detail

Amazon Web Services ANS-C01

Amazon AWS Certified Advanced Networking - Specialty

View Detail

Amazon Web Services DVA-C02

AWS Certified Developer - Associate

View Detail

Amazon Web Services SCS-C02

AWS Certified Security - Specialty

View Detail

Amazon Web Services CLF-C02

AWS Certified Cloud Practitioner

View Detail

Amazon Web Services Data-Engineer-Associate

AWS Certified Data Engineer - Associate (DEA-C01)

View Detail

Amazon Web Services AIF-C01

AWS Certified AI Practitioner Exam

View Detail

Last Week Results

32 Customers Passed Amazon Web Services
DOP-C02 Exam

Average Score In Real Exam

86.7%

Questions came word for word from this dump

88.6%

Amazon Web Services Bundle Exams

Duration: 3 to 12 Months

7 Certifications

17 Exams

Amazon Web Services Updated Exams

Most authenticate information

Prepare within Days

Time-Saving Study Content

90 to 365 days Free Update

$291.2*

View Detail

Free DOP-C02 Exam Dumps

AWS Certified DevOps Engineer - Professional Questions and Answers

Question 1

A company is migrating its container-based workloads to an AWS Organizations multi-account environment. The environment consists of application workload accounts that the company uses to deploy and run the containerized workloads. The company has also provisioned a shared services account tor shared workloads in the organization.

The company must follow strict compliance regulations. All container images must receive security scanning before they are deployed to any environment. Images can be consumed by downstream deployment mechanisms after the images pass a scan with no critical vulnerabilities. Pre-scan and post-scan images must be isolated from one another so that a deployment can never use pre-scan images.

A DevOps engineer needs to create a strategy to centralize this process.

Which combination of steps will meet these requirements with the LEAST administrative overhead? (Select TWO.)

Options:

Create Amazon Elastic Container Registry (Amazon ECR) repositories in the shared services account: one repository for each pre-scan image and one repository for each post-scan image. Configure Amazon ECR image scanning to run on new image pushes to the pre-scan repositories. Use resource-based policies to grant the organization write access to the pre-scan repositories and read access to the post-scan repositories.

Create pre-scan Amazon Elastic Container Registry (Amazon ECR) repositories in each account that publishes container images. Create repositories for post-scan images in the shared services account. Configure Amazon ECR image scanning to run on new image pushes to the pre-scan repositories. Use resource-based policies to grant the organization read access to the post-scan repositories.

Configure image replication for each image from the image's pre-scan repository to the image's post-scan repository.

Create a pipeline in AWS CodePipeline for each pre-scan repository. Create a source stage that runs when new images are pushed to the pre-scan repositories. Create a stage that uses AWS CodeBuild as the action provider. Write a buildspec.yaml definition that determines the image scanning status and pushes images without critical vulnerabilities lo the post-scan repositories.

Create an AWS Lambda function. Create an Amazon EventBridge rule that reacts to image scanning completed events and invokes the Lambda function. Write function code that determines the image scanning status and pushes images without critical vulnerabilities to the post-scan repositories.

Buy Now

Answer:

A, C

Explanation:

 Step 1: Centralizing Image Scanning in a Shared Services Account

The first requirement is to centralize the image scanning process, ensuring pre-scan and post-scan images are stored separately. This can be achieved by creating separate pre-scan and post-scan repositories in the shared services account, with the appropriate resource-based policies to control access.

Action: Create separate ECR repositories for pre-scan and post-scan images in the shared services account. Configure resource-based policies to allow write access to pre-scan repositories and read access to post-scan repositories.

Why: This ensures that images are isolated before and after the scan, following the compliance requirements.

[Reference: AWS documentation on Amazon ECR and resource-based policies., This corresponds to Option A: Create Amazon Elastic Container Registry (Amazon ECR) repositories in the shared services account: one repository for each pre-scan image and one repository for each post-scan image. Configure Amazon ECR image scanning to run on new image pushes to the pre-scan repositories. Use resource-based policies to grant the organization write access to the pre-scan repositories and read access to the post-scan repositories.,  Step 2: Replication between Pre-Scan and Post-Scan RepositoriesTo automate the transfer of images from the pre-scan repositories to the post-scan repositories (after they pass the security scan), you can configure image replication between the two repositories., Action: Set up image replication between the pre-scan and post-scan repositories to move images that have passed the security scan., Why: Replication ensures that only scanned and compliant images are available for deployment, streamlining the process with minimal administrative overhead., Reference: AWS documentation on Amazon ECR image replication., This corresponds to Option C: Configure image replication for each image from the image's pre-scan repository to the image's post-scan repository., , , ]

Question 2

A company's application is currently deployed to a single AWS Region. Recently, the company opened a new office on a different continent. The users in the new office are experiencing high latency. The company's application runs on Amazon EC2 instances behind an Application Load Balancer (ALB) and uses Amazon DynamoDB as the database layer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones. A DevOps engineer is tasked with minimizing application response times and improving availability for users in both Regions.

Which combination of actions should be taken to address the latency issues? (Choose three.)

Options:

Create a new DynamoDB table in the new Region with cross-Region replication enabled.

Create new ALB and Auto Scaling group global resources and configure the new ALB to direct traffic to the new Auto Scaling group.

Create new ALB and Auto Scaling group resources in the new Region and configure the new ALB to direct traffic to the new Auto Scaling group.

Create Amazon Route 53 records, health checks, and latency-based routing policies to route to the ALB.

Create Amazon Route 53 aliases, health checks, and failover routing policies to route to the ALB.

Convert the DynamoDB table to a global table.

Question 3

A company runs a fleet of Amazon EC2 instances in a VPC. The company's employees remotely access the EC2 instances by using the Remote Desktop Protocol (RDP). The company wants to collect metrics about how many RDP sessions the employees initiate every day. Which combination of steps will meet this requirement? (Select THREE.)

Options:

Create an Amazon EventBridge rule that reacts to EC2 Instance State-change Notification events.

Create an Amazon CloudWatch Logs log group. Specify the log group as a target for the EventBridge rule.

Create a flow log in VPC Flow Logs.

Create an Amazon CloudWatch Logs log group. Specify the log group as a destination for the flow log.

Create a log group metric filter.

Create a log group subscription filter. Use EventBridge as the destination.

Winter Sale - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

DOP-C02 Exam Dumps : AWS Certified DevOps Engineer - Professional

Amazon Web Services Related Exams

Verified By IT Certified Experts

CertsTopics.com Certified Safe Files

Up-To-Date Exam Study Material

99.5% High Success Pass Rate

100% Accurate Answers

Instant Downloads

Exam Questions And Answers PDF

Try Demo Before You Buy

AWS Certified DevOps Engineer - Professional Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce