Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

AWS Certified Professional DOP-C02 Full Course Free

Page: 23 / 34
Total 449 questions

AWS Certified DevOps Engineer - Professional Questions and Answers

Question 89

A company is optimizing its AWS costs. Most of the company’s AWS spend is for Amazon EC2. When the company analyzes its EC2 usage metrics in Amazon CloudWatch, the company observes that most of its EC2 instances are in an idle state.

The company considers an instance idle if it has a maximum CPU utilization of less than 2% in the previous 24 hours. The company evaluates metrics for instances based on 1-hour intervals. The company decides to configure a CloudWatch alarm for each EC2 instance in the account. The company wants the alarm to activate when an instance is idle.

How should the company configure the CloudWatch alarm?

Options:

A.

Select anomaly detection as the threshold type. Set the anomaly detection threshold to 2. Set Datapoints to Alarm to 24 out of 24.

B.

Select static as the threshold type. Set the threshold value to 2. Set Datapoints to Alarm to 24 out of 24.

C.

Select anomaly detection as the threshold type. Set the anomaly detection threshold to 2. Set Datapoints to Alarm to 1 out of 24.

D.

Select static as the threshold type. Set the threshold value to 2. Set Datapoints to Alarm to 1 out of 24.

Question 90

A DevOps engineer needs to configure a blue green deployment for an existing three-tier application. The application runs on Amazon EC2 instances and uses an Amazon RDS database The EC2 instances run behind an Application Load Balancer (ALB) and are in an Auto Scaling group.

The DevOps engineer has created a launch template and an Auto Scaling group for the blue environment. The DevOps engineer also has created a launch template and an Auto Scaling group for the green environment. Each Auto Scaling group deploys to a matching blue or green target group. The target group also specifies which software blue or green gets loaded on the EC2 instances. The ALB can be configured to send traffic to the blue environments target group or the green environments target group. An Amazon Route 53 record for www example com points to the ALB.

The deployment must move traffic all at once between the software on the blue environment ' s EC2 instances to the newly deployed software on the green environments EC2 instances

What should the DevOps engineer do to meet these requirements?

Options:

A.

Start a rolling restart to the Auto Scaling group tor the green environment to deploy the new software on the green environment ' s EC2 instances When the rolling restart is complete, use an AWS CLI command to update the ALB to send traffic to the green environment ' s target group.

B.

Use an AWS CLI command to update the ALB to send traffic to the green environment ' s target group. Then start a rolling restart of the Auto Scaling group for the green environment to deploy the new software on the green environment ' s EC2 instances.

C.

Update the launch template to deploy the green environment ' s software on the blue environment ' s EC2 instances Keep the target groups and Auto Scaling groups unchanged in both environments Perform a rolling restart of the blue environment ' s EC2 instances.

D.

Start a rolling restart of the Auto Scaling group for the green environment to deploy the new software on the green environment ' s EC2 instances When the rolling restart is complete, update the Route 53 DNS to point to the green environments endpoint on the ALB.

Question 91

A development team uses AWS CodeCommit for version control for applications. The development team uses AWS CodePipeline, AWS CodeBuild. and AWS CodeDeploy for CI/CD infrastructure. In CodeCommit, the development team recently merged pull requests that did not pass long-running tests in the code base. The development team needed to perform rollbacks to branches in the codebase, resulting in lost time and wasted effort.

A DevOps engineer must automate testing of pull requests in CodeCommit to ensure that reviewers more easily see the results of automated tests as part of the pull request review.

What should the DevOps engineer do to meet this requirement?

Options:

A.

Create an Amazon EventBridge rule that reacts to the pullRequestStatusChanged event. Create an AWS Lambda function that invokes a CodePipeline pipeline with a CodeBuild action that runs the tests for the application. Program the Lambda function to post the CodeBuild badge as a comment on the pull request so that developers will see the badge in their code review.

B.

Create an Amazon EventBridge rule that reacts to the pullRequestCreated event. Create an AWS Lambda function that invokes a CodePipeline pipeline with a CodeBuild action that runs the tests for the application. Program the Lambda function to post the CodeBuild test results as a comment on the pull request when the test results are complete.

C.

Create an Amazon EventBridge rule that reacts to pullRequestCreated and pullRequestSourceBranchUpdated events. Create an AWS Lambda function that invokes a CodePipeline pipeline with a CodeBuild action that runs the tests for the application. Program the Lambda function to post the CodeBuild badge as a comment on the pull request so that developers will see the badge in their code review.

D.

Create an Amazon EventBridge rule that reacts to the pullRequestStatusChanged event. Create an AWS Lambda function that invokes a CodePipeline pipeline with a CodeBuild action that runs the tests for the application. Program the Lambda function to post the CodeBuild test results as a comment on the pull request when the test results are complete.

Question 92

A company is using AWS Organizations and wants to implement a governance strategy with the following requirements:

    AWS resource access is restricted to the same two Regions for all accounts.

    AWS services are limited to a specific group of authorized services for all accounts.

    Authentication is provided by Active Directory .

    Access permissions are organized by job function and are identical in each account.

Which solution will meet these requirements?

Options:

A.

Establish an organizational unit (OU) with group policies in the management account to restrict Regions and authorized services. Use AWS CloudFormation StackSets to provision roles with permissions for each job function, including an IAM trust policy for IAM identity provider authentication in each account.

B.

Establish a permission boundary in the management account to restrict Regions and authorized services. Use AWS CloudFormation StackSets to provision roles with permissions for each job function, including an IAM trust policy for IAM identity provider authentication in each account.

C.

Establish a service control policy in the management account to restrict Regions and authorized services. Use AWS Resource Access Manager (AWS RAM) to share management account roles with permissions for each job function, including AWS IAM Identity Center for authentication in each account.

D.

Establish a service control policy (SCP) in the management account to restrict Regions and authorized services. Use AWS CloudFormation StackSets to provision roles with permissions for each job function, including an IAM trust policy for IAM identity provider authentication in each account.

Page: 23 / 34
Total 449 questions