22 July, 2022

Practical Amazon-Web-Services DOP-C01 Free Draindumps Online

We provide real DOP-C01 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Amazon-Web-Services DOP-C01 Exam quickly & easily. The DOP-C01 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Amazon-Web-Services DOP-C01 dumps pdf and vce product and material, you can easily pass the DOP-C01 exam.

Online DOP-C01 free questions and answers of New Version:

Page: 1 / 9

Total 116 questions Full Exam Access

Question 1

Your development team use .Net to code their web application. They want to deploy it to AWS for the purpose of continuous integration and deployment. The application code is hosted in a Git repository. Which of the following combination of steps can be used to fulfil this requirement. Choose 2 answers from the options given below

Use the Elastic beanstalk service to provision an IIS platform web environment to host the application.

Use the Code Pipeline service to provision an IIS environment to host the application.

Create a source bundle for the .Net code and upload it as an application revision.

Use a chef recipe to deploy the code and attach it to the Elastic beanstalk environment.

Question 2

You have a set of EC2 instances hosted in AWS. You have created a role named DemoRole and assigned that role to a policy, but you are unable to use that role with an instance. Why is this the case.

You need to create an instance profile and associate it with that specific role.

You are not able to associate an 1AM role with an instanceC You won't be able to use that role with an instance unless you also create a user and associate it with that specific role

You won't be able to use that role with an instance unless you also create a usergroup and associate it with that specific role.

Question 3

Which of the following Cloudformation helper scripts can help install packages on EC2 resources

cfn-init

cfn-signal

cfn-get-metadata

cfn-hup

Question 4

You are administering a continuous integration application that polls version control for changes and then launches new Amazon EC2 instances for a full suite of build tests. What should you do to ensure the lowest overall cost while being able to run as many tests in parallel as possible?

Perform syntax checking on the continuous integration system before launching a new Amazon EC2 instance for build test, unit and integration tests.

Perform syntax and build tests on the continuous integration system before launching the newAmazon EC2 instance unit and integration test

Perform all tests on the continuous integration system, using AWS OpsWorks for unit, integration, and build tests.

Perform syntax checking on the continuous integration system before launching a new AWS Data Pipeline for coordinating the output of unit, integration, and build tests.

Question 5

Which of the following services can be used to implement DevOps in your company.

AWS Elastic Beanstalk

AWSOpswork

AWS Cloudformation

All of the above

Question 6

Which of the following commands for the elastic beanstalk CLI can be used to create the current application into the specified environment?

ebcreate

ebstart

enenv

enapp

My answer: -

Reference answer: A

Reference analysis:

Differences from Version 3 of EB CLI
CB is a command line interface (CLI) tool for Clastic Beanstalk that you can use to deploy applications quickly and more easily. The latest version of CB was introduced by Clastic Beanstalk in CB CLI 3. Although Clastic Beanstalk still supports CB 2.6 for customers who previously installed and continue to use it, you should migrate to the latest version of CB CLI 3, as it can manage environments that you launched using CB CLI 2.6 or earlier versions of CB CLI. CB CLI automatically retrieves settings from an environment created using CB if the environment is running. Note that CB CLI 3 does not store option settings locally, as in earlier versions.
CB CLI introduces the commands eb create, eb deploy, eb open, eb console, eb scale, eb setenv, eb config, eb terminate, eb clone, eb list, eb use, eb printenv, and eb ssh. In CB CLI 3.1 or later, you can also use the eb swap command. In CB CLI 3.2 only, you can use the eb abort, eb platform, and eb upgrade commands. In addition to these new commands, CB CLI 3 commands differ from CB CLI 2.6 commands in several cases:
1. eb init - Use eb init to create an .elasticbeanstalk directory in an existing project directory and create a new Clastic Beanstalk application for the project. Unlike with previous versions, CB CLI 3 and later versions do not prompt you to create an environment.
2. eb start - CB CLI 3 does not include the command eb start. Use eb create to create an environment.
3. eb stop - CB CLI 3 does not include the command eb stop. Use eb terminate to completely terminate an environment and clean up.
4. eb push and git aws.push - CB CLI 3 does not include the commands eb push or git aws.push. Use eb deploy to update your application code.
5. eb update - CB CLI 3 does not include the command eb update. Use eb config to update an environment.
6. eb branch - CB CLI 3 does not include the command eb branch.
For more information about using CB CLI 3 commands to create and manage an application, see CB CLI Command Reference. For a command reference for CB 2.6, see CB CLI 2 Commands. For a walkthrough of how to deploy a sample application using CB CLI 3, see Managing Clastic Beanstalk environments with the CB CLI. For a walkthrough of how to deploy a sample application using eb 2.6, see Getting Started with Cb. For a walkthrough of how to use CB 2.6 to map a Git branch to a specific environment, see Deploying a Git Branch to a Specific environment. https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb-cli. html #eb-cli2-differences Note: Additionally, CB CLI 2.6 has been deprecated. It has been replaced by AWS CLI https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb-cl i3.htm I We will replace this question soon.

Question 7

Your company has developed a web application and is hosting it in an Amazon S3 bucket configured for static website hosting. The application is using the AWS SDK for JavaScript in the browser to access data stored in an Amazon DynamoDB table. How can you ensure that API keys for access to your data in DynamoDB are kept secure?

Create an Amazon S3 role in 1AM with access to the specific DynamoDB tables, and assign it to the bucket hosting your website.

Configure S3 bucket tags with your AWS access keys for your bucket hosing your website so that the application can query them for access.

Configure a web identity federation role within 1AM to enable access to the correct DynamoDB resources and retrieve temporary credentials.

Store AWS keys in global variables within your application and configure the application to use these credentials when making requests.

Question 8

Your company is using an Autoscaling Group to scale out and scale in instances. There is an expectation of a peak in traffic every Monday at 8am. The traffic is then expected to come down before the weekend on Friday 5pm. How should you configure Autoscaling in this?

Createdynamic scaling policies to scale up on Monday and scale down on Friday

Create a scheduled policy to scale up on Fridayand scale down on Monday

CreateascheduledpolicytoscaleuponMondayandscaledownonFriday

Manuallyadd instances to the Autoscaling Group on Monday and remove them on Friday

Question 9

You are managing the development of an application that uses DynamoDB to store JSON data. You have already set the Read and Write capacity of the DynamoDB table. You are unsure of the amount of the traffic that will be received by the application during the deployment time. How can you ensure that the DynamoDB is not highly throttled and does not become a bottleneck for the application? Choose 2 answers from the options below.

Monitorthe ConsumedReadCapacityUnits and ConsumedWriteCapacityUnits metric usingCloudwatch.

Monitorthe SystemErrors metric using Cloudwatch

Createa Cloudwatch alarm which would then send a trigger to AWS Lambda to increasethe Read and Write capacity of the DynamoDB table.

Createa Cloudwatch alarm which would then send a trigger to AWS Lambda to create anew DynamoDB table.

Question 10

There is a company website that is going to be launched in the coming weeks. There is a probability that the traffic will be quite high in the first couple of weeks. I n the event of a load failure, how can you set up DNS failover to a static website? Choose the correct answer from the options given below.

Duplicatethe exact application architecture in another region and configure DNSweight-based routing

Enablefailover to an on-premise data center to the application hosted there.

UseRoute 53 with the failover option to failover to a static S3 website bucket orCloudFront distribution.

Addmore servers in case the application fails.

Question 11

Your IT company is currently hosting a production environment in Elastic beanstalk. You understand that the Elastic beanstalk service provides a facility known as Managed updates which are minor and patch version updates which are periodically required for your system. Your IT supervisor is worried about the impact that these updates would have on the system. What can you tell about the Elastic beanstalk service with regards to managed updates

Package updates can be configurable weekly maintenance window

Elastic Beanstalk applies managed updates with no downtime

Elastic Beanstalk applies managed updates with no reduction in capacity

All of the above

Question 12

Your company has recently extended its datacenter into a VPC on AWS. There is a requirement for on-premise users manage AWS resources from the AWS console. You don't want to create 1AM users for them again. Which of the below options will fit your needs for authentication?

UseOAuth 2.0 to retrieve temporary AWS security credentials to enable your membersto sign in to the AWS Management Console.

Useweb Identity Federation to retrieve AWS temporary security credentials toenable your members to sign in to the AWS Management Console.

Useyour on-premises SAML 2 O-compliant identity provider (IDP) to grant themembers federated access to the AWS Management Console via the AWS singlesign-on (SSO) endpoint.

Useyour on-premises SAML2.0-compliant identity provider (IDP) to retrieve temporarysecurity credentials to enable members to sign in to the AWS ManagementConsole.

Question 14

You have instances running on your VPC. You have both production and development based instances running in the VPC. You want to ensure that people who are responsible for the development instances don't have the access to work on the production instances to ensure better security. Using policies, which of the following would be the best way to accomplish this? Choose the correct answer from the options given below

Launchthe test and production instances in separate VPC's and use VPC peering

Createan 1AM policy with a condition which allows access to only instances that areused for production or development

Launchthe test and production instances in different Availability Zones and use MultiFactor Authentication

Definethe tags on the test and production servers and add a condition to the lAMpolicy which allows access to specific tags

Question 15

You have an Auto Scaling group of Instances that processes messages from an Amazon Simple Queue Service (SQS) queue. The group scales on the size of the queue. Processing Involves calling a third- party web service. The web service is complaining about the number of failed and repeated calls it is receiving from you. You have noticed that when the group scales in, instances are being terminated while they are processing. What cost-effective solution can you use to reduce the number of incomplete process attempts?

Create a new Auto Scaling group with minimum and maximum of 2 and instances running web proxy softwar

Configure the VPC route table to route HTTP traffic to these web proxies.

Modify the application running on the instances to enable termination protection while it processes a task and disable it when the processing is complete.

Increase the minimum and maximum size for the Auto Scalinggroup, and change the scaling policies so they scale less dynamically.

Modify the application running on the instances to put itself into an Auto Scaling Standby state while it processes a task and return itself to InService when the processing is complete.

Question 16

You are doing a load testing exercise on your application hosted on AWS. While testing your Amazon RDS MySQL DB instance, you notice that when you hit 100% CPU utilization on it, your application becomes non- responsive. Your application is read-heavy. What are methods to scale your data tier to meet the application's needs? Choose three answers from the options given below

Add Amazon RDS DB read replicas, and have your application direct read queries to them.

Add your Amazon RDS DB instance to an Auto Scalinggroup and configure your Cloud Watch metricbased on CPU utilization.

Use an Amazon SQS queue to throttle data going to the Amazon RDS DB instance.

Use ElastiCache in front of your Amazon RDS DB to cache common queries.

Shard your data set among multiple Amazon RDS DB instances.

Enable Multi-AZ for your Amazon RDS DB instance.

My answer: -

Reference answer: ADE

Reference analysis:

Amazon RDS Read Replicas provide enhanced performance and durability for database (DB) instances. This replication feature makes it easy to elastically scale out
beyond the capacity constraints of a single DB Instance for read-heavy database workloads. You can create one or more replicas of a given source DB Instance and
serve high-volume application read traffic from multiple copies of your data, thereby increasing aggregate read throughput
For more information on Read Replica's please refer to the below link:
◆ https://aws.amazon.com/rds/details/read-replicas/
Sharding is a common concept to split data across multiple tables in a database For more information on sharding please refer to the below link:
https://forums.awsa mazon.com/thread jspa?messagelD=203052
Amazon OastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory data stores, instead of relying entirely on slower disk-based databases
Amazon OastiCache is an in-memory key/value store that sits between ycbetappiicipiJGra arcdalie data store (database) that it accesses. Whenever your application requests data, it first makes the request to the DastiCache cache. If the data exists in the cache and is current, OastiCache returns the data to your application. If the data does not exist in the cache, or the data in the cache has expired, your application requests the data from your data store which returns the data to your application. Your application then writes the data received from the store to the cache so it can be more quickly retrieved next time it is requested. For more information on Elastic Cache please refer to the below link:
https://aws.amazon.com/elasticache/
Option B is not an ideal way to scale a database
Option C is not ideal to store the data which would go into a database because of the message size Option F is invalid because Multi-AZ feature is only a failover option

Question 17

You use Amazon Cloud Watch as your primary monitoring system for your web application. After a
recent software deployment, your users are getting Intermittent 500 Internal Server Errors when using the web application. You want to create a Cloud Watch alarm, and notify an on-call engineer when these occur. How can you accomplish this using AWS services? Choose three answers from the options given below

Deploy your web application as an AWS Elastic Beanstalk applicatio

Use the default Elastic Beanstalk Cloudwatch metrics to capture 500 Internal Server Error

Set a CloudWatch alarm on that metric.

Install a CloudWatch Logs Agent on your servers to stream web application logs to CloudWatch.

Use Amazon Simple Email Service to notify an on-call engineer when a CloudWatch alarm is triggered.

Create a CloudWatch Logs group and define metric filters that capture 500 Internal Server Error

Set a CloudWatch alarm on that metric.

Use Amazon Simple Notification Service to notify an on-call engineer when a CloudWatch alarm is triggered.

Question 18

An enterprise wants to use a third-party SaaS application running on AWS.. The SaaS application needs to have access to issue several API commands to discover Amazon EC2 resources running within the enterprise's account. The enterprise has internal security policies that require any outside access to their environment must conform to the principles of least privilege and there must be controls in place to ensure that the credentials used by the SaaS vendor cannot be used by any other third party. Which of the following would meet all of these conditions?

From the AWS Management Console, navigate to the Security Credentials page and retrieve the access and secret key for your account.

Create an 1AM user within the enterprise account assign a user policy to the 1AM user that allows only the actions required by the SaaS applicatio

Create a new access and secret key for the user and provide these credentials to the SaaS provider.

Create an 1AM role for cross-account access allows the SaaS provider's account to assume the role and assign it a policy that allows only the actions required by the SaaS application.

Create an 1AM role for EC2 instances, assign it a policy that allows only the actions required tor the Saas application to work, provide the role ARN to the SaaS provider to use when launching their application instances.

Question 19

You need to deploy an AWS stack in a repeatable manner across multiple environments. You have selected CloudFormation as the right tool to accomplish this, but have found that there is a resource type you need to create and model, but is unsupported by CloudFormation. How should you overcome this challenge?

Use a CloudFormation Custom Resource Template by selecting an API call to proxy for create, update, and delete action

CloudFormation will use the AWS SDK, CLI, or API method of your choosing as the state transition function for the resource type you are modeling.

Submit a ticket to the AWS Forum

AWS extends CloudFormation Resource Types by releasing tooling to the AWS Labs organization on GitHu

Their response time is usually 1 day, and theycomplete requests within a week or two.

Instead of depending on CloudFormation, use Chef, Puppet, or Ansible to author Heat templates, which are declarative stack resource definitions that operate over the OpenStack hypervisor and cloud environment.

Create a CloudFormation Custom Resource Type by implementing create, update, and delete functionality, either by subscribing a Custom Resource Provider to an SNS topic, or by implementing the logic in AWS Lambda.

Question 20

Your company currently has a set of EC2 Instances running a web application which sits behind an Elastic Load Balancer. You also have an Amazon RDS instance which is used by the web application. You have been asked to ensure that this arhitecture is self healing in nature and cost effective. Which of the following would fulfil this requirement. Choose 2 answers from the option given below

UseCloudwatch metrics to check the utilization of the web laye

Use AutoscalingGroup to scale the web instances accordingly based on the cloudwatch metrics.

UseCloudwatch metrics to check the utilization of the databases server

UseAutoscaling Group to scale the database instances accordingly based on thecloudwatch metrics.

Utilizethe Read Replica feature forthe Amazon RDS layer

Utilizethe Multi-AZ feature for the Amazon RDS layer

Question 21

You have been asked to de-risk deployments at your company. Specifically, the CEO is concerned about outages that occur because of accidental inconsistencies between Staging and Production, which sometimes cause unexpected behaviors in Production even when Staging tests pass. You already use Docker to get high consistency between Staging and Production for the application environment on your EC2 instances. How do you further de-risk the rest of the execution environment, since in AWS, there are many service components you may use beyond EC2 virtual machines?

Develop models of your entire cloud system in CloudFormatio

Use this model in Staging and Production to achieve greater parit

Use AWS Config to force the Staging and Production stacks to have configuration parit

Any differences will be detected for you so you are aware of risks.

Use AMIs to ensure the whole machine, including the kernel of the virual machines, is consistent,since Docker uses Linux Container (LXC) technology, and we need to make sure the container environment is consistent.

Use AWS ECS and Docker clusterin

This will make sure that the AMIs and machine sizes are the same across both environments.

Question 22

You have launched a cloudformation template, but are receiving a failure notification after the template was launched. What is the default behavior of Cloudformation in such a case

It will rollback all the resources that were created up to the failure point.

It will keep all the resources that were created up to the failure point.

It will prompt the user on whether to keep or terminate the already created resources

It will continue with the creation of the next resource in the stack

Question 23

Your company is hosting an application in AWS. The application consists of a set of web servers and AWS RDS. The application is a read intensive application. It has been noticed that the response time of the application decreases due to the load on the AWS RDS instance. Which of the following measures can be taken to scale the data tier. Choose 2 answers from the options given below

CreateAmazon DB Read Replica'

Configure the application layer to query the readreplica's for query needs.

UseAutoscaling to scale out and scale in the database tier

UseSQS to cache the database queries

UseElastiCache in front of your Amazon RDS DB to cache common queries.

Question 24

Your CTO has asked you to make sure that you know what all users of your AWS account are doing to change resources at all times. She wants a report of who is doing what over time, reported to her once per week, for as broad a resource type group as possible. How should you do this?

Create a global AWS CloudTrail Trai

Configure a script to aggregate the log data delivered to S3 once per week and deliver this to the CTO.

Use CloudWatch Events Rules with an SNS topic subscribed to all AWS API call

Subscribe the CTO to an email type delivery on this SNS Topic.

Use AWS 1AM credential reports to deliver a CSV of all uses of 1AM UserTokens overtime to the CTO.

Use AWS Config with an SNS subscription on a Lambda, and insert these changes over time into a DynamoDB tabl

Generate reports based on the contents of this table.

Question 25

Which of the following CLI commands is used to spin up new EC2 Instances?

awsec2 run-instances

awsec2 create-instances

awsec2 new-instancesD- awsec2 launch-instances

My answer: -

Reference answer: A

Reference analysis:

The AWS Documentation mentions the following
Launches the specified number of instances using an AMI for which you have permissions. You can specify a number of options, or leave the default options. The following rules apply:
[EC2-VPC] If you don't specify a subnet ID. we choose a default subnet from your default VPC for you. If you don't have a default VPC, you must specify a subnet ID in the request.
[EC2-Classic] If don't specify an Availability Zone, we choose one for you.
Some instance types must be launched into a VPC. if you do not have a default VPC. or if you do not specify a subnet ID. the request fails. For more information, see Instance Types Available Only in a VPC.
[EC2-VPC] All instances have a network interface with a primary private IPv4 address. If you don't specify this address, we choose one from the IPv4 range of your subnet.
Not all instance types support IPv6 addresses. For more information, see Instance Types.
If you don't specify a security group ID, we use the default security group. For more information, see Security Groups.
If any of the AMIs have a product code attached for which the user has not subscribed, the request fails. For more information on the Cc2 run instance command please refer to the below link http://docs.aws.a mazon.com/cli/latest/reference/ec2/run-instances.html

Page: 1 / 9

Total 116 questions Full Exam Access