Question # 1
A DevOps engineer used an AWS Cloud Formation custom resource to set up AD Connector. The AWS Lambda function ran and created AD Connector, but Cloud Formation is not transitioning from CREATE_IN_PROGRESS to CREATE_COMPLETE.
Which action should the engineer take to resolve this issue?
|
A. Ensure the Lambda function code has exited successfully.
| B. Ensure the Lambda function code returns a response to the pre-signed URL.
| C. Ensure the Lambda function IAM role has cloudformation UpdateStack permissions for the stack ARN.
| D. Ensure the Lambda function IAM role has ds ConnectDirectory permissions for the AWS account.
|
B. Ensure the Lambda function code returns a response to the pre-signed URL.
Explanation:
[Reference:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/crpg-ref-responses.html,]
Question # 2
A company plans to use Amazon CloudWatch to monitor its Amazon EC2 instances. The company needs to stop EC2 instances when the average of the NetworkPacketsIn metric is less than 5 for at least 3 hours in a 12-hour time window. The company must evaluate the metric every hour. The EC2 instances must continue to run if there is missing data for the NetworkPacketsIn metric during the evaluation period.
A DevOps engineer creates a CloudWatch alarm for the NetworkPacketsIn metric. The DevOps engineer configures a threshold value of 5 and an evaluation period of 1 hour.
Which set of additional actions should the DevOps engineer take to meet these requirements?
|
A. Configure the Datapoints to Alarm value to be 3 out of 12. Configure the alarm to treat missing data as breaching the threshold. Add an AWS Systems Manager action to stop the instance when the alarm enters the ALARM state.
| B. Configure the Datapoints to Alarm value to be 3 out of 12. Configure the alarm to treat missing data as not breaching the threshold. Add an EC2 action to stop the instance when the alarm enters the ALARM state.
| C. Configure the Datapoints to Alarm value to be 9 out of 12. Configure the alarm to treat missing data as breaching the threshold. Add an EC2 action to stop the instance when the alarm enters the ALARM state.
| D. Configure the Datapoints to Alarm value to be 9 out of 12. Configure the alarm to treat missing data as not breaching the threshold. Add an AWS Systems Manager action to stop the instance when the alarm enters the ALARM state.
|
B. Configure the Datapoints to Alarm value to be 3 out of 12. Configure the alarm to treat missing data as not breaching the threshold. Add an EC2 action to stop the instance when the alarm enters the ALARM state.
Explanation:
To meet the requirements, the DevOps engineer needs to configure the CloudWatch alarm to stop the EC2 instances when the average of the NetworkPacketsIn metric is less than 5 for at least 3 hours in a 12-hour time window. This means that the alarm should trigger when 3 out of 12 datapoints are below the threshold of 5. The alarm should also treat missing data as not breaching the threshold, so that the EC2 instances continue to run if there is no data for the metric during the evaluation period. The DevOps engineer can add an EC2 action to stop the instance when the alarm enters the ALARM state, which is a built-in action type for CloudWatch alarms.
Question # 3
A DevOps engineer is designing an application that integrates with a legacy REST API. The application has an AWS Lambda function that reads records from an Amazon Kinesis data stream. The Lambda function sends the records to the legacy REST API.
Approximately 10% of the records that the Lambda function sends from the Kinesis data stream have data errors and must be processed manually. The Lambda function event source configuration has an Amazon Simple Queue Service (Amazon SQS) dead-letter queue as an on-failure destination. The DevOps engineer has configured the Lambda function to process records in batches and has implemented retries in case of failure.
During testing the DevOps engineer notices that the dead-letter queue contains many records that have no data errors and that already have been processed by the legacy REST API. The DevOps engineer needs to configure the Lambda function's event source options to reduce the number of errorless records that are sent to the dead-letter queue.
Which solution will meet these requirements?
|
A. Increase the retry attempts
| B. Configure the setting to split the batch when an error occurs
| C. Increase the concurrent batches per shard
| D. Decrease the maximum age of record
|
B. Configure the setting to split the batch when an error occurs
Explanation:
This solution will meet the requirements because it will reduce the number of errorless records that are sent to the dead-letter queue. When you configure the setting to split the batch when an error occurs, Lambda will retry only the records that caused the error, instead of retrying the entire batch. This way, the records that have no data errors and have already been processed by the legacy REST API will not be retried and sent to the dead-letter queue unnecessarily.
https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html
Question # 4
A company has developed a static website hosted on an Amazon S3 bucket. The website is deployed using AWS CloudFormation. The CloudFormation template defines an S3 bucket and a custom resource that copies content into the bucket from a source location.
The company has decided that it needs to move the website to a new location, so the existing CloudFormation stack must be deleted and re-created. However, CloudFormation reports that the stack could not be deleted cleanly.
What is the MOST likely cause and how can the DevOps engineer mitigate this problem for this and future versions of the website?
|
A. Deletion has failed because the S3 bucket has an active website configuration. Modify the Cloud Formation template to remove the WebsiteConfiguration properly from the S3 bucket resource.
| B. Deletion has failed because the S3 bucket is not empty. Modify the custom resource's AWS Lambda function code to recursively empty the bucket when RequestType is Delete.
| C. Deletion has failed because the custom resource does not define a deletion policy. Add a DeletionPolicy property to the custom resource definition with a value of RemoveOnDeletion.
| D. Deletion has failed because the S3 bucket is not empty. Modify the S3 bucket resource in the CloudFormation template to add a DeletionPolicy property with a value of Empty.
|
B. Deletion has failed because the S3 bucket is not empty. Modify the custom resource's AWS Lambda function code to recursively empty the bucket when RequestType is Delete.
Explanation:
Step 1: Understanding the Deletion FailureThe most likely reason why the CloudFormation stack failed to delete is that the S3 bucket was not empty. AWS CloudFormation cannot delete an S3 bucket that contains objects, so if the website files are still in the bucket, the deletion will fail.
Issue:The S3 bucket is not empty during deletion, preventing the stack from being deleted.
Step 2: Modifying the Custom Resource to Handle DeletionTo mitigate this issue, you can modify the Lambda function associated with the custom resource to automatically empty the S3 bucket when the stack is being deleted. By adding logic to handle the RequestType: Delete event, the function can recursively delete all objects in the bucket before allowing the stack to be deleted.
Action:Modify the Lambda function to recursively delete the objects in the S3 bucket when RequestType is set to Delete.
Why:This ensures that the S3 bucket is empty before CloudFormation tries to delete it, preventing the stack deletion failure.
[Reference:AWS documentation onCloudFormation custom resources., This corresponds toOption B: Deletion has failed because the S3 bucket is not empty. Modify the custom resource's AWS Lambda function code to recursively empty the bucket when RequestType is Delete., , ]
Question # 5
A company is using AWS Organizations to centrally manage its AWS accounts. The company has turned on AWS Config in each member account by using AWS Cloud Formation StackSets The company has configured trusted access in Organizations for AWS Config and has configured a member account as a delegated administrator account for AWS Config
A DevOps engineer needs to implement a new security policy The policy must require all current and future AWS member accounts to use a common baseline of AWS Config rules that contain remediation actions that are managed from a central account Non-administrator users who can access member accounts must not be able to modify this common baseline of AWS Config rules that are deployed into each member account
Which solution will meet these requirements?
|
A. Create a CloudFormation template that contains the AWS Config rules and remediation actions. Deploy the template from the Organizations management account by using CloudFormation StackSets.
| B. Create an AWS Config conformance pack that contains the AWS Config rules and remediation actions Deploy the pack from the Organizations management account by using CloudFormation StackSets.
| C. Create a CloudFormation template that contains the AWS Config rules and remediation actions Deploy the template from the delegated administrator account by using AWS Config.
| D. Create an AWS Config conformance pack that contains the AWS Config rules and remediation actions. Deploy the pack from the delegated administrator account by using AWS Config.
|
D. Create an AWS Config conformance pack that contains the AWS Config rules and remediation actions. Deploy the pack from the delegated administrator account by using AWS Config.
Explanation:
The correct answer is D. Creating an AWS Config conformance pack that contains the AWS Config rules and remediation actions and deploying it from the delegated administrator account by using AWS Config will meet the requirements. A conformance pack is a collection of AWS Config rules and remediation actions that can be easily deployed as a single entity in an account and a region or across an organization in AWS Organizations1. By using the delegated administrator account, the DevOps engineer can centrally manage the conformance pack and prevent non-administrator users from modifying it in the member accounts.
Option A is incorrect because creating a CloudFormation template that contains the AWS Config rules and remediation actions and deploying it from the Organizations management account by using CloudFormation StackSets will not prevent non-administrator users from modifying the AWS Config rules in the member accounts. Option B is incorrect because deploying the conformance pack from the Organizations management account by using CloudFormation StackSets will not use the trusted access feature of AWS Config and will require additional permissions and resources.
Option C is incorrect because creating a CloudFormation template that contains the AWS Config rules and remediation actions and deploying it from the delegated administrator account by using AWS Config will not leverage the benefits of conformance packs, such as simplified deployment and management.
References:
Conformance Packs - AWS Config
Certified DevOps Engineer - Professional (DOP-C02) Study Guide (page 176)
Get 250 AWS Certified DevOps Engineer - Professional questions Access in less then $0.12 per day.
Amazon Web Services Bundle 1: 1 Month PDF Access For All Amazon Web Services Exams with Updates $100
$400
Buy Bundle 1
Amazon Web Services Bundle 2: 3 Months PDF Access For All Amazon Web Services Exams with Updates $200
$800
Buy Bundle 2
Amazon Web Services Bundle 3: 6 Months PDF Access For All Amazon Web Services Exams with Updates $300
$1200
Buy Bundle 3
Amazon Web Services Bundle 4: 12 Months PDF Access For All Amazon Web Services Exams with Updates $400
$1600
Buy Bundle 4
Disclaimer: Fair Usage Policy - Daily 5 Downloads
AWS Certified DevOps Engineer - Professional Exam Dumps
Exam Code: DOP-C02
Exam Name: AWS Certified DevOps Engineer - Professional
- 90 Days Free Updates
- Amazon Web Services Experts Verified Answers
- Printable PDF File Format
- DOP-C02 Exam Passing Assurance
Get 100% Real DOP-C02 Exam Dumps With Verified Answers As Seen in the Real Exam. AWS Certified DevOps Engineer - Professional Exam Questions are Updated Frequently and Reviewed by Industry TOP Experts for Passing AWS Certified Professional Exam Quickly and Hassle Free.
Amazon Web Services DOP-C02 Test Dumps
Struggling with AWS Certified DevOps Engineer - Professional preparation? Get the edge you need! Our carefully created DOP-C02 test dumps give you the confidence to pass the exam. We offer:
1. Up-to-date AWS Certified Professional practice questions: Stay current with the latest exam content.
2. PDF and test engine formats: Choose the study tools that work best for you. 3. Realistic Amazon Web Services DOP-C02 practice exam: Simulate the real exam experience and boost your readiness.
Pass your AWS Certified Professional exam with ease. Try our study materials today!
Official AWS Certified DevOps Engineer Professional exam info is available on Amazon website at https://aws.amazon.com/certification/certified-devops-engineer-professional/
Prepare your AWS Certified Professional exam with confidence!We provide top-quality DOP-C02 exam dumps materials that are:
1. Accurate and up-to-date: Reflect the latest Amazon Web Services exam changes and ensure you are studying the right content.
2. Comprehensive Cover all exam topics so you do not need to rely on multiple sources.
3. Convenient formats: Choose between PDF files and online AWS Certified DevOps Engineer - Professional practice questions for easy studying on any device.
Do not waste time on unreliable DOP-C02 practice test. Choose our proven AWS Certified Professional study materials and pass with flying colors. Try Dumps4free AWS Certified DevOps Engineer - Professional 2024 material today!
-
Assurance
AWS Certified DevOps Engineer - Professional practice exam has been updated to reflect the most recent questions from the Amazon Web Services DOP-C02 Exam.
-
Demo
Try before you buy! Get a free demo of our AWS Certified Professional exam dumps and see the quality for yourself. Need help? Chat with our support team.
-
Validity
Our Amazon Web Services DOP-C02 PDF contains expert-verified questions and answers, ensuring you're studying the most accurate and relevant material.
-
Success
Achieve DOP-C02 success! Our AWS Certified DevOps Engineer - Professional exam questions give you the preparation edge.
If you have any question then contact our customer support at live chat or email us at support@dumps4free.com.
|