Amazon-Web-Services DOP-C01 ExamAWS Certified DevOps Engineer- Professional

Total Question: 116 Last Updated: Nov 12,2020
  • Updated DOP-C01 Dumps
  • Based on Real DOP-C01 Exams Scenarios
  • Free DOP-C01 pdf Demo Available
  • Check out our DOP-C01 Dumps in a new PDF format
  • Instant DOP-C01 download
  • Guarantee DOP-C01 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $85.95 $39.99

Buy Now Free Trial

What High Quality DOP-C01 Braindump Is

It is more faster and easier to pass the Amazon-Web-Services DOP-C01 exam by using Real Amazon-Web-Services AWS Certified DevOps Engineer- Professional questuins and answers. Immediate access to the Renovate DOP-C01 Exam and find the same core area DOP-C01 questions with professionally verified answers, then PASS your exam with a high score now.

Also have DOP-C01 free dumps questions for you:

NEW QUESTION 1
Which of the following is not a rolling type update which is present for Configuration Updates when it comes to the Elastic Beanstalk service

  • A. Rolling based on Health
  • B. Rolling based on Instances
  • C. Immutable
  • D. Rolling based on time

Answer: B

Explanation:
When you go to the configuration of your Elastic Beanstalk environment, below are the updates that are possible
DOP-C01 dumps exhibit
The AWS Documentation mentions
1) With health-based rolling updates. Elastic Beanstalk waits until instances in a batch pass health checks before moving on to the next batch.
2) For time-based rolling updates, you can configure the amount of time that Elastic Beanstalk waits after completing the launch of a batch of instances before moving on to the next batch. This pause time allows your application to bootsrap and start serving requests.
3) Immutable environment updates are an alternative to rolling updates that ensure that configuration changes that require replacing instances are applied efficiently and safely. If an immutable environment update fails, the rollback process requires only terminating an Auto Scalinggroup. A failed rolling update, on the other hand, requires performing an additional rolling update to roll back the changes.
For more information on Rolling updates for Elastic beanstalk configuration updates, please visit the below URL:
• http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.ro11ingupdates.html

NEW QUESTION 2
You have an Opswork stack defined with Linux instances. You have executed a recipe, but the execution has failed. What is one of the ways that you can use to diagnose what was the reason why the recipe did not execute correctly.

  • A. UseAWS Cloudtrail and check the Opswork logs to diagnose the error
  • B. UseAWS Config and check the Opswork logs to diagnose the error
  • C. Logintotheinstanceandcheckiftherecipewasproperlyconfigured.
  • D. Deregisterthe instance and check the EC2 Logs

Answer: C

Explanation:
The AWS Documentation mentions the following
If a recipe fails, the instance will end up in the setup_failed state instead of online. Even though the instance is not online as far as AWS Ops Works Stacks is concerned, the CC2 instance is running and it's often useful to log in to troubleshoot the issue. For example, you can check whether an application or custom
cookbook is correctly installed. The AWS Ops Works Stacks built-in support for SSH and RDP login is
available only for instances in the online state.
For more information on Opswork troubleshooting, please visit the below URL: http://docs.aws.amazon.com/opsworks/latest/userguide/troubleshoot-debug-login.htmI

NEW QUESTION 3
You are building a game high score table in DynamoDB. You will store each user's highest score for each game, with many games, all of which have relatively similar usage levels and numbers of players. You need to be able to look up the highest score for any game. What's the best DynamoDB key structure?

  • A. HighestScore as the hash/only key.
  • B. GamelD as the hash key, HighestScore as the range ke
  • C. GamelD as the hash/only key.
  • D. GamelDastherange/onlykey.

Answer: B

Explanation:
It always best to choose the hash key as the column that will have a wide range of values. This is also given in the AWS documentation
Choosing a Partition Key
The following table compares some common partition key schemas for provisioned throughput efficiency:
DOP-C01 dumps exhibit
Next since you need to sort by the Highest Score, you need to use that as the sort key For more information on Table Guidelines, please visit the below URL:
• http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Guide linesForTables.html

NEW QUESTION 4
Your company develops a variety of web applications using many platforms and programming languages with different application dependencies. Each application must be developed and deployed quickly and be highly available to satisfy your business requirements. Which of the following methods should you use to deploy these applications rapidly?

  • A. Develop the applications in Docker containers, and then deploy them to Elastic Beanstalk environments with Auto Scaling and Elastic Load Balancing.
  • B. Use the AWS CloudFormation Docker import service to build and deploy the applications with high availability in multiple Availability Zones.
  • C. Develop each application's code in DynamoDB, and then use hooks to deploy it to Elastic Beanstalk environments with Auto Scaling and Elastic Load Balancing.
  • D. Store each application's code in a Git repository, develop custom package repository managers for each application's dependencies, and deploy to AWS OpsWorks in multiple Availability Zones.

Answer: A

Explanation:
Elastic Beanstalk supports the deployment of web applications from Docker containers. With Docker containers, you can define your own runtime environment. You can choose your own platform, programming language, and any application dependencies (such as package managers or tools), that aren't supported by other platforms. Docker containers are self-contained and include all the configuration information and software your web application requires to run.
By using Docker with Elastic Beanstalk, you have an infrastructure that automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring.
For more information on Dockers and Elastic beanstalk please refer to the below link:
• http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.html

NEW QUESTION 5
You have a web application composed of an Auto Scaling group of web servers behind a load balancer, and create a new AMI for each application version for deployment. You have a new version to release, and you want to use the A/B deployment technique to migrate users over in a controlled manner while the size of the fleet remains constant over a period of 12 hours, to ensure that the new version is performing well.
What option should you choose to enable this technique while being able to roll back easily?

  • A. Createan Auto scaling launch configuration with the new AM
  • B. Configure the AutoScalinggroup with the new launch configuratio
  • C. Use the Auto Scaling rollingupdates feature to migrate to the new version.
  • D. Createan Auto Scaling launch configuration with the new AM
  • E. Create an Auto Scalinggroup configured to use the new launch configuration and to register instanceswith the same load balance
  • F. Vary the desired capacity of each group tomigrate.
  • G. Createan Auto scaling launch configuration with the new AM
  • H. Configure Auto Scalingto vary the proportion of instances launched from the two launchconfigurations.
  • I. Createa load balance
  • J. Create an Auto Scaling launch configuration with the new AMIto use the new launch configuration and to registerinstances with the new loadbalance
  • K. Use Amazon Route53 weighted Round Robin to vary the proportion ofrequests sent to the load balancers.
  • L. Launchnew instances using the new AMI and attach them to the Auto Scalinggroup.Configure Elastic Load Balancing to vary the proportion of requests sent toinstances running the two application versions.

Answer: D

Explanation:
Since you want to control the usage to the new application in a controlled manner, the best way is to use Route53 weighted method. The AWS documentation
mentions the following on this method
Weighted routing lets you associate multiple resources with a single domain name (example.com) or subdomain name (acme.example.com) and choose how much traffic is routed to each resource. This can be useful for a variety of purposes, including load balancing and testing new versions of software.
For more information on Weighted Round Robin method, please visit the link: http://docs^ws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html/rrouting-policy- weighted

NEW QUESTION 6
Your application is having a very high traffic, so you have enabled autoscaling in multi availability zone to suffice the needs of your application but you observe that one of the availability zone is not receiving any traffic. What can be wrong here?

  • A. Autoscalingonly works for single availability zone
  • B. Autoscalingcan be enabled for multi AZ only in north Virginia region
  • C. Availabilityzone is not added to Elastic load balancer
  • D. Instancesneed to manually added to availability zone

Answer: C

Explanation:
When you add an Availability Zone to your load balancer. Clastic Load Balancing creates a load balancer node in the Availability Zone. Load balancer nodes accept traffic from clients and forward requests to the healthy registered instances in one or more Availability Zones.
For more information on adding AZ's to CLB, please refer to the below U RL:
htto://docs aws.amazon.com/eiasticloadbaIancins/latest/classic/enable-disable-az.html

NEW QUESTION 7
Which of the following credentials types are supported by AWSCodeCommit? Select 3 Options

  • A. Git Credentials
  • B. SSH Keys
  • C. User name/password
  • D. AWS Access Kevs

Answer: ABD

Explanation:
The AWS documentation mentions
I AM supports AWS CodeCommit with three types of credentials:
Git credentials, an 1AM -generated user name and password pair you can use to communicate with AWS CodeCommit repositories over HTTPS.
SSH keys, a locally generated public-private key pair that you can associate with your 1AM user to communicate with AWS CodeCommit repositories over SSH.
AWS access keys, which you can use with the credential helper included with the AWS CLI to communicate with AWS CodeCommit repositories over HTTPS. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.htmI

NEW QUESTION 8
You are in charge of designing a number of Cloudformation templates for your organization. You are required to make changes to stack resources every now and then based on the requirement. How can you check the impact of the change to resources in a cloudformation stack before deploying changes to the stack?

  • A. Thereis no way to control thi
  • B. You need to check for the impact beforehand.
  • C. UseCloudformation change sets to check for the impact to the changes.
  • D. UseCloudformation Stack Policies to check for the impact to the changes.
  • E. UseCloudformation Rolling Updates to check for the impact to the changes.

Answer: B

Explanation:
The AWS Documentation mentions
When you need to update a stack, understanding how your changes will affect running resources before you implement them can help you update stacks with confidence. Change sets allow you to preview how proposed changes to a stack might impact your running resources, for example, whether your changes will delete or replace any critical resources, AWS CloudFormation makes the changes to your stack only when you decide to execute the change set, allowing you to decide whether to proceed with your proposed changes or explore other changes by creating another change set. You can create and manage change sets using the AWS
CloudFormation console, AWS CLI, or AWS CloudFormation API.
For more information on Cloudformation change sets, please visit the below url http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html

NEW QUESTION 9
You have ana video processing application hosted in AWS. The video's are uploaded by users onto the site. You have a program that is custom built to process those videos. The program is able to recover incase there are any failures when processing the videos. Which of the following mechanisms can be used to deploy the instances for carrying out the video processing activities, ensuring that the cost is kept at a minimum.

  • A. Create a launch configuration with Reserved Instance
  • B. Ensure the User Data section details the installation of the custom softwar
  • C. Create an Autoscalinggroup with the launch configuration.
  • D. Create a launch configuration with Spot Instance
  • E. Ensure the User Data section details the installation of the custom softwar
  • F. Create an Autoscalinggroupwith the launch configuration.
  • G. Create a launch configuration with Dedicated Instance
  • H. Ensure the User Data section details the installation of the custom softwar
  • I. Create an Autoscaling group with the launch configuration.
  • J. Create a launch configuration with On-Demand Instance
  • K. Ensure the User Data section details the installation of the custom softwar
  • L. Create an Autoscaling group with the launch configuration.

Answer: B

Explanation:
Since the application can recover from failures and cost is the priority, then Spot instances are the best bet for this requirement. The launch configuration has the
facility to request for Spot Instances.
The below snapshot from the Launch configuration section shows that Spot Instances can be used for AutoScaling Groups.
DOP-C01 dumps exhibit
For more information on Spot Instances and Autoscaling, please visit the below URL:
• http://docs^ws.amazon.com/autoscaling/latest/userguide/US-Spotlnstances.html

NEW QUESTION 10
Your security officer has told you that you need to tighten up the logging of all events that occur on your AWS account. He wants to be able to access all events that occur on the account across all regions quickly and in the simplest way possible. He also wants to make sure he is the only person that has access to these events in the most secure way possible. Which of the following would be the best solution to assure his requirements are met? Choose the correct answer from the options below

  • A. Use CloudTrail to logall events to one S3 bucke
  • B. Make this S3 bucket only accessible by your security officer with a bucket policy that restricts access to his user only and also add MFA to the policy for a further level of securit
  • C. ^/
  • D. Use CloudTrail to log all events to an Amazon Glacier Vaul
  • E. Make sure the vault access policy only grants access to the security officer's IP address.
  • F. Use CloudTrail to send all API calls to CloudWatch and send an email to the security officer every time an API call is mad
  • G. Make sure the emails are encrypted.
  • H. Use CloudTrail to log all events to a separate S3 bucket in each region as CloudTrail cannot write to a bucket in a different regio
  • I. Use MFA and bucket policies on all the different buckets.

Answer: A

Explanation:
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log,
continuously monitor, and retain events related to API calls across your AWS infrastructure. CloudTrail provides a history of AWS API calls for your account, including API calls made through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This history simplifies security analysis, resource change tracking, and troubleshooting.
You can design cloudtrail to send all logs to a central S3 bucket. For more information on cloudtrail, please visit the below URL:
◆ https://aws.amazon.com/cloudtrail/

NEW QUESTION 11
You've been tasked with building out a duplicate environment in another region for disaster recovery purposes. Part of your environment relies on EC2 instances with preconfigured software. What steps would you take to configure the instances in another region? Choose the correct answer from the options below

  • A. Createan AMI oftheEC2 instance
  • B. CreateanAMIoftheEC2instanceandcopytheAMItothedesiredregion
  • C. Makethe EC2 instance shareable among other regions through 1AM permissions
  • D. Noneof the above

Answer: B

Explanation:
You can copy an Amazon Machine Image (AMI) within or across an AWS region using the AWS Management Console, the AWS command line tools or SDKs, or the Amazon CC2 API, all of which support the Copylmage action. You can copy both Amazon CBS-backed AM Is and instance store-backed AM Is. You can copy AMIs with encrypted snapshots and encrypted AMIs.
For more information on copying AMI's, please refer to the below link:
• http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/CopyingAMIs.htTTil

NEW QUESTION 12
You have an Autoscaling Group which is launching a set of t2.small instances. You now need to replace those instances with a larger instance type. How would you go about making this change in an ideal manner?

  • A. Changethe Instance type in the current launch configuration to the new instance type.
  • B. Createanother Autoscaling Group and attach the new instance type.
  • C. Createa new launch configuration with the new instance type and update yourAutoscaling Group.
  • D. Changethe Instance type of the Underlying EC2 instance directly.

Answer: C

Explanation:
Answer - C
The AWS Documentation mentions
A launch configuration is a template that an Auto Scaling group uses to launch EC2 instances. When you create a launch configuration, you specify information for the instances such as the ID of the Amazon Machine Image (AMI), the instance type, a key pair, one or more security groups, and a block device mapping. If you've launched an EC2 instance before, you specified the same information in order to launch the instance. When you create an Auto Scalinggroup, you must specify a launch configuration. You can specify your launch configuration with multiple Auto Scaling groups.
However, you can only specify one launch configuration for an Auto Scalinggroup at a time, and you can't modify a launch configuration after you've created it.
Therefore, if you want to change the launch configuration for your Auto Scalinggroup, you must create a launch configuration and then update your Auto Scaling group with the new launch configuration.
For more information on launch configurations please see the below link:
• http://docs.aws.amazon.com/autoscaling/latest/userguide/l_au nchConfiguration.html

NEW QUESTION 13
You need to deploy an AWS stack in a repeatable manner across multiple environments. You have selected CloudFormation as the right tool to accomplish this, but have found that there is a resource type you need to create and model, but is unsupported by CloudFormation. How should you overcome this challenge?

  • A. Use a CloudFormation Custom Resource Template by selecting an API call to proxy for create, update, and delete action
  • B. CloudFormation will use the AWS SDK, CLI, or API method of your choosing as the state transition function for the resource type you are modeling.
  • C. Submit a ticket to the AWS Forum
  • D. AWS extends CloudFormation Resource Types by releasing tooling to the AWS Labs organization on GitHu
  • E. Their response time is usually 1 day, and theycomplete requests within a week or two.
  • F. Instead of depending on CloudFormation, use Chef, Puppet, or Ansible to author Heat templates, which are declarative stack resource definitions that operate over the OpenStack hypervisor and cloud environment.
  • G. Create a CloudFormation Custom Resource Type by implementing create, update, and delete functionality, either by subscribing a Custom Resource Provider to an SNS topic, or by implementing the logic in AWS Lambda.

Answer: D

Explanation:
Custom resources enable you to write custom provisioning logic in templates that AWS Cloud Formation runs anytime you create, update (if you changed the custom resource), or delete stacks. For example, you might want to include resources that aren't available as AWS Cloud Formation resource types. You can include those resources by using custom resources. That way you can still manage all your related resources in a single stack.
Use the AWS:: Cloud Formation:: Custom Resource or Custom ::String resource type to define custom resources in your templates. Custom resources require one property: the service token, which specifies where AWS CloudFormation sends requests to, such as an Amazon SNS topic.
For more information on Custom Resources in Cloudformation, please visit the below U RL: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/template-custom- resources.html

NEW QUESTION 14
You have a requirement to automate the creation of EBS Snapshots. Which of the following can be
used to achieve this in the best way possible?

  • A. Createa powershell script which uses the AWS CLI to get the volumes and then run thescript as a cron job.
  • B. Usethe A WSConf ig service to create a snapshot of the AWS Volumes
  • C. Usethe AWS CodeDeploy service to create a snapshot of the AWS Volumes
  • D. UseCloudwatch Events to trigger the snapshots of EBS Volumes

Answer: D

Explanation:
The best is to use the inbuilt sen/ice from Cloudwatch, as Cloud watch Events to automate the creation of CBS Snapshots. With Option A, you would be restricted to
running the powrshell script on Windows machines and maintaining the script itself And then you have the overhead of having a separate instance just to run that script.
When you go to Cloudwatch events, you can use the Target as EC2 CreateSnapshot API call as shown below.
DOP-C01 dumps exhibit
The AWS Documentation mentions
Amazon Cloud Watch Cvents delivers a near real-time stream of system events that describe changes in Amazon Web Services (AWS) resources. Using simple rules that you can quickly set up, you can match events and route them to one or more target functions or streams. Cloud Watch Cvents becomes aware of operational changes as they occur. Cloud Watch Cvents responds to these operational changes and takes corrective action as necessary, by sending messages to respond to the environment, activating functions, making changes, and capturing state information.
For more information on Cloud watch Cvents, please visit the below U RL:
• http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/WhatlsCloudWatchCvents.htmI

NEW QUESTION 15
There is a requirement for an application hosted on a VPC to access the On-premise LDAP server. The VPC and the On-premise location are connected via an I PSec VPN. Which of the below are the right options for the application to authenticate each user. Choose 2 answers from the options below

  • A. Develop an identity broker that authenticates against 1AM security Token service to assume a 1AM role in order to get temporary AWS security credentials The application calls the identity broker to get AWS temporary security credentials.
  • B. The application authenticates against LDAP and retrieves the name of an 1AM role associated with the use
  • C. The application then calls the 1AM Security Token Service to assume that 1AM rol
  • D. The application can use the temporary credentials to access any AWS resources.
  • E. Develop an identity broker that authenticates against LDAP and then calls 1AM Security Token Service to get 1AM federated user credential
  • F. The application calls the identity broker to get 1AM federated user credentials with access to the appropriate AWS service.
  • G. The application authenticates against LDAP the application then calls the AWS identity and Access Management (1AM) Security service to log in to 1AM using the LDAP credentials the application can use the 1AM temporary credentials to access the appropriate AWS service.

Answer: BC

Explanation:
When you have the need for an in-premise environment to work with a cloud environment, you would normally have 2 artefacts for authentication purposes
• An identity store - So this is the on-premise store such as Active Directory which stores all the information for the user's and the groups they below to.
• An identity broker - This is used as an intermediate agent between the on-premise location and the cloud environment. In Windows you have a system known as Active Directory Federation services to provide this facility.
Hence in the above case, you need to have an identity broker which can work with the identity store and the Security Token service in aws. An example diagram of how this works from the aws documentation is given below.
DOP-C01 dumps exhibit
For more information on federated access, please visit the below link: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_federated- users.htm I

NEW QUESTION 16
Your current log analysis application takes more than four hours to generate a report of the top 10 users of your web application. You have been asked to implement a system that can report this information in real time, ensure that the report is always up to date, and handle increases in the number of requests to your web application. Choose the option that is cost-effective and can fulfill the
requirements.

  • A. Publishyour data to CloudWatch Logs, and configure your application to autoscale tohandle the load on demand.
  • B. Publishyour log data to an Amazon S3 bucke
  • C. Use AWS CloudFormation to create an AutoScalinggroup to scale your post-processing application which is configured topull down your log files stored in Amazon S3.
  • D. Postyour log data to an Amazon Kinesis data stream, and subscribe yourlog-processing application so that is configured to process your logging data.
  • E. Configurean Auto Scalinggroup to increase the size of your Amazon EMR cluster

Answer: C

Explanation:
The AWS Documentation mentions the below
Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information. Amazon
Kinesis offers key capabilities to cost effectively process streaming data at any scale, along with the flexibility to choose the tools that best suit the requirements of
your application. With Amazon Kinesis, you can ingest real-time data such as application logs, website clickstreams, loT telemetry data, and more into your
databases, data lakes and data warehouses, or build your own real-time applications using this data.
Amazon Kinesis enables you to process and analyze data as it
arrives and respond in real-time instead of having to wait until all your data is collected before the processing can begin.
For more information on AWS Kinesis please see the below link:
• https://aws.amazon.com/kinesis/

NEW QUESTION 17
As an architect you have decided to use CloudFormation instead of OpsWorks or Elastic Beanstalk for deploying the applications in your company. Unfortunately, you have discovered that there is a
resource type that is not supported by CloudFormation. What can you do to get around this.

  • A. Specify more mappings and separate your template into multiple templates by using nested stacks.
  • B. Create a custom resource type using template developer, custom resource template, and CloudFormatio
  • C. */
  • D. Specify the custom resource by separating your template into multiple templates by using nested stacks.
  • E. Use a configuration management tool such as Chef, Puppet, or Ansible.

Answer: B

Explanation:
Custom resources enable you to write custom provisioning logic in templates that AWS Cloud Formation runs anytime you create, update (if you changed the custom resource), or delete stacks. For example, you might want to include resources that aren't available as AWS Cloud Formation resource types. You can include those resources by using custom resources. That way you can still manage all your related resources in a single stack.
For more information on custom resources in Cloudformation please visit the below URL:
◆ http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/template-custom- resources.htm I

NEW QUESTION 18
Which of the following design strategies is ideal when designing loosely coupled systems. Choose 2 answers from the options given below

  • A. Having the web and worker roles running on the same set of EC2 Instances
  • B. Having the web and worker roles running on separate EC2 Instances
  • C. Using SNS to establish communication between the web and worker roles
  • D. Using SQS to establish communication between the web and worker roles

Answer: BD

Explanation:
The below diagram shows the ideal design which uses SQS and separate environments for web and worker processes. The SQS queue manages the communication between the web and worker roles.
DOP-C01 dumps exhibit
One example is the way Elastic beanstalk manages worker environments. For more information on
this, please visit the below URL:
◆ http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features-managing-env-tiers.htmI

NEW QUESTION 19
You are using CloudFormation to launch an EC2 instance and then configure an application after the instance is launched. You need the stack creation of the ELB and Auto Scaling to wait until the EC2 instance is launched and configured properly. How do you do this?

  • A. It is not possible for the stack creation to wait until one service is created and launched
  • B. Use the WaitCondition resource to hold the creation of the other dependent resources
  • C. Use a CreationPolicy to wait for the creation of the other dependent resources >/
  • D. Use the HoldCondition resource to hold the creation of the other dependent resources

Answer: C

Explanation:
When you provision an Amazon EC2 instance in an AWS Cloud Formation stack, you might specify additional actions to configure the instance, such as install software packages or bootstrap applications. Normally, CloudFormation proceeds with stack creation after the instance has been successfully created. However, you can use a Creation Pol icy so that CloudFormation proceeds with stack creation only after your configuration actions are done. That way you'll know your applications are ready to go after stack creation succeeds.
A Creation Policy instructs CloudFormation to wait on an instance until CloudFormation receives the specified number of signals
Option A is invalid because this is possible
Option B is invalid because this is used make AWS CloudFormation pause the creation of a stack and wait for a signal before it continues to create the stack
For more information on this, please visit the below URL:
• https://aws.amazon.com/blogs/devops/use-a-creationpolicy-to-wait-for-on-instance- configurations/

NEW QUESTION 20
You have a development team that is planning for continuous release cycles for their application. They want to use the AWS services available to be able to deploy a web application and also ensure they can rollback to previous versions fairly quickly. Which of the following options can be used to achieve this requirement. Choose 2 answers from the options given below

  • A. Usethe Elastic beanstalk servic
  • B. Use Application versions and upload therevisions of your applicatio
  • C. Deploy the revisions accordingly and rollback toprior versions accordingly.
  • D. Usethe Elastic beanstalk servic
  • E. Create separate environments for eachapplication revisio
  • F. Revert back to an environment incase the new environmentdoes not work.
  • G. Usethe Opswork service to deploy the web instance
  • H. Deploy the app to the Opsworkweb laye
  • I. Rollback using the Deploy app in Opswor
  • J. Usethe Cloudformation servic
  • K. Create separate templates for each applicationrevision and deploy them accordingly.

Answer: AC

Explanation:
The AWS documentation mentions the following
In Elastic Beanstalk, an application version refers to a specific, labeled iteration of deployable code for a web application. An application version points to an Amazon
Simple Storage Service (Amazon S3) object that contains the deployable code such as a Java WAR file.
An application version is part of an application. Applications
can have many versions and each application version is unique. In a running environment, you can deploy any application version you already uploaded to the application or you can upload and immediately deploy a new application version. You might upload multiple application versions to test differences between one
version of your web application and another.
For more information on Elastic beanstalk components, please refer to the below link:
◆ http://docs.aws.a mazon.com/elasticbeanstalk/latest/dg/concepts.compo nents.htm I
An AWS OpsWorks Stacks app represents code that you want to run on an application server. The code itself resides in a repository such as an Amazon S3 archive; the app contains the information required to deploy the code to the appropriate application server instances. For more information on Opswork apps, please refer to the below link:
• http://docs.aws.amazon.com/opsworks/latest/userguide/workingapps.html
Option B is incorrect. Our scenario is focusing on continuous development and continuous releases of the application versions. Since this is going to be an ongoing process, it is a best practice to upload the revision of your application and if required roll back to previous version.
Option D is incorrect. This question gives importance to the application hosted on the infrastructure. "They want to use the AWS services available to be able to deploy a web application and also ensure they can rollback to previous versions of the application quickly."
In this case, Cloud Formation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. Cloud Formation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts.
Hence, Cloud Formation is nothing to do with an application hosted on the infrastructure.

NEW QUESTION 21
Your CTO has asked you to make sure that you know what all users of your AWS account are doing to change resources at all times. She wants a report of who is doing what over time, reported to her once per week, for as broad a resource type group as possible. How should you do this?

  • A. Create a global AWS CloudTrail Trai
  • B. Configure a script to aggregate the log data delivered to S3 once per week and deliver this to the CTO.
  • C. Use CloudWatch Events Rules with an SNS topic subscribed to all AWS API call
  • D. Subscribe the CTO to an email type delivery on this SNS Topic.
  • E. Use AWS 1AM credential reports to deliver a CSV of all uses of 1AM UserTokens overtime to the CTO.
  • F. Use AWS Config with an SNS subscription on a Lambda, and insert these changes over time into a DynamoDB tabl
  • G. Generate reports based on the contents of this table.

Answer: A

Explanation:
AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.
Visibility into your AWS account activity is a key aspect of security and operational best practices. You can use CloudTrail to view, search, download, archive, analyze, and respond to account activity across your AWS infrastructure. You can identify who or what took which action, what resources were acted upon, when the event occurred, and other details to help you analyze and respond to activity in your AWS account.
For more information on Cloudtrail, please visit the below URL:
• http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html

NEW QUESTION 22
You are having a web and worker role infrastructure defined in AWS using Amazon EC2 resources. You are using SQS to manage the jobs being send by the web role. Which of the following is the right way to ensure the worker processes are adequately setup to handle the number of jobs send by the web role

  • A. Use Cloudwatch monitoring to check the size of the queue and then scale out SQS to ensure that it can handle the right number of jobs
  • B. Use ELB to ensure that the load is evenly distributed to the set of web and worker instances
  • C. Use Route53 to ensure that the load is evenly distributed to the set of web and worker instances
  • D. Use Cloudwatch monitoring to check the size of the queue and then scale out using Autoscaling to ensure that it can handle the right number of jobs

Answer: D

Explanation:
The below diagram shows how SGS can be used to manage the communication between the Web
and worker roles. The number of messages in the SQS queue can
be used to determine the number of instances that should be there in the AutoScaling Group.
DOP-C01 dumps exhibit
For more information on SQS and Autoscaling, please refer to the below U RL: http://docs.aws.amazon.com/autoscaling/latest/userguide/as-using-sqs-queue.html

NEW QUESTION 23
A company is building a two-tier web application to serve dynamic transaction-based content. The data tier is leveraging an Online Transactional Processing (OLTP) database. What services should you leverage to enable an elastic and scalable web tier?

  • A. ElasticLoad Balancing, Amazon EC2, and Auto Scaling
  • B. ElasticLoad Balancing, Amazon RDS with Multi-AZ, and Amazon S3
  • C. AmazonRDS with Multi-AZ andAuto Scaling
  • D. AmazonEC2, Amazon Dynamo DB, and Amazon S3

Answer: A

Explanation:
The question mentioned a scalable web tier and not a database tier. So Option C, D and B are already automated eliminated, since we do not need a database option. The below example shows an Elastic Load balancer connected to 2 CC2 instances connected via Auto Scaling. This is an example of an elastic and scalable web tier. By scalable we mean that the Auto scaling process will increase or decrease the number of CC2 instances as required.
DOP-C01 dumps exhibit
For more information on best practices for AWS Cloud applications, please visit the below URL: https://dO.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf

NEW QUESTION 24
Your team is responsible for an AWS Elastic Beanstalk application. The business requires that you move to a continuous deployment model, releasing updates to the application multiple times per day with zero downtime. What should you do to enable this and still be able to roll back almost immediately in an emergency to the previous version?

  • A. Enablerolling updates in the Elastic Beanstalk environment, setting an appropriatepause time for application startup.
  • B. Createa second Elastic Beanstalk environment running the new application version, andswap theenvironment CNAMEs.
  • C. Developthe application to poll for a new application version in your code repository;download and install to each running Elastic Beanstalk instance.
  • D. Createa second Elastic Beanstalk environment with the new application version, andconfigure the old environment to redirect clients, using the HTTP 301 responsecode, to the new environment

Answer: B

Explanation:
The AWS Documentation mentions the below
Because Elastic Beanstalk performs an in-place update when you update your application versions, your application may become unavailable to users for a short
period of time. It is possible to avoid this downtime by performing a blue/green deployment, where you deploy the new version to a separate environment, and then
swap CNAMCs of the two environments to redirect traffic to the new version instantly For more information on Elastic beanstalk swap URL please see the below link:
• http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.CNAM CSwap.html

NEW QUESTION 25
You have an application running on an Amazon EC2 instance and you are using 1AM roles to securely access AWS Service APIs. How can you configure your application running on that instance to retrieve the API keys for use with the AWS SDKs?

  • A. When assigning an EC21AM role to your instance in the console, in the "Chosen SDK" drop-down list, select the SDK that you are using, and the instance will configure the correct SDK on launch with the API keys.
  • B. Within your application code, make a GET request to the 1AM Service API to retrieve credentials for your user.
  • C. When using AWS SDKs and Amazon EC2 roles, you do not have to explicitly retrieve API keys, because the SDK handles retrieving them from the Amazon EC2 MetaData service.
  • D. Within your application code, configure the AWS SDK to get the API keys from environment variables, because assigning an Amazon EC2 role stores keys in environment variables on launch.

Answer: C

Explanation:
IAM roles are designed so that your applications can securely make API requests from your instances, without requiring you to manage the security credentials that
the applications use. Instead of creating and distributing your AWS credentials, you can delegate permission to make API requests using 1AM roles
For more information on Roles for CC2 please refer to the below link: http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

NEW QUESTION 26
Your company has recently extended its datacenter into a VPC on AWS. There is a requirement for on-premise users manage AWS resources from the AWS console. You don't want to create 1AM users for them again. Which of the below options will fit your needs for authentication?

  • A. UseOAuth 2.0 to retrieve temporary AWS security credentials to enable your membersto sign in to the AWS Management Console.
  • B. Useweb Identity Federation to retrieve AWS temporary security credentials toenable your members to sign in to the AWS Management Console.
  • C. Useyour on-premises SAML 2 O-compliant identity provider (IDP) to grant themembers federated access to the AWS Management Console via the AWS singlesign-on (SSO) endpoint.
  • D. Useyour on-premises SAML2.0-compliant identity provider (IDP) to retrieve temporarysecurity credentials to enable members to sign in to the AWS ManagementConsole.

Answer: C

Explanation:
You can use a role to configure your SAML 2.0-compliant IdP and AWS to permit your federated users to access the AWS Management Console. The role grants the user permissions to carry out tasks in the console.
For more information on aws SAML, please visit the below URL
• http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_ena ble-console- saml.html

NEW QUESTION 27
You have launched a cloudformation template, but are receiving a failure notification after the template was launched. What is the default behavior of Cloudformation in such a case

  • A. It will rollback all the resources that were created up to the failure point.
  • B. It will keep all the resources that were created up to the failure point.
  • C. It will prompt the user on whether to keep or terminate the already created resources
  • D. It will continue with the creation of the next resource in the stack

Answer: A

Explanation:
The AWS Documentation mentions
AWS Cloud Formation ensures all stack resources are created or deleted as appropriate. Because AWS CloudFormation treats the stack resources as a single unit,
they must all be created or deleted successfully for the stack to be created or deleted. If a resource cannot be created, AWS CloudFormation rolls the stack back and automatically deletes any resources that were created.
For more information on Cloudformation, please refer to the below link: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/stacks.html

NEW QUESTION 28
......

Thanks for reading the newest DOP-C01 exam dumps! We recommend you to try the PREMIUM Thedumpscentre.com DOP-C01 dumps in VCE and PDF here: https://www.thedumpscentre.com/DOP-C01-dumps/ (116 Q&As Dumps)