Free Amazon DOP-C02 Exam Questions

Question 1

An insurance firm has recently undergone digital transformation and AWS cloud adoption. Its app development team has four environments, namely DEV, TEST, PRE-PROD, and PROD, for its flagship application that is configured with AWS CodePipeline. After several weeks, they noticed that there were several outages caused by misconfigured files or faulty code blocks that were deployed into the PROD environment. A DevOps Engineer has been assigned to add the required steps to identify issues in the application before it is released.

Which of the following is the MOST appropriate combination of steps that the Engineer should implement to identify functional issues during the deployment process? (Select TWO.)

A : the pipeline, add an AWS CodeDeploy action to deploy the latest version of the application to the PRE-PROD environment. Set up a manual approval action in the pipeline so that the QA team can perform the required tests. Add another CodeDeploy action that deploys the verified code to the PROD environment after the manual approval action.

B : grate the pipeline from CodePipeline to AWS Data Pipeline to enable more CI/CD features. Add a test action that uses Amazon Macie to the pipeline. Run an assessment using the Runtime Behavior Analysis rules package to verify that the deployed code complies with the strict security standards of the company before deploying it to the PROD environment.

C : Add a test action that uses Amazon GuardDuty to the pipeline. Run an assessment using the Runtime Behavior Analysis rules package to verify that the deployed code complies with the strict security standards of the company before deploying it to the PROD environment.

D : a test action to the pipeline to run both the unit and functional tests using AWS CodeBuild. Verify that the test results passed before deploying the new application revision to the PROD environment.

E : a test action that uses Amazon Inspector to the pipeline. Run an assessment using the Runtime Behavior Analysis rules package to verify that the deployed code complies with the strict security standards of the company before deploying it to the PROD environment.

Answer: A,D

Question 2

A DevOps engineer is creating a CI/CD pipeline to build container images. The engineer needs to store container images in Amazon Elastic Container Registry (Amazon ECR) and scan the images for common vulnerabilities. The CI/CD pipeline must be resilient to outages in upstream source container image repositories. Which solution will meet these requirements?

A : Create an ECR private repository in the private registry to store the container images and scan images when images are pushed to the repository. Configure a replication rule in the private registry to replicate images from upstream repositories.

B : Create an ECR public repository in the public registry to cache images from upstream source repositories. Create an ECR private repository to store images. Configure the private repository to scan images when images are pushed to the repository.

C : Create an ECR public repository in the public registry. Configure a pull through cache rule for the repository. Create an ECR private repository to store images. Configure the ECR private registry to perform basic scanning.

D : Create an ECR private repository in the private registry to store the container images. Enable basic scanning for the private registry, and create a pull through cache rule.

Answer: C

Question 3

A DevOps engineer is supporting early-stage development for a developer platform running on Amazon EKS. Recently, the platform has experienced an increased rate of container restart failures. The DevOps engineer wants diagnostic information to isolate and resolve issues. Which solution will meet this requirement?

A : Configure CloudWatch dashboards using default EKS service metrics.

B : Configure AWS CloudTrail for the EKS cluster.

C : Configure CloudTrail Insights for the EKS cluster.

D : Configure Amazon CloudWatch Container Insights for the EKS cluster by enabling the CloudWatch Observability add-on.

Answer: D

Question 4

You have developed a custom web dashboard for your company that shows all instances running on AWS including the instance details. The web app relies on a DynamoDB table that will be updated whenever a new instance is created or terminated. You have several auto scaling groups of EC2 instances and you want to have an effective way of updating the DynamoDB table whenever a new instance is created or terminated.

Which of the following steps will you implement?

A : eate a custom script that runs on the instances that will run on scale-in and scale-out events to update the DynamoDB table with the necessary details.

B : nfigure a CloudWatch Events target to your auto scaling group that will trigger a Lambda function when a lifecycle action occurs. Configure the function to update the DynamoDB table with the necessary instance details.

C : nfigure a CloudWatch alarm that will monitor the number of instances on your auto scaling group and trigger a Lambda function to update the DynamoDB table with the necessary details.

D : fine a Lambda function as a notification target for the lifecycle hook for the auto scaling group. In the event of a scale-out or scale-in, the lifecycle hook will trigger the Lambda function to update the DynamoDB table with the necessary details.

Answer: B

Question 5