Free Amazon DOP-C02 Exam Questions

Question 1

A company runs a workload on Amazon EC2 instances. The company needs a control that requires the use of Instance Metadata Service Version 2 (IMDSv2) on all EC2 instances in the AWS account. If an EC2 instance does not prevent the use of Instance Metadata Service Version 1 (IMDSv1), the EC2 instance must be terminated. Which solution will meet these requirements?

A : Set up AWS Config in the account. Use a managed rule to check EC2 instances. Configure the rule to remediate the findings by using AWS Systems Manager Automation to terminate the instance.

B : Create a permissions boundary that prevents the ec2:Runlnstance action if the ec2:MetadataHttpTokens condition key is not set to a value of required. Attach the permissions boundary to the IAM role that was used to launch the instance.

C : Set up Amazon Inspector in the account. Configure Amazon Inspector to activate deep inspection for EC2 instances. Create an Amazon EventBridge rule for an Inspector2 finding. Set an AWS Lambda function as the target to terminate the instance.

D : Create an Amazon EventBridge rule for the EC2 instance launch successful event. Send the event to an AWS Lambda function to inspect the EC2 metadata and to terminate the instance.

Answer: B

Question 2

Which combination of steps will meet these requirements? (Select THREE.)

A : Create a global table replica of the DynamoDB table in a second Region.

B : Create a global secondary index for the DynamoDB table.

C : Create copies of the REST API and the Lambda functions in a second Region.

D : Create health checks in Amazon Route 53. Create DNS records that include a failover routing policy.

E : Create health checks in Amazon Route 53. Create DNS records that include a latency routing policy.

F : Create DNS records in Amazon Route 53 that include a multivalue answer routing policy.

Answer: A,C,E

Question 3

A company uses AWS Control Tower and Organizations for a multi-account environment. It needs to create new accounts and ensure they receive a consistent baseline configuration. Which solution meets the requirement with the least overhead?

A : Use Account Factory Customization (AFC) blueprints for baseline setup.

B : Use Account Factory + StackSets post-setup.

C : Use Organizations with Lambda applying baseline via access role.

D : Use Organizations + StackSets manually.

Answer: A

Question 4

A company is developing a web application that runs on Amazon EC2 Linux instances. The application requires monitoring of custom performance metrics. The company must collect metrics for API response times and database query latency across multiple instances. Which solution will generate the custom metrics with the LEAST operational overhead?

A : Install the Amazon CloudWatch agent on the instances. Configure the agent to collect the custom metrics. Instrument the application to send the metrics to the agent.

B : Use Amazon Managed Service for Prometheus to scrape the custom metrics from the application. Use the Amazon CloudWatch agent to forward the metrics to CloudWatch.

C : Create a custom AWS Lambda function that polls the application endpoints and database at regular intervals. Program the Lambda function to calculate the custom metrics and to send the metrics to Amazon CloudWatch by using PutMetricData API calls.

D : Implement custom logging in the application code to record the custom metrics. Use Amazon CloudWatch Logs Insights to extract and analyze the metrics.

Answer: A

Question 5

A leading media company has recently moved its .NET web application from its on-premises network to AWS Elastic Beanstalk for easier deployment and management. An Amazon S3 bucket stores static contents such as PDF files, images, videos, and the likes. An Amazon DynamoDB table stores all of the data of the application. The company has recently launched a series of global marketing campaigns that resulted in unpredictable spikes of incoming traffic. Upon checking, the Operations team discovered that over 80% of the traffic is just duplicate read requests.

As a DevOps Engineer, how can you improve the application's performance for its users around the world?

A : Lambda@Edge to cache the images stored in the S3 bucket. Use DynamoDB Accelerator (DAX) to cache repeated read requests on the web application.

B : che the images stored in the S3 bucket using the AWS Elemental MediaPackage. Set up a distributed cache layer using an ElastiCache for Memcached Cluster to serve the repeated read requests on the web application.

C : eate a CloudFront web distribution to cache images stored in the S3 bucket. Use DynamoDB Accelerator (DAX) to cache repeated read requests on the web application.

D : che the images stored in the S3 bucket using the AWS Elemental MediaStore. Set up a distributed cache layer using an ElastiCache for Redis Cluster to serve the repeated read requests on the web application.

Answer: C