Free Amazon DOP-C02 Exam Questions

Question 1

A DevOps engineer must implement a solution that immediately terminates Amazon EC2 instances in Auto Scaling groups when cryptocurrency mining activity is detected. Which solution will meet these requirements with the LEAST development effort?

A : Configure Amazon Route 53 query logs # CloudWatch # Lambda every 5 mins to detect mining-related domains and terminate EC2 instances.

B : Configure VPC Flow Logs # S3 # Lambda every 5 mins # Athena query # terminate EC2 instances.

C : Enable Amazon GuardDuty. Monitor EC2 findings. Create an EventBridge rule triggered by GuardDuty. Invoke a Lambda function that terminates the affected EC2 instances.

D : Enable AWS Security Hub. Monitor EC2 findings. Create an EventBridge rule triggered by SecurityHub. Invoke Lambda to terminate EC2 instances.

Answer: C

Question 2

You are developing a mobile news homepage that curates several news sources to a single page. The app is mainly composed of several Lambda functions configured as a deployment group on AWS CodeDeploy. For each new app version, you need to test all APIs before fully deploying it to production. The APIs are using a set of AWS Lambda validation scripts. You want the ability to check the APIs during deployments and be notified for any API errors as well as automatic rollback if the validation fails.

Which combination of the options below can help you implement a solution for this scenario? (Select THREE)

A : fine your Lambda validation scripts on the AppSpec lifecycle hook during deployment to run the validation using test traffic and trigger a rollback if checks fail.

B : ve Lambda send results to AWS CloudWatch Alarms directly and trigger a rollback when 5xx reply errors are received during deployment.

C : a step on AWS CodeDeploy to trigger your Lambda validation scripts after deployment and invoke them after deployment to validate your new app version.

D : nfigure your Lambda validation scripts to run during deployment and configure a CloudWatch Alarm that will trigger a rollback when the function validation fails.

E : ve CodeDeploy run the AWS Lambda validations after the deployment so you can test with production traffic. When errors are found, have another trigger to rollback the deployment.

F : ociate an AWS CloudWatch Alarm to your deployment group that can send a notification to an AWS SNS topic when threshold for 5xx is reached on CloudWatch.

Answer: A,D

Question 3

A leading telecommunications company is using CloudFormation templates to deploy enterprise applications to their production, staging, and development environments in AWS. Their current process involves manual changes to their CloudFormation templates in order to specify the configuration variables and static attributes for each environment. The DevOps Engineer was tasked to set up automated deployments using AWS CodePipeline and ensure that the CloudFormation template is reusable across multiple pipelines.

How should the DevOps Engineer satisfy this requirement?

A : t up a Lambda-backed custom resource in the CloudFormation templates. Configure the custom resource to monitor the status of the pipeline in AWS CodePipeline in order to detect which environment was launched. Use the cfn-init helper script to modify the launch configuration of each application stack based on its environment.

B : unch a new pipeline using AWS CodePipeline that has multiple stages for each environment and configure it to use input parameters. Switch the associated UserData of the EC2 instances to match the environment where the application stack is being launched using CloudFormation mappings. Specify parameter overrides for AWS CloudFormation actions.

C : nually configure the CloudFormation templates to use input parameters. Add a configuration that whenever the CloudFormation stack is updated, it will dynamically modify the LaunchConfiguration and UserData sections of the EC2 instances.

D : unch a new pipeline using AWS CodePipeline for each environment with multiple stages for each application. Trigger the CloudFormation deployments using a Lambda function to dynamically modify the UserData of the EC2 instances that were launched in each environment.

Answer: B

Question 4

A popular e-commerce website which has customers across the globe is hosted in the us-east-1 AWS region with a backup site in the us-west-1 region. Due to an unexpected regional outage in the us-east-1 region, the company initiated their disaster recovery plan and turned on the backup site. However, they discovered that the actual failover still entails several hours of manual effort to prepare and switch over the database. They also noticed that the database is missing up to three hours of data transactions when the regional outage happened. Which of the following solutions should the DevOps engineer implement which will improve the RTO and RPO of the website for the cross-region failover?

A : eate a snapshot every hour using Amazon RDS scheduled instance lifecycle events which will also allow you to monitor specific RDS events. Perform a cross-region snapshot copy into the us-west-1 backup region once the SnapshotCreateComplete event occurred. Create an Amazon CloudWatch Alert which will trigger an action to restore the Amazon RDS database snapshot in the backup region when the CPU Utilization metric of the RDS instance in CloudWatch falls to 0% for more than 15 minutes.

B : Step Functions with 2 Lambda functions that call the RDS API to create a snapshot of the database, create a cross-region snapshot copy, and restore the database instance from a snapshot in the backup region. Use CloudWatch Events to trigger the function to take a database snapshot every hour. Set up an SNS topic that will receive published messages from AWS Health API, RDS availability and other events that will trigger the Lambda function to create a cross-region snapshot copy. During failover, Configure the Lambda function to restore the database from a snapshot in the backup region.

C : Use an ECS cluster to host a custom python script that calls the RDS API to create a snapshot of the database, create a cross-region snapshot copy, and restore the database instance from a snapshot in the backup region. Create a scheduled job using CloudWatch Events that triggers the Lambda function to snapshot a database instance every hour. Set up an SNS topic that will receive published messages about AWS-initiated RDS events from Trusted Advisor that will trigger the function to create a cross-region snapshot copy. During failover, restore the database from a snapshot in the backup region.

D : nfigure an Amazon RDS Multi-AZ Deployment configuration and place the standby instance in the us-west-1 region. Set up the RDS option group to enable multi-region availability for native automation of cross-region recovery as well as for continuous data replication. Set up a notification system using Amazon SNS which is integrated with AWS Health API to monitor RDS-related systems events and notify the Operations team. In the actual failover where the primary database instance is down, RDS will automatically make the standby instance in the backup region as the primary instance.

Answer: B

Question 5

The company's DevOps engineer discovered that the errors were caused by RDS connection limits being reached. The DevOps engineer also discovered that more than 90% of the API requests are GET requests that read from the DB cluster. How should the DevOps engineer solve this problem with the LEAST development effort?

A : Migrate from Amazon RDS to Amazon DynamoDB. Add an Amazon CloudFront distribution in front of the API Gateway REST API.

B : Add a proxy from Amazon RDS Proxy in front of the RDS DB cluster. Enable API caching in API Gateway.

C : Add an Amazon RDS Proxy in front of the RDS database cluster. Provision an Amazon ElastiCache (Redis OSS) cluster.

D : Migrate from Amazon RDS to Amazon DynamoDB. Enable API caching in API Gateway.

Answer: B