Free Amazon DOP-C02 Exam Questions

Question 1

You are developing a mobile quiz app hosted on AWS and you’re using AWS CodeDeploy to deploy the application on your cluster of EC2 instances. There is a hotfix that need to be applied after the scheduled deployment. These are files not included on the current application revision so you uploaded them manually to the target instances. On the next application release, the hotfix files were included on the new revision but your deployment fails so CodeDeploy auto rollbacks to the previous version. However, you have noticed that the hotfix files that you’ve manually added were missing, and the application is not working properly.

Which of the following is the possible cause and how will you prevent it from happening in the future?

A : default, CodeDeploy retains all files on the deployment location but the auto rollback will deploy the old revision files cleanly. You should choose “Fail the deployment” option for future deployments so that only the files included in the old app revision will be deployed and the existing contents will be retained.

B : default, CodeDeploy removes all files on the deployment location and the auto rollback will deploy the old revision files cleanly. You should choose “Overwrite the content” option for future deployments so that only the files included in the old app revision will be overwritten and the existing contents will be retained.

C : default, CodeDeploy retains all files on the deployment location but the auto rollback will deploy the old revision files cleanly. You should choose “Overwrite the content” option for future deployments so that only the files included in the old app revision will be overwritten and the existing contents will be retained.

D : default, CodeDeploy removes all files on the deployment location and the auto rollback will deploy the old revision files cleanly. You should choose “Retain the content” option for future deployments so that only the files included in the old app revision will be deployed and the existing contents will be retained.

Answer: D

Question 2

You are working on a web application that allows designers to create mobile themes for their android phones. The app is hosted on a cluster of Auto Scaling ECS instances and its deployments are handled by AWS CodeDeploy. ALB health checks are not sufficient to tell that new version deployments are successful, rather you have custom validation scripts that verify all APIs of the application. You want to make sure that there are no 5XX error replies on the new version before continuing production deployment and that you are notified via email if results failed. You also want to configure automatic rollback to the older version when the validation fails.

Which combination of options should you implement to meet this requirement? (Select THREE.)

A : ociate CloudWatch Alarms to your deployment group to have it trigger a rollback when the 5xx error alarm is active.

B : eate your validation scripts on AWS Lambda and invoke them after deployment to validate your new app version.

C : ve AWS CloudWatch Alarms trigger an AWS SNS notification when the threshold for 5xx is reached on CloudWatch.

D : ve Lambda send results to AWS CloudWatch Alarms directly and trigger a rollback when 5xx reply errors are received during deployment.

E : ve AWS Lambda trigger an AWS SNS notification after performing the validation of the new app revision.

F : eate your validation scripts on AWS Lambda and define the functions on the AppSpec lifecycle hook to validate the app using test traffic.

Answer: A,C

Question 3

A company wants to migrate its content sharing web application hosted on Amazon EC2 to a serverless architecture. The company currently deploys changes to its application by creating a new Auto Scaling group of EC2 instances and a new Elastic Load Balancer, and then shifting the traffic away using an Amazon Route 53 weighted routing policy.

For its new serverless application, the company is planning to use Amazon API Gateway and AWS Lambda. The company will need to update its deployment processes to work with the new application. It will also need to retain the ability to test new features on a small number of users before rolling the features out to the entire user base.

Which deployment strategy will meet these requirements?

A : AWS CDK to deploy API Gateway and Lambda functions. When code needs to be changed, update the AWS CloudFormation stack and deploy the new version of the APIs and Lambda functions. Use a Route 53 failover routing policy for the canary release strategy.

B : AWS CloudFormation to deploy API Gateway and Lambda functions using Lambda function versions. When code needs to be changed, update the CloudFormation stack with the new Lambda code and update the API versions using a canary release strategy. Promote the new version when testing is complete.

C : AWS Elastic Beanstalk to deploy API Gateway and Lambda functions. When code needs to be changed, deploy a new version of the API and Lambda functions. Shift traffic gradually using an Elastic Beanstalk blue/green deployment.

D : AWS OpsWorks to deploy API Gateway in the service layer and Lambda functions in a custom layer. When code needs to be changed, use OpsWorks to perform a blue/green deployment and shift traffic gradually

Answer: B

Question 4

A company manages multiple AWS accounts in AWS Organizations. The company's security policy states that AWS account root user credentials for member accounts must not be used. The company monitors access to the root user credentials. A recent alert shows that the root user in a member account launched an Amazon EC2 instance. A DevOps engineer must create an SCP at the organization's root level that will prevent the root user in member accounts from making any AWS service API calls. Which SCP will meet these requirements?

A : "Version": "2012-10-17","Statement": ["Effect": "Allow","Action": "N"Resource":"","Condition": {"StringNotLike": "aws: PrincipalArn": "arn: aws:iam::*:root"

B : "Version": "2012-10-17","Statement": [{"Effect": "Deny","Action": "*","Resource": "*""Principal": { "AWS": arn:aws: iam::*:root"}

C : 1"Version": "2012-10-17","Statement": [{"Effect": "Deny","Action":"","Resource": "*","Condition": {"StringLike": "aws: PrincipalArn": "arn:aws:iam::*:root" }

D : "Version": "2012-10-17","Statement": [f"Effect": "Allow","Action":"Resource":"Principal": "root"

Answer: D

Question 5

A DevOps engineer must implement a solution that immediately terminates Amazon EC2 instances in Auto Scaling groups when cryptocurrency mining activity is detected. Which solution will meet these requirements with the LEAST development effort?

A : Configure Amazon Route 53 query logs # CloudWatch # Lambda every 5 mins to detect mining-related domains and terminate EC2 instances.

B : Configure VPC Flow Logs # S3 # Lambda every 5 mins # Athena query # terminate EC2 instances.

C : Enable Amazon GuardDuty. Monitor EC2 findings. Create an EventBridge rule triggered by GuardDuty. Invoke a Lambda function that terminates the affected EC2 instances.

D : Enable AWS Security Hub. Monitor EC2 findings. Create an EventBridge rule triggered by SecurityHub. Invoke Lambda to terminate EC2 instances.

Answer: C