Free Amazon DOP-C02 Exam Questions

Question 1

A company is developing a serverless application that uses AWS Lambda, AWS SAM, and Amazon API Gateway. There is a requirement to fully automate the backend Lambda deployment in such a way that the deployment will automatically run whenever a new commit is pushed to an AWS CodeCommit repository. There should also be a separate environment pipeline for TEST and PROD environments. In addition, the TEST environment should be the only one that allows automatic deployment.

As a DevOps Engineer, who can you satisfy these requirements?

A : t up two pipelines using AWS CodePipeline for TEST and PROD environments. On both pipelines, set up a manual approval step for application deployment. Set up separate CodeCommit repositories for each environment and configure each pipeline to retrieve the source code from CodeCommit. Deploy the Lambda functions with AWS CloudFormation by setting up a deployment step in the pipeline.

B : t up two pipelines using AWS CodePipeline for TEST and PROD environments. Configure the PROD pipeline to have a manual approval step. Create a CodeCommit repository with a branch for each environment and configure the pipeline to retrieve the source code from CodeCommit according to its branch. Deploy the Lambda functions with AWS CloudFormation by setting up a deployment step in the pipeline.

C : t up two pipelines using AWS CodePipeline for TEST and PROD environments. In the PROD pipeline, set up a manual approval step for application deployment. Set up separate CodeCommit repositories for each environment and configure each pipeline to retrieve the source code from CodeCommit. Deploy the Lambda functions with AWS CloudFormation by setting up a deployment step in the pipeline.

D : eate a new pipeline using AWS CodePipeline and a new CodeCommit repository for each environment. Configure CodePipeline to retrieve the application source code from the appropriate repository. Deploy the Lambda functions with AWS CloudFormation by creating a deployment step in the pipeline.

Answer: B

Question 2

A company deploys its corporate infrastructure on AWS across multiple AWS Regions and Availability Zones. The infrastructure is deployed on Amazon EC2 instances and connects with AWS IoT Greengrass devices. The company deploys additional resources on on-premises servers that are located in the corporate headquarters.

The company wants to reduce the overhead involved in maintaining and updating its resources. The company’s DevOps team plans to use AWS Systems Manager to implement automated management and application of patches. The DevOps team confirms that Systems Manager is available in the Regions that the resources are deployed in. Systems Manager also is available in a Region near the corporate headquarters.

Which combination of steps must the DevOps team take to implement automated patch and configuration management across the company’s EC2 instances, IoT devices, and on-premises infrastructure? (Choose three.)

A : ply tags to all the EC2 instances, AWS IoT Greengrass devices, and on-premises servers. Use Systems Manager Session Manager to push patches to all the tagged devices.

B : Systems Manager Run Command to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

C : Systems Manager Patch Manager to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers as a Systems Manager maintenance window task.

D : nfigure Amazon EventBridge to monitor Systems Manager Patch Manager for updates to patch baselines. Associate Systems Manager Run Command with the event to initiate a patch action for all EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

E : eate an IAM instance profile for Systems Manager. Attach the instance profile to all the EC2 instances in the AWS account. For the AWS IoT Greengrass devices and on-premises servers, create an IAM service role for Systems Manager.

F : nerate a managed-instance activation. Use the Activation Code and Activation ID to install Systems Manager Agent (SSM Agent) on each server in the on-premises environment. Update the AWS IoT Greengrass IAM token exchange role. Use the role to deploy SSM Agent on all the IoT devices.

Answer: A,B,C

Question 3

A company uses AWS CodeCommit for source code control. Developers apply their changes to various feature branches and create pull requests to move those changes to the main branch when the changes are ready for production.

The developers should not be able to push changes directly to the main branch. The company applied the AWSCodeCommitPowerUser managed policy to the developers’ IAM role, and now these developers can push changes to the main branch directly on every repository in the AWS account.

What should the company do to restrict the developers’ ability to push changes to the main branch directly?

A : eate an additional policy to include a Deny rule for the GitPush and PutFile actions. Include a restriction for the specific repositories in the policy statement with a condition that references the main branch.

B : move the IAM policy, and add an AWSCodeCommitReadOnly managed policy. Add an Allow rule for the GitPush and PutFile actions for the specific repositories in the policy statement with a condition that references the main branch.

C : dify the IAM policy. Include a Deny rule for the GitPush and PutFile actions for the specific repositories in the policy statement with a condition that references the main branch.

D : eate an additional policy to include an Allow rule for the GitPush and PutFile actions. Include a restriction for the specific repositories in the policy statement with a condition that references the feature branches.

Answer: A

Question 4

A leading software development company has various web applications hosted in an Auto Scaling group of EC2 instances which are designed for high availability and fault tolerance. They are using AWS CloudFormation to easily manage their cloud infrastructure as code as well as for deployment. Currently, they have to manually update their CloudFormation templates for every new available AMI of their application. This procedure is prone to human errors and entails a high management overhead on their deployment process.

Which of the following is the MOST suitable and cost-effective solution that the DevOps engineer should implement to automate this process?

A : ll the new AMI IDs using an AWS Lambda-backed custom resource in the CloudFormation template. Reference the AMI ID that the custom resource fetched in the launch configuration resource block.

B : nfigure the CloudFormation template to use AMI mappings. Integrate AWS Lambda and Amazon CloudWatch Events to create a function that regularly runs every hour to detect new AMIs as well as update the mapping in the template. Reference the AMI mappings in the launch configuration resource block.

C : nfigure the AWS CloudFormation template to use conditional statements to check if new AMIs are available. Fetch the new AMI ID using the cfn-init helper script and reference it in the launch configuration resource block.

D : unch an EC2 instance to run a custom shell script every hour to check for new AMIs. The script should update the launch configuration resource block of the CloudFormation template with the new AMI ID if there are new ones available.

Answer: A

Question 5

A company is building a web and mobile application that uses a serverless architecture powered by AWS Lambda and Amazon API Gateway. The company wants to fully automate the backend Lambda deployment based on code that is pushed to the appropriate environment branch in an AWS CodeCommit repository.

The deployment must have the following:

• Separate environment pipelines for testing and production

• Automatic deployment that occurs for test environments only

Which steps should be taken to meet these requirements?

A : Configure a new AWS CodePipeline service. Create a CodeCommit repository for each environment. Set up CodePipeline to retrieve the source code from the appropriate repository. Set up the deployment step to deploy the Lambda functions with AWS CloudFormation.

B : Create two AWS CodePipeline configurations for test and production environments. Configure the production pipeline to have a manual approval step. Create a CodeCommit repository for each environment. Set up each CodePipeline to retrieve the source code from the appropriate repository. Set up the deployment step to deploy the Lambda functions with AWS CloudFormation.

C : Create two AWS CodePipeline configurations for test and production environments. Configure the production pipeline to have a manual approval step. Create one CodeCommit repository with a branch for each environment. Set up each CodePipeline to retrieve the source code from the appropriate branch in the repository. Set up the deployment step to deploy the Lambda functions with AWS CloudFormation

D : Create an AWS CodeBuild configuration for test and production environments. Configure the production pipeline to have a manual approval step. Create one CodeCommit repository with a branch for each environment. Push the Lambda function code to an Amazon S3 bucket. Set up the deployment step to deploy the Lambda functions from the S3 bucket.

Answer: C