Free Amazon DOP-C02 Exam Questions

Question 1

A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform. Which combination of steps will meet this requirement? (Select TWO.)

A : Create an Amazon CloudWatch log group. Create an AWS CloudTrail trail that writes to the CloudWatch log group.

B : Create a new Amazon S3 bucket. Configure default audit logging on the Redshift cluster. Configure the S3 bucket as the target.

C : Configure the Redshift cluster database audit logging to include user activity logs. Configure Amazon CloudWatch as the target.

D : Create an Amazon CloudWatch dashboard that has a log widget. Configure the widget to display user details from the Redshift logs.

E : Create an AWS Lambda function that uses Amazon Athena to query the Redshift logs. Create an Amazon CloudWatch dashboard that has a custom widget type that uses the Lambda function.

Answer: B,D

Question 2

A popular e-commerce website which has customers across the globe is hosted in the us-east-1 AWS region with a backup site in the us-west-1 region. Due to an unexpected regional outage in the us-east-1 region, the company initiated their disaster recovery plan and turned on the backup site. However, they discovered that the actual failover still entails several hours of manual effort to prepare and switch over the database. They also noticed that the database is missing up to three hours of data transactions when the regional outage happened. Which of the following solutions should the DevOps engineer implement which will improve the RTO and RPO of the website for the cross-region failover?

A : eate a snapshot every hour using Amazon RDS scheduled instance lifecycle events which will also allow you to monitor specific RDS events. Perform a cross-region snapshot copy into the us-west-1 backup region once the SnapshotCreateComplete event occurred. Create an Amazon CloudWatch Alert which will trigger an action to restore the Amazon RDS database snapshot in the backup region when the CPU Utilization metric of the RDS instance in CloudWatch falls to 0% for more than 15 minutes.

B : Step Functions with 2 Lambda functions that call the RDS API to create a snapshot of the database, create a cross-region snapshot copy, and restore the database instance from a snapshot in the backup region. Use CloudWatch Events to trigger the function to take a database snapshot every hour. Set up an SNS topic that will receive published messages from AWS Health API, RDS availability and other events that will trigger the Lambda function to create a cross-region snapshot copy. During failover, Configure the Lambda function to restore the database from a snapshot in the backup region.

C : Use an ECS cluster to host a custom python script that calls the RDS API to create a snapshot of the database, create a cross-region snapshot copy, and restore the database instance from a snapshot in the backup region. Create a scheduled job using CloudWatch Events that triggers the Lambda function to snapshot a database instance every hour. Set up an SNS topic that will receive published messages about AWS-initiated RDS events from Trusted Advisor that will trigger the function to create a cross-region snapshot copy. During failover, restore the database from a snapshot in the backup region.

D : nfigure an Amazon RDS Multi-AZ Deployment configuration and place the standby instance in the us-west-1 region. Set up the RDS option group to enable multi-region availability for native automation of cross-region recovery as well as for continuous data replication. Set up a notification system using Amazon SNS which is integrated with AWS Health API to monitor RDS-related systems events and notify the Operations team. In the actual failover where the primary database instance is down, RDS will automatically make the standby instance in the backup region as the primary instance.

Answer: B

Question 3

A company has a web application that is hosted on Amazon EC2 instances. The company is deploying the application into multiple AWS Regions. The application consists of dynamic content such as WebSocket-based real-time product updates. The company uses Amazon Route 53 to manage all DNS records. Which solution will provide multi-Region access to the application with the LEAST latency?

A : Deploy an Application Load Balancer (ALB) in front of the EC2 instances in each Region. Create a Route 53 A record with a latency-based routing policy. Add IP addresses of the ALBs as the value of the record.

B : Deploy an Application Load Balancer (ALB) in front of the EC2 instances in each Region. Deploy an Amazon CloudFront distribution with an origin group that contains the ALBs as origins. Create a Route 53 alias record that points to the CloudFront distribution's DNS address.

C : Deploy a Network Load Balancer (NLB) in front of the EC2 instances in each Region. Create a Route 53 A record with a multivalue answer routing policy. Add IP addresses of the NLBs as the value of the record.

D : Deploy a Network Load Balancer (NLB) in front of the EC2 instances in each Region. Deploy an AWS Global Accelerator standard accelerator with an endpoint group for each NLB. Create a Route 53 alias record that points to the accelerator's DNS address.

Answer: A

Question 4

A company’s EC2 fleet must maintain up-to-date security patches and compliance reporting. Which solution meets these requirements?

A : Use Systems Manager Patch Manager with AWS Config compliance rules and automation documents.

B : SSH into each instance manually.

C : Rebuild instances in Auto Scaling groups with latest AMIs.

D : Use CloudFormation redeployment for every patch.

Answer: A

Question 5

A company's security policies require the use of security hardened AMIS in production environments. A DevOps engineer has used EC2 Image Builder to create a pipeline that builds the AMIs on a recurring schedule. The DevOps engineer needs to update the launch templates of the companys Auto Scaling groups. The Auto Scaling groups must use the newest AMIS during the launch of Amazon EC2 instances. Which solution will meet these requirements with the MOST operational efficiency?

A : Configure an Amazon EventBridge rule to receive new AMI events from Image Builder. Target an AWS Systems Manager Run Command document that updates the launch templates of the Auto Scaling groups with the newest AMI ID.

B : Configure an Amazon EventBridge rule to receive new AMI events from Image Builder. Target an AWS Lambda function that updates the launch templates of the Auto Scaling groups with the newest AMI ID.

C : Configure the launch template to use a value from AWS Systems Manager Parameter Store for the AMI ID. Configure the Image Builder pipeline to update the Parameter Store value with the newest AMI ID.

D : Configure the Image Builder distribution settings to update the launch templates with the newest AMI ID. Configure the Auto Scaling groups to use the newest version of the launch template.

Answer: C