Free Amazon DOP-C02 Exam Questions

Question 1

A company runs an Amazon EKS cluster and must implement comprehensive logging for the control plane and nodes. The company must analyze API requests and monitor container performance. Which solution will meet these requirements with the LEAST operational overhead?

A : Enable AWS CloudTrail for control plane logging and deploy Logstash on nodes.

B : Enable control plane logging to CloudWatch and use CloudWatch Container Insights for node and pod metrics.

C : Enable API server logging to S3 and deploy Kubernetes Event Exporter to nodes.

D : Use AWS Distro for OpenTelemetry and stream logs to Amazon Redshift.

Answer: B

Question 2

Which combination of steps will meet these requirements? (Select THREE.)

A : Create a global table replica of the DynamoDB table in a second Region.

B : Create a global secondary index for the DynamoDB table.

C : Create copies of the REST API and the Lambda functions in a second Region.

D : Create health checks in Amazon Route 53. Create DNS records that include a failover routing policy.

E : Create health checks in Amazon Route 53. Create DNS records that include a latency routing policy.

F : Create DNS records in Amazon Route 53 that include a multivalue answer routing policy.

Answer: A,C,E

Question 3

A company is developing a web application that runs on Amazon EC2 Linux instances. The application requires monitoring of custom performance metrics. The company must collect metrics for API response times and database query latency across multiple instances. Which solution will generate the custom metrics with the LEAST operational overhead?

A : Install the Amazon CloudWatch agent on the instances. Configure the agent to collect the custom metrics. Instrument the application to send the metrics to the agent.

B : Use Amazon Managed Service for Prometheus to scrape the custom metrics from the application. Use the Amazon CloudWatch agent to forward the metrics to CloudWatch.

C : Create a custom AWS Lambda function that polls the application endpoints and database at regular intervals. Program the Lambda function to calculate the custom metrics and to send the metrics to Amazon CloudWatch by using PutMetricData API calls.

D : Implement custom logging in the application code to record the custom metrics. Use Amazon CloudWatch Logs Insights to extract and analyze the metrics.

Answer: A

Question 4

A company deploys its corporate infrastructure on AWS across multiple AWS Regions and Availability Zones. The infrastructure is deployed on Amazon EC2 instances and connects with AWS IoT Greengrass devices. The company deploys additional resources on on-premises servers that are located in the corporate headquarters.

The company wants to reduce the overhead involved in maintaining and updating its resources. The company’s DevOps team plans to use AWS Systems Manager to implement automated management and application of patches. The DevOps team confirms that Systems Manager is available in the Regions that the resources are deployed in. Systems Manager also is available in a Region near the corporate headquarters.

Which combination of steps must the DevOps team take to implement automated patch and configuration management across the company’s EC2 instances, IoT devices, and on-premises infrastructure? (Choose three.)

A : ply tags to all the EC2 instances, AWS IoT Greengrass devices, and on-premises servers. Use Systems Manager Session Manager to push patches to all the tagged devices.

B : Systems Manager Run Command to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

C : Systems Manager Patch Manager to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers as a Systems Manager maintenance window task.

D : nfigure Amazon EventBridge to monitor Systems Manager Patch Manager for updates to patch baselines. Associate Systems Manager Run Command with the event to initiate a patch action for all EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

E : eate an IAM instance profile for Systems Manager. Attach the instance profile to all the EC2 instances in the AWS account. For the AWS IoT Greengrass devices and on-premises servers, create an IAM service role for Systems Manager.

F : nerate a managed-instance activation. Use the Activation Code and Activation ID to install Systems Manager Agent (SSM Agent) on each server in the on-premises environment. Update the AWS IoT Greengrass IAM token exchange role. Use the role to deploy SSM Agent on all the IoT devices.

Answer: A,B,C

Question 5

A DevOps engineer is building the infrastructure for an application. The application needs to run on an Amazon Elastic Kubernetes Service (Amazon EKS) cluster that includes Amazon EC2 instances. The EC2 instances need to use an Amazon Elastic File System (Amazon EFS) file system as a storage backend. The Amazon EFS Container Storage Interface (CSI) driver is installed on the EKS cluster.

When the DevOps engineer starts the application, the EC2 instances do not mount the EFS file system.

Which solutions will fix the problem? (Choose three.)

A : Switch the EKS nodes from Amazon EC2 to AWS Fargate.

B : Add an inbound rule to the EFS file system’s security group to allow NFS traffic from the EKS cluster.

C : Create an IAM role that allows the Amazon EFS CSI driver to interact with the file system

D : Set up AWS DataSync to configure file transfer between the EFS file system and the EKS nodes.

E : Create a mount target for the EFS file system in the subnet of the EKS nodes.

F : Disable encryption or the EFS file system.

Answer: B,C,F