Free Amazon DOP-C02 Exam Questions

Question 1

A DevOps engineer needs a resilient CI/CD pipeline that builds container images, stores them in ECR, scans images for vulnerabilities, and is resilient to outages in upstream source image repositories. Which solution meets this?

A : Create a private ECR repo, scan images on push, replicate images from upstream repos with a replication rule.

B : Create a private ECR repo, scan images on push, replicate images from upstream repos with a replication rule

C : Create a public ECR repo, configure a pull-through cache rule, create a private repo to store images, enable basic scanning.

D : Create a private ECR repo, enable basic scanning, create a pull-through cache rule.

Answer: D

Question 2

A SaaS company uses ECS (Fargate) behind an ALB and CodePipeline + CodeDeploy for blue/green deployments. They need automatic, incremental traffic shifting over time with no downtime. Which solution will meet these requirements?

A : Use TimeBasedLinear in appspec.yaml with defined percentage and interval.

B : Use AllAtOnce deployment configuration.

C : Use TimeBasedCanary.

D : Configure weighted routing on ALB manually.

Answer: A

Question 3

A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform. Which combination of steps will meet this requirement? (Select TWO.)

A : Create an Amazon CloudWatch log group. Create an AWS CloudTrail trail that writes to the CloudWatch log group.

B : Create a new Amazon S3 bucket. Configure default audit logging on the Redshift cluster. Configure the S3 bucket as the target.

C : Configure the Redshift cluster database audit logging to include user activity logs. Configure Amazon CloudWatch as the target.

D : Create an Amazon CloudWatch dashboard that has a log widget. Configure the widget to display user details from the Redshift logs.

E : Create an AWS Lambda function that uses Amazon Athena to query the Redshift logs. Create an Amazon CloudWatch dashboard that has a custom widget type that uses the Lambda function.

Answer: B,D

Question 4

The company's DevOps engineer discovered that the errors were caused by RDS connection limits being reached. The DevOps engineer also discovered that more than 90% of the API requests are GET requests that read from the DB cluster. How should the DevOps engineer solve this problem with the LEAST development effort?

A : Migrate from Amazon RDS to Amazon DynamoDB. Add an Amazon CloudFront distribution in front of the API Gateway REST API.

B : Add a proxy from Amazon RDS Proxy in front of the RDS DB cluster. Enable API caching in API Gateway.

C : Add an Amazon RDS Proxy in front of the RDS database cluster. Provision an Amazon ElastiCache (Redis OSS) cluster.

D : Migrate from Amazon RDS to Amazon DynamoDB. Enable API caching in API Gateway.

Answer: B

Question 5

A company deploys its corporate infrastructure on AWS across multiple AWS Regions and Availability Zones. The infrastructure is deployed on Amazon EC2 instances and connects with AWS IoT Greengrass devices. The company deploys additional resources on on-premises servers that are located in the corporate headquarters.

The company wants to reduce the overhead involved in maintaining and updating its resources. The company’s DevOps team plans to use AWS Systems Manager to implement automated management and application of patches. The DevOps team confirms that Systems Manager is available in the Regions that the resources are deployed in. Systems Manager also is available in a Region near the corporate headquarters.

Which combination of steps must the DevOps team take to implement automated patch and configuration management across the company’s EC2 instances, IoT devices, and on-premises infrastructure? (Choose three.)

A : ply tags to all the EC2 instances, AWS IoT Greengrass devices, and on-premises servers. Use Systems Manager Session Manager to push patches to all the tagged devices.

B : Systems Manager Run Command to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

C : Systems Manager Patch Manager to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers as a Systems Manager maintenance window task.

D : nfigure Amazon EventBridge to monitor Systems Manager Patch Manager for updates to patch baselines. Associate Systems Manager Run Command with the event to initiate a patch action for all EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

E : eate an IAM instance profile for Systems Manager. Attach the instance profile to all the EC2 instances in the AWS account. For the AWS IoT Greengrass devices and on-premises servers, create an IAM service role for Systems Manager.

F : nerate a managed-instance activation. Use the Activation Code and Activation ID to install Systems Manager Agent (SSM Agent) on each server in the on-premises environment. Update the AWS IoT Greengrass IAM token exchange role. Use the role to deploy SSM Agent on all the IoT devices.

Answer: A,B,C