Free Amazon DOP-C02 Exam Questions

Question 1

A company is developing a web application that runs on Amazon EC2 Linux instances. The application requires monitoring of custom performance metrics. The company must collect metrics for API response times and database query latency across multiple instances. Which solution will generate the custom metrics with the LEAST operational overhead?

A : Install the Amazon CloudWatch agent on the instances. Configure the agent to collect the custom metrics. Instrument the application to send the metrics to the agent.

B : Use Amazon Managed Service for Prometheus to scrape the custom metrics from the application. Use the Amazon CloudWatch agent to forward the metrics to CloudWatch.

C : Create a custom AWS Lambda function that polls the application endpoints and database at regular intervals. Program the Lambda function to calculate the custom metrics and to send the metrics to Amazon CloudWatch by using PutMetricData API calls.

D : Implement custom logging in the application code to record the custom metrics. Use Amazon CloudWatch Logs Insights to extract and analyze the metrics.

Answer: A

Question 2

An insurance firm has recently undergone digital transformation and AWS cloud adoption. Its app development team has four environments, namely DEV, TEST, PRE-PROD, and PROD, for its flagship application that is configured with AWS CodePipeline. After several weeks, they noticed that there were several outages caused by misconfigured files or faulty code blocks that were deployed into the PROD environment. A DevOps Engineer has been assigned to add the required steps to identify issues in the application before it is released.

Which of the following is the MOST appropriate combination of steps that the Engineer should implement to identify functional issues during the deployment process? (Select TWO.)

A : the pipeline, add an AWS CodeDeploy action to deploy the latest version of the application to the PRE-PROD environment. Set up a manual approval action in the pipeline so that the QA team can perform the required tests. Add another CodeDeploy action that deploys the verified code to the PROD environment after the manual approval action.

B : grate the pipeline from CodePipeline to AWS Data Pipeline to enable more CI/CD features. Add a test action that uses Amazon Macie to the pipeline. Run an assessment using the Runtime Behavior Analysis rules package to verify that the deployed code complies with the strict security standards of the company before deploying it to the PROD environment.

C : Add a test action that uses Amazon GuardDuty to the pipeline. Run an assessment using the Runtime Behavior Analysis rules package to verify that the deployed code complies with the strict security standards of the company before deploying it to the PROD environment.

D : a test action to the pipeline to run both the unit and functional tests using AWS CodeBuild. Verify that the test results passed before deploying the new application revision to the PROD environment.

E : a test action that uses Amazon Inspector to the pipeline. Run an assessment using the Runtime Behavior Analysis rules package to verify that the deployed code complies with the strict security standards of the company before deploying it to the PROD environment.

Answer: A,D

Question 3

A company uses AWS CodeCommit for source code control. Developers apply their changes to various feature branches and create pull requests to move those changes to the main branch when the changes are ready for production.

The developers should not be able to push changes directly to the main branch. The company applied the AWSCodeCommitPowerUser managed policy to the developers’ IAM role, and now these developers can push changes to the main branch directly on every repository in the AWS account.

What should the company do to restrict the developers’ ability to push changes to the main branch directly?

A : eate an additional policy to include a Deny rule for the GitPush and PutFile actions. Include a restriction for the specific repositories in the policy statement with a condition that references the main branch.

B : move the IAM policy, and add an AWSCodeCommitReadOnly managed policy. Add an Allow rule for the GitPush and PutFile actions for the specific repositories in the policy statement with a condition that references the main branch.

C : dify the IAM policy. Include a Deny rule for the GitPush and PutFile actions for the specific repositories in the policy statement with a condition that references the main branch.

D : eate an additional policy to include an Allow rule for the GitPush and PutFile actions. Include a restriction for the specific repositories in the policy statement with a condition that references the feature branches.

Answer: A

Question 4

A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform. Which combination of steps will meet this requirement? (Select TWO.)

A : Create an Amazon CloudWatch log group. Create an AWS CloudTrail trail that writes to the CloudWatch log group.

B : Create a new Amazon S3 bucket. Configure default audit logging on the Redshift cluster. Configure the S3 bucket as the target.

C : Configure the Redshift cluster database audit logging to include user activity logs. Configure Amazon CloudWatch as the target.

D : Create an Amazon CloudWatch dashboard that has a log widget. Configure the widget to display user details from the Redshift logs.

E : Create an AWS Lambda function that uses Amazon Athena to query the Redshift logs. Create an Amazon CloudWatch dashboard that has a custom widget type that uses the Lambda function.

Answer: B,D

Question 5

A leading e-commerce company has a payment portal that handles the payment and refund transactions of its online platform. The portal is hosted in an Auto Scaling group of On-Demand EC2 instances across three multiple Availability Zones in the US West (N. California) region. There is a new requirement to improve the system monitoring of the application as well to track the number of payment and refund transactions being done every minute. The DevOps team should also be notified if this metric breached the specified threshold.

Which of the following options provides the MOST cost-effective and automated solution that will satisfy the above requirement?

A : nfigure the instances to push the number of payments and refund transactions to CloudWatch as a custom metric. Set up a CloudWatch alarm to notify the DevOps team using SNS when the threshold is breached. View statistical graphs of your published metrics with the AWS Management Console.

B : t up an ELK stack that is composed of Elasticsearch, Logstash, and Kibana for log processing. Store the payments and refund transactions in each instance and configure Logstash to send the logs to Amazon ES. Set up a Kibana dashboard to view the data and the metric graphs.

C : nfigure the instances to push the entire log of each payments and refund transactions to CloudWatch Events as a custom metric. Set up a CloudWatch alarm to notify the DevOps team using SNS when the threshold is breached. View statistical graphs of your published metrics with the AWS Management Console.

D : nfigure the instances to push the number of payments and refund transactions to Amazon CloudWatch Logs as a custom metric. Develop a custom monitoring application using a Python-based Flask web application to view the metrics and host it in an Amazon EC2 instance.

Answer: A