Free Amazon DOP-C02 Exam Questions

Question 1

A company has an application that runs on a fleet of Amazon EC2 instances. The application requires frequent restarts. The application logs contain error messages when a restart is required. The application logs are published to a log group in Amazon CloudWatch Logs.

An Amazon CloudWatch alarm notifies an application engineer through an Amazon Simple Notification Service (Amazon SNS) topic when the logs contain a large number of restart-related error messages. The application engineer manually restarts the application on the instances after the application engineer receives a notification from the SNS topic.

A DevOps engineer needs to implement a solution to automate the application restart on the instances without restarting the instances.

Which solution will meet these requirements in the MOST operationally efficient manner?

A : nfigure an AWS Systems Manager Automation runbook that runs a script to restart the application on the instances. Configure the SNS topic to invoke the runbook.

B : eate an AWS Lambda function that restarts the application on the instances. Configure the Lambda function as an event destination of the SNS topic.

C : nfigure an AWS Systems Manager Automation runbook that runs a script to restart the application on the instances. Create an AWS Lambda function to invoke the runbook. Configure the Lambda function as an event destination of the SNS topic.

D : nfigure an AWS Systems Manager Automation runbook that runs a script to restart the application on the instances. Configure an Amazon EventBridge rule that reacts when the CloudWatch alarm enters ALARM state. Specify the runbook as a target of the rule.

Answer: B

Question 2

A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform. Which combination of steps will meet this requirement? (Select TWO.)

A : Create an Amazon CloudWatch log group. Create an AWS CloudTrail trail that writes to the CloudWatch log group.

B : Create a new Amazon S3 bucket. Configure default audit logging on the Redshift cluster. Configure the S3 bucket as the target.

C : Configure the Redshift cluster database audit logging to include user activity logs. Configure Amazon CloudWatch as the target.

D : Create an Amazon CloudWatch dashboard that has a log widget. Configure the widget to display user details from the Redshift logs.

E : Create an AWS Lambda function that uses Amazon Athena to query the Redshift logs. Create an Amazon CloudWatch dashboard that has a custom widget type that uses the Lambda function.

Answer: B,D

Question 3

A company is re-architecting its monolithic system to a serverless application in AWS to save on cost. The deployment of the succeeding new version of the application must be initially rolled out to a small number of users first for testing before the full release. If the post-hook tests fail, there should be an easy way to roll back the deployment. The DevOps Engineer was assigned to design an efficient deployment setup that mitigates any unnecessary outage that impacts their production environment.

As a DevOps Engineer, how should you satisfy this requirement? (Select TWO.)

A : Create a new record in Route 53 with a Failover routing policy. Configure the primary record to route 20% of incoming traffic to the new version and set the secondary record to route the rest of the traffic to the current version. Once the new version stabilizes, update the primary record to route all traffic to the new version.

B : Launch an Application Load Balancer with an Amazon API Gateway private integration. Attach a single target group to the load balancer and select the 'Canary' routing option which will automatically route incoming traffic to the new version.

C : Launch a Network Load Balancer with an Amazon API Gateway private integration. Attach two target groups to the load balancer. Configure the first target group with the current version and the second target group with the new version. Configure the load balancer to route 20% of the incoming traffic to the new version and once it becomes stable, detach the first target group from the load balancer.

D : t up a canary deployment in Amazon API Gateway that routes 20% of the incoming traffic to the canary release. Promote the canary release to production once the initial tests have passed.

E : t up one AWS Lambda Function Alias that points to both the current and new versions. Route 20% of incoming traffic to the new version and once it is considered stable, update the alias to route all traffic to the new version.

Answer: A,D

Question 4

A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform. Which combination of steps will meet this requirement? (Select TWO.)

A : Create an Amazon CloudWatch log group. Create an AWS CloudTrail trail that writes to the CloudWatch log group.

B : Create a new Amazon S3 bucket. Configure default audit logging on the Redshift cluster. Configure the S3 bucket as the target.

C : Configure the Redshift cluster database audit logging to include user activity logs. Configure Amazon CloudWatch as the target.

D : Create an Amazon CloudWatch dashboard that has a log widget. Configure the widget to display user details from the Redshift logs.

E : Create an AWS Lambda function that uses Amazon Athena to query the Redshift logs. Create an Amazon CloudWatch dashboard that has a custom widget type that uses the Lambda function.

Answer: B,D

Question 5

A DevOps engineer must implement a solution that immediately terminates Amazon EC2 instances in Auto Scaling groups when cryptocurrency mining activity is detected. Which solution will meet these requirements with the LEAST development effort?

A : Configure Amazon Route 53 query logs # CloudWatch # Lambda every 5 mins to detect mining-related domains and terminate EC2 instances.

B : Configure VPC Flow Logs # S3 # Lambda every 5 mins # Athena query # terminate EC2 instances.

C : Enable Amazon GuardDuty. Monitor EC2 findings. Create an EventBridge rule triggered by GuardDuty. Invoke a Lambda function that terminates the affected EC2 instances.

D : Enable AWS Security Hub. Monitor EC2 findings. Create an EventBridge rule triggered by SecurityHub. Invoke Lambda to terminate EC2 instances.

Answer: C