AWS DOP-C02 英文_在线真题试卷与模拟练习_AWS DOP-C02 英文

更新时间：试题数量：购买人数：提供作者：

有效期：个月

章节介绍：共有个章节

我的练习

我的错题
(0道)

我的收藏
(0道)

我的斩题
(0道)

我的笔记
(0道)

专项练习

顺序练习 0 / 0

随机练习 自定义设置练习量

题型乱序 按导入顺序练习

模拟考试 仿真模拟

题型练习 按题型分类练习

易错题 精选高频易错题

学习资料 考试学习相关信息

搜索

题库预览

A company has a mobile application that makes HTTP APl cals to an Application Load Balancer (ALB). The ALB routes requests to an AwsLambda function. Many different versions of the application are in use at any given time, including versions that are in testing by a subset ofusers. The version of the application is defined in the user-agent header that is sent with all requests to the APl.After a series of recent changes to the APl, the company has observed issues with the application. The company needs to gather a metric foreach APl operation by response code for each version of the application that is in use, A DevOps engineer has modifed the lambda functionto extract the APl operation name, version information from the user-agent header and response code.Which additional set of actions should the DevOps engineer take to gather the required metrics?

A company provides an application to customers. The application has an Amazon AP! Gateway REST APl that invokes an AWS Lambdafunction. On initiaization,the Lambda function loads a large amount of data from an Amazon DynamoDB table. The data load process resultsin long cold-start times of 8-10 seconds. The DynamoDB table has DynamoDB Accelerator (DAX) configured.Customers report that the application intermitently takes a long time to respond to requests. The application receives thousands of requeststhroughout the day. In the middle of the day, the application experiences 10 times more requests than at any other time of the day. Near theend of the day, the application's request volume decreases to 10% of its normal total.A DevOps engineer needs to reduce the latency of the Lambda function at all times of the day.Which solution will meet these requirements?

A company is adopting AWS CodeDeploy to automate its application deployments for a Java-Apache Tomcat application with an ApacheWebserver. The development team started with a proof of concept, created a deployment group for a developer environment, and performedfunctional tests within the application. After completion, the team will create additional deployment groups for staging and production.the current log level is configured within the Apache settings, but the team wants to change this coniguration dynamically when thedeployment occurs, so that they can set different log level configurations depending on the deployment group without having a different

application revision for each group.How can these requirements be met with the LEAST management overhead and without requiring different script versions for eachdeployment group?

A company is using an Amazon Aurora cluster as the data store for its application. The Aurora cluster is confiqured with a single bB instanceThe application performs read and write operations on the database by using the cluster's instance endpoint.he company has scheduled an uodate to be applied to the cluster during an uncoming maintenance window, The ciuster must remainavailable with the least possible interruption during the maintenance window.What should a DevOps engineer do to meet these requirements?

A company requires its developers to tag all Amazon Elastic Block Store (Amazon EBS) volumes in an account to indicate a desired backupfrequency. This requirement lincludes EBS volumes that do not require backups. The company uses custom tags named Backup_Frequencythat have values of none, dally,or weeky that correspond to the desired backup frequency. An audit finds that developers are occasionally noitagging the EBS volumes.A DevOps engineer needs to ensure that al EBS volumes always have the Backup_Frequency tag so that the company can perform backups atleast weekly unless a different value is specified.

Which solution will meet these requirements?

A company uses AWS Key Management Service (AWS KMS) keys and manual key rotation to meet reoulatory compliance reouirements, Thesecurity team wants to be notified when any keys have not been rotated after 90 days.Which solution will accomplish this?

A security review has identifed that an AWs CodeBuild project is downloading a database population script from an Amazon s3 bucket usingan unauthenticated request. The security team does not allow unauthenticated requests to S3 buckets for this project.How can this issue be corrected in the MOST secure manner?

A company has a single AWS account that runs hundreds of Amazon Ec2 instances in a single AWS Region. New Ec2 instances are launchedand terminated each hour in the account. The account also includes existing Ec2 instances that have been running for longer than a week.The company's security policy reguires al running Ec2 instances to use an Ec2 instance profle, lfan Ec2 instance does not have an instanceprofile attached, the Ec2 instance must use a default instance profle that has no lAM permissions assianed.A DevOps engineer reviews the account and discovers Ec2 instances that are running without an instance profle. During the review, theDevOps engineer also observes that new EC2 instances are being launched without an instance profile.Which solution will ensure that an instance profle is attached to all existing and future Ec2 instances in the Region?

A DevOps engineer is building a continuous deployment pipeline for a serverless application that uses AWs Lambda functions. The companywants to reduce the customer impact of an unsuccessful deployment. The company also wants to monitor for issues.Which deploy stage configuration will meet these requirements?

To run an application, a DevOps engineer launches an Amazon Ec2 instance with public lP addresses in a public subnet. A user data scriptobtains the application artifacts and installs them on the instances upon launch. A change to the security classifcation of the application nowreguires the instances to run with no access to the internet. While the instances launch successfully and show as healthy, the applicationdoes not seem to be installed.

Which of the following should successfully install the application while complying with the new rule?

A development team is using AWs CodeCommit to version control application code and AWs CodePipeline to orchestrate softwaredeployments. The team has decided to use a remote main branch as the trigger for the pipeline to integrate code changes. A developer haspushed code changes to the CodeCommit repository, but noticed that the pipeline had no reaction, even after 10 minutesWhich of the following actions should be taken to troubleshoot this issue?

A company's developers use Amazon Ec2 instances as remote workstations. The company is concerned that users can create or modify Ec2security groups to allow unrestricted inbound access.A DevOps engineer needs to develop a solution to detect when users create unrestricted security aroup rules, The solution must detectchanges to security group rules in near real time, remove unrestricted rules, and send email notifcations to the security team. The DevOpsengineer has created an AWs Lambda function that checks for security group lD from input,removes rules that grant unrestricted access, andsends notifcations throuah Amazon Simple Notifcation Seryice (Amazon SNs)What should the DevOps engineer do next to meet the requirements?

A DevOps engineer is creating an AWs cloudFormation template to deploy a web service. The web service will run on Amazon Ec2 instancesin a private subnet behind an Application Load Balancer (ALB). The DevOps engineer must ensure that the service can accept requests fromclients that have lPv6 addresses.

What should the DevOps engineer do with the CloudFormation template so that lPv6 clients can access the web service?

A company uses AWS Organizations and AWS Control Tower to manage allthe company's AWS accounts. The company uses the Enterprise Support plan.A DevOps engineer is using Account Factory for Terraform (AFT) to provision new accounts. When new accounts are provisioned, the DevOpsengineer notices that the support plan for the new accounts is set to the Basic Support plan. The DevOps engineer needs to implement asolution to provision the new accounts with the Enterprise Support plan.Which solution will meet these requirements?

A company's wevops engineer uses Aws systems Manager to pertorm maintenance tasks during maintenance windows. the company has afew Amazon Ec2 instances that require a restant after notifications from AWS Health. The DevOps engineer needs to implement an automatedsolution to remediate these notifications, The DevOps engineer creates an Amazon EventBridge rule.How should the DeyOps engineer confiaure the EventBridge rule to meet these requirements?

A company has containerized all of its in-house qualitv control applications. The company is running Jenkins on Amazon EC2 instances, whichrequire patching and upgrading. The compliance officer has requested a DevOps engineer begin encrypting build artifacts since they contain company intellectual property.

What should the DevOps engineer do to accomplish this in the MOST maintainable manner?

An iT team has built an AWS CloudFormation template so others in the company can quickly and reliably deploy and terminate an application.The template creates an Amazon Ec2 instance with a user data script to install the application and an Amazon S3 bucket that the applicationuses to serve static webpages while it is running.

All resources should be removed when the CloudFormation stack is deleted. However, the team observes that cloudFormation reports an errorduring stack deletion, and the S3 bucket created by the stack is not deleted.How can the team resolve the error in the MOST efficient manner to ensure that all resources are deleted without errors?

A company runs an application on one Amazon Ec2 instance. Application metadata is stored in Amazon S3 and must be retrieved if theinstance is restarted. The instance must restart or relaunch automatically if the instance becomes unresponsive.Which solution will meet these requirements?

A company has multiple AWs accounts. The company uses AWS lAM ldentity Center (AWs Single sign-0n) that is integrated with Aws Toolkitfor Microsoft Azure DevOps. The attributes for access control feature is enabled in lAM ldentity Center.The attribute mapping list contains two entries. The department key is mapped to $$fpath:enterprise.department). The costCenter key is mapped to $${path:enterprise.costCenter).

All existing Amazon Ec2 instances have a department tag that corresponds to three company departments (d1, d2, d3). A DevOps engineermust create policles based on the matching attributes, The policies must minimize administrative eftort and must grant each Azure AD useaccess to only the Ec2 instances that are tagged with the user's respective department name.Which condition key should the DevOps engineer include in the custom permissions policies to meet these requirements?

A company hosts a security auditing application in an AWS account. The auditing application uses an lAM role to access other Aws accountsAll the accounts are in the same organization in AWS Organizations.A recent security audit revealed that users in the audited Aws accounts could modify or delete the auditing application's lAM role. Thecompany needs to prevent any modification to the auditing application's lAM role by any entity other than a trusted administrator lAM role.Which solution will meet these requirements?

更多题库