Free Amazon DOP-C02 Exam Questions

Question 1

A company updated the AWS CloudFormation template for a critical business application. The stack update process failed due to an error in the updated template, and AWS CloudFormation automatically began the stack rollback process. Later, a DevOps engineer discovered that the application was still unavailable and that the stack was in the UPDATE_ROLLBACK_FAILED state.

Which combination of actions should the DevOps engineer perform so that the stack rollback can complete successfully? (Choose two.)

A : tach the AWSCloudFormationFullAccess IAM policy to the AWS CloudFormation role.

B : tomatically recover the stack resources by using AWS CloudFormation drift detection.

C : ue a ContinueUpdateRollback command from the AWS CloudFormation console or the AWS CLI.

D : nually adjust the resources to match the expectations of the stack.

E : date the existing AWS CloudFormation stack by using the original template.

Answer: C,D

Question 2

A company builds an application that uses an Application Load Balancer in front of Amazon EC2 instances

that are in an Auto Scaling group. The

application is stateless. The Auto Scaling group uses a custom AMI that is fully prebuilt. The EC2 instances

do not have a custom bootstrapping process.

The AMI that the Auto Scaling group uses was recently deleted. The Auto Scaling group's scaling activities

show failures because the AMI ID does not exist.

Which combination of steps should a DevOps engineer take to meet these requirements? (Select THREE.)

A : Create a new launch template that uses the new AMI.

B : Update the Auto Scaling group to use the new launch template.

C : Reduce the Auto Scaling group's desired capacity to O.

D : Increase the Auto Scaling group's desired capacity by I.

E : Create a new AMI from a running EC2 instance in the Auto Scaling group.

F : Create a new AMI by copying the most recent public AMI of the operating system that the EC2 instances use.

Answer: A,B,F

Question 3

A company deploys its corporate infrastructure on AWS across multiple AWS Regions and Availability Zones. The infrastructure is deployed on Amazon EC2 instances and connects with AWS IoT Greengrass devices. The company deploys additional resources on on-premises servers that are located in the corporate headquarters.

The company wants to reduce the overhead involved in maintaining and updating its resources. The company’s DevOps team plans to use AWS Systems Manager to implement automated management and application of patches. The DevOps team confirms that Systems Manager is available in the Regions that the resources are deployed in. Systems Manager also is available in a Region near the corporate headquarters.

Which combination of steps must the DevOps team take to implement automated patch and configuration management across the company’s EC2 instances, IoT devices, and on-premises infrastructure? (Choose three.)

A : ply tags to all the EC2 instances, AWS IoT Greengrass devices, and on-premises servers. Use Systems Manager Session Manager to push patches to all the tagged devices.

B : Systems Manager Run Command to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

C : Systems Manager Patch Manager to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers as a Systems Manager maintenance window task.

D : nfigure Amazon EventBridge to monitor Systems Manager Patch Manager for updates to patch baselines. Associate Systems Manager Run Command with the event to initiate a patch action for all EC2 instances, AWS IoT Greengrass devices, and on-premises servers.

E : eate an IAM instance profile for Systems Manager. Attach the instance profile to all the EC2 instances in the AWS account. For the AWS IoT Greengrass devices and on-premises servers, create an IAM service role for Systems Manager.

F : nerate a managed-instance activation. Use the Activation Code and Activation ID to install Systems Manager Agent (SSM Agent) on each server in the on-premises environment. Update the AWS IoT Greengrass IAM token exchange role. Use the role to deploy SSM Agent on all the IoT devices.

Answer: A,B,C

Question 4

A telecommunications company has a web portal that requires a cross-region failover. The portal stores its data in an Amazon Aurora database in the primary region (us-west-1) and the Parallel Query feature is also enabled in the database to optimize some of the I/O and computation involved in processing data-intensive queries. The portal uses Route 53 to direct customer traffic to the active region.

Which among the options below should be taken to MINIMIZE downtime of the portal in the event that the primary database fails?

A : eate a CloudWatch Events rule to periodically invoke a Lambda function that checks the health of the primary Amazon Aurora database every hour. Configure the Lambda function to promote the read replica as the primary if a failure was detected. Update the Route 53 record to redirect traffic from the primary to the secondary region.

B : nfigure the Route 53 record to balance traffic between both regions equally using the Failover routing policy. Enable the Aurora multi-master option and set up a Route 53 health check to analyze the health of the databases. Set the Route 53 record to automatically direct all traffic to the secondary region when a primary database fails.

C : unch a read replica of the primary database to the second region. Set up Amazon RDS Event Notification to publish status updates to an SNS topic. Create a Lambda function subscribed to the topic to monitor database health. Configure the Lambda function to promote the read replica as the primary in the event of a failure. Update the Route 53 record to redirect traffic from the primary region to the secondary region.

D : t up CloudWatch to monitor the status of the Amazon Aurora database. Create a CloudWatch Events rule to send a Slack message to the SysOps Team using Amazon SNS in the event of a database outage. Instruct the SysOps team to redirect traffic to an S3 static website that displays a downtime message. Manually promote the read replica as the primary instance and verify the portal's status. Redirect traffic from the S3 website to the secondary region.

Answer: C

Question 5

A company's security policies require the use of security hardened AMIS in production environments. A DevOps engineer has used EC2 Image Builder to create a pipeline that builds the AMIs on a recurring schedule. The DevOps engineer needs to update the launch templates of the companys Auto Scaling groups. The Auto Scaling groups must use the newest AMIS during the launch of Amazon EC2 instances. Which solution will meet these requirements with the MOST operational efficiency?

A : Configure an Amazon EventBridge rule to receive new AMI events from Image Builder. Target an AWS Systems Manager Run Command document that updates the launch templates of the Auto Scaling groups with the newest AMI ID.

B : Configure an Amazon EventBridge rule to receive new AMI events from Image Builder. Target an AWS Lambda function that updates the launch templates of the Auto Scaling groups with the newest AMI ID.

C : Configure the launch template to use a value from AWS Systems Manager Parameter Store for the AMI ID. Configure the Image Builder pipeline to update the Parameter Store value with the newest AMI ID.

D : Configure the Image Builder distribution settings to update the launch templates with the newest AMI ID. Configure the Auto Scaling groups to use the newest version of the launch template.

Answer: C