DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Pass Your DOP-C02 Certification Questions & Practice Tests, AWS Certified DevOps Engineer - Professional | SPOTO

Passing your DOP-C02 certification requires thorough preparation with practice tests and exam questions. The AWS Certified DevOps Engineer - Professional certification validates your skills in managing distributed application systems on AWS. It signifies expertise in provisioning, operating, and ensuring the scalability and security of cloud-based solutions. By mastering exam questions and answers, you gain a deep understanding of AWS services and best practices for DevOps. Utilize practice tests and exam dumps to assess your knowledge and readiness for the real exam. With sample questions and exam materials, you can refine your exam strategy and confidently tackle the certification. SPOTO offers valuable resources, including free exam practice, exam simulators, and mock exams, to enhance your exam preparation and boost your chances of success.
Take other online exams

Question #1
A company hosts a security auditing application in an AWS account. The auditing application uses an IAM role to access other AWS accounts. All the accounts are in the same organization in AWS Organizations. A recent security audit revealed that users in the audited AWS accounts could modify or delete the auditing application's IAM role. The company needs to prevent any modification to the auditing application's IAM role by any entity other than a trusted administrator IAM role. Which solution will meet thes
A. Create an SCP that includes a Deny statement for changes to the auditing application's IAM role
B. Attach the SCP to the root of the organization
C. Create an SCP that includes an Allow statement for changes to the auditing application's IAM role by the trusted administrator IAM rol
D. Include a Deny statement for changes by all other IAM principal
E. Attach the SCP to the IAM service in each AWS account where the auditing application has an IAM role
F. Create an IAM permissions boundary that includes a Deny statement for changes to the auditing application's IAM rol G
View answer
Correct Answer: D
Question #2
A company wants to use a grid system for a proprietary enterprise m-memory data store on top of AWS. This system can run in multiple server nodes in any Linux- based distribution. The system must be able to reconfigure the entire cluster every time a node is added or removed. When adding or removing nodes an /etc./cluster/nodes config file must be updated listing the IP addresses of the current node members of that cluster. The company wants to automate the task of adding new nodes to a cluster. What can a
A. Use AWS OpsWorks Stacks to layer the server nodes of that cluste
B. Create a Chef recipe that populates the content of the 'etc
C. Assign that recipe to the Configure lifecycle event
D. Put the file nodes config in version contro
E. Create an AWS CodeDeploy deployment configuration and deployment group based on an Amazon EC2 tag value for thecluster node
F. When adding a new node to the cluster update the file with all tagged instances and make a commit in version contro G
View answer
Correct Answer: B
Question #3
A business has an application that consists of five independent AWS Lambda functions. The DevOps engineer has built a CI/CD pipeline using AWS CodePipeline and AWS CodeBuild that builds tests packages and deploys each Lambda function in sequence. The pipeline uses an Amazon EventBridge rule to ensure the pipeline starts as quickly as possible after a change is made to the application source code. After working with the pipeline for a few months the DevOps engineer has noticed the pipeline takes too long to
A. Modify the CodeBuild projects within the pipeline to use a compute type with more available networkthroughput
B. Create a custom CodeBuild execution environment that includes a symmetric multiprocessing configuration to run the builds in parallel
C. Modify the CodePipeline configuration to run actions for each Lambda function in parallel by specifying the same runorder
D. Modify each CodeBuild protect to run within a VPC and use dedicated instances to increase throughput
View answer
Correct Answer: B
Question #4
A company is implementing AWS CodePipeline to automate its testing process The company wants to be notified when the execution state fails and used the following custom event pattern in Amazon EventBridge: Which type of events will match this event pattern?
A. Failed deploy and build actions across all the pipelines
B. All rejected or failed approval actions across all the pipelines
C. All the events across all pipelines
D. Approval actions across all the pipelines
View answer
Correct Answer: B
Question #5
A company is hosting a static website from an Amazon S3 bucket. The website is available to customers at example.com. The company uses an Amazon Route 53 weighted routing policy with a TTL of 1 day. The company has decided to replace the existing static website with a dynamic web application. The dynamic web application uses an Application Load Balancer (ALB) in front of a fleet of Amazon EC2 instances. On the day of production launch to customers, the company creates an additional Route 53 weighted DNS rec
A. Delete all objects, including previous versions, from the S3 bucket that contains the static website content
B. Update the weighted DNS record entry that points to the S3 bucke
C. Apply a weight of 0
D. Configure webpage redirect requests on the S3 bucket with a hostname that redirects to the ALB
E. Remove the weighted DNS record entry that points to the S3 bucket from the example
View answer
Correct Answer: D
Question #6
A development team uses AWS CodeCommit for version control for applications. The development team uses AWS CodePipeline, AWS CodeBuild. and AWS CodeDeploy for CI/CD infrastructure. In CodeCommit, the development team recently merged pull requests that did not pass long-running tests in the code base. The development team needed to perform rollbacks to branches in the codebase, resulting in lost time and wasted effort. A DevOps engineer must automate testing of pull requests in CodeCommit to ensure that revi
A. Create an Amazon EventBridge rule that reacts to the pullRequestStatusChanged even
B. Create an AWS Lambda function that invokes a CodePipeline pipeline with a CodeBuild action that runs the tests for the applicatio
C. Program the Lambda function to post the CodeBuild badge as a comment on the pull request so that developers will see the badge in their code review
D. Create an Amazon EventBridge rule that reacts to the pullRequestCreated even
E. Create an AWS Lambda function that invokes a CodePipeline pipeline with a CodeBuild action that runs the tests for the applicatio
F. Program the Lambda function to post the CodeBuild test results as a comment on the pull request when the test results are complete
View answer
Correct Answer: B
Question #7
A company is running an application on Amazon EC2 instances in an Auto Scaling group. Recently an issue occurred that prevented EC2 instances from launching successfully and it took several hours for the support team to discover the issue. The support team wants to be notified by email whenever an EC2 instance does not start successfully. Which action will accomplish this?
A. Add a health check to the Auto Scaling group to invoke an AWS Lambda function whenever an instance status is impaired
B. Configure the Auto Scaling group to send a notification to an Amazon SNS topic whenever a failed instance launch occurs
C. Create an Amazon CloudWatch alarm that invokes an AWS Lambda function when a failed Attachinstances Auto Scaling API call is made
D. Create a status check alarm on Amazon EC2 to send a notification to an Amazon SNS topic whenever a status check fail occurs
View answer
Correct Answer: C
Question #8
A DevOps engineer is architecting a continuous development strategy for a company's software as a service (SaaS) web application running on AWS. For application and security reasons users subscribing to this application are distributed across multiple. Application Load Balancers (ALBs) each of which has a dedicated Auto Scaling group and fleet of Amazon EC2 instances The application does not require a build stage and when it is committed to AWS CodeCommit, the application must trigger a simultaneous deploym
A. Create a single AWS CodePipeline pipeline that deploys the application in parallel using unique AWS CodeDeploy applications and deployment groups created for each ALB-Auto Scaling group pair
B. Create a single AWS CodePipeline pipeline that deploys the application using a single AWSCodeDeploy application and single deployment group
C. Create a single AWS CodePipeline pipeline that deploys the application in parallel using a single AWS CodeDeploy application and unique deployment group for each ALB-Auto Scaling group pair
D. Create an AWS CodePipeline pipeline for each ALB-Auto Scaling group pair that deploys the application using an AWS CodeDeploy application and deployment group created for the same ALB-Auto Scaling group pair
View answer
Correct Answer: C
Question #9
A company has an application that runs on a fleet of Amazon EC2 instances. The application requires frequent restarts. The application logs contain error messages when a restart is required. The application logs are published to a log group in Amazon CloudWatch Logs. An Amazon CloudWatch alarm notifies an application engineer through an Amazon Simple Notification Service (Amazon SNS) topic when the logs contain a large number of restart-related error messages. The application engineer manually restarts the
A. Configure an AWS Systems Manager Automation runbook that runs a script to restart the application on the instance
B. Configure the SNS topic to invoke the runbook
C. Create an AWS Lambda function that restarts the application on the instance
D. Configure the Lambda function as an event destination of the SNS topic
E. Configure an AWS Systems Manager Automation runbook that runs a script to restart the application on the instance
F. Create an AWS Lambda function to invoke the runboo G
View answer
Correct Answer: D
Question #10
A company uses AWS CloudFormation stacks to deploy updates to its application. The stacks consist of different resources. The resources include AWS Auto Scaling groups, Amazon EC2 instances, Application Load Balancers (ALBs), and other resources that are necessary to launch and maintain independent stacks. Changes to application resources outside of CloudFormation stack updates are not allowed. The company recently attempted to update the application stack by using the AWS CLI. The stack failed to update an
A. Update the subnet mappings that are configured for the ALB
B. Run the aws cloudformation update-stack-set AWS CLI command
C. Update the 1AM role by providing the necessary permissions to update the stac
D. Run the aws cloudformation continue-update-rollback AWS CLI command
E. Submit a request for a quota increase for the number of EC2 instances for the accoun
F. Run the aws cloudformation cancel-update-stack AWS CLI command
View answer
Correct Answer: A
Question #11
A company uses a single AWS account lo test applications on Amazon EC2 instances. The company has turned on AWS Config in the AWS account and has activated the restricted-ssh AWS Config managed rule. The company needs an automated monitoring solution that will provide a customized notification in real time if any security group in the account is not compliant with the restricted-ssh rule. The customized notification must contain the name and ID of the noncompliant security group. A DevOps engineer creates a
A. Create an Amazon EventBridge rule that matches an AWS Config evaluation result of NON_COMPLIANT tor the restricted-ssh rul
B. Configure an input transformer for the EventBridge rule Configure the EventBridge rule to publish a notification to the SNS topic
C. Configure AWS Config to send all evaluation results for the restricted-ssh rule to the SNS topic
D. Create an Amazon EventBridge rule that matches an AWS Config evaluation result of NON_COMPLlANT for the restricted-ssh rule Configure the EventBridge rule to invoke AWS Systems Manager Run Command on the SNS topic to customize a notification and to publish the notification to the SNS topic
E. Create an Amazon EventBridge rule that matches all AWS Config evaluation results of NON_COMPLIANT Configure an input transformer for the restricted-ssh rule Configure the EventBridge rule to publish a notification to the SNS topic
View answer
Correct Answer: A
Question #12
A company's application development team uses Linux-based Amazon EC2 instances as bastion hosts. Inbound SSH access to the bastion hosts is restricted to specific IP addresses, as defined in the associated security groups. The company's security team wants to receive a notification if the security group rules are modified to allow SSH access from any IP address. What should a DevOps engineer do to meet this requirement?
A. Create an Amazon EventBridge rule with a source of aws
B. Define an Amazon Simple Notification Service (Amazon SNS) topic as the target
C. Enable Amazon GuardDuty and check the findings for security groups in AWS Security Hu
D. Configure an Amazon EventBridge rule with a custom pattern that matches GuardDuty events with an output of NON_COMPLIAN
E. Define an Amazon Simple Notification Service (Amazon SNS) topic as the target
F. Create an AWS Config rule by using the restricted-ssh managed rule to check whether security groups disallow unrestricted incoming SSH traffi G
View answer
Correct Answer: D
Question #13
A rapidly growing company wants to scale for developer demand for AWS development environments. Development environments are created manually in the AWS Management Console. The networking team uses AWS CloudFormation to manage the networking infrastructure, exporting stack output values for the Amazon VPC and all subnets. The development environments have common standards, such as Application Load Balancers, Amazon EC2 Auto Scaling groups, security groups, and Amazon DynamoDB tables. To keep up with demand,
A. Use Fn::ImportValue intrinsic functions in the Resources section of the template to retrieve VirtualPrivate Cloud (VPC) and subnet value
B. Use CloudFormation StackSets for the development environments, using the Count input parameter to indicate the number of environments neede
C. Use the UpdateStackSet command to update existing development environments
D. Use nested stacks to define common infrastructure component
E. To access the exported values, use TemplateURL to reference the networking team’s templat
F. To retrieve Virtual Private Cloud (VPC) and subnet values, use Fn::ImportValue intrinsic functions in the Parameters section of the root templat G
View answer
Correct Answer: ABE
Question #14
A company is using an organization in AWS Organizations to manage multiple AWS accounts. The company's development team wants to use AWS Lambda functions to meet resiliency requirements and is rewriting all applications to work with Lambda functions that are deployed in a VPC. The development team is using Amazon Elastic Pile System (Amazon EFS) as shared storage in Account A in the organization. The company wants to continue to use Amazon EPS with Lambda Company policy requires all serverless projects to b
B. A DevOps engineer needs to reconfigure an existing EFS file system to allow Lambda functions to access the data through an existing EPS access point
A. Update the EFS file system policy to provide Account B with access to mount and write to the EFS file system in Account
A.
B. Create SCPs to set permission guardrails with fine-grained control for Amazon EFS
C. Create a new EFS file system in Account B Use AWS Database Migration Service (AWS DMS) to keep data from Account A and Account B synchronized
D. Update the Lambda execution roles with permission to access the VPC and the EFS file system
E. Create a VPC peering connection to connect Account A to Account
B.
F. Configure the Lambda functions in Account B to assume an existing IAM role in Account A
View answer
Correct Answer: AEF

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: