• Home
  • Articles
  • AWS-DevOps Exam Dumps - PDF Questions and Testing Engine [Q75-Q96]

AWS-DevOps Exam Dumps - PDF Questions and Testing Engine [Q75-Q96]

Share

AWS-DevOps Exam Dumps - PDF Questions and Testing Engine

AWS-DevOps Dumps - The Sure Way To Pass Exam

NEW QUESTION 75
A Developer is maintaining a fleet of 50 Amazon EC2 Linux servers. The servers are part of an Amazon EC2 Auto Scaling group, and also use Elastic Load Balancing for load balancing.
Occasionally, some application servers are being terminated after failing ELB HTTP health checks. The Developer would like to perform a root cause analysis on the issue, but before being able to access application logs, the server is terminated.
How can log collection be automated?

  • A. Use Auto Scaling lifecycle hooks to put instances in a Pending:Wait state. Create an Amazon CloudWatch Alarm for EC2 Instance Terminate Successful and trigger an AWS Lambda function that executes an SSM Run Command script to collect logs, push them to Amazon S3, and complete the lifecycle action once logs are collected.
  • B. Use Auto Scaling lifecycle hooks to put instances in a Terminating: Wait state. Create a Config rule for EC2 Instance-terminate Lifecycle Action and trigger a step function that executes a script to collect logs, push them to Amazon S3, and complete the lifecycle action once logs are collected.
  • C. Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create an Amazon CloudWatch Events rule for EC2 'Instance-terminate Lifecycle Action and trigger an AWS Lambda function that executes a SSM Run Command script to collect logs, push them to Amazon S3, and complete the lifecycle action once logs are collected.
  • D. Use Auto Scaling lifecycle hooks to put instances in a Terminating: Wait state. Create an Amazon CloudWatch subscription filter for EC2 Instance Terminate Successful and trigger a CloudWatch agent that executes a script to called logs, push them to Amazon S3, and complete the lifecycle action once logs are collected.

Answer: C

Explanation:
https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html

 

NEW QUESTION 76
Your company has a set of EC2 resources hosted on AWS. Your new IT procedures state that AWS EC2
Instances must be of a particular Instance type. Which of the following can be used to get the list of EC2
Instances which currently don't match the instance type specified in the new IT procedures

  • A. Use Trusted Ad visor to check which EC2 Instances don't match the intended instance type.
  • B. Use VPC Flow Logs to check which EC2 Instances don't match the intended instance type.
  • C. Use AWS Config to create a rule to check the EC2 Instance type
  • D. Use AWS Cloudwatch alarms to check which EC2 Instances don't match the intended instance type.

Answer: C

Explanation:
Explanation
In AWS Config, you can create a rule which can be used to check if CC2 Instances follow a particular instance
type. Below is a snapshot of the output of a rule to check if CC2 instances matches the type of t2micro.

For more information on AWS Config, please visit the below URL:
* https://aws.amazon.com/config/

 

NEW QUESTION 77
Which of the below 3 things can you achieve with the Cloudwatch logs service? Choose 3 options.

  • A. RecordAPI calls for your AWS account and delivers log files containing API calls toyour Amazon S3
    bucket
  • B. Streamthe log data into Amazon Elasticsearch in near real-time with Cloud Watch Logssubscriptions.
  • C. Sendthe log data to AWS Lambda for custom processing or to load into other systems
  • D. Streamthe log data to Amazon Kinesis

Answer: B,C,D

Explanation:
Explanation
You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic
Compute Cloud (Amazon L~C2) instances, AWS CloudTrail, and other sources. You can then retrieve the
associated log data from CloudWatch Logs.
For more information on Cloudwatch logs, please visit the below URL
* http://docs.ws.amazon.com/AmazonCloudWatch/latest/logs/WhatlsCloudWatchLogs.html

 

NEW QUESTION 78
You have an ELB setup in AWS with EC2 instances running behind it. You have been requested to monitor the incoming connections to the ELB. Which of the below options can suffice this requirement?

  • A. Enable access logs on the load balancer
  • B. Use a CloudWatch Logs Agent
  • C. Create a custom metric CloudWatch filter on your load balancer
  • D. UseAWSCIoudTrail with your load balancer

Answer: A

Explanation:
Explanation
Clastic Load Balancing provides access logs that capture detailed information about requests sent to your load balancer. Cach log contains information such as the time the request was received, the client's IP address, latencies, request paths, and server responses. You can use these access logs to analyze traffic patterns and to troubleshoot issues.
Option A is invalid because this service will monitor all AWS services
Option C and D are invalid since CLB already provides a logging feature.
For more information on ELB access logs, please refer to the below document link: from AWS
* http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/access-log-collection.html

 

NEW QUESTION 79
A defect was discovered in production and a new sprint item has been created for deploying a hotfix. However, any code change must go through the following steps before going into production:
- Scan the code for security breaches, such as password and access key
leaks.
- Run the code through extensive, long running unit tests.
Which source control strategy should a DevOps Engineer use in combination with AWS CodePipeline to complete this process?

  • A. Create a hotfix branch from the master branch. Triger the development pipeline from the hotfix branch.
    Use AWS Lambda to do a content scan and run unit tests. Add a manual approval stage that merges the hotfix branch into the master branch.
  • B. Create a hotfix tag on the last commit of the master branch. Trigger the development pipeline from the hotfix tag. Use AWS CodeDeploy with Amazon ECS to do a content scan and run unit tests. Add a manual approval stage that merges the hotfix tag into the master branch.
  • C. Create a hotfix branch from the master branch. Triger the development pipeline from the hotfix branch.
    Use AWS CodeBuild to do a content scan and run unit tests. Add a manual approval stage that merges the hotfix branch into the master branch.
  • D. Create a hotfix branch from the master branch. Create a separate source stage for the hotfix branch in the production pipeline. Trigger the pipeline from the hotfix branch. Use AWS Lambda to do a content scan and use AWS CodeBuild to run unit tests. Add a manual approval stage that merges the hotfix branch into the master branch.

Answer: C

Explanation:
We need to create a feature branch to test the fix and codebuild can do both the scan and unit tests.
https://docs.aws.amazon.com/codebuild/latest/userguide/how-to-create-pipeline.html#how-to- create-pipeline-add

 

NEW QUESTION 80
A company has developed a static website hosted on an Amazon S3 bucket. The website is deployed using AWS CloudFormation. The CloudFormation template defines an S3 bucket and a custom resource that copies content into the bucket from a source location.
The company has decided that it needs to move the website to a new location, so the existing CloudFormation stack must be deleted and re-created. However, CloudFormation reports that the stack could not be deleted cleanly.
What is the MOST likely cause and how can the DevOps Engineer mitigate this problem for this and future versions of the website?

  • A. Deletion has failed because the S3 bucket is not empty. Modify the custom resource's AWS Lambda function code to recursively empty the bucket when is Delete. RequestType
  • B. Deletion has failed because the custom resource does not define a deletion policy. Add a Deletion Policy property to the custom resource definition with a value of RemoveOnDeletion.
  • C. Deletion has failed because the S3 bucket is not empty. Modify the S3 bucket resource in the CloudFormation template to add a Deletion Policy property with a value of Empty.
  • D. Deletion has failed because the S3 bucket has an active website configuration. Modify the CloudFormation template to remove the Website Configuration property from the S3 bucket resource.

Answer: C

 

NEW QUESTION 81
A Development team creates a build project in AWS CodeBuild. The build project invokes automated tests of modules that access AWS services.
Which of the following will enable the tests to run the MOST securely?

  • A. Use AWS managed credentials. Encrypt the credentials with AWS KMS. As part of the build script, decrypt with AWS KMS and use these credentials to run the integration tests.
  • B. Generate credentials for an IAM user with a policy attached to allow the actions on AWS services. Store credentials as encrypted environment variables for the build project. As part of the build script, obtain the credentials to run the integration tests.
  • C. Have CodeBuild run only the integration tests as a build job on a Jenkins server. Create a role that has a policy attached to allow the actions on AWS services. Generate credentials for an IAM user that is allowed to assume the role. Configure the credentials as secrets in Jenkins, and allow the build job to use them to run the integration tests.
  • D. Create a service role in IAM to be assumed by CodeBuild with a policy attached to allow the actions on AWS services. Configure the build project to use the role created.

Answer: C

 

NEW QUESTION 82
Which of the following is incorrect when it comes to using the instances in an Opswork stack?

  • A. You can start and stop instances manually in a stack
  • B. You can use time-based automatic scaling with any stack
  • C. In a stack you can use a mix of both Windowsand Linux operating systems
  • D. You can use custom AMI'S as long as they are based on one of the AWS OpsWorks Stacks-supported AMIs

Answer: C

Explanation:
Explanation
The AWS documentation mentions the following about Opswork stack
* A stack's instances can run either Linux or Windows.
A stack can have different Linux versions or distributions on different instances, but you cannot mix Linux and Windows instances.
* You can use custom AMIs (Amazon Machine Images), but they must be based on one of the AWS Ops Works Stacks-supported AMIs
* You can start and stop instances manually or have AWS OpsWorks Stacks automatically scale the number of instances. You can use time-based automatic scaling with any stack; Linux stacks also can use load-based scaling.
* In addition to using AWS OpsWorks Stacks to create Amazon EC2 instances, you can also register instances with a Linux stack that were created outside of AWS OpsWorks Stacks.
For more information on Opswork stacks, please visit the below link:
* http://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.
html

 

NEW QUESTION 83
You set up a web application development environment by using a third party configuration management tool to create a Docker container that is run on local developer machines.
What should you do to ensure that the web application and supporting network storage and security infrastructure does not impact your application after you deploy into AWS for staging and production environments?

  • A. Becausethe application is inside a Docker container, there are no infrastructuredifferences to be taken into account when moving from the local developmentenvironments to AWS for staging and production.
  • B. Definean AWS CloudFormation template to place your infrastructure into versioncontrol and use the same template to deploy the Docker container into ElasticBeanstalk for staging and production.
  • C. Writea script using the AWS SDK or CLI to deploy the application code from versioncontrol to the local development environments staging and production usingAWSOpsWorks.
  • D. Definean AWS CloudFormation template for each stage of the application deploymentlifecycle
    -development, staging and production -and have tagging in eachtemplate to define the environment.

Answer: B

Explanation:
Explanation
Clastic Beanstalk supports the deployment of web applications from Docker containers. With Docker containers, you can define your own runtime environment. You can choose your own platform, programming language, and any application dependencies (such as package managers or tools), that aren't supported by other platforms. Docker containers are self-contained and include all the configuration information and software your web application requires to run.
By using Docker with Elastic Beanstalk, you have an infrastructure that automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring.
This seems to be more appropriate than Option D.
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.html
For more information on Cloudformation best practises, please visit the link:
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.html

 

NEW QUESTION 84
What is the order of most-to-least rapidly-scaling (fastest to scale first)?
a) EC2 + ELB + Auto Scaling
b) Lambda
c) RDS

  • A. C, B, A
  • B. A, C, B
  • C. B, A, C
  • D. C, A, B

Answer: C

Explanation:
Lambda is designed to scale instantly. EC2 + ELB + Auto Scaling require single-digit minutes to scale out. RDS will take at least 15 minutes, and will apply OS patches or any other updates when applied.
https://aws.amazon.com/lambda/faqs/

 

NEW QUESTION 85
The operations team and the development team want a single place to view both operating system and application logs.
How should you implement this using AWS services? Choose 2 answers

  • A. Using AWS CloudFormation, merge the application logs with the operating system logs, and use IAM Roles to allow both teams to have access to view console output from Amazon EC2.
  • B. Using AWS CloudFormation, create a CloudWatch Logs LogGroup.
    Because the Cloudwatch Log agent automatically sends all operating system logs, you only have to configure the application logs for sending off-machine.
  • C. Using configuration management, set up remote logging to send events to Amazon Kinesis and insert these into Amazon CloudSearch or Amazon Redshift, depending on available analytic tools.
  • D. Using AWS CloudFormation, create a CloudWatch Logs LogGroup and send the operating system and application logs of interest using the CloudWatch Logs Agent.
  • E. Using AWS CloudFormation and configuration management, set up remote logging to send events via UDP packets to CloudTrail.

Answer: C,D

 

NEW QUESTION 86
A DevOps Engineer is launching a new application that will be deployed using Amazon Route 53, an Application Load Balancer, Auto Scaling, and Amazon DynamoDB. One of the key requirements of this launch is that the application must be able to scale to meet a sudden load increase. During periods of low usage, the infrastructure components must scale down to optimize cost.
What steps can the DevOps Engineer take to meet the requirements? (Select TWO.)

  • A. Determine which Amazon EC2 instance limits need to be raised by leveraging AWS Trusted Advisor, and submit a request to AWS Support to increase those limits.
  • B. Enable Auto Scaling for the DynamoDB tables that are used by the application.
  • C. Create an Amazon CloudWatch Events scheduled rule that runs every 5 minutes to track the current use of the Auto Scaling group. If usage has changed, trigger a scale-up event to adjust the capacity. Do the same for DynamoDB read and write capacities.
  • D. Use AWS Trusted Advisor to submit limit increase requests for the Amazon EC2 instances that will be used by the infrastructure.
  • E. Configure the Application Load Balancer to automatically adjust the target group based on the current load.

Answer: B,E

Explanation:
Explanation/Reference: https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html

 

NEW QUESTION 87
Consider the portion of a CloudTrail log file below. Which type of event is being captured?
"eventTime":"2016-07-16T17:35:32Z",
"eventSource":"signin.amazonaws.com",
"eventName":"ConsoleLogin",
"awsRegion":"us-west-1",
"sourceIPAddress":"192.1.2.10",
...

  • A. AWS console sign-in
  • B. AWS deployment
  • C. AWS log off
  • D. AWS error

Answer: A

Explanation:
CloudTrail records attempts to sign into the AWS Management Console, the AWS Discussion Forums and the AWS Support Center. Note, however, that CloudTrail does not record root sign-in failures.
Reference:
http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-aws- console-sign-in-events.html

 

NEW QUESTION 88
A DevOps engineer needs to back up sensitive Amazon S3 objects that are stored within an S3 bucket with a private bucket policy using S3 cross-Region replication functionality. The objects need to be copied to a target bucket In a different AWS Region and account.
Which combination of actions should be performed to enable this replication? (Select THREE.)

  • A. Add statements to the target bucket policy allowing the replication 1AM role to replicate objects.
  • B. Create a replication 1AM role in the target account.
  • C. Create a replication 1AM role in the source account.
  • D. Add statements to the source bucket policy allowing the replication 1AM role to replicate objects
  • E. Create a replication rule in the target bucket to enable the replication
  • F. Create a replication rule in the source bucket to enable the replication.

Answer: B,F

 

NEW QUESTION 89
Your company has the requirement to set up instances running as part of an Autoscaling Group. Part of the requirement is to use Lifecycle hooks to setup custom based software's and do the necessary configuration on the instances. The time required for this setup might take an hour, or might finish before the hour is up. How should you setup lifecycle hooks for the Autoscaling Group. Choose 2 ideal actions you would include as part of the lifecycle hook.

  • A. Configure the lifecycle hook to record heartbeats. If the hour is up, restart the timeout period.
  • B. Configure the lifecycle hook to record heartbeats. If the hour is up, choose to terminate the current instance and start a new one
  • C. If the software installation and configuration is complete, then send a signal to complete the launch of the instance.
  • D. Ifthe software installation and configuration is complete, then restart the time period.

Answer: A,C

Explanation:
Explanation
The AWS Documentation provides the following information on lifecycle hooks By default, the instance remains in a wait state for one hour, and then Auto Scaling continues the launch or terminate process (Pending: Proceed or Terminating: Proceed). If you need more time, you can restart the timeout period by recording a heartbeat. If you finish before the timeout period ends, you can complete the lifecycle action, which continues the launch or termination process For more information on AWS Lifecycle hooks, please visit the below URL:
* http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html

 

NEW QUESTION 90
A company is implementing a well-architected design for its globally accessible API stack. The design needs to ensure both high reliability and fast response times for users located in North America and Europe.
The API stack contains the following three tiers:
* Amazon API Gateway
* AWS Lambda
* Amazon DynamoDB
Which solution will meet the requirements?

  • A. Configure Amazon Route 53 to point to API Gateway APIs in North America and Europe using health checks. Configure the APIs to forward requests to a Lambda function in that Region. Configure the Lambda functions to retrieve and update the data in a DynamoDB table in the same Region as the Lambda function.
  • B. Configure Amazon Route 53 to point to API Gateway API in North America using latency-based routing. Configure the API to forward requests to the Lambda function in the Region nearest to the user.
    Configure the Lambda function to retrieve and update the data in a DynamoDB table.
  • C. Configure Amazon Route 53 to point to API Gateway APIs in North America and Europe using latency-based routing and health checks. Configure the APIs to forward requests to a Lambda function in that Region. Configure the Lambda functions to retrieve and update the data in a DynamoDB global table.
  • D. Configure Amazon Route 53 to point to API Gateway in North America, create a disaster recovery API in Europe, and configure both APIs to forward requests to the Lambda functions in that Region.
    Retrieve the data from a DynamoDB global table. Deploy a Lambda function to check the North America API health every 5 minutes. In the event of a failure, update Route 53 to point to the disaster recovery API.

Answer: C

 

NEW QUESTION 91
When using EC2 instances with the Code Deploy service, which of the following are some of the pre-requisites to ensure that the EC2 instances can work with Code Deploy. Choose 2 answers from the options given below

  • A. Ensurean 1AM role is attached to the instance so that it can work with the CodeDeploy Service.
  • B. Ensurethe EC2 Instance is placed in the default VPC
  • C. Ensurethat the CodeDeploy agent is installed on the EC2 Instance
  • D. Ensurethe EC2 Instance is configured with Enhanced Networking

Answer: A,C

Explanation:
Explanation
This is mentioned in the AWS documentation

For more information on instances for CodeDeploy, please visit the below URL:
* http://docs.aws.amazon.com/codedeploY/latest/userguide/instances.html

 

NEW QUESTION 92
The operations team and the development team want a single place to view both operating system and application logs. How should you implement this using A WS services? Choose two from the options below

  • A. Using AWS CloudFormation, merge the application logs with the operating system logs, and use 1AM Roles to allow both teams to have access to view console output from Amazon EC2.
  • B. Using AWS CloudFormation, create a Cloud Watch Logs LogGroup and send the operating system and application logs of interest using the Cloud Watch Logs Agent.
  • C. Using configuration management, set up remote logging to send events to Amazon Kinesis and insert these into Amazon CloudSearch or Amazon Redshift, depending on available analytic tools.
  • D. Using AWS CloudFormation and configuration management, set up remote logging to send events via UDP packets to CloudTrail.

Answer: B,C

Explanation:
Explanation
Option B is invalid because Cloudtrail is not designed specifically to take in UDP packets Option D is invalid because there are already Cloudwatch logs available, so there is no need to have specific logs designed for this.
You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon L~C2) instances, AWS CloudTrail, and other sources. You can then retrieve the associated log data from CloudWatch Logs.
For more information on Cloudwatch logs please refer to the below link:
* http://docs^ws.amazon.com/AmazonCloudWatch/latest/logs/WhatlsCloudWatchLogs.html
You can the use Kinesis to process those logs For more information on Amazon Kinesis please refer to the below link:
* http://docs.aws.amazon.com/streams/latest/dev/introduction.html

 

NEW QUESTION 93
A DevOps engineer is assisting with a multi-Region disaster recovery solution for a new application. The application consists of Amazon EC2 instances running in an Auto Scaling group and an Amazon Aurora MySQL DB cluster. The application must be available with an RTO of 120 minutes and an RPO of 60 minutes.
What is the MOST cost-effective way to meet these requirements?

  • A. Launch an Aurora DB cluster as an Aurora Replica in a different Region. Create an AWS CloudFormation template for all compute resources and create a stack in two Regions. Write a script thai promotes the Aurora Replica to the primary instance in the event of a failure.
  • B. Launch an Aurora DB cluster as an Aurora Replica in a different Region and configure automatic cross-Region failover. Create an AWS CloudFormation template that includes an Auto Scaling group, and create a stack in two Regions. Write a script that updates the CloudFormation stack in the disaster recovery Region to increase the number of instances.
  • C. Use AWS Lambda to create and copy a snapshot of the Aurora DB cluster to the destination Region hourly. Create an AWS CloudFormation template that includes an Auto Scaling group, and create a stack in two Regions. Restore the Aurora DB cluster from a snapshot and update the Auto Scaling group to start launching instances.
  • D. Configure Amazon DynamoDB cross-Region replication. Create an AWS CloudFormation template that includes an Auto Scaling group, and create a stack in two Regions. Write a script that will update the CloudFormation stack in the disaster recovery Region and promote the DynamoDB replica to the primary instance in the event of a failure.

Answer: A

 

NEW QUESTION 94
You recently encountered a major bug in your Windows-based web application during a deployment cycle.
During this failed deployment, it took the team four hours to roll back to a previously working state, which left customers with a poor user experience.
During the post-mortem, your team discussed the need to provide a quicker way to roll back failed deployments.
You currently run your web application on Amazon EC2 using Windows 2012R2 and use Elastic Load Balancing for your load balancing needs.
Which technique should you use to solve this problem?

  • A. Create deployable versioned bundles of your application.
    Store the bundle on Amazon S3. Re-deploy your web application using an AWS OpsWorks stack, and use AWS OpsWorks application versioning to initiate a rollback during failures.
  • B. Re-deploy your web application using Elastic Beanstalk, and use the Elastic Beanstalk application versions when deploying.
    During failures, re-deploy the previous version to the Elastic Beanstalk environment.
  • C. Re-deploy your web application using Elastic Beanstalk, and use the Elastic Beanstalk API to trigger a FailedDeployment API call to initiate a rollback to the previous version.
  • D. Re-deploy your web application using an AWS OpsWorks stack, and use the AWS OpsWorks auto-rollback feature to initiate a rollback during failures.
  • E. Create deployable versioned bundles of your application. Store the bundles on Amazon S3.
    Re-deploy your web application on Elastic Beanstalk, and enable the Elastic Beanstalk auto- rollback feature tied to CloudWatch metrics that define failure.

Answer: B

 

NEW QUESTION 95
A company is deploying a new application that uses Amazon EC2 instances. The company needs a solution to query application logs and AWS account API activity. Which solution will meet these requirements?

  • A. Use the Amazon CloudWatch agent to send logs from the EC2 instances to Amazon S3. Use AWS CloudTrail to deliver the API logs to Amazon S3. Use Amazon Athena to query both sets of logs in Amazon S3.
  • B. Use the Amazon CloudWatch agent to send logs from the EC2 instances to Amazon CloudWatch Logs. Configure AWS CloudTrail to deliver the API logs to CloudWatch Logs. Use CloudWatch Logs Insights to query both sets of logs.
  • C. Use the Amazon CloudWatch agent to send logs from the EC2 instances to Amazon CloudWatch Logs. Configure AWS CloudTrail to deliver the API logs to Amazon S3. Use CloudWatch to query both sets of logs.
  • D. Use the Amazon CloudWatch agent to send logs from the EC2 instances to Amazon Kinesis. Configure AWS CloudTrail to deliver the API logs to Kinesis. Use Kinesis to load the data into Amazon Redshift. Use Amazon Redshift to query both sets of logs.

Answer: C

 

NEW QUESTION 96
......


Policies and Standards Automation (10%)

  • Applying the concepts required to implement the governance strategies;
  • Applying the concepts that are required to implement standards for logging, security, testing, monitoring & metrics.
  • Determining how to optimize the cost through automation;

 

Pass Amazon AWS-DevOps Exam Quickly With Prep4sures: https://freedownload.prep4sures.top/AWS-DevOps-real-sheets.html

Related Articles

more
Amazon AWS-DevOps Certification Practice Exam