DOP-C01 Exam dumps - Get DOP-C01 PDF With Actual Questions Answers 
                     Amazon Web Services
DOP-C01
AWS Certified DevOps
Engineer- Professional
Version: Demo
[ Total Questions: 10]
https://www.amazondumps.us/aws-devops-engineer-professional.html
Amazon Web Services - DOP-C01
Question #:1
You have an Auto Scaling group with 2 AZs. One AZ has 4 EC2 instances and the other has 3 EC2 instances.
None of the instances are protected from scale in. Based on the default Auto Scaling termination policy what
will happen?
A.  Auto Scaling selects an instance to terminate randomly
B.  Auto Scaling will terminate unprotected instances in the Availability Zone with the oldest launch
configuration.
C.  Auto Scaling terminates which unprotected instances are closest to the next billing hour.
D.  Auto Scaling will select the AZ with 4 EC2 instances and terminate an instance.
Answer: D
Explanation
The default termination policy is designed to help ensure that your network architecture spans Availability
Zones evenly. When using the default termination policy.
Auto Scaling selects an instance to terminate as follows:
Auto Scaling determines whether there are instances in multiple Availability Zones. If so, it selects the
Availability Zone with the most instances and at least one instance that is not protected from scale in. If there
is more than one Availability Zone with this number of instances. Auto Scaling selects the Availability Zone
with the instances that use the oldest launch configuration. For more information on Autoscaling instance
termination please refer to the below link:
http://docs.aws.amazon.com/autoscaling/latest/userguide/as-instance-termi
nation.html
Question #:2
You work for a company that has multiple applications which are very different and built on different
programming languages. How can you deploy applications as quickly as possible?
A.  Develop each app in one Docker container and deploy using ElasticBeanstalk
B.  Create a Lambda function deployment package consisting of code and any dependencies
C.  Develop each app in a separate Docker container and deploy using Elastic Beanstalk V
D.  Develop each app in a separate Docker containers and deploy using CloudFormation
Answer: C
1 of 7
Amazon Web Services - DOP-C01
Explanation
Elastic Beanstalk supports the deployment of web applications from Docker containers. With Docker
containers, you can define your own runtime environment. You
can choose your own platform, programming language, and any application dependencies (such as package
managers or tools), that aren't supported by other
platforms. Docker containers are self-contained and include all the configuration information and software
your web application requires to run.
Option A is an efficient way to use Docker. The entire idea of Docker is that you have a separate environment
for various applications.
Option B is ideally used to running code and not packaging the applications and dependencies
Option D is not ideal deploying Docker containers using Cloudformation
For more information on Docker and Clastic Beanstalk, please visit the below URL:
 http://docs.aws.a
mazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.html
Question #:3
The project you are working on currently uses a single AWS CloudFormation template to deploy its AWS
infrastructure, which supports a multi-tier web application. You have been tasked with organizing the AWS
CloudFormation resources so that they can be maintained in the future, and so that different departments such
as Networking and Security can review the architecture before it goes to Production. How should you do this
in a way that accommodates each department, using their existing workflows?
A.  Organize the AWS CloudFormation template so that related resources are next to each other in the
template, such as VPC subnets and routing rules for Networkingand security groups and 1AM
information for Security.
B.  Separate the AWS CloudFormation template into a nested structure that has individual templates for the
resources that are to be governed by different departments, and use the outputs from the networking and
security stacks for the application template that you control. ^/
C.  Organize the AWS CloudFormation template so that related resources are next to each other in the
template for each department's use, leverage your existing continuous integration tool to constantly
deploy changes from all parties to the Production environment, and then run tests for validation.
D.  Use a custom application and the AWS SDK to replicate the resources defined in the current AWS
CloudFormation template, and use the existing code review system to allow other departments to
approve changes before altering the application for future deployments.
Answer: B
2 of 7
Amazon Web Services - DOP-C01
Explanation
As your infrastructure grows, common patterns can emerge in which you declare the same components in each
of your templates. You can separate out these common components and create dedicated templates for them.
That way, you can mix and match different templates but use nested stacks to create a single, unified stack.
Nested stacks are stacks that create other stacks. To create nested stacks, use the AWS:: Cloud Form
ation::Stackresource in your template to reference other templates.
For more information on best practices for Cloudformation please refer to the below link:
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.
html
Question #:4
A Development team uses AWS CodeCommit for source code control. Developers apply their changes to
various feature branches and create pull requests to move those changes to the master branch when they are
ready for production. A direct push to the master branch should not be allowed. The team applied the AWS
managed policy AWSCodeCommitPowerUser to the Developers’ IAM rote, but now members are able to
push to the master branch directly on every repository in the AWS account.
What actions should be taken to restrict this?
A.  Create an additional policy to include a deny rule for the codecommit: GitPush action, and include a
restriction for the specific repositories in the resource statement with a condition for the master
reference.
B.  Remove the IAM policy and add an AWSCodeCommitReadOnlypolicy. Add an allow rule for the
codecommit: GitPush action for the specific repositories in the resource statement with a condition for
the master reference.
C.  Modify the IAM policy and include a deny rule for the codecommit: GitPush action for the specific
repositories in the resource statement with a condition for the master reference.
D.  Create an additional policy to include an allow rule for the codecommit: GitPush action and include a
restriction for the specific repositories in the resource statement with a condition for the feature branches
reference.
Answer: C
Question #:5
The operations team and the development team want a single place to view both operating system and
application logs. How should you implement this using A WS services? Choose two from the options below
A.  Using AWS CloudFormation, create a Cloud Watch Logs LogGroup and send the operating system and
3 of 7
Amazon Web Services - DOP-C01
A.  
application logs of interest using the Cloud Watch Logs Agent.
B.  Using AWS CloudFormation and configuration management, set up remote logging to send events via
UDP packets to CloudTrail.
C.  Using configuration management, set up remote logging to send events to Amazon Kinesis and insert
these into Amazon CloudSearch or Amazon Redshift, depending on available analytic tools.
D.  Using AWS CloudFormation, merge the application logs with the operating system logs, and use 1AM
Roles to allow both teams to have access to view console output from Amazon EC2.
Answer: A C
Explanation
Option B is invalid because Cloudtrail is not designed specifically to take in UDP packets
Option D is invalid because there are already Cloudwatch logs available, so there is no need to have specific
logs designed for this.
You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic
Compute Cloud (Amazon L~C2) instances, AWS CloudTrail,
and other sources. You can then retrieve the associated log data from CloudWatch Logs.
For more information on Cloudwatch logs please refer to the below link:
http://docs^ws.amazon.com/AmazonCloudWatch/latest/logs/WhatlsCloudWatchLogs.html
You can the use Kinesis to process those logs
For more information on Amazon Kinesis please refer to the below link:
http://docs.aws.a
mazon.com/streams/latest/dev/introduction.html
Question #:6
A Developer is maintaining a fleet of 50 Amazon EC2 Linux servers. The servers are part of an Amazon EC2
Auto Scaling group, and also use Elastic Load Balancing for load balancing.
Occasionally, some application servers are being terminated after failing ELB HTTP health checks. The
Developer would like to perform a root cause analysis on the issue, but before being able to access application
logs, the server is terminated.
How can log collection be automated?
A.  Use Auto Scaling lifecycle hooks to put instances in a Pending:Wait state. Create an Amazon
4 of 7
Amazon Web Services - DOP-C01
A.  
CloudWatch Alarm for EC2 Instance Terminate Successful and trigger an AWS Lambda function that
executes an SSM Run Command script to collect logs, push them to Amazon S3, and complete the
lifecycle action once logs are collected.
B.  Use Auto Scaling lifecycle hooks to put instances in a Terminating: Wait state. Create a Config rule for
EC2 Instance-terminate Lifecycle Action and trigger a step function that executes a script to collect logs,
push them to Amazon S3, and complete the lifecycle action once logs are collected.
C.  Use Auto Scaling lifecycle hooks to put instances in a Terminating: Wait state. Create an Amazon
CloudWatch subscription filter for EC2 Instance Terminate Successful and trigger a CloudWatch agent
that executes a script to called logs, push them to Amazon S3, and complete the lifecycle action once
logs are collected.
D.  Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create an Amazon
CloudWatch Events rule for EC2 'Instance-terminate Lifecycle Action and trigger an AWS Lambda
function that executes a SSM Run Command script to collect logs, push them to Amazon S3, and
complete the lifecycle action once logs are collected.
Answer: B
Question #:7
You have a multi-docker environment that you want to deploy to AWS. Which of the following configuration
files can be used to deploy a set of Docker containers as an Elastic Beanstalk application?
A.  Dockerrun.awsjson
B.  .ebextensions
C.  Dockerrunjson
D.  Dockerfile
Answer: A
Explanation
A Dockerrun.aws.json file is an Clastic Beanstalk-specific JSON file that describes how to deploy a set of
Docker containers as an Clastic Beanstalk application. You
can use aDockerrun.aws.json file for a multicontainer Docker environment.
Dockerrun.aws.json describes the containers to deploy to each container instance in the environment as well as
the data volumes to create on the host instance for
the containers to mount.
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker_v2config.
5 of 7
Amazon Web Services - DOP-C01
html
Question #:8
A company needs to introduce automatic DNS failover for a distributed web application to a disaster recovery
or standby installation. The DevOps Engineer plans to configure Amazon Route 53 to provide DNS routing to
alternate endpoint in the event of an application failure.
What steps should the Engineer take to accomplish this? (Select TWO.)
A.  Create Amazon Route 53 health checks for each endpoint that cannot be entered as alias records. Ensure
firewall and routing rules allow Amazon Route 53 to send requests to the endpoints that are specified in
the health checks.
B.  Create alias records that route traffic to AWS resources and set the value of the Evaluate Target Health
option to Yes, then create all the non-alias records.
C.  Create a governing Amazon Route 53 record set, set it to failover, and associate it with the primary and
secondary Amazon Route 53 record sets to distribute traffic to healthy DNS entries.
D.  Create an Amazon CloudWatch alarm to monitor the primary Amazon Route 53 DNS entry. Then create
an associated AWS Lambda function to execute the failover API call to Route 53 to the secondary DNS
entry.
Answer: A C
Question #:9
A company has a hybrid architecture solution in which some legacy systems remain on-premises, while a
specific cluster of servers is moved to AWS. The company cannot reconfigure the legacy systems, so the
cluster nodes must have a fixed hostname and local IP address for each server that is part of the cluster. The
DevOps Engineer must automate the configuration for a six-node cluster with high availability across three
Availability Zones (AZs), placing two elastic network interfaces in a specific subnet for each AZ. Each node's
hostname and local IP address should remain the same between reboots or instance failures.
Which solution involves the LEAST amount of effort to automate this task?
A.  Create an AWS Elastic Beanstalk application and a specific environment for each server of the cluster.
For each environment, give the hostname, elastic network interface, and AZ as input parameters. Use the
local health agent to name the instance and attach a specific elastic network interface based on the
current environment.
B.  Create a reusable AWS CloudFormation template to manage an Amazon EC2 Auto Scaling group with a
minimum size of 1 and a maximum size of 1. Give the hostname, elastic network interface, and AZ as
stack parameters. Use those parameters to set up an EC2 instance with EC2 Auto Scaling and a user data
script to attach to the specific elastic network interface. Use CloudFormation nested stacks to nest the
template six times for a total of six nodes needed for the cluster, and deploy using the master template.
6 of 7
Amazon Web Services - DOP-C01
C.  Create an Amazon DynamoDB table with the list of hostnames subnets, and elastic network interfaces to
be used. Create a single AWS CloudFormation template to manage an Auto Scaling group with a
minimum size of 6 and a maximum size of 6. Create a programmatic solution that is installed in each
instance that will lock/release the assignment of each hostname and local IP address, depending on the
subnet in which a new instance will be launched.
D.  Create a reusable AWS CLI script to launch each instance individually, which will name the instance,
place it in a specific AZ, and attach a specific elastic network interface. Monitor the instances and in the
event of failure, replace the missing instance manually by running the script again.
Answer: B
Question #:10
A retail company has adopted AWS OpsWorks for managing its deployments. In the last three months: the
company has discovered that some production instances have been restarting without reason. Upon inspection
of the AWS CloudTrail logs, a DevOps Engineer determined that those instances were restarted by OpsWorks.
The Engineer now wants automated email notifications whenever OpsWorks restarts an instance when the
instance is deemed unhealthy or unable to communicate with the service endpoint.
How can the Engineer meet this requirement?
A.  Create a Chef recipe to place a cron to run a custom script within the Amazon EC2 instances that sends
an email to the team by using Amazon SES if the OpsWorks agent detects an instance failure.
B.  Create an Amazon SNS topic and create a subscription for this topic that contains the destination email
address. Create an Amazon CloudWatch rule: specify aws . opsworks as a source and specify
auto-healing in the initiated_by details. Use the SNS topic as a target.
C.  Create an Amazon SNS topic and create a subscription for this topic that contains the destination email
address. Create an Amazon CloudWatch rule specify aws. opsworks as a source and specify
instance-replacement in the initiated_by details. Use the SNS topic as a target.
D.  Create a subscription for this topic that contains the email address. Enable instance restart notifications
within the OpsWorks layer and indicate the destination email address for the notification.
Answer: C
https://www.amazondumps.us/aws-devops-engineer-professional.html
7 of 7