• Home
  • Articles
  • Dumps Moneyack Guarantee - AWS-DevOps-Engineer-Professional Dumps UpTo 50% Off [Q107-Q132]

Dumps Moneyack Guarantee - AWS-DevOps-Engineer-Professional Dumps UpTo 50% Off [Q107-Q132]

Share

Dumps Moneyack Guarantee - AWS-DevOps-Engineer-Professional Dumps UpTo 50% Off

Updated Dec-2021 Pass AWS-DevOps-Engineer-Professional Exam - Real Practice Test Questions

NEW QUESTION 107
A company's web application will be migrated to AWS. The application is designed so that there is no server-side code required. As part of the migration, the company would like to improve the security of the application by adding HTTP response headers, following the Open Web Application Security Project (OWASP) secure headers recommendations.
How can this solution be implemented to meet the security requirements using best practices?

  • A. set an Amazon S3 bucket configured for website hosting. Create an Amazon CloudFront distribution that refers to this S3 bucket. Set "Cache Based on Selected Request Headers" to
    "Whitelist," and add the security headers into the whitelist.
  • B. Use an Amazon S3 bucket configured for website hosting, then set up server access logging on the S3 bucket to track user activity. Then configure the static website hosting and execute a scheduled AWS Lambda function to verify, and if missing, add security headers to the metadata.
  • C. Use an Amazon S3 bucket configured for website hosting, then set up server access logging on the S3 bucket to track user activity. Configure the static website hosting to return the required security headers.
  • D. Use an Amazon S3 bucket configured for website hosting. Create an Amazon CloudFront distribution that refers to this S3 bucket, with the origin response event set to trigger a Lambda@Edge Node.js function to add in the security headers.

Answer: D

Explanation:
https://aws.amazon.com/blogs/networking-and-content-delivery/adding-http-security-headers- using-lambdaedge-and-amazon-cloudfront/

 

NEW QUESTION 108
When an Auto Scaling group is running in Amazon Elastic Compute Cloud (EC2), your application rapidly scales up and down in response to load within a 10-minute window; however, after the load peaks, you begin to see problems in your configuration management system where previously terminated Amazon EC2 resources are still showing as active.
What would be a reliable and efficient way to handle the cleanup of Amazon EC2 resources within your configuration management system?
Choose 2 answers

  • A. Write a small script that is run during Amazon EC2 instance shutdown to de-register the resource from the configuration management system.
  • B. Configure an Amazon Simple Queue Service (SQS) queue for Auto Scaling actions that has a script that listens for new messages and removes terminated instances from the configuration management system.
  • C. Use your existing configuration management system to control the launching and bootstrapping of instances to reduce the number of moving parts in the automation.
  • D. Write a script that is run by a daily cron job on an Amazon EC2 instance and that executes API Describe calls of the EC2 Auto Scaling group and removes terminated instances from the configuration management system.
  • E. Use Amazon Simple Workflow Service (SWF) to maintain an Amazon DynamoDB database that contains a whitelist of instances that have been previously launched, and allow the Amazon SWF worker to remove information from the configuration management system.

Answer: A,C

 

NEW QUESTION 109
A development team wants to deploy an application using AWS CloudFormation stacks, but the developer IAM role does not currently have the required permissions to provision the resources specified in the CloudFormation template. A DevOps engineer is tasked with allowing developers to deploy the stacks while following the principal of least privilege.
Which solution will meet these requirements?

  • A. Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the developer role a cloudformation:* action.
  • B. Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the developer role the iam:PassRole permission.
  • C. Create an IAM policy that allows developers to provision the required resources. Attach the policy to the developer role.
  • D. Create an IAM policy that allows full access to CloudFormation. Attach the policy to the developer role.

Answer: B

Explanation:
Explanation
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-servicerole.html

 

NEW QUESTION 110
The management team at a company with a large on-premises OpenStack environment wants to move non-production workloads to AWS. An AWS Direct Connect connection has been provisioned and configured to connect the environments. Due to contractual obligations, the production workloads must remain on-premises, and will be moved to AWS after the next contract negotiation. The company follows Center for Internet Security (CIS) standards for hardening images; this configuration was developed using the company's configuration management system.
Which solution will automatically create an identical image in the AWS environment without significant overhead?

  • A. Write an AWS CloudFormation template that will create an Amazon EC2 instance. Use cloud-unit to install the configuration management agent, use cfn-wait to wait for configuration management to successfully apply, and use an AWS Lambda-backed custom resource to create the AMI.
  • B. Log in to the console, launch an Amazon EC2 instance, and install the configuration management agent. When changes are applied through the configuration management system, log in to the console and create a new AMI from the instance.
  • C. When a change is made in the configuration management system, a job in Jenkins is triggered to use the VM Import command to create an Amazon EC2 instance in the Amazon VPC. Use lifecycle hooks to launch an AWS Lambda function to create the AMI.
  • D. Create a new AWS OpsWorks layer and mirror the image hardening standards. Use this layer as the baseline for all AWS workloads.

Answer: C

Explanation:
https://www.brad-x.com/2015/10/01/importing-an-openstack-vm-into-amazon-ec2/
https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-instance-import.html

 

NEW QUESTION 111
You have been tasked with deploying a solution for your company that will store images, which the marketing department will use for its campaigns.
Employees are able to upload images via a web interface, and once uploaded, each image must be resized and watermarked with the company logo.
Image resize and watermark is not time-sensitive and can be completed days after upload if required.
How should you design this solution in the most highly available and cost-effective way?

  • A. Configure your web application to upload images to the local storage of the web server.
    Create a cronjob to execute a script daily that scans this directory for new files and then uses the Amazon EC2 Service API to launch 10 new Amazon EC2 instances, which will resize and watermark the images daily.
  • B. Configure your web application to upload images to the Amazon Elastic Transcoder service.
    Use the Amazon Elastic Transcoder watermark feature to add the company logo as a watermark on your images and then to upload the final images into an Amazon S3 bucket.
  • C. Configure your web application to upload images to Amazon S3, and send the S3 object URI to an Amazon SQS queue.
    Create an Auto Scaling launch configuration that uses Spot instances, specifying a price you are willing to pay.
    Configure the instances in this Auto Scaling group to poll the Amazon SQS queue for new images and then resize and watermark the image before uploading the new images into Amazon S3 and deleting the message from the Amazon SQS queue.
  • D. Configure your web application to upload images to Amazon S3, and send the Amazon S3 bucket URI to an Amazon SQS queue.
    Create an Auto Scaling group and configure it to use Spot instances, specifying a price you are willing to pay.
    Configure the instances in this Auto Scaling group to poll the SQS queue for new images and then resize and watermark the image before uploading the final images into Amazon S3.

Answer: C

 

NEW QUESTION 112
You have an application running a specific process that is critical to the application's functionality, and have added the health check process to your Auto Scaling Group. The instances are showing healthy but the application itself is not working as it should. What could be the issue with the health check, since it is still showing the instances as healthy.

  • A. The health check is not checking the application process
  • B. It is not possible for a health check to monitor a process that involves the application
  • C. The health check is not configured properly
  • D. You do not have the time range in the health check properly configured

Answer: A

Explanation:
If you have custom health checks, you can send the information from your health checks to Auto Scaling so that Auto Scaling can use this information. For example, if you determine that an instance is not functioning as expected, you can set the health status of the instance to Unhealthy. The next time that Auto Scaling performs a health check on the instance, it will determine that the instance is unhealthy and then launch a replacement instance.

 

NEW QUESTION 113
Which of the following items are required to allow an application deployed on an EC2 instance to write data to
a DynamoDB table? Assume that no security keys are allowed to be stored on the EC2 instance. Choose 2
answers from the options below

  • A. Createan 1AM Userthat allows write access to the DynamoDB table.
  • B. AddanlAMRoleto a running EC2 instance.
  • C. AddanlAMUserto a running EC2 instance.
  • D. CreateanlAM Role that allows write access to the DynamoDB table.

Answer: B,D

Explanation:
Explanation
The AWS documentation mentions the following
We designed I AM roles so that your applications can securely make API requests from your instances,
without requiring you to manage the security credentials that
the applications use. Instead of creating and distributing your AWS credentials, you can delegate permission to
make API requests using 1AM roles
For more information on 1AM Roles, please refer to the below URL:
* http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/iam-roles-for-amazon-ec2.
htm I

 

NEW QUESTION 114
You are building a large, multi-tenant SaaS (software-as-a-service) application with a component that fetches data to process from a customer-specific Amazon S3 bucket in their account.
How should you ensure that your application follows security best practices and limits risk when fetching data from customer-owned Amazon S3 buckets?

  • A. Have users create an IAM user with a policy that grants read-only access to the Amazon S3 bucket required by your application, and store the corresponding access keys in an encrypted database that holds their account data.
  • B. Have users create an Amazon S3 bucket policy that grants read-only access to the Amazon S3 bucket required by your application and limits access to the public IP address of the SaaS application.
  • C. Have users create a cross-account lAM role with a policy that grants read-only access to the Amazon S3 bucket required by your application to the AWS account ID running your production Sass application.
  • D. Have users create an Amazon S3 bucket policy that grants read-only access to the Amazon S3 bucket required by your application, and securely store the corresponding access keys in the database holding their account data.

Answer: C

 

NEW QUESTION 115
What is the scope of AWS IAM?

  • A. Region
  • B. Global
  • C. Availability Zone
  • D. Placement Group

Answer: B

Explanation:
IAM resources are all global; there is not regional constraint.
https://aws.amazon.com/iam/faqs/

 

NEW QUESTION 116
A DevOps engineer used an AWS CloudFormation custom resource to set up AD Connector. The AWS Lambda function executed and created AD Connector, but CloudFormation is not transitioning from CREATE_IN_PROGRESS to CREATE_COMPLETE.
Which action should the engineer take to resolve this issue?

  • A. Ensure the Lambda function code returns a response to the pre-signed URL.
  • B. Ensure the Lambda function IAM role has cloudformation:UpdateStack permissions for the stack ARN.
  • C. Ensure the Lambda function code has exited successfully.
  • D. Ensure the Lambda function IAM role has ds:ConnectDirectory permissions for the AWS account.

Answer: A

 

NEW QUESTION 117
What is required to achieve gigabit network throughput on EC2? You already selected cluster-compute, 10GB instances with enhanced networking, and your workload is already network-bound, but you are not seeing 10 gigabit speeds.

  • A. Ensure the instances are in different VPCs so you don't saturate the Internet Gateway on any one VPC.
  • B. Use a placement group for your instances so the instances are physically near each other in the same Availability Zone.
  • C. Select PIOPS for your drives and mount several, so you can provision sufficient disk throughput.
  • D. Enable biplex networking on your servers, so packets are non-blocking in both directions and there's no switching overhead.

Answer: B

Explanation:
Explanation
A placement group is a logical grouping of instances within a single Availability Zone. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both. To provide the lowest latency, and the highest packet-per-second network performance for your placement group, choose an instance type that supports enhanced networking.
For more information on Placement Groups, please visit the below URL:
* http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/placement-groups.html

 

NEW QUESTION 118
A DevOps Engineer is working with an application deployed to 12 Amazon EC2 instances across 3 Availability Zones. New instances can be started from an AMI image. On a typical day, each EC2 instance has 30% utilization during business hours and 10% utilization after business hours. The CPU utilization has an immediate spike in the first few minutes of business hours. Other increases in CPU utilization rise gradually.
The Engineer has been asked to reduce costs while retaining the same or higher reliability.
Which solution meets these requirements?

  • A. Create an EC2 Auto Scaling group using the AMI image, with a scaling action based on the Auto Scaling group's CPU Utilization average with a target of 75%. Create a scheduled action to terminate nine instances each evening after the close of business.
  • B. Create two Amazon CloudWatch Events rules with schedules before and after business hours begin and end. Create an AWS CloudFormation stack, which creates an EC2 Auto Scaling group, with a parameter for the number of instances. Invoke the stack from each rule, passing a parameter value of three in the morning, and six in the evening.
  • C. Create two Amazon CloudWatch Events rules with schedules before and after business hours begin and end. Create two AWS Lambda functions, one invoked by each rule. The first function should stop nine instances after business hours end, the second function should restart the nine instances before the business day begins.
  • D. Create an Amazon EC2 Auto Scaling group using the AMI image, with a scaling action based on the Auto Scaling group's CPU Utilization average with a target of 75%. Create a scheduled action for the group to adjust the minimum number of instances to three after business hours end and reset to six before business hours begin.

Answer: B

 

NEW QUESTION 119
You have been asked to de-risk deployments at your company. Specifically, the CEO is concerned about outages that occur because of accidental inconsistencies between Staging and Production, which sometimes cause unexpected behaviors in Production even when Staging tests pass. You already use Docker to get high consistency between Staging and Production for the application environment on your EC2 instances. How do you further de-risk the rest of the execution environment, since in AWS, there are many service components you may use beyond EC2 virtual machines?

  • A. Use AMIs to ensure the whole machine, including the kernel of the virual machines, is consistent, since Docker uses Linux Container (LXC) technology, and we need to make sure the container environment is consistent.
  • B. Use AWS ECS and Docker clustering. This will make sure that the AMIs and machine sizes are the same across both environments.
  • C. Use AWS Config to force the Staging and Production stacks to have configuration parity. Any differences will be detected for you so you are aware of risks.
  • D. Develop models of your entire cloud system in CloudFormation. Use this model in Staging and Production to achieve greater parity.

Answer: D

Explanation:
Only CloudFormation's JSON Templates allow declarative version control of repeatably deployable models of entire AWS clouds.
https://blogs.aws.amazon.com/application-management/blog/category/Best+practices

 

NEW QUESTION 120
A production account has a requirement that any Amazon EC2 instance that has been logged into manually must be terminated within 24 hours. All applications in the production account are using Auto Scaling groups with Amazon CloudWatch Logs agent configured.
How can this process be automated?

  • A. Create a CloudWatch Logs subscription in an AWS Lambda function. Configure the function to add a tag to the EC2 instance that produced the login event and mark the instance to be decommissioned.
    Create a CloudWatch Events rule to trigger a daily Lambda function that terminates all instances with this tag.
  • B. Create a CloudWatch alarm that will trigger on the login event. Configure the alarm to send to an Amazon SQS queue. Use a group of worker instances to process messages from the queue, which then schedules the Amazon CloudWatch Events rule to trigger.
  • C. Create a CloudWatch Logs subscription to an AWS Step Functions application. Configure the function to add a tag to the EC2 instance that produced the login event and mark the instance to be decommissioned. Then create a CloudWatch Events rule to trigger a second AWS Lambda function once a day that will terminate all instances with this tag.
  • D. Create a CloudWatch alarm that will trigger on the login event. Send the notification to an Amazon SNS topic that the Operations team is subscribed to, and have them terminate the EC2 instance within 24 hours.

Answer: A

Explanation:
https://boto3.amazonaws.com/v1/documentation/api/latest/guide/cw-example-subscription- filters.html

 

NEW QUESTION 121
How does Amazon RDS multi Availability Zone model work?

  • A. A second, standby database is deployed and maintained in a different availability zone from master using asynchronous replication.
  • B. A second, standby database is deployed and maintained in a different region from master using synchronous replication.
  • C. A second, standby database is deployed and maintained in a different availability zone from master, using synchronous replication.
  • D. A second, standby database is deployed and maintained in a different region from master using asynchronous replication.

Answer: C

Explanation:
In a Multi-AZ deployment, Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone.
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html

 

NEW QUESTION 122
Your company operates a website for promoters to sell tickets for entertainment events.
You are using a load balancer in front of an Auto Scaling group of web servers. Promotion of popular events can cause surges of website visitors.
During scaling-out at these times, newly launched instances are unable to complete configuration quickly enough, leading to user disappointment.
What options should you choose to improve scaling yet minimize costs? Choose 2 answers.

  • A. Publish a custom CloudWatch memo from your application on the number of tickets sold, and create an Auto Scaling policy based on this.
  • B. Configure an Amazon S3 bucket for website hosting. Upload into the bucket an HTML holding page with its x-amz-website-redirect-location' metadata property set to the load balancer endpoint.
    Configure Elastic Load Balancing to redirect to the holding page when the load on web servers is above a certain level.
  • C. Use the history of past scaling events for similar event sales to predict future scaling requirements.
    Use the Auto Scaling scheduled scaling feature to vary the size of the fleet.
  • D. Create an AMI with the application pre-configured.
    Create a new Auto Scaling launch configuration using this new AMI, and configure the Auto Scaling group to launch with this AMI.
  • E. Use Auto Scaling pre-warming to launch instances before they are required.
    Configure pre-warming to use the CPU trend CloudWatch metric for the group.

Answer: C,D

 

NEW QUESTION 123
You have decided to migrate your application to the cloud. You cannot afford any downtime. You want to
gradually migrate so that you can test the application with a small percentage of users and increase over time.
Which of these options should you implement?

  • A. Configure an Elastic Load Balancer to distribute the traffic between the on-premises application and the
    AWS application.
  • B. Implement a Route 53 failover routing policy that sends traffic back to the on-premises application if the
    AWS application fails.
  • C. Implement a Route 53 weighted routing policy that distributes the traffic between your on-premises
    application and the AWS application depending on weight.
  • D. Use Direct Connect to route traffic to the on-premise location. In DirectConnect, configure the amount
    of traffic to be routed to the on-premise location.

Answer: C

Explanation:
Explanation
Option A is incorrect because DirectConnect cannot control the flow of traffic.
Option B is incorrect because you want to split the percentage of traffic. Failover will direct all of the traffic to
the backup servers.
Option C is incorrect because you cannot control the percentage distribution of traffic.
Weighted routing lets you associate multiple resources with a single domain name (example.com) or
subdomain name (acme.example.com) and choose how much
traffic is routed to each resource. This can be useful for a variety of purposes, including load balancing and
testing new versions of software.
For more information on the Routing policy please refer to the below link:
* http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.
html

 

NEW QUESTION 124
A Development team is currently using AWS CodeDeploy to deploy an application revision to an Auto Scaling group. If the deployment process fails, it must be rolled back automatically and a notification must be sent. What is the MOST effective configuration that can satisfy all of the requirements?

  • A. Configure a CodeDeploy agent to create a trigger that will send notification to Amazon SNS topics when the deployment fails. Configure CodeDeploy to automatically roll back when the deployment fails.
  • B. Use AWS CloudTrail to monitor API calls made by or on behalf of CodeDeploy in the AWS account. Send an Amazon SNS message when deployment fails. Use AWS CLI to redeploy a previously deployed revision.
  • C. Use available Amazon CloudWatch metrics for CodeDeploy to create CloudWatch alarms. Configure CloudWatch alarms to send out an Amazon SNS message when the deployment fails. Use AWS CLI to redeploy a previously deployed revision.
  • D. Create Amazon CloudWatch Events rules for CodeDeploy operations. Configure a CloudWatch Events rule to send out an Amazon SNS message when the deployment fails. Configure CodeDeploy to automatically roll back when the deployment fails.

Answer: A

Explanation:
https://docs.aws.amazon.com/codedeploy/latest/userguide/monitoring-sns-event-notifications-create-trigger.html#monitoring-sns-event-notifications-create-trigger-console

 

NEW QUESTION 125
In reviewing the Auto-Scaling events for your application you notice that your application is scaling up and
down multiple times in the same hour. What design choice could you make to optimize for costs while
preserving elasticity?
Choose 2 options from the choices given below

  • A. Modifythe Auto Scalinggroup termination policy to terminate the newest instancefirst.
  • B. Modifythe Amazon Cloudwatch alarm period that triggers your AutoScaling scale downpolicy.
  • C. Modifythe Auto Scaling policy to use scheduled scaling actions
  • D. Modifythe Auto Scaling Group cool down timers

Answer: B,D

Explanation:
Explanation
The Auto Scaling cooldown period is a configurable setting for your Auto Scalinggroup that helps to ensure
that Auto Scaling doesn't launch or terminate additional
instances before the previous scaling activity takes effect. After the Auto Scalinggroup dynamically scales
using a simple scaling policy. Auto Scaling waits for the
cooldown period to complete before resuming scaling activities. When you manually scale your Auto Scaling
group, the default is not to wait for the cooldown period,
but you can override the default and honor the cooldown period. Note that if an instance becomes unhealthy.
Auto Scaling does not wait for the cooldown period to
complete before replacing the unhealthy instance.
For more information on Autoscale cool down timers please visit the URL:
* http://docs.ws.amazon.com/autoscaling/latest/userguide/Cooldown.htm
I
You can also modify the Cloudwatch triggers to ensure the thresholds are appropriate for the scale down
policy For more information on Autoscaling user guide please visit the URL:
* http://docs.aws.amazon.com/autoscaling/latest/userguide/as-scale-based-on-demand.
html

 

NEW QUESTION 126
An Engineering team manages a Node.js e-commerce application. The current environment consists of the following components: " Amazon S3 buckets for storing content " Amazon EC2 for the front-end web servers " AWS Lambda for executing image processing " Amazon DynamoDB for storing session-related data The team expects a significant increase in traffic to the site. The application should handle the additional load without interruption. The team ran initial tests by adding new servers to the EC2 front-end to handle the larger load, but the instances took up to 20 minutes to become fully configured. The team wants to reduce this configuration time. What changes will the Engineering team need to implement to make the solution the MOST resilient and highly available while meeting the expected increase in demand?

  • A. Deploy a fleet of EC2 instances, doubling the current capacity, and place them behind an Application Load Balancer. Increase the Amazon DynamoDB read and write capacity units. Add an alias record that contains the Application Load Balancer endpoint to the existing Amazon Route 53 DNS record that points to the application.
  • B. Use AWS Elastic Beanstalk with a custom AMI including all web components. Deploy the platform by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Elastic Beanstalk load balancer.
  • C. Use AWS OpsWorks to automatically configure each new EC2 instance as it is launched. Configure the EC2 instances by using an Auto Scaling group behind an Application Load Balancer across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the Application Load Balancer.
  • D. Configure Amazon CloudFront and have its origin point to Amazon S3 to host the web application. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS record to the CloudFront DNS name.

Answer: B

 

NEW QUESTION 127
A company is reviewing its IAM policies. One policy written by the DevOps Engineer has been flagged as too permissive. The policy is used by an AWS Lambda function that issues a stop command to Amazon EC2 instances tagged with Environment: NonProductionover the weekend. The current policy is:

What changes should the Engineer make to achieve a policy of least permission? (Select THREE.)

  • A.
  • B.
  • C.
  • D.
  • E.
  • F.

Answer: C,E,F

Explanation:
Explanation

 

NEW QUESTION 128
A DevOps Engineer has a single Amazon DynamoDB table that received shipping orders and tracks inventory.
The Engineer has three AWS Lambda functions reading from a DymamoDB stream on that table. The Lambda functions perform various functions such as doing an item count, moving items to Amazon Kinesis Data Firehose, monitoring inventory levels, and creating vendor orders when parts are low.
While reviewing logs, the Engineer notices the Lambda functions occasionally fail under increased load, receiving a stream throttling error.
Which is the MOST cost-effective solution that requires the LEAST amount of operational management?

  • A. Use Amazon Kinesis streams instead of DynamoDB streams, then use Kinesis analytics to trigger the Lambda functions.
  • B. Use AWS Glue integration to ingest the DynamoDB stream, then migrate the Lambda code to an AWS Fargate task.
  • C. Have the Lambda functions query the table directly and disable DynamoDB streams. Then have the Lambda functions query from a global secondary index.
  • D. Create a fourth Lambda function and configure it to be the only Lambda reading from the stream. Then use this Lambda function to pass the payload to the other three Lambda functions.

Answer: D

 

NEW QUESTION 129
You currently have a set of instances running on your Opswork stacks. You need to install security updates on
these servers. What does AWS recommend in terms of how the security updates should be deployed?
Choose 2 answers from the options given below.

  • A. OnLinux-based instances in Chef 11.10 or older stacks, run the UpdateDependencies stack command.
  • B. Createand start new instances to replace your current online instances. Then deletethe current instances.
  • C. Create a cloudformation template which can be used to replace the instances.
  • D. Createa new Opswork stack with the new instances.

Answer: A,B

Explanation:
Explanation
The AWS Documentation mentions the following
By default, AWS OpsWorks Stacks automatically installs the latest updates during setup, after an instance
finishes booting. AWS OpsWorks Stacks does not
automatically install updates after an instance is online, to avoid interruptions such as restarting application
servers. Instead, you manage updates to your online
instances yourself, so you can minimize any disruptions.
We recommend that you use one of the following to update your online instances.
Create and start new instances to replace your current online instances. Then delete the current instances. The
new instances will have the latest set of security patches installed during setup.
On Linux-based instances in Chef 11.10 or older stacks, run the Update Dependencies stack command, which
installs the current set of security patches and other updates on the specified instances.
For more information on Opswork updates, please visit the below url * http://docs.aws.a
mazon.com/opsworks/latest/userguide/best-practices-updates. htm I

 

NEW QUESTION 130
A company has developed a Node.js web application which provides REST services to store and retrieve time series data. The web application is built by the Development team on company laptops, tested locally, and manually deployed to a single on-premises server, which accesses a local MySQL database. The company is starting a trial in two weeks, during which the application will undergo frequent updates based on customer feedback. The following requirements must be met:
*The team must be able to reliably build, test, and deploy new updates on a daily basis, without downtime or degraded performance.
*The application must be able to scale to meet an unpredictable number of concurrent users during the trial.
Which action will allow the team to quickly meet these objectives?

  • A. Configure AWS Elastic Beanstalk to automatically build the application using AWS CodeBuild and to deploy it to a test environment that is configured to support auto scaling. Create a second Elastic Beanstalk environment for production. Use Amazon RDS to store data. When new versions of the applications have passed all tests, use Elastic Beanstalk "swap cname' to promote the test environment to production.
  • B. Develop an AWS CloudFormation template to create an Application Load Balancer and two Amazon EC2 instances with Amazon EBS (SSD) volumes in an Auto Scaling group with rolling updates enabled. Use AWS CodeBuild to build and test the Node.js application and store it in an Amazon S3 bucket. Use user- data scripts to install the application and the MySQL database on each EC2 instance.
    Update the stack to deploy new application versions.
  • C. Modify the application to use Amazon DynamoDB instead of a local MySQL database. Use AWS OpsWorks to create a stack for the application with a DynamoDB layer, an Application Load Balancer layer, and an Amazon EC2 instance layer. Use a Chef recipe to build the application and a Chef recipe to deploy the application to the EC2 instance layer. Use custom health checks to run unit tests on each instance with rollback on failure.
  • D. Create two Amazon Lightsail virtual private servers for Node.js; one for test and one for production.
    Build the Node.js application using existing process and upload it to the new Lightsail test server using the AWS CLI. Test the application, and if it passes all tests, upload it to the production server. During the trial, monitor the production server usage, and if needed, increase performance by upgrading the instance type.

Answer: A

 

NEW QUESTION 131
A DevOps Engineer just joined a new company that is already running workloads on Amazon EC2 instances. AWS has been adopted incrementally with no central governance. The Engineer must now assess how well the existing deployments comply with the following requirements: *EC2 instances are running only approved AMIs. *Amazon EBS volumes are encrypted. *EC2 instances have an Owner tag. *Root login over SSH is disabled on EC2 instances. Which services should the Engineer use to perform this assessment with the LEAST amount of effort? (Select TWO.)

  • A. Amazon Inspector
  • B. AWS Config
  • C. AWS System Manager
  • D. AWS Directory Service
  • E. Amazon GuardDuty

Answer: A,B

Explanation:
https://docs.aws.amazon.com/ja_jp/inspector/latest/userguide/inspector_security-best-practices.html

 

NEW QUESTION 132
......

Download Free Amazon AWS-DevOps-Engineer-Professional Real Exam Questions: https://dumpstorrent.dumpsking.com/AWS-DevOps-Engineer-Professional-testking-dumps.html

Related Articles

more
Amazon AWS-DevOps-Engineer-Professional Certification Practice Exam

Our reliable dumps VCE materials guarantee you 100% clear exam in a short time certainly. If you are still looking for valid certification king, stop hesitating, our latest exam dumps are the best choice for you.

Tags

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 DumpsKing NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy