DOP-C02 Exam Questions
498 real DOP-C02 exam questions with expert-verified answers and explanations. Page 8 of 10.
- Question #354Security & Compliance
A security team must record the configuration of AWS resources, detect issues, and send notifications for findings. The main workload in the AWS account consists of an Amazon EC2 A...
AWS ConfigSecurity Group RulesCompliance AuditingSNS NotificationsPeriodic Recording - Question #355Security & Compliance
A company has proprietary data available by using an Amazon CloudFront distribution. The company needs to ensure that the distribution is accessible by only users from the corporat...
AWS WAFIP address setsCloudFrontNetwork security - Question #356Monitoring & Logging
A company runs several applications in the same AWS account. The applications send logs to Amazon CloudWatch. A data analytics team needs to collect performance metrics and custom...
CloudWatch MetricsMetric StreamsData TransformationAmazon S3 - Question #357Security & Compliance
A company uses an HPC platform to run analysis jobs for data. The company uses AWS CodeBuild to create container images and store the images on Amazon Elastic Container Registry (A...
Container securityAWS SignerCodeBuildECRImage signing - Question #358SDLC Automation
A company uses an AWS CodeArtifact repository to store Python packages that the company developed internally. A DevOps engineer needs to use AWS CodeDeploy to deploy an application...
IAM rolesInstance profilesCodeArtifactEC2 permissionsCodeDeploy - Question #359Reliability & Resilience
A company has a file-reading application that saves files to a database that runs on Amazon EC2 instances. Regulations require the company to delete files from EC2 instances every...
Systems Manager State ManagerRun CommandScheduled tasksOrchestrationSNS - Question #360Security & Compliance
A company uses an organization in AWS Organizations that has all features enabled to manage its AWS accounts. Amazon EQ instances run in the AWS accounts. The company requires that...
AWS OrganizationsSCPIMDSv2EC2 securityIAM conditions - Question #361Monitoring & Logging
A DevOps team supports an application that runs on a large number of Amazon EC2 instances in an Auto Scaling group. The DevOps team uses AWS CloudFormation to deploy the EC2 instan...
CloudWatch Contributor InsightsEmbedded Metrics FormatCloudWatch AlarmsApplication monitoring - Question #362Configuration Management & Infrastructure as Code
A company is using AWS CloudFormation to perform deployments of its application environment. A deployment failed during a recent update to the existing CloudFormation stack. A DevO...
AWS ConfigConfiguration driftManaged rulesSNSCloudFormation - Question #363Configuration Management & Infrastructure as Code
A DevOps engineer deployed multiple AWS accounts by using AWS Control Tower to support different business, technical, and administrative units in a company. A security team needs t...
AWS Control TowerCloudFormation StackSetsAWS OrganizationsGuardrailsIaC - Question #364Monitoring & Logging
A company runs a web application on Amazon Elastic Kubernetes Service (Amazon EKS). The company uses Amazon CloudFront to distribute the application. The company recently enabled A...
CloudWatch LogsMetric filtersAWS WAFCloudWatch AlarmsAnomaly detection - Question #365Security & Compliance
A video platform company is migrating its video catalog to AWS. The company will host MP4 videos files in an Amazon S3 bucket. The company will use Amazon CloudFront and Amazon EC2...
CloudFront FunctionsAuthorization tokensEdge computingCloudWatch LogsS3 security - Question #366Security and Compliance
A company uses an organization in AWS Organizations to manage multiple AWS accounts in a hierarchical structure. An SCP that is associated with the organization root allows IAM use...
IAM Permissions BoundariesIAM Policy ManagementAWS OrganizationsLeast Privilege - Question #367Configuration Management & Infrastructure as Code
A company has deployed a landing zone that has a well-defined AWS Organizations structure and an SCP. The company's development team can create their AWS resources only by using AW...
AWS OrganizationsTag policiesAWS CDKCloudFormation StackSetsIaC standards - Question #368Configuration Management & Infrastructure as Code
A DevOps team manages a company's AWS account. The company wants to ensure that specific AWS resource configuration changes are automatically reverted. Which solution will meet thi...
AWS ConfigAuto-remediationConfiguration driftDesired state - Question #369Resilient Cloud Solutions
When thinking of DynamoDB, what are true of Local Secondary Key properties?
DynamoDBLocal Secondary Index (LSI)Partition keySort key - Question #370Resilient Cloud Solutions
Which deployment method, when using AWS Auto Scaling Groups and Auto Scaling Launch Configurations, enables the shortest time to live for individual servers?
AMIImmutable infrastructureAuto ScalingDeployment strategies - Question #371Reliability & Resilience
Which of these techniques enables the fastest possible rollback times in the event of a failed deployment?
Deployment strategiesBlue-Green deploymentRollbackImmutable infrastructure - Question #372Configuration Management & Infrastructure as Code
Which of the following are not valid sources for OpsWorks custom cookbook repositories?
AWS OpsWorksCustom cookbooksRepository sources - Question #373Resilient Cloud Solutions
You are building a deployment system on AWS. You will deploy new code by bootstrapping instances in a private subnet in a VPC at runtime using UserData scripts pointing to an S3 zi...
VPC networkingPrivate subnetsNAT GatewayS3 accessBootstrapping - Question #374Security & Compliance
Which major database needs a BYO license?
RDSDatabase licensingBYOLOracle - Question #375Reliability & Resilience
What is the maximum supported single-volume throughput on EBS?
EBSstorage performancethroughput - Question #376Reliability & Resilience
When a user is detaching an EBS volume from a running instance and attaching it to a new instance, which of the below mentioned options should be followed to avoid file system dama...
EBSvolume managementfilesystem safetyinstance management - Question #377Reliability & Resilience
A user is creating a new EBS volume from an existing snapshot. The snapshot size shows 10 GB. Can the user create a volume of 30 GB from that snapshot?
EBSsnapshotsvolume managementstorage sizing - Question #378Reliability & Resilience
How long are the messages kept on an SQS queue by default?
SQSmessage queuemessage retention - Question #379Security and Compliance
A company hosts an application in its AWS account. The application uses an Amazon S3 bucket to store objects that contain sensitive information. The company needs to capture object...
CloudTrailS3 data eventsAPI loggingauditing - Question #380Security and Compliance
A DevOps administrator is responsible for managing the security of a company's Amazon CloudWatch Logs log groups. The company's security policy states that employee IDs must not be...
CloudWatch Logsdata protectionsensitive datalog security - Question #381Security and Compliance
A company uses an organization in AWS Organizations to manage many AWS accounts. The company has enabled all features for the organization. The company uses AWS CloudFormation Stac...
AWS OrganizationsSCPS3 encryptionKMS - Question #382Monitoring and Logging
A company uses an Amazon Aurora PostgreSQL DB cluster and loads transactional data into the database every 5 hours. Data analysts use the Aurora PostgreSQL database to run short-ru...
Aurora PostgreSQLPerformance InsightsDevOps Gurudatabase monitoring - Question #383Security and Compliance
A DevOps engineer is implementing governance controls for a company that requires its infrastructure to be housed within the United States. The company has many AWS accounts in an...
AWS OrganizationsSCPregion restrictionCloudTrailsecurity alerting - Question #384Reliability & Resilience
A company runs applications on Amazon EC2 instances that are in an Amazon EC2 Auto Scaling group. The EC2 instances are behind an Application Load Balancer (ALB). Users recently be...
Auto Scaling GroupALBELB health checksapplication reliability - Question #385SDLC Automation
A DevOps engineer needs to troubleshoot a pipeline that uses a GitHub code repository. The pipeline contains a source stage, a build stage, and a deploy stage. The pipeline also ha...
CodePipelineCodeBuildCodeStar ConnectionsIAM permissions - Question #386SDLC Automation
A company's DevOps team uses Node Package Manager (NPM) open source libraries to build applications. The DevOps team runs its application build process in an AWS CodeBuild project...
CodeArtifactNPM packagesprivate repositoriesdependency management - Question #387Resilient Cloud Solutions
A company has a search application that has a web interface. The company uses Amazon CloudFront, Application Load Balancers (ALBs), and Amazon EC2 instances in an Auto Scaling grou...
CloudFrontDR strategymulti-regionorigin failover - Question #388Security and Compliance
A DevOps engineer uses AWS WAF to manage web ACLs across an AWS account. The DevOps engineer must ensure that AWS WAF is enabled for all Application Load Balancers (ALBs) in the ac...
AWS ConfigAWS WAFALBsecurity enforcementremediation - Question #389SDLC Automation
A company is developing an ecommerce application on AWS. The company wants to make sure that the application can handle sudden increases in traffic. The company uses AWS CodePipeli...
CI/CD pipelineload testingCodeBuildperformance testing - Question #390Reliability & Resilience
A company needs to update its order processing application to improve resilience and availability. The application requires a stateful database and uses a single-node Amazon RDS DB...
RDSMulti-AZhigh availabilitydatabase resilience - Question #391SDLC Automation
A company has application code in an AWS CodeConnections compatible Git repository. The company wants to configure unit tests to run when pull requests are opened. The company want...
CodeBuildwebhook triggerspull requestsunit testingS3 artifacts - Question #392SDLC Automation
A software development team is implementing a CI/CD pipeline for its web application. The team is using AWS CodeBuild to compile Java-based source code and to run unit tests. The t...
CodeBuildbuild artifactsS3CI/CD - Question #393Security and Compliance
A company uses AWS Organizations to manage multiple AWS accounts. The accounts are in an OU that has a policy attached to allow all actions. The company is migrating several Git re...
AWS OrganizationsSCPCodeConnectionsGit integrationsecurity policy - Question #394Configuration Management and IaC
A DevOps engineer updates an AWS CloudFormation stack to add a nested stack that includes several Amazon EC2 instances. When the DevOps engineer attempts to deploy the updated stac...
CloudFormationnested stacksstack deploymenttroubleshooting - Question #395Reliability & Resilience
A DevOps team operates an integration service that runs on an Amazon EC2 instance. The DevOps team uses Amazon Route 53 to manage the integration service's domain name by using a s...
Route 53failoverwarm standbyEC2 - Question #396Monitoring & Logging
A company hosts several applications in an AWS account. Each application sends logs to its own log group in Amazon CloudWatch. The company's CloudWatch costs for ingestion are incr...
CloudWatch metricscost optimizationlog analysis - Question #397SDLC Automation
A company has an AWS account named PipelineAccount. The account manages a pipeline in AWS CodePipeline. The account uses an IAM role named CodePipeline_Service_Role and produces an...
IAM policiescross-account accessS3 bucket policyCodePipeline - Question #398Configuration Management & Infrastructure as Code
A company has multiple development teams in separate business units that work in a single shared AWS account. All Amazon EC2 resources that users create in the account must include...
Resource TaggingEvent-Driven ArchitectureAmazon EventBridgeAWS Lambda - Question #399SDLC Automation
A company is developing code and wants to use semantic versioning. The company's DevOps team needs to create a pipeline for compiling the code. The team also needs to manage versio...
CodeArtifactartifact managementdependency cachingsemantic versioning - Question #400SDLC Automation
A company uses a pipeline in AWS CodePipeline to deploy an application. The company created an AWS Fault Injection Service (AWS FIS) experiment template to test the resiliency of t...
AWS FISCodePipelineresilience testingLambda integration - Question #401SDLC Automation
A DevOps engineer is creating a CI/CD pipeline to build container images. The engineer needs to store container images in Amazon Elastic Container Registry (Amazon ECR) and scan th...
ECRvulnerability scanningpull-through cachecontainer images - Question #402Reliability & Resilience
A company is running its ecommerce website on AWS. The website is currently hosted on a single Amazon EC2 instance in one Availability Zone. A MySQL database runs on the same EC2 i...
Multi-AZEC2RDShigh availability - Question #403SDLC Automation
A company is developing a microservices-based application on AWS. The application consists of AWS Lambda functions and Amazon Elastic Container Service (Amazon ECS) services that n...
CodeDeployLambda deploymentECS deploymentmicroservices