DOP-C02 (Page 20)

A company is implementing a well-architected design for its globally accessible API stack.The design needs to ensure both high reliability and fast response times for users located in North America and Europe.The API stack contains the following three tiers:Amazon API Gateway -AWS Lambda -Amazon DynamoDB -Which solution will meet the requirements?Read More →

A company has deployed an application in a production VPC in a single AWS account.The application is popular and is experiencing heavy usage.The company’s security team wants to add additional security, such as AWS WAF, to the application deployment.However, the application’s product manager is concerned about cost and does not want to approve the change unless the security team can prove that additional security is necessary.The security team believes that some of the application’s demand might come from users that have IP addresses that are on a deny list.The security team provides the deny list to a DevOps engineer.If any of the IP addresses on the deny list access the application, the security team wants to receive automated notification in near real time so that the security team can document that the application needs additional security.The DevOps engineer creates a VPC flow log for the production VPC.Which set of additional steps should the DevOps engineer take to meet these requirements MOST cost-effectively?Read More →

A company has many applications.Different teams in the company developed the applications by using multiple languages and frameworks.The applications run on premises and on different servers with different operating systems.Each team has its own release protocol and process.The company wants to reduce the complexity of the release and maintenance of these applications.The company is migrating its technology stacks, including these applications, to AWS.The company wants centralized control of source code, a consistent and automatic delivery pipeline, and as few maintenance tasks as possible on the underlying infrastructure.What should a DevOps engineer do to meet these requirements?Read More →

A company wants to migrate its content sharing web application hosted on Amazon EC2 to a serverless architecture.The company currently deploys changes to its application by creating a new Auto Scaling group of EC2 instances and a new Elastic Load Balancer, and then shifting the traffic away using an Amazon Route 53 weighted routing policy.For its new serverless application, the company is planning to use Amazon API Gateway and AWS Lambda.The company will need to update its deployment processes to work with the new application.It will also need to retain the ability to test new features on a small number of users before rolling the features out to the entire user base.Which deployment strategy will meet these requirements?Read More →

A company has developed a serverless web application that is hosted on AWS.The application consists of Amazon S3.Amazon API Gateway, several AWS Lambda functions, and an Amazon RDS for MySQL database.The company is using AWS CodeCommit to store the source code.The source code is a combination of AWS Serverless Application Model (AWS SAM) templates and Python code.A security audit and penetration test reveal that user names and passwords for authentication to the database are hardcoded within CodeCommit repositories.A DevOps engineer must implement a solution to automatically detect and prevent hardcoded secrets.What is the MOST secure solution that meets these requirements?Read More →

A company is developing a new application.The application uses AWS Lambda functions for its compute tier.The company must use a canary deployment for any changes to the Lambda functions.Automated rollback must occur if any failures are reported.The company’s DevOps team needs to create the infrastructure as code (IaC) and the CI/CD pipeline for this solution.Which combination of steps will meet these requirements? (Choose three.)Read More →

A company has a guideline that every Amazon EC2 instance must be launched from an AMI that the company’s security team produces.Every month, the security team sends an email message with the latest approved AMIs to all the development teams.The development teams use AWS CloudFormation to deploy their applications.When developers launch a new service, they have to search their email for the latest AMIs that the security department sent.A DevOps engineer wants to automate the process that the security team uses to provide the AMI IDs to the development teams.What is the MOST scalable solution that meets these requirements?Read More →

An application runs on Amazon EC2 instances behind an Application Load Balancer (ALB).A DevOps engineer is using AWS CodeDeploy to release a new version.The deployment fails during the AllowTraffic lifecycle event, but a cause for the failure is not indicated in the deployment logs.What would cause this?Read More →

A company deploys updates to its Amazon API Gateway API several times a week by using an AWS CodePipeline pipeline.As part of the update process, the company exports the JavaScript SDK for the API from the API Gateway console and uploads the SDK to an Amazon S3 bucket.The company has configured an Amazon CloudFront distribution that uses the S3 bucket as an origin.Web clients then download the SDK by using the CloudFront distribution’s endpoint.A DevOps engineer needs to implement a solution to make the new SDK available automatically during new API deployments.Which solution will meet these requirements?Read More →

A business has an application that consists of five independent AWS Lambda functions.The DevOps engineer has built a CI/CD pipeline using AWS CodePipeline and AWS CodeBuild that builds, tests, packages, and deploys each Lambda function in sequence.The pipeline uses an Amazon EventBridge rule to ensure the pipeline starts as quickly as possible after a change is made to the application source code.After working with the pipeline for a few months, the DevOps engineer has noticed the pipeline takes too long to complete.What should the DevOps engineer implement to BEST improve the speed of the pipeline?Read More →