Free AWS-Certified-DevOps-Engineer-Professional Exam Braindumps

You have deployed an application to AWS which makes use of Autoscaling to launch new instances. You now want to change the instance type for the new instances. Which of the following is one of the action items to achieve this deployment?

1. A. Use Elastic Beanstalk to deploy the new application with the new instance type
2. B. Use Cloudformation to deploy the new application with the new instance type
3. C. Create a new launch configuration with the new instance type
4. D. Create new EC2 instances with the new instance type and attach it to the Autoscaling Group

Correct Answer: C
The ideal way is to create a new launch configuration, attach it to the existing Auto Scaling group, and terminate the running instances.
Option A is invalid because Clastic beanstalk cannot launch new instances on demand. Since the current scenario requires Autoscaling, this is not the ideal option
Option B is invalid because this will be a maintenance overhead, since you just have an Autoscaling Group.
There is no need to create a whole Cloudformation
template for this.
Option D is invalid because Autoscaling Group will still launch CC2 instances with the older launch configuration
For more information on Autoscaling Launch configuration, please refer to the below document link: from AWS
http://docs.aws.amazon.com/autoscaling/latest/userguide/l_aunchConfiguration.html

A company has migrated its container-based applications to Amazon EKS and want to establish automated email notifications. The notifications sent to each email address are for specific activities related to EXS components. The solution will include Amazon SNS topics and an AWS Lambda function to evaluate incoming log events and publish messages to the correct SNS topic.
Which logging solution will support these requirements?

1. A. Enable Amazon CloudWatch Logs to log the EKS component
2. B. Create a CloudWatch subscription filterfor each component with Lambda as the subscription feed destination.
3. C. Enable Amazon CloudWatch Logs to log the EKS component
4. D. Create CloudWatch Logs Insights queries linked to Amazon CloudWatch Events events that trigger Lambda.
5. E. Enable Amazon S3 logging for the EKS component
6. F. Configure an Amazon CloudWatch subscription filter for each component with Lambda as the subscription feed destination.
7. G. Enable Amazon S3 logging for the EKS component
8. H. Configure S3 PUT Object event notifications with AWS Lambda as the destination.

Correct Answer: A

The resources for a business-critical, three-tier web application are expressed in a series of AWS CloudFormation templates. The application is using Amazon RDS for data and Amazon ElastiCache for session state. Users have reported degraded performance in the application. A DevOps Engineer notices that the T2 instance type is being used for the application tier and CPU usage is at 100% in Amazon CloudWatch. What process should the Engineer follow to restore operations with the LEAST amount of distribution to the end users?

1. A. Write a new CloudFormation template to include Amazon CloudFront in the environment, launch the stack, and update the Amazon Route 53 A record
2. B. Launch a new CloudFormation stack for the application tier using the M4 instance type, run acceptance tests against the new stack, and update the Amazon Route 53 A record
3. C. Update the CloudFormation stack for the application tier using the T2 Unlimited option, run acceptance tests against the new stack, and update the Amazon Route 53 A record
4. D. Launch a new CloudFormation stack for all tiers of the application in a different region, run acceptance tests against the new stack, and update the Amazon Route 53 A record

Correct Answer: C

A Development team is building more than 40 applications. Each app is a three-tiered web application based on an ELB Application Load Balancer, Amazon EC2, and Amazon RDS. Because the applications will be used internally, the Security team wants to allow access to the 40 applications only from the corporate network and block access from external IP addresses. The corporate network reaches the internet through proxy servers. The proxy servers have 12 proxy IP addresses that are being changed one or two times per month. The Network Infrastructure team manages the proxy servers; they upload the file that contains the latest proxy IP addresses into an Amazon S3 bucket. The DevOps Engineer must build a solution to ensure that the applications are accessible from the corporate network.
Which solution achieves these requirements with MINIMAL impact to application development, MINIMAL operational effort, and the LOWEST infrastructure cost?

1. A. Implement an AWS Lambda function to read the list of proxy IP addresses from the S3 object and to update the ELB security groups to allow HTTPS only from the given IP addresse
2. B. Configure the S3 bucket to invoke the Lambda function when the object is update
3. C. Save the IP address list to the S3 bucket when they are changed.
4. D. Ensure that all the applications are hosted in the same Virtual Private Cloud (VPC). Otherwise, consolidate the applications into a single VP
5. E. Establish an AWS Direct Connect connection with an active/standby configuratio
6. F. Change the ELB security groups to allow only inbound HTTPS connections from the corporate network IP addresses.
7. G. Implement a Python script with the AWS SDK for Python (Boto), which downloads the S3 object that contains the proxy IP addresses, scans the ELB security groups, and updates them to allow only HTTPS inbound from the given IP addresse
8. H. Launch an EC2 instance and store the script in the instanc
9. I. Use a cron job to execute the script daily.
10. J. Enable ELB security groups to allow HTTPS inbound access from the Interne
11. K. Use Amazon Cognito to integrate the company's Active Directory as the identity provide
12. L. Change the 40 applications to integrate with Amazon Cognito so that only company employees can log into the applicatio
13. M. Save the user access logs to Amazon CloudWatch Logs to record user access activities

Correct Answer: A

A devops engineer wants to deploy a serverless web application based on AWS Lambda. The deployment must meet the following requirements:
• Provide staging and production environments.
• Restrict the developers from accessing the production environment.
• Avoid hard coding passwords in the Lambda functions
• Store source code in AWS CodeCommit.
• Use AWS CodePipeline to automate the deployment. Which solution will accomplish this?

1. A. Create separate staging and production accounts to segregate deployment target
2. B. Use AWS KMS to store environment-specific values Use CodePipeline to automate deployments with AWS CodeDeploy.
3. C. Create separate staging and production accounts to segregate deployment target
4. D. Use Lambda environment variables to store environment-specific value
5. E. Use CodePipeline to automate deployments with AWS CodeDeploy.
6. F. Define tagging conventions for staging and production environments to segregate deployment targets.Use AWS KMS to store environment-specific values Use CodePipeline to automate deployments with AWS CodeDeploy.
7. G. Define naming conventions for staging and production environments to segregate deployment targets.Use Lambda environment variables to store environment-specific value
8. H. Use CodePipeline to automate deployments with AWS CodeDeploy

Correct Answer: A