Free AWS-Certified-DevOps-Engineer-Professional Exam Braindumps

A DevOps Engineer must implement monitoring for a workload running on Amazon EC2 and Amazon RDS MySQL. The monitoring must include:
Application logs and operating system metrics for the Amazon EC2 instances Database logs and operating system metrics for the Amazon RDS database Which steps should the Engineer take?

1. A. Install an Amazon CloudWatch agent on the EC2 and RDS instance
2. B. Configure the agent to send the operating system metrics and application and database logs to CloudWatch.
3. C. Install an Amazon CloudWatch agent on the EC2 instance, and configure the agent to send the application logs and operating system metrics to CloudWatc
4. D. Enable RDS Enhanced Monitoring, and modify the RDS instance to publish database logs to CloudWatch Logs.
5. E. Install an Amazon CloudWatch Logs agent on the EC2 instance and configure it to send application logs to CloudWatch.
6. F. Set up scheduled tasks on the EC2 and RDS instances to put operating system metrics and applicationand database logs into an Amazon S3 bucke
7. G. Set up an event on the bucket to invoke an AWS Lambda function to monitor for errors each time an object is put into the bucket.

Correct Answer: B

A financial institution provides security-hardened AMIs of Red Hat Enterprise Linux 7.4 and Windows Server 2016 for its application teams to use in deployments.
A DevOps Engineer needs to implement an automated daily check of each AMI to monitor for the latest CVE.
How should the Engineer implement these checks using Amazon Inspector?

1. A. Install the Amazon Inspector agent in each AM
2. B. Configure AWS Step Functions to launch an Amazon EC2 instance for each operating system from the hardened AMI, and tag the instance with SecurityCheck: Tru
3. C. Once EC2 instances have booted up, Step Functions will trigger an Amazon Inspector assessment for all instances with the tag SecurityCheck: Tru
4. D. Implement a scheduled Amazon CloudWatch Events rule that triggers Step Functions once each day.
5. E. Tag each AMI with SecurityCheck: Tru
6. F. Configure AWS Step Functions to first compose an Amazon Inspector assessment template for all AMIs that have the tag SecurityCheck: True and second to make a call to the Amazon Inspector API action StartAssessmentRu
7. G. Implement a scheduled Amazon CloudWatch Events rule that triggers Step Functions once each day.
8. H. Tag each AMI with SecurityCheck: Tru
9. I. Implement a scheduled Amazon Inspector assessment to run once each day for all AMIs with the tag SecurityCheck: Tru
10. J. Amazon Inspector should automatically launch an Amazon EC2 instance for each AMI and perform a security assessment.
11. K. Tag each instance with SecurityCheck: Tru
12. L. Implement a scheduled Amazon Inspector assessment to run once each day for all instances with the tag SecurityCheck: Tru
13. M. Amazon Inspector should automatically perform an in-place security assessment for each AMI.

Correct Answer: A
https://aws.amazon.com/pt/blogs/security/how-to-set-up-continuous-golden-ami-vulnerability-assessments-with

A DevOps engineer is tasked with migrating Docker containers used for a workload to AWS. The solution must allow for changes to be deployed into development and test environments automatically by updating each container and checking it into a container registry Once the containers are pushed, they must be deployed automatically
Which solution will meet these requirements?

1. A. Store container images in Amazon S3. Run the containers in AWS Elastic Beanstalk using a multicontainer Docker environmen
2. B. Configure Elastic Beanstalk to redeploy the containers if it detectsa new version in Amazon S3.
3. C. Store container images in AWS Artifact Use AWS CodePipeline to trigger a deployment if a new container version is create
4. D. Use AWS CodeDeploy to deploy new containers to Amazon EKS.
5. E. Store container images in Amazon ECR Use AWS CodePipeline to trigger a deployment if a new container version is created Use AWS CodeDeploy to deploy the image to AWS Fargate.
6. F. Store container images in Docker Hub Install Docker on an Amazon EC2 instance and use AWS CodePipeline and AWS CodeDeploy to deploy any new containers

Correct Answer: C

A development team wants to deploy an application using AWS CloudFormation stacks, but the developer IAM role does not currently have the required permissions to provision the resources specified in the CloudFormation template. A DevOps engineer is tasked with allowing developers to deploy the stacks while following the principal of least privilege.
Which solution will meet these requirements?

1. A. Create an IAM policy that allows developers to provision the required resource
2. B. Attach the policy to the developer role.
3. C. Create an IAM policy that allows full access to CloudFormatio
4. D. Attach the policy to the developer role.
5. E. Create a new IAM role with the required permissions to use as a CloudFormation service rol
6. F. Grant the developer role a cloudformation:* action.
7. G. Create a new IAM role with the required permissions to use as a CloudFormation service rol
8. H. Grant the developer role the iam:PassRole permission.

Correct Answer: C
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-servicerole.html

A company hosts parts of a Python-based application using AWS Elastic Beanstalk. An Elastic Beanstalk CLI is being used to create and update the environments. The Operations team detected an increase in requests in one of the Elastic Beanstalk environments that caused downtime overnight. The team noted that the policy used for AWS Auto Scaling is NetworkOut. Based on load testing metrics, the team determined that the application needs to scale CPU utilization to improve the resilience of the environments. The team wants to implement this across all environments automatically.
Following AWS recommendations, how should this automation be implemented?

1. A. Using ebextensions, place a command within the container_commands key to perform an API call tomodify the scaling metric to CPUUtilization for the Auto Scaling configuratio
2. B. Use leader_only to execute this command in only the first instance launched within the environment.
3. C. Using ebextensions, create a custom resource that modifies the AWSEBAutoScalingScaleUpPolicy and AWSEBAutoScalingScaleDownPolicy resources to use CPUUtilization as a metric to scale for the Auto Scaling group.
4. D. Using ebextensions, configure the option setting MeasureName to CPUUtilization within the aws:autoscaling:trigger namespace.
5. E. Using ebextensions, place a script within the files key and place it in/opt/elasticbeanstalk/hooks/appdeploy/pre to perform an API call to modify the scaling metric to CPUUtilization for the Auto Scaling configuratio
6. F. Use leader_only to place this script in only the first instance launched within the environment.

Correct Answer: C