Free AWS-Certified-DevOps-Engineer-Professional Exam Braindumps

A DevOps Engineer administers an application that manages video files for a video production company. The application runs on Amazon EC2 instances behind an ELB Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. Data is stored in an Amazon RDS PostgreSQL
Multi-AZ DB instance, and the video files are stored in an Amazon S3 bucket. On a typical day, 50 GB of new video are added to the S3 bucket. The Engineer must implement a multi-region disaster recovery plan with the least data loss and the lowest recovery times. The current application infrastructure is already described using AWS CloudFormation.
Which deployment option should the Engineer choose to meet the uptime and recovery objectives for the system?

1. A. Launch the application from the CloudFormation template in the second region, which sets the capacity of the Auto Scaling group to 1. Create an Amazon RDS read replica in the second regio
2. B. In the second region, enable cross-region replication between the original S3 bucket and a new S3 bucke
3. C. To fail over, promote the read replica as maste
4. D. Update the CloudFormation stack and increase the capacity of the Auto Scaling group.
5. E. Launch the application from the CloudFormation template in the second region, which sets the capacity of the Auto Scaling group to 1. Create a scheduled task to take daily Amazon RDS cross-region snapshots to the second regio
6. F. In the second region, enable cross-region replication between the original S3 bucket and Amazon Glacie
7. G. In a disaster, launch a new application stack in the second region and restore the database from the most recent snapshot.
8. H. Launch the application from the CloudFormation template in the second region which sets the capacity of the Auto Scaling group to 1. Use Amazon CloudWatch Events to schedule a nightly task to take a snapshot of the database, copy the snapshot to the second region, and replace the DB instance in the second region from the snapsho
9. I. In the second region, enable cross-region replication between the original S3 bucket and a new S3 bucke
10. J. To fail over, increase the capacity of the Auto Scaling group.
11. K. Use Amazon CloudWatch Events to schedule a nightly task to take a snapshot of the database and copy the snapshot to the second regio
12. L. Create an AWS Lambda function that copies each object to a new S3 bucket in the second region in response to S3 event notification
13. M. In the second region, launch the application from the CloudFormation template and restore the database from the most recent snapshot.

Correct Answer: A

A defect was discovered in production and a new sprint item has been created for deploying a hotfix. However, any code change must go through the following steps before going into production:
*Scan the code for security breaches, such as password and access key leaks. Run the code through extensive, long running unit tests.
Which source control strategy should a DevOps Engineer use in combination with AWS CodePipeline to complete this process?

1. A. Create a hotfix tag on the last commit of the master branc
2. B. Trigger the development pipeline from the hotfix ta
3. C. Use AWS CodeDeploy with Amazon ECS to do a content scan and run unit test
4. D. Add a manual approval stage that merges the hotfix tag into the master branch.
5. E. Create a hotfix branch from the master branc
6. F. Triger the development pipeline from the hotfix branch.Use AWS CodeBuild to do a content scan and run unit test
7. G. Add a manual approval stage that merges the hotfix branch into the master branch.
8. H. Create a hotfix branch from the master branc
9. I. Triger the development pipeline from the hotfix branch.Use AWS Lambda to do a content scan and run unit test
10. J. Add a manual approval stage that merges the hotfix branch into the master branch.
11. K. Create a hotfix branch from the master branc
12. L. Create a separate source stage for the hotfix branch in the production pipelin
13. M. Trigger the pipeline from the hotfix branc
14. N. Use AWS Lambda to do a content scan and use AWS CodeBuild to run unit test
15. O. Add a manual approval stage that merges the hotfix branch into the master branch.

Correct Answer: B

A company recently launched an application that is more popular than expected. The company wants to ensure the application can scale to meet increasing demands and provide reliability using multiple Availability Zones (AZs) The application runs on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB) A DevOps engineer has created an Auto Scaling group across multiple AZs for the application Instances launched in the newly added AZs are not receiving any traffic for the application.
What is likely causing this issue?

1. A. Auto Scaling groups can create new instances in a single AZ only.
2. B. The EC2 instances have not been manually associated to the ALB
3. C. The ALB should be replaced with a Network Load Balancer (NLB).
4. D. The new AZ has not been added to the ALB

Correct Answer: A

A company mandates the creation of capture logs for everything running in its AWS account. The account has multiple VPCs with Amazon EC2 instances, Application Load Balancers, Amazon RDS MySQL databases, and AWS WAF rules configured. The logs must be protected from deletion. A daily visual analysis of log anomalies from the previous day is required.
Which combination of actions should a DevOps Engineer take to accomplish this? (Choose three.)

1. A. Configure an AWS Lambda function to send all CloudWatch logs to an Amazon S3 bucke
2. B. Create a dashboard report in Amazon QuickSight.
3. C. Configure AWS CloudTrail to send all logs to Amazon Inspecto
4. D. Create a dashboard report in Amazon QuickSight.
5. E. Configure Amazon S3 MFA Delete on the logging Amazon S3 bucket.
6. F. Configure an Amazon S3 object lock legal hold on the logging Amazon S3 bucket.
7. G. Configure AWS Artifact to send all logs to the logging Amazon S3 bucke
8. H. Create a dashboard report in Amazon QuickSight.
9. I. Deploy an Amazon CloudWatch agent to all Amazon EC2 instances.

Correct Answer: ADF

A DevOps engineer has been tasked with ensuring that all Amazon S3 buckets, except for those with the word "public" in the name, allow access only to authorized users utilizing S3 bucket policies. The security team wants to be notified when a bucket is created without the proper policy and for the policy to be automatically updated.
Which solutions will meet these requirements?

1. A. Create a custom AWS Config rule that will trigger an AWS Lambda function when an S3 bucket is created or update
2. B. Use the Lambda function to look for S3 buckets that should be private, but that do not have a bucket policy that enforces privac
3. C. When such a bucket is found, invoke a remediation action and use Amazon SNS to notify the security team.
4. D. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that triggers when an S3 bucket is create
5. E. Use an AWS Lambda function to determine whether the bucket should be privat
6. F. If the bucket should be private, update the PublicAccessBlock configuratio
7. G. Configure a second EventBridge (CloudWatch Events) rule to notify the security team using Amazon SNS when PutBucketPolicy is called.
8. H. Create an Amazon S3 event notification that triggers when an S3 bucket is created that does not have the word "public" in the nam
9. I. Define an AWS Lambda function as a target for this notification and use the function to apply a new default policy to the S3 bucke
10. J. Create an additional notification with the same filter and use Amazon SNS to send an email to the security team.
11. K. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that triggers when a new object is created in a bucket that does not have the word "public" in the nam
12. L. Target and use an AWS Lambda function to update the PublicAccessBlock configuratio
13. M. Create an additional notification with the same filter and use Amazon SNS to send an email to the security team.

Correct Answer: A