Here you have the best Amazon DOP-C01 practice exam questions
A company wants to migrate its content sharing web application hosted on Amazon EC2 to a serverless architecture. The company currently deploys changes to its application by creating a new Auto Scaling group of EC2 instances and a new Elastic Load Balancer, and then shifting the traffic away using an Amazon Route
53 weighted routing policy.
For its new serverless application, the company is planning to use Amazon API Gateway and AWS Lambda. The company will need to update its deployment processes to work with the new application. It will also need to retain the ability to test new features on a small number of users before rolling the features out to the entire user base.
Which deployment strategy will meet these requirements?
To migrate a content sharing web application to a serverless architecture using Amazon API Gateway and AWS Lambda, and to retain the ability to test new features on a small number of users before rolling the features out to the entire user base, the best strategy is to use AWS CloudFormation to deploy API Gateway and Lambda functions with Lambda function versions. When code needs to be changed, updating the CloudFormation stack with the new Lambda code and using a canary release strategy allows for promoting the new version once testing is complete, which satisfies the requirements for controlled feature rollouts and minimizes disruption.
A company's application is currently deployed to a single AWS Region. Recently, the company opened a new office on a different continent. The users in the new office are experiencing high latency. The company's application runs on Amazon EC2 instances behind an Application Load Balancer (ALB) and uses Amazon
DynamoDB as the database layer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones. A DevOps Engineer is tasked with minimizing application response times and improving availability for users in both Regions.
Which combination of actions should be taken to address the latency issues? (Choose three.)
To address latency issues for users on a different continent, the best approach involves multiple actions. First, creating new ALB and Auto Scaling group resources in the new Region allows the application to serve traffic locally, reducing latency by geographically distributing the load (C). Additionally, setting up Amazon Route 53 with health checks and latency-based routing policies ensures that traffic is directed to the ALB with the least latency, which improves response times for users (D). Lastly, converting the DynamoDB table to a global table enables replication across multiple regions, providing low-latency access to database records for users in both regions and ensuring high availability (F). These combined actions will minimize application response times and improve availability for users in both regions.
A DevOps engineer used an AWS CloudFormation custom resource to set up AD Connector. The AWS Lambda function executed and created AD Connector, but
CloudFormation is not transitioning from CREATE_IN_PROGRESS to CREATE_COMPLETE.
Which action should the engineer take to resolve this issue?
When using a custom resource in AWS CloudFormation, the Lambda function must respond to a pre-signed URL provided in the event it receives from CloudFormation. This URL is used by CloudFormation to get the status of the custom resource creation. If the Lambda function does not send a response to this URL, CloudFormation will not know that the resource creation has finished, resulting in the stack remaining in the CREATE_IN_PROGRESS state.
A company plans to stop using Amazon EC2 key pairs for SSH access, and instead plans to use AWS Systems Manager Session Manager. To further enhance security, access to Session Manager must take place over a private network only.
Which combinations of actions will accomplish this? (Choose two.)
To use AWS Systems Manager Session Manager securely over a private network, two actions are critical. First, attaching an IAM policy with the necessary Systems Manager permissions to the existing IAM instance profile is essential because it grants the EC2 instances permissions to utilize Systems Manager. Second, creating a VPC endpoint for Systems Manager in the desired Region ensures that communication between the instances and Systems Manager occurs over the private network, without traversing the internet. This setup provides enhanced security for access to Session Manager within a private network.
A company runs an application with an Amazon EC2 and on-premises configuration. A DevOps Engineer needs to standardize patching across both environments. Company policy dictates that patching only happens during non-business hours.
Which combination of actions will meet these requirements? (Choose three.)
To standardize patching across Amazon EC2 and on-premises configurations while adhering to the company's policy of patching only during non-business hours, a combination of the following actions is required: Adding the physical machines into AWS Systems Manager using Systems Manager Hybrid Activations is essential to manage the on-premises machines (A). Attaching an IAM role to the EC2 instances will allow those instances to be managed by AWS Systems Manager, providing the necessary permissions (B). Finally, using AWS Systems Manager Maintenance Windows is crucial for scheduling the patch window during non-business hours (F). These steps ensure that both environments are consistently and securely patched according to the specified schedule.