• Home
  • Articles
  • Latest [Oct 27, 2021] AWS-DevOps Exam Dumps - Valid and Updated Dumps [Q37-Q61]

Latest [Oct 27, 2021] AWS-DevOps Exam Dumps - Valid and Updated Dumps [Q37-Q61]

Share

Latest [Oct 27, 2021] AWS-DevOps Exam Dumps - Valid and Updated Dumps

Free Sales Ending Soon - 100% Valid AWS-DevOps Exam Dumps with 275 Questions


Prerequisites

Before pursuing the Amazon AWS Certified DevOps Engineer – Professional certification, it is important to make sure that you are the right person for this path. All the Amazon certificates are designed for the specific individuals, so you must fall into this category of people. Otherwise, you will have a tough time passing the associated exam.

The potential candidates for this professional-level certificate are those individuals who perform the DevOps Engineer role. They should have at least 2 years of working experience in managing, operating, and provisioning the AWS environments. Besides that, the test takers should have expertise in coding at least one high-level programming language and possess a good understanding of the latest methodologies, processes, operations, and development.

 

NEW QUESTION 37
When logging with Amazon CloudTrail, API call information for services with regional end points is ____.

  • A. captured in the region where the end point is located, processed in the region where the CloudTrail trail is configured, and delivered to the region associated with your Amazon S3 bucket
  • B. captured and processed in the same region as to which the API call is made and delivered to the region associated with your Amazon S3 bucket
  • C. captured in the same region as to which the API call is made and processed and delivered to the region associated with your Amazon S3 bucket
  • D. captured, processed, and delivered to the region associated with your Amazon S3 bucket

Answer: B

Explanation:
When logging with Amazon CloudTrail, API call information for services with regional end points (EC2, RDS etc.) is captured and processed in the same region as to which the API call is made and delivered to the region associated with your Amazon S3 bucket. API call information for services with single end points (IAM, STS etc.) is captured in the region where the end point is located, processed in the region where the CloudTrail trail is configured, and delivered to the region associated with your Amazon S3 bucket.
Reference: https://aws.amazon.com/cloudtrail/faqs/

 

NEW QUESTION 38
You are a Devops Enginneer in your company. You have been instructed to ensure there is an automated
backup solution in place for EBS Volumes. These snapshots need to be retained only for a period of 20 days.
How can you achieve this requirement in an efficient manner?

  • A. Use Amazon Data Lifecycle Manager to automate the process.
  • B. UseLifecycle policies to push the EBS Volumes to Amazon Glacier. Then use furtherlifecycle policies
    to delete the snapshots after 20 days.
  • C. UseLifecycle policies to push the EBS Volumes to Amazon S3. Then use further lifecyclepolicies to
    delete the snapshots after 20 days.
  • D. Usethe aws ec2 create-volume API to create a snapshot of the EBS Volume. The usethe
    describe-volume to see those snapshots which are greater than 20 days andthen delete them accordingly
    using the delete-volume API call.

Answer: A

Explanation:
Explanation
Use Amazon Data Lifecycle Manager (Amazon DLM) to automate the creation, retention, and deletion of
snapshots taken to back up your Amazon EBS volumes.
Automating snapshot management helps you to:
*
Protect valuable data by enforcing a regular backup schedule.
Retain backups as required by auditors or internal compliance.
*
Reduce storage costs by deleting outdated backups.
For more Information, Please check the below AWS Docs:
* https://docs.aws.amazon.com/AWSCC2/latest/UserGuide/snapshot-lifecycle.html

 

NEW QUESTION 39
A DevOps engineer is writing an AWS CloudFormation template to stand up a web service that will run on Amazon EC2 instances in a private subnet behind an ELB Application Load Balancer.
The Engineer must ensure that the service can accept requests from clients that have IPv6 addresses. Which configuration items should the Engineer incorporate into the CloudFormation template to allow IPv6 clients to access the web service?

  • A. Assign each EC2 instance an IPv6 Elastic IP address. Create a target group and add the EC2 instances as targets. Create a listener on port 443 of the Application Load Balancer, and associate the newly created target group as the default target group.
  • B. Create a target group and add the EC2 instances as targets. Create a listener on port 443 of the Application Load Balancer. Associate the newly created target group as the default target group.
    Select a dual stack IP address, and create a rule in the security group that allows inbound traffic from anywhere.
  • C. Replace the Application Load Balancer with a Network Load Balancer. Associate an IPv6 CIDR block with the Virtual Private Cloud (VPC) and subnets where the Network Load Balancer lives, and assign the Network Load Balancer an IPv6 Elastic IP address.
  • D. Associate an IPv6 CIDR block with the Amazon VPC and subnets where the EC2 instances will live.
    Create route table entries for the IPv6 network, use EC2 instance types that support IPv6, and assign IPv6 addresses to each EC2 instance.

Answer: B

Explanation:
https://aws.amazon.com/about-aws/whats-new/2017/01/announcing-internet-protocol-version-6- ipv6-support-for-elastic-load-balancing-in-amazon-virtual-private-cloud-vpc/

 

NEW QUESTION 40
A company wants to create standard templates for deployment of their Infrastructure. Which AWS service can be used in this regard? Please choose one option.

  • A. AWSEIastic Beanstalk
  • B. AWSOpsWorks
  • C. AmazonSimple Workflow Service
  • D. AWSCIoudFormation

Answer: D

Explanation:
Explanation
AWS Cloud Formation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.
You can use AWS Cloud Formation's sample templates or create your own templates to describe the AWS resources, and any associated dependencies or runtime parameters, required to run your application. You don't need to figure out the order for provisioning AWS services or the subtleties of making those dependencies work. Cloud Formation takes care of this for you. After the AWS resources are deployed, you can modify and update them in a controlled and predictable way, in effect applying version control to your AWS infrastructure the same way you do with your software. You can also visualize your templates as diagrams and edit them using a drag-and-drop interface with the AWS CloudFormation Designer.
For more information on Cloudformation, please visit the link:
* https://aws.amazon.com/cloudformation/

 

NEW QUESTION 41
A Developer is maintaining a fleet of 50 Amazon EC2 Linux servers. The servers are part of an Amazon EC2 Auto Scaling group, and also use Elastic Load Balancing for load balancing.
Occasionally, some application servers are being terminated after failing ELB HTTP health checks. The Developer would like to perform a root cause analysis on the issue, but before being able to access application logs, the server is terminated.
How can log collection be automated?

  • A. Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create an Amazon CloudWatch Events rule for EC2 Instance- and trigger an AWS Lambda function that executes a SSM Run Command script to collect logs, push them to Amazon S3, terminate Lifecycle Action and complete the lifecycle action once logs are collected.
  • B. Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create a Config rule for EC2 Instance-terminate Lifecycle and trigger a step function that executes a script to collect logs, push them to Amazon S3, and complete the lifecycle action once logs are collected. Action
  • C. Use Auto Scaling lifecycle hooks to put instances in a Pending:Wait state. Create an Amazon CloudWatch Alarm for EC2 Instance Terminate and trigger an AWS Lambda function that executes an SSM Run Command script to collect logs, push them to Amazon S3, and complete the Successful lifecycle action once logs are collected.
  • D. Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create an Amazon CloudWatch subscription filter for EC2 Instance and trigger a CloudWatch agent that executes a script to called logs, push them to Amazon S3, and complete the lifecycle action Terminate Successful once logs are collected.

Answer: A

 

NEW QUESTION 42
A media customer has several thousand amazon EC2 instances in an AWS account. The customer is using a Slack channel for team communications and important updates. A DevOps Engineer was told to send all AWS-scheduled maintenance notifications to the company Slack channel. Which method should the Engineer use to implement this process in the LEAST amount of steps?

  • A. Integrate AWS Personal Health Dashboard with Amazon CloudWatch Events. Based on the CloudWatch Events created, the event can invoke an AWS Lambda function to send notifications to the Slack channel.
  • B. Integrate AWS Support with AWS CloudTrail. Based on the CloudTrail lookup event created, the event can invoke an AWS Lambda function to pass EC2 maintenance notifications to the Slack channel.
  • C. Integrate AWS Trusted Advisor with AWS Config. Based on the AWS Config rules created, the AWS Config event can invoke an AWS Lambda function to send notifications to the Slack channel.
  • D. Integrate EC2 events with Amazon CloudWatch monitoring. Based on the CloudWatch Alarm created, the alarm can invoke an AWS Lambda function to send EC2 maintenance notifications to the Slack channel.

Answer: A

Explanation:
https://docs.aws.amazon.com/health/latest/ug/cloudwatch-events-health.html

 

NEW QUESTION 43
You are in charge of designing a Cloudformation template which deploys a LAMP stack. After deploying a stack, you see that the status of the stack is showing as CREATE_COMPLETE, but the apache server is still not up and running and is experiencing issues while starting up. You want to ensure that the stack creation only shows the status of CREATE_COMPLETE after all resources defined in the stack are up and running.
How can you achieve this?
Choose 2 answers from the options given below.

  • A. Usethe CreationPolicy to ensure it is associated with the EC2 Instance resource.
  • B. Definea stack policy which defines that all underlying resources should be up andrunning before showing a status of CREATE_COMPLETE.
  • C. Usethe CFN helper scripts to signal once the resource configuration is complete.
  • D. Uselifecycle hooks to mark the completion of the creation and configuration of theunderlying resource.

Answer: A,C

Explanation:
Explanation
The AWS Documentation mentions
When you provision an Amazon EC2 instance in an AWS Cloud Formation stack, you might specify additional actions to configure the instance, such as install software packages or bootstrap applications.
Normally, CloudFormation proceeds with stack creation after the instance has been successfully created.
However, you can use a Creation Pol icy so that CloudFormation proceeds with stack creation only after your configuration actions are done. That way you'll know your applications are ready to go after stack creation succeeds.
For more information on the Creation Policy, please visit the below url
https://aws.amazon.com/blogs/devops/use-a-creationpolicy-to-wait-for-on-instance-configurations/

 

NEW QUESTION 44
What is the scope of an EBS volume?

  • A. Region
  • B. VPC
  • C. Availability Zone
  • D. Placement Group

Answer: C

Explanation:
An Amazon EBS volume is tied to its Availability Zone and can be attached only to instances in the same Availability Zone.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resources.html

 

NEW QUESTION 45
You have an application running on an Amazon EC2 instance and you are using IAM roles to securely access AWS Service APIs.
How can you configure your application running on that instance to retrieve the API keys for use with the AWS SDKs?

  • A. When assigning an EC2 IAM role to your instance in the console, in the "Chosen SDK" drop- down list, select the SDK that you are using, and the instance will configure the correct SDK on launch with the API keys.
  • B. Within your application code, configure the AWS SDK to get the API keys from environment variables, because assigning an Amazon EC2 role stores keys in environment variables on launch.
  • C. When using AWS SDKs and Amazon EC2 roles, you do not have to explicitly retrieve API keys, because the SDK handles retrieving them from the Amazon EC2 MetaData service.
  • D. Within your application code, make a GET request to the IAM Service API to retrieve credentials for your user.

Answer: C

 

NEW QUESTION 46
A large enterprise is deploying a web application on AWS. The application runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The application stores data in an Amazon RDS Oracle DB instance and Amazon DynamoDB. There are separate environments for development, testing, and production. What is the MOST secure and flexible way to obtain password credentials during deployment?

  • A. Launch the EC2 instances with an EC2 IAM role to access AWS services. Retrieve the database credentials from AWS Secrets Manager.
  • B. Retrieve an access key from an AWS Systems Manager SecureString parameter to access AWS services. Retrieve the database credentials from a Systems Manager SecureString parameter.
  • C. Launch the EC2 instances with an EC2 IAM role to access AWS services. Store the database passwords in an encrypted config file with the application artifacts.
  • D. Retrieve an access key from an AWS Systems Manager plaintext parameter to access AWS services. Retrieve the database credentials from a Systems Manager SecureString parameter.

Answer: A

Explanation:
https://www.1strategy.com/blog/2019/02/28/aws-parameter-store-vs-aws-secrets-manager/

 

NEW QUESTION 47
A company using AWS CodeCommit for source control wants to automate its continuous integration and continuous deployment pipeline on AWS in its development environment. The company has three requirements:
1. There must be a legal and a security review of any code change to make sure sensitive information is not leaked through the source code.
2. Every change must go through unit testing.
3. Every change must go through a suite of functional testing to ensure functionality.
In addition, the company has the following requirements for automation:
1. Code changes should automatically trigger the CI/CD pipellline.
2. Any failure in the pipeline should notify [email protected].
3. There must be an approval to stage the assets to Amazon S3 after tests have been performed.
What should a DevOps Engineer do to meet all of these requirements while following CI/CD best practices?

  • A. Commit to the development branch and trigger AWS CodePipeline from the development branch. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval.
    Use Amazon CloudWatch metrics to detect changes in pipeline stages and Amazon SES for emailing devops- [email protected].
  • B. Commit to mainline and trigger AWS CodePipeline from mainline. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval. Use Amazon CloudWatch Events to detect changes in pipeline stages and Amazon SES for emailing [email protected].
  • C. Commit to mainline and trigger AWS CodePipeline from mainline. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval. Use AWS CloudTrail logs to detect changes in pipeline stages and Amazon SNS for emailing [email protected].
  • D. Commit to the development branch and trigger AWS CodePipeline from the development branch. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval.
    Use Amazon CloudWatch Events to detect changes in pipeline stages and Amazon SNS for emailing devops- [email protected].

Answer: D

 

NEW QUESTION 48
You are trying to debug the creation of Cloudformation stack resources. Which of the following can be used to help in the debugging process?
Choose 2 answers from the options below

  • A. UseAWSConfig to debug all the API call's sent by the Cloudformation stack.
  • B. Usethe AWS CloudFormation console to view the status of yourstack.
  • C. UseCloudtrail to debugall the API call's sent by the Cloudformation stack.
  • D. Seethe logs in the/var/log directory for Linux instances

Answer: B,D

Explanation:
Explanation
The AWS Documentation mentions
Use the AWS Cloud Formation console to view the status of your stack. In the console, you can view a list of stack events while your stack is being created, updated, or deleted. From this list, find the failure event and then view the status reason for that event.
For Amazon CC2 issues, view the cloud-init and cfn logs. These logs are published on the Amazon CC2 instance in the /var/log/ directory. These logs capture processes and command outputs while AWS Cloud Formation is setting up your instance. For Windows, view the L~C2Configure service and cfn logs in %ProgramFiles%\Amazon\CC2ConfigService and C:\cfn\log.
For more information on Cloudformation Troubleshooting, please visit the below URL:
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/troubleshooting.html

 

NEW QUESTION 49
A vendor needs access to your AWS account. They need to be able to read protected messages in a private S3 bucket. They have a separate AWS account. Which of the solutions below is the best way to do this?

  • A. Createa cross-account 1AM role with permission to access the bucket, and grantpermission to use the role to the vendor AWS account.
  • B. Createan 1AM User with API Access Keys. Give the vendor the AWS Access Key ID and AWSSecret Access Key for the user.
  • C. Allowthe vendor to ssh into your EC2 instance and grant them an 1AM role with fullaccess to the bucket.
  • D. Createan S3 bucket policy that allows the vendor to read from the bucket from theirAWS account.

Answer: A

Explanation:
Explanation
The AWS Documentation mentions the following on cross account roles
You can use AWS Identity and Access Management (I AM) roles and AWS Security Token Service (STS) to set up cross-account access between AWS accounts. When you assume an 1AM role in another AWS account to obtain cross-account access to services and resources in that account, AWS CloudTrail logs the cross-account activity. For more information on Cross account roles, please visit the below URL
* http://docs.aws.amazon.com/IAM/latest/UserGuide/tuto
rial_cross-account-with-roles.html
* https://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example2.htm

 

NEW QUESTION 50
A company wants to use Amazon DynamoDB for maintaining metadata on its forums. See the sample data set in the image below.

A DevOps Engineer is required to define the table schema with the partition key, the sort key, the local secondary index, projected attributes, and fetch operations. The schema should support the following example searches using the least provisioned read capacity units to minimize cost.
- Search within ForumName for items where the subject starts with `a'.
- Search forums within the given LastPostDateTime time frame.
- Return the thread value where LastPostDateTime is within the last
three months.
Which schema meets the requirements?

  • A. Use ForumName as the primary key and Subject as the sort key. Have LSI with LastPostDateTime as the sort key and the projected attribute thread.
  • B. Use ForumName as the primary key and Subject as the sort key. Have LSI with Thread as the sort key and the projected attribute LastPostDateTime.
  • C. Use Subject as the primary key and ForumName as the sort key. Have LSI with Thread as the sort key and fetch operations for LastPostDateTime.
  • D. Use Subject as the primary key and ForumName as the sort key. Have LSI with LastPostDateTime as the sort key and fetch operations for thread.

Answer: D

 

NEW QUESTION 51
You are setting up cloudformation templates for your organization. The cloudformation template consists of creating EC2 Instances for both your development and production environments in the same region. Each of these instances will have an Elastic IP and a security group attached to them which will be done via Cloudformation. Your cloudformation stack for the development environment gets successfully created, but then the production cloudformation stack fails. Which of the below could be a reason for this.

  • A. Youhave chosen the wrong tags when creating the instances in both environments.
  • B. Youhit the soft limit of 5 EIPs per region when creating the developmentenvironment.
  • C. Youhit the soft limit for security groups when creating the developmentenvironment.
  • D. Youdidn't choose the Production version of the AMI you are using when creating theproduction stack.

Answer: B

Explanation:
Explanation
The most viable reason could be that you reached the limit for the number of Clastic IP's in the region.
For more information on AWS CC2 service limits, please refer to the below link:
* http://docs.aws.a
mazon.com/AWSCC2/latest/UserGuide/ec2-resource-l imits.html

 

NEW QUESTION 52
A company wants to use Amazon DynamoDB for maintaining metadata on its forums. See the sample data set in the image below.

A DevOps Engineer is required to define the table schema with the partition key, the sort key, the local secondary index, projected attributes, and fetch operations.
The schema should support the following example searches using the least provisioned read capacity units to minimize cost.
-Search within ForumName for items where the subject starts with "~a'.
-Search forums within the given LastPostDateTime time frame.
-Return the thread value where LastPostDateTime is within the last three months.
Which schema meets the requirements?

  • A. Use ForumName as the primary key and Subject as the sort key. Have LSI with Thread as the sort key and the projected attribute LastPostDateTime.
  • B. Use Subject as the primary key and ForumName as the sort key. Have LSI with LastPostDateTime as the sort key and fetch operations for thread.
  • C. Use Subject as the primary key and ForumName as the sort key. Have LSI with Thread as the sort key and fetch operations for LastPostDateTime.
  • D. Use ForumName as the primary key and Subject as the sort key. Have LSI with LastPostDateTime as the sort key and the projected attribute thread.

Answer: D

Explanation:
Explanation
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/LSI.html

 

NEW QUESTION 53
Which major database needs a BYO license?

  • A. Oracle
  • B. MySQL
  • C. PostgreSQL
  • D. MariaDB

Answer: A

Explanation:
Oracle is not open source, and requires a bring your own license model.
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Oracle.html

 

NEW QUESTION 54
A Solution Architect is designing a disaster recovery solution for a 5 TB Amazon Redshift cluster. The
recovery site must be at least 500 miles (805 kilometers) from the live site.
How should the Architect meet these requirements?

  • A. Enable cross-region snapshots to a different region.
  • B. Use AWS CloudFormation to deploy the cluster in a second region.
  • C. Take a snapshot of the cluster and copy it to another Availability Zone.
  • D. Modify the Redshift cluster to span two regions.

Answer: D

 

NEW QUESTION 55
A company runs a production application workload in a single AWS account that uses Amazon Route 53, AWS Elastic Beanstalk, and Amazon RDS. In the event of a security incident, the Security team wants the application workload to fail over to a new AWS account. The Security team also wants to block all access to the original account immediately, with no access to any AWS resources in the original AWS account, during forensic analysis. What is the most cost-effective way to prepare to fail over to the second account prior to a security incident?

  • A. Migrate the Amazon Route 53 configuration to a dedicated AWS account. Mirror the Elastic Beanstalk configuration in a different account. Enable RDS Database Read Replicas in a different account.
  • B. Migrate the Amazon Route 53 configuration to a dedicated AWS account. Save/copy the Elastic Beanstalk configuration files in a different AWS account. Copy snapshots of the RDS Database to a different account.
  • C. Save/copy the Amazon Route 53 configurations for use in a different AWS account after an incident. Mirror the configuration of Elastic Beanstalk in a different account. Copy snapshots of the RDS database to a different account.
  • D. Save/copy the Amazon Route 53 configurations for use in a different AWS account after an incident. Save/copy Elastic Beanstalk configuration files to a different account. Enable the RDS database read replica in a different account.

Answer: B

 

NEW QUESTION 56
A company indexes all of its Amazon CloudWatch Logs on Amazon ES and uses Kibana to view a dashboard for actionable insight. The company wants to restrict user access to Kibana by user Which actions can a DevOps Engineer take to meet this requirement? (Select TWO.)

  • A. Use Amazon Cognito to offer user name and password protection for Kibana
  • B. Create a proxy server with AWS IAM user and restrict access of the Amazon ES endpoint to the IAM user
  • C. Create a proxy server with user authentication and an Elastic IP address and restrict access of the Amazon ES endpoint to the IP address
  • D. Create a proxy server with user authentication in an Auto Scaling group and restrict access of the Amazon ES endpoint to an Auto Scaling group tag
  • E. Use AWS SSO to offer user name and password protection for Kibana

Answer: C,D

 

NEW QUESTION 57
A company wants to use Amazon ECS to provide a Docker container runtime environment. For compliance reasons, all Amazon EBS volumes used in the ECS cluster must be encrypted. Rolling updates will be made to the cluster instances and the company wants the instances drained of all tasks before being terminated.
How can these requirements be met? (Select TWO.)

  • A. Use AWS CodePipeline to build a pipeline that discovers the latest Amazon-provided ECS AMI, then copies the image to an encrypted AMI outputting the encrypted AMI ID. Use the encrypted AMI ID when deploying the cluster.
  • B. Create an IAM role that allows the action ECS::EncryptedImage. Configure the AWS CLI and a profile to use this role. Start the cluster using the AWS CLI providing the --use-encrypted-imageand --kms- keyarguments to the create-clusterECS command.
  • C. Modify the default ECS AMI user data to create a script that executes docker rm -f {id}for all running container instances. Copy the script to the /etc/init.d/rc.d directory and execute chconfigenabling the script to run during operating system shutdown.
  • D. Copy the default AWS CloudFormation template that ECS uses to deploy cluster instances. Modify the template resource EBS configuration setting to set 'Encrypted: True' and include the AWS KMS alias: 'aws/ ebs' to encrypt the AMI.
  • E. Create an Auto Scaling lifecycle hook backed by an AWS Lambda function that uses the AWS SDK to mark a terminating instance as DRAINING. Prevent the lifecycle hook from completing until the running tasks on the instance are zero.

Answer: B,E

 

NEW QUESTION 58
You have an asynchronous processing application using an Auto Scaling Group and an SQS Queue. The Auto Scaling Group scales according to the depth of the job queue. The completion velocity of the jobs has gone down, the Auto Scaling Group size has maxed out, but the inbound job velocity did not increase.
What is a possible issue?

  • A. Some of the new jobs coming in are malformed and unprocessable.
  • B. The scaling metric is not functioning correctly.
  • C. Someone changed the IAM Role Policy on the instances in the worker group and broke permissions to access the queue.
  • D. The routing tables changed and none of the workers can process events anymore.

Answer: A

Explanation:
The IAM Role must be fine, as if it were broken, NO jobs would be processed since the system would never be able to get any queue messages. The same reasoning applies to the routing table change. The scaling metric is fine, as instance count increased when the queue depth increased due to more messages entering than exiting. Thus, the only reasonable option is that some of the recent messages must be malformed and unprocessable.
https://github.com/andrew-
templeton/cloudacademy/blob/fca920b45234bbe99cc0e8efb9c65134884dd48 9/questions/null

 

NEW QUESTION 59
An n-tier application requires a table in an Amazon RDS MySQL DB instance to be dropped and repopulated at each deployment. This process can take several minutes and the web tier cannot come online until the process is complete. Currently, the web tier is configured in an Amazon EC2 Auto Scaling group, with instances being terminated and replaced at each deployment. The MySQL table is populated by running a SQL query through an AWS CodeBuild job.
What should be done to ensure that the web tier does not come online before the database is completely configured?

  • A. Use an EC2 Auto Scaling lifecycle hook to pause the configuration of the web tier until the table is populated.
  • B. Modify the launch configuration of the Auto Scaling group to pause user data execution for 600 seconds, allowing the table to be populated.
  • C. Use Amazon Aurora as a drop-in replacement for RDS MySQL. Use snapshots to populate the table with the correct data.
  • D. Use AWS Step Functions to monitor and maintain the state of data population. Mark the database in service before continuing with the deployment.

Answer: A

 

NEW QUESTION 60
An Information Security policy requires that all publicly accessible systems be patched with critical OS security patches within 24 hours of a patch release. All instances are tagged with the Patch Group key set to 0. Two new AWS Systems Manager patch baselines for Windows and Red Hat Enterprise Linux (RHEL) with zero-day delay for security patches of critical severity were created with an auto-approval rule. Patch Group 0 has been associated with the new patch baselines. Which two steps will automate patch compliance and reporting? (Select TWO.)

  • A. Use the AWS Systems Manager Run Command to associate the AWS-ApplyPatchBaseline document with instances tagged with Patch Group 0.
  • B. Create an AWS Systems Manager Maintenance Window and add a target with Patch Group 0. Add a task that runs the AWS-InstallWindowsUpdates document with a daily schedule.
  • C. Create an AWS Systems Manager Maintenance Window with a daily schedule and add a target with Patch Group 0. Add a task that runs the AWS-RunPatchBaseline document with the Install action.
  • D. Create an AWS Systems Manager Maintenance Window and add a target with Patch Group 0. Add a task that runs the AWS-ApplyPatchBaseline document with a daily schedule.
  • E. Create an AWS Systems Manager State Manager configuration. Associate the AWS-RunPatchBaseline task with the configuration and add a target with Patch Group 0.

Answer: B,E

 

NEW QUESTION 61
......

AWS-DevOps Exam Dumps - 100% Marks In AWS-DevOps Exam: https://www.passexamdumps.com/AWS-DevOps-valid-exam-dumps.html

Verified AWS-DevOps Exam Questions Certain Success: https://drive.google.com/open?id=1M43IMAU7cZz4naOxK5mKTPndPKrqcONh

Related Articles

more
Amazon AWS-DevOps Certification Practice Exam