Quiz Summary
0 of 28 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Results
0 of 28 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- DOP – Configuration Management and Infrastructure as Code 0%
- DOP – Incident and Event Response 0%
- DOP – Monitoring and Logging 0%
- DOP – Resilient Cloud Solutions 0%
- DOP – SDLC Automation 0%
- DOP – Security and Compliance 0%
-
Sorry, you failed the test. Carefully read our detailed explanations including the references and cheat sheets then try again. 🙂
To view your record of all previous attempts:
Visit our FAQ page for more information on the site’s features.
-
Congratulations! You passed the test. We still highly encourage you to carefully read our detailed explanations including the references and cheat sheets. 🙂
To view your record of all previous attempts:
Visit our FAQ page for more information on the site’s features.
-
Awesome! Perfect score! We still highly encourage you to carefully read our detailed explanations including the references and cheat sheets. 🙂
To view your record of all previous attempts:
Visit our FAQ page for more information on the site’s features.
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- Answered
- Review
-
Question 1 of 28
1. Question
A development team is managing a Kubernetes application deployed on a fleet of EC2 instances. The team wants to replace the current infrastructure with Amazon EKS to improve its scalability and availability. On top of this change is the requirement to set up an email notification system for particular EKS components-related log events. The team is planning to use Amazon SNS for notification and AWS Lambda for log event evaluation.
Which is the best set of actions to take to meet the requirement?
CorrectIncorrect -
Question 2 of 28
2. Question
A company is enforcing a compliance policy that restricts the operation of its AWS resources to specific regions within the Asia Pacific. One of its DevOps engineers was instructed to come up with a solution that sends an alert to the admin if an activity occurs outside the Asia Pacific. Also, the solution must be applied automatically to new Regions that will be launched in the future.
Which combination of actions should the engineer take to meet these requirements? (Select TWO.)
CorrectIncorrect -
Question 3 of 28
3. Question
A company wants to employ a new standard that requires the creation of resources through AWS CloudFormation. Due to this, IT administrators need to make sure that users can only deploy stacks from pre-approved CloudFormation templates. They also need to implement a monitoring solution that automatically detects resources that drift from the expected configuration.
Which actions will accomplish these requirements? (Select TWO.)
CorrectIncorrect -
Question 4 of 28
4. Question
A security team manually controls the rotation of AWS KMS customer-managed keys (CMK) within their company’s AWS account. The regulatory compliance requires keys to be rotated within 80 to 90 days. The team wants to be alerted when keys are more than 90 days old.
Which strategy will accomplish this?
CorrectIncorrect -
Question 5 of 28
5. Question
A company requires its development team to bootstrap their EC2 instances and on-premises computers using AWS Systems Manager documents located on a GitHub repository. The company’s DevOps engineer has already tagged the target instances and registered all on-premises computers as part of managed instances.
Which actions should be taken next by the engineer?
CorrectIncorrect -
Question 6 of 28
6. Question
A DevOps engineer is designing a continuous delivery pipeline for Docker containers. These containers are developed and pulled from the workstations of a company. The solution should include less overhead and must meet the following requirements:
– The container images must be automatically deployed to a test environment once pushed to a container registry.
– Changes committed on a container’s file must also be deployed automatically.
Which action will meet these requirements?
CorrectIncorrect -
Question 7 of 28
7. Question
A development team is maintaining the resources of a web application stack in a CloudFormation template. They need to deploy some of the application’s resources to private subnets belonging to a separate network stack managed by the network team. Both teams are required to use resource-level change-set reviews before updating stacks. The development team does not have permission to create and modify network resources on their stack.
How can the web application stack use the private subnets?
CorrectIncorrect -
Question 8 of 28
8. Question
A company assigns its DevOps engineer to streamline the deployment process for a web application hosted on AWS. The DevOps engineer must formulate a deployment strategy that fulfills the following conditions:
– New application releases should be packaged and deployed as Docker containers
– If applicable, the use of managed AWS Services must be utilized
– Common Git commands (e.g.,
git clone
,git push
,git pull
) must be used for interacting with their code repositoryWhich solution will meet these conditions?
CorrectIncorrect -
Question 9 of 28
9. Question
A DevOps engineer needs to ensure that a compliance bucket policy is attached to specific S3 buckets. If a created bucket allows public access or has an incorrect policy, the admin should be notified via email. The incorrect policy should also be automatically replaced by the proper policy. Furthermore, the solution should involve continuous monitoring and enforcement of bucket policies.
How can the engineer satisfy the requirements?
CorrectIncorrect -
Question 10 of 28
10. Question
A company has a food delivery application that uses AWS Lambda, Amazon SQS, and Amazon DynamoDB. Orders are initially placed in an SQS queue, then processed by a Lambda function with reserved concurrency. The processed orders are saved into a DynamoDB table with Auto Scaling enabled for read and write capacity. The company is receiving feedback from customers saying that they’re facing a delay issue in displaying the order status from their order history page.
How can the issue be possibly identified and fixed?
CorrectIncorrect -
Question 11 of 28
11. Question
A company’s application stores its important assets in an Amazon S3 bucket. The security team has observed that the application is only deployed in a single region and is not protected from regional disasters. To address the issue, the company released a new policy with the following requirements:
-
important assets must always be accessible
-
deploy the application to multiple Regions
-
users must use the same endpoint to access the assets
Which combination of steps should the DevOps Engineer implement to achieve the requirements in the MOST operationally efficient way? (Select THREE.)
CorrectIncorrect -
-
Question 12 of 28
12. Question
A local animation film production company stores its video animations in multiple Amazon S3 buckets. A DevOps Engineer was instructed to set up a monitoring system that will notify the IT Operations team if there are any existing or new buckets that have public read or public write access. The Security Team will verify if the detected S3 buckets are indeed intended to be accessed publicly or not.
Which of the following is the MOST suitable solution that you can do in order to meet this requirement with the LEAST amount of effort?
CorrectIncorrect -
Question 13 of 28
13. Question
A company is planning to deploy a new version of their legacy application in AWS which is deployed to an Auto Scaling group of EC2 instances with an Application Load Balancer in front. To avoid any disruption of their services, they need to implement canary testing first before all of the traffic is shifted to the new application version.
Which of the following solutions can meet this requirement?
CorrectIncorrect -
Question 14 of 28
14. Question
To further improve the company’s CI/CD process, the company instructed their DevOps team to implement a notification system which will alert them for any failures in their pipelines in AWS. You were assigned to review the custom event pattern in Amazon EventBridge that was prepared by one of your junior DevOps engineers as shown below:
Which of the following will match this event pattern?CorrectIncorrect -
Question 15 of 28
15. Question
An insurance firm has its on-premises data center integrated with its VPC in AWS Cloud via a Direct Connect connection. All of their financial records are stored on-premises and then uploaded to an Amazon S3 bucket for backup purposes. There is a new mandate by the IT Security team that only a trusted group of administrators can change the objects in the bucket including the object permissions. The team instructed a DevOps Engineer to develop a solution that provides near real-time, automated checks to monitor their data. How should the Engineer satisfy this requirement?
CorrectIncorrect -
Question 16 of 28
16. Question
You are using a cluster of Amazon Linux EC2 instances to host an online forum. AWS CodeDeploy is used for deploying the new version of the application. The AppSpec file has been modified to use custom, non-default settings to fit your application deployment needs. You configured a deployment script during the lifecycle event to download the application code and install a few packages needed for operation. This deployment script completes in about 1 to 2 minutes. During deployment, CodeDeploy reports that the deployment has failed but upon checking the generated logs, the deployment script has successfully finished.
Which of the following could be the possible cause of the failed deployment?
CorrectIncorrect -
Question 17 of 28
17. Question
A Philippine-based startup is presently operating its e-commerce web application on AWS in a single region. The application runs on Amazon EC2 instances in an Auto Scaling group that spans multiple Availability Zones and is placed behind an Application Load Balancer. The startup relies on an Amazon Aurora database instance to store its data. In response to increased demand, the startup has decided to expand its operations to the United States and, therefore, needs to deploy the application to a closer AWS region. Due to compliance regulations, the startup must adhere to the following deployment requirements:
-
Utilize a single product catalog throughout all AWS regions.
-
Maintain transaction records in their respective regions.
Which of the following will fulfill the requirements with the LEAST amount of changes to the e-commerce application?
CorrectIncorrect -
-
Question 18 of 28
18. Question
You are working as a DevOps Engineer for a leading pharmaceutical company. After the recent annual IT audit, several Amazon EC2 instances were discovered running an outdated operating system, and there were many security vulnerabilities left unpatched. To safeguard your systems from various cybersecurity attacks, mitigating these vulnerabilities as soon as possible is crucial. You are also required to record all of the changes to patch and association compliance statuses.
Which among the following options is the MOST efficient way to solve this issue?
CorrectIncorrect -
Question 19 of 28
19. Question
A bank uses an EC2 instance to host its web application which mainly serves the purpose of storing sensitive information in an S3 bucket. The security team mandated that all objects in the bucket be duplicated and stored in a separate bucket located in a different AWS account and region.
Which of the following actions should the DevOps Engineer implement to enable cross-region replication? (Select THREE.)
CorrectIncorrect -
Question 20 of 28
20. Question
Your development team uploads a new version of the company’s web store app on Amazon ECR. To simplify tracking of versions, they tag the latest image as
“store-prd:latest”
. You are automating the deployment of the new version using AWS CLI command so that the new image will be pulled from ECR and deployed on your ECS Fargate cluster. However, the latest image is not being deployed when you run the following aws cli command:
aws ecs update-service --service store-prd --task-definition task-store-prd
Which of the following options will solve this problem?
CorrectIncorrect -
Question 21 of 28
21. Question
An international investment firm hosts its application on several Amazon EC2 instances inside an Amazon VPC. A known security vulnerability was discovered in the outdated Operating System of the company’s Amazon EC2 fleet that needs to be patched as soon as possible. The issue was only resolved after a week.
The DevOps engineer has been tasked with mitigating this vulnerability to safeguard the firm’s systems from various cybersecurity attacks that might lead to data leaks. There is also a requirement to record all of the changes to patches and association compliance statuses.
Which of the following is the MOST operationally-efficient option that can meet the above requirements?
CorrectIncorrect -
Question 22 of 28
22. Question
A DevOps engineer is tasked to streamline the process of creating multiple AWS accounts within an AWS Organization. Each and every organization unit (OU) must be able to launch new accounts with preapproved configurations from the security team, which will standardize the baselines and network configurations for all accounts in the organization.
Same-Region Replication (SRR) must also be configured to copy objects across Amazon S3 buckets in the same AWS Region to centralize the application log collection. Amazon CodeGuru Reviewer and Profiler will also be used to automate the code review workflow of the company. These resources must be customized and deployed to the new accounts automatically.
Which solution entails the least amount of effort to implement?
CorrectIncorrect -
Question 23 of 28
23. Question
A company operates a web application, leveraging an Amazon CloudFront distribution with an ALB (Application Load Balancer) as its primary origin within an AWS Region. The application has been architected with a zero-second Recovery Time Objective (RTO). In response to recent service disruptions, the application has been set up in a warm standby mode across a secondary AWS Region.
A DevOps engineer needs to automate failover and redirect HTTP safe methods (GET, HEAD, OPTIONS) to ensure quick response during regional outages.
Which solution would be suitable to meet these requirements?
CorrectIncorrect -
Question 24 of 28
24. Question
An organization stores critical files in an Amazon S3 bucket in the us-east-1 region and requires these files to be replicated to a secondary bucket in the us-west-2 region for disaster recovery purposes. Cross-region replication has been configured to ensure that all objects and their metadata are available in both regions. Despite this setup, some objects occasionally fail to replicate due to transient errors.
All the objects and object metadata from both regions must be accessible to each application.A DevOps engineer has been assigned to create a solution that automates retries for objects that fail to replicate.
What solution requires the LEAST operational overhead while meeting the specified requirements?
CorrectIncorrect -
Question 25 of 28
25. Question
A company has developed a serverless application that processes user requests using AWS Lambda. The Lambda functions are designed to connect to an Aurora PostgreSQL database cluster for data retrieval and storage. Initially, the functions connected directly to the Aurora cluster, but this approach led to connection timeouts due to the high volume of short-lived connections generated by the Lambda functions. The DevOps engineer must consider a scalable and higher-performance solution.
What combination of steps should the engineer do in the following options to meet these requirements? (Select THREE.)CorrectIncorrect -
Question 26 of 28
26. Question
An organization operates a web application on multiple Amazon EC2 instances behind an Application Load Balancer. This application heavily relies on local disk storage for user files and media. The application must maintain uptime to ensure a positive customer experience and continuous business operations.
During a recent patching cycle, some instances failed due to low disk space. The company uses AWS Systems Manager Automation for task execution across its EC2 fleet.
A DevOps engineer must find a low-overhead solution to ensure that all EC2 instances have adequate disk space available for future patching cycles.
Which combination of actions should be implemented to meet these requirements? (Select TWO.)
CorrectIncorrect -
Question 27 of 28
27. Question
A media company operates a video streaming application running across three Availability Zones to ensure high availability and fault tolerance. The architecture includes an Application Load Balancer (ALB) for traffic management, Amazon ECS for running the application, and Amazon Aurora for storing video metadata. The application is deployed through AWS CloudFormation templates, and all Docker container images are securely stored in an Amazon Elastic Container Registry (ECR) within the same AWS account and region. The process to build Docker images from Dockerfiles typically takes over an hour.
A DevOps engineer must create a Disaster Recovery (DR) strategy in a different region, aiming for a Recovery Point Objective (RPO) of 7 hours and a Recovery Time Objective (RTO) of 1 hour.
What is the most cost-effective and operationally efficient way to meet RTO and RPO requirements?
CorrectIncorrect -
Question 28 of 28
28. Question
An organization has an AWS CloudFormation stack that communicates status updates through an Amazon Simple Notification Service (Amazon SNS) topic in a single AWS account.
A DevOps engineer has created a Lambda function designed to implement automatic tagging of specific CloudFormation stack instances. The tagging occurs only during stack status change, specifically after stack update is successful.
Which of the following additional steps below should the DevOps engineer take to implement this automatic tagging solution effectively?
CorrectIncorrect