Skip to content

Desi banjara

learn and grow together

  • Azure
    • Azure Compute
      • Azure Logic Apps
      • Azure Mobile Apps
      • Azure App Service
      • Azure Serverless Computing
        • Azure Functions
    • Azure Networking services
      • Azure Networking – VNET
    • Azure Database Services
      • Azure SQL
      • Azure Data Factory
      • Azure Databricks
    • Azure Analytics Services
    • Azure Cognitive Services
    • Azure Data and Storage
    • Azure Devops
    • Azure landing zone
    • Azure IaaS
    • Azure Internet of Things (IoT)
      • Azure Machine Learning
      • Azure AI and ML services
    • Azure Migration
    • Microsoft Azure Log Analytics
  • Azure Security
    • Azure Identity and Access Management
    • Azure Active Directory
    • Azure Defender
    • Azure security tools for logging and monitoring
    • Azure Sentinel
    • Azure Sentinel – Data connectors
  • Agile Software development
    • Atlassian Jira
  • Amazon Web Services (AWS)
    • Amazon EC2
    • Amazon ECS
    • AWS Lambda
  • Google
    • Google Cloud Platform (GCP)
    • gmail api
    • Google Ads
    • Google AdSense
    • Google Analytics
    • Google Docs
    • Google Drive
    • Google Maps
    • Google search console
  • Software architecture
    • Service-oriented architecture (SOA)
    • Domain-Driven Design (DDD)
    • Microservices
    • Event-Driven Architecture
    • Command Query Responsibility Segregation (CQRS) Pattern
    • Layered Pattern
    • Model-View-Controller (MVC) Pattern
    • Hexagonal Architecture Pattern
    • Peer-to-Peer (P2P) pattern
    • Pipeline Pattern
  • Enterprise application architecture
  • IT/Software development
    • API development
    • ASP.Net MVC
    • ASP.NET Web API
    • C# development
    • RESTful APIs
  • Cybersecurity
    • Cross Site Scripting (XSS)
    • Reflected XSS
    • DOM-based XSS
    • Stored XSS attacks
    • Ransomware
    • cyber breaches
    • Static Application Security Testing (SAST)
  • Interview questions
    • Microsoft Azure Interview Questions
    • Amazon Web Services (AWS) Interview Questions
    • Agile Software development interview questions
    • C# interview questions with answers
    • Google analytics interview questions with answers
    • Javascript interview questions with answers
    • Python interview questions with answers
    • WordPress developer interview questions and answers
  • Cloud
    • Cloud computing
    • Infrastructure as a Service (IaaS)
    • Platform as a Service (PaaS)
    • Software as a Service (SaaS)
    • Zero Trust strategy
  • Toggle search form
  • Azure Data Factory Azure Data Factory
  • Comparison between Microsoft Azure and AWS Services Amazon Web Services (AWS)
  • Cloud computing – Types of Cloud Models Uncategorized
  • How to take a screenshot on Google (Android) phones? Google
  • Azure Cognitive Services Azure Cognitive Services
  • Microsoft AZ-900 Certification Exam Practice Questions – 2 Microsoft AZ-900 Certification Exam
  • Interview question: Which class act as a base class for all the data types in .net? C# development
  • Ransomware – preventative measures, detection, and recovery Ransomware

AWS DevOps Engineer Professional Exam Practice Questions – 2

Posted on June 14, 2020 By DesiBanjara No Comments on AWS DevOps Engineer Professional Exam Practice Questions – 2

Amazon AWS DevOps Engineer Professional Exam Practice Questions

Below are some Free practice questions for Amazon AWS DevOps Engineer Professional Exam which can help you to prepare for exam and pass with good marks. These are not real exam questions but similar to the questions you can get in exam so practicing these question will boost your confidence.

Question -10

A company has a hybrid architecture solution in which some legacy systems remain on-premises, while a specific cluster of servers is moved to AWS. The company cannot reconfigure the legacy systems, so the cluster nodes must have a fixed hostname and local IP address for each server that is part of the cluster.
The DevOps Engineer must automate the configuration for a six-node cluster with high availability across three Availability Zones (AZs), placing two elastic network interfaces in a specific subnet for each AZ. Each node’s hostname and local IP address should remain the same between reboots or instance failures.
Which solution involves the LEAST amount of effort to automate this task?

  1. Create an AWS Elastic Beanstalk application and a specific environment for each server of the cluster. For each environment, give the hostname, elastic network interface, and AZ as input parameters. Use the local health agent to name the instance and attach a specific elastic network interface based on the current environment.
  2. Create a reusable AWS CloudFormation template to manage an Amazon EC2 Auto Scaling group with a minimum size of 1 and a maximum size of 1. Give the hostname, elastic network interface, and AZ as stack parameters. Use those parameters to set up an EC2 instance with EC2 Auto Scaling and a user data script to attach to the specific elastic network interface. Use CloudFormation nested stacks to nest the template six times for a total of six nodes needed for the cluster and deploy using the master template.
  3. Create an Amazon DynamoDB table with the list of hostnames subnets, and elastic network interfaces to be used. Create a single AWS CloudFormation template to manage an Auto Scaling group with a minimum size of 6 and a maximum size of 6. Create a programmatic solution that is installed in each instance that will lock/release the assignment of each hostname and local IP address, depending on the subnet in which a new instance will be launched.
  4. Create a reusable AWS CLI script to launch each instance individually, which will name the instance, place it in a specific AZ, and attach a specific elastic network interface. Monitor the instances and in the event of failure, replace the missing instance manually by running the script again.

Correct Answer: B




Question -11

An education company has a Docker-based application running on multiple Amazon EC2 instances in an Amazon ECS cluster. When deploying a new version of the application, the Developer, pushes a new image to a private Docker container registry, and then stops and starts all tasks to ensure that they all have the latest version of the application. The Developer discovers that the new tasks are occasionally running with an old image.
How can this issue be prevented?

  • A. After pushing the new image, restart ECS Agent, and then start the tasks.
  • B. Use “latest” for the Docker image tag in the task definition.
  • C. Update the digest on the task definition when pushing the new image.
  • D. Use Amazon ECR for a Docker container registry.

Correct Answer: C

Reference:

https://docs.aws.amazon.com/en_us/AmazonECS/latest/developerguide/task_definition_parameters.html

When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image are not propagated to already running tasks.




Question -12

A financial institution provides security-hardened AMIs of Red Hat Enterprise Linux 7.4 and Windows Server 2016 for its application teams to use in deployments.
A DevOps Engineer needs to implement an automated daily check of each AMI to monitor for the latest CVE.
How should the Engineer implement these checks using Amazon Inspector?

  1. Install the Amazon Inspector agent in each AMI. Configure AWS Step Functions to launch an Amazon EC2 instance for each operating system from the hardened AMI, and tag the instance with SecurityCheck: True. Once EC2 instances have booted up, Step Functions will trigger an Amazon Inspector assessment for all instances with the tag SecurityCheck: True. Implement a scheduled Amazon CloudWatch Events rule that triggers Step Functions once each day.
  2. Tag each AMI with SecurityCheck: True. Configure AWS Step Functions to first compose an Amazon Inspector assessment template for all AMIs that have the tag SecurityCheck: True and second to make a call to the Amazon Inspector API action StartAssessmentRun. Implement a scheduled Amazon CloudWatch Events rule that triggers Step Functions once each day.
  3. Tag each AMI with SecurityCheck: True. Implement a scheduled Amazon Inspector assessment to run once each day for all AMIs with the tag SecurityCheck: True. Amazon Inspector should automatically launch an Amazon EC2 instance for each AMI and perform a security assessment.
  4. Tag each instance with SecurityCheck: True. Implement a scheduled Amazon Inspector assessment to run once each day for all instances with the tag SecurityCheck: True. Amazon Inspector should automatically perform an in-place security assessment for each AMI.

Correct Answer: A

Reference:

https://aws.amazon.com/pt/blogs/security/how-to-set-up-continuous-golden-ami-vulnerability-assessments-with-amazon-inspector/




Question -13

A Development team uses AWS CodeCommit for source code control. Developers apply their changes to various feature branches and create pull requests to move those changes to the master branch when they are ready for production. A direct push to the master branch should not be allowed. The team applied the
AWS managed policy AWSCodeCommitPowerUser to the Developers’ IAM Rote, but now members are able to push to the master branch directly on every repository in the AWS account.
What actions should be taken to restrict this?

  1. Create an additional policy to include a deny rule for the codecommit:GitPush action, and include a restriction for the specific repositories in the resource statement with a condition for the master reference.
  2. Remove the IAM policy and add an AWSCodeCommitReadOnly policy. Add an allow rule for the codecommit:GitPush action for the specific repositories in the resource statement with a condition for the master reference.
  3. Modify the IAM policy and include a deny rule for the codecommit:GitPush action for the specific repositories in the resource statement with a condition for the master reference.
  4. Create an additional policy to include an allow rule for the codecommit:GitPush action and include a restriction for the specific repositories in the resource statement with a condition for the feature branches reference.

Correct Answer: A

C is wrong as it is managed policy and You cannot change the permissions defined in AWS managed policies.

Reference:

https://aws.amazon.com/pt/blogs/devops/refining-access-to-branches-in-aws-codecommit/

Previous->AWS DevOps Engineer Professional Exam Practice Questions – 1

Next->AWS DevOps Engineer Professional Exam Practice Questions – 3



More Exam Questions:

Previous->AWS DevOps Engineer Professional Exam Practice Questions

Microsoft AZ-900 Certification Exam Practice Questions – Part 1

Microsoft AZ-220 Certification Exam Practice Questions – Part 1

Sample Exam Questions 6: AZ-300: Microsoft Azure Architect Technologies

Sample Exam Questions 5: AZ-300: Microsoft Azure Architect Technologies



Amazon AWS Certification Exam, AWS DevOps Engineer Professional Exam Tags:Amazon, Amazon AWS Certification Exam, AWS DevOps Engineer Professional Exam, Certification Exam, Practice Questions

Post navigation

Previous Post: AWS DevOps Engineer Professional Exam Practice Questions – 1
Next Post: AWS DevOps Engineer Professional Exam Practice Questions – 3

Related Posts

  • AWS DevOps Engineer Professional Exam Practice Questions – 14 AWS DevOps Engineer Professional Exam
  • AWS DevOps Engineer Professional Exam Practice Questions Amazon AWS Certification Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 7 AWS DevOps Engineer Professional Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 3 AWS DevOps Engineer Professional Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 8 AWS DevOps Engineer Professional Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 11 AWS DevOps Engineer Professional Exam

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.



Categories

  • Agile Software development
  • Amazon AWS Certification Exam
  • Amazon EC2
  • Amazon ECS
  • Amazon Web Services (AWS)
  • Apache Kafka
  • API development
  • API development
  • Apple Mac
  • ASP.NET Core
  • ASP.Net MVC
  • ASP.NET Web API
  • Atlassian Jira
  • AWS DevOps Engineer Professional Exam
  • AWS Lambda
  • AZ-300: Microsoft Azure Architect Technologies Exam
  • Azure
  • Azure Active Directory
  • Azure AI and ML services
  • Azure Analytics Services
  • Azure App Service
  • Azure Application Gateway
  • Azure Archive Storage
  • Azure Blob Storage
  • Azure Cognitive Services
  • Azure Compute
  • Azure Container Instances (ACI)
  • Azure Core Services
  • Azure Cosmos DB
  • Azure Data and Storage
  • Azure Data Factory
  • Azure Data Lake Storage
  • Azure Database Services
  • Azure Databricks
  • Azure DDoS Protection
  • Azure Defender
  • Azure Devops
  • Azure Disk Storage
  • Azure File Storage
  • Azure Functions
  • Azure IaaS
  • Azure Identity and Access Management
  • Azure Internet of Things (IoT)
  • Azure Key Vault
  • Azure Kubernetes Service (AKS)
  • Azure landing zone
  • Azure Load Balancer
  • Azure Logic Apps
  • Azure Machine Learning
  • Azure Machine Learning
  • Azure Migration
  • Azure Mobile Apps
  • Azure Networking – VNET
  • Azure Networking services
  • Azure Pricing and Support
  • Azure Queue Storage
  • Azure Resource Manager
  • Azure Security
  • Azure Security Center
  • Azure Security Information and Event Management (SIEM)
  • Azure security tools for logging and monitoring
  • Azure Security, Privacy, Compliance, and Trust
  • Azure Sentinel
  • Azure Sentinel – Data connectors
  • Azure Serverless Computing
  • Azure Service Level Agreement (SLA)
  • Azure SLA calculation
  • Azure SQL
  • Azure SQL Database
  • Azure Storage
  • Azure Stream Analytics
  • Azure Synapse Analytics
  • Azure Table Storage
  • Azure Virtual Machine
  • Azure VNET
  • Business
  • C# development
  • C# interview questions with answers
  • CDA (Clinical Document Architecture)
  • ChatGPT
  • CI/CD pipeline
  • CISSP certification
  • CKEditor
  • Cloud
  • Cloud computing
  • Cloud Computing Concepts
  • Cloud services
  • COBIT
  • Command Query Responsibility Segregation (CQRS) Pattern
  • Configure SSL offloading
  • Content management system
  • Continuous Integration
  • conversational AI
  • Cross Site Scripting (XSS)
  • cyber breaches
  • Cybersecurity
  • Data Analysis
  • Database
  • DevOps
  • DevSecOps
  • Docker
  • DOM-based XSS
  • Domain-Driven Design (DDD)
  • Dynamic Application Security Testing (DAST)
  • Enterprise application architecture
  • Event-Driven Architecture
  • git
  • GIT
  • gmail api
  • Google
  • Google Ads
  • Google AdSense
  • Google Analytics
  • Google analytics interview questions with answers
  • Google Cloud Platform (GCP)
  • Google Docs
  • Google Drive
  • Google Maps
  • Google search console
  • Healthcare Interoperability Resources
  • Hexagonal Architecture Pattern
  • HL7 vs FHIR
  • HTML
  • Information security
  • Infrastructure as a Service (IaaS)
  • Internet of Things (IoT)
  • Interview questions
  • Introduction to DICOM
  • Introduction to FHIR
  • Introduction to HL7
  • IT governance
  • IT Infrastructure networking
  • IT/Software development
  • Javascript interview questions with answers
  • Kubernetes
  • Layered Pattern
  • Leadership Quote
  • Life lessons
  • Load Balancing Algorithms
  • Low-code development platform
  • Microservices
  • Microservices
  • Microsoft
  • Microsoft 365 Defender
  • Microsoft AI-900 Certification Exam
  • Microsoft AZ-104 Certification Exam
  • Microsoft AZ-204 Certification Exam
  • Microsoft AZ-900 Certification Exam
  • Microsoft Azure
  • Microsoft Azure certifications
  • Microsoft Azure Log Analytics
  • Microsoft Cloud Adoption Framework
  • Microsoft Exam AZ-220
  • Microsoft Exam AZ-400
  • Microsoft Excel
  • Microsoft Office
  • Microsoft Teams
  • Microsoft Teams
  • Microsoft word
  • Model-View-Controller (MVC) Pattern
  • Monitoring and analytics
  • NoSQL
  • OpenAI
  • OutSystems
  • Peer-to-Peer (P2P) pattern
  • Pipeline Pattern
  • PL-100: Microsoft Power Platform App Maker
  • PL-200: Microsoft Power Platform Functional Consultant Certification
  • PL-900: Microsoft Power Platform Fundamentals
  • Platform as a Service (PaaS)
  • postman
  • Postman
  • Postman
  • Project management
  • Python interview questions with answers
  • Ransomware
  • Reflected XSS
  • RESTful APIs
  • Rich Text Editor
  • SC-100: Microsoft Cybersecurity Architect
  • Scrum Master Certification
  • Service-oriented architecture (SOA)
  • Software architecture
  • Software as a Service (SaaS)
  • SonarQube
  • Splunk
  • SQL
  • SQL Azure Table
  • SQL Server
  • Static Application Security Testing (SAST)
  • Stored XSS attacks
  • Table Storage
  • Test Driven Development (TDD)
  • TinyMCE
  • Top technology trends for 2023
  • Uncategorized
  • User Experience (UX) design
  • Version control system
  • visual studio
  • WCF (Windows Communication Foundation)
  • Web development
  • WordPress
  • WordPress developer interview questions and answers
  • Zero Trust strategy



Recent Posts

  • Get started with Azure Cosmos DB
  • Azure Cosmos DB
  • How can I run web and api projects together in visual studio
  • Azure DDoS Protection
  • Azure Security Information and Event Management (SIEM)
  • Azure Resource Manager Azure
  • Azure App Service Azure
  • WordPress – How to switch to Block Editor Content management system
  • Azure Internet of Things (IoT) Azure Internet of Things (IoT)
  • Microsoft PL-900 Certification Exam Practice Questions – 2 PL-900: Microsoft Power Platform Fundamentals
  • Life lessons – Do not let the behavior of others destroy your inner peace Life lessons
  • Microsoft AI-900 Certification Exam Practice Questions Microsoft AI-900 Certification Exam
  • Azure Key Vault Azure

Copyright © 2023 Desi banjara.

Powered by PressBook News WordPress theme