Skip to content

Desi banjara

learn and grow together

  • Azure
    • Azure Compute
      • Azure Logic Apps
      • Azure Mobile Apps
      • Azure App Service
      • Azure Serverless Computing
        • Azure Functions
    • Azure Networking services
      • Azure Networking – VNET
    • Azure Database Services
      • Azure SQL
      • Azure Data Factory
      • Azure Databricks
    • Azure Analytics Services
    • Azure Security
      • Azure Identity and Access Management
      • Azure Active Directory
      • Azure Defender
      • Azure security tools for logging and monitoring
        • Azure Sentinel
        • Azure Sentinel – Data connectors
    • Azure Cognitive Services
    • Azure Data and Storage
    • Azure Devops
    • Azure landing zone
    • Azure IaaS
    • Azure Internet of Things (IoT)
      • Azure Machine Learning
      • Azure AI and ML services
    • Azure Migration
  • Agile Software development
    • Atlassian Jira
  • Amazon Web Services (AWS)
    • Amazon EC2
    • Amazon ECS
    • AWS Lambda
  • Google
    • Google Cloud Platform (GCP)
    • gmail api
    • Google Ads
    • Google AdSense
    • Google Analytics
    • Google Docs
    • Google Drive
    • Google Maps
    • Google search console
  • Software architecture
    • Service-oriented architecture (SOA)
    • Domain-Driven Design (DDD)
    • Microservices
    • Event-Driven Architecture
    • Command Query Responsibility Segregation (CQRS) Pattern
    • Layered Pattern
    • Model-View-Controller (MVC) Pattern
    • Hexagonal Architecture Pattern
    • Peer-to-Peer (P2P) pattern
    • Pipeline Pattern
  • Enterprise application architecture
  • IT/Software development
    • API development
    • ASP.Net MVC
    • ASP.NET Web API
    • C# development
    • RESTful APIs
  • Cybersecurity
    • Cross Site Scripting (XSS)
    • Reflected XSS
    • DOM-based XSS
    • Stored XSS attacks
    • Ransomware
    • cyber breaches
    • Static Application Security Testing (SAST)
  • Interview questions
    • Microsoft Azure Interview Questions
    • Amazon Web Services (AWS) Interview Questions
    • Agile Software development interview questions
    • C# interview questions with answers
    • Google analytics interview questions with answers
    • Javascript interview questions with answers
    • Python interview questions with answers
    • WordPress developer interview questions and answers
  • Cloud
    • Cloud computing
    • Infrastructure as a Service (IaaS)
    • Platform as a Service (PaaS)
    • Software as a Service (SaaS)
    • Microsoft Azure
      • Microsoft Azure Log Analytics
    • Zero Trust strategy
  • Toggle search form
  • AWS Lambda Amazon Web Services (AWS)
  • Microsoft Cloud Adoption Framework Microsoft Azure
  • Azure Identity and Access Management Azure Identity and Access Management
  • Azure Functions Azure Functions
  • Interview question: What is the difference between GetType() and typeof()? C# development
  • How to take a screenshot in Google Nexus? Google
  • AZ-300: Microsoft Azure Architect Technologies Exam Preparation AZ-300: Microsoft Azure Architect Technologies Exam
  • Azure Web Apps Azure

AWS DevOps Engineer Professional Exam Practice Questions – 11

Posted on July 14, 2020 By DesiBanjara No Comments on AWS DevOps Engineer Professional Exam Practice Questions – 11

Amazon AWS DevOps Engineer Professional Exam Practice Questions

Below are some Free practice questions for Amazon AWS Certification Exam – AWS DevOps Engineer Professional Exam which can help you to prepare for exam and pass with good marks. These are not real exam questions but similar to the questions you can get in exam so practicing these question will boost your confidence.

Question -53

A large enterprise is deploying a web application on AWS. The application runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The application stores data in an Amazon RDS Oracle DB instance and Amazon DynamoDB.
There are separate environments for development, testing, and production.
What is the MOST secure and flexible way to obtain password credentials during deployment?

A. Retrieve an access key from an AWS Systems Manager SecureString parameter to access AWS services. Retrieve the database credentials from a Systems Manager SecureString parameter.

B. Launch the EC2 instances with an EC2 IAM role to access AWS services. Retrieve the database credentials from AWS Secrets Manager.

C. Retrieve an access key from an AWS Systems Manager plaintext parameter to access AWS services. Retrieve the database credentials from a Systems Manager SecureString parameter.

D. Launch the EC2 instances with an EC2 IAM role to access AWS services. Store the database passwords in an encrypted config file with the application artifacts.

Correct Answer: B

AWS Secrets Manager is a secrets management service that helps you protect access to your applications, services, and IT resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Using Secrets Manager, you can secure and manage secrets used to access resources in the AWS Cloud, on third-party services, and on-premises.

SSM parameter store and AWS Secret manager are both a secure option. However, Secrets manager is more flexible and has more options like password generation.

Reference:

https://www.1strategy.com/blog/2019/02/28/aws-parameter-store-vs-aws-secrets-manager/




Question -54

A DevOps Engineer is designing a deployment strategy for a web application. The application will use an Auto Scaling group to launch Amazon EC2 instances using an AMI. The same infrastructure will be deployed in multiple environments (development, test, and quality assurance). The deployment strategy should meet the following requirements:

  • “Minimize the startup time for the instance
  • “Allow the same AMI to work in multiple environments
  • “Store secrets for multiple environments securely

How should this be accomplished?

A. Preconfigure the AMI using an AWS Lambda function that launches an Amazon EC2 instance, and then runs a script to install the software and create the AMI. Configure an Auto Scaling lifecycle hook to determine which environment the instance is launched in, and, based on that finding, run a configuration script. Save the secrets on an .ini file and store them in Amazon S3. Retrieve the secrets using a configuration script in EC2 user data.

B. Preconfigure the AMI by installing all the software using AWS Systems Manager automation and configure Auto Scaling to tag the instances at launch with their specific environment. Then use a bootstrap script in user data to read the tags and configure settings for the environment. Use the AWS Systems Manager Parameter Store to store the secrets using AWS KMS.

C. Use a standard AMI from the AWS Marketplace. Configure Auto Scaling to detect the current environment. Install the software using a script in Amazon EC2 user data. Use AWS Secrets Manager to store the credentials for all environments.

D. Preconfigure the AMI by installing all the software and configuration for all environments. Configure Auto Scaling to tag the instances at launch with their environment. Use the Amazon EC2 user data to trigger an AWS Lambda function that reads the instance ID and then reconfigures the setting for the proper environment. Use the AWS Systems Manager Parameter Store to store the secrets using AWS KMS.

Correct Answer: B

Reference:

https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html

https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-automation.html

https://aws.amazon.com/cn/blogs/mt/configure-amazon-ec2-instances-in-an-auto-scaling-group-using-state-manager/




Question -55

A Developer is maintaining a fleet of 50 Amazon EC2 Linux servers. The servers are part of an Amazon EC2 Auto Scaling group, and also use Elastic Load
Balancing for load balancing.

Occasionally, some application servers are being terminated after failing ELB HTTP health checks. The Developer would like to perform a root cause analysis on the issue, but before being able to access application logs, the server is terminated.
How can log collection be automated?

A. Use Auto Scaling lifecycle hooks to put instances in a Pending:Wait state. Create an Amazon CloudWatch Alarm for EC2 Instance Terminate and trigger an AWS Lambda function that executes an SSM Run Command script to collect logs, push them to Amazon S3, and complete the Successful lifecycle action once logs are collected.

B. Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create a Config rule for EC2 Instance-terminate Lifecycle and trigger a step function that executes a script to collect logs, push them to Amazon S3, and complete the lifecycle action once logs are collected. Action

C. Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create an Amazon CloudWatch subscription filter for EC2 Instance and trigger a CloudWatch agent that executes a script to called logs, push them to Amazon S3, and complete the lifecycle action Terminate Successful once logs are collected.

D. Use Auto Scaling lifecycle hooks to put instances in a Terminating:Wait state. Create an Amazon CloudWatch Events rule for EC2 Instance- and trigger an AWS Lambda function that executes a SSM Run Command script to collect logs, push them to Amazon S3, terminate Lifecycle Action and complete the lifecycle action once logs are collected.

Correct Answer: D

Reference:

https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html




Question -56

A publishing company used AWS Elastic Beanstalk, Amazon S3, and Amazon DynamoDB to develop a web application. The web application has increased dramatically in popularity, resulting in unpredictable spikes in traffic. A DevOps Engineer has noted that 90% of the requests are duplicate read requests.
How can the Engineer improve the performance of the website?

A. Use Amazon ElastiCache for Redis to cache repeated read requests to DynamoDB and AWS Elemental MediaStore to cache images stored in S3.

B. Use Amazon ElastiCache for Memcached to cache repeated read requests to DynamoDB and Varnish to cache images stored in S3.

C. Use DynamoDB Accelerator to cache repeated read requests to DynamoDB and Amazon CloudFront to cache images stored in S3.

D. Use DynamoDB Streams to cache repeated read requests to DynamoDB and API Gateway to cache images stored in S3.

Correct Answer: C

Reference:

https://aws.amazon.com/blogs/aws/amazon-dynamodb-accelerator-dax-in-memory-caching-for-read-intensive-workloads/

https://aws.amazon.com/dynamodb/dax/




Question -57

A company is creating a software solution that executes a specific parallel-processing mechanism. The software can scale to tens of servers in some special scenarios. This solution uses a proprietary library that is license-based, requiring that each individual server have a single, dedicated license installed. The company has 200 licenses and is planning to run 200 server nodes concurrently at most.

The company has requested the following features:

“A mechanism to automate the use of the licenses at scale. “Creation of a dashboard to use in the future to verify which licenses are available at any moment.
What is the MOST effective way to accomplish these requirements?

A. Upload the licenses to a private Amazon S3 bucket. Create an AWS CloudFormation template with a Mappings section for the licenses. In the template, create an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the Mappings section. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.

B. Upload the licenses to an Amazon DynamoDB table. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the DynamoDB table. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.

C. Upload the licenses to a private Amazon S3 bucket. Populate an Amazon SQS queue with the list of licenses stored in S3. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script acquire an available license from SQS. Create an Auto Scaling lifecycle hook, then use it to put the license back in SQS after the instance is terminated.

D. Upload the licenses to an Amazon DynamoDB table. Create an AWS CLI script to launch the servers by using the parameter –count, with min:max instances to launch. In the user data script, acquire an available license from the DynamoDB table. Monitor each instance and, in case of failure, replace the instance, then manually update the DynamoDB table.

Correct Answer: B




Question -58

A company has developed a static website hosted on an Amazon S3 bucket. The website is deployed using AWS CloudFormation. The CloudFormation template defines an S3 bucket and a custom resource that copies content into the bucket from a source location.

The company has decided that it needs to move the website to a new location, so the existing CloudFormation stack must be deleted and re-created. However,
CloudFormation reports that the stack could not be deleted cleanly.

What is the MOST likely cause and how can the DevOps Engineer mitigate this problem for this and future versions of the website?

A. Deletion has failed because the S3 bucket has an active website configuration. Modify the CloudFormation template to remove the WebsiteConfiguration property from the S3 bucket resource.

B. Deletion has failed because the S3 bucket is not empty. Modify the custom resource’s AWS Lambda function code to recursively empty the bucket when is Delete. RequestType

C. Deletion has failed because the custom resource does not define a deletion policy. Add a DeletionPolicy property to the custom resource definition with a value of RemoveOnDeletion.

D. Deletion has failed because the S3 bucket is not empty. Modify the S3 bucket resource in the CloudFormation template to add a DeletionPolicy property with a value of Empty.

Correct Answer: B

Reference:

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html




Previous->AWS DevOps Engineer Professional Exam Practice Questions – 10

Next->AWS DevOps Engineer Professional Exam Practice Questions – 12



More Amazon AWS Certification Exam Questions:

Previous->AWS DevOps Engineer Professional Exam Practice Questions

Microsoft AZ-900 Certification Exam Practice Questions – Part 1

Microsoft AZ-220 Certification Exam Practice Questions – Part 1

Sample Exam Questions 6: AZ-300: Microsoft Azure Architect Technologies

Sample Exam Questions 5: AZ-300: Microsoft Azure Architect Technologies



AWS DevOps Engineer Professional Exam Tags:Amazon, Amazon AWS Certification Exam, Amazon CloudWatch, Amazon EC2, Amazon Route 53, Application Load Balancer, AutoScaling, AWS DevOps Engineer Professional Exam, AWS Lambda, Certification Exam, CloudFormation, CodeDeploy, EC2, Kinesis, Practice Questions

Post navigation

Previous Post: AWS DevOps Engineer Professional Exam Practice Questions – 10
Next Post: AWS DevOps Engineer Professional Exam Practice Questions – 12

Related Posts

  • AWS DevOps Engineer Professional Exam Practice Questions – 5 AWS DevOps Engineer Professional Exam
  • AWS DevOps Engineer Professional Exam Practice Questions Amazon AWS Certification Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 12 AWS DevOps Engineer Professional Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 2 Amazon AWS Certification Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 3 AWS DevOps Engineer Professional Exam
  • AWS DevOps Engineer Professional Exam Practice Questions – 8 AWS DevOps Engineer Professional Exam

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.



Categories

  • Agile Software development
  • Amazon AWS Certification Exam
  • Amazon EC2
  • Amazon ECS
  • Amazon Web Services (AWS)
  • Apache Kafka
  • API development
  • Apple Mac
  • ASP.NET Core
  • ASP.Net MVC
  • ASP.NET Web API
  • Atlassian Jira
  • AWS DevOps Engineer Professional Exam
  • AWS Lambda
  • AZ-300: Microsoft Azure Architect Technologies Exam
  • Azure
  • Azure Active Directory
  • Azure AI and ML services
  • Azure Analytics Services
  • Azure App Service
  • Azure Cognitive Services
  • Azure Compute
  • Azure Container Instances (ACI)
  • Azure Core Services
  • Azure Data and Storage
  • Azure Data Factory
  • Azure Data Lake Storage
  • Azure Database Services
  • Azure Databricks
  • Azure Defender
  • Azure Devops
  • Azure Functions
  • Azure IaaS
  • Azure Identity and Access Management
  • Azure Internet of Things (IoT)
  • Azure Kubernetes Service (AKS)
  • Azure landing zone
  • Azure Logic Apps
  • Azure Machine Learning
  • Azure Machine Learning
  • Azure Migration
  • Azure Mobile Apps
  • Azure Networking – VNET
  • Azure Networking services
  • Azure Pricing and Support
  • Azure Security
  • Azure Security
  • Azure security tools for logging and monitoring
  • Azure Security, Privacy, Compliance, and Trust
  • Azure Sentinel
  • Azure Sentinel – Data connectors
  • Azure Serverless Computing
  • Azure SQL
  • Azure SQL Database
  • Azure Storage
  • Azure Storage services
  • Azure Stream Analytics
  • Azure Synapse Analytics
  • Azure Virtual Machine
  • Azure VNET
  • Business
  • C# development
  • C# interview questions with answers
  • ChatGPT
  • CI/CD pipeline
  • CISSP certification
  • Cloud
  • Cloud computing
  • Cloud Computing Concepts
  • Cloud services
  • COBIT
  • Command Query Responsibility Segregation (CQRS) Pattern
  • Content management system
  • Continuous Integration
  • conversational AI
  • Cross Site Scripting (XSS)
  • cyber breaches
  • Cybersecurity
  • Data Analysis
  • Database
  • DevOps
  • DevSecOps
  • DOM-based XSS
  • Domain-Driven Design (DDD)
  • Dynamic Application Security Testing (DAST)
  • Enterprise application architecture
  • Event-Driven Architecture
  • GIT
  • git
  • gmail api
  • Google
  • Google Ads
  • Google AdSense
  • Google Analytics
  • Google analytics interview questions with answers
  • Google Cloud Platform (GCP)
  • Google Docs
  • Google Drive
  • Google Maps
  • Google search console
  • Hexagonal Architecture Pattern
  • HTML
  • Information security
  • Infrastructure as a Service (IaaS)
  • Internet of Things (IoT)
  • Interview questions
  • IT governance
  • IT Infrastructure networking
  • IT/Software development
  • Javascript interview questions with answers
  • Layered Pattern
  • Leadership Quote
  • Life lessons
  • Low-code development platform
  • Microservices
  • Microservices
  • Microsoft
  • Microsoft 365 Defender
  • Microsoft AI-900 Certification Exam
  • Microsoft AZ-104 Certification Exam
  • Microsoft AZ-204 Certification Exam
  • Microsoft AZ-900 Certification Exam
  • Microsoft Azure
  • Microsoft Azure certifications
  • Microsoft Azure Log Analytics
  • Microsoft Cloud Adoption Framework
  • Microsoft Exam AZ-220
  • Microsoft Exam AZ-400
  • Microsoft Excel
  • Microsoft Office
  • Microsoft Teams
  • Microsoft word
  • Model-View-Controller (MVC) Pattern
  • Monitoring and analytics
  • NoSQL
  • OpenAI
  • OutSystems
  • Peer-to-Peer (P2P) pattern
  • Pipeline Pattern
  • PL-100: Microsoft Power Platform App Maker
  • PL-200: Microsoft Power Platform Functional Consultant Certification
  • PL-900: Microsoft Power Platform Fundamentals
  • Platform as a Service (PaaS)
  • postman
  • Postman
  • Project management
  • Python interview questions with answers
  • Ransomware
  • Reflected XSS
  • RESTful APIs
  • SC-100: Microsoft Cybersecurity Architect
  • Scrum Master Certification
  • Service-oriented architecture (SOA)
  • Software architecture
  • Software as a Service (SaaS)
  • SonarQube
  • Splunk
  • SQL
  • SQL Azure Table
  • SQL Server
  • Static Application Security Testing (SAST)
  • Stored XSS attacks
  • Table Storage
  • Test Driven Development (TDD)
  • Top technology trends for 2023
  • Uncategorized
  • User Experience (UX) design
  • Version control system
  • WCF (Windows Communication Foundation)
  • Web development
  • WordPress
  • WordPress developer interview questions and answers
  • Zero Trust strategy



Recent Posts

  • Azure Container Instances (ACI)
  • Azure Kubernetes Service (AKS)
  • Azure Identity and Access Management
  • Azure Analytics Services
  • Azure Storage services

Recent Comments

    • Deploy ASP.NET Core apps to Azure App Service ASP.NET Core
    • Hub and scope networking pattern IT Infrastructure networking
    • SC-100: Microsoft Cybersecurity Architect SC-100: Microsoft Cybersecurity Architect
    • Differences between struct and classes in C# : Interview question C# development
    • Dynamic Application Security Testing (DAST) Dynamic Application Security Testing (DAST)
    • Azure Serverless Computing Azure Serverless Computing
    • Azure landing zone Azure
    • What is Public, Private and Hybrid cloud implementation with respect to Azure? Cloud

    Copyright © 2023 Desi banjara.

    Powered by PressBook News WordPress theme