AWS-Certified-DevOps-Engineer-Professional Free Practice Test

A retail company wants to use AWS Elastic Beanstalk to host its online sales website running on Java. Since this will be the production website, the CTO has the following requirements for the deployment strategy:
*Zero downtime. While the deployment is ongoing, the current Amazon EC2 instances in service should remain in service. No deployment or any other action should be performed on the EC2 instances because they serve production traffic.
*A new fleet of instances should be provisioned for deploying the new application version.
*Once the new application version is deployed successfully in the new fleet of instances, the new instances should be placed in service and the old ones should be removed.
*The rollback should be as easy as possible. If the new fleet of instances fail to deploy the new application version, they should be terminated and the current instances should continue serving traffic as normal.
*The resources within the environment (EC2 Auto Scaling group, Elastic Load Balancing, Elastic Beanstalk DNS CNAME) should remain the same and no DNS change should be made.
Which deployment strategy will meet the requirements?

1. A. Use rolling deployments with a fixed amount of one instance at a time and set the healthy threshold to OK.
2. B. Use rolling deployments with additional batch with a fixed amount of one instance at a time and set the healthy threshold to OK.
3. C. launch a new environment and deploy the new application version there, then perform a CNAME swap between environments.
4. D. Use immutable environment updates to meet all the necessary requirements.

Correct Answer: D
https://aws.amazon.com/about-aws/whats-new/2016/04/aws-elastic-beanstalk-adds-two-new-deployment-policie https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environmentmgmt-updates-immutable.html https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-gener

The Development team at an online retailer has moved to Business support and want to take advantage of the AWS Health Dashboard and the AWS Health API to automate remediation actions for issues with the health of AWS resources. The first use case is to respond to AWS detecting an IAM access key that is listed on a public code repository site. The automated response will be to delete the IAM access key and send a notification to the Security team.
How should this be achieved?

1. A. Create an AWS Lambda function to delete the IAM access ke
2. B. Send AWS CloudTrail logs to AWS CloudWatch log
3. C. Create a CloudWatch Logs metric filter for the AWS_RISK_CREDENTIALS_EXPOSED event with two actions: first, run the Lambda function; second, use Amazon SNS to send a notification to the Security team.
4. D. Create an AWS Lambda function to delete the IAM access ke
5. E. Create an AWS Config rule for changes to aws.health and the AWS_RISK_CREDENTIALS_EXPOSED event with two actions: first, run the Lambda function; second, use Amazon SNS to send a notification to the Security team.
6. F. Use AWS Step Functions to create a function to delete the IAM access key, and then use Amazon SNS to send a notification to the Security tea
7. G. Create an AWS Personal Health Dashboard rule for the AWS_RISK_CREDENTIALS_EXPOSED event; set the target of the Personal Health Dashboard rule to Step Functions.
8. H. Use AWS Step Functions to create a function to delete the IAM access key, and then use Amazon SNS to send a notification to the Security tea
9. I. Create an Amazon CloudWatch Events rule with an aws.health event source and the AWS_RISK_CREDENTIALS_EXPOSED event, set the target of the CloudWatch Events rule to Step Functions.

Correct Answer: A

A company has established tagging and configuration standards for its infrastructure resources running on AWS. A DevOps Engineer is developing a design that will provide a near-real-time dashboard of the compliance posture with the ability to highlight violations.
Which approach meets the stated requirements?

1. A. Define the resource configurations in AWS Service Catalog, and monitor the AWS Service Catalog compliance and violations in Amazon CloudWatc
2. B. Then, set up and share a live CloudWatch dashboar
3. C. Set up Amazon SNS notifications for violations and corrections.
4. D. Use AWS Config to record configuration changes and output the data to an Amazon S3 bucke
5. E. Createan Amazon QuickSight analysis of the dataset, and use the information on dashboards and mobile devices.
6. F. Create a resource group that displays resources with the specified tags and those without tag
7. G. Use the AWS Management Console to view compliant and non-compliant resources.
8. H. Define the compliance and tagging requirements in Amazon inspecto
9. I. Output the results to Amazon CloudWatch Log
10. J. Build a metric filter to isolate the monitored elements of interest and present the data in a CloudWatch dashboard.

Correct Answer: B
https://aws.amazon.com/about-aws/whats-new/2019/03/aws-config-now-supports-tagging-of-aws-config-resour

A company wants to migrate a legacy application to AWS and develop a deployment pipeline that uses AWS services only. A DevOps engineer is migrating all of the application code from a Git repository to AWS CodeCommit while preserving the history of the repository. The DevOps engineer has set all the permissions within CodeCommit, installed the Git client and the AWS CLI on a local computer, and is ready to migrate the repository.
Which actions will follow?

1. A. Create the CodeCommit repository using the AWS CL
2. B. Clone the Git repository directly to CodeCommit using the AWS CL
3. C. Validate that the files were migrated, and publish the CodeCommit repository.
4. D. Create the CodeCommit repository using the AWS Management Consol
5. E. Clone both the Git and CodeCommit repositories to the local compute
6. F. Copy the files from the Git repository to the CodeCommit repository on the local compute
7. G. Commit the CodeCommit repertor
8. H. Validate that the files were migrated, and share the CodeCommit repository.
9. I. Create the CodeCommit repository using the AWS Management Consol
10. J. Use the console to clone the Git repository into the CodeCommit repositor
11. K. Validate that the files were migrated, and publish the CodeCommit repository.
12. L. Create the CodeCommit repository using the AWS Management Console or the AWS CL
13. M. Clone the Git repository with a mirror argument to the local computer and push the repository to CodeCommi
14. N. Validate that the files were migrated, and share the CodeCommit repository.

Correct Answer: D

A company has an application that has predictable peak traffic times. The company wants the application instances to scale up only during the peak times. The application stores state in Amazon DynamoDB. The application environment uses a standard Node.js application stack and custom Chef recipes stored in a private Git repository.
Which solution is MOST cost-effective and requires the LEAST amount of management overhead when performing rolling updates of the application environment?

1. A. Create a custom AMI with the Node.js environment and application stack using Chef recipe
2. B. Use the AMI in an Auto Scaling group and set up scheduled scaling for the required times, then set up an Amazon EC2 IAM role that provides permission to access DynamoDB.
3. C. Create a Docker file that uses the Chef recipes for the application environment based on an official Node.js Docker imag
4. D. Create an Amazon ECS cluster and a service for the application environment, then create a task based on this Docker imag
5. E. Use scheduled scaling to scale the containers at the appropriate times and attach a task-level IAM role that provides permission to access DynamoDB.
6. F. Configure AWS OpsWorks stacks and use custom Chef cookbook
7. G. Add the Git repository information where the custom recipes are stored, and add a layer in OpsWorks for the Node.js application serve
8. H. Then configure the custom recipe to deploy the application in the deploy ste
9. I. Configure time-based instances and attach an Amazon EC2 IAM role that provides permission to access DynamoDB.
10. J. Configure AWS OpsWorks stacks and push the custom recipes to an Amazon S3 bucket and configure custom recipes to point to the S3 bucke
11. K. Then add an application layer type for a standard Node.js application server and configure the custom recipe to deploy the application in the deploy step from the S3 bucke
12. L. Configure time-based instances and attach an Amazon EC2 IAM role that provides permission to access DynamoDB

Correct Answer: D