AWS Devops Engineer Professional Certified Practice Exam Set 10

Which of the following are ways to secure data at rest and in transit in AWS. Choose 3 answers from the options given below ?


Options are :

  • Use server side encryption for 53 (Correct)
  • Use OPS volumes when working with EBS volumes on EC2 Instances
  • Encrypt all EBS volumes attached to EC2 Instances (Correct)
  • Use SSLIHTTPS when using the Elastic Load Balancer ...„ (Correct)

Answer : Use server side encryption for 53 Encrypt all EBS volumes attached to EC2 Instances Use SSLIHTTPS when using the Elastic Load Balancer ...„

AWS Devops Engineer Professional Certified Practice Exam Set 7

You have a web application hosted on EC2 instances. There are application changes which happen to the web application on a quarterly basis. Which of the following are example of Blue Green deployments which can be applied to the application? Choose 2 answers from the options given below ?


Options are :

  • Deploy the application to an elastic beanstalk environment. Have a secondary elastic beanstalk environment in place with the updated application code. Use the swap URL?S feature to switch onto the new environment. (Correct)
  • Deploy the application using Ops work stacks. Have a secondary stack for the new application deployment. Use Route53 to switch over to the new stack for the new application update. (Correct)
  • Deploy the application to an elastic beanstalk environment. Use the Rolling updates feature to perform a Blue Green deployment.
  • Place the EC2 instances behind an ELB. Have a secondary environment with EC2 Instances and ELB in another region. Use Route53 with geo-location to route requests and switch over to the secondary environment.

Answer : Deploy the application to an elastic beanstalk environment. Have a secondary elastic beanstalk environment in place with the updated application code. Use the swap URL?S feature to switch onto the new environment. Deploy the application using Ops work stacks. Have a secondary stack for the new application deployment. Use Route53 to switch over to the new stack for the new application update.

Your company is supporting a number of applications that need to be moved to AWS. Initially the thought it moving these applications to the Elastic beanstalk service. When going to the Elastic beanstalk service . you can see that the underlying platform service Is not an option In the Elastic beanstalk service. Which of the following options can be used to port your application onto Elastic beanstalk


Options are :

  • Use custom chef recipes to deploy your application in Elastic beanstalk.
  • Use the Ops work service to create a stack. In the stack . create a separate custom layer. Deploy the application to this layer and then attach the layer to Elastic beanstalk
  • Create a docker container for the custom application and then deploy It to Elastic beanstalk. ..„ (Correct)
  • Use custom Cloud formation templates to deploy the application into Elastic beanstalk

Answer : Create a docker container for the custom application and then deploy It to Elastic beanstalk. ..„

You are working for a startup company that is building an application that receives large amounts of data. Unfortunately, current funding has left the start-up short on cash, cannot afford to purchase thousands of dollars of storage hardware, and has opted to use AWS. Which services would you Implement in order to store a virtually unlimited amount of data without any effort to scale when demand unexpectedly increases? Choose the correct answer from the options below Please select:


Options are :

  • Amazon Import/Export because Amazon assists in migrating large amounts of data to Amazon S3
  • Amazon Glacier, to keep costs low for storage and scale Infinitely
  • Amazon EC2. because EBS volumes can scale to hold any amount of data and, when used with Auto Scaling. can be designed for fault tolerance and high availability
  • Amazon S3, because it provides unlimited amounts of storage data, scales automatically, is highly available and durable (Correct)

Answer : Amazon S3, because it provides unlimited amounts of storage data, scales automatically, is highly available and durable

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 12

Which of the following commands for the elastic beanstalk CLI can be used to create the current application into the specified environment?


Options are :

  • eb start
  • en app
  • en env
  • eb create (Correct)

Answer : eb create

You are a Dev ops Engineer for your company. Your company is using Ops work stack to rollout a collection of web instances. When the instances are launched , a configuration file need to be setup prior to the launching of the web application hosted on these Instances. Which of the following steps would you carry out to ensure this requirement gets fulfilled. Choose 2 answers from the options given below Please select:


Options are :

  • Ensure that the Ops work stack Is changed to use the AWS specific cookbooks
  • Configure a recipe which sets the configuration file and add It to the Deploy LifeCycle Event of the specific web layer.
  • Configure a recipe which sets the configuration file and add it to the Configure LifeCycle Event of the speci web layer. (Correct)
  • Ensure that the Ops work stack Is changed to use custom cookbooks .„ (Correct)

Answer : Configure a recipe which sets the configuration file and add it to the Configure LifeCycle Event of the speci web layer. Ensure that the Ops work stack Is changed to use custom cookbooks .„

In reviewing the Auto-Scaling events for your application you notice that your application is scaling up and down multiple times in the same hour. What design choice could you make to optimize for costs while preserving elasticity?


Options are :

  • Modify the Amazon Cloud watch alarm period that triggers your Auto Scaling scale down policy. (Correct)
  • Modify the Auto Scaling group termination policy to terminate the newest instance first.
  • Modify the Auto Scaling policy to use scheduled scaling actions
  • Modify the Auto Scaling Group cool down timers (Correct)

Answer : Modify the Amazon Cloud watch alarm period that triggers your Auto Scaling scale down policy. Modify the Auto Scaling Group cool down timers

Questions and Answer : AWS Certified Security Specialty

Your company has an application hosted in AWS which makes use of Dynamo DB. There is a requirement from the IT security department to ensure that all source IP addresses which make calls to the Dynamo DB tables are recorded. Which of the following services can be used to ensure this requirement is fulfilled.


Options are :

  • AWS Code Pipeline
  • AWS Cloud watch
  • AWS Code Commit
  • AWS Cloud Trail (Correct)

Answer : AWS Cloud Trail

You have a set of web servers hosted in AWS which host a web application used by a section of users. You want to monitor the number of errors which occur when using the web application. Which of the below options can be used for this purpose. Choose 3 answers from the options given below?


Options are :

  • Increment a metric filter in Cloud watch whenever the pattern is matched. (Correct)
  • Search for the keyword IRROR” In the log files on the server.
  • Send the logs from the instances onto Cloud watch logs. (Correct)
  • Search for the keyword ERROR? in Cloud watch logs. (Correct)

Answer : Increment a metric filter in Cloud watch whenever the pattern is matched. Send the logs from the instances onto Cloud watch logs. Search for the keyword ERROR? in Cloud watch logs.

You are setting up cloud formation templates for your organization. The cloud formation template consists of creating EC2 Instances for both your development and production environments in the same region. Each of these instances will have an Elastic P and a security group attached to them which will be done via Cloud formation. Your cloud formation stack for the development environment gets successfully created, but then the production cloud formation stack fails. Which of the below could be a reason for this?


Options are :

  • You hit the soft limit of S EIP5 per region when creating the development environment. ..„ (Correct)
  • You didnt choose the Production version of the AMI you are using when creating the production stack.
  • You have chosen the wrong tags when creating the instances in both environments.
  • You hit the soft limit for security groups when creating the development environment.

Answer : You hit the soft limit of S EIP5 per region when creating the development environment. ..„

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 10

You have a web application running on six Amazon EC2 instances, consuming about 45% of resources on each instance. You are using auto-scaling to make sure that six instances are running at all times. The number of requests this application processes is consistent and does not experience spikes. The application is critical to your business and you want high availability at all times. You want the load to be distributed evenly between all instances. You also want to use the same Amazon Machine Image (AMI) for all instances. Which of the following architectural choices should you make?


Options are :

  • Deploy 6 EC2 instances in one availability zone and use Amazon Elastic Load Balancer.
  • Deploy 3 EC2 instances in one availability zone and 3 in another availability zone and use Amazon Elastic Load Balancer. ..„ (Correct)
  • Deploy 3 EC2 Instances in one region and 3 In another region and use Amazon Elastic Load Balancer.
  • Deploy 2 EC2 Instances in three regions and use Amazon Elastic Load Balancer.

Answer : Deploy 3 EC2 instances in one availability zone and 3 in another availability zone and use Amazon Elastic Load Balancer. ..„

You are a Dev ops Engineer for your company. You are responsible for creating Cloud formation templates for your company. There Is a requirement to ensure that an S3 bucket is created for all resources In development for logging purposes. How would you achieve this?


Options are :

  • Create a parameter in the Cloud formation template and then use the Condition clause in the template to create an S3 bucket if the parameter has a value of development .„ (Correct)
  • Use the metadata section in the Cloud formation template to decide on whether to create the S3 bucket or not.
  • Create separate Cloud formation templates for Development and production.
  • Create an S3 bucket from before and then just provide access based on the tag value mentioned in the Cloud formation template

Answer : Create a parameter in the Cloud formation template and then use the Condition clause in the template to create an S3 bucket if the parameter has a value of development .„

Which of the following files needs to be included along with your source code binaries when deploying code using the AWS Code Deploy service


Options are :

  • appspec.yml (Correct)
  • appconfig.yml
  • app config .json
  • apps pec .j son

Answer : appspec.yml

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 2

You have the requirement to get a snapshot of the current configuration of the resources in your AWS Account. Which of the following services can be used for this purpose Please select:


Options are :

  • AWS Trusted Advisor
  • AWS Code Deploy
  • AWS Conflg (Correct)
  • AWS lAM

Answer : AWS Conflg

Your development team is using an Elastic beanstalk environment. After a week, the environment was torn down and a new one was created. When the development team tried to access the data on the older environment, it was not available. Why is this the case?


Options are :

  • This is because the underlying EC2 Instances are created with lOPS volumes and cannot be accessed once1 the environment has been terminated.
  • This is because the underlying EC2 Instances are created with no persistent local storage (Correct)
  • This is because the underlying EC2 Instances are created with encrypted storage and cannot be accessed once the environment has been terminated.
  • This is because before the environment termination. Elastic beanstalk copies the data to Dynamo DB. and hence the data is not present in the EBS volumes

Answer : This is because the underlying EC2 Instances are created with no persistent local storage

Your development team use .Net to code their web application. They want to deploy it to AWS for the purpose of continuous Integration and deployment. The application code is hosted in a Git repository. Which of the following combination of steps can be used to fulfil this requirement. Choose 2 answers from the options given below ?


Options are :

  • Use the Elastic beanstalk service to provision an lIS platform web environment to host the application. (Correct)
  • Create a source bundle for the .Net code and upload It as an application revision. (Correct)
  • Use a chef recipe to deploy the code and attach it to the Elastic beanstalk environment.
  • Use the Code Pipeline service to provision an uS environment to host the application

Answer : Use the Elastic beanstalk service to provision an lIS platform web environment to host the application. Create a source bundle for the .Net code and upload It as an application revision.

AWS SCS-C01 Certified Security Speciality Practice Exam Set 6

You have a set of EC2 Instances hosting an nix server and a web application that is used by a set of users in your organization. After a recent application version upgrade, the instance runs into technical issues and needs an Immediate restart. This does not give you enough time to inspect the cause of the issue on the server. Which of the following options if implemented prior to the incident would have assisted in detecting the underlying cause of the issue?


Options are :

  • Enable detailed monitoring and check the Cloud watch metrics to see the cause of the issue.
  • Create a snapshot of the EBS volume before restart attach it to another instance as a volume and then diagnose the issue.
  • Install Cloud watch logs agent on the instance and send all the logs to Cloud watch logs. (Correct)
  • Stream all the data to Amazon Kinesis and then analyze the data in real time.

Answer : Install Cloud watch logs agent on the instance and send all the logs to Cloud watch logs.

Your company has a set of EC2 Instances that access data objects stored in an S3 bucket. Your IT Security department Is concerned about the security of this architecture and wants you to implement the following 1) Ensure that the EC2 Instance securely accesses the data objects stored in the S3 bucket 2) Ensure that the integrity of the objects stored in S3 is maintained. Which of the following would help fulfill the requirements of the IT Security department. Choose 2 answers from the options given below Please select:


Options are :

  • Use 53 Cross Region replication to replicate the objects so that the integrity of data is maintained.
  • Create an lAM user and ensure the EC2 Instances uses the lAM user credentials to access the data in the bucket.
  • Use an 53 bucket policy that ensures that MFA Delete Is set on the objects In the bucket Your answer is partially correct. (Correct)
  • Create an lAM Role and ensure the EC2 Instances uses the lAM Role to access the data in the bucket. ,, (Correct)

Answer : Use an 53 bucket policy that ensures that MFA Delete Is set on the objects In the bucket Your answer is partially correct. Create an lAM Role and ensure the EC2 Instances uses the lAM Role to access the data in the bucket. ,,

You have been tasked with building out a duplicate environment in another region for disaster recovery purposes. Part of your environment relies on EC2 instances with preconfigured software. What steps would you take to configure the Instances in another region? Choose the correct answer from the options below Please select:


Options are :

  • Create an AMP of the EC2 instance
  • None of the above
  • Make the EC2 instance shareable among other regions through lAM permissions
  • Create an AMP of the EC2 instance and copy the AMI to the desired region (Correct)

Answer : Create an AMP of the EC2 instance and copy the AMI to the desired region

AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 3

You have a development team that is planning for continuous release cycles for their application. They want to use the AWS services available to be able to deploy a web application and also ensure they can rollback to previous versions fairly quickly. Which of the following options can be used to achieve this requirement. Choose 2 answers from the options given below


Options are :

  • Use the Elastic beanstalk service. Use Application versions and upload the revisions of your application. Deploy the revisions accordingly and rollback to prior versions accordingly. (Correct)
  • Use the Ops work service to deploy the web instances. Deploy the app to the Ops work web layer. Rollback using the Deploy app In Ops work. (Correct)
  • Use the Cloud formation service. Create separate templates for each application revision and deploy them accordingly.
  • Use the Elastic beanstalk service. Create separate environments for each application revision. Revert back an environment incase the new environment does not work.

Answer : Use the Elastic beanstalk service. Use Application versions and upload the revisions of your application. Deploy the revisions accordingly and rollback to prior versions accordingly. Use the Ops work service to deploy the web instances. Deploy the app to the Ops work web layer. Rollback using the Deploy app In Ops work.

Your company currently has a set of EC2 Instances sitting behind an Elastic Load Balancer. There is a requirement to create an Ops work stack to host the newer version of this application. The idea Is to first get the stack in place, carry out a level of testing and then deploy it at a later stage. The Ops work stack and layers have been setup. To complete the testing process, the current ELB is being utilized. But you have now noticed that your current application has stopped responding to requests. Why is this the case?


Options are :

  • You have configured the Opswork stack to deploy new instances in the same domain the older instances.
  • This is because the Ops work stack is utilizing the current instances after the ELB was attached as a layer.
  • The ELB would have deregistered the older Instances .- (Correct)
  • This is because the Ops work web layer is utilizing the current instances after the ELB was attached as an additional layer

Answer : The ELB would have deregistered the older Instances .-

You need to deploy a multi-container Ducker environment on to Elastic beanstalk. Which of the following files can be used to deploy a set of Ducker containers to Elastic beanstalk ?


Options are :

  • Ducker run
  • Ducker Multi file
  • Ducker run.aws.json (Correct)
  • Ducker file

Answer : Ducker run.aws.json

AWS DVA-C00 Certified Developer Associate Practice Exam Set 4

You have a set of EC2 Instances in an Auto scaling Group that processes messages from an SQS queue. The messages contain the location In S3 from where video?s need to be processed by the EC2 Instances. When a scale in happens, it is noticed that an at times that the EC2 Instance Is still in a state of processing a video when the instance is terminated. How can you implement a solution which will ensure this does not happen? Please select:


Options are :

  • Change the Cool Down property for the Auto scaling Group
  • Use lifecycle hooks to ensure the processing is complete before the termination occurs (Correct)
  • Suspend the AZRe balance termination policy
  • Increase the minimum and maximum size for the Auto Scaling group. and change the scaling policies so they scale less dynamically.

Answer : Use lifecycle hooks to ensure the processing is complete before the termination occurs

You are designing a cloud formation template to install a set of web servers on EC2 Instances. The following User data needs to be passed to the EC2 Instances # !/b in/bash sudo apt-get update sudo apt-get install -y nginx Where in the cloudformation template would you ideally pass this User Data Please select:


Options are :

  • In the Metadata section of the EC2 Instance in the resources section
  • In the Metadata section othe EC2 Instance in the Output section
  • In the properties section of the EC2 Instance in the resources section (Correct)
  • In the properties section of the EC2 Instance in the Output section

Answer : In the properties section of the EC2 Instance in the resources section

You are a Dev ops engineer for your company. You have been instructed to deploy ducker containers using the Ops work service. How could you achieve this? Choose 2 answers from the options given below Please select:


Options are :

  • Use Elastic beanstalk to deploy ducker containers since this is not possible In Ops work. Then attach the elastic beanstalk environment as a layer in Ops work.
  • In the App for Opswork deployment. specify the git un for the recipes which will deploy the applications in the docker environment. ...- (Correct)
  • Use custom cookbooks for your Ops work stack and provide the Git repository which has the chef recipes for the Ducker containers. (Correct)
  • Use Cloud formation to deploy ducker containers since this is not possible in Opswork. Then attach the Cloud formation resources as a layer in Ops work.

Answer : In the App for Opswork deployment. specify the git un for the recipes which will deploy the applications in the docker environment. ...- Use custom cookbooks for your Ops work stack and provide the Git repository which has the chef recipes for the Ducker containers.

AWS ANS-C00 Certified Advanced Networking Speciality Exam Set 6

Which of the following are ways to ensure that data is secured while in transit when using the AWS Elastic load balancer. Choose 2 answers from the options given below Please select:


Options are :

  • Use an HTTPS front end listener for your ELB (Correct)
  • Use a TCP front end listener for your ELS
  • Use an HTTP front end listener for your ELB
  • Use an SSL front end listener for your ELB (Correct)

Answer : Use an HTTPS front end listener for your ELB Use an SSL front end listener for your ELB

Your company is concerned with EBS volume backup on Amazon EC2 and wants to ensure they have proper backups and that the data Is durable. What solution would you implement and why? Choose the correct answer from the options below?


Options are :

  • Write a crone job that uses the AWS CLI to take a snapshot of production EBS volumes. The data Is durable because EBS snapshots are stored on the Amazon 53 standard storage class „ (Correct)
  • Configure Amazon Storage Gateway with EBS volumes as the data source and store the backups on premise through the storage gateway
  • Write a crone job on the server that compresses the data that needs to be backed up using gzip compressi then use AWS CLI to copy the data into an S3 bucket for durability
  • Use a lifecycle policy to back up EBS volumes stored on Amazon 53 for durability

Answer : Write a crone job that uses the AWS CLI to take a snapshot of production EBS volumes. The data Is durable because EBS snapshots are stored on the Amazon 53 standard storage class „

One of your instances is reporting an unhealthy system status check. However, this is not something you should have to monitor and repair on your own. How might you automate the repair of the system status check failure in an AWS environment? Choose the correct answer from the options given below ?


Options are :

  • Write a script that periodically shuts down and starts instances based on certain stats.
  • Implement a third party monitoring tool
  • Write a script that queries the EC2 API for each instance status check
  • Create Cloud Watch alarms for Status check Failed _System metrics and select EC2 action-Recover the instance (Correct)

Answer : Create Cloud Watch alarms for Status check Failed _System metrics and select EC2 action-Recover the instance

AWS SAP-C00 Certified Solution Architect Professional Exam Set 7

Your company has an application hosted on an Elastic beanstalk environment. You have been instructed that whenever application changes occur and new versions need to be deployed that the fastest deployment approach Is employed. Which of the following deployment mechanisms will fulfill this requirement?


Options are :

  • Rolling
  • All at once (Correct)
  • Immutable
  • Rolling with batch

Answer : All at once

You are using Elastic beanstalk to deploy an application that consists of a web and application server. There is a requirement to run some python scripts before the application version is deployed to the web server. Which of the following can be used to achieve this?


Options are :

  • Make use of Ducker containers
  • Make use of multiple elastic beanstalk environments
  • Make use of container commands (Correct)
  • Make use of custom resources

Answer : Make use of container commands

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions