Certified AWS-Certified-DevOps-Engineer-Professional Study Guides 2019

We provide in two formats. Download PDF & Practice Tests. Pass Amazon AWS-Certified-DevOps-Engineer-Professional Exam quickly & easily. The AWS-Certified-DevOps-Engineer-Professional PDF type is available for reading and printing. You can print more and practice many times. With the help of our product and material, you can easily pass the AWS-Certified-DevOps-Engineer-Professional exam.

Online AWS-Certified-DevOps-Engineer-Professional free questions and answers of New Version:

You need to perform ad-hoc business analytics queries on well-structured data. Data comes in constantly at a high velocity. Your business intelligence team can understand SQL. What AWS service(s) should you look to first?

  • A. Kinesis Firehose + RDS
  • B. Kinesis Firehose + RedShift
  • C. EMR using Hive
  • D. EMR running Apache Spark

Answer: B

Explanation: Kinesis Firehose provides a managed service for aggregating streaming data and inserting it into RedShift. RedShift also supports ad-hoc queries over well-structured data using a SQL-compliant wire protocol, so the business team should be able to adopt this system easily.
Reference: https://aws.amazon.com/kinesis/firehose/detai|s/

What is the scope of an EC2 security group?

  • A. Availability Zone
  • B. Placement Group
  • C. Region
  • D. VPC

Answer: C

Explanation: A security group is tied to a region and can be assigned only to instances in the same region. You can't enable an instance to communicate with an instance outside its region using security group rules. Traffic
from an instance in another region is seen as WAN bandwidth.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resources.htmI

What is server immutability?

  • A. Not updating a server after creation.
  • B. The ability to change server counts.
  • C. Updating a server after creation.
  • D. The inability to change server count

Answer: A

Explanation: disposable upgrades offer a simpler way to know if your application has unknown dependencies. The underlying EC2 instance usage is considered temporary or ephemeral in nature for the period of deployment until the current release is active. During the new release, a new set of EC2 instances are rolled out by terminating older instances. This type of upgrade technique is more common in an immutable infrastructure.
Reference: https://d0.awsstatic.com/whitepapers/overview-of-deployment-options-on-aws.pdf

Your company wants to understand where cost is coming from in the company's production AWS account. There are a number of applications and services running at any given time. Without expending too much initial development time, how best can you give the business a good understanding of which applications cost the most per month to operate?

  • A. Create an automation script which periodically creates AWS Support tickets requesting detailed intra-month information about your bill.
  • B. Use custom CIoudWatch Metrics in your system, and put a metric data point whenever cost is incurred.
  • C. Use AWS Cost Allocation Tagging for all resources which support i
  • D. Use the Cost Explorer to analyze costs throughout the month.
  • E. Use the AWS Price API and constantly running resource inventory scripts to calculate total price based on multiplication of consumed resources over time.

Answer: C

Explanation: Cost Allocation Tagging is a built-in feature of AWS, and when coupled with the Cost Explorer, provides a simple and robust way to track expenses.
You can also use tags to filter views in Cost Explorer. Note that before you can filter views by tags in Cost Explorer, you must have applied tags to your resources and activate them, as described in the following sections. For more information about Cost Explorer, see Analyzing Your Costs with Cost Explorer. Reference: http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html

What does it mean if you have zero IOPS and a non-empty I/O queue for all EBS volumes attached to a running EC2 instance?

  • A. The I/O queue is buffer flushing.
  • B. Your EBS disk head(s) is/are seeking magnetic stripes.
  • C. The EBS volume is unavailable.
  • D. You need to re-mount the EBS volume in the O

Answer: C

Explanation: This is the definition of Unavailable from the EC2 and EBS SLA.
"UnavaiIabIe" and "Unavai|abi|ity" mean... For Amazon EBS, when all of your attached volumes perform zero read write IO, with pending IO in the queue.
Reference: https://aws.amazon.com/ec2/s|a/

For AWS CIoudFormation, which stack state refuses UpdateStack calls?

  • A. <code>UPDATE_ROLLBACK_FAILED</code>
  • C. <code>UPDATE_CONIPLETE</code>
  • D. <code>CREATE_COMPLETE</code>

Answer: A

Explanation: When a stack is in the UPDATE_ROLLBACK_FA|LED state, you can continue rolling it back to return it to a working state (to UPDATE_ROLLBACK_COMPLETE). You cannot update a stack that is in the UPDATE_ROLLBACK_FA|LED state. However, if you can continue to roll it back, you can return the stack to its original settings and try to update it again.
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/using-cfn-updating-stacks-continueu pdateroIIback.htmI

You need to create an audit log of all changes to customer banking data. You use DynamoDB to store this customer banking data. |t's important not to lose any information due to server failures. What is an elegant way to accomplish this?

  • A. Use a DynamoDB StreamSpecification and stream all changes to AWS Lambd
  • B. Log the changes toAWS CIoudWatch Logs, removing sensitive information before logging.
  • C. Before writing to DynamoDB, do a pre-write acknoledgment to disk on the application sewer, removing sensitive information before loggin
  • D. Periodically rotate these log files into S3.
  • E. Use a DynamoDB StreamSpecification and periodically flush to an EC2 instance store, removing sensitive information before putting the object
  • F. Periodically flush these batches to S3.
  • G. Before writing to DynamoDB, do a pre-write acknoledgment to disk on the application sewer, removing sensitive information before loggin
  • H. Periodically pipe these files into CloudWatch Logs.

Answer: A

Explanation: All suggested periodic options are sensitive to sewer failure during or between periodic flushes. Streaming to Lambda and then logging to CIoudWatch Logs will make the system resilient to instance and Availability Zone failures.
Reference: http://docs.aws.amazon.com/Iambda/latest/dg/with-ddb.html

Which of these is not a CIoudFormation Helper Script?

  • A. cfn-signal
  • B. cfn-hup
  • C. cfn-request
  • D. cfn-get-metadata

Answer: C

Explanation: This is the complete list of CloudFormation Helper Scripts: cfn-init, cfn-signal, cfn-get-metadata, cfn-hup Reference:

You run a clustered NoSQL database on AWS EC2 using AWS EBS. You need to reduce latency for database response times. Performance is the most important concern, not availability. You did not perform the initial setup, someone without much AWS knowledge did, so you are not sure if they configured everything optimally. Which of the following is NOT likely to be an issue contributing to increased latency?

  • A. The EC2 instances are not EBS Optimized.
  • B. The database and requesting system are both in the wrong Availability Zone.
  • C. The EBS Volumes are not using PIOPS.
  • D. The database is not running in a placement grou

Answer: B

Explanation: For the highest possible performance, all instances in a clustered database like this one should be in a single Availability Zone in a placement group, using EBS optimized instances, and using PIOPS SSD EBS Volumes. The particular Availability Zone the system is running in should not be important, as long as it is the same as the requesting resources.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html

Which of these is not a Pseudo Parameter in AWS CIoudFormation?

  • A. AWS::StackName
  • B. AWS::AccountId
  • C. AWS::StackArn
  • D. AWS::NotificationARNs

Answer: C

Explanation: This is the complete list of Pseudo Parameters: AWS::Account|d, AWS::NotificationARNs, AWS::NoVaIue, AWS::Region, AWS::StackId, AWS::StackName

You are building out a layer in a software stack on AWS that needs to be able to scale out to react to increased demand as fast as possible. You are running the code on EC2 instances in an Auto Scaling Group behind an ELB. Which application code deployment method should you use?

  • A. SSH into new instances that come online, and deploy new code onto the system by pulling it from an S3 bucket, which is populated by code that you refresh from source control on new pushes.
  • B. Bake an AMI when deploying new versions of code, and use that AMI for the Auto Scaling Launch Configuration.
  • C. Create a Dockerfile when preparing to deploy a new version to production and publish it to S3. Use UserData in the Auto Scaling Launch configuration to pull down the Dockerfile from S3 and run it when new instances launch.
  • D. Create a new Auto Scaling Launch Configuration with UserData scripts configured to pull the latest code at all times.

Answer: B

Explanation: the bootstrapping process can be slower if you have a complex application or multiple applications to install. Managing a fileet of applications with several build tools and dependencies can be a challenging task during rollouts. Furthermore, your deployment service should be designed to do faster rollouts to take advantage of Auto Scaling.
Reference: https://d0.awsstatic.com/whitepapers/overview-of-deployment-options-on-aws.pdf

You need to create a Route53 record automatically in CIoudFormation when not running in production during all launches of a Template. How should you implement this?

  • A. Use a <code>Parameter</code> for <code>environment</code>, and add a <code>Condition</code> on the Route53 <code>Resource</code> in the template to create the record only when<code>environment</code> is not <code>production</code>.
  • B. Create two templates, one with the Route53 record value and one with a null value for the recor
  • C. Use the one without it when deploying to production.
  • D. Use a <code>Parameter</code> for <code>environment</code>, and add a <code>Condition</code> on the Route53 <code>Resource</code> in the template to create the record with a null string when<code>environment</code> is <code>production</code>.
  • E. Create two templates, one with the Route53 record and one without i
  • F. Use the one without it when deploying to production.

Answer: A

Explanation: The best way to do this is with one template, and a Condition on the resource. Route53 does not allow null strings for records.

You need to know when you spend $1000 or more on AWS. What's the easy way for you to see that notification?

  • A. AWS CIoudWatch Events tied to API calls, when certain thresholds are exceeded, publish to SNS.
  • B. Scrape the billing page periodically and pump into Kinesis.
  • C. AWS CIoudWatch Metrics + Billing Alarm + Lambda event subscriptio
  • D. When a threshold is exceeded, email the manager.
  • E. Scrape the billing page periodically and publish to SN

Answer: C

Explanation: Even if you're careful to stay within the free tier, it's a good idea to create a billing alarm to notify you if you exceed the limits of the free tier. Billing alarms can help to protect you against unknowingly accruing charges if you inadvertently use a service outside of the free tier or if traffic exceeds your expectations. Reference: http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/free-tier-aIarms.htmI

From a compliance and security perspective, which of these statements is true?

  • A. You do not ever need to rotate access keys for AWS IAM Users.
  • B. You do not ever need to rotate access keys for AWS IAM Roles, nor AWS IAM Users.
  • C. None of the other statements are true.
  • D. You do not ever need to rotate access keys for AWS IAM Role

Answer: D

Explanation: IAM Role Access Keys are auto-rotated by AWS on your behalf; you do not need to rotate them.
The application is granted the permissions for the actions and resources that you've defined for the role through the security credentials associated with the role. These security credentials are temporary and we
rotate them automatically. We make new credentials available at least five minutes prior to the expiration of the old credentials.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

What is the scope of an EBS snapshot?

  • A. Availability Zone
  • B. Placement Group
  • C. Region
  • D. VPC

Answer: C

Explanation: An EBS snapshot is tied to its region and can only be used to create volumes in the same region. You can copy a snapshot from one region to another. For more information, see Copying an Amazon EBS Snapshot.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resources.htmI

You have been asked to de-risk deployments at your company. Specifically, the CEO is concerned about outages that occur because of accidental inconsistencies between Staging and Production, which sometimes cause unexpected behaviors in Production even when Staging tests pass.
You already use Docker to get high consistency between Staging and Production for the application environment on your EC2 instances. How do you further de-risk the rest of the execution environment, since in AWS, there are many service components you may use beyond EC2 virtual machines?

  • A. Develop models of your entire cloud system in CIoudFormatio
  • B. Use this model in Staging and Production to achieve greater parity.
  • C. Use AWS Config to force the Staging and Production stacks to have configuration parit
  • D. Any differences will be detected for you so you are aware of risks.
  • E. Use AMIs to ensure the whole machine, including the kernel of the virual machines, is consistent, since Docker uses Linux Container (LXC) technology, and we need to make sure the container environment is consistent.
  • F. Use AWS ECS and Docker clusterin
  • G. This will make sure that the AMIs and machine sizes are the same across both environments.

Answer: A

Explanation: Only CIoudFormation's JSON Templates allow declarative version control of repeatably deployable models of entire AWS clouds.
Reference: https://bIogs.aws.amazon.com/application-management/blog/category/Best+practices

You meet once per month with your operations team to review the past month's data. During the meeting, you realize that 3 weeks ago, your monitoring system which pings over HTTP from outside AWS recorded a large spike in latency on your 3-tier web service API.
You use DynamoDB for the database layer, ELB, EBS, and EC2 for the business logic tier, and SQS, ELB, and EC2 for the presentation layer.
Which of the following techniques will NOT help you figure out what happened?

  • A. Check your CIoudTraiI log history around the spike's time for any API calls that caused slowness.
  • B. Review CIoudWatch Metrics graphs to determine which component(s) slowed the system down.
  • C. Review your ELB access logs in S3 to see if any ELBs in your system saw the latency.
  • D. Analyze your logs to detect bursts in traffic at that tim

Answer: B

Explanation: Metrics data are available for 2 weeks. If you want to store metrics data beyond that duration, you can retrieve it using our GetMetricStatistics API as well as a number of applications and tools offered by AWS partners.
Reference: https://aws.amazon.com/cIoudwatch/faqs/

Thanks for reading the newest AWS-Certified-DevOps-Engineer-Professional exam dumps! We recommend you to try the PREMIUM Surepassexam AWS-Certified-DevOps-Engineer-Professional dumps in VCE and PDF here: https://www.surepassexam.com/AWS-Certified-DevOps-Engineer-Professional-exam-dumps.html (102 Q&As Dumps)