A Review Of Verified DOP-C01 Exam Guide

NEW QUESTION 1
A user is using Cloudformation to launch an EC2 instance and then configure an application after the instance is launched. The user wants the stack creation of ELB and AutoScaling to wait until the EC2 instance is launched and configured properly. How can the user configure this?

• A. It is not possible that the stackcreation will wait until one service is created and launchedB.The user can use theHoldCondition resource to wait for the creation of the other dependent resources
• B. The user can use theDependentCondition resource to hold the creation of the other dependentresources
• C. The user can use the WaitConditionresource to hold the creation of the other dependent resources

Answer: D

Explanation:
You can use a wait condition for situations like the following:
To coordinate stack resource creation with configuration actions that are external to the stack creation
To track the status of a configuration process
For more information on Cloudformation Wait condition please visit the link
http://docs^ws.amazon.com/AWSCIoudFormation/latest/UserGuide/aws-properties-waitcondition.htmI

NEW QUESTION 2
You have a requirement to automate the creation of EBS Snapshots. Which of the following can be used to achieve this in the best way possible.

• A. Create a powershell script which uses the AWS CLI to get the volumes and then run the script as a cron job.
• B. Use the AWSConfig service to create a snapshot of the AWS Volumes
• C. Use the AWS CodeDeploy service to create a snapshot of the AWS Volumes
• D. Use Cloudwatch Events to trigger the snapshots of EBS Volumes

Answer: D

Explanation:
The best is to use the inbuilt service from Cloudwatch, as Cloud watch Events to automate the creation of CBS Snapshots. With Option A, you would be restricted to
running the powrshell script on Windows machines and maintaining the script itself And then you have the overhead of having a separate instance just to run that
script.
When you go to Cloudwatch events, you can use the Target as EC2 CreateSnapshot API call as shown below.
Create rules to invoke Targets based on Events happening in your AWS environment.

The AWS Documentation mentions
Amazon Cloud Watch Cvents delivers a near real-time stream of system events that describe changes in Amazon Web Services (AWS) resources. Using simple rules
that you can quickly set up, you can match events and route them to one or more target functions or streams. Cloud Watch Cvents becomes aware of operational changes as they occur. Cloud Watch Cvents responds to these operational changes and takes corrective action as necessary, by sending messages to respond to the environment, activating functions, making changes, and capturing state information. For more information on Cloud watch Cvents, please visit the below U RL:
• http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/Whatl sCloudWatchCvents.html

NEW QUESTION 3
Your CTO is very worried about the security of your AWS account. How best can you prevent hackers
from completely hijacking your account?

• A. Useshort but complex password on the root account and any administrators.
• B. UseAWS 1AM Geo-Lock and disallow anyone from logging in except for in your city.
• C. UseMFA on all users and accounts, especially on the root account.
• D. Don'twrite down or remember the root account password after creating the AWSaccount.

Answer: C

Explanation:
The AWS documentation mentions the following on MFA
AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their user name and password (the first factor—what they know), as well as for an authentication code from their AWS MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for your AWS account settings and resources.
For more information on MFA please visit the below link https://aws.ama zon.com/ia m/detai Is/mfa/

NEW QUESTION 4
You were just hired as a DevOps Engineer for a startup. Your startup uses AWS for 100% of their infrastructure. They currently have no automation at all for deployment, and they have had many failures while trying to deploy to production.The company has told you deployment process risk mitigation is the most important thing now, and you have a lot of budget for tools and AWS resources.
Their stack includes a 2-tier API with data stored in DynamoDB or S3, depending on type. The Compute layer is EC2 in Auto Scaling Groups. They use Route53 for DNS pointing to an ELB. An ELB balances load across the EC2 instances. The scaling group properly varies between 4 and 12 EC2 servers. Which of the following approaches, given this company's stack and their priorities, best meets the company's needs?

• A. Model the stack in AWS Elastic Beanstalk as a single Application with multiple Environment
• B. Use Elastic Beanstalk's Rolling Deploy option to progressively roll out application code changes when promoting across environments.
• C. Model the stack in three CloudFormation templates: Data layer, compute layer, and networking laye
• D. Write stack deployment and integration testing automation following Blue-Green methodologie
• E. •>/
• F. Model the stack in AWS OpsWorks as a single Stack, with 1 compute layer and its associated EL
• G. Use Chef and App Deployments to automate Rolling Deployment.
• H. Model the stack in 1 CloudFormation template, to ensure consistency and dependency graph resolutio
• I. Write deployment and integration testingautomation following Rolling Deployment methodologies.

Answer: B

Explanation:
Here you are using 2 of the best practices for deployment, one is Blue Green Deployments and the other is using Nested Cloudformation stacks.
The AWS Documentation mentions the below on nested stacks
As your infrastructure grows, common patterns can emerge in which you declare the same components in each of your templates. You can separate out these common components and create dedicated templates for them. That way, you can mix and match different templates but use nested stacks to create a single,
unified stack. Nested stacks are stacks that create other stacks. To create nested stacks, use the AWS::CloudFormation::Stackresource in your template to reference other templates.
For more information on Cloudformation best practises, please visit the link:
• http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices. html For more information on Blue Green Deployment, please visit the link:
• https://dOawsstatic.com/whitepapers/AWS_Blue_Green_Deployments.pdf

NEW QUESTION 5
By default in Opswork, how many application versions can you rollback up to?

• A. 1
• B. 2
• C. 3
• D. 4

Answer: D

Explanation:
The AWS Documentation mentions the following Restores the previously deployed app version. For example, if you have deployed the app three times and then run Rollback, the server will serve the app from the second deployment. If you run Rollback again, the server will serve the app from the first deployment. By default, AWS OpsWorks Stacks stores the five most recent deployments, which allows you to roll back up to four versions. If you exceed the number of stored versions, the command fails and leaves the oldest version in place.
For more information on Opswork app deployment, please visit the below U RL: http://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploying.html

NEW QUESTION 6
Which of the following services can be used in conjunction with Cloudwatch Logs. Choose the 3 most viable services from the options given below

• A. Amazon Kinesis
• B. Amazon S3
• C. Amazon SQS
• D. Amazon Lambda

Answer: ABD

Explanation:
The AWS Documentation the following products which can be integrated with Cloudwatch logs
1) Amazon Kinesis - Here data can be fed for real time analysis
2) Amazon S3 - You can use CloudWatch Logs to store your log data in highly durable storage such as S3.
3) Amazon Lambda - Lambda functions can be designed to work with Cloudwatch log For more information on Cloudwatch Logs, please refer to the below link: link:http://docs^ws.amazon.com/AmazonCloudWatch/latest/logs/WhatlsCloudWatchLogs.html

NEW QUESTION 7
You have an application which consists of EC2 instances in an Auto Scaling group. Between a particular time frame every day, there is an increase in traffic to your website. Hence users are complaining of a poor response time on the application. You have configured your Auto Scaling group to deploy one new EC2 instance when CPU utilization is greater than 60% for 2 consecutive periods of 5 minutes. What is the least cost-effective way to resolve this problem?

• A. Decrease the consecutive number of collection periods
• B. Increase the minimum number of instances in the Auto Scaling group
• C. Decrease the collection period to ten minutes
• D. Decrease the threshold CPU utilization percentage at which to deploy a new instance

Answer: B

Explanation:
If you increase the minimum number of instances, then they will be running even though the load is not high on the website. Hence you are incurring cost even though there is no need.
All of the remaining options are possible options which can be used to increase the number of instances on a high load.
For more information on On-demand scaling, please refer to the below link: http://docs.aws.amazon.com/autoscaling/latest/userguide/as-scale-based-on-demand.html
Note: The tricky part where the question is asking for 'least cost effective way". You got the design consideration correctly but need to be careful on how the question is phrased.

NEW QUESTION 8
Which of the following CLI commands can be used to describe the stack resources.

• A. awscloudformationdescribe-stack
• B. awscloudformationdescribe-stack-resources
• C. awscloudformation list-stack-resources
• D. awscloudformation list-stack

Answer: C

Explanation:
Answer - C
This is given in the AWS Documentation list-stack-resources
Description
Returns descriptions of all resources of the specified stack.
For deleted stacks, ListStackResources returns resource information for up to 90 days after the stack has been deleted.
See also: AWS API Documentation
See 'aws help' for descriptions of global parameters.
list-stack-resources is a paginated operation. Multiple API calls may be issued in order to retrieve the entire data set of results. You can disable pagination by providing the —no-paginate argument. When using —output text and the —query argument on a paginated response, the —query argument must extract data from the results of the following query expressions: StackResourceSummaries For more information on the CLI command, please visit the below URL:
http://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-stack-resources.html

NEW QUESTION 9
You have a web application composed of an Auto Scaling group of web servers behind a load balancer, and create a new AMI for each application version for deployment. You have a new version to release, and you want to use the A/B deployment technique to migrate users over in a controlled manner while the size of the fleet remains constant over a period of 12 hours, to ensure that the new version is performing well.
What option should you choose to enable this technique while being able to roll back easily?

• A. Createan Auto scaling launch configuration with the new AM
• B. Configure the AutoScalinggroup with the new launch configuratio
• C. Use the Auto Scaling rollingupdates feature to migrate to the new version.
• D. Createan Auto Scaling launch configuration with the new AM
• E. Create an Auto Scalinggroup configured to use the new launch configuration and to register instanceswith the same load balance
• F. Vary the desired capacity of each group tomigrate.
• G. Createan Auto scaling launch configuration with the new AM
• H. Configure Auto Scalingto vary the proportion of instances launched from the two launchconfigurations.
• I. Createa load balance
• J. Create an Auto Scaling launch configuration with the new AMIto use the new launch configuration and to registerinstances with the new loadbalance
• K. Use Amazon Route53 weighted Round Robin to vary the proportion ofrequests sent to the load balancers.
• L. Launchnew instances using the new AMI and attach them to the Auto Scalinggroup.Configure Elastic Load Balancing to vary the proportion of requests sent toinstances running the two application versions.

Answer: D

Explanation:
Since you want to control the usage to the new application in a controlled manner, the best way is to use Route53 weighted method. The AWS documentation
mentions the following on this method
Weighted routing lets you associate multiple resources with a single domain name (example.com) or subdomain name (acme.example.com) and choose how much traffic is routed to each resource. This can be useful for a variety of purposes, including load balancing and testing new versions of software.
For more information on Weighted Round Robin method, please visit the link: http://docs^ws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html/rrouting-policy- weighted

NEW QUESTION 10
There is a requirement for an application hosted on a VPC to access the On-premise LDAP server. The VPC and the On-premise location are connected via an I PSec VPN. Which of the below are the right options for the application to authenticate each user. Choose 2 answers from the options below

• A. Develop an identity broker that authenticates against 1AM security Token service to assume a 1AM role in order to get temporary AWS security credentials The application calls the identity broker to get AWS temporary security credentials.
• B. The application authenticates against LDAP and retrieves the name of an 1AM role associated with the use
• C. The application then calls the 1AM Security Token Service to assume that 1AM rol
• D. The application can use the temporary credentials to access any AWS resources.
• E. Develop an identity broker that authenticates against LDAP and then calls 1AM Security Token Service to get 1AM federated user credential
• F. The application calls the identity broker to get 1AM federated user credentials with access to the appropriate AWS service.
• G. The application authenticates against LDAP the application then calls the AWS identity and Access Management (1AM) Security service to log in to 1AM using the LDAP credentials the application can use the 1AM temporary credentials to access the appropriate AWS service.

Answer: BC

Explanation:
When you have the need for an in-premise environment to work with a cloud environment, you would normally have 2 artefacts for authentication purposes
• An identity store - So this is the on-premise store such as Active Directory which stores all the information for the user's and the groups they below to.
• An identity broker - This is used as an intermediate agent between the on-premise location and the cloud environment. In Windows you have a system known as Active Directory Federation services to provide this facility.
Hence in the above case, you need to have an identity broker which can work with the identity store and the Security Token service in aws. An example diagram of how this works from the aws documentation is given below.

For more information on federated access, please visit the below link: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_federated- users.htm I

NEW QUESTION 11
You currently have the following setup in AWS
1) An Elastic Load Balancer
2) Auto Scaling Group which launches EC2 Instances
3) AMIs with your code pre-installed
You want to deploy the updates of your app to only a certain number of users. You want to have a cost-effective solution. You should also be able to revert back quickly. Which of the below solutions is the most feasible one?

• A. Create a second ELB, and a new Auto Scaling Group assigned a new Launch Configuratio
• B. Create a new AMI with the updated ap
• C. Use Route53 Weighted Round Robin records to adjust the proportion of traffic hitting the two ELBs.
• D. Create new AM Is with the new ap
• E. Then use the new EC2 instances in half proportion to the older instances.
• F. Redeploy with AWS Elastic Beanstalk and Elastic Beanstalk version
• G. Use Route 53 Weighted Round Robin records to adjust the proportion of traffic hitting the two ELBs
• H. Create a full second stack of instances, cut the DNS over to the new stack of instances, and change the DNS back if a rollback is needed.

Answer: A

Explanation:
The Weighted Routing policy of Route53 can be used to direct a proportion of traffic to your application. The best option is to create a second CLB, attach the new Autoscaling Group and then use Route53 to divert the traffic.
Option B is wrong because just having EC2 instances running with the new code will not help.
Option C is wrong because Clastic beanstalk is good for development environments, and also there is no mention of having 2 environments where environment url's
can be swapped.
Option D is wrong because you still need Route53 to split the traffic.
For more information on Route53 routing policies, please refer to the below link: http://docs.aws.a mazon.com/Route53/latest/DeveloperGuide/routing-policy. html

NEW QUESTION 12
You set up a web application development environment by using a third party configuration management tool to create a Docker container that is run on local developer machines.
What should you do to ensure that the web application and supporting network storage and security infrastructure does not impact your application after you deploy into AWS for staging and production environments?

• A. Writea script using the AWS SDK or CLI to deploy the application code from versioncontrol to the local development environments staging and production usingAWSOpsWorks.
• B. Definean AWS CloudFormation template to place your infrastructure into versioncontrol and use the same template to deploy the Docker container into ElasticBeanstalk for staging and production.
• C. Becausethe application is inside a Docker container, there are no infrastructuredifferences to be taken into account when moving from the local developmentenvironments to AWS for staging and production.
• D. Definean AWS CloudFormation template for each stage of the application deploymentlifecycle - development, staging and production -and have tagging in eachtemplate to define the environment.

Answer: B

Explanation:
Clastic Beanstalk supports the deployment of web applications from Docker containers. With Docker containers, you can define your own runtime environment. You can choose your own platform, programming language, and any application dependencies (such as package managers or tools), that aren't supported by other platforms. Docker containers are self-contained and include all the configuration information and software your web application requires to run.
By using Docker with Elastic Beanstalk, you have an infrastructure that automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring.
This seems to be more appropriate than Option D.
◆ https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.htmI
For more information on Cloudformation best practises, please visit the link: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.htmI

NEW QUESTION 13
You have an Auto Scaling group of Instances that processes messages from an Amazon Simple Queue Service (SQS) queue. The group scales on the size of the queue. Processing Involves calling a third- party web service. The web service is complaining about the number of failed and repeated calls it is receiving from you. You have noticed that when the group scales in, instances are being terminated while they are processing. What cost-effective solution can you use to reduce the number of incomplete process attempts?

• A. Create a new Auto Scaling group with minimum and maximum of 2 and instances running web proxy softwar
• B. Configure the VPC route table to route HTTP traffic to these web proxies.
• C. Modify the application running on the instances to enable termination protection while it processes a task and disable it when the processing is complete.
• D. Increase the minimum and maximum size for the Auto Scalinggroup, and change the scaling policies so they scale less dynamically.
• E. Modify the application running on the instances to put itself into an Auto Scaling Standby state while it processes a task and return itself to InService when the processing is complete.

Answer: D

Explanation:
The following diagram shows the lifecycle of the instances in Autoscaling

You can put the instances in a standby state, via the application, do the processing and then put the instance back in a state where it can be governed by the
Autoscaling Group.
For more information on the Autoscaling Group Lifecycle please refer to the below link: http://docs.aws.amazon.com/autoscaling/latest/userguide/AutoScaingGroupl_ifecycle.htm I Note: As per AWS documentation.
To control whether an Auto Scaling group can terminate a particular instance when scaling in, use instance protection.
It is termed as Instance protection rather than termination protection when we refer it with "Scaling in process" of ASG.
For more information please view the following link: https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.htmlffinstance- protection-instance

NEW QUESTION 14
You are a Devops engineer for your company.There is a requirement to host a custom application which has custom dependencies for a development team. This needs to be done using AWS service. Which of the following is the ideal way to fulfil this requirement.

• A. Packagethe application and dependencies with Docker, and deploy the Docker containerwith CloudFormation.
• B. Packagethe application and dependencies with Docker, and deploy the Docker containerwith Elastic Beanstalk.
• C. Packagethe application and dependencies in an S3 file, and deploy the Docker containerwith Elastic Beanstalk.
• D. Packagethe application and dependencies with in Elastic Beanstalk, and deploy withElastic Beanstalk

Answer: B

Explanation:
The AWS Documentation mentions
Clastic Beanstalk supports the deployment of web applications from Docker containers. With Docker containers, you can define your own runtime environment. You can choose your own platform, programming language, and any application dependencies (such as package managers or tools), that aren't supported by other platforms. Docker containers are self-contained and include all the configuration information and software your web application requires to run.
For more information on Elastic beanstalk and Docker, please visit the below URL: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.html

NEW QUESTION 15
You are building a Ruby on Rails application for internal, non-production use which uses MySQL as a database. You want developers without very much AWS experience to be able to deploy new code with a single command line push. You also want to set this up as simply as possible. Which tool is ideal for this setup?

• A. AWSCIoudFormation
• B. AWSOpsWorks
• C. AWS ELB+ EC2 with CLI Push
• D. AWS Elastic Beanstalk

Answer: D

Explanation:
With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without worrying about the infrastructure that runs those applications.
AWS Elastic Beanstalk reduces management complexity without restricting choice or control. You simply upload your application, and Elastic Beanstalk automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring
Elastic Beanstalk supports applications developed in Java, PHP, .NET, Node.js, Python, and Ruby, as well as different container types for each language.
For more information on Elastic beanstalk, please visit the below URL:
• http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html

NEW QUESTION 16
Your company develops a variety of web applications using many platforms and programming languages with different application dependencies. Each application must be developed and deployed quickly and be highly available to satisfy your business requirements. Which of the following methods should you use to deploy these applications rapidly?

• A. Develop the applications in Docker containers, and then deploy them to Elastic Beanstalk environments with Auto Scaling and Elastic Load Balancing.
• B. Use the AWS CloudFormation Docker import service to build and deploy the applications with high availability in multiple Availability Zones.
• C. Develop each application's code in DynamoDB, and then use hooks to deploy it to Elastic Beanstalk environments with Auto Scaling and Elastic Load Balancing.
• D. Store each application's code in a Git repository, develop custom package repository managers for each application's dependencies, and deploy to AWS OpsWorks in multiple Availability Zones.

Answer: A

Explanation:
Elastic Beanstalk supports the deployment of web applications from Docker containers. With Docker containers, you can define your own runtime environment. You can choose your own platform, programming language, and any application dependencies (such as package managers or tools), that aren't supported by other platforms. Docker containers are self-contained and include all the configuration information and software your web application requires to run.
By using Docker with Elastic Beanstalk, you have an infrastructure that automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring.
For more information on Dockers and Elastic beanstalk please refer to the below link:
• http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.html

NEW QUESTION 17
Explain what the following resource in a CloudFormation template does? Choose the best possible answer.

• A. Createsan SNS topic which allows SQS subscription endpoints to be added as a parameteron thetemplate
• B. Createsan SNS topic that allow SQS subscription endpoints
• C. Createsan SNS topic and then invokes the call to create an SQS queue with a logicalresource name of SQSQueue
• D. Creates an SNS topic and adds asubscription ARN endpoint for the SQS resource created under the logical nameSQSQueue

Answer: D

Explanation:
The intrinsic function Fn::GetAtt returns the value of an attribute from a resource in the template. This has nothing to do with adding parameters (Option A is wrong) or allowing endpoints (Option B is wrong) or invoking relevant calls (Option C is wrong)
For more information on Fn:: GetAtt function please refer to the below link
http://docs.aws.a mazon.com/AWSCIoudFormation/latest/UserGuide/intrinsic-function -reference- getatt.htm I

NEW QUESTION 18
Which of the following is the default deployment mechanism used by Elastic Beanstalk when the application is created via Console or EBCLI?

• A. All at Once
• B. Rolling Deployments
• C. Rolling with additional batch
• D. Immutable

Answer: B

Explanation:
The AWS documentation mentions
AWS Elastic Beanstalk provides several options for how deployments are processed, including deployment policies (All at once. Rolling, Rolling with additional batch,
and Immutable) and options that let you configure batch size and health check behavior during deployments. By default, your environment uses rolling deployments
if you created it with the console or EB CLI, or all at once deployments if you created it with a different client (API, SDK or AWS CLI).
For more information on Elastic Beanstalk deployments, please refer to the below link:
• http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.rolling-version- deploy.html

NEW QUESTION 19
Your CTO has asked you to make sure that you know what all users of your AWS account are doing to change resources at all times. She wants a report of who is doing what over time, reported to her once per week, for as broad a resource type group as possible. How should you do this?

• A. Create a global AWS CloudTrail Trai
• B. Configure a script to aggregate the log data delivered to S3 once per week and deliver this to the CTO.
• C. Use CloudWatch Events Rules with an SNS topic subscribed to all AWS API call
• D. Subscribe the CTO to an email type delivery on this SNS Topic.
• E. Use AWS 1AM credential reports to deliver a CSV of all uses of 1AM UserTokens overtime to the CTO.
• F. Use AWS Config with an SNS subscription on a Lambda, and insert these changes over time into a DynamoDB tabl
• G. Generate reports based on the contents of this table.

Answer: A

Explanation:
AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.
Visibility into your AWS account activity is a key aspect of security and operational best practices. You can use CloudTrail to view, search, download, archive, analyze, and respond to account activity across your AWS infrastructure. You can identify who or what took which action, what resources were acted upon, when the event occurred, and other details to help you analyze and respond to activity in your AWS account.
For more information on Cloudtrail, please visit the below URL:
• http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html

NEW QUESTION 20
You have decided to migrate your application to the cloud. You cannot afford any downtime. You want to gradually migrate so that you can test the application with a small percentage of users and increase over time. Which of these options should you implement?

• A. Use Direct Connect to route traffic to the on-premise locatio
• B. In DirectConnect, configure the amount of traffic to be routed to the on-premise location.
• C. Implement a Route 53 failover routing policy that sends traffic back to the on-premises application if the AWS application fails.
• D. Configure an Elastic Load Balancer to distribute the traffic between the on-premises application and the AWS application.
• E. Implement a Route 53 weighted routing policy that distributes the traffic between your on- premises application and the AWS application depending on weight.

Answer: D

Explanation:
Option A is incorrect because DirectConnect cannot control the flow of traffic.
Option B is incorrect because you want to split the percentage of traffic. Failover will direct all of the traffic to the backup servers.
Option C is incorrect because you cannot control the percentage distribution of traffic.
Weighted routing lets you associate multiple resources with a single domain name (example.com) or subdomain name (acme.example.com) and choose how much traffic is routed to each resource. This can be useful for a variety of purposes, including load
balancing and testing new versions of software.
For more information on the Routing policy please refer to the below link: http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html

NEW QUESTION 21
You need to monitor specific metrics from your application and send real-time alerts to your Devops Engineer. Which of the below services will fulfil this requirement? Choose two answers

• A. Amazon CloudWatch
• B. Amazon Simple Notification Service
• C. Amazon Simple Queue Service
• D. Amazon Simple Email Service

Answer: AB

Explanation:
Amazon Cloud Watch monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time. You can use Cloud Watch to collect and track metrics, which are variables you can measure for your resources and applications. Cloud Watch alarms send notifications or automatically make changes to the resources you are monitoring based on rules that you define.
For more information on AWS Cloudwatch, please refer to the below document link: from AWS
• http://docs.aws.a mazon.com/AmazonCloudWatch/latest/monitoring/WhatlsCloud Watch.htm I Amazon Cloud Watch uses Amazon SNS to send email. First, create and subscribe to an SNS topic.
When you create a CloudWatch alarm, you can add this SNS topic to send an email notification when the alarm changes state
For more information on AWS Cloudwatch and SNS, please refer to the below document link: from AWS
http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/US_SetupSNS.html

NEW QUESTION 22
Your company has a number of Cloudformation stacks defined in AWS. As part of the routine housekeeping activity, a number of stacks have been targeted for deletion. But a few of the stacks are not getting deleted and are failing when you are trying to delete them. Which of the following could be valid reasons for this? Choose 2 answers from the options given below

• A. Thestacks were created with the wrong template versio
• B. Since the standardtemplate version is now higher, it is preventing the deletion of the stacks.You need to contact AWS support.
• C. Thestack has an S3 bucket defined which has objects present in it.
• D. Thestack has a EC2 Security Group which has EC2 Instances attached to it.
• E. Thestack consists of an EC2 resource which was created with a custom AMI.

Answer: BC

Explanation:
The AWS documentation mentions the below point
Some resources must be empty before they can be deleted. For example, you must delete all objects in an Amazon S3 bucket or remove all instances in an Amazon
CC2 security group before you can delete the bucket or security group
For more information on troubleshooting cloudformation stacks, please visit the below URL:
• http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/troubleshooting.html

NEW QUESTION 23
You are managing an application that contains Go as the front end, MongoDB for document management and is hosted on a relevant Web server. You pre-bake AMI'S with the latest version of the Web server, then user the User Data section to setup the application. You now have a change to the underlying Operating system version and need to deploy that accordingly. How can this be done
in the easiest way possible.

• A. Createa new EBS Volume with the relevant OS patches and attach it to the EC2lnstance.
• B. Createa Cloudformation stack with the new AMI and then deploy the applicationaccordingly.
• C. Createa new pre-baked AM I with the new OS and use the User Data seciton to deploy theapplication.
• D. Createan Opswork stack with the new AMI and then deploy the application accordingly.

Answer: C

Explanation:
The best way in this scenario is to continue the same deployment process which was being used and create a new AMI and then use the User Data section to deploy the application.
For more information on AWS AMI's please see the below link:
• http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/AMIs.htmls

NEW QUESTION 24
You have a requirement to automate the creation of EBS Snapshots. Which of the following can be
used to achieve this in the best way possible?

• A. Createa powershell script which uses the AWS CLI to get the volumes and then run thescript as a cron job.
• B. Usethe A WSConf ig service to create a snapshot of the AWS Volumes
• C. Usethe AWS CodeDeploy service to create a snapshot of the AWS Volumes
• D. UseCloudwatch Events to trigger the snapshots of EBS Volumes

Answer: D

Explanation:
The best is to use the inbuilt sen/ice from Cloudwatch, as Cloud watch Events to automate the creation of CBS Snapshots. With Option A, you would be restricted to
running the powrshell script on Windows machines and maintaining the script itself And then you have the overhead of having a separate instance just to run that script.
When you go to Cloudwatch events, you can use the Target as EC2 CreateSnapshot API call as shown below.

The AWS Documentation mentions
Amazon Cloud Watch Cvents delivers a near real-time stream of system events that describe changes in Amazon Web Services (AWS) resources. Using simple rules that you can quickly set up, you can match events and route them to one or more target functions or streams. Cloud Watch Cvents becomes aware of operational changes as they occur. Cloud Watch Cvents responds to these operational changes and takes corrective action as necessary, by sending messages to respond to the environment, activating functions, making changes, and capturing state information.
For more information on Cloud watch Cvents, please visit the below U RL:
• http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/WhatlsCloudWatchCvents.htmI

NEW QUESTION 25
The development team has developed a new feature that uses an AWS service and wants to test it from inside a staging VPC. How should you test this feature with the fastest turnaround time?

• A. Launchan Amazon Elastic Compute Cloud (EC2) instance in the staging VPC in responseto a development request, and use configuration management to set up theapplicatio
• B. Run any testing harnesses to verify application functionality andthen use Amazon Simple Notification Service (SNS) to notify the developmentteam of the results.
• C. Usean Amazon EC2 instance that frequently polls the version control system todetect the new feature, use AWS CloudFormation and Amazon EC2 user data to runany testing harnesses to verify application functionality and then use AmazonSNS to notify the development team of the results.
• D. Usean Elastic Beanstalk application that polls the version control system todetect the new feature, use AWS CloudFormation and Amazon EC2 user data to runany testing harnesses to verify application functionality and then use AmazonKinesis to notify the development team of the results.
• E. UseAWS CloudFormation to launch an Amazon EC2 instance use Amazon EC2 user data torun any testing harnesses to verify application functionality and then useAmazon Kinesis to notify the development team of the results.

Answer: A

Explanation:
Using Amazon Kinesis would just take more time in setup and would not be ideal to notify the relevant team in the shortest time possible.
Since the test needs to be conducted in the staging VPC, it is best to launch the CC2 in the staging VPC.
For more information on the Simple Notification service, please visit the link:
• https://aws.amazon.com/sns/

NEW QUESTION 26
......