Amazon AWS-Certified-DevOps-Engineer-Professional ExamAmazon AWS Certified DevOps Engineer Professional

Total Question: 371 Last Updated: Jun 13,2019
  • Updated AWS-Certified-DevOps-Engineer-Professional Dumps
  • Based on Real AWS-Certified-DevOps-Engineer-Professional Exams Scenarios
  • Free AWS-Certified-DevOps-Engineer-Professional pdf Demo Available
  • Check out our AWS-Certified-DevOps-Engineer-Professional Dumps in a new PDF format
  • Instant AWS-Certified-DevOps-Engineer-Professional download
  • Guarantee AWS-Certified-DevOps-Engineer-Professional success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial

Printable AWS-Certified-DevOps-Engineer-Professional Study Guides 2019

are updated and are verified by experts. Once you have completely prepared with our you will be ready for the real AWS-Certified-DevOps-Engineer-Professional exam without a problem. We have . PASSED First attempt! Here What I Did.

Amazon AWS-Certified-DevOps-Engineer-Professional Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
You run a 2000-engineer organization. You are about to begin using AWS at a large scale for the first time. You want to integrate with your existing identity management system running on Microsoft Active Directory, because your organization is a power-user of Active Directory. How should you manage your AWS identities in the most simple manner?

  • A. Use a large AWS Directory Service Simple AD.
  • B. Use a large AWS Directory Service AD Connector.
  • C. Use an Sync Domain running on AWS Directory Service.
  • D. Use an AWS Directory Sync Domain running on AWS Lambda

Answer: B

Explanation: You must use AD Connector as a power-user of Microsoft Active Directory. Simple AD only works with a subset of AD functionality. Sync Domains do not exist; they are made up answers.
AD Connector is a directory gateway that allows you to proxy directory requests to your on-premises Nlicrosoft Active Directory, without caching any information in the cloud. AD Connector comes in 2 sizes; small and large. A small AD Connector is designed for smaller organizations of up to 500 users. A large AD Connector is designed for larger organizations of up to 5,000 users.
Reference: https://aws.amazon.com/directoryservice/detaiIs/

NEW QUESTION 2
Your appIication's Auto Scaling Group scales up too quickly, too much, and stays scaled when traffic decreases. What should you do to fix this?

  • A. Set a longer cooldown period on the Group, so the system stops overshooting the target capacit
  • B. The issue is that the scaling system doesn't allow enough time for new instances to begin servicing requests before measuring aggregate load again.
  • C. Calculate the bottleneck or constraint on the compute layer, then select that as the new metric, and set the metric thresholds to the bounding values that begin to affect response latency.
  • D. Raise the CIoudWatch Alarms threshold associated with your autoscaling group, so the scaling takes more of an increase in demand before beginning.
  • E. Use larger instances instead of lots of smaller ones, so the Group stops scaling out so much and wasting resources as the OS level, since the OS uses a higher proportion of resources on smaller instances.

Answer: B

Explanation: Systems will always over-scale unless you choose the metric that runs out first and becomes constrained first. You also need to set the thresholds of the metric based on whether or not latency is affected by the change, tojustify adding capacity instead of wasting money.
Reference: http://docs.aws.amazon.com/AutoSca|ing/latest/DeveIoperGuide/poIicy_creating.htmI

NEW QUESTION 3
What is the scope of an EC2 EIP?

  • A. Placement Group
  • B. Availability Zone
  • C. Region
  • D. VPC

Answer: C

Explanation: An Elastic IP address is tied to a region and can be associated only with an instance in the same region. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resources.htmI

NEW QUESTION 4
For AWS Auto Scaling, what is the first transition state a new instance enters after leaving steady state when scaling out due to increased load?

  • A. EnteringStandby
  • B. Pending
  • C. Terminating:Wait
  • D. Detaching

Answer: B

Explanation: When a scale out event occurs, the Auto Scaling group launches the required number of EC2 instances, using its assigned launch configuration. These instances start in the Pending state. If you add a lifecycle hook to your Auto Scaling group, you can perform a custom action here. For more information, see Lifecycle Hooks.
Reference: http://docs.aws.amazon.com/AutoScaling/latest/DeveIoperGuide/AutoScaIingGroupLifecycIe.html

NEW QUESTION 5
What method should I use to author automation if I want to wait for a CIoudFormation stack to finish completing in a script?

  • A. Event subscription using SQS.
  • B. Event subscription using SNS.
  • C. Poll using <code>ListStacks</code> / <code>Iist-stacks</code>.
  • D. Poll using <code>GetStackStatus</code> / <code>get-stack-status</code>.

Answer: C

Explanation: Event driven systems are good for IFTTT logic, but only polling will make a script wait to complete. ListStacks / list-stacks is a real method, GetStackStatus / get-stack-status is not.
Reference: http://docs.aws.amazon.com/cli/latest/reference/cloudformation/Iist-stacks.html

NEW QUESTION 6
What is the order of most-to-least rapidly-scaling (fastest to scale first)?
(A) EC2 + ELB + Auto Scaling (B) Lambda (C) RDS

  • A. B, A, C
  • B. C, B, A
  • C. C, A, B
  • D. A, C, B

Answer: A

Explanation: Lambda is designed to scale instantly. EC2 + ELB + Auto Scaling require single-digit minutes to scale out. RDS will take atleast 15 minutes, and will apply OS patches or any other updates when applied. Reference: https://aws.amazon.com/|ambda/faqs/

NEW QUESTION 7
You are experiencing performance issues writing to a DynamoDB table. Your system tracks high scores for video games on a marketplace. Your most popular game experiences all of the performance issues. What is the most likely problem?

  • A. DynamoDB's vector clock is out of sync, because of the rapid growth in request for the most popular game.
  • B. You selected the Game ID or equivalent identifier as the primary partition key for the table.
  • C. Users of the most popular video game each perform more read and write requests than average.
  • D. You did not provision enough read or write throughput to the tabl

Answer: B

Explanation: The primary key selection dramatically affects performance consistency when reading or writing to DynamoDB. By selecting a key that is tied to the identity of the game, you forced DynamoDB to create a hotspot in the table partitions, and over-request against the primary key partition for the popular game. When it stores data, DynamoDB dMdes a tabIe's items into multiple partitions, and distributes the data primarily based upon the partition key value. The provisioned throughput associated with a table is also dMded evenly among the partitions, with no sharing of provisioned throughput across partitions. Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GuideIinesForTabIes.htmI#GuideIi nesForTabIes.UniformWorkIoad

NEW QUESTION 8
You have been asked to de-risk deployments at your company. Specifically, the CEO is concerned about outages that occur because of accidental inconsistencies between Staging and Production, which sometimes cause unexpected behaviors in Production even when Staging tests pass.
You already use Docker to get high consistency between Staging and Production for the application environment on your EC2 instances. How do you further de-risk the rest of the execution environment, since in AWS, there are many service components you may use beyond EC2 virtual machines?

  • A. Develop models of your entire cloud system in CIoudFormatio
  • B. Use this model in Staging and Production to achieve greater parity.
  • C. Use AWS Config to force the Staging and Production stacks to have configuration parit
  • D. Any differences will be detected for you so you are aware of risks.
  • E. Use AMIs to ensure the whole machine, including the kernel of the virual machines, is consistent, since Docker uses Linux Container (LXC) technology, and we need to make sure the container environment is consistent.
  • F. Use AWS ECS and Docker clusterin
  • G. This will make sure that the AMIs and machine sizes are the same across both environments.

Answer: A

Explanation: Only CIoudFormation's JSON Templates allow declarative version control of repeatably deployable models of entire AWS clouds.
Reference: https://bIogs.aws.amazon.com/application-management/blog/category/Best+practices

NEW QUESTION 9
What is required to achieve gigabit network throughput on EC2? You already selected cluster-compute, 10GB instances with enhanced networking, and your workload is already network-bound, but you are not seeing 10 gigabit speeds.

  • A. Enable biplex networking on your servers, so packets are non-blocking in both directions and there's no switching overhead.
  • B. Ensure the instances are in different VPCs so you don't saturate the Internet Gateway on any one VPC.
  • C. Select PIOPS for your drives and mount several, so you can provision sufficient disk throughput.
  • D. Use a placement group for your instances so the instances are physically near each other in the same Availability Zone.

Answer: D

Explanation: You are not guaranteed 10gigabit performance, except within a placement group.
A placement group is a logical grouping of instances within a single Availability Zone. Using placement groups enables applications to participate in a low-latency, 10 Gbps network. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html

NEW QUESTION 10
You are building a deployment system on AWS. You will deploy new code by bootstrapping instances in a private subnet in a VPC at runtime using UserData scripts pointing to an S3 zip file object, where your code is stored. An ELB in a public subnet has network interfaces and connectMty to the instances. Requests from users of the system are routed to the ELB via a Route53 A Record Alias. You do not use any VPC endpoints. Which is a risk of using this approach?

  • A. Route53 Alias records do not always update dynamically with ELB network changes after deploys.
  • B. If the NAT routing for the private subnet fails, deployments fail.
  • C. Kernel changes to the base AMI may render the code inoperable.
  • D. The instances cannot be in a private subnet if the ELB is in a public on

Answer: B

Explanation: Since you are not using VPC endpoints, outbound requests for the code sitting in S3 are routed though the NAT for the VPC's private subnets. If this networking fails, runtime bootstrapping through code
download will fail due to network unavailability and lack of access to the Internet, and thus Amazon S3. Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html

NEW QUESTION 11
What is the maximum supported single-volume throughput on EBS?

  • A. 320IV|iB/s
  • B. 160MiB/s
  • C. 40MiB/s
  • D. 640MiB/s

Answer: A

Explanation: The ceiling throughput for PIOPS on EBS is 320MiB/s.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVo|umeTypes.htm| IIIIIEZIIII HWS-IIEIIII|]S-EII§iII|}|}I‘-PI‘0I|}SSi0IIilI EIIEIII

NEW QUESTION 12
You are designing a system which needs, at minimum, 8 m4.Iarge instances operating to service traffic. When designing a system for high availability in the us-east-1 region, which has 6 Availability Zones, you company needs to be able to handle death of a full availability zone. How should you distribute the
servers, to save as much cost as possible, assuming all of the EC2 nodes are properly linked to an ELB? Your VPC account can utilize us-east-1's AZ's a through f, inclusive.

  • A. 3 servers in each of AZ's a through d, inclusive.
  • B. 8 servers in each of AZ's a and b.
  • C. 2 servers in each of AZ's a through e, inclusive.
  • D. 4 servers in each of AZ's a through c, inclusiv

Answer: C

Explanation: You need to design for N+1 redundancy on Availability Zones. ZONE_COUNT = (REQUIRED_INSTANCES / INSTANCE_COUNT_PER_ZONE) + 1. To minimize cost, spread the instances across as many possible zones as you can. By using a though e, you are allocating 5 zones. Using 2 instances, you have 10 total instances. If a single zone fails, you have 4 zones left, with 2 instances each, for a total of 8 instances. By spreading out as much as possible, you have increased cost by only 25% and significantly de-risked an availability zone failure.
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.htmI#concepts- regions-availability-zones

NEW QUESTION 13
You need to process long-running jobs once and only once. How might you do this?

  • A. Use an SNS queue and set the visibility timeout to long enough forjobs to process.
  • B. Use an SQS queue and set the reprocessing timeout to long enough forjobs to process.
  • C. Use an SQS queue and set the visibility timeout to long enough forjobs to process.
  • D. Use an SNS queue and set the reprocessing timeout to long enough forjobs to proces

Answer: C

Explanation: The message timeout defines how long after a successful receive request SQS waits before allowing jobs to be seen by other components, and proper configuration prevents duplicate processing.
Reference: http://docs.aws.amazon.com/AWSSimpIeQueueService/latest/SQSDeveIoperGuide/MessageLifecycIe.ht ml

NEW QUESTION 14
You run operations for a company that processes digital wallet payments at a very high volume. One second of downtime, during which you drop payments or are otherwise unavailable, loses you on average USD 100. You balance the financials of the transaction system once per day. Which database setup is best suited to address this business risk?

  • A. A multi-AZ RDS deployment with synchronous replication to multiple standbys and read-replicas for fast failover and ACID properties.
  • B. A multi-region, multi-master, active-active RDS configuration using database-level ACID design principles with database trigger writes for replication.
  • C. A multi-region, multi-master, active-active DynamoDB configuration using application control-level BASE design principles with change-stream write queue buffers for replication.
  • D. A multi-AZ DynamoDB setup with changes streamed to S3 via AWS Kinesis, for highly durable storage and BASE properties.

Answer: C

Explanation: Only the multi-master, multi-region DynamoDB answer makes sense. IV|u|ti-AZ deployments do not provide sufficient availability when a business loses USD 360,000 per hour of unavailability. As RDS does not natively support multi-region, and ACID does not perform well/at all over large distances between
regions, only the DynamoDB answer works. Reference:
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Streams.CrossRegionRepI.htmI

NEW QUESTION 15
You need to scale an RDS deployment. You are operating at 10% writes and 90% reads, based on your logging. How best can you scale this in a simple way?

  • A. Create a second master RDS instance and peer the RDS groups.
  • B. Cache all the database responses on the read side with CIoudFront.
  • C. Create read replicas for RDS since the load is mostly reads.
  • D. Create a Multi-AZ RDS installs and route read traffic to standb

Answer: C

Explanation: The high-availability feature is not a scaling solution for read-only scenarios; you cannot use a standby replica to serve read traffic. To service read-only traffic, you should use a Read Replica. For more information, see Working with PostgreSQL, MySQL, and NIariaDB Read Replicas.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.NIuItiAZ.htmI

NEW QUESTION 16
Your CTO thinks your AWS account was hacked. What is the only way to know for certain if there was unauthorized access and what they did, assuming your hackers are very sophisticated AWS engineers and doing everything they can to cover their tracks?

  • A. Use CloudTrai| Log File Integrity Validation.
  • B. Use AWS Config SNS Subscriptions and process events in real time.
  • C. Use CIoudTraiI backed up to AWS S3 and Glacier.
  • D. Use AWS Config Timeline forensic

Answer: A

Explanation: You must use CloudTraiI Log File Validation (default or custom implementation), as any other tracking method is subject to forgery in the event of a full account compromise by sophisticated enough hackers. Validated log files are invaluable in security and forensic investigations. For example, a validated log file enables you to assert positively that the log file itself has not changed, or that particular user credentials performed specific API actMty. The CIoudTraiI log file integrity validation process also lets you know if a log file has been deleted or changed, or assert positively that no log files were delivered to your account during a given period of time.
Reference:
http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-fiIe-validation-intro.html

NEW QUESTION 17
Which of these is not an instrinsic function in AWS CloudFormation?

  • A. Fn::EquaIs
  • B. Fn::|f
  • C. Fn::Not
  • D. Fn::Parse

Answer: D

Explanation: This is the complete list of Intrinsic Functions...: Fn::Base64, Fn::And, Fn::EquaIs, Fn::If, Fn::Not, Fn::Or, Fn::FindInMap, Fn::GetAtt, Fn::GetAZs, Fn::Join, Fn::Se|ect, Ref
Reference:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference.html

Recommend!! Get the Full AWS-Certified-DevOps-Engineer-Professional dumps in VCE and PDF From Surepassexam, Welcome to Download: https://www.surepassexam.com/AWS-Certified-DevOps-Engineer-Professional-exam-dumps.html (New 102 Q&As Version)


Related AWS-Certified-DevOps-Engineer-Professional Articles