Amazon AWS

AWS Certified DevOps Engineer – Professional

DOP-C02
Popular

The AWS Certified DevOps Engineer – Professional (DOP-C02) exam validates your skills in automating the testing and deployment of AWS applications. It is ideal for those looking to advance their DevOps career.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 161–170 of 483

Q161

A company needs to securely share access to its S3 bucket with an external partner. What should you implement?

  • A Amazon RDS
  • B IAM roles and policies
  • C VPC Peering
  • D AWS Direct Connect
Explanation IAM roles and policies allow fine-grained access control for sharing S3 bucket access securely with outsiders.
Q162

What happens when a CloudFormation stack update fails?

  • A Stack rolls back to previous state
  • B Changes are applied anyway
  • C New stack is created
  • D CloudFormation deletes the stack
Explanation CloudFormation automatically rolls back changes to prevent inconsistent states during an update failure.
Q163

Which AWS service is used for automated security assessments?

  • A AWS Inspector
  • B AWS Config
  • C AWS CloudTrail
  • D AWS Shield
Explanation AWS Inspector assesses applications for vulnerabilities, while the others serve different functions.
Q164

A company needs to ensure zero downtime during application updates. Which AWS service is best suited to manage this?

  • A AWS Elastic Beanstalk
  • B AWS CloudFormation
  • C AWS CodeDeploy
  • D AWS Lambda
Explanation AWS CodeDeploy allows for blue/green deployments ensuring zero downtime, while the others do not specialize in this.
Q165

You are configuring a VPC with public and private subnets. What happens if a public subnet is misconfigured and has no route to the Internet Gateway?

  • A No outbound traffic possible
  • B Traffic is routed to NAT Gateway
  • C Instances cannot resolve DNS
  • D Instance IPs become private automatically
Explanation Without a route to the Internet Gateway, instances in the public subnet cannot access the internet.
Q166

Which service can automate server provisioning and management?

  • A AWS CloudFormation
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon S3
Explanation AWS CloudFormation automates provisioning, while RDS manages databases, Lambda runs code, and S3 stores data.
Q167

A company needs to ensure the least privilege on IAM roles. What should they implement?

  • A AWS Config
  • B IAM Policy Simulator
  • C Service Control Policies
  • D IAM Identity Center
Explanation IAM Policy Simulator tests policies for least privilege, while others serve different purposes.
Q168

What happens when an EC2 instance is stopped?

  • A Instance costs continue accruing
  • B Data in instance store persist
  • C Elastic IP is released
  • D EBS volume remains intact
Explanation EBS volumes remain intact while instance store data disappears; other options are incorrect outcomes.
Q169

Which service automatically scales Amazon EC2 instances?

  • A Auto Scaling
  • B CloudFormation
  • C Elastic Load Balancer
  • D AWS Lambda
Explanation Auto Scaling manages the scaling of EC2 instances automatically; others are for configuration or load distribution.
Q170

A company needs to ensure that only certain users can access S3 data by using Temporary Security Credentials. Which AWS role should be used?

  • A IAM user
  • B IAM group
  • C IAM role
  • D IAM policy
Explanation IAM roles provide temporary security credentials for users; others do not provide such functionality.