Amazon AWS

AWS Certified DevOps Engineer – Professional

DOP-C02
Popular

The AWS Certified DevOps Engineer – Professional (DOP-C02) exam validates your skills in automating the testing and deployment of AWS applications. It is ideal for those looking to advance their DevOps career.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 181–190 of 483

Q181

Which AWS service provides serverless event-driven functions?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon RDS
  • D AWS Fargate
Explanation AWS Lambda executes code in response to events; others are not serverless functions.
Q182

A company needs to automatically deploy changes in their application with minimal downtime. Which strategy should they implement?

  • A Blue/Green Deployment
  • B Rolling Update
  • C Canary Release
  • D Recreate Deployment
Explanation Blue/Green Deployment reduces downtime by allowing quick switches between environments; others may introduce downtime during updates.
Q183

You are configuring an IAM policy that denies access to all S3 actions. Which of the following statements is true about the policy?

  • A All actions will be denied including listing.
  • B Read actions are allowed by default.
  • C Other policies can override this.
  • D It does not affect IAM roles.
Explanation This policy explicitly denies all actions, including listing; other options misinterpret IAM's permission model.
Q184

Which AWS service is best for managing application secrets?

  • A AWS Secrets Manager
  • B AWS Config
  • C AWS IAM
  • D AWS CloudTrail
Explanation AWS Secrets Manager securely stores and manages secrets; other options handle different management tasks.
Q185

A company needs to automate deployment of applications onto EC2 instances. Which AWS service could they use?

  • A AWS CloudFormation
  • B AWS CodeDeploy
  • C AWS Elastic Beanstalk
  • D AWS OpsWorks
Explanation AWS CodeDeploy automates application deployment; the others handle infrastructure or less specific tasks.
Q186

You are configuring a multi-account AWS Organization. What should you do to centrally manage policies across all accounts?

  • A Use Service Control Policies
  • B Create IAM Roles
  • C Deploy CloudFormation StackSets
  • D Enable AWS Config Rules
Explanation Service Control Policies centrally manage permissions for all accounts; other options serve different purposes.
Q187

Which service is best for automating server provisioning in AWS?

  • A AWS CloudFormation
  • B Amazon EC2
  • C AWS Lambda
  • D Amazon RDS
Explanation AWS CloudFormation automates resource provisioning using templates, whereas the others are primarily services rather than provisioning tools.
Q188

A company needs to store sensitive user data securely. What feature should they enable for S3 buckets?

  • A Versioning
  • B Inventory
  • C Server-Side Encryption
  • D Cross-Region Replication
Explanation Server-Side Encryption directly secures sensitive data at rest, while the other options address different needs.
Q189

You are configuring IAM policies for minimal permissions. What should you NOT include in the policy?

  • A Least Privilege
  • B Full administrative access
  • C Specific resource actions
  • D User-specific permissions
Explanation Full administrative access violates the least privilege principle, which should be a priority in IAM policy design.
Q190

A company needs to implement a solution that allows multiple AWS accounts to share resources without using a centralized logging service. Which service should they use?

  • A Resource Access Manager
  • B AWS Organizations
  • C CloudFormation
  • D IAM Roles
Explanation AWS Resource Access Manager (RAM) enables sharing of resources across accounts, while the other options do not directly facilitate resource sharing.