Amazon AWS

AWS Certified DevOps Engineer – Professional

DOP-C02
Popular

The AWS Certified DevOps Engineer – Professional (DOP-C02) exam validates your skills in automating the testing and deployment of AWS applications. It is ideal for those looking to advance their DevOps career.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 391–400 of 483

Q391

Which AWS service provides fully managed container orchestration?

  • A EKS
  • B Lambda
  • C S3
  • D CloudFormation
Explanation EKS specifically manages Kubernetes clusters, while others serve different purposes.
Q392

A company needs to automate their infrastructure provisioning and management. Which AWS service should they use?

  • A Auto Scaling
  • B CloudFormation
  • C EC2
  • D CloudTrail
Explanation CloudFormation automates resource provisioning, unlike the other options which do not provide full automation.
Q393

You are configuring an S3 bucket policy to allow public access. What happens when you apply this policy?

  • A Bucket is secured from public access
  • B Objects are not publicly accessible
  • C All objects are publicly accessible
  • D Policy application fails
Explanation Applying a public access policy permits everyone to access objects, while the other options are not correct behaviors of S3 with such a policy.
Q394

A company needs to automate testing for their serverless application deployed on AWS. Which AWS service can be used to implement CI/CD workflows?

  • A AWS CodePipeline
  • B AWS Lambda
  • C AWS CloudFormation
  • D Amazon S3
Explanation AWS CodePipeline is a CI/CD service, whereas Lambda is for running code and S3 is for storage.
Q395

What happens when an EC2 instance uses an IAM role without necessary permissions for accessing an S3 bucket?

  • A Access is denied
  • B Access is granted
  • C Instance does not launch
  • D S3 objects are deleted
Explanation If the IAM role lacks permissions, access is denied.
Q396

You are configuring a VPC with public and private subnets. Which combination of components is essential for the private subnet to communicate with the internet?

  • A NAT Gateway and Internet Gateway
  • B NAT Instance only
  • C VPC Peering only
  • D Public IP address
Explanation A NAT Gateway with an Internet Gateway enables private subnet internet access while protecting the resources.
Q397

Which AWS service is best for automating server provisioning?

  • A AWS CloudFormation
  • B Amazon EC2
  • C AWS Lambda
  • D Amazon RDS
Explanation AWS CloudFormation provides deep automation for provisioning resources; EC2 is a compute service, Lambda is for serverless functions, and RDS is a managed database service.
Q398

A company needs to ensure that their EC2 instances are resilient to hardware failures. What should they do?

  • A Use a single Availability Zone
  • B Implement Auto Scaling
  • C Choose Spot Instances
  • D Deploy in multiple Availability Zones
Explanation Deploying in multiple Availability Zones ensures resilience to hardware failures; using a single AZ does not provide redundancy, Auto Scaling addresses load, and Spot Instances can be terminated.
Q399

You are configuring an AWS IAM policy. What does the 'Deny' effect result in when combined with other permissions?

  • A Overrides Allow permissions
  • B Is ignored when Allow exists
  • C Applies only to specific actions
  • D Grants permissions automatically
Explanation The 'Deny' effect takes precedence and overrides any 'Allow' permissions; it is never ignored, does not apply only to actions, and does not grant permissions.
Q400

Which service provides a managed Kubernetes platform?

  • A Amazon EKS
  • B AWS Lambda
  • C Amazon EC2
  • D Amazon RDS
Explanation Amazon EKS stands for Elastic Kubernetes Service, while the others are unrelated services.