Amazon AWS

AWS Certified DevOps Engineer – Professional

DOP-C02
Popular

The AWS Certified DevOps Engineer – Professional (DOP-C02) exam validates your skills in automating the testing and deployment of AWS applications. It is ideal for those looking to advance their DevOps career.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 401–410 of 483

Q401

A company needs to grant access to an application without sharing normal user credentials. Which approach should they take?

  • A IAM Roles for applications
  • B Static IAM User Credentials
  • C User Groups for applications
  • D S3 Bucket Policies
Explanation IAM Roles allow for temporary credentials without exposing user details; the others involve exposing credentials or handling more permissions than necessary.
Q402

What happens when an EC2 instance exceeds its allocated EBS volume size?

  • A Instance shuts down automatically
  • B Read/write operations fail
  • C Volume automatically resizes
  • D Data is deleted automatically
Explanation EBS volumes cannot automatically resize, and exceeding the size results in failed operations; other options present incorrect processes related to normal instance behavior.
Q403

Which AWS service is best for real-time log processing?

  • A Amazon CloudWatch Logs
  • B AWS Lambda
  • C Amazon Kinesis
  • D AWS Step Functions
Explanation Amazon Kinesis is designed for real-time data streams, making it ideal for log processing, unlike the others.
Q404

A company needs to ensure their S3 bucket is not publicly accessible. What should they do?

  • A Enable versioning on the bucket.
  • B Set up a bucket policy.
  • C Disable logging for the bucket.
  • D Use MFA Delete feature.
Explanation Setting a bucket policy is the method to enforce access control and deny public access, unlike other options.
Q405

What happens when an EC2 instance is terminated?

  • A All data on EBS volumes is lost.
  • B Public IP address remains assigned.
  • C Instance store volumes data is lost.
  • D Root volume is retained permanently.
Explanation Data on instance store volumes is ephemeral and lost upon termination, while EBS data can be kept.
Q406

Which AWS service automates code deployment across multiple environments?

  • A AWS CodeDeploy
  • B Amazon S3
  • C AWS CloudFormation
  • D AWS Lambda
Explanation AWS CodeDeploy automates deployments, unlike others.
Q407

A company needs to monitor AWS resources for compliance. What service should they use?

  • A AWS CloudTrail
  • B Amazon Inspector
  • C AWS Config
  • D AWS Shield
Explanation AWS Config monitors resources; CloudTrail logs API calls.
Q408

You are configuring transitioning objects between S3 storage classes. What effect does setting an expiration policy on S3 buckets have?

  • A Deletes objects permanently
  • B Reduces storage costs
  • C Increases accessibility
  • D Reverts to previous versions
Explanation Expiration policies permanently delete objects when set.
Q409

Which service is used for monitoring AWS resources?

  • A Amazon CloudWatch
  • B AWS Config
  • C AWS CloudTrail
  • D Amazon Inspector
Explanation Amazon CloudWatch provides monitoring for AWS resources, while others serve different purposes.
Q410

A company needs to manage access to AWS resources securely. Which IAM policy should they use?

  • A Service Policy
  • B Resource Policy
  • C Identity Policy
  • D IAM Role Policy
Explanation Identity Policies grant permissions to IAM users or roles, while others have different scopes or applications.