Amazon AWS

AWS Certified DevOps Engineer – Professional

DOP-C02
Popular

The AWS Certified DevOps Engineer – Professional (DOP-C02) exam validates your skills in automating the testing and deployment of AWS applications. It is ideal for those looking to advance their DevOps career.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 471–480 of 483

Q471

You are configuring an IAM policy using resources. What is the impact of not specifying ‘Resource’ in the policy?

  • A Policy is applied to all resources
  • B Policy is invalid and fails to attach
  • C Policy restricts actions globally
  • D Policy allows actions on no resources
Explanation If 'Resource' is not specified, the policy applies to all resources by default, while the other options misinterpret IAM policy behavior.
Q472

Which service allows the operation of containers on AWS?

  • A Amazon ECS
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon S3
Explanation Amazon ECS (Elastic Container Service) is designed specifically for container orchestration, while the others serve different purposes.
Q473

A company needs to automate its infrastructure deployment efficiently. What should they use?

  • A AWS CloudFormation
  • B Amazon CloudWatch
  • C AWS Backup
  • D Amazon EC2
Explanation AWS CloudFormation allows you to automate and provision infrastructure as code, unlike the other options which do not provide this capability directly.
Q474

You are configuring an IAM role for EC2 instances. What happens when you assign multiple policies to a role?

  • A Only the last policy is applied
  • B Policies act as independent permissions
  • C It leads to a permissions error
  • D No effect on the role
Explanation IAM policies assigned to a role are additive, providing cumulative permissions to the role.
Q475

Which service would you use to automate the deployment of applications across AWS resources?

  • A AWS CodeDeploy
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon S3
Explanation AWS CodeDeploy automates application deployments, while RDS is a database service and S3 is for object storage.
Q476

A company needs to provide temporary access to AWS resources without sharing credentials. Which service should they use?

  • A IAM Roles
  • B AWS Organizations
  • C AWS Secrets Manager
  • D Amazon CloudFormation
Explanation IAM Roles allow temporary access, unlike Secrets Manager or CloudFormation which serve different purposes.
Q477

You are configuring an AWS CloudFormation stack. What happens if an update fails?

  • A Stack is rolled back automatically.
  • B The update will continue until completed.
  • C CloudFormation will delete the stack.
  • D All resources become inactive.
Explanation CloudFormation performs a rollback on failure, whereas B, C, and D are incorrect behaviors.
Q478

Which AWS service can automatically scale EC2 instances based on demand?

  • A Auto Scaling
  • B CloudWatch
  • C Elastic Load Balancer
  • D EC2 Container Service
Explanation Auto Scaling dynamically adjusts the number of EC2 instances, while others monitor or balance traffic.
Q479

You are configuring a CI/CD pipeline that deploys to multiple environments. How should you manage environment-specific configuration?

  • A Use hardcoded environment variables
  • B Utilize AWS Secrets Manager
  • C Store configs in source code
  • D Ignore environment differences
Explanation AWS Secrets Manager securely stores configurations specific to each environment, whereas the others increase risk or complexity.
Q480

What happens when you set the lifecycle rule to delete objects in S3 after 30 days?

  • A Objects are permanently deleted immediately
  • B Objects are archived to Glacier
  • C Objects are marked for deletion after 30 days
  • D Objects are copied to another bucket
Explanation Objects are marked for deletion at the defined expiration, while others suggest immediate deletion or incorrect actions.