Amazon AWS

AWS Certified DevOps Engineer – Professional

DOP-C02
Popular

The AWS Certified DevOps Engineer – Professional (DOP-C02) exam validates your skills in automating the testing and deployment of AWS applications. It is ideal for those looking to advance their DevOps career.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 71–80 of 483

Q71

A company needs to securely store secrets for their application. Which service should they use?

  • A Amazon S3
  • B AWS Secrets Manager
  • C AWS Config
  • D Amazon CloudWatch
Explanation AWS Secrets Manager is designed for storing and managing secrets securely, unlike S3 which is for object storage.
Q72

What happens when an Auto Scaling group scales down the number of EC2 instances?

  • A EC2 instances are terminated randomly.
  • B Instances with highest load are kept.
  • C Oldest instances are usually terminated.
  • D All instances are paused, not terminated.
Explanation Auto Scaling typically terminates the oldest instances when scaling down to manage cost and resource efficiency.
Q73

Which service helps manage Kubernetes clusters on AWS?

  • A Amazon EKS
  • B Amazon ECS
  • C AWS Lambda
  • D AWS Fargate
Explanation Amazon EKS is specifically designed to manage Kubernetes clusters, while the others do not provide this specific functionality.
Q74

A company needs to securely store sensitive data. Which service should they primarily use?

  • A Amazon S3
  • B AWS RDS
  • C AWS Secrets Manager
  • D AWS Lambda
Explanation AWS Secrets Manager is designed to securely store sensitive information, while the others are not primarily intended for this purpose.
Q75

What happens when you remove an IAM user's permissions but their access key remains active?

  • A User can still access resources
  • B User access is immediately revoked
  • C User's access key is deleted
  • D User access key becomes inactive
Explanation The IAM user can still access resources with an active access key, despite the revocation of permissions.
Q76

Which service allows you to automate AWS resource provisioning?

  • A AWS CloudFormation
  • B AWS Lambda
  • C AWS Elastic Beanstalk
  • D AWS CodeDeploy
Explanation AWS CloudFormation provides a solution for automating resource provisioning that is Infrastructure as Code; others do not primarily focus on provisioning resources.
Q77

A company needs to perform canary deployments while minimizing downtime. Which service should they use?

  • A AWS CodePipeline
  • B AWS Elastic Load Balancing
  • C AWS CloudFront
  • D AWS CodeDeploy
Explanation AWS CodeDeploy specifically supports canary deployments, while others focus on different functionalities.
Q78

You are configuring your IAM policies for an organization. What happens if a user has conflicting permissions?

  • A Allow permission will always take precedence
  • B Deny permission will always take precedence
  • C Conflicting permissions cause an error
  • D The user will be explicitly denied
Explanation In IAM, explicit deny permissions override allow permissions, ensuring security; the wrong options misinterpret IAM policies' behavior.
Q79

Which AWS service is best for orchestrating microservices?

  • A AWS Elastic Beanstalk
  • B AWS Lambda
  • C Amazon ECS
  • D AWS CloudFormation
Explanation Amazon ECS is specifically designed for microservices orchestration, while the others serve different purposes.
Q80

A company needs to automate deployments using CloudFormation. What must they use in their templates?

  • A SPOT Instances
  • B Resource policies
  • C Changing styles
  • D AWS resources
Explanation AWS resources must be defined in CloudFormation templates for automation.