DOP-C02 Exam: Absolutely Free Online Practice

Question 1
- A company runs an Amazon EKS cluster and must implement comprehensive logging for the control plane and nodes. The company must analyze API requests and monitor container performance. Which solution will meet these requirements with the LEAST operational overhead?
  A : Enable AWS CloudTrail for control plane logging and deploy Logstash on nodes.
  
  B : Enable control plane logging to CloudWatch and use CloudWatch Container Insights for node and pod metrics.
  
  C : Enable API server logging to S3 and deploy Kubernetes Event Exporter to nodes.
  
  D : Use AWS Distro for OpenTelemetry and stream logs to Amazon Redshift.
  
  Answer: B
Question 2
- A company is planning to launch its Node.js application to AWS to better serve its clients around the globe. A hybrid deployment is required to be implemented wherein the application will run on both on-premises application servers and On-Demand Amazon EC2 instances. The application instances require secure access to database credentials, which must be encrypted both at rest and in transit.
  As a DevOps Engineer, how can you automate the deployment process of the application in the MOST secure manner?
  
  A : Using AWS Systems Manager Parameter Store, upload and manage the database credentials with a Secure String data type. Create an IAM Policy that allows access and decryption of the database credentials. Attach the IAM policy to the instance profile for CodeDeploy-managed instances as well as to the on-premises instances using the register-on-premises-instance command. Deploy the application packages to the EC2 instances and on-premises servers using AWS CodeDeploy.
  
  B : Store database credentials in the appspec.yml configuration file. Create an IAM policy for allowing access to only the database credentials. Attach the IAM policy to the role associated with the instance profile for CodeDeploy-managed instances and the IAM role used for on-premises instances registration on CodeDeploy. Deploy the application packages to the EC2 instances and on-premises servers using AWS CodeDeploy.
  
  C : Using AWS Systems Manager Parameter Store, upload and manage the database credentials with a Secure String data type. Create an IAM role with an attached policy that allows access and decryption of the database credentials. Attach this role to the instance profile of the CodeDeploy-managed instances as well as to the on-premises instances using the register-on-premises-instance command. Deploy the application packages to the EC2 instances and on-premises servers using AWS CodeDeploy.
  
  D : Using AWS Systems Manager Parameter Store, upload and manage the database credentials with a Secure String data type. Create an IAM role that allows access and decryption of the database credentials. Associate this role to all the Amazon EC2 instances. Upload the application in AWS Elastic Beanstalk with a Node.js platform configuration and deploy the application revisions to both on-premises servers and EC2 instances using blue/green deployment.
  
  Answer: C
Question 3
- A company runs an Amazon EKS cluster and must implement comprehensive logging for the control plane and nodes. The company must analyze API requests and monitor container performance. Which solution will meet these requirements with the LEAST operational overhead?
  A : Enable AWS CloudTrail for control plane logging and deploy Logstash on nodes.
  
  B : Enable control plane logging to CloudWatch and use CloudWatch Container Insights for node and pod metrics.
  
  C : Enable API server logging to S3 and deploy Kubernetes Event Exporter to nodes.
  
  D : Use AWS Distro for OpenTelemetry and stream logs to Amazon Redshift.
  
  Answer: B
Question 4
- A company runs an Amazon EKS cluster and must implement comprehensive logging for the control plane and nodes. The company must analyze API requests and monitor container performance. Which solution will meet these requirements with the LEAST operational overhead?
  A : Enable AWS CloudTrail for control plane logging and deploy Logstash on nodes.
  
  B : Enable control plane logging to CloudWatch and use CloudWatch Container Insights for node and pod metrics.
  
  C : Enable API server logging to S3 and deploy Kubernetes Event Exporter to nodes.
  
  D : Use AWS Distro for OpenTelemetry and stream logs to Amazon Redshift.
  
  Answer: B
Question 5
- A DevOps engineer is building the infrastructure for an application. The application needs to run on an Amazon Elastic Kubernetes Service (Amazon EKS) cluster that includes Amazon EC2 instances. The EC2 instances need to use an Amazon Elastic File System (Amazon EFS) file system as a storage backend. The Amazon EFS Container Storage Interface (CSI) driver is installed on the EKS cluster.
  When the DevOps engineer starts the application, the EC2 instances do not mount the EFS file system.
  Which solutions will fix the problem? (Choose three.)
  A : Switch the EKS nodes from Amazon EC2 to AWS Fargate.
  
  B : Add an inbound rule to the EFS file system’s security group to allow NFS traffic from the EKS cluster.
  
  C : Create an IAM role that allows the Amazon EFS CSI driver to interact with the file system
  
  D : Set up AWS DataSync to configure file transfer between the EFS file system and the EKS nodes.
  
  E : Create a mount target for the EFS file system in the subnet of the EKS nodes.
  
  F : Disable encryption or the EFS file system.
  
  Answer: B,C,F

Free Amazon DOP-C02 Exam Questions

Absolute Free DOP-C02 Exam Practice for Comprehensive Preparation