AWS DevOps工程师专业认证：离线安装策略

Exam

PDF

需积分: 10 193 浏览量更新于2024-07-16 收藏 218KB PDF 举报

身份认证购VIP最低享 7 折!

30元优惠券

资源详情

资源推荐

QUESTION NO: 13

A Development team uses AWS CodeCommit for source code control. Developers apply their

changes to various feature branches and create pull requests to move those changes to the

master branch when they are ready for production. A direct push to the master branch should not

be allowed. The team applied the AWS managed policy AWSCodeCommitPowerUser to the

Developers’ IAM rote, but now members are able to push to the master branch directly on every

repository in the AWS account.

What actions should be taken to restrict this?

Create an additional policy to include a deny rule for the codecommit: GitPush action, and include

a restriction for the specific repositories in the resource statement with a condition for the master

reference.

Remove the IAM policy and add an AWSCodeCommitReadOnlypolicy. Add an allow rule for the

codecommit: GitPush action for the specific repositories in the resource statement with a condition

for the master reference.

Modify the IAM policy and include a deny rule for the codecommit: GitPush action for the specific

repositories in the resource statement with a condition for the master reference.

Create an additional policy to include an allow rule for the codecommit: GitPush action and include

a restriction for the specific repositories in the resource statement with a condition for the feature

branches reference.

Answer: C

Explanation:

QUESTION NO: 14

A Developer is designing a continuous deployment workflow for a new Development team to

facilitate the process for source code promotion in AWS. Developers would like to store and

promote code for deployment from development to production while maintaining the ability to roll

back that deployment if it fails.

Which design will incur the LEAST amount of downtime?

Create one repository in AWS CodeCommit. Create a development branch to hold merged

changes. Use AWS CodeBuild to build and test the code stored in the development branch

triggered on a new commit. Merge to the master and deploy to production by using AWS

Amazon AWS DevOps Engineer Professional Exam

"Leading the way in IT Testing & Certification Tools" - www.testking.com 11

CodeDeploy for a blue/green deployment.

Create one repository for each Developer in AWS CodeCommit and another repository to hold the

production code. Use AWS CodeBuild to merge development and production repositories, and

deploy to production by using AWS CodeDeploy for a blue/green deployment.

Create one repository for development code in AWS CodeCommit and another repository to hold

the production code. Use AWS CodeBuild to merge development and production repositories, and

deploy to production by using AWS CodeDeploy for a blue/green deployment.

Create a shared Amazon S3 bucket for the Development team to store their code. Set up an

Amazon CloudWatch Events rule to trigger an AWS Lambda function that deploys the code to

production by using AWS CodeDeploy for a blue/green deployment.

Answer: D

Explanation:

QUESTION NO: 15

A DevOps Engineer discovered a sudden spike in a website's page load times and found that a

recent deployment occurred. A brief diff of the related commit shows that the URL for an external

API call was altered and the connecting port changed from 80 to 443. The external API has been

verified and works outside the application. The application logs show that the connection is now

timing out, resulting in multiple retries and eventual failure of the call.

Which debug steps should the Engineer take to determine the root cause of the issue'?

Check the VPC Flow Logs looking for denies originating from Amazon EC2 instances that are part

of the web Auto Scaling group. Check the ingress security group rules and routing rules for the

VPC.

Check the existing egress security group rules and network ACLs for the VPC. Also check the

application logs being written to Amazon CloudWatch Logs for debug information.

Check the egress security group rules and network ACLs for the VPC. Also check the VPC flow

logs looking for accepts originating from the web Auto Scaling group.

Check the application logs being written to Amazon CloudWatch Logs for debug information.

Check the ingress security group rules and routing rules for the VPC.

Amazon AWS DevOps Engineer Professional Exam

"Leading the way in IT Testing & Certification Tools" - www.testking.com 12

Answer: C

Explanation:

QUESTION NO: 16

An Engineering team manages a Node.js e-commerce application. The current environment

consists of the following components:

• Amazon S3 buckets for storing content

• Amazon EC2 for the front-end web servers

• AWS Lambda for executing image processing

• Amazon DynamoDB for storing session-related data

The team expects a significant increase in traffic to the site. The application should handle the

additional load without interruption. The team ran initial tests by adding new servers to the EC2

front-end to handle the larger load, but the instances took up to 20 minutes to become fully

configured. The team wants to reduce this configuration time.

What changes will the Engineering team need to implement to make the solution the MOST

resilient and highly available while meeting the expected increase in demand?

Use AWS OpsWorks to automatically configure each new EC2 instance as it is launched.

Configure the EC2 instances by using an Auto Scaling group behind an Application Load Balancer

across multiple Availability Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon

Route 53 to point the application DNS record to the Application Load Balancer.

Deploy a fleet of EC2 instances, doubling the current capacity, and place them behind an

Application Load Balancer. Increase the Amazon DynamoDB read and write capacity units. Add

an alias record that contains the Application Load Balancer endpoint to the existing Amazon Route

53 DNS record that points to the application.

Configure Amazon CloudFront and have its origin point to Amazon S3 to host the web application.

Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the application DNS

record to the CloudFront DNS name.

Use AWS Elastic Beanstalk with a custom AMI including all web components. Deploy the platform

by using an Auto Scaling group behind an Application Load Balancer across multiple Availability

Zones. Implement Amazon DynamoDB Auto Scaling. Use Amazon Route 53 to point the

application DNS record to the Elastic Beanstalk load balancer.

Amazon AWS DevOps Engineer Professional Exam

"Leading the way in IT Testing & Certification Tools" - www.testking.com 13

剩余61页未读，继续阅读

isfufula

粉丝: 1
资源: 2

AWS DevOps工程师专业认证：离线安装策略

AWS DevOps Engineer Professional (DOP-C02)认证考试资料整理中文-系列一

fisher-0.1.10-cp38-cp38-win_amd64.whl

numpy_quaternion-2022.4.2-cp311-cp311-win_amd64.whl

pystackreg-0.2.5-pp38-pypy38_pp73-win_amd64.whl

multidict-5.1.0-cp36-cp36m-win_amd64.whl

基于Scrapy和Selenium的携程去哪儿机票爬虫设计源码

mkl_service-2.4.0-cp311-cp311-win_amd64.whl

PyVRML97_accelerate-2.3.1-cp36-cp36m-win_amd64.whl

libsvm-3.25-cp310-cp310-win_amd64.whl

GNU 8.1.0直接解压缩可用版

【雷达信号处理】基于matlab多普勒雷达信号处理【含Matlab源码 3807期】.zip

mkl_service-2.3.0-cp36-cp36m-win_amd64.whl

通过整合YOLOv11和PyQt5，为肺炎检测提供一个高效的系统（包含详细的完整的程序和数据）

2024年中国人工智能人才发展报告

pycares-2.4.0-cp35-cp35m-win_amd64.whl

基于YOLOv11的水稻叶病害检测系统（包含详细的完整的程序和数据）

bintrees-2.2.0-cp36-cp36m-win_amd64.whl

基于YOLOv11的交通标志检测系统设计文档（包含详细的完整的程序和数据）

texture2ddecoder-1.0.4-cp37-cp37m-win_amd64.whl

最新资源