[Q17-Q39] AWS-DevOps-Engineer-Professional Actual Questions 100% Same Braindumps with Actual Exam!

AWS-DevOps-Engineer-Professional Actual Questions 100% Same Braindumps with Actual Exam!

AWS-DevOps-Engineer-Professional Study Material, Preparation Guide and PDF Download

Exam Topics

Before you start your preparation phase, you need to know which details to learn and what to expect from the exam. That is why it is recommended to observe all the topics that are included in the Amazon DOP-C01 content. All in all, these subject areas are highlighted as follows:

SDLC Automation (22%)

• Determining the deployment strategies;
• Applying the concepts required for automating a CD/CI pipeline.
• Defining the strategies for source control;
• Applying the concepts for managing and building artifacts securely;
• Applying the concepts for integrating and automating testing;

 

NEW QUESTION 17
During metric analysis, your team has determined that the company's website during peak hours is experiencing response times higher than anticipated. You currently rely on Auto Scaling to make sure that you are scaling your environment during peak windows. How can you improve your Auto Scaling policy to reduce this high response time? Choose 2 answers.

• A. IncreaseyourAutoScalinggroup'snumberofmaxservers.
• B. Create a script that runs and monitors your servers; when it detects an anomaly in load, it posts to an Amazon SNS topic that triggers Elastic Load Balancing to add more servers to the load balancer.
• C. Push custom metrics to CloudWatch for your application that include more detailed information about your web application, such as how many requests it is handling and how many are waiting to be processed.
• D. Push custom metrics to CloudWatch to monitor your CPU and network bandwidth from your servers, which will allow your Auto Scaling policy to have betterfine-grain insight.

Answer: A,C

Explanation:
Explanation
Option B makes sense because maybe the max servers is low hence the application cannot handle the peak load.
Option D helps in ensuring Autoscaling can scale the group on the right metrics.
For more information on Autoscaling health checks, please refer to the below document link: from AWS
* http://docs.aws.amazon.com/autoscaling/latest/userguide/healthcheck.html

 

NEW QUESTION 18
A DevOps Engineer manages an application that has a cross-region failover requirement. The application stores its data in an Amazon Aurora on Amazon RDS database in the primary region with a read replica in the secondary region. The application uses Amazon Route 53 to direct customer traffic to the active region.
Which steps should be taken to MINIMIZE downtime if a primary database fails?

• A. Set up Route 53 to balance traffic between both regions equally. Enable the Aurora multi-master option, then set up a Route 53 health check to analyze the health of the databases. Configure Route 53 to automatically direct all traffic to the secondary region when a primary database fails.
• B. Use Amazon CloudWatch to monitor the status of the RDS instance. In the event of a failure, use a CloudWatch Events rule to send a short message service (SMS) to the Systems Operator using Amazon SNS. Have the Systems Operator redirect traffic to an Amazon S3 static website that displays a downtime message. Promote the RDS read replica to the master. Confirm that the application is working normally, then redirect traffic from the Amazon S3 website to the secondary region.
• C. Set up an Amazon CloudWatch Events rule to periodically invoke an AWS Lambda function that checks the health of the primary database. If a failure is detected, the Lambda function promotes the read replica. Then, update Route 53 to redirect traffic from the primary to the secondary region.
• D. Use RDS Event Notification to publish status updates to an Amazon SNS topic. Use an AWS Lambda function subscribed to the topic to monitor database health. In the event of a failure, the Lambda function promotes the read replica, then updates Route 53 to redirect traffic from the primary region to the secondary region.

Answer: D

 

NEW QUESTION 19
Which answer is the proper syntax for specifying two target hosts on the command line when running an Ansible Playbook?

• A. ansible-playbook -i host1.example.com playbook.yml
• B. ansible-playbook -h host1.example.com,host2.example.com playbook.yml
• C. ansible-playbook -h host1.example.com -i all playbook.yml
• D. ansible-playbook -i host1.example.com,host2.example.com playbook.yml

Answer: D

Explanation:
Ansible uses the `-i' flag for accepting an inventory file or host. To allow Ansible to determine if you are passing a host list versus an inventory file the list must be comma separated. If a single host is specified, a trailing comma must be present.
Reference: http://docs.ansible.com/ansible/intro_inventory.html#inventory

 

NEW QUESTION 20
You need to deploy a new application version to production. Because the deployment is high-risk, you need to roll the new version out to users over a number of hours, to make sure everything is working correctly. You need to be able to control the proportion of users seeing the new version of the application down to the percentage point. You use ELB and EC2 with Auto Scaling Groups and custom AMIs with your code pre-installed assigned to Launch Configurations. There are no data base-level changes during your deployment. You have been told you cannot spend too much money, so you must not increase the number of EC2 instances much at all during the deployment, but you also need to be able to switch back to the original version of code quickly if something goes wrong. What is the best way to meet these requirements?

• A. Migrate to use AWS Elastic Beanstalk. Use the established and well-tested Rolling Deployment setting AWS provides on the new Application Environment, publishing a zip bundle of the new code and adjusting the wait period to spread the deployment over time. Re-deploy the old code bundle to rollback if needed.
• B. Create a second ELB, Auto Scaling Launch Configuration, and Auto Scaling Group using the Launch Configuration. Create AMIs with all code pre-installed. Assign the new AMI to the second Auto Scaling Launch Configuration. Use Route53 Weighted Round Robin Records to adjust the proportion of traffic hitting the two ELBs. S
• C. Create AMIs with all code pre-installed. Assign the new AMI to the Auto Scaling Launch Configuration, to replace the old one. Gradually terminate instances running the old code (launched with the old Launch Configuration) and allow the new AMIs to boot to adjust the traffic balance to the new code. On rollback, reverse the process by doing the same thing, but changing the AMI on the Launch Config back to the original code.
• D. Use the Blue-Green deployment method to enable the fastest possible rollback if needed. Create a full second stack of instances and cut the DNS over to the new stack of instances, and change the DNS back if a rollback is needed.

Answer: B

Explanation:
Explanation
This is an example of a Blue Green Deployment
You can shift traffic all at once or you can do a weighted distribution. With Amazon Route 53, you can define a percentage of traffic to go to the green environment and gradually update the weights until the green environment carries the full production traffic. A weighted distribution provides the ability to perform canary analysis where a small percentage of production traffic is introduced to a new environment. You can test the new code and monitor for errors, limiting the blast radius if any issues are encountered. It also allows the green environment to scale out to support the full production load if you're using Elastic Load Balancing.

For more information on Blue Green Deployments, please visit the below URL:
* https://dOawsstatic.com/whitepapers/AWS_Blue_Green_Deployments.pdf

 

NEW QUESTION 21
A company plans to use AWS for all new batch processing workloads. The company's developers use Docker
containers for the new batch processing. The system design must accommodate critical and non-critical batch
processing workloads 24/7.
How should a Solutions Architect design this architecture in a cost-efficient manner?

• A. Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs.
• B. Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot
  Instances.
• C. Host a container management service on Spot Instances. Use Reserved Instances to run Docker
  containers.
• D. Use Amazon ECS to manage container orchestration. Purchase Reserved Instances to run all batch
  workloads at the same time.

Answer: B

 

NEW QUESTION 22
Which of the following is the default deployment mechanism used by Elastic Beanstalk when the application is created via Console or EBCLI?

• A. Rolling with additional batch
• B. All at Once
• C. Rolling Deployments
• D. Immutable

Answer: C

Explanation:
Explanation
The AWS documentation mentions
AWS Elastic Beanstalk provides several options for how deployments are processed, including deployment policies (All at once. Rolling, Rolling with additional batch, and Immutable) and options that let you configure batch size and health check behavior during deployments.
By default, your environment uses rolling deployments
if you created it with the console or EB CLI, or all at once deployments if you created it with a different client (API, SDK or AWS CLI).
For more information on Elastic Beanstalk deployments, please refer to the below link:
* http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.rolling-version-deploy.html

 

NEW QUESTION 23
A company wants to adopt a methodology for handling security threats from leaked and compromised IAM access keys. The DevOps Engineer has been asked to automate the process of acting upon compromised access keys, which includes identifying users, revoking their permissions, and sending a notification to the Security team.
Which of the following would achieve this goal?

• A. Use the AWS Trusted Advisor generated security report for access keys. Use Amazon EMR to run analytics on the report. Identify compromised IAM access keys and delete them. Use Amazon CloudWatch with an EMR Cluster State Change event to notify the Security team.
• B. Use AWS Lambda with a third-party library to scan for compromised access keys. Use scan result inside AWS Lambda and delete compromised IAM access keys. Create Amazon CloudWatch custom metrics for compromised keys. Create a CloudWatch alarm on the metrics to notify the Security team.
• C. Use AWS Trusted Advisor to identify compromised access keys. Create an Amazon CloudWatch Events rule with Trusted Advisor as the event source, and AWS Lambda and Amazon SNS as targets.
  Use AWS Lambda to delete compromised IAM access keys and Amazon SNS to notify the Security team.
• D. Use the AWS Trusted Advisor generated security report for access keys. Use AWS Lambda to scan through the report. Use scan result inside AWS Lambda and delete compromised IAM access keys. Use Amazon SNS to notify the Security team.

Answer: C

 

NEW QUESTION 24
You have decided that you need to change the instance type of your production instances which are running as part of an AutoScaling group. The entire architecture is deployed using CloudFormation Template. You currently have 4 instances in Production.
You cannot have any interruption in service and need to ensure 2 instances are always runningduring the update. Which of the options below listed can be used for this?

• A. AutoScalingRollingUpdate
• B. AutoScalingReplacingUpdate
• C. AutoScalinglntegrationUpdate
• D. AutoScalingScheduledAction

Answer: A

Explanation:
The AWS::AutoScaling::AutoScalingGroup resource supports an UpdatePoIicy attribute. This is used to define how an Auto Scalinggroup resource is updated when an update to the Cloud Formation stack occurs. A common approach to updating an Auto Scaling group is to perform a rolling update, which is done by specifying the AutoScalingRollingUpdate policy. This retains the same Auto Scaling group and replaces old instances with new ones, according to the parameters specified.
For more information on Autoscaling updates, please refer to the below link:
https://aws.amazon.com/premiumsupport/knowledge-center/auto-scaling-group-rolling-updates/

 

NEW QUESTION 25
A company wants to migrate a legacy application to AWS and develop a deployment pipeline that uses AWS services only. A DevOps engineer is migrating all of the application code from a Git repository to AWS CodeCommit while preserving the history of the repository. The DevOps engineer has set all the permissions within CodeCommit, installed the Git client and the AWS CLI on a local computer, and is ready to migrate the repository.
Which actions will follow?

• A. Create the CodeCommit repository using the AWS CLI. Clone the Git repository directly to CodeCommit using the AWS CLI. Validate that the files were migrated, and publish the CodeCommit repository.
• B. Create the CodeCommit repository using the AWS Management Console. Clone both the Git and CodeCommit repositories to the local computer. Copy the files from the Git repository to the CodeCommit repository on the local computer. Commit the CodeCommit repertory. Validate that the files were migrated, and share the CodeCommit repository.
• C. Create the CodeCommit repository using the AWS Management Console. Use the console to clone the Git repository into the CodeCommit repository. Validate that the files were migrated, and publish the CodeCommit repository.
• D. Create the CodeCommit repository using the AWS Management Console or the AWS CLI. Clone the Git repository with a mirror argument to the local computer and push the repository to CodeCommit.
  Validate that the files were migrated, and share the CodeCommit repository.

Answer: B

 

NEW QUESTION 26
A company using AWS CodeCommit for source control wants to automate its continuous integration and continuous deployment pipeline on AWS in its development environment. The company has three requirements: 1. There must be a legal and a security review of any code change to make sure sensitive information is not leaked through the source code. 2. Every change must go through unit testing. 3. Every change must go through a suite of functional testing to ensure functionality. In addition, the company has the following requirements for automation: 1. Code changes should automatically trigger the CI/CD pipellline. 2. Any failure in the pipeline should notify [email protected]. 3. There must be an approval to stage the assets to Amazon S3 after tests have been performed. What should a DevOps Engineer do to meet all of these requirements while following CI/CD best practices?

• A. Commit to the development branch and trigger AWS CodePipeline from the development branch. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval. Use Amazon CloudWatch metrics to detect changes in pipeline stages and Amazon SES for emailing devops- [email protected].
• B. Commit to mainline and trigger AWS CodePipeline from mainline. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval. Use AWS CloudTrail logs to detect changes in pipeline stages and Amazon SNS for emailing [email protected].
• C. Commit to the development branch and trigger AWS CodePipeline from the development branch. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval. Use Amazon CloudWatch Events to detect changes in pipeline stages and Amazon SNS for emailing devops- [email protected].
• D. Commit to mainline and trigger AWS CodePipeline from mainline. Make an individual stage in CodePipeline for security review, unit tests, functional tests, and manual approval. Use Amazon CloudWatch Events to detect changes in pipeline stages and Amazon SES for emailing [email protected].

Answer: C

 

NEW QUESTION 27
You have an ASP.NET web application running in Amazon Elastic Beanstalk.
Your next version of the application requires a third-party Windows Installer package to be installed on the instance on first boot and before the application launches.
Which options are possible? Choose 2 answers

• A. Launch a new Amazon EC2 instance from the AMI used by the environment.
  Log into the instance, install the package and run sysprep. Create a new AMI.
  Configure the environment to use the new AMI.
• B. In the source bundle's .ebextensions folder, create a "Packages" folder.
  Place the package in the folder.
• C. In the application's Global.asax file, run msiexec.exe to install the package using Process.Start() in the Application Start event handler.
• D. In the environment's configuration, edit the instances configuration and add the package's URL to the "Packages" section.
• E. In the source bundle's .ebextensions folder, create a file with a .config extension.
  In the file, under the "packages" section and "msi" package manager, include the package's URL.

Answer: D,E

 

NEW QUESTION 28
You meet once per month with your operations team to review the past month's data. During the meeting, you realize that 3 weeks ago, your monitoring system which pings over HTTP from outside AWS recorded a large spike in latency on your 3-tier web service API. You use DynamoDB for the database layer, ELB, EBS, and EC2 for the business logic tier, and SQS, ELB, and EC2 for the presentation layer. Which of the following techniques will NOT help you figure out what happened?

• A. Review your ELB access logs in S3 to see if any ELBs in your system saw the latency.
• B. Check your CloudTrail log history around the spike's time for any API calls that caused slowness.
• C. Review CloudWatch Metrics for one minute interval graphs to determine which components) slowed the system down.
• D. Analyze your logs to detect bursts in traffic at that time.

Answer: C

Explanation:
Explanation
The Cloudwatch metric retention is as follows. If the data points are of a one minute interval, then the graphs will not be available in Cloudwatch
* Data points with a period of less than 60 seconds are available for 3 hours. These data points are high-resolution custom metrics.
* Data points with a period of 60 seconds (1 minute) are available for 15 days
* Data points with a period of 300 seconds (5 minute) are available for 63 days
* Data points with a period of 3600 seconds (1 hour) are available for 455 days (15 months) For more information on Cloudwatch metrics, please visit the below U RL:
* http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html

 

NEW QUESTION 29
Your current log analysis application takes more than four hours to generate a report of the top 10 users of your web application. You have been asked to implement a system that can report this information in real time, ensure that the report is always up to date, and handle increases in the number of requests to your web application. Choose the option that is cost-effective and can fulfill the requirements.

• A. Publish your log data to an Amazon S3 bucket. Use AWS CloudFormation to create an Auto Scaling group to scale your post-processing application which is configured to pull down your log files stored an Amazon S3.
• B. Post your log data to an Amazon Kinesis data stream, and subscribe your log-processing application so that is configured to process your logging data.
• C. Publish your data to CloudWatch Logs, and configure your application to autoscale to handle the load on demand.
• D. Configure an Auto Scaling group to increase the size of your Amazon EMR duster.
• E. Create a multi-AZ Amazon RDS MySQL cluster, post the logging data to MySQL, and run a map reduce job to retrieve the required information on user counts.

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 30
You have enabled Elastic Load Balancing HTTP health checking. After looking at the AWS Management Console, you see that all instances are passing health checks, but your customers are reporting that your site is not responding. What is the cause?

• A. The HTTP health checking system is misreportingdue to latency in inter-instance metadata synchronization.
• B. The application is returning a positive health check too quickly for the AWS Management Console to respond.
  D- Latency in DNS resolution is interfering with Amazon EC2 metadata retrieval.
• C. The health check in place is not sufficiently evaluating the application function.

Answer: C

Explanation:
Explanation
You need to have a custom health check which will evaluate the application functionality. Its not enough using the normal health checks. If the application functionality does not work and if you don't have custom health checks, the instances will still be deemed as healthy.
If you have custom health checks, you can send the information from your health checks to Auto Scaling so that Auto Scaling can use this information. For example, if you determine that an instance is not functioning as expected, you can set the health status of the instance to Unhealthy. The next time that Auto Scaling performs a health check on the instance, it will determine that the instance is unhealthy and then launch a replacement instance For more information on Autoscaling health checks, please refer to the below document link: from AWS
* http://docs.aws.mazon.com/autoscaling/latest/userguide/healthcheck.html

 

NEW QUESTION 31
A company is reviewing its IAM policies. One policy written by the DevOps Engineer has been flagged as too permissive. The policy is used by an AWS Lambda function that issues a stop command to Amazon EC2 instances tagged with Environment: NonProduction over the weekend.
The current policy is:

What changes should the Engineer make to achieve a policy of least permission? (Select THREE.)

• A.
• B.
• C.
• D.
• E.
• F.

Answer: D,E,F

Explanation:
https://docs.aws.amazon.com/ja_jp/IAM/latest/UserGuide/reference_policies_variables.html
https://aws.amazon.com/jp/premiumsupport/knowledge-center/restrict-ec2-iam/

 

NEW QUESTION 32
You are designing a cloudformation stack which involves the creation of a web server and a database server.
You need to ensure that the web server in the stack gets created after the database server is created. How can you achieve this?

• A. Ensurethat the web server is defined as a child of the database server in thecloudformation template.
• B. Usethe DependsOn attribute to ensure that the database server is created before the web server.
• C. Ensurethat the database server is defined first and before the web server in thecloudformation template.
  The stack creation normally goes in order to create the resources.
• D. Ensurethat the database server is defined as a child of the web server in thecloudformation template.

Answer: B

Explanation:
Explanation
The AWS Documentation mentions
With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute.
For more information on the DependsOn attribute, please visit the below url
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/aws-attribute-dependson.html

 

NEW QUESTION 33
What would you set in your CloudFormation template to fire up different instance sizes based off of environment type? i.e. (If this is for prod, use m1.large instead of t1.micro)

• A. Outputs
• B. Resources
• C. conditions
• D. Mappings

Answer: C

Explanation:
Explanation
The optional Conditions section includes statements that define when a resource is created or when a property is defined. For example, you can compare whether a value is equal to another value. Based on the result of that condition, you can conditionally create resources. If you have multiple conditions, separate them with commas.
For more information on Cloudformation conditions please visit the below link
http://docs^ws.mazon.com/AWSCIoudFormation/latest/UserGuide/conditions-section-structure.htmI

 

NEW QUESTION 34
Company policies require that information about IP traffic going between instances in the production Amazon VPC is captured. The capturing mechanism must always be enabled and the Security team must be notified when any changes in configuration occur.
What should be done to ensure that these requirements are met?

• A. Configure a new trail using AWS CloudTrail service. Using the UserData section of an AWS CloudFormation template, install tcpdump on every provisioned Amazon EC2 instance. Connect Amazon Athena to the CloudTrail and write an AWS Lambda function that monitors for a flow log disable event. Once the CloudTrail entry has been spotted, alert the security organization.
• B. Create a flow log for the production VPC and assign an Amazon S3 bucket as a destination for delivery.
  Using Amazon S3 Event Notification, set up an AWS Lambda function that is triggered when a new log file gets delivered. This Lambda function updates an entry in Amazon DynamoDB, which is periodically checked by scheduling an Amazon CloudWatch Events rule to notify security when logs have not arrived.
• C. Create a flow log for the production VPC. Create a new rule using AWS Config that is triggered by configuration changes of resources of type 'EC2:VPC'. As part of configuring the rule, create an AWS Lambda function that looks up flow logs for a given VPC. If the VPC flow logs are not configured, return a 'NON_COMPLIANT' status and notify the security organization.
• D. Using the UserData section of an AWS CloudFormation template, install tcpdump on every provisioned Amazon EC2 instance. The output of the tool is sent to Amazon EFS for aggregation and querying. In addition, scheduling an Amazon CloudWatch Events rule calls an AWS Lambda function to check whether tcpdump is up and running and sends an email to the security organization when there is an exception.

Answer: C

 

NEW QUESTION 35
You have an application running a specific process that is critical to the application's functionality, and have added the health check process to your Auto Scaling Group. The instances are showing healthy but the application itself is not working as it should. What could be the issue with the health check, since it is still showing the instances as healthy.

• A. It is not possible for a health check to monitor a process that involves the application
• B. The health check is not configured properly
• C. The health check is not checking the application process
• D. You do not have the time range in the health check properly configured

Answer: C

Explanation:
Explanation
If you have custom health checks, you can send the information from your health checks to Auto Scaling so that Auto Scaling can use this information. For example, if you determine that an instance is not functioning as expected, you can set the health status of the instance to Unhealthy. The next time that Auto Scaling performs a health check on the instance, it will determine that the instance is unhealthy and then launch a replacement instance For more information on Autoscaling health checks, please refer to the below document link: from AWS
* http://docs.aws.amazon.com/autoscaling/latest/userguide/healthcheck.html

 

NEW QUESTION 36
You have an asynchronous processing application using an Auto Scaling Group and an SQS Queue. The Auto Scaling Group scales according to the depth of the job queue. The completion velocity of the jobs has gone down, the Auto Scaling Group size has maxed out, but the inbound job velocity did not increase.
What is a possible issue?

• A. The routing tables changed and none of the workers can process events anymore.
• B. The scaling metric is not functioning correctly.
• C. Someone changed the IAM Role Policy on the instances in the worker group and broke permissions to access the queue.
• D. Some of the new jobs coming in are malformed and unprocessable.

Answer: D

Explanation:
The IAM Role must be fine, as if it were broken, NO jobs would be processed since the system would never be able to get any queue messages. The same reasoning applies to the routing table change. The scaling metric is fine, as instance count increased when the queue depth increased due to more messages entering than exiting. Thus, the only reasonable option is that some of the recent messages must be malformed and unprocessable.
https://github.com/andrew-
templeton/cloudacademy/blob/fca920b45234bbe99cc0e8efb9c65134884dd48 9/questions/null

 

NEW QUESTION 37
A company is using AWS CodeDeploy to manage its application deployments. Recently, the Development team decided to use GitHub for version control, and the team is looking for ways to integrate the GitHub repository with CodeDeploy. The team also needs to develop a way to automate deployment whenever there is a new commit on that repository. The team is currently deploying new application revisions by manually indicating the Amazon S3 location.
How can the integration be achieved in the MOST efficient way?

• A. Create an AWS Lambda function to check periodically if there has been a new commit within the GitHub repository. If a new commit is found, trigger a CreateDeployment API call to AWS CodeDeploy to start a new deployment based on the last commit ID within the deployment group.
• B. Create an AWS CodePipeline pipeline that uses GitHub as a source provider and AWS CodeDeploy as a deployment provider. Connect this new pipeline with the GitHub account and instruct CodePipeline to use webhooks in GitHub to automatically start the pipeline when a change occurs.
• C. Create an AWS CodeDeploy custom deployment configuration to associate the GitHub repository with the deployment group. During the association process, authenticate the deployment group with GitHub to obtain the GitHub security authentication token. Configure the deployment group options to automatically deploy if a new commit is found. Perform a new commit to the GitHub repository to trigger the first deployment.
• D. Create a GitHub webhook to replicate the repository to AWS CodeCommit. Create an AWS CodePipeline pipeline that uses CodeCommit as a source provider and AWS CodeDeploy as a deployment provider. Once configured, commit a change to the GitHub repository to start the first deployment.

Answer: C

 

NEW QUESTION 38
You are creating a cloudformation templates which takes in a database password as a parameter. How can you ensure that the password is not visible when anybody tries to describes the stack

• A. Setthe hidden attribute for the Cloudformation resource.
• B. Usethe NoEcho property for the parameter value
• C. Usethe password attribute for the resource
• D. Usethe hidden property for the parameter value

Answer: B

Explanation:
Explanation
The AWS Documentation mentions
For sensitive parameter values (such as passwords), set the NoEcho property to true. That way, whenever anyone describes your stack, the parameter value is shown as asterisks (***").
For more information on Cloudformation parameters, please visit the below URL:
* http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/parameters-section-structure.html

 

NEW QUESTION 39
......

Amazon AWS Certified DevOps Engineer – Professional: Career Benefits

After you get this professional-level certification, you will be able to gain a higher salary and land the job you've dreamed of. Thus, you can become an AWS Cloud Engineer, a DevOps Engineer, a Technical Cloud Architect, and even a Cloud Network Engineer. As for the salary, you can earn from $99,604 to $137,724 per year.

 

AWS-DevOps-Engineer-Professional  Certification Study Guide Pass AWS-DevOps-Engineer-Professional Fast: https://examkiller.itexamreview.com/AWS-DevOps-Engineer-Professional-valid-exam-braindumps.html