AWS Certified DevOps Engineer – Professional ( DevOps Engineering on AWS ) Quiz Questions and Answers

You are responsible for your company’s large multi-tiered Windows-based web application running on Amazon EC2 instances situated behind a load balancer. While reviewing metrics, you’ve started noticing an upwards trend for slow customer page load time. Your manager has asked you to come up with a solution to ensure that customer load time is not affected by too many requests per second. Which technique would you use to solve this issue?

Answer :
  • Re-deploy your infrastructure using AWS CloudFormation, Elastic Beanstalk, and Auto Scaling. Set up your Auto Scaling group policies to scale based on the number of requests per second as well as the current customer load time.

You need to monitor specific metrics from your application and send real-time alerts to your DevOps Engineer. Which of the below services will fulfill this requirement? Choose two answers.

Answer :
  • Amazon CloudWatch
  • Amazon Simple Notification Service

You have the following application to be set up in AWS. 1) A web tier hosted on EC2 Instances 2) Session data to be written to DynamoDB 3) Log files to be written to Microsoft SQL Server How can you allow an application to write data to a DynamoDB table?

Answer :
  • Create an IAM role that allows write access to the DynamoDB table.

A company hosts critical data in an S3 bucket. Even though they have assigned the appropriate permissions to the bucket, they are still worried about data deletion. What measures can be taken to restrict the risk of data deletion on the bucket? Choose 2 answers.

Answer :
  • Enable versioning on the S3 bucket
  • Enable MFA Delete in the bucket policy

An organization has launched 5 instances: 2 for production and 3 for testing. The organization wants that one particular group of IAM users should only access the test instances and not the production ones. How can the organization set that as a part of the policy?

Answer :
  • Define the tags on the test and production servers and add a condition to the IAMpolicy which allows access to specific tags

You are creating a Lambda function that will be triggered by a CloudWatch Event. The data from these events need to be stored in a DynamoDB table. How should the Lambda function be given access to the DynamoDB table?

Answer :
  • Use an IAM role that has permissions to the DynamoDB table and attaches it to the Lambda function

Your company is planning on using AWS EC2 and ELB for deployment for their web applications. The security policy mandates that all traffic should be encrypted. Which of the following options will ensure that this requirement is met. Choose 2 answers from the options below.

Answer :
  • Ensure the load balancer listens on port 443
  • Ensure the HTTPS listener sends requests to the instances on port 443

You have deployed an Elastic Beanstalk application in a new environment and want to save the current state of your environment in a document. You want to be able to restore your environment to the current state later or possibly create a new environment. You also want to make sure you have a restore point. How can you achieve this?

Answer :
  • Saved Configurations

There is a set of Ec2 Instances in a private subnet. The application hosted on these EC2 Instances needs to access a DynamoDB table. It needs to be ensured that traffic does not flow out to the internet. How can this be achieved?

Answer :
  • Use a VPC Endpoint to the DynamoDB

A company is planning on using AWS EC2 and AWS Cloudfront for its web application. For which one of the below attacks is the usage of Cloudfront most suited for?

Answer :
  • DDoS attacks