DOP-C01 DOP-C01 Dumps DOP-C01 Braindumps DOP-C01 Real Questions DOP-C01 Practice Test DOP-C01 dumps free Amazon AWS DevOps Engineer – Professional (DOP-C01)
Question: 127 A DevOps Engineer is working on a project that is hosted on Amazon Linux and has failed a security review. The DevOps Manager has been asked to review the company buildspec.yami file for an AWS CodeBuild project and provide recommendations. The builspec.yami file is configured as follows: What changes should be recommended to comply with AWS security best practices? (Select THREE.) A. Add a post-build command to remove the temporary files from the container before termination to ensure they cannot be seen by other CodeBuild users. B. Update the CodeBuild project role with the necessary permissions and then remove the AWS credentials from the environment variable. C. Store the DB_PASSWORD as a SecurityString value in AWS Systems Manager Parameter Store and then remove the DB_PASSWORD from the environment variables. D. Move the environment variables to the ‘db-deploy-bucket’ Amazon S3 bucket, add a prebuild stage to download, then export the variables. E. Use AWS Systems Manager run command versus scp and ssh commands directly to the instance. F. Scramble the environment variables using XOR followed by Base64, add a section to install, and then run XOR and Base64 to the build phase. Answer: ADE Question: 128 A company has a hybrid architecture solution in which some legacy systems remain on-premises, while a specific cluster of servers is moved to AWS. The company cannot reconfigure the legacy systems, so the cluster nodes must have a fixed hostname and local IP address for each server that is part of the cluster. The DevOps Engineer must automate the configuration for a six-node cluster with high availability across three Availability Zones (AZs), placing two elastic network interfaces in a specific subnet for each AZ. Each node’s hostname and local IP address should remain the same between reboots or instance failures. Which solution involves the LEAST amount of effort to automate this task? A. Create an AWS Elastic Beanstalk application and a specific environment for each server of the cluster. For each environment, give the hostname, elastic network interface, and AZ as input parameters. Use the local health agent toname the instance and attach a specific elastic network interface based on the current environment. B. Create a reusable AWS CloudFormation template to manage an Amazon EC2 Auto Scaling group with a minimum size of 1 and a maximum size of 1. Give the hostname, elastic network interface, and AZ as stack parameters. Usethose parameters to set up an EC2 instance with EC2 Auto Scaling and a user data script to attach to the specific elastic network interface. Use CloudFormation nested stacks to nest the template six times for a total of six nodes needed for the cluster, and deploy using the master template.
- Summer '20
- IP address, Amazon Web Services, Amazon Elastic Compute Cloud