All About Breathing DOP-C01 Answers

NEW QUESTION 1
What would you set in your CloudFormation template to fire up different instance sizes based off of environment type? i.e. (If this is for prod, use m1.large instead of t1.micro)

• A. Outputs
• B. Resources
• C. Mappings
• D. conditions

Answer: D

Explanation:
The optional Conditions section includes statements that define when a resource is created or when a property is defined. For example, you can compare whether a value is equal to another value. Based on the result of that condition, you can conditionally create resources. If you have multiple conditions, separate them with commas.
For more information on Cloudformation conditions please visit the below link
http://docs^ws.a mazon.com/AWSCIoudFormation/latest/UserGuide/cond itions-section- structure.htm I

NEW QUESTION 2
You were just hired as a DevOps Engineer for a startup. Your startup uses AWS for 100% of their infrastructure. They currently have no automation at all for deployment, and they have had many failures while trying to deploy to production.The company has told you deployment process risk mitigation is the most important thing now, and you have a lot of budget for tools and AWS resources.
Their stack includes a 2-tier API with data stored in DynamoDB or S3, depending on type. The Compute layer is EC2 in Auto Scaling Groups. They use Route53 for DNS pointing to an ELB. An ELB balances load across the EC2 instances. The scaling group properly varies between 4 and 12 EC2 servers. Which of the following approaches, given this company's stack and their priorities, best meets the company's needs?

• A. Model the stack in AWS Elastic Beanstalk as a single Application with multiple Environment
• B. Use Elastic Beanstalk's Rolling Deploy option to progressively roll out application code changes when promoting across environments.
• C. Model the stack in three CloudFormation templates: Data layer, compute layer, and networking laye
• D. Write stack deployment and integration testing automation following Blue-Green methodologie
• E. •>/
• F. Model the stack in AWS OpsWorks as a single Stack, with 1 compute layer and its associated EL
• G. Use Chef and App Deployments to automate Rolling Deployment.
• H. Model the stack in 1 CloudFormation template, to ensure consistency and dependency graph resolutio
• I. Write deployment and integration testingautomation following Rolling Deployment methodologies.

Answer: B

Explanation:
Here you are using 2 of the best practices for deployment, one is Blue Green Deployments and the other is using Nested Cloudformation stacks.
The AWS Documentation mentions the below on nested stacks
As your infrastructure grows, common patterns can emerge in which you declare the same components in each of your templates. You can separate out these common components and create dedicated templates for them. That way, you can mix and match different templates but use nested stacks to create a single,
unified stack. Nested stacks are stacks that create other stacks. To create nested stacks, use the AWS::CloudFormation::Stackresource in your template to reference other templates.
For more information on Cloudformation best practises, please visit the link:
• http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices. html For more information on Blue Green Deployment, please visit the link:
• https://dOawsstatic.com/whitepapers/AWS_Blue_Green_Deployments.pdf

NEW QUESTION 3
When your application is loaded onto an Opsworks stack, which of the following event is triggered by Opsworks?

• A. Deploy
• B. Setup
• C. Configure
• D. Shutdown

Answer: A

Explanation:
When you deploy an application, AWS Ops Works Stacks triggers a Deploy event, which runs each layer's Deploy recipes. AWS OpsWorks Stacks also installs stack configuration and deployment attributes that contain all of the information needed to deploy the app, such as the app's repository and database connection data. For more information on the Deploy event please refer to the below link:
• http://docs.aws.amazon.com/opsworks/latest/userguide/workingapps.html

NEW QUESTION 4
There is a company website that is going to be launched in the coming weeks. There is a probability that the traffic will be quite high in the first couple of weeks. I n the event of a load failure, how can you set up DNS failover to a static website? Choose the correct answer from the options given below.

• A. Duplicatethe exact application architecture in another region and configure DNSweight-based routing
• B. Enablefailover to an on-premise data center to the application hosted there.
• C. UseRoute 53 with the failover option to failover to a static S3 website bucket orCloudFront distribution.
• D. Addmore servers in case the application fails.

Answer: C

Explanation:
Amazon Route 53 health checks monitor the health and performance of your web applications, web servers, and other resources.
If you have multiple resources that perform the same function, you can configure DNS failover so that Amazon Route 53 will route your traffic from an unhealthy resource to a healthy resource. For example, if you have two web servers and one web server becomes unhealthy, Amazon Route 53 can route traffic to the other web server. So you can route traffic to a website hosted on S3 or to a cloudfront distribution.
For more information on DNS failover using Route53, please refer to the below link:
• http://docs.aws.a mazon.com/Route53/latest/DeveloperGuide/dns-fa ilover.htm I

NEW QUESTION 5
You have a large number of web servers in an Auto Scalinggroup behind a load balancer. On an hourly basis, you want to filter and process the logs to collect data on unique visitors, and then put that data in a durable data store in order to run reports. Web servers in the Auto Scalinggroup are constantly launching and terminating based on your scaling policies, but you do not want to lose any of the log data from these servers during a stop/termination initiated by a user or by Auto Scaling. What two approaches will meet these requirements? Choose two answers from the optionsgiven below.

• A. Install an Amazon Cloudwatch Logs Agent on every web server during the bootstrap proces
• B. Create a CloudWatch log group and defineMetric Filters to create custom metrics that track unique visitors from the streaming web server log
• C. Create a scheduled task on an Amazon EC2 instance that runs every hour to generate a new report based on the Cloudwatch custom metric
• D. ^/
• E. On the web servers, create a scheduled task that executes a script to rotate and transmit the logs to Amazon Glacie
• F. Ensure that the operating system shutdown procedure triggers a logs transmission when the Amazon EC2 instance is stopped/terminate
• G. Use Amazon Data Pipeline to process the data in Amazon Glacier and run reports every hour.
• H. On the web servers, create a scheduled task that executes a script to rotate and transmit the logs to an Amazon S3 bucke
• I. Ensure that the operating system shutdown procedure triggers a logs transmission when the Amazon EC2 instance is stopped/terminate
• J. Use AWS Data Pipeline to move log data from the Amazon S3 bucket to Amazon Redshift In order to process and run reports every hour.
• K. Install an AWS Data Pipeline Logs Agent on every web server during the bootstrap proces
• L. Create a log group object in AWS Data Pipeline, and define Metric Filters to move processed log data directly from the web servers to Amazon Redshift and run reports every hour.

Answer: AC

Explanation:
You can use the Cloud Watch Logs agent installer on an existing CC2 instance to install and configure the Cloud Watch Logs agent.
For more information, please visit the below link:
• http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Qu ickStartCC2lnstance.html
You can publish your own metrics to Cloud Watch using the AWS CLI or an API. For more information, please visit the below link:
• http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.htmI Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (Bl) tools. It allows you to run complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution. Most results come back in seconds. For more information on copying data from S3 to redshift, please refer to the below link:
• http://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-copydata- redshift html

NEW QUESTION 6
You are building a game high score table in DynamoDB. You will store each user's highest score for each game, with many games, all of which have relatively similar usage levels and numbers of players. You need to be able to look up the highest score for any game. What's the best DynamoDB key structure?

• A. HighestScore as the hash/only key.
• B. GamelD as the hash key, HighestScore as the range ke
• C. GamelD as the hash/only key.
• D. GamelDastherange/onlykey.

Answer: B

Explanation:
It always best to choose the hash key as the column that will have a wide range of values. This is also given in the AWS documentation
Choosing a Partition Key
The following table compares some common partition key schemas for provisioned throughput efficiency:

Next since you need to sort by the Highest Score, you need to use that as the sort key For more information on Table Guidelines, please visit the below URL:
• http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Guide linesForTables.html

NEW QUESTION 7
You have created a DynamoDB table for an application that needs to support thousands of users. You need to ensure that each user can only access their own data in a particular table. Many users already have accounts with a third-party identity provider, such as Facebook, Google, or Login with Amazon. How would you implement this requirement?
Choose 2 answers from the options given below.

• A. Createan 1AM User for all users so that they can access the application.
• B. UseWeb identity federation and register your application with a third-partyidentity provider such as Google, Amazon, or Facebook.
• C. Createan 1AM role which has specific access to the DynamoDB table.
• D. Usea third-party identity provider such as Google, Facebook or Amazon so users canbecome an AWS1AM User with access to the application.

Answer: BC

Explanation:
The AWS Documentation mentions the following
With web identity federation, you don't need to create custom sign-in code or manage your own user identities. Instead, users of your app can sign in using a well-known identity provider (IdP) — such as Login with Amazon, Facebook, Google, or any other OpenID Connect (OIDC)-compatible IdP, receive an authentication token, and then exchange that token for temporary security credentials in AWS that map to an 1AM role with permissions to use the resources in your AWS account. Using an IdP helps you keep your AWS account secure, because you don't have to embed and distribute long- term security credentials with your application. For more information on Web Identity federation, please visit the below url http://docs.ws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html

NEW QUESTION 8
You have a number of Cloudformation stacks in your IT organization. Which of the following commands will help see all the cloudformation stacks which have a completed status?

• A. describe-stacks
• B. list-stacks
• C. stacks-complete
• D. list-templates

Answer: B

Explanation:
The following is the description of the list-stacks command
Returns the summary information for stacks whose status matches the specified StackStatusFilter.
Summary information for stacks that have been deleted is kept for 90 days after the stack is deleted. If no stack-status-filter is specified, summary information for all stacks is returned (including existing stacks and stacks that have been deleted).
For more information on the list-stacks command please visit the below link http://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-stacks. html

NEW QUESTION 9
You have a set of EC2 Instances hosting an nginx server and a web application that is used by a set of users in your organization. After a recent application version upgrade, the instance runs into technical issues and needs an immediate restart. This does not give you enough time to inspect the cause of the issue on the server. Which of the following options if implemented prior to the incident would have assisted in detecting the underlying cause of the issue?

• A. Enabledetailed monitoring and check the Cloudwatch metrics to see the cause of theissue.
• B. Createa snapshot of the EBS volume before restart, attach it to another instance as avolume and then diagnose the issue.
• C. Streamall the data to Amazon Kinesis and then analyze the data in real time.
• D. Install Cloudwatch logs agent on the instance and send all the logs to Cloudwatch logs.

Answer: D

Explanation:
The AWS documentation mentions the following
You can publish log data from Amazon CC2 instances running Linux or Windows Server, and logged events from AWS CloudTrail. CloudWatch Logs can consume logs
from resources in any region, but you can only view the log data in the CloudWatch console in the regions where CloudWatch Logs is supported.
Option A is invalid as detailed monitoring will only help us to get more information about the performance metrics of the instances, volumes etc and will not be able to provide full information regarding technical issues.
Option B is incorrect if we had created a snapshot prior to the update it might be useful but not after the incident.
Option C is incorrect here we are dealing with an issue concerning the underlying application that handles the data so this solution will not help.
For more information on Cloudwatch logs, please refer to the below link:
• http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/StartTheCW LAgent.htm I

NEW QUESTION 10
You are in charge of designing a number of Cloudformation templates for your organization. You are required to make changes to stack resources every now and then based on the requirement. How can you check the impact of the change to resources in a cloudformation stack before deploying changes to the stack?

• A. Thereis no way to control thi
• B. You need to check for the impact beforehand.
• C. UseCloudformation change sets to check for the impact to the changes.
• D. UseCloudformation Stack Policies to check for the impact to the changes.
• E. UseCloudformation Rolling Updates to check for the impact to the changes.

Answer: B

Explanation:
The AWS Documentation mentions
When you need to update a stack, understanding how your changes will affect running resources before you implement them can help you update stacks with confidence. Change sets allow you to preview how proposed changes to a stack might impact your running resources, for example, whether your changes will delete or replace any critical resources, AWS CloudFormation makes the changes to your stack only when you decide to execute the change set, allowing you to decide whether to proceed with your proposed changes or explore other changes by creating another change set. You can create and manage change sets using the AWS
CloudFormation console, AWS CLI, or AWS CloudFormation API.
For more information on Cloudformation change sets, please visit the below url http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html

NEW QUESTION 11
You have a set of applications hosted in AWS. There is a requirement to store the logs from this application onto durable storage. After a period of 3 months, the logs can be placed in archival storage. Which of the following steps would you carry out to achieve this requirement. Choose 2 answers from the options given below

• A. Storethe logfiles as they emitted from the application on to Amazon Glacier
• B. Storethe log files as they emitted from the application on to Amazon Simple Storageservice
• C. UseLifecycle policies to move the data onto Amazon Glacier after a period of 3months
• D. UseLifecycle policies to move the data onto Amazon Simple Storage service after aperiod of 3 months

Answer: BC

Explanation:
The AWS Documentation mentions the following
Amazon Simple Storage Service (Amazon S3) makes it simple and practical to collect, store, and analyze data - regardless of format - all at massive scale. S3 is object storage built to store and retrieve any amount of data from anywhere - web sites and mobile apps, corporate applications, and data from loT sensors or devices.
For more information on S3, please visit the below URL:
• https://aws.amazon.com/s3/
Lifecycle configuration enables you to specify the lifecycle management of objects in a bucket. The configuration is a set of one or more rules, where each rule defines an action for Amazon S3 to apply to a group of objects. These actions can be classified as follows: Transition actions - In which you define when objects transition to another storage class. For example, you may choose to transition objects to the STANDARDJ A (IA, for infrequent access) storage class 30 days after creation, or archive objects to the GLACIER storage class one year after creation. Cxpiration actions - In which you specify when the objects expire. Then Amazon S3 deletes the expired objects on your behalf. For more information on S3 Lifecycle policies please visit the below URL:
• http://docs.aws.a mazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.htmI

NEW QUESTION 12
Which of the following tools is available to send logdatafrom EC2 Instances.

• A. CloudWatch LogsAgent
• B. CloudWatchAgent
• C. Logsconsole.
• D. LogsStream

Answer: A

Explanation:
The AWS Documentation mentions the following
The CloudWatch Logs agent provides an automated way to send log data to Cloud Watch Logs from Amazon L~C2 instances. The agent is comprised of the following components:
A plug-in to the AWS CLI that pushes log data to CloudWatch Logs.
A script (daemon) that initiates the process to push data to CloudWatch Logs.
Acron job that ensures that the daemon is always running. For more information on Cloudwatch logs Agent, please see the below link:
http://docs.aws.a mazon.com/AmazonCloudWatch/latest/logs/AgentRefe re nee. htm I

NEW QUESTION 13
Which of the following service can be used to provision ECS Cluster containing following components in an automated way:
1) Application Load Balancer for distributing traffic among various task instances running in EC2 Instances
2) Single task instance on each EC2 running as part of auto scaling group
3) Ability to support various types of deployment strategies

• A. SAM
• B. Opswork
• C. Elastic beanstalk
• D. CodeCommit

Answer: C

Explanation:
You can create docker environments that support multiple containers per Amazon CC2 instance with multi-container Docker platform for Elastic Beanstalk-Elastic Beanstalk uses Amazon Elastic Container Service (Amazon CCS) to coordinate container deployments to multi-container Docker environments. Amazon CCS provides tools to manage a cluster of instances running Docker containers. Elastic Beanstalk takes care of Amazon CCS tasks including cluster creation, task definition, and execution Please refer to the below AWS documentation: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker_ecs.html

NEW QUESTION 14
During metric analysis, your team has determined that the company's website during peak hours is experiencing response times higher than anticipated. You currently rely on Auto Scaling to make sure that you are scaling your environment during peak windows. How can you improve your Auto Scaling policy to reduce this high response time? Choose 2 answers.

• A. Push custom metrics to CloudWatch to monitor your CPU and network bandwidth from your servers, which will allow your Auto Scaling policy to have betterfine-grain insight.
• B. IncreaseyourAutoScalinggroup'snumberofmaxservers.
• C. Create a script that runs and monitors your servers; when it detects an anomaly in load, it posts to an Amazon SNS topic that triggers Elastic Load Balancing to add more servers to the load balancer.
• D. Push custom metrics to CloudWatch for your application that include more detailed information about your web application, such as how many requests it is handling and how many are waiting to be processed.

Answer: BD

Explanation:
Option B makes sense because maybe the max servers is low hence the application cannot handle the peak load.
Option D helps in ensuring Autoscaling can scale the group on the right metrics.
For more information on Autoscaling health checks, please refer to the below document link: from AWS
http://docs.aws.amazon.com/autoscaling/latest/userguide/healthcheck.html

NEW QUESTION 15
Your mobile application includes a photo-sharing service that is expecting tens of thousands of users at launch. You will leverage Amazon Simple Storage Service (S3) for storage of the user Images, and you must decide how to authenticate and authorize your users for access to these images. You also need to manage the storage of these images. Which two of the following approaches should you use? Choose two answers from the options below

• A. Create an Amazon S3 bucket per user, and use your application to generate the S3 URI for the appropriate content.
• B. Use AWS Identity and Access Management (1AM) user accounts as your application-level user database, and offload the burden of authentication from your application code.
• C. Authenticate your users at the application level, and use AWS Security Token Service (STS) to grant token-based authorization to S3 objects.
• D. Authenticate your users at the application level, and send an SMS token message to the use
• E. Create an Amazon S3 bucket with the same name as the SMS message token, and move the user's objects to that bucket.
• F. Use a key-based naming scheme comprised from the user IDs for all user objects in a single Amazon S3 bucket.

Answer: CE

Explanation:
The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access
Management (1AM) users or for users that you authenticate (federated users). The token can then be used to grant access to the objects in S3.
You can then provides access to the objects based on the key values generated via the user id. Option A is possible but then becomes a maintenance overhead because of the number of buckets. Option B is invalid because 1AM users is not a good security practice.
Option D is invalid because SMS tokens are not efficient for this requirement.
For more information on the Security Token Service please refer to the below link: http://docs.aws.amazon.com/STS/latest/APIReference/Welcome.htrril

NEW QUESTION 16
You are creating a new API for video game scores. Reads are 100 times more common than writes, and the top 1% of scores are read 100 times more frequently than the rest of the scores. What's the best design for this system, using DynamoDB?

• A. DynamoDB table with 100x higher read than write throughput, with CloudFront caching.
• B. DynamoDB table with roughly equal read and write throughput, with CloudFront caching.
• C. DynamoDB table with 100x higher read than write throughput, with ElastiCache caching.
• D. DynamoDB table with roughly equal read and write throughput, with ElastiCache caching.

Answer: D

Explanation:
Because the lOOx read ratio is mostly driven by a small subset, with caching, only a roughly equal number of reads to writes will miss the cache, since the supermajority will hit the top 1% scores. Knowing we need to set the values roughly equal when using caching, we select AWS OastiCache, because CloudFront
cannot directly cache DynamoDB queries, and OastiCache is an excellent in-memory cache for database queries, rather than a distributed proxy cache for content delivery.
For more information on DynamoDB table gudelines please refer to the below link:
• http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GuidelinesForTables.html

NEW QUESTION 17
You have been asked to de-risk deployments at your company. Specifically, the CEO is concerned about outages that occur because of accidental inconsistencies between Staging and Production, which sometimes cause unexpected behaviors in Production even when Staging tests pass. You already use Docker to get high consistency between Staging and Production for the application environment on your EC2 instances. How do you further de-risk the rest of the execution environment, since in AWS, there are many service components you may use beyond EC2 virtual machines?

• A. Develop models of your entire cloud system in CloudFormatio
• B. Use this model in Staging and Production to achieve greater parit
• C. */
• D. Use AWS Config to force the Staging and Production stacks to have configuration parit
• E. Any differences will be detected for you so you are aware of risks.
• F. Use AMIs to ensure the whole machine, including the kernel of the virual machines, is consistent,since Docker uses Linux Container (LXC) technology, and we need to make sure the container environment is consistent.
• G. Use AWS ECS and Docker clusterin
• H. This will make sure that the AMIs and machine sizes are the same across both environments.

Answer: A

Explanation:
After you have your stacks and resources set up, you can reuse your templates to replicate your infrastructure in multiple environments. For example, you can create environments for development, testing, and production so that you can test changes before implementing them into production. To make templates reusable, use the parameters, mappings, and conditions sections so that you can customize your stacks when you create them. For example, for your development environments, you can specify a lower-cost instance type compared to your production environment, but all other configurations and settings remain the same
For more information on Cloudformation best practices please refer to the below link: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.html

NEW QUESTION 18
You have an asynchronous processing application usingan Auto Scaling Group and an SQS Queue. The Auto Scaling Group scales according to the depth of the job queue. The completion velocity of the jobs has gone down, the Auto Scaling Group size has maxec out, but the inbound job velocity did not increase. What is a possible issue?

• A. Some of the new jobs coming in are malformed and unprocessable.
• B. The routing tables changed and none of the workers can process events anymore.
• C. Someone changed the 1AM Role Policy on the instances in the worker group and broke permissions to access the queue.
• D. The scaling metric is not functioning correctly.

Answer: A

Explanation:
This question is more on the grounds of validating each option
Option B is invalid, because the Route table would have an effect on all worker processes and no jobs would have been completed.
Option C is invalid because if the 1AM Role was invalid then no jobs would be completed.
Option D is invalid because the scaling is happening, its just that the jobs are not getting completed. For more information on Scaling on Demand, please visit the below URL:
• http://docs.aws.a mazon.com/autoscaling/latest/userguide/as-scale-based-on-demand.html

NEW QUESTION 19
You have an AWS OpsWorks Stack running Chef Version 11.10. Your company hosts its own proprietary cookbook on Amazon S3, and this is specified as a custom cookbook in the stack. You want to use an open-source cookbook located in an external Git repository. What tasks should you perform to enable the use of both custom cookbooks?

• A. Inthe AWS OpsWorks stack settings, enable Berkshel
• B. Create a new cookbook with aBerksfile that specifies the other two cookbook
• C. Configure the stack to usethis new cookbook.
• D. Inthe OpsWorks stack settings add the open source project's cookbook details inaddition to your cookbook.
• E. Contactthe open source project's maintainers and request that they pull your cookbookinto their
• F. Update the stack to use their cookbook.
• G. Inyour cookbook create an S3 symlink object that points to the open sourceproject's cookbook.

Answer: A

Explanation:
To use an external cookbook on an instance, you need a way to install it and manage any dependencies. The preferred approach is to implement a cookbook that supports a dependency manager named Berkshelf. Berkshelf works on Amazon CC2 instances, including AWS OpsWorks Stacks instances, but it is also designed to work with Test Kitchen and Vagrant.
For more information on Opswork and Berkshelf, please visit the link:
• http://docs.aws.a mazon.com/opsworks/latest/userguide/cookbooks-101 -opsworks- berkshelf.htm I

NEW QUESTION 20
When using EC2 instances with the Code Deploy service, which of the following are some of the pre- requisites to ensure that the EC2 instances can work with Code Deploy. Choose 2 answers from the options given below

• A. Ensurean 1AM role is attached to the instance so that it can work with the CodeDeploy Service.
• B. Ensurethe EC2 Instance is configured with Enhanced Networking
• C. Ensurethe EC2 Instance is placed in the default VPC
• D. Ensurethat the CodeDeploy agent is installed on the EC2 Instance

Answer: AD

Explanation:
This is mentioned in the AWS documentation

For more information on instances for CodeDeploy, please visit the below URL:
• http://docs.aws.amazon.com/codedeploY/latest/userguide/instances.html

NEW QUESTION 21
You have deployed an Elastic Beanstalk application in a new environment and want to save the current state of your environment in a document. You want to be able to restore your environment to the current state later or possibly create a new environment. You also want to make sure you have a restore point. How can you achieve this?

• A. Use CloudFormation templates
• B. Configuration Management Templates
• C. Saved Configurations
• D. Saved Templates

Answer: C

Explanation:
You can save your environment's configuration as an object in Amazon S3 that can be applied to other environments during environment creation, or applied to a running environment. Saved configurations are YAML formatted templates that define an environment's platform configuration, tier, configuration option settings,
and tags.
For more information on Saved Configurations please refer to the below link:
• http://docs.aws.a mazon.com/elasticbeanstalk/latest/dg/envi ronment-configuration- savedconfig.html

NEW QUESTION 22
When you implement a lifecycle hook in Autoscaling, by default what is the time limit in which the instance will be a pending state.

• A. 60seconds
• B. 5minutes
• C. 60minutes
• D. 120minutes

Answer: C

Explanation:
The AWS Documentation mentions
By default, the instance remains in a wait state for one hour, and then Auto Scaling continues the launch or terminate process (Pending: Proceed or Terminating: Proceed). If you need more time, you can restart the timeout period by recording a heartbeat. If you finish before the timeout
period ends, you can complete the lifecycle action, which continues the launch or termination process.
For more information on Autoscaling lifecycle hooks please see the below link:
• http://docs.aws.a mazon.com/autoscaling/latest/userguide/lifecycle-hooks.htm I

NEW QUESTION 23
You need to deploy an AWS stack in a repeatable manner across multiple environments. You have selected CloudFormation as the right tool to accomplish this, but have found that there is a resource type you need to create and model, but is unsupported by CloudFormation. How should you overcome this challenge?

• A. Use a CloudFormation Custom Resource Template by selecting an API call to proxy for create, update, and delete action
• B. CloudFormation will use the AWS SDK, CLI, or API method of your choosing as the state transition function for the resource type you are modeling.
• C. Submit a ticket to the AWS Forum
• D. AWS extends CloudFormation Resource Types by releasing tooling to the AWS Labs organization on GitHu
• E. Their response time is usually 1 day, and theycomplete requests within a week or two.
• F. Instead of depending on CloudFormation, use Chef, Puppet, or Ansible to author Heat templates, which are declarative stack resource definitions that operate over the OpenStack hypervisor and cloud environment.
• G. Create a CloudFormation Custom Resource Type by implementing create, update, and delete functionality, either by subscribing a Custom Resource Provider to an SNS topic, or by implementing the logic in AWS Lambda.

Answer: D

Explanation:
Custom resources enable you to write custom provisioning logic in templates that AWS Cloud Formation runs anytime you create, update (if you changed the custom resource), or delete stacks. For example, you might want to include resources that aren't available as AWS Cloud Formation resource types. You can include those resources by using custom resources. That way you can still manage all your related resources in a single stack.
Use the AWS:: Cloud Formation:: Custom Resource or Custom ::String resource type to define custom resources in your templates. Custom resources require one property: the service token, which specifies where AWS CloudFormation sends requests to, such as an Amazon SNS topic.
For more information on Custom Resources in Cloudformation, please visit the below U RL: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/template-custom- resources.html

NEW QUESTION 24
You have a complex system that involves networking, 1AM policies, and multiple, three-tier applications. You are still receiving requirements for the new system, so you don't yet know how many AWS components will be present in the final design. You want to start using AWS CloudFormation to define these AWS resources so that you can automate and version-control your infrastructure. How would you use AWS CloudFormation to provide agile new environments for your customers in a cost-effective, reliable manner?

• A. Manually create one template to encompass all the resources that you need for the system, so you only have a single template to version-control.
• B. Create multiple separate templates for each logical part of the system, create nested stacks in AWS CloudFormation, and maintain several templates to version-contro
• C. •>/
• D. Create multiple separate templates for each logical part of the system, and provide the outputs from one to the next using an Amazon Elastic Compute Cloud (EC2) instance running the SDK forfinergranularity of control.
• E. Manually construct the networking layer using Amazon Virtual Private Cloud (VPC) because this does not change often, and then use AWS CloudFormation to define all other ephemeral resources.

Answer: B

Explanation:
As your infrastructure grows, common patterns can emerge in which you declare the same components in each of your templates. You can separate out these common components and create dedicated templates for them. That way, you can mix and match different templates but use nested stacks to create a single, unified stack. Nested stacks are stacks that create other stacks. To create nested stacks, use the AWS::CloudFormation::Stackresource in your template to reference other templates.
For more information on Cloudformation best practises please refer to the below link: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.html

NEW QUESTION 25
Your application consists of 10% writes and 90% reads. You currently service all requests through a Route53 Alias Record directed towards an AWS ELB, which sits in front of an EC2 Auto Scaling Group. Your system isgetting very expensive when there are large traffic spikes during certain news events, during which many more people request to read similar data all at the same time. What is the simplest and cheapest way to reduce costs and scale with spikes like this?

• A. Create an S3 bucket and asynchronously replicate common requests responses into S3 object
• B. When a request comes in for a precomputed response, redirect to AWS S3.
• C. Create another ELB and Auto Scaling Group layer mounted on top of the other system, adding a tier to the syste
• D. Serve most read requests out of the top layer.
• E. Create a CloudFront Distribution and direct Route53 to the Distributio
• F. Use the ELB as an Origin and specify Cache Behaviours to proxy cache requests which can be served late.
• G. Create a Memcached cluster in AWS ElastiCach
• H. Create cache logic to serve requests which can be served late from the in-memory cache for increased performance.

Answer: C

Explanation:
Use Cloudf rant distribution for distributing the heavy reads for your application. You can create a
zone apex record to point to the Cloudfront distribution.
You can control how long your objects stay in a CloudFront cache before CloudFront forwards another request to your origin. Reducing the duration allows you to serve dynamic content. Increasing the duration means your users get better performance because your objects are more likely to be served directly from the edge cache. A longer duration also reduces the load on your origin.
For more information on Cloudfront object expiration, please visit the below URL: http://docs.aws.amazon.com/AmazonCloudFrant/latest/DeveloperGuide/Cxpiration.html

NEW QUESTION 26
......