Amazon Web Services edusum aws Certified Professional Changed Dop-c02 Questions by Nuala q75 vce pdf

Page: 31 / 31

Amazon Web Services DOP-C02 Exam Overview :

Exam Name:	AWS Certified DevOps Engineer - Professional
Exam Code:	DOP-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Professional
Questions:	425 Q&A's	Shared By:	nuala

Question 124

A company requires all its employees to access secrets and parameters through AWS Systems Manager Parameter Store. All secrets must automatically rotate every 60 days.

A DevOps engineer must add a new secret to give an application access to an Amazon ElastiCache (Redis OSS) cluster.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

Create the secret in AWS Secrets Manager. Enable rotation. Set the rotation frequency to 60 days. Configure the application to reference the secret value by using the fully qualified path in Parameter Store.

Create the secret in Parameter Store. Enable automatic rotation. Set the rotation frequency to 60 days. Configure the application to reference the secret value by using the fully qualified path in Parameter Store.

Create the secret in Parameter Store. Create an AWS Lambda function to rotate the secret. Configure an Amazon EventBridge event to invoke the Lambda function every 60 days. Configure the application to provide the unique secret name to Parameter Store to retrieve the secret.

Create the secret in AWS Secrets Manager. Enable rotation by AWS Lambda function. Use the Secrets Manager provided template for ElastiCache (Redis OSS) secrets. Set the rotation schedule to 60 days. Set a rotation window duration in Secrets Manager. Configure the application to provide the full reserved path to Parameter Store when the application accesses the secret.

Discussion

Question 125

A company manages multiple AWS accounts in AWS Organizations. The company ' s security policy states that AWS account root user credentials for member accounts must not be used. The company monitors access to the root user credentials.

A recent alert shows that the root user in a member account launched an Amazon EC2 instance. A DevOps engineer must create an SCP at the organization ' s root level that will prevent the root user in member accounts from making any AWS service API calls.

Which SCP will meet these requirements?

Questions 125

Options:

Option A

Option B

Option C

Option D

Discussion

Ava-Rose

Yes! Cramkey Dumps are amazing I passed my exam…Same these questions were in exam asked.

Ismail Mar 24, 2026

Wow, that sounds really helpful. Thanks, I would definitely consider these dumps for my certification exam.

Ace

No problem! I highly recommend Cramkey Dumps to anyone looking to pass their certification exams. They will help you feel confident and prepared on exam day. Good luck!

Harris Mar 12, 2026

That sounds amazing. I'll definitely check them out. Thanks for the recommendation!

Nadia

Why these dumps are important? Can I pass my exam without these dumps?

Julian Mar 20, 2026

The questions in the Cramkey dumps are explained in detail and there are also study notes and reference materials provided. This made it easier for me to understand the concepts and retain the information better.

Cecilia

Yes, I passed my certification exam using Cramkey Dumps.

Helena Mar 9, 2026

Great. Yes they are really effective

Billy

It was like deja vu! I was confident going into the exam because I had already seen those questions before.

Vincent Mar 18, 2026

Definitely. And the best part is, I passed! I feel like all that hard work and preparation paid off. Cramkey is the best resource for all students!!!

Question 126

A company manages shared libraries across development and production accounts with IAM roles and CodePipeline/CDK. Developers must be the only ones to access latest versions. Shared packages must be independently tested before production.

Which solution meets these requirements?

Options:

Single CodeArtifact repository in central account with IAM policies allowing only developers access. Use EventBridge to start CodeBuild testing projects before copying packages to production repo.

Separate CodeArtifact repositories in dev and prod accounts. Dev repo has repository policy allowing only developers access. EventBridge triggers pipeline to test packages before copying to prod repo.

Single S3 bucket with versioning in central account, IAM policies restricting developers. Use EventBridge to trigger CodeBuild tests before copying to production.

Separate S3 buckets with versioning in dev and prod accounts, dev bucket policy restricting developers. EventBridge triggers pipeline to test packages before copying to prod and revert if tests fail.

Discussion

Question 127

A company uses Amazon RDS for Microsoft SQL Server as its primary database. They need high availability within and across AWS Regions, with an RPO < 1 min and RTO < 10 min. Route 53 CNAME is used for the DB endpoint and must redirect to standby during failover.

Which solution meets these requirements?

Options:

Deploy an Amazon RDS for SQL Server Multi-AZ DB cluster with cross-Region read replicas. Use automation to promote replica and update Route 53.

Deploy RDS Multi-AZ with snapshots copied every 5 minutes; use Lambda to restore snapshot and update Route 53 on failover.

Deploy Single-AZ RDS and use AWS DMS to continuously replicate to another Region. Use CloudWatch alarms for failover notification.

Deploy Single-AZ RDS and use AWS Backup for cross-Region backups every 30 seconds. Use automation to restore and update Route 53 during failover.