Amazon Web Services transcender aws Certified Professional Dop-c02 Exam Questions And Answers Pdf by Rehmat q8 vce pdf

Page: 19 / 32

Exam Name:	AWS Certified DevOps Engineer - Professional
Exam Code:	DOP-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Professional
Questions:	435 Q&A's	Shared By:	rehmat

Question 76

A company has enabled all features for its organization in AWS Organizations. The organization contains 10 AWS accounts. The company has turned on AWS CloudTrail in all the accounts. The company expects the number of AWS accounts in the organization to increase to 500 during the next year. The company plans to use multiple OUs for these accounts.

The company has enabled AWS Config in each existing AWS account in the organization. A DevOps engineer must implement a solution that enables AWS Config automatically for all future AWS accounts that are created in the organization.

Which solution will meet this requirement?

Options:

In the organization ' s management account, create an Amazon EventBridge rule that reacts to a CreateAccount API call. Configure the rule to invoke an AWS Lambda function that enables trusted access to AWS Config for the organization.

In the organization ' s management account, create an AWS CloudFormation stack set to enable AWS Config. Configure the stack set to deploy automatically when an account is created through Organizations.

In the organization ' s management account, create an SCP that allows the appropriate AWS Config API calls to enable AWS Config. Apply the SCP to the root-level OU.

In the organization ' s management account, create an Amazon EventBridge rule that reacts to a CreateAccount API call. Configure the rule to invoke an AWS Systems Manager Automation runbook to enable AWS Config for the account.

Discussion

Question 77

A company’s web app runs on EC2 with a relational database. The company wants highly available multi-Region architecture with latency-based routing for global customers.

Which solution meets these requirements?

Options:

ALB in each Region with Auto Scaling groups; Aurora global database with read replicas; Route 53 latency-based routing to ALBs.

ALB in each Region with Auto Scaling groups; RDS primary in one Region with read replicas in others; Route 53 failover routing to ALBs.

Elastic Beanstalk with ALB in each Region; Aurora global database with read replicas; CloudFront with custom origins for ALBs; Route 53 latency-based routing to CloudFront.

Elastic Beanstalk with ALB in each Region; RDS primary in one Region with read replicas; CloudFront with custom origins for ALBs; Route 53 failover routing to CloudFront.

Discussion

Sarah

Yeah, I was so relieved when I saw that the question appeared in the exam were similar to their exam dumps. It made the exam a lot easier and I felt confident going into it.

Aaliyah Apr 18, 2026

Same here. I've heard mixed reviews about using exam dumps, but for us, it definitely paid off.

Carson

Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.

Rufus Mar 31, 2026

Me too. They're a lifesaver!

Ace

No problem! I highly recommend Cramkey Dumps to anyone looking to pass their certification exams. They will help you feel confident and prepared on exam day. Good luck!

Harris Apr 16, 2026

That sounds amazing. I'll definitely check them out. Thanks for the recommendation!

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun Apr 10, 2026

That sounds really useful. I'll definitely check it out.

Zayaan

Successfully aced the exam… Thanks a lot for providing amazing Exam Dumps.

Harmony Apr 13, 2026

That's fantastic! I'm glad to hear that their dumps helped you. I also used them and found it accurate.

Question 78

A company uses a single AWS account lo test applications on Amazon EC2 instances. The company has turned on AWS Config in the AWS account and has activated the restricted-ssh AWS Config managed rule.

The company needs an automated monitoring solution that will provide a customized notification in real time if any security group in the account is not compliant with the restricted-ssh rule. The customized notification must contain the name and ID of the noncompliant security group.

A DevOps engineer creates an Amazon Simple Notification Service (Amazon SNS) topic in the account and subscribes the appropriate personnel to the topic.

What should me DevOps engineer do next to meet these requirements?

Options:

Create an Amazon EventBridge rule that matches an AWS Config evaluation result of NON_COMPLIANT tor the restricted-ssh rule. Configure an input transformer for the EventBridge rule Configure the EventBridge rule to publish a notification to the SNS topic.

Configure AWS Config to send all evaluation results for the restricted-ssh rule to the SNS topic. Configure a filter policy on the SNS topic to send only notifications that contain the text of NON_COMPLIANT in the notification to subscribers.

Create an Amazon EventBridge rule that matches an AWS Config evaluation result of NON_COMPLlANT for the restricted-ssh rule Configure the EventBridge rule to invoke AWS Systems Manager Run Command on the SNS topic to customize a notification and to publish the notification to the SNS topic

Create an Amazon EventBridge rule that matches all AWS Config evaluation results of NON_COMPLIANT Configure an input transformer for the restricted-ssh rule Configure the EventBridge rule to publish a notification to the SNS topic.

Discussion

Question 79

A company uses a CI/CD pipeline to deploy its workload in the ap-southeast-2 Region. The company receives images through a Network Load Balancer (NLB) and processes the images in AWS Fargate tasks on an Amazon ECS cluster. An Amazon ECR repository stores the images as Docker images. The company uses Route 53 for DNS. The company saves the images in an S3 bucket and metadata in DynamoDB. The company wants to expand to eu-west-2 with high availability and resilience.

Which combination of steps will meet these requirements with the FEWEST configuration changes? (Select THREE).

Options:

Configure ECR replication to eu-west-2 on the repository. Configure an NLB in eu-west-2 that resolves to Fargate tasks in an ECS cluster in eu-west-2. Configure a latency routing policy in Route 53 for the two workloads.

Configure the DynamoDB table as a global table with a replica in eu-west-2. Configure the Fargate tasks to interact with the DynamoDB table in ap-southeast-2.

Configure the DynamoDB table as a global table with a replica in eu-west-2. Configure the Fargate tasks to interact with the DynamoDB table in the same Region that the tasks run in.

Configure a new S3 bucket in eu-west-2. Configure data replication between the S3 bucket in ap- southeast-2 and the S3 bucket in eu-west-2. Configure the Fargate tasks to use the S3 bucket in the same Region that the tasks run in to perform S3 PUT and GET operations.

Configure an S3 Multi-Region Access Point for the S3 bucket in ap-southeast-2 and a new S3 bucket in eu-west-2. Configure two-way replication on the S3 buckets. Configure the workloads to use the Multi-Region Access Point for S3 PUT and GET operations.

Configure the CI/CD pipeline to deploy ECR images to both Regions. Configure an NLB in eu-west-2 that resolves to Fargate tasks in an ECS cluster in eu-west-2. Configure a failover routing policy in Route 53 for the two workloads.