An online company uses Amazon EC2 Auto Scaling extensively to provide an excellent customer experience while minimizing the number of running EC2 instances. The company's self-hosted Puppet environment in the application layer manages the configuration of the instances. The IT manager wants the lowest licensing costs and wants to ensure that whenever the EC2 Auto Scaling group scales down, removed EC2 instances are deregistered from the Puppet master as soon as possible.
A company discovers that some IAM users have been storing their AWS access keys in configuration files that have been pushed to a Git repository hosting service.
Which solution will require the LEAST amount of management overhead while preventing the exposed AWS access keys from being used?
Company policies require that information about IP traffic going between instances in the production Amazon VPC is captured. The capturing mechanism must always be enabled and the Security team must be notified when any changes in configuration occur.
What should be done to ensure that these requirements are met?
A DevOps Engineer needs to deploy a scalable three-tier Node.js application in AWS. The application must have zero downtime during deployments and be able to roll back to previous versions. Other applications will also connect to the same MySQL backend database.
The CIO has provided the following guidance for logging:
*Centrally view all current web access server logs.
*Search and filter web and application logs in near-real time.
A DevOps Engineer just joined a new company that is already running workloads on Amazon EC2 instances. AWS has been adopted incrementally with no central governance. The Engineer must now assess how well the existing deployments comply with the following requirements:
*EC2 instances are running only approved AMIs.
*Amazon EBS volumes are encrypted.
*EC2 instances have an Owner tag.
*Root login over SSH is disabled on EC2 instances.
Which services should the Engineer use to perform this assessment with the LEAST amount of effort? (Select TWO.)
Free Practice Mock Questions Set 56-60 (Quiz # 12) for Amazon DOP-C01 Exam, according to official Amazon AWS Certified DevOps Engineer - Professional exam syllabus topic # 2