Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Deployment, Provisioning, and Automation practice sets

SOA-C02 Deployment, Provisioning, and Automation • Complete Question Bank

SOA-C02 Deployment, Provisioning, and Automation — All Questions With Answers

Complete SOA-C02 Deployment, Provisioning, and Automation question bank — all 0 questions with answers and detailed explanations.

277
Questions
Free
No signup
Certifications/SOA-C02/Practice Test/Deployment, Provisioning, and Automation/All Questions
Question 1hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A team uses AWS CodeDeploy with a deployment configuration of CodeDeployDefault.OneAtATime to deploy a web application to an Auto Scaling group. Instances are behind an Application Load Balancer. The deployment fails with 'The overall deployment failed because too many individual instances failed deployment.' What is the most likely cause?

Question 2easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A development team uses AWS CloudFormation to deploy infrastructure. They want to update a stack but first need to review how the changes will impact existing resources before applying them. Which CloudFormation feature should they use?

Question 3mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy a new version of an application to EC2 instances in an Auto Scaling group behind an Application Load Balancer. The company requires zero downtime during the deployment. Which deployment configuration should be used?

Question 4easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a three-tier web application. The SysOps administrator wants to update a critical parameter, such as the instance type, and ensure that the change is applied without recreating the EC2 instance, if possible. Which CloudFormation stack update feature should be used to achieve this?

Question 5hardmultiple choice
Read the full NAT/PAT explanation →

A company uses AWS CodeDeploy to deploy an application to an Auto Scaling group. The deployment strategy is set to CodeDeployDefault.HalfAtATime. The lifecycle hooks for the Auto Scaling group include a test hook that runs during instance launch. During a recent deployment, the deployment failed because the new instances failed the test hook and were not marked as healthy. The SysOps administrator needs to ensure that failed instances are automatically terminated and replaced with new ones from the Auto Scaling group. Which configuration change should the administrator make?

Question 6easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a web application. The template currently hard-codes the EC2 instance type (e.g., t3.medium). The SysOps administrator wants to make the instance type configurable so that different environments (dev, test, prod) can use different instance types without modifying the template each time. Which CloudFormation feature enables this?

Question 7easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CodeDeploy to deploy a new version of an application to an Auto Scaling group. The deployment uses the 'CodeDeployDefault.OneAtATime' deployment configuration. During the deployment, the first instance succeeds, but subsequent instances fail because the new application version has a bug that causes the application health check to fail. The administrator wants to immediately roll back the change and restore the previous working version on all instances. Which action should the administrator take?

Question 8mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to automate the deployment of a web application. The pipeline consists of a source stage (AWS CodeCommit) and a deploy stage (AWS CodeDeploy) that deploys to an Auto Scaling group. The SysOps administrator needs to add a stage to run automated unit tests before the deployment proceeds. The tests must be executed in an isolated environment, and if they fail, the pipeline must stop and notify the development team. Which action should the administrator take?

Question 9easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CloudFormation to manage a stack that includes an Amazon EC2 instance. The administrator wants to update the instance type from t3.medium to t3.large without recreating the instance. The instance type change is supported as a simple update in CloudFormation. Which stack update method should the administrator use to apply this change with the least disruption?

Question 10mediummultiple choice
Read the full NAT/PAT explanation →

A company uses AWS Systems Manager Patch Manager to automate patching of Amazon EC2 instances. The SysOps administrator needs to configure a maintenance window that will patch instances on the second Tuesday of every month at 2:00 AM. The administrator wants to ensure that patches are automatically applied but reboots are only performed if required. Which combination of configurations should the administrator use?

Question 11mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a three-tier web application. The template includes an Amazon RDS DB instance. The SysOps administrator needs to ensure that the database password is not exposed in the template or in the stack outputs. The password should be stored securely and rotated automatically every 90 days. Which solution should the administrator use?

Question 12mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to deploy a web application. The pipeline has a source stage (Amazon S3) and a deploy stage (AWS Elastic Beanstalk). The SysOps administrator needs to add a manual approval step before the deployment proceeds to the production environment. Which action should the administrator take?

Question 13mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Organizations with multiple member accounts. The SysOps administrator needs to deploy a common AWS CloudFormation template that creates an IAM role across all member accounts in the organization. Which AWS service should be used to deploy this template across accounts?

Question 14mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CloudFormation to deploy infrastructure. The administrator has a template that creates an Amazon EC2 instance and an Amazon RDS DB instance. The administrator needs to reuse the same template for development, test, and production environments, where the only differences are the EC2 instance type and the RDS DB instance class. Which CloudFormation feature should be used to define these environment-specific values?

Question 15easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy applications to Amazon EC2 instances. The SysOps administrator wants to deploy a new version of the application by first shifting 10% of traffic to the new version, monitoring for errors, and then after manual approval, shifting the remaining 90%. Which deployment configuration should be used?

Question 16easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CloudFormation to deploy a three-tier application. The administrator has a single template that can be used for development, test, and production environments. The only differences between environments are the EC2 instance type and the RDS DB instance class. Which CloudFormation feature should the administrator use to define these environment-specific values without duplicating the template?

Question 17mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy infrastructure. The SysOps administrator has a template that creates an Amazon EC2 instance and an Amazon RDS DB instance. The administrator needs to reuse the same template for development, test, and production environments, where the only differences are the EC2 instance type and the RDS DB instance class. Which CloudFormation feature should be used to define these environment-specific values?

Question 18hardmultiple choice
Read the full NAT/PAT explanation →

A SysOps administrator uses AWS CloudFormation to deploy infrastructure. The admin has a template that creates an EC2 instance with a custom software stack. The software stack must be installed and configured using PowerShell scripts. The admin wants to minimize operational overhead by automating the creation of an AMI that includes the software stack, and the AMI should be rebuilt on a weekly basis to include the latest security patches. Which combination of AWS services should be used?

Question 19mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy a new version of a web application to a fleet of Amazon EC2 instances. The SysOps administrator wants to shift 10% of traffic to the new version first, monitor for errors, and then after manual approval, deploy to the remaining 90%. Which CodeDeploy deployment configuration should be used?

Question 20mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a multi-tier application. The template uses nested stacks. One of the nested stacks creates an Auto Scaling group. The administrator wants to update the Auto Scaling group's launch configuration to use a new AMI ID. The AMI ID is stored in AWS Systems Manager Parameter Store. The administrator wants to ensure that the stack update automatically uses the latest AMI ID value from Parameter Store. What should the administrator do?

Question 21easymultiple choice
Read the full NAT/PAT explanation →

A SysOps administrator needs to automatically deploy a new version of an application to a fleet of Amazon EC2 instances every time changes are pushed to the main branch of a code repository hosted on AWS CodeCommit. Which combination of AWS services should be used?

Question 22easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CloudFormation to deploy infrastructure. The administrator needs to store and reference sensitive data such as database passwords in the stack without hardcoding them in the template. Which CloudFormation feature should be used?

Question 23mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator deploys a web application using AWS Elastic Beanstalk. The administrator wants to deploy a new application version with zero downtime and minimize the risk of failure by launching a completely new set of instances before swapping traffic. Which deployment policy should the administrator choose?

Question 24mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company has multiple AWS accounts managed under AWS Organizations. The SysOps administrator needs to deploy a common AWS CloudFormation template to all accounts in a specific organizational unit (OU), ensuring consistent security group configurations across the organization. Which AWS service should the administrator use to perform this deployment?

Question 25mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to deploy a web application. The pipeline includes a stage that runs a database migration script. The SysOps administrator wants to ensure that if the migration script fails, the entire pipeline stops and the previous version of the application remains deployed. Which pipeline stage configuration should be used to achieve this behavior?

Question 26easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CodeDeploy to deploy applications to Amazon EC2 instances. The administrator wants to ensure that during deployment, traffic is shifted from the original instances to the new instances incrementally in 10-minute intervals. The deployment should automatically roll back if any health check fails. Which deployment configuration should the administrator choose?

Question 27easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator maintains an AWS CloudFormation stack for a web application. The administrator needs to update the stack to change the instance type of an Amazon EC2 instance. The administrator wants to review the changes before applying them and ensure that any updates that would replace the instance are clearly identified. Which CloudFormation feature should the administrator use?

Question 28mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk for a Java web application. The SysOps administrator needs to deploy a new version of the application with zero downtime and minimize the risk of failure. The administrator wants to deploy the new version to a completely new set of instances, test them, and then swap the environment's CNAME to point to the new instances. Which deployment policy should the administrator choose?

Question 29mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is updating an AWS CloudFormation stack that contains an Amazon RDS DB instance. The administrator wants to prevent accidental replacement of the database during the update. Which CloudFormation feature should be used?

Question 30easymultiple choice
Review the full routing breakdown →

A SysOps administrator needs to deploy a new version of a web application to Amazon EC2 instances using AWS Elastic Beanstalk. The administrator wants to deploy the new version with zero downtime and validate the new version before routing production traffic to it. Which deployment policy should be used?

Question 31mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company manages multiple AWS accounts under AWS Organizations. The SysOps administrator needs to deploy a baseline set of AWS Config rules and an Amazon SNS topic to each account in the organization. The deployment must be centrally managed from the management account and automatically applied to any new member account added in the future. Which solution should the administrator use?

Question 32easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator maintains an AWS CloudFormation stack that deploys an Amazon EC2 instance. The administrator needs to change the instance type from t2.micro to t3.micro. The administrator wants to review the proposed changes before applying them to ensure no unexpected resource replacement occurs. Which CloudFormation feature should the administrator use?

Question 33easymultiple choice
Read the full NAT/PAT explanation →

A SysOps administrator wants to deploy a new version of an application to an existing Auto Scaling group of Amazon EC2 instances. The deployment must minimize disruption by launching new instances, performing health checks, and shifting traffic to the new instances before terminating the old ones. Which AWS CodeDeploy deployment configuration should the administrator choose?

Question 34mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CloudFormation to manage a stack that includes an Amazon RDS DB instance. The administrator needs to update the stack by changing a parameter that, if applied directly, would replace the database. The administrator wants to prevent accidental replacement during the update. Which CloudFormation feature should the administrator use?

Question 35hardmultiple choice
Review the full routing breakdown →

A SysOps administrator needs to deploy a new version of a web application using AWS Elastic Beanstalk. The deployment must achieve zero downtime and allow the administrator to validate the new version by running tests before routing production traffic to it. Which deployment policy should the administrator choose?

Question 36easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is creating an AWS CloudFormation template to deploy a web server. The template must define an Amazon EC2 instance, a security group, and an Elastic IP. In which section of the template should these resources be declared?

Question 37mediummultiple choice
Read the full NAT/PAT explanation →

A SysOps administrator manages a fleet of Amazon EC2 instances that run critical software. The administrator needs to automatically apply security patches every Tuesday at 2 AM. The instances are part of an Auto Scaling group and must be patched without downtime. Which AWS Systems Manager feature should be used?

Question 38mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator manages a CloudFormation stack that deploys a web application. The stack includes an Amazon EC2 instance and an Amazon RDS DB instance. The administrator needs to update the stack to change the EC2 instance type. The administrator wants to ensure that the update does not accidentally replace the RDS database. Which CloudFormation feature should the administrator use to protect the RDS resource from being replaced during the stack update?

Question 39easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator wants to automate the creation of an AWS Lambda function and its associated IAM role using infrastructure as code. Which AWS service should be used?

Question 40easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a set of AWS Lambda functions and an Amazon API Gateway API using infrastructure as code. The administrator wants to manage the deployment across multiple environments (dev, test, prod) with consistent resource configurations. Which AWS service should the administrator use?

Question 41mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is using AWS CloudFormation to deploy a stack that includes an Amazon EC2 instance and an Amazon RDS DB instance. The administrator needs to ensure that updates to the stack do not accidentally replace the RDS instance if the RDS configuration is changed in a way that would require replacement. Which CloudFormation attribute should be added to the RDS resource?

Question 42mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy a web application to a fleet of Amazon EC2 instances. The SysOps administrator needs to implement a deployment strategy that ensures zero downtime by creating a new set of instances alongside the current ones, then gradually shifting traffic to the new instances after they pass health checks. If a problem is detected, traffic can be instantly redirected back to the original instances. Which deployment configuration should the administrator use?

Question 43mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CloudFormation to deploy a stack that includes an Amazon EC2 instance and a security group. The administrator wants to ensure that when the stack is updated, the security group is not accidentally replaced if its properties change. The administrator wants to receive a failure if an update would require replacement of the security group. Which CloudFormation feature should the administrator use?

Question 44easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a web application stack consisting of an Amazon EC2 instance, an Amazon RDS database, and an Application Load Balancer. The administrator wants to define the infrastructure as code and version control it. Which AWS service should the administrator use?

Question 45mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy the same AWS CloudFormation template across multiple AWS accounts and Regions in a single operation. The administrator wants to manage the deployment from a single management account. Which AWS service should the administrator use?

Question 46mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS CloudFormation to deploy a stack that includes an Amazon EC2 instance. The administrator wants to ensure that if the stack is updated, the EC2 instance is not accidentally replaced if its properties change. The administrator wants the stack update to fail when a property change would require replacement. Which CloudFormation feature should the administrator use?

Question 47hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A CloudFormation stack update fails and enters UPDATE_ROLLBACK_FAILED. Which two actions are appropriate next steps? (Choose 2.)

Question 48mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy an application to Amazon EC2 instances. The SysOps administrator wants to implement a deployment strategy that minimizes risk by deploying the new version to a small number of instances first, verifying that the deployment is successful, and then deploying to the remaining instances. If the initial deployment fails, the process should stop and roll back. Which CodeDeploy deployment configuration should be used?

Question 49easymultiple choice
Read the full NAT/PAT explanation →

A company runs 200 EC2 Linux instances across three accounts. The security team requires that critical OS patches are applied automatically every Sunday at 2 AM UTC. Currently patches are applied manually and inconsistently. What is the recommended AWS-native solution?

Question 50mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

Operators have been making direct changes to AWS resources (security group rules, IAM policy modifications) that were originally created by CloudFormation stacks. The team wants to identify which stacks and specific resources have drifted from their template definitions. What is the correct tool and operation sequence?

Question 51mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A security policy prohibits opening SSH port 22 on any EC2 instance. The operations team needs to run a shell script on 150 Linux instances to collect configuration inventory data. The script output must be captured for review. How should the team execute the script?

Question 52hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A CloudFormation stack manages an RDS database, an S3 bucket, and several Lambda functions. During a recent stack update, a property change caused CloudFormation to replace the RDS instance, deleting the database and re-creating it — resulting in data loss. The team wants to prevent any future stack update from replacing or deleting the RDS instance without an explicit override. What CloudFormation feature accomplishes this?

Question 53hardmultiple choice
Review the full routing breakdown →

A containerized API runs on Amazon ECS with an Application Load Balancer. The team wants to deploy new container versions with zero downtime, automatically route traffic to the new version only after health checks pass, and automatically roll back if error rates spike within 10 minutes of the shift. Which deployment strategy and configuration implements all three requirements?

Question 54mediumdrag order
Read the full Deployment, Provisioning, and Automation explanation →

Drag and drop the steps to restore an Amazon RDS DB instance from a snapshot into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 55mediumdrag order
Read the full Deployment, Provisioning, and Automation explanation →

Drag and drop the steps to troubleshoot high CPU usage on an Amazon EC2 instance into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 56mediummatching
Read the full Deployment, Provisioning, and Automation explanation →

Match each AWS networking concept to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Isolated virtual network

IP address range within a VPC

Set of rules for traffic routing

Stateful instance-level firewall

Stateless subnet-level firewall

Question 57mediummatching
Read the full Deployment, Provisioning, and Automation explanation →

Match each AWS support plan to its key feature.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Account and billing support only

Business hours email access

24/7 phone, chat, and email; <1 hour response

Concierge support team; <30 min response

Technical Account Manager; <15 min response

Question 58easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A DevOps engineer wants to automate the creation of an Amazon EC2 instance with a specific security group and IAM role. Which AWS service should be used to define the infrastructure as code?

Question 59mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to manage its infrastructure. A stack update fails because a change set includes a modification to an RDS database that triggers a replacement. The engineer needs to allow updates that may cause a replacement but wants to be warned first. What should the engineer do?

Question 60hardmultiple choice
Read the full NAT/PAT explanation →

A SysOps administrator is troubleshooting a failed Auto Scaling group launch. The group uses a launch template that specifies an Amazon Linux 2 AMI. The instances fail to pass the EC2 health check and are terminated. The administrator checks the system log and finds that the instance boots but the cloud-init script fails due to a missing package repository. What is the most likely cause?

Question 61easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company wants to deploy a new version of a web application to an Auto Scaling group of EC2 instances behind an Application Load Balancer. The deployment should be automated and must not cause downtime. Which AWS service should be used?

Question 62mediummultiple choice
Read the full NAT/PAT explanation →

A company uses AWS Systems Manager to manage a fleet of EC2 instances. The Security Team requires that all instances have a specific security patch installed. A SysOps administrator needs to verify compliance across all instances. What is the MOST efficient way to accomplish this?

Question 63hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS Elastic Beanstalk to deploy a web application. The application uses a custom Amazon Machine Image (AMI) that must be updated periodically. The SysOps administrator creates a new AMI and updates the Elastic Beanstalk environment's configuration. However, new instances are still launched with the old AMI. What is the most likely cause?

Question 64easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy an application to a set of EC2 instances in an Auto Scaling group. The deployment must be performed in batches, with each batch health-checked before proceeding. Which AWS CodeDeploy deployment configuration should be used?

Question 65mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to deploy a stack that includes an Amazon RDS DB instance. The database password is stored in AWS Secrets Manager. The CloudFormation template references the secret using a dynamic reference. However, the stack creation fails with an error that the secret cannot be retrieved. What is the most likely cause?

Question 66hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company has a mission-critical application running on EC2 instances in an Auto Scaling group. The application stores state locally on the instance. The company wants to update the application to a new version with minimal downtime. The update requires a change to the instance configuration. What deployment strategy should be used?

Question 67easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is creating a CloudFormation template to provision an Amazon S3 bucket with versioning enabled and server access logging. Which TWO properties must be configured in the AWS::S3::Bucket resource?

Question 68mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodeDeploy to deploy an application to an Auto Scaling group. The deployment fails because the instances do not have the CodeDeploy agent installed. Which THREE actions are required to resolve this issue?

Question 69hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a slow deployment with AWS CloudFormation. The stack update is taking a long time because it is waiting for a resource to be created. Which TWO CloudFormation features can help speed up the deployment?

Question 70easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is deploying a new version of an application using AWS CodeDeploy. The deployment to an Auto Scaling group fails, and the instances are rolled back. What is the most likely reason for the failure?

Question 71mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to manage infrastructure. A developer accidentally deletes a resource from the stack template, and the next stack update attempts to delete the resource. The SysOps administrator wants to prevent accidental deletion of critical resources. Which CloudFormation feature should be used?

Question 72hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization uses AWS OpsWorks for configuration management. The SysOps administrator notices that a stack's instances are not receiving the updated custom cookbooks after a new deployment. The cookbooks are stored in a private GitHub repository. What is the most likely cause?

Question 73easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is automating the deployment of an application across multiple AWS accounts using AWS CodePipeline. The pipeline must deploy to different environments (dev, test, prod) sequentially. Which deployment approach should be used?

Question 74mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS Elastic Beanstalk to deploy a web application. The application experiences high traffic during peak hours. The SysOps administrator wants to automatically scale the environment based on CPU utilization. Which configuration change is required?

Question 75hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization uses AWS Systems Manager to manage a fleet of EC2 instances. The SysOps administrator needs to run a script on all instances that have a specific tag (Environment: Production). The script must be executed immediately and only once. Which approach should be used?

Question 76easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is deploying a serverless application using AWS SAM. The SysOps administrator wants to automate the build and deployment process whenever code is pushed to the main branch of an AWS CodeCommit repository. Which service should be used to trigger the pipeline?

Question 77mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a failed AWS CloudFormation stack creation. The error message indicates that an IAM role creation failed because the role already exists. The administrator wants to ensure the stack creation can proceed without manual intervention. What should the administrator do?

Question 78hardmultiple choice
Read the full NAT/PAT explanation →

An organization is using AWS CodeDeploy with a blue/green deployment configuration for an EC2/On-Premises compute platform. During a deployment, the new instances pass all health checks, but the old instances are not terminated after the deployment completes. What is the most likely cause?

Question 79mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is designing an automated deployment pipeline using AWS CodePipeline. The pipeline must include a manual approval step before deploying to production. Which TWO actions are required to implement this?

Question 80hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a three-tier web application. The template includes an EC2 instance, an RDS database, and an Application Load Balancer. The SysOps administrator wants to ensure that the database is not replaced during an update if the administrator accidentally changes a property that requires replacement. Which THREE actions should the administrator take?

Question 81easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is implementing an automated backup solution for Amazon RDS databases. The solution must support point-in-time recovery and cross-region disaster recovery. Which TWO AWS services or features should be used?

Question 82mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

Refer to the exhibit. A SysOps administrator creates this IAM policy and attaches it to an IAM role used by an application. The application needs to upload objects to a subfolder named 'uploads/' in the bucket 'my-bucket'. The uploads fail with an access denied error. What is the most likely cause?

Exhibit

Refer to the exhibit.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:PutObject",
        "s3:DeleteObject"
      ],
      "Resource": "arn:aws:s3:::my-bucket/*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket"
      ],
      "Resource": "arn:aws:s3:::my-bucket"
    }
  ]
}
Question 83hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

Refer to the exhibit. A SysOps administrator creates this CloudFormation template. The stack creation fails with the error: 'The security group 'default' does not exist'. What is the most likely cause?

Exhibit

Refer to the exhibit.

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "MyEC2Instance": {
      "Type": "AWS::EC2::Instance",
      "Properties": {
        "ImageId": "ami-0abcdef1234567890",
        "InstanceType": "t2.micro",
        "SecurityGroups": [ "default" ]
      }
    },
    "MyElasticIP": {
      "Type": "AWS::EC2::EIP",
      "Properties": {
        "InstanceId": { "Ref": "MyEC2Instance" }
      }
    }
  }
}
Question 84mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

Refer to the exhibit. A SysOps administrator ran the describe-stack-events command for a CloudFormation stack named 'my-stack'. The stack creation failed with 'Resource creation cancelled'. What is the most likely reason?

Network Topology
aws cloudformation describe-stack-eventsstack-name my-stackRefer to the exhibit.Output from AWS CLI:"StackEvents": ["StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-stack/abcd1234-ef56-7890-abcd-ef1234567890","EventId": "Event-1","StackName": "my-stack","LogicalResourceId": "my-stack","PhysicalResourceId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-stack/abcd1234-ef56-7890-abcd-ef1234567890","ResourceType": "AWS::CloudFormation::Stack","Timestamp": "2023-01-01T00:00:00.000Z","ResourceStatus": "CREATE_FAILED","ResourceStatusReason": "Resource creation cancelled"},"EventId": "Event-2","LogicalResourceId": "MyNestedStack","PhysicalResourceId": "arn:aws:cloudformation:us-east-1:123456789012:stack/MyNestedStack/ef123456-7890-abcd-ef12-345678901234","ResourceStatus": "CREATE_IN_PROGRESS"
Question 85easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy EC2 instances. The stack creation fails with the error 'Resource creation cancelled' after 20 minutes. What is the most likely cause?

Question 86mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a new version of a Lambda function while minimizing downtime. The function is behind an API Gateway endpoint. What is the MOST effective approach?

Question 87hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. During a deployment, the environment's health turns from Green to Red, and the deployment fails. The logs show 'ERROR: Failed to download the application version from Amazon S3.' What is the MOST likely cause?

Question 88easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator wants to automate the creation of an Amazon RDS MySQL instance using AWS CloudFormation. Which CloudFormation resource type should be used?

Question 89mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization uses AWS OpsWorks to manage a stack of application servers. The stack uses a custom cookbook that is stored in a private GitHub repository. When deploying new instances, the cookbook download fails. What should the administrator do to resolve this?

Question 90hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is using AWS CodeDeploy to deploy an application to an Auto Scaling group. The deployment fails with the error 'The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems.' The deployment group has a minimum of 2 healthy instances. What should the administrator check FIRST?

Question 91easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to manage infrastructure. The administrator wants to update a stack that contains an RDS DB instance. The update requires replacing the DB instance. What should the administrator do to minimize downtime?

Question 92mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An administrator is using AWS CodePipeline to deploy a web application. The pipeline includes a build stage using AWS CodeBuild and a deploy stage using AWS Elastic Beanstalk. The build succeeds, but the deployment fails with 'Access Denied' when Elastic Beanstalk tries to read the artifact from S3. What should the administrator check?

Question 93hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a failed AWS CloudFormation stack creation. The stack includes an AWS::Lambda::Function resource that depends on an AWS::IAM::Role. The error message is 'Resource handler returned message: "The role defined for the function cannot be assumed by Lambda" (Service: Lambda, Status Code: 400).' What is the most likely cause?

Question 94easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

Which TWO options are best practices for automating deployments using AWS CodeDeploy? (Choose two.)

Question 95mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

Which THREE steps are required to deploy a serverless application using AWS CloudFormation? (Choose three.)

Question 96hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

Which TWO actions should a SysOps administrator take to automate the deployment of a multi-tier application with AWS CloudFormation? (Choose two.)

Question 97mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An administrator attempts to deploy an application using AWS CodeDeploy. The deployment fails with 'Access Denied' when trying to download the revision from the S3 bucket 'example-bucket'. The IAM policy attached to the instance profile is shown in the exhibit. What is the cause of the failure?

Exhibit

Refer to the exhibit.
```json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:ListBucket",
      "Resource": "arn:aws:s3:::example-bucket"
    },
    {
      "Effect": "Allow",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::example-bucket/*"
    }
  ]
}
```
Question 98hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A CloudFormation stack creation failed. The administrator runs the command shown in the exhibit. What is the most likely reason for the failure?

Network Topology
$ aws cloudformation describe-stack-eventsstack-name my-stackRefer to the exhibit.```"StackEvents": ["StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-stack/...","EventId": "...","StackName": "my-stack","LogicalResourceId": "MyEC2Instance","PhysicalResourceId": "i-0abcd1234efgh5678","ResourceType": "AWS::EC2::Instance","Timestamp": "2023-01-15T10:00:00.000Z","ResourceStatus": "CREATE_FAILED","ResourceProperties": "{\"ImageId\":\"ami-0abcdef1234567890\",\"InstanceType\":\"t2.micro\"}",
Question 99easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An administrator deploys a CloudFormation template that includes the snippet shown in the exhibit. Later, the administrator deletes the stack. What happens to the S3 bucket?

Exhibit

Refer to the exhibit.
```
Resources:
  MyBucket:
    Type: AWS::S3::Bucket
    DeletionPolicy: Retain
```
Question 100mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to deploy a multi-tier web application. After updating the stack template, the update fails with a stack creation rollback in progress error. The SysOps administrator needs to identify the specific resource that caused the failure. What is the MOST efficient way to accomplish this?

Question 101hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization is using OpsWorks to manage a stack of application servers. They need to automatically scale out based on CPU utilization. Which configuration should the SysOps administrator use to achieve this?

Question 102easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy an application to a fleet of EC2 instances in an Auto Scaling group. The application code is stored in an S3 bucket. The administrator wants to automate the deployment so that new instances automatically download the latest code on launch. Which approach should the administrator use?

Question 103mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using Elastic Beanstalk to deploy a web application. Recently, a deployment failed due to a missing environment variable. The administrator fixed the configuration and wants to redeploy the same application version without rebuilding the source bundle. What is the MOST efficient way to redeploy?

Question 104hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a CloudFormation stack that failed to create. The stack includes an Amazon RDS DB instance. The error message indicates that the DB instance name already exists. The stack uses a parameter for the DB instance identifier. What should the administrator do to resolve this issue and create the stack?

Question 105easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a CloudFormation stack across multiple AWS accounts in an organization using AWS Organizations. The administrator wants to use a single template and a single deployment operation. Which AWS service should be used to centrally manage the deployment?

Question 106mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using Lambda functions to process data from an S3 bucket. The SysOps administrator needs to update the Lambda function code with a new version. The administrator wants to ensure that during the deployment, any in-flight requests are completed with the old code, and new requests use the new code. Which deployment strategy should the administrator use?

Question 107hardmultiple choice
Review the full routing breakdown →

A company is using AWS Elastic Beanstalk with a Blue/Green deployment strategy. After deploying a new version to the green environment and verifying it, the administrator wants to swap the CNAMEs to route production traffic to the green environment. However, the swap operation fails due to a CNAME already in use error. What is the MOST likely cause?

Question 108easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a new application version to an Auto Scaling group without causing any downtime. The application runs on EC2 instances behind an Application Load Balancer. Which deployment method should the administrator use?

Question 109mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to automate the provisioning of AWS resources using infrastructure as code. The administrator wants to ensure that the code is version-controlled and that changes are reviewed before deployment. Which TWO AWS services should the administrator use together to achieve this? (Choose TWO.)

Question 110hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is deploying a microservices application on AWS using Amazon ECS with Fargate launch type. The SysOps administrator needs to automate the deployment process so that when a new Docker image is pushed to Amazon ECR, the ECS service is updated with the new image. Which THREE AWS services should be used together to achieve this? (Choose THREE.)

Question 111easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is planning to deploy a web application using AWS Elastic Beanstalk. The application requires high availability across multiple Availability Zones. The administrator needs to configure the environment to automatically replace a failed instance. Which TWO configuration options should the administrator enable? (Choose TWO.)

Question 112hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is investigating a failed CloudFormation stack creation. The describe-stack-events output shows that the stack creation failed with the reason 'Resource creation cancelled'. What is the most likely cause of this failure?

Network Topology
$ aws cloudformation describe-stack-eventsstack-name my-stackRefer to the exhibit.```"StackEvents": ["StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-stack/1a2b3c4d-5e6f-7a8b-9c0d-1e2f3a4b5c6d","EventId": "e1","StackName": "my-stack","LogicalResourceId": "my-stack","PhysicalResourceId": null,"ResourceType": "AWS::CloudFormation::Stack","Timestamp": "2023-01-01T00:00:00.000Z","ResourceStatus": "CREATE_FAILED","ResourceStatusReason": "Resource creation cancelled","ResourceProperties": "{}"},"EventId": "e2","LogicalResourceId": "WaitCondition","ResourceType": "AWS::CloudFormation::WaitCondition",
Question 113mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is creating a CloudFormation stack that requires an IAM role to be passed to EC2 instances. The administrator is using the IAM policy shown in the exhibit. The stack creation fails with an error indicating insufficient permissions to pass the role. What is the most likely cause?

Exhibit

Refer to the exhibit.

```
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "cloudformation:*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "ec2:Create*",
                "ec2:RunInstances",
                "ec2:TerminateInstances"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "iam:PassRole"
            ],
            "Resource": "arn:aws:iam::123456789012:role/Admin"
        }
    ]
}
```
Question 114easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator wants to deploy a new version of an application to an existing Elastic Beanstalk environment. The administrator runs the command shown in the exhibit and sees that the environment is healthy. What should the administrator do next to deploy the new version?

Network Topology
$ aws elasticbeanstalk describe-environmentsenvironment-names my-envRefer to the exhibit.```"Environments": ["EnvironmentName": "my-env","EnvironmentId": "e-abc123","ApplicationName": "my-app","VersionLabel": "v1.0","Status": "Ready","Health": "Green","CNAME": "my-env.us-east-1.elasticbeanstalk.com"
Question 115easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to deploy a web application. The stack creation fails with the error 'CREATE_FAILED - Resource handler returned message: 'Invalid instance type specified'. The template uses a parameter for InstanceType. What is the most likely cause of this failure?

Question 116easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to automate the creation of an Amazon RDS for MySQL database instance. The administrator wants to use AWS CloudFormation and ensure that the database password is not stored in plaintext in the template. Which solution meets these requirements?

Question 117mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a failed AWS Elastic Beanstalk environment update. The update changed the configuration of the EC2 instances in the Auto Scaling group, but the new instances fail to launch. The administrator checks the Auto Scaling group's scaling activities and sees a 'Failed' status with the message: 'Instance failed to reach the desired state.' What should the administrator check next?

Question 118mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks for configuration management. The SysOps administrator needs to deploy a new application version to existing EC2 instances managed by OpsWorks. Which OpsWorks lifecycle event should the administrator trigger to install the new application?

Question 119hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is deploying a critical application using AWS CloudFormation. The deployment must be resilient to failures and ensure that resources are created in a specific order. The template defines a stack that includes an Amazon RDS database and an Auto Scaling group. The Auto Scaling group depends on the database being available. Which CloudFormation feature should the SysOps administrator use to ensure the database is fully created and available before the Auto Scaling group is created?

Question 120easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator wants to deploy a serverless application using AWS Lambda functions, Amazon API Gateway, and Amazon DynamoDB. The deployment must be automated and repeatable. Which AWS service should the administrator use to define and manage this infrastructure as code?

Question 121mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodeDeploy to deploy an application to an Auto Scaling group. The deployment fails with the error 'The overall deployment failed because too many individual instances failed deployment'. The SysOps administrator checks the deployment logs and finds that the BeforeInstall lifecycle event script is failing on some instances. The instances are Amazon Linux 2. What should the administrator do to troubleshoot this issue?

Question 122hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company has a CloudFormation stack that creates an Amazon EC2 instance with a user data script that installs software from the internet. The stack creation is failing with a timeout. The SysOps administrator suspects that the user data script is taking too long or failing. How can the administrator configure the stack to wait for the user data script to complete successfully before marking the instance as CREATE_COMPLETE?

Question 123easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a new version of an application that runs on Amazon EC2 instances in an Auto Scaling group. The deployment should minimize downtime and roll back automatically if health checks fail. Which deployment method should the administrator use?

Question 124mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is creating an AWS CloudFormation template to deploy a web application. The template will create an Application Load Balancer (ALB), an Auto Scaling group, and an Amazon RDS database. The administrator wants to ensure that the Auto Scaling group is created only after the ALB and the RDS database are fully created and available. Which TWO actions should the administrator take? (Choose two.)

Question 125hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS Elastic Beanstalk to manage a web application. The SysOps administrator needs to update the application to a new version with zero downtime. Which THREE steps should the administrator take to achieve this? (Choose three.)

Question 126mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to manage its infrastructure. The SysOps administrator wants to update a stack that includes an Amazon RDS database. The administrator needs to modify the DB instance class but wants to avoid downtime. Which TWO options should the administrator consider? (Choose two.)

Question 127easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company wants to automatically start and stop an EC2 instance on a schedule to reduce costs. The instance runs a critical application that must be available from 8 AM to 6 PM weekdays. Which AWS service should be used to implement this scheduling?

Question 128mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A DevOps engineer is troubleshooting a failed CloudFormation stack update. The stack includes an Auto Scaling group with a launch template. The update changed the AMI ID in the launch template, but the new instances launched with the old AMI. What is the most likely cause?

Question 129hardmulti select
Read the full NAT/PAT explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. The application requires a custom Amazon Linux 2 AMI with specific security agents installed. The company wants to ensure that all environment instances use this custom AMI. Which combination of steps should be taken? (Choose two.)

Question 130easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company needs to deploy a new version of a Lambda function. The deployment must be gradual, shifting 10% of traffic to the new version every 10 minutes until all traffic is served by the new version. If errors occur, the deployment should roll back immediately. Which deployment strategy should be used?

Question 131mediummultiple choice
Review the full subnetting walkthrough →

A company uses AWS CloudFormation to manage infrastructure. They have a stack that creates an Amazon RDS DB instance. The database is in a VPC with public and private subnets. The DB instance is in a private subnet. When the stack is created, the DB instance is not accessible from an EC2 instance in the same VPC. What is the most likely cause?

Question 132easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks to manage a stack of web servers. They need to deploy a configuration change that updates the /etc/nginx/nginx.conf file on all instances. Which OpsWorks feature should be used?

Question 133mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An administrator uses AWS CodeDeploy to deploy an application to an Auto Scaling group. The deployment fails with an error: "The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems." The deployment group has a minimum of 2 instances. What should the administrator check first?

Question 134easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a stack that includes an Amazon S3 bucket. The stack creation fails because the S3 bucket name already exists. What should the administrator do to resolve this issue?

Question 135mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. The application uses an Amazon RDS database. The company wants to ensure that database credentials are not hard-coded in the application code. Which approach should be used?

Question 136mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodePipeline to automate their CI/CD pipeline. The pipeline includes a deployment stage that uses AWS CloudFormation to deploy infrastructure. The company wants to add a manual approval step before the CloudFormation deployment. How should this be configured?

Question 137hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation with nested stacks. The parent stack creates a child stack that launches an Auto Scaling group. The child stack fails to create, and the parent stack rolls back. The administrator wants to debug the child stack. What is the most efficient way to view the child stack's events?

Question 138mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodeDeploy to deploy a new version of an application to an Amazon ECS service. The deployment must be gradual to minimize impact. Which deployment type should be used?

Question 139mediummulti select
Read the full NAT/PAT explanation →

A company wants to use AWS Elastic Beanstalk to deploy a web application. The application requires a custom Amazon Linux 2 AMI with specific security agents installed. The company wants to ensure that all environment instances use this custom AMI. Which combination of steps should be taken? (Choose three.)

Question 140easymultiple choice
Read the full NAT/PAT explanation →

A company uses AWS Systems Manager to automate patching of EC2 instances. The instances are in an Auto Scaling group. The company wants to ensure that patching does not affect application availability. Which feature should be used?

Question 141hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodePipeline with a multi-branch strategy. They have a pipeline that deploys to a development environment. They want to create a new pipeline for a production environment that only deploys when code is merged to the 'main' branch. What is the most efficient way to set up the production pipeline?

Question 142easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company needs to deploy a new version of an application to an Auto Scaling group. The deployment must ensure that the new version is deployed to all instances, and if any instance fails, the deployment should roll back. Which deployment strategy should be used?

Question 143mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to manage infrastructure. They have a stack that creates an EC2 instance and an Elastic IP. The instance is in a VPC with an internet gateway. The stack creation succeeds, but the instance does not have internet connectivity. What is the most likely cause?

Question 144hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a stack that includes an Amazon RDS DB instance with Multi-AZ enabled. During a stack update, the database engine version is changed. The update fails with a rollback. What is the most likely cause?

Question 145mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeBuild to compile code and run unit tests. The build environment requires a specific version of Java that is not available in the default build images. What should the administrator do?

Question 146easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodeDeploy to deploy an application to an EC2 instances in an Auto Scaling group. The deployment fails because the instances are not reporting to CodeDeploy. What is the most likely cause?

Question 147hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a stack that includes an Amazon RDS DB instance with automated backups enabled. The stack is deleted and then recreated. The administrator wants to restore data from the backup of the original DB instance. How can this be achieved?

Question 148easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. The company wants to update the application to a new version with zero downtime. Which deployment policy should be used?

Question 149mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to automate deployments. The pipeline has a source stage that pulls code from an Amazon S3 bucket. The company wants to automatically trigger the pipeline when a new object is uploaded to the S3 bucket. How should this be configured?

Question 150mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodeDeploy to automate deployments to an Auto Scaling group of Amazon EC2 instances. The deployment fails with the error 'The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available, or some instances in your deployment group are experiencing problems.' The instances are running Amazon Linux 2 and the CodeDeploy agent is installed. Which of the following is the MOST likely cause of this failure?

Question 151hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A DevOps engineer is designing a CI/CD pipeline for a microservices application hosted on Amazon ECS with Fargate. The team wants to deploy updates to the services without downtime. The current pipeline builds a Docker image, pushes it to Amazon ECR, and updates the ECS service using AWS CodeDeploy with a blue/green deployment. However, during the deployment, the new tasks fail to start due to an incorrect environment variable. The engineer wants to validate the task definition before the actual deployment. What should the engineer do?

Question 152easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization is using AWS CloudFormation to manage its infrastructure. The SysOps administrator wants to update a stack that includes an Amazon RDS DB instance. The update requires changing the DB instance class. However, the administrator wants to minimize downtime. What should the administrator do?

Question 153mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company has a legacy application that runs on a single Amazon EC2 instance. The SysOps administrator is tasked with migrating the application to an Auto Scaling group behind an Application Load Balancer to improve availability. The application stores session state locally on the instance. What should the administrator do to ensure a seamless migration with minimal changes to the application code?

Question 154hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization is using AWS OpsWorks for Chef Automate to manage configuration of EC2 instances. The administrator notices that a new cookbook version is not being applied to existing instances in a layer. The cookbook is stored in a private Amazon S3 bucket and the instances have an instance profile that allows read access. What is the MOST likely reason for this issue?

Question 155mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is deploying a new web application using AWS Elastic Beanstalk. The application requires a custom Amazon Machine Image (AMI) with specific software pre-installed. The SysOps administrator creates a custom AMI and configures Elastic Beanstalk to use it. However, during deployment, the instances fail to pass the health check. The health check endpoint is a simple 'index.html' file. What is the MOST likely cause?

Question 156hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a CloudFormation stack creation failure. The stack is designed to create an Amazon RDS DB instance with a specific parameter group. The error message indicates that the DB instance could not be created because the parameter group does not exist. The administrator has verified that the parameter group exists in the same region and account. What is the MOST likely issue?

Question 157easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization uses AWS Service Catalog to manage approved IT services. A SysOps administrator needs to update a CloudFormation template used by a product. The administrator wants to ensure that existing provisioned products are updated with the new template version. What step must the administrator take after updating the product?

Question 158mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to automate its software release process. The pipeline includes a source stage (Amazon S3), a build stage (AWS CodeBuild), and a deploy stage (AWS CodeDeploy). Recently, a developer committed a change that broke the build. The pipeline failed and the developer fixed the code. The developer wants to rerun the pipeline from the source stage without making another commit. What should the developer do?

Question 159mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is deploying a microservices application on Amazon ECS with Fargate. The SysOps administrator needs to implement a deployment strategy that minimizes downtime and allows for automated rollbacks if the new version fails health checks. Which TWO options should the administrator choose? (Choose TWO.)

Question 160hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

An organization uses AWS CloudFormation to manage its infrastructure. The SysOps administrator is implementing a change management process that requires all stack updates to be reviewed and approved before execution. The administrator wants to use CloudFormation change sets to preview changes. Which THREE steps are necessary to implement this process? (Choose THREE.)

Question 161easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is tasked with automating the provisioning of EC2 instances that must be able to access an Amazon S3 bucket. The administrator needs to ensure that the instances have the necessary permissions without using long-term access keys. Which TWO actions should the administrator take? (Choose TWO.)

Question 162hardmultiple choice
Read the full NAT/PAT explanation →

A company runs a critical application on a fleet of EC2 instances managed by an Auto Scaling group. The application is deployed using a custom AMI that is updated monthly. The SysOps administrator uses a launch template that references the latest AMI ID via an AWS Systems Manager parameter. During a recent deployment, the administrator updated the AMI ID in the parameter, but the new instances launched by the Auto Scaling group still use the old AMI. The administrator confirms that the launch template is configured to reference the parameter. The Auto Scaling group has a desired capacity of 5, and the administrator manually terminates one instance to trigger a replacement. The new instance also uses the old AMI. What is the MOST likely cause?

Question 163mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. The environment is configured with a load balancer and an Auto Scaling group. Recently, the development team updated the application code and deployed it via Elastic Beanstalk. After the deployment, users report intermittent 503 errors. The SysOps administrator checks the environment health and sees that it is 'Severe' with many instances being replaced. The administrator notices that the new instances are being launched with the old application version. The deployment was a rolling update with a batch size of 1. What is the MOST likely cause of the issue?

Question 164easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeCommit to store its source code and AWS CodeBuild to compile and test the code. The SysOps administrator is setting up a new build project that needs to access a private Amazon S3 bucket to download build dependencies. The build project runs in a VPC. The administrator has attached an IAM role to the build project with permissions to access the S3 bucket. However, the build fails with an access denied error when trying to download the dependencies. The S3 bucket is in the same region and account. What should the administrator do to resolve the issue?

Question 165mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a web application across multiple AWS Regions for disaster recovery. The application uses Amazon RDS for MySQL and requires a secondary database in a different Region. What is the MOST cost-effective and automated solution to keep the databases synchronized?

Question 166hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to manage infrastructure. A recent stack update failed, and the SysOps administrator needs to roll back to the previous known good state. However, the stack is in UPDATE_ROLLBACK_FAILED state. What should the administrator do to recover the stack?

Question 167mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy EC2 instances across multiple environments. The operations team notices that stack updates fail when parameter values change. What is the MOST likely cause?

Question 168hardmultiple choice
Review the full subnetting walkthrough →

A SysOps administrator is automating the creation of Amazon RDS instances using AWS CloudFormation. The template includes a DBInstance resource with a DBSubnetGroupName property referencing a subnet group created in the same template. The stack creation fails with the error 'DBSubnetGroup not found'. What is the MOST likely reason?

Question 169easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks for configuration management of EC2 instances. The administrator needs to ensure that a custom recipe runs on all instances after the instance is fully configured. Which lifecycle event should the recipe be associated with?

Question 170hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS Elastic Beanstalk to deploy a web application. The application requires a custom Amazon Machine Image (AMI) that includes specific software. The administrator creates a custom AMI and configures the Elastic Beanstalk environment to use it. However, new instances launched during scaling use the default platform AMI instead. What is the MOST likely cause?

Question 171mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is tasked with automating the creation of IAM roles and policies using AWS CloudFormation. The template includes an IAM role and a managed policy. The stack creation fails with the error 'Policy arn:aws:iam::123456789012:policy/MyManagedPolicy not found'. The policy is created in the same template. What is the MOST likely solution?

Question 172easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to automate deployments to an Auto Scaling group. The deployment fails with the error 'The overall deployment failed because too many individual instances failed deployment'. The logs on a failed instance show that the 'BeforeInstall' lifecycle event script exited with a non-zero exit code. What is the MOST likely cause?

Question 173mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator uses AWS Systems Manager Run Command to install software on a fleet of EC2 instances. The command fails on some instances with the error 'Instance ID not found'. What is the MOST likely cause?

Question 174hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a multi-tier application. The template includes an AWS::RDS::DBInstance resource. The administrator wants to ensure that the database is not deleted when the stack is deleted. Which CloudFormation resource property should be set?

Question 175easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk for application deployments. The administrator needs to update the environment's configuration to use a larger instance type. Which method should be used to minimize downtime?

Question 176hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is designing an automated deployment pipeline for a web application using AWS CodePipeline. The application is deployed to an Auto Scaling group behind an Application Load Balancer. The administrator wants to ensure zero downtime during deployments. Which TWO strategies should be combined? (Choose TWO.)

Question 177mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to manage infrastructure. The administrator needs to update a stack that contains a critical Amazon RDS database. The administrator wants to prevent accidental updates to the database while allowing updates to other resources. Which TWO steps should the administrator take? (Choose TWO.)

Question 178mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is automating the creation of an Amazon ECS cluster with Fargate launch type using AWS CloudFormation. The template must define the task definition, service, and cluster. Which THREE resources are required to be in the template? (Choose THREE.)

Question 179mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is creating an IAM policy for automation. The policy is attached to an IAM role used by an automated deployment script. The script needs to launch EC2 instances of type t2.micro and describe all EC2 resources. However, the script fails when trying to launch instances. What is the MOST likely reason?

Exhibit

Refer to the exhibit.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "ec2:Describe*",
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "ec2:RunInstances",
      "Resource": "arn:aws:ec2:us-east-1:123456789012:instance/*",
      "Condition": {
        "StringEquals": {
          "ec2:InstanceType": "t2.micro"
        }
      }
    }
  ]
}
Question 180hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator updates a CloudFormation stack to change the EC2 instance type from t2.micro to t3.medium. The update fails with the error shown. What is the MOST likely cause?

Network Topology
$ aws cloudformation describe-stack-eventsstack-name my-stackRefer to the exhibit."StackEvents": ["StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-stack/abc123","EventId": "Event-1","ResourceStatus": "UPDATE_FAILED","ResourceType": "AWS::EC2::Instance","LogicalResourceId": "WebServer",
Question 181easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A CloudFormation template launches an EC2 instance with the user data script shown. The instance launches successfully but the web server does not serve PHP pages. What is the MOST likely reason?

Exhibit

Refer to the exhibit.

user_data_script:
  Fn::Base64: !Sub |
    #!/bin/bash
    yum update -y
    yum install -y httpd
    systemctl start httpd
    systemctl enable httpd
    echo "<?php phpinfo(); ?>" > /var/www/html/index.php
Question 182mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to deploy a web application. The stack creation fails with the error 'Resource creation cancelled' for an EC2 instance. The instance type is t3.micro, and the AMI ID is specified in the template. Which of the following is the most likely cause of the failure?

Question 183hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is automating the creation of Amazon RDS DB instances using AWS CloudFormation. The template includes a DB instance with a Multi-AZ deployment. During a stack update, the administrator changes the DB instance class from db.t3.small to db.t3.medium. What is the expected behavior during the update?

Question 184easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization wants to automate the creation of AWS resources using AWS CloudFormation. They need to ensure that certain resources, such as an Amazon S3 bucket, are not accidentally deleted when the stack is deleted. Which CloudFormation feature should they use?

Question 185mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy a web application to an Auto Scaling group. The deployment fails with the error 'The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems.' The deployment group has a minimum of 2 healthy instances. The Auto Scaling group has 4 instances. What should the SysOps administrator check first?

Question 186hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is using AWS OpsWorks to manage a stack of web servers. The administrator wants to automate the installation of custom software on all new instances that are added to the layer. What is the best approach?

Question 187easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. The environment is running low on memory, and the administrator needs to change the instance type from t2.micro to t3.small. What is the correct way to perform this change with minimal downtime?

Question 188mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is deploying a new version of an application using AWS CodeDeploy with an in-place deployment configuration. The deployment group consists of EC2 instances behind an Application Load Balancer. The administrator wants to ensure that traffic is gradually shifted to the new version. Which CodeDeploy feature should be used?

Question 189hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization uses AWS CloudFormation to manage infrastructure. They have a stack that includes an Amazon RDS DB instance. The administrator wants to update the DB instance's allocated storage without downtime. The DB instance is currently using gp2 storage. Which action should the administrator take?

Question 190easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a microservices application using AWS Elastic Beanstalk. The application consists of multiple services that need to communicate with each other. Which Elastic Beanstalk environment type should the administrator choose?

Question 191mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is automating the deployment of a web application using AWS CloudFormation. The application requires an Application Load Balancer (ALB) and an Auto Scaling group. The administrator wants to ensure that the Auto Scaling group registers instances with the ALB automatically. Which of the following are required? (Choose TWO.)

Question 192hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks to manage a stack of application servers. The administrator needs to automate the deployment of a new application version. Which of the following are valid methods to trigger a deployment in OpsWorks? (Choose THREE.)

Question 193easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is setting up an AWS Elastic Beanstalk environment for a Node.js application. The administrator wants to ensure that environment variables are set for the application. Which of the following methods can be used to set environment variables in Elastic Beanstalk? (Choose TWO.)

Question 194hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a CodeDeploy deployment that uploads artifacts to an S3 bucket. The deployment fails with an 'AccessDenied' error. The IAM policy for the CodeDeploy service role includes the statement shown in the exhibit. What is the most likely cause of the failure?

Exhibit

Refer to the exhibit.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:PutObject",
      "Resource": "arn:aws:s3:::my-bucket/*",
      "Condition": {
        "StringEquals": {
          "s3:x-amz-acl": "bucket-owner-full-control"
        }
      }
    }
  ]
}
Question 195mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is creating a CloudFormation stack and receives the error shown in the exhibit. The template snippet for the Auto Scaling group is:

"MyAutoScalingGroup": {
  "Type": "AWS::AutoScaling::AutoScalingGroup",
  "Properties": {
    "MinSize": "1",
    "MaxSize": "5",
    "DesiredCapacity": "2",

...

}
}
Network Topology
$ aws cloudformation describe-stack-eventsstack-name my-stackRefer to the exhibit."StackEvents": ["StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-stack/...","EventId": "Event-1","ResourceStatus": "CREATE_FAILED","ResourceType": "AWS::AutoScaling::AutoScalingGroup","Timestamp": "2024-01-01T00:00:00.000Z"
Question 196easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator sees the deployment failure shown in the exhibit. The deployment group has a minimum of 1 healthy instance. The Auto Scaling group has 2 instances. What is the most likely cause of the failure?

Network Topology
$ aws deploy get-deploymentdeployment-id d-EXAMPLERefer to the exhibit."deploymentInfo": {"status": "Failed","errorInformation": {"code": "HEALTH_CONSTRAINTS",},"deploymentGroupName": "MyDeploymentGroup","deploymentConfigName": "CodeDeployDefault.OneAtATime"
Question 197mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is deploying a web application on EC2 instances behind an Application Load Balancer. The deployment uses AWS CodeDeploy with an in-place update. During a deployment, the new application version fails health checks, and CodeDeploy automatically rolls back. However, the rollback also fails. What is the MOST likely cause?

Question 198easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A DevOps engineer needs to automate the creation of an Amazon RDS for MySQL DB instance in a VPC. The solution must use infrastructure as code. Which AWS service should be used to provision the database?

Question 199hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to deploy a serverless application. The pipeline has a source stage (Amazon S3), a build stage (AWS CodeBuild), and a deploy stage (AWS CloudFormation). The deploy stage uses a change set. Recently, the deploy stage fails with the error 'No updates are to be performed.' What is the MOST likely cause?

Question 200mediummultiple choice
Read the full NAT/PAT explanation →

An organization needs to enforce that all Amazon EC2 instances launched in a specific AWS account are created from a baseline Amazon Machine Image (AMI) that includes required security patches. The AMI ID is ami-0abcdef1234567890. What is the MOST efficient way to enforce this requirement?

Question 201easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. The environment needs to be updated with a new application version. The SysOps administrator wants to minimize downtime during the deployment. Which deployment policy should be used?

Question 202hardmultiple choice
Read the full NAT/PAT explanation →

A SysOps administrator is troubleshooting a failed AWS CodeBuild build. The build project uses an Amazon S3 source. The buildspec.yml file includes commands that require internet access to download dependencies. The build is failing with a timeout error when trying to download from an external repository. The VPC configuration for the build project uses a private subnet with no NAT gateway. What change should be made to resolve the issue?

Question 203mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to manage infrastructure. The SysOps administrator needs to update a stack that contains a critical database. The update may require a replacement of the database resource. The administrator wants to review the changes before they are applied. What is the BEST way to achieve this?

Question 204easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS OpsWorks for configuration management. They have a stack with multiple layers, and they want to automate the deployment of a custom configuration file to all instances in a specific layer. What is the MOST efficient way to achieve this?

Question 205hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company runs a critical application on a fleet of EC2 instances in an Auto Scaling group. The application is deployed using a blue/green deployment strategy with AWS CodeDeploy. The green environment fails immediately after deployment, and the deployment is automatically rolled back. However, the rollback also fails because the original blue environment's Auto Scaling group has been scaled down. What should the SysOps administrator do to prevent this issue in future deployments?

Question 206mediummulti select
Review the full subnetting walkthrough →

A company uses AWS Elastic Beanstalk to deploy a web application. The environment is running in a VPC with public and private subnets. The SysOps administrator needs to update the environment to use a new platform version. Which TWO steps should be taken to ensure a smooth update with minimal downtime? (Select TWO.)

Question 207hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline with AWS CodeBuild and AWS CodeDeploy. The pipeline is failing because the build stage produces artifacts that are too large for CodeDeploy. Which TWO actions can resolve this issue? (Select TWO.)

Question 208mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to deploy a stack that includes an Amazon EC2 instance and an Amazon RDS DB instance. The SysOps administrator wants to ensure that the RDS instance is created before the EC2 instance and that the EC2 instance receives the database endpoint as a user data parameter. Which THREE steps should be taken? (Select THREE.)

Question 209easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. After updating the environment configuration, the deployment fails and the environment health turns red. The SysOps administrator checks the logs and finds a permission error related to the EC2 instance profile. What should the administrator do to resolve the issue?

Question 210mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is automating the deployment of a three-tier web application using AWS CloudFormation. The administrator wants to ensure that the database tier is created before the application tier. How should the administrator define this dependency in the CloudFormation template?

Question 211hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CodeDeploy to deploy an application to an Auto Scaling group. The deployment fails because the instances in the Auto Scaling group are not registered with the target group of an Application Load Balancer. The SysOps administrator needs to ensure that new instances launched by the Auto Scaling group are automatically registered with the target group. What should the administrator do?

Question 212easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks for configuration management. The SysOps administrator needs to deploy a new application version to a stack. What is the recommended way to update the application on the instances?

Question 213mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a failed AWS CloudFormation stack update. The error message indicates that a resource failed to create due to insufficient IAM permissions. The administrator used a service role for CloudFormation. What should the administrator do to resolve the issue?

Question 214hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline with AWS CodeBuild to build and deploy a static website to an S3 bucket. The website is served via Amazon CloudFront. The deployment fails intermittently because the S3 bucket policy does not allow CloudFront access after the bucket is updated. What is the BEST way to automate the bucket policy update during the deployment?

Question 215easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator wants to automate the creation of an Amazon RDS database instance using AWS CloudFormation. The database must be created in a specific VPC and must be Multi-AZ. Which CloudFormation resource property should the administrator configure to meet these requirements?

Question 216mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk for a Java application. The environment uses a custom platform. The SysOps administrator wants to update the environment's configuration to use a larger instance type to handle increased load. What is the correct way to perform this change with minimal downtime?

Question 217hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is responsible for deploying a critical application using AWS CloudFormation. The stack creation fails during the creation of an Amazon EC2 instance. The error message indicates that the instance type is not supported in the specified Availability Zone. What should the administrator do to prevent this issue in future deployments?

Question 218mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is designing a deployment pipeline using AWS CodePipeline. The pipeline must include a build stage, a test stage, and a deployment stage. The administrator wants to ensure that if the build stage fails, the pipeline stops and notifies the team. Which TWO actions should the administrator take to meet these requirements? (Choose two.)

Question 219hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to manage infrastructure. The SysOps administrator wants to update a stack that contains an Amazon RDS DB instance. The update involves changing the DB instance class. Which THREE steps should the administrator take to perform this update with minimal downtime? (Choose three.)

Question 220easymulti select
Read the full NAT/PAT explanation →

A SysOps administrator is using AWS System Manager Automation to patch a fleet of Amazon EC2 instances. The administrator wants to ensure that instances are patched during a maintenance window and that they are rebooted only if required. Which TWO steps should the administrator include in the automation document? (Choose two.)

Question 221hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator has created the IAM policy shown in the exhibit. The policy is attached to a role used by an automation script that manages Amazon EBS snapshots. The script is failing when it tries to delete snapshots. What is the likely cause?

Exhibit

Refer to the exhibit.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:Describe*",
        "ec2:CreateSnapshot",
        "ec2:CreateTags"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "ec2:DeleteSnapshot"
      ],
      "Resource": "arn:aws:ec2:us-east-1:123456789012:snapshot/*"
    }
  ]
}
Question 222mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator ran a CloudFormation stack update that failed and rolled back. The stack status is UPDATE_ROLLBACK_FAILED. The administrator needs to fix the issue and bring the stack to a stable state. What should the administrator do FIRST?

Network Topology
aws cloudformation describe-stacksstack-name my-stackRefer to the exhibit."Stacks": ["StackName": "my-stack","StackStatus": "UPDATE_ROLLBACK_FAILED","Capabilities": ["CAPABILITY_IAM"],"Tags": []
Question 223hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator wants to automate the deployment of an application to an EC2 instance. The instance is running, but the deployment script fails because the instance is not reachable via SSH. The administrator checks the instance state as shown in the exhibit. What should the administrator check NEXT to troubleshoot the SSH connectivity issue?

Network Topology
aws ec2 describe-instancesinstance-ids i-0abcd1234efgh5678query 'Reservations[0].Instances[0].State'Refer to the exhibit."Code": 16,"Name": "running"
Question 224mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to deploy a web application to Amazon EC2 instances behind an Application Load Balancer. During a deployment, the pipeline fails at the Deploy stage with an error indicating that the CodeDeploy agent is not responding. The instances are in an Auto Scaling group. What is the MOST likely cause of this issue?

Question 225hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a failed AWS CloudFormation stack creation. The stack includes an Amazon RDS DB instance with a custom DB parameter group. The error message states: 'The following resource(s) failed to create: [DBParameterGroup].' The administrator checks the CloudFormation template and sees that the DBParameterGroup resource has a property 'Parameters' with a list of parameters. What is the MOST likely reason for the failure?

Question 226easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a Node.js application. The application requires a specific version of Node.js that is not the default version provided by the Elastic Beanstalk platform. How can the administrator ensure that the correct Node.js version is installed on the environment's EC2 instances?

Question 227hardmultiple choice
Review the full subnetting walkthrough →

A company has a production AWS CloudFormation stack that creates an Amazon EC2 instance with an AWS Systems Manager Association to install software. The stack creation succeeds, but the association does not apply to the instance. The instance is in a private subnet with a VPC endpoint for Systems Manager. What is the MOST likely cause?

Question 228mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy an application to an Auto Scaling group. The deployment fails because the target instances are not passing the health checks. The administrator reviews the CodeDeploy deployment logs and finds that the application installation succeeded but the built-in health check failed. What should the administrator do to resolve this issue?

Question 229easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to automate the creation of an Amazon S3 bucket with versioning enabled and default encryption using AWS CloudFormation. Which CloudFormation resource type should the administrator use?

Question 230hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks for Chef Automate to manage its EC2 instances. The administrator needs to deploy a new cookbook to all instances in a stack. The cookbook is stored in an S3 bucket. What is the MOST efficient way to deploy the cookbook to the instances?

Question 231mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a stack that includes an Amazon RDS DB instance. The administrator wants to ensure that the DB instance is not deleted when the stack is deleted. Which property should the administrator set in the CloudFormation template?

Question 232easymultiple choice
Study the full Python automation breakdown →

A company uses AWS Elastic Beanstalk to deploy a Python web application. The administrator needs to update the environment's configuration to use a larger instance type. What is the correct way to perform this update with minimal downtime?

Question 233mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is deploying a critical application using AWS CloudFormation. The stack must be updated frequently. Which TWO strategies should the administrator use to minimize the risk of update failures? (Choose TWO.)

Question 234hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company deploys microservices on Amazon ECS using Fargate. The deployment is managed by AWS CodePipeline. The administrator notices that deployments sometimes fail because the new task definition is not registered before the deployment. Which THREE steps should the administrator take to resolve this issue? (Choose THREE.)

Question 235easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

An administrator is using AWS CloudFormation to create a stack that includes an Auto Scaling group and a launch template. The launch template specifies an AMI ID. Which TWO changes to the launch template will trigger an update to the Auto Scaling group? (Choose TWO.)

Question 236easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is tasked with automating the deployment of an application across multiple AWS accounts. Which AWS service should be used to orchestrate the deployment across accounts?

Question 237mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy infrastructure. The administrator needs to update a stack that includes an Amazon RDS DB instance. The update requires replacing the DB instance with a new one. What is the most efficient way to achieve this with minimal downtime?

Question 238hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

An organization has a requirement to automatically scale its web application based on a custom metric that measures the number of active user sessions stored in Amazon ElastiCache. The metric is published to CloudWatch every minute. The Auto Scaling group currently uses a simple scaling policy based on CPU utilization. What is the most effective way to implement scaling based on this custom metric?

Question 239easymulti select
Read the full NAT/PAT explanation →

A SysOps administrator is deploying a CloudFormation stack that includes an Amazon EC2 instance. The instance needs to have the latest patch level at launch. Which TWO methods can accomplish this? (Choose TWO.)

Question 240mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS Elastic Beanstalk to deploy a web application. The application experiences high traffic during business hours and low traffic at night. The administrator wants to minimize costs while ensuring performance. Which THREE actions should the administrator take? (Choose THREE.)

Question 241hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks for configuration management. The administrator needs to deploy a new application version to a stack of EC2 instances. The instances are part of a layer that has a custom recipe. Which THREE steps are required to update the application? (Choose THREE.)

Question 242mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator ran the above AWS CLI command to update an existing CloudFormation stack. The command failed with the error shown. What is the most likely cause?

Network Topology
$ aws cloudformation deploytemplate-file template.yamlstack-name my-stackparameter-overrides Key1=Value1 Key2=Value2capabilities CAPABILITY_IAMRefer to the exhibit.```
Question 243easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company wants to automate the creation of AWS resources based on tags. When a user tags an S3 bucket with 'Deploy: True', a Lambda function should trigger to create a corresponding CloudFront distribution. Which AWS service should be used to invoke the Lambda function when the tag is applied?

Question 244mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to deploy a new version of an application to an Auto Scaling group using a blue/green deployment strategy. The application runs on EC2 instances behind an Application Load Balancer. Which AWS service should be used to automate this deployment?

Question 245hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to deploy a multi-tier application. The administrator wants to ensure that the database layer is fully provisioned and available before the application layer starts. How can this be achieved?

Question 246easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company needs to deploy a set of microservices using Docker containers on AWS. The deployment should be automated and support scaling based on demand. Which AWS service should be used to orchestrate the containers?

Question 247mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is using AWS CodePipeline to automate the build and deploy process for a Java application. The build stage uses AWS CodeBuild, and the deploy stage uses AWS CodeDeploy to deploy to an Auto Scaling group. The deployment fails intermittently with a 'Timeout' error. What should the administrator check first?

Question 248easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is deploying a new application using AWS CloudFormation. The template includes an EC2 instance with a UserData script that installs software from a private S3 bucket. What is the BEST way to ensure the EC2 instance can access the S3 bucket without storing long-term credentials on the instance?

Question 249mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS Elastic Beanstalk to deploy a web application. The environment is running a single instance. The SysOps administrator needs to update the application to a new version with zero downtime. What should the administrator do?

Question 250hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a failed AWS CloudFormation stack creation. The stack includes an AWS::Lambda::Function resource. The error message states: 'The runtime parameter of nodejs8.10 is no longer supported.' The administrator needs to resolve this with minimal changes. What should the administrator do?

Question 251easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is provisioning an Auto Scaling group (ASG) for a stateless web application. The ASG should launch EC2 instances in multiple Availability Zones. The administrator needs to ensure that instances are evenly distributed across Availability Zones. Which configuration should the administrator use?

Question 252mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodeDeploy to deploy applications to an Auto Scaling group. The deployment fails with the error: 'The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems.' The SysOps administrator checks the deployment logs and finds that the application installation script exits with a non-zero exit code. What is the MOST likely cause?

Question 253hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is managing a CloudFormation stack that creates an Amazon RDS DB instance. The stack uses the 'DBInstance' resource with a 'DeletionPolicy' attribute set to 'Delete'. The administrator wants to modify the stack to retain the DB instance when the stack is deleted, but the change fails because the DB instance is in a state that does not allow modification. What is the MOST likely reason?

Question 254easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator needs to automate the provisioning of AWS resources using infrastructure as code. The solution must track changes and allow rollbacks. Which AWS service should the administrator use?

Question 255mediummultiple choice
Read the full NAT/PAT explanation →

A company uses AWS Systems Manager to automate patching of EC2 instances. The SysOps administrator creates a Maintenance Window that targets a list of instances. The patching task fails with the error: 'Instance is not in a supported state.' What should the administrator check FIRST?

Question 256hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is deploying a CloudFormation stack that includes an AWS::ECS::Service resource. The service uses a task definition that references a container image stored in Amazon ECR. The stack creation fails with the error: 'Unable to assume the service-linked role.' What is the MOST likely cause?

Question 257easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is creating an Auto Scaling group using a launch template. The administrator wants to ensure that instances are automatically registered with an Application Load Balancer (ALB) target group. Which TWO steps are required? (Choose TWO.)

Question 258mediummulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is troubleshooting a failed AWS CloudFormation stack update. The update attempted to modify an Amazon RDS DB instance's storage type from gp2 to io1. The error message indicates that the modification is not supported. Which TWO reasons could cause this error? (Choose TWO.)

Question 259hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is designing a deployment pipeline using AWS CodePipeline. The pipeline must deploy a serverless application using AWS SAM. The administrator wants to run integration tests after the deployment. Which THREE services should be used together? (Choose THREE.)

Question 260hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company runs a critical production workload on a fleet of EC2 instances managed by an Auto Scaling group. The instances are behind an Application Load Balancer (ALB). Recently, the company experienced a regional outage that caused all instances to become unhealthy. The SysOps administrator must design a solution to automatically recover from such an outage with minimal downtime. The solution must be cost-effective and not require manual intervention. The administrator considers four options. Which option meets the requirements?

Question 261mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps administrator is deploying a new web application using AWS Elastic Beanstalk. The application requires a high-performance relational database that can scale read capacity. The administrator needs to ensure that the database is highly available and can handle read replicas. The administrator creates an Elastic Beanstalk environment and adds an Amazon RDS DB instance. However, the database is deployed in a single Availability Zone. The administrator wants to modify the environment to use a Multi-AZ deployment for high availability and add read replicas. The administrator has the following options. Which option should the administrator choose?

Question 262easymultiple choice
Read the full NAT/PAT explanation →

A SysOps administrator needs to automate the deployment of a three-tier web application. The application consists of an Application Load Balancer, a fleet of EC2 instances running a web server, and an Amazon RDS MySQL database. The administrator must ensure that the database credentials are securely stored and automatically rotated. The administrator also needs to version the infrastructure configuration. Which combination of AWS services should the administrator use?

Question 263easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to manage infrastructure. They have a stack that creates an Amazon EC2 instance and an associated security group. The stack creation fails with the error: 'Resource creation cancelled' after the security group is created but before the instance is launched. What is the MOST likely cause?

Question 264mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A DevOps engineer is designing a CI/CD pipeline for a microservices application. The application consists of several Docker containers that run on Amazon ECS with Fargate launch type. The engineer wants to automate the deployment of new container versions. Which AWS service should be used to orchestrate the build, test, and deployment stages?

Question 265hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS OpsWorks to manage a stack of EC2 instances running a web application. They recently migrated to AWS Elastic Beanstalk for easier deployments. However, after the migration, some users report that the application is responding slowly during peak hours. The Elastic Beanstalk environment is configured with a load balancer and auto scaling based on average CPU utilization. What should the SysOps Administrator do to troubleshoot the performance issue?

Question 266easymulti select
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps Administrator needs to automate the deployment of a three-tier web application on AWS. The application consists of a web tier, application tier, and database tier. The administrator wants to use AWS CloudFormation to provision the infrastructure. Which TWO resources should be included in the CloudFormation template to ensure the application is highly available across multiple Availability Zones?

Question 267mediummulti select
Read the full NAT/PAT explanation →

A company is using AWS CodeDeploy to deploy a new version of an application to a fleet of EC2 instances. The deployment is configured with a Blue/Green deployment type. During the deployment, the new instances pass all health checks, but the old instances are not being terminated automatically. The SysOps Administrator needs to ensure that the old instances are terminated after a successful deployment. Which TWO actions should the administrator take? (Choose TWO.)

Question 268hardmulti select
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS CloudFormation to deploy a stack that includes an Amazon RDS Multi-AZ DB instance. The stack creation fails with the error 'The DB instance already exists'. The SysOps Administrator needs to resolve this issue without modifying the template. Which THREE steps should the administrator take? (Choose THREE.)

Question 269mediummultiple choice
Read the full NAT/PAT explanation →

A SysOps Administrator attached the IAM policy shown in the exhibit to a user. The user is unable to terminate an EC2 instance. What is the MOST likely reason?

Exhibit

Refer to the exhibit.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "ec2:*, 
      "Resource": "*"
    },
    {
      "Effect": "Deny",
      "Action": "ec2:TerminateInstances",
      "Resource": "arn:aws:ec2:us-east-1:123456789012:instance/*"
    }
  ]
}
Question 270hardmultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps Administrator attempted to update a CloudFormation stack. The stack update failed and is now in UPDATE_ROLLBACK_IN_PROGRESS state as shown in the exhibit. What should the administrator do to recover the stack to a stable state?

Network Topology
$ aws cloudformation describe-stack-eventsstack-name my-stackRefer to the exhibit."StackEvents": ["StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/my-stack/...","EventId": "...","ResourceStatus": "UPDATE_ROLLBACK_IN_PROGRESS","ResourceType": "AWS::AutoScaling::AutoScalingGroup","Timestamp": "2023-01-15T10:00:00Z",},"ResourceStatus": "UPDATE_FAILED","Timestamp": "2023-01-15T09:59:59Z",
Question 271hardmultiple choice
Read the full NAT/PAT explanation →

A company runs a critical web application on a fleet of EC2 instances behind an Application Load Balancer (ALB) across multiple Availability Zones. The application is deployed using AWS Elastic Beanstalk with a rolling update deployment policy. Recently, the development team pushed a new application version that introduced a memory leak. Within minutes, the instances started failing health checks, and Elastic Beanstalk initiated a replacement of the instances. However, during the replacement, the application experienced downtime because the new instances were not passing health checks, and the old instances were already terminated. The SysOps Administrator must modify the deployment to prevent downtime during future failed deployments. Which solution should the administrator implement?

Question 272mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CloudFormation to manage its infrastructure. The SysOps Administrator needs to update a stack that contains an Amazon RDS DB instance. The update requires changing the DB instance class from db.t2.medium to db.t3.medium. The RDS instance has a deletion policy of 'Snapshot' in the current template. The administrator wants to minimize downtime and ensure no data loss. The current stack update fails because CloudFormation attempts to replace the DB instance, causing a long downtime. What should the administrator do to successfully update the stack with minimal downtime?

Question 273easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps Administrator is responsible for deploying a new microservice using AWS Elastic Beanstalk. The microservice requires an Amazon RDS MySQL database. The administrator creates an Elastic Beanstalk environment and adds an RDS DB instance using the Elastic Beanstalk console. However, during the next deployment of the application, the database connection string in the environment properties gets overwritten, causing the application to fail to connect to the database. The administrator needs to ensure that the database configuration persists across deployments. What should the administrator do?

Question 274mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company uses AWS CodePipeline to automate the deployment of a web application. The pipeline has three stages: Source (Amazon S3), Build (AWS CodeBuild), and Deploy (AWS CodeDeploy). Recently, the deployment stage started failing with the error 'The deployment failed because a deployment already exists for the deployment group'. The SysOps Administrator needs to fix the pipeline to allow deployments to proceed without manual intervention. The pipeline should only deploy if the previous deployment is successful. What should the administrator do?

Question 275hardmultiple choice
Review the full subnetting walkthrough →

A company has a multi-account AWS environment using AWS Organizations. The SysOps Administrator needs to deploy a standardized set of baseline resources (VPC, subnets, security groups, and an S3 bucket for logs) into each new member account as soon as the account is created. The administrator wants to automate this process using AWS CloudFormation and ensure that the baseline resources are deployed without manual intervention. The organization uses AWS CloudTrail and AWS Config for governance. What solution should the administrator implement?

Question 276easymultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A company is using AWS OpsWorks for configuration management of their EC2 instances. The SysOps Administrator wants to migrate to AWS Systems Manager for a more modern approach. The administrator needs to ensure that existing instances running Amazon Linux 2 can be managed by Systems Manager without downtime. The instances are currently in a running state and are critical to operations. What should the administrator do?

Question 277mediummultiple choice
Read the full Deployment, Provisioning, and Automation explanation →

A SysOps Administrator is using AWS CloudFormation to deploy a stack that includes an Amazon EC2 instance with an AWS Systems Manager Association that installs software. The stack creation fails because the association fails to apply, and the stack rolls back. The administrator needs to ensure that the stack creation succeeds even if the association fails, and then fix the association later. What should the administrator do?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

SOA-C02 Practice Test 1 — 10 Questions→SOA-C02 Practice Test 2 — 10 Questions→SOA-C02 Practice Test 3 — 10 Questions→SOA-C02 Practice Test 4 — 10 Questions→SOA-C02 Practice Test 5 — 10 Questions→SOA-C02 Practice Exam 1 — 20 Questions→SOA-C02 Practice Exam 2 — 20 Questions→SOA-C02 Practice Exam 3 — 20 Questions→SOA-C02 Practice Exam 4 — 20 Questions→Free SOA-C02 Practice Test 1 — 30 Questions→Free SOA-C02 Practice Test 2 — 30 Questions→Free SOA-C02 Practice Test 3 — 30 Questions→SOA-C02 Practice Questions 1 — 50 Questions→SOA-C02 Practice Questions 2 — 50 Questions→SOA-C02 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Monitoring, Logging, and RemediationReliability and Business ContinuityDeployment, Provisioning, and AutomationSecurity and ComplianceNetworking and Content DeliveryCost and Performance Optimization

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Deployment, Provisioning, and Automation setsAll Deployment, Provisioning, and Automation questionsSOA-C02 Practice Hub