Amazon Exam DOP-C01 Topic 9 Question 94 Discussion

Actual exam question for Amazon's DOP-C01 exam

Question #: 94
Topic #: 9

A DevOps Engineer administers an application that manages video files for a video production company. The application runs on Amazon EC2 instances behind an ELB Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. Data is stored in an Amazon RDS PostgreSQL Multi-AZ DB instance, and the video files are stored in an Amazon S3 bucket. On a typical day, 50 GB of new video are added to the S3 bucket. The Engineer must implement a multi-region disaster recovery plan with the least data loss and the lowest recovery times. The current application infrastructure is already described using AWS CloudFormation. Which deployment option should the Engineer choose to meet the uptime and recovery objectives for the system?

ALaunch the application from the CloudFormation template in the second region, which sets the capacity of the Auto Scaling group to 1. Create an Amazon RDS read replica in the second region. In the second region, enable cross-region replication between the original S3 bucket and a new S3 bucket. To fail over, promote the read replica as master. Update the CloudFormation stack and increase the capacity of the Auto Scaling group.

BLaunch the application from the CloudFormation template in the second region, which sets the capacity of the Auto Scaling group to 1. Create a scheduled task to take daily Amazon RDS cross-region snapshots to the second region. In the second region, enable cross-region replication between the original S3 bucket and Amazon Glacier. In a disaster, launch a new application stack in the second region and restore the database from the most recent snapshot.

CLaunch the application from the CloudFormation template in the second region which sets the capacity of the Auto Scaling group to 1. Use Amazon CloudWatch Events to schedule a nightly task to take a snapshot of the database, copy the snapshot to the second region, and replace the DB instance in the second region from the snapshot. In the second region, enable cross-region replication between the original S3 bucket and a new S3 bucket. To fail over, increase the capacity of the Auto Scaling group.

DUse Amazon CloudWatch Events to schedule a nightly task to take a snapshot of the database and copy the snapshot to the second region. Create an AWS Lambda function that copies each object to a new S3 bucket in the second region in response to S3 event notifications. In the second region, launch the application from the CloudFormation template and restore the database from the most recent snapshot.

Show Suggested Answer

Suggested Answer: B

by Genevive at Jun 02, 2024, 10:03 AM

Limited Time Offer

25%

Off

Get Premium DOP-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Glory

10 months ago

Option C is interesting, but wouldn't it be simpler to just use an SCP to deny the IAM user creation action altogether? Less code to maintain, you know?

upvoted 0 times

...

Casandra

10 months ago

Haha, I'm picturing the non-exception list users trying to create IAM users and just getting a big fat 'DENIED!' Error message. Option B for the win!

upvoted 0 times

...

Rosenda

10 months ago

I agree with Genevive. Option D looks like the most flexible and dynamic solution. Plus, deleting the user if they're not on the exception list is a nice touch.

upvoted 0 times

Clarinda

9 months ago

Yeah, I agree. It seems like the most efficient solution.

upvoted 0 times

...

Myrtie

9 months ago

I think option D is the best choice here.

upvoted 0 times

...

I think option B is the best solution because it explicitly denies the creation of IAM users unless they are on the exception list.

upvoted 0 times

...