Resilient Cloud Solutions
Drill 20 practice questions focused entirely on Resilient Cloud Solutions for the AWS DOP-C02 exam. Tap an answer for instant feedback and a full explanation — no sign-up, always free.
A company runs a stateless web application on EC2 instances behind an Application Load Balancer (ALB) spread across three Availability Zones. An Auto Scaling group maintains 3 instances per AZ. During a recent single-AZ impairment, monitoring showed that clients connected through the affected AZ received elevated latency and some 5xx errors even though healthy instances existed in the other two AZs. The DevOps team wants to ensure that a single-AZ failure does not degrade the user experience, with minimal ongoing management. Which action BEST addresses this requirement?
A media streaming company runs a stateful session service on an EC2 Auto Scaling group behind a Network Load Balancer. During scale-in events, users report abruptly dropped streams because instances terminate while active sessions are still in progress. Each session can last up to 8 minutes and the application can persist session state to DynamoDB if given time. The DevOps team must ensure that instances chosen for termination complete in-flight sessions before shutting down, without changing the streaming protocol. What is the MOST appropriate way to achieve this?
A media company runs a stateless web tier on an EC2 Auto Scaling group behind an ALB. During flash-sale events, traffic ramps sharply then drops in irregular waves. The team currently uses simple scaling policies with CloudWatch alarms on average CPU, plus a 300-second cooldown period. They observe that the group repeatedly scales out and scales in within short intervals (flapping), causing instances to churn and users to hit brief connection errors while capacity settles. The team wants scaling to respond quickly to sustained demand while avoiding rapid oscillation, with minimal manual tuning of thresholds. Which change best meets these requirements?
A financial services company runs a stateless order-matching service on an EC2 Auto Scaling group behind an Application Load Balancer. During market-open bursts, demand spikes within seconds. The application AMI is large and requires roughly 6 minutes to boot, run configuration scripts, and warm its JVM cache before it can pass ALB health checks. Scale-out driven by target-tracking on request count is too slow, causing dropped orders during the first few minutes of each spike. The team wants to reduce scale-out latency without permanently running (and paying for full price on) many idle instances. Which approach best meets these requirements?
A financial services company runs a mission-critical application on an Amazon Aurora MySQL-Compatible cluster. During a faulty deployment, an application bug executed a bad UPDATE statement that silently corrupted several tables. The problem was discovered 45 minutes later. The team needs to recover the database to the exact state moments before the corruption with the least amount of downtime and without provisioning a new cluster endpoint that would require application reconfiguration. Which approach best meets these requirements?
A financial services company runs a critical transaction processing application on an Amazon Aurora PostgreSQL cluster in us-east-1. Compliance requires an RPO of under 1 second and an RTO of under 5 minutes in the event of a full regional outage, and the disaster recovery region (us-west-2) must be able to accept application traffic quickly. The DevOps team must automate failover so that operators are not required to reconfigure the database endpoint manually during a regional event. Which approach BEST meets these requirements?
A financial services company must implement a centralized, automated disaster recovery strategy for a fleet of EC2 instances, EBS volumes, and DynamoDB tables spread across multiple accounts in an AWS Organization. Compliance requires that all backups be retained for 7 years, be immutable (protected against deletion even by administrators), and be copied to a second AWS Region for DR. The team wants to minimize custom scripting and manage the policy centrally. Which approach best meets these requirements?
A financial services company runs a monolithic web application on EC2 behind an ALB in us-east-1, backed by an RDS PostgreSQL Multi-AZ database. Compliance requires an RTO of 15 minutes and an RPO of 5 minutes for a regional disaster in a secondary region (us-west-2). The team wants to minimize steady-state cost while still meeting these targets, and they want failover to be automated as much as possible. Which disaster recovery strategy best meets these requirements?
A financial services company runs a trading dashboard backed by a DynamoDB table in us-east-1. Leadership requires that the application continue accepting both reads and writes with near-zero data loss and sub-minute recovery if the entire us-east-1 region becomes unavailable. Application traffic is served from ALBs in both us-east-1 and eu-west-1 fronted by Route 53. Which approach best meets the availability and RPO/RTO requirements with the least operational effort?
A financial services company runs a DynamoDB table storing transaction records. Compliance requires that any point in the last 35 days must be recoverable to meet a tight RPO, AND that specific quarter-end table snapshots be retained immutably for 7 years for audit purposes. The DevOps team wants to automate both requirements with the least operational overhead while minimizing recovery time for the daily use case. Which approach best satisfies both requirements?
A financial services company runs a critical order-processing application backed by a DynamoDB table in us-east-1. Compliance requires the ability to recover the table to any point within the last 24 hours (RPO of 5 minutes) and to restore into a separate DR region (us-west-2) within an RTO of 2 hours in the event of a regional outage. The team wants a fully managed, low-operational-overhead solution that also protects against accidental writes or deletes. Which approach best meets these requirements?
A DevOps team manages a stateless web tier on an EC2 Auto Scaling group behind an Application Load Balancer. They deploy a new AMI using an instance refresh with a minimum healthy percentage of 90% and a health check grace period of 300 seconds. During the refresh, the new AMI contains a misconfiguration that causes instances to pass EC2 status checks but fail the ALB target group HTTP health check. The team wants the instance refresh to detect these failures and stop replacing instances automatically before the entire fleet is cycled. Which configuration change ensures the instance refresh halts when the new instances are unhealthy?
A company runs a stateless order-processing microservice on Amazon ECS with the Fargate launch type. The service must remain available even if an entire Availability Zone becomes impaired. Currently the service definition specifies a desired count of 6 tasks running in a cluster spanning three AZs, but during a recent AZ outage most tasks were unavailable because they happened to be concentrated in the failed AZ. Which change most effectively ensures tasks are automatically redistributed and remain balanced across AZs after failures and scaling events?
A media company runs a content management application on EC2 instances in an Auto Scaling group across three Availability Zones. Shared user-uploaded assets are stored on an Amazon EFS file system mounted by all instances. Compliance requires that any accidental deletion or corruption of files can be recovered to a point no more than 1 hour old, and the recovery process must be fully automated and centrally auditable across the company's accounts. Which approach best meets these requirements with the least operational overhead?
A financial services company runs a session-store on a self-designed Amazon ElastiCache for Redis (cluster mode disabled) deployment with a single primary node in one Availability Zone. During a recent AZ impairment, the primary became unreachable and the application lost all active user sessions, forcing every user to re-authenticate. The team must minimize both recovery time and data loss for future AZ failures while keeping the change fully managed by AWS. What should the DevOps engineer implement?
A financial services company runs a fleet of EC2 instances with attached EBS volumes storing transactional data. Compliance requires an RPO of 1 hour and that recovery point snapshots be automatically created, retained for 30 days, and copied to a second region for disaster recovery. The DevOps team wants a fully managed, policy-driven solution that requires no custom Lambda code or cron servers to maintain. Which approach best meets these requirements?
A company runs a production workload across three Availability Zones in a single VPC. Private subnets in all three AZs currently route outbound internet traffic through a single NAT gateway located in AZ-a, which is used for downloading OS patches and calling external APIs. During a recent AZ-a service disruption, workloads in AZ-b and AZ-c lost all outbound internet connectivity even though their own compute resources remained healthy. The DevOps team must eliminate this cross-AZ dependency with the least ongoing operational effort. What should they do?
A financial services company runs an active-active application across us-east-1 and eu-west-1. Each region has an Application Load Balancer fronting an ECS service. They use Route 53 latency-based routing with health checks pointing at each ALB. During a partial regional degradation, the ECS tasks in eu-west-1 remained running and passed ALB target group health checks, but a critical downstream dependency (a regional payment API) was returning HTTP 500 errors. Route 53 continued sending European users to the failing region. The DevOps team must ensure Route 53 stops routing to a region when the application is functionally unhealthy, even if the ALB and tasks appear healthy. What is the MOST effective solution?
A financial services company runs a critical application in us-east-1 backed by an Amazon RDS for PostgreSQL instance. Compliance requires a documented disaster recovery strategy with an RTO of 30 minutes and an RPO of 5 minutes, while keeping standby costs minimal. The DevOps team wants to automate failover to us-west-2 with the least possible ongoing infrastructure cost that still meets these targets. Which approach BEST satisfies these requirements?
A financial services company runs a critical transaction API on an Amazon RDS for PostgreSQL Multi-AZ deployment. During a recent AZ disruption, RDS automatically failed over to the standby instance in about 90 seconds, but the application layer continued to fail for nearly 15 minutes because connections kept resolving to the old, now-unreachable instance IP. The DevOps team must ensure the application recovers automatically within seconds of a future failover, without manual intervention. Which change most directly addresses the root cause?
More DOP-C02 practice
Keep going with the other AWS Certified DevOps Engineer - Professional domains, or take a full timed mock exam.
← Back to DOP-C02 overview