DOP-C01 Exam - AWS Certified DevOps Engineer- Professional

NEW QUESTION 1
Which of the following CLI commands is used to spin up new EC2 Instances?

• A. awsec2 run-instances
• B. awsec2 create-instances
• C. awsec2 new-instancesD- awsec2 launch-instances

Answer: A

Explanation:
The AWS Documentation mentions the following
Launches the specified number of instances using an AMI for which you have permissions. You can specify a number of options, or leave the default options. The following rules apply:
[EC2-VPC] If you don't specify a subnet ID. we choose a default subnet from your default VPC for you. If you don't have a default VPC, you must specify a subnet ID in the request.
[EC2-Classic] If don't specify an Availability Zone, we choose one for you.
Some instance types must be launched into a VPC. if you do not have a default VPC. or if you do not specify a subnet ID. the request fails. For more information, see Instance Types Available Only in a VPC.
[EC2-VPC] All instances have a network interface with a primary private IPv4 address. If you don't specify this address, we choose one from the IPv4 range of your subnet.
Not all instance types support IPv6 addresses. For more information, see Instance Types.
If you don't specify a security group ID, we use the default security group. For more information, see Security Groups.
If any of the AMIs have a product code attached for which the user has not subscribed, the request fails. For more information on the Cc2 run instance command please refer to the below link http://docs.aws.a mazon.com/cli/latest/reference/ec2/run-instances.html

NEW QUESTION 2
Which of the following tools does not directly support AWS OpsWorks, for monitoring your stacks?

• A. AWSConfig
• B. Amazon CloudWatch Metrics
• C. AWSCIoudTrail
• D. Amazon CloudWatch Logs

Answer: A

Explanation:
You can monitor your stacks in the following ways.
• AWS OpsWorks Stacks uses Amazon CloudWatch to provide thirteen custom metrics with detailed monitoring for each instance in the stack.
• AWS OpsWorks Stacks integrates with AWS CloudTrail to log every AWS OpsWorks Stacks API call and store the data in an Amazon S3 bucket.
• You can use Amazon CloudWatch Logs to monitor your stack's system, application, and custom logs.
For more information on Opswork monitoring, please visit the below URL:
• http://docs.aws.amazon.com/opsworks/latest/userguide/monitoring.html

NEW QUESTION 3
Your CTO is very worried about the security of your AWS account. How best can you prevent hackers
from completely hijacking your account?

• A. Useshort but complex password on the root account and any administrators.
• B. UseAWS 1AM Geo-Lock and disallow anyone from logging in except for in your city.
• C. UseMFA on all users and accounts, especially on the root account.
• D. Don'twrite down or remember the root account password after creating the AWSaccount.

Answer: C

Explanation:
The AWS documentation mentions the following on MFA
AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their user name and password (the first factor—what they know), as well as for an authentication code from their AWS MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for your AWS account settings and resources.
For more information on MFA please visit the below link https://aws.ama zon.com/ia m/detai Is/mfa/

NEW QUESTION 4
Which of the following services can be used in conjunction with Cloudwatch Logs. Choose the 3 most viable services from the options given below

• A. Amazon Kinesis
• B. Amazon S3
• C. Amazon SQS
• D. Amazon Lambda

Answer: ABD

Explanation:
The AWS Documentation the following products which can be integrated with Cloudwatch logs
1) Amazon Kinesis - Here data can be fed for real time analysis
2) Amazon S3 - You can use CloudWatch Logs to store your log data in highly durable storage such as S3.
3) Amazon Lambda - Lambda functions can be designed to work with Cloudwatch log For more information on Cloudwatch Logs, please refer to the below link: link:http://docs^ws.amazon.com/AmazonCloudWatch/latest/logs/WhatlsCloudWatchLogs.html

NEW QUESTION 5
Which of the following service can be used to provision ECS Cluster containing following components in an automated way:
1) Application Load Balancer for distributing traffic among various task instances running in EC2 Instances
2) Single task instance on each EC2 running as part of auto scaling group
3) Ability to support various types of deployment strategies

• A. SAM
• B. Opswork
• C. Elastic beanstalk
• D. CodeCommit

Answer: C

Explanation:
You can create docker environments that support multiple containers per Amazon CC2 instance with multi-container Docker platform for Elastic Beanstalk-Elastic Beanstalk uses Amazon Elastic Container Service (Amazon CCS) to coordinate container deployments to multi-container Docker environments. Amazon CCS provides tools to manage a cluster of instances running Docker containers. Elastic Beanstalk takes care of Amazon CCS tasks including cluster creation, task definition, and execution Please refer to the below AWS documentation: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker_ecs.html

NEW QUESTION 6
A company is building a two-tier web application to serve dynamic transaction-based content. The data tier is leveraging an Online Transactional Processing (OLTP) database. What services should you leverage to enable an elastic and scalable web tier?

• A. ElasticLoad Balancing, Amazon EC2, and Auto Scaling
• B. ElasticLoad Balancing, Amazon RDS with Multi-AZ, and Amazon S3
• C. AmazonRDS with Multi-AZ andAuto Scaling
• D. AmazonEC2, Amazon Dynamo DB, and Amazon S3

Answer: A

Explanation:
The question mentioned a scalable web tier and not a database tier. So Option C, D and B are already automated eliminated, since we do not need a database option. The below example shows an Elastic Load balancer connected to 2 CC2 instances connected via Auto Scaling. This is an example of an elastic and scalable web tier. By scalable we mean that the Auto scaling process will increase or decrease the number of CC2 instances as required.

For more information on best practices for AWS Cloud applications, please visit the below URL: https://dO.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf

NEW QUESTION 7
You have a multi-docker environment that you want to deploy to AWS. Which of the following configuration files can be used to deploy a set of Docker containers as an Elastic Beanstalk application?

• A. Dockerrun.awsjson
• B. .ebextensions
• C. Dockerrunjson
• D. Dockerfile

Answer: A

Explanation:
A Dockerrun.aws.json file is an Clastic Beanstalk-specific JSON file that describes how to deploy a set of Docker containers as an Clastic Beanstalk application. You can use aDockerrun.aws.json file for a multicontainer Docker environment.
Dockerrun.aws.json describes the containers to deploy to each container instance in the environment as well as the data volumes to create on the host instance for
the containers to mount. http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker_v2config.html

NEW QUESTION 8
When using EC2 instances with the Code Deploy service, which of the following are some of the pre- requisites to ensure that the EC2 instances can work with Code Deploy. Choose 2 answers from the options given below

• A. Ensurean 1AM role is attached to the instance so that it can work with the CodeDeploy Service.
• B. Ensurethe EC2 Instance is configured with Enhanced Networking
• C. Ensurethe EC2 Instance is placed in the default VPC
• D. Ensurethat the CodeDeploy agent is installed on the EC2 Instance

Answer: AD

Explanation:
This is mentioned in the AWS documentation

For more information on instances for CodeDeploy, please visit the below URL:
• http://docs.aws.amazon.com/codedeploY/latest/userguide/instances.html

NEW QUESTION 9
There is a very serious outage at AWS. EC2 is not affected, but your EC2 instance deployment scripts
stopped working in the region with the outage. What might be the issue?

• A. The AWS Console is down, so your CLI commands do not work.
• B. S3 is unavailable, so you can't create EBS volumes from a snapshot you use to deploy new volumes.
• C. AWS turns off the DeployCode API call when there are major outages, to protect from system floods.
• D. None of the other answers make sens
• E. If EC2 is not affected, it must be some other issue.

Answer: B

Explanation:
The CBS Snapshots are stored in S3, so if you have an scripts which deploy CC2 Instances, the CBS volumes need to be constructed from snapshots stored in S3.
You can back up the data on your Amazon CBS volumes to Amazon S3 by taking point-in-time snapshots. Snapshots are incremental backups, which means that only the blocks on the device that have changed after your most recent snapshot are saved. This minimizes the time required to create the snapshot and saves on storage costs by not duplicating data. When you delete a snapshot, only the data unique to that snapshot is removed. Cach snapshot contains all of the information needed to restore your data (from the moment when the snapshot was taken) to a new CBS volume. For more information on CBS Snapshots, please visit the below URL:
• http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/ CBSSnapshots.htm I

NEW QUESTION 10
You need to deploy an AWS stack in a repeatable manner across multiple environments. You have selected CloudFormation as the right tool to accomplish this, but have found that there is a resource type you need to create and model, but is unsupported by CloudFormation. How should you overcome this challenge?

• A. Use a CloudFormation Custom Resource Template by selecting an API call to proxy for create, update, and delete action
• B. CloudFormation will use the AWS SDK, CLI, or API method of your choosing as the state transition function for the resource type you are modeling.
• C. Submit a ticket to the AWS Forum
• D. AWS extends CloudFormation Resource Types by releasing tooling to the AWS Labs organization on GitHu
• E. Their response time is usually 1 day, and theycomplete requests within a week or two.
• F. Instead of depending on CloudFormation, use Chef, Puppet, or Ansible to author Heat templates, which are declarative stack resource definitions that operate over the OpenStack hypervisor and cloud environment.
• G. Create a CloudFormation Custom Resource Type by implementing create, update, and delete functionality, either by subscribing a Custom Resource Provider to an SNS topic, or by implementing the logic in AWS Lambda.

Answer: D

Explanation:
Custom resources enable you to write custom provisioning logic in templates that AWS Cloud Formation runs anytime you create, update (if you changed the custom resource), or delete stacks. For example, you might want to include resources that aren't available as AWS Cloud Formation resource types. You can include those resources by using custom resources. That way you can still manage all your related resources in a single stack.
Use the AWS:: Cloud Formation:: Custom Resource or Custom ::String resource type to define custom resources in your templates. Custom resources require one property: the service token, which specifies where AWS CloudFormation sends requests to, such as an Amazon SNS topic.
For more information on Custom Resources in Cloudformation, please visit the below U RL: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/template-custom- resources.html

NEW QUESTION 11
You are a Devops engineer for your company. The company hosts a web application that is hosted on a single EC2 Instance. The end users are complaining of slow response times for the application. Which of the following can be used to effectively scale the application?

• A. UseAutoscaling Groups to launch multiple instances and place them behind an ELB.
• B. UseAutoscaling launch configurations to launch multiple instances and place thembehing an ELB.
• C. UseAmazonRDS with the Multi-AZ feature.
• D. UseCloudformation to deploy the app again with an Amazon RDS with the Multi-AZfeature.

Answer: A

Explanation:
The AWS Documentation mentions the below
When you use Auto Scaling, you can automatically increase the size of your Auto Scalinggroup when demand goes up and decrease it when demand goes down. As Auto Scaling adds and removes CC2 instances, you must ensure that the traffic for your application is distributed across all of your CC2 instances. The Clastic Load Balancing service automatically routes incoming web traffic across such a dynamically changing number of L~C2 instances. Your load balancer acts as a single point
of contact for all incoming traffic to the instances in your Auto Scalinggroup. For more information on Autoscaling and ELB, please refer to the below link:
• http://docs.aws.a mazon.com/autoscaling/latest/userguide/autosca I ing-load-balancer.html

NEW QUESTION 12
Which of the following can be used in Cloudformation to coordinate the creation of stack resources. Choose 2 answers from the options given below

• A. AWS::CloudFormation::HoldCondition
• B. AWS::CloudFormation::WaitCondition
• C. HoldPolicyattribute
• D. CreationPolicyattribute

Answer: BD

Explanation:
The AWS Documentation mentions the following
Using the AWS::CloudFormation::WaitCondition resource and Creation Pol icy attribute, you can do the following:
Coordinate stack resource creation with other configuration actions that are external to the stack creation
Track the status of a configuration process For more information on wait conditions, please refer to the below link:
• http://docs.ws.amazon.com/AWSCIoudFormation/latest/UserGuide/using-cfn-waitcond ition.html

NEW QUESTION 13
Which of the following is false when it comes to using the Elastic Load balancer with Opsworks stacks?

• A. Youcan attach only one load balancer to a layer.
• B. A Classic Load Balancer can span across AWSOpsWorks Stacks layers.
• C. Eachload balancer can handle only one layer.
• D. Youneed to create the load balancer before hand and then attach it to the Opsworkstack.

Answer: B

Explanation:
The AWS Documentation mentions the following
To use Clastic Load Balancing with a stack, you must first create one or more load balancers in the same region by using the Clastic Load Balancing console, CLI, or API. You should be aware of the following:
You can attach only one load balancer to a layer. Cach load balancer can handle only one layer.
AWS OpsWorks Stacks does not support Application Load Balancer. You can only use Classic Load Balancer with AWS OpsWorks Stacks. For more information on Clastic Load Balancer with Opswork,
please visit the below url http://docs.aws.a mazon.com/opsworks/latest/userguide/layers-elb.html

NEW QUESTION 14
You are currently using SGS to pass messages to EC2 Instances. You need to pass messages which are greater than 5 MB in size. Which of the following can help you accomplish this.

• A. UseKinesis as a buffer stream for message bodie
• B. Store the checkpoint id fortheplacement in the Kinesis Stream in SQS.
• C. Usethe Amazon SQS Extended Client Library for Java and Amazon S3 as a storagemechanism for message bodie
• D. */
• E. UseSQS's support for message partitioning and multi-part uploads on Amazon S3.
• F. UseAWS EFS as a shared pool storage mediu
• G. Store filesystem pointers to the fileson disk in the SQS message bodies.

Answer: B

Explanation:
The AWS documentation mentions the following
You can manage Amazon SQS messages with Amazon S3. This is especially useful for storing and consuming messages with a message size of up to 2 GB. To manage
Amazon SQS messages with Amazon S3, use the Amazon SQS Extended Client Library for Java. Specifically, you use this library to:
Specify whether messages are always stored in Amazon S3 or only when a message's size exceeds 256 KB.
Send a message that references a single message object stored in an Amazon S3 bucket. Get the corresponding message object from an Amazon S3 bucket.
Delete the corresponding message object from an Amazon S3 bucket. For more information on SQS and sending larger messages please visit the link

NEW QUESTION 15
You have a current Clouformation template defines in AWS. You need to change the current alarm threshold defined in the Cloudwatch alarm. How can you achieve this?

• A. Currently, there is no option to change what is already defined in Cloudformation templates.
• B. Update the template and then update the stack with the new templat
• C. Automatically all resources will be changed in the stack.
• D. Update the template and then update the stack with the new templat
• E. Only those resources that need to be changed will be change
• F. All other resources which do not need to be changed will remain as they are.
• G. Delete the current cloudformation templat
• H. Create a new one which will update the current resources.

Answer: C

Explanation:
Option A is incorrect because Cloudformation templates have the option to update resources.
Option B is incorrect because only those resources that need to be changed as part of the stack update are actually updated.
Option D is incorrect because deleting the stack is not the ideal option when you already have a change option available.
When you need to make changes to a stack's settings or change its resources, you update the stack instead of deleting it and creating a new stack. For example, if you
have a stack with an EC2 instance, you can update the stack to change the instance's AMI ID.
When you update a stack, you submit changes, such as new input parameter values or an updated template. AWS CloudFormation compares the changes you submit with the current state of your stack and updates only the changed resources
For more information on stack updates please refer to the below link:
• http://docs.aws.a mazon.com/AWSCIoudFormation/latest/UserGuide/using-cfn-updating- stacks.htmI

NEW QUESTION 16
You've been tasked with building out a duplicate environment in another region for disaster recovery purposes. Part of your environment relies on EC2 instances with preconfigured software. What steps would you take to configure the instances in another region? Choose the correct answer from the options below

• A. Createan AMI oftheEC2 instance
• B. CreateanAMIoftheEC2instanceandcopytheAMItothedesiredregion
• C. Makethe EC2 instance shareable among other regions through 1AM permissions
• D. Noneof the above

Answer: B

Explanation:
You can copy an Amazon Machine Image (AMI) within or across an AWS region using the AWS Management Console, the AWS command line tools or SDKs, or the Amazon CC2 API, all of which support the Copylmage action. You can copy both Amazon CBS-backed AM Is and instance store-backed AM Is. You can copy AMIs with encrypted snapshots and encrypted AMIs.
For more information on copying AMI's, please refer to the below link:
• http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/CopyingAMIs.htTTil

NEW QUESTION 17
A company has EC2 instances running in AWS. The EC2 instances are running via an Autoscaling solution. There is a lot of requests being lost because of the load on the servers. The Autoscaling solution is launching new instances to take the load but there are still some requests which are being lost. Which of the following is likely to provide the most cost-effective solution to avoid losing recently submitted requests? Choose the correct answer from the options given below

• A. UseanSQS queue to decouple the application components
• B. Keepone extra EC2 instance always powered on in case a spike occurs
• C. Uselarger instances for your application
• D. Pre -warmyour Elastic Load Balancer

Answer: A

Explanation:
Amazon Simple Queue Service (SQS) is a fully-managed message queuing service for reliably communicating among distributed software components and microservices - at any scale. Building applications from individual components that each perform a discrete function improves scalability and reliability, and is best practice design for modern applications
For more information on SQS, please refer to the below link:
• https://aws.amazon.com/sqs/

NEW QUESTION 18
You currently have a set of instances running on your Opswork stacks. You need to install security updates on these servers. What does AWS recommend in terms of how the security updates should be deployed?
Choose 2 answers from the options given below.

• A. Createand start new instances to replace your current online instance
• B. Then deletethe current instances.
• C. Createa new Opswork stack with the new instances.
• D. OnLinux-based instances in Chef 11.10 or older stacks, run the UpdateDependencies stack command.
• E. Create a cloudformation template which can be used to replace the instances.

Answer: AC

Explanation:
The AWS Documentation mentions the following
By default, AWS OpsWorks Stacks automatically installs the latest updates during setup, after an instance finishes booting. AWS OpsWorks Stacks does not automatically install updates after an instance is online, to avoid interruptions such as restarting application servers. Instead, you manage updates to your online instances yourself, so you can minimize any disruptions.
We recommend that you use one of the following to update your online instances.
Create and start new instances to replace your current online instances. Then delete the current instances. The new instances will have the latest set of security patches installed during setup.
On Linux-based instances in Chef 11.10 or older stacks, run the Update Dependencies stack command, which installs the current set of security patches and other updates on the specified instances.
For more information on Opswork updates, please visit the below url • http://docs.aws.amazon.com/opsworks/latest/userguide/best-practices-updates. htmI

NEW QUESTION 19
You have an application running on an Amazon EC2 instance and you are using 1AM roles to securely access AWS Service APIs. How can you configure your application running on that instance to retrieve the API keys for use with the AWS SDKs?

• A. When assigning an EC21AM role to your instance in the console, in the "Chosen SDK" drop-down list, select the SDK that you are using, and the instance will configure the correct SDK on launch with the API keys.
• B. Within your application code, make a GET request to the 1AM Service API to retrieve credentials for your user.
• C. When using AWS SDKs and Amazon EC2 roles, you do not have to explicitly retrieve API keys, because the SDK handles retrieving them from the Amazon EC2 MetaData service.
• D. Within your application code, configure the AWS SDK to get the API keys from environment variables, because assigning an Amazon EC2 role stores keys in environment variables on launch.

Answer: C

Explanation:
IAM roles are designed so that your applications can securely make API requests from your instances, without requiring you to manage the security credentials that
the applications use. Instead of creating and distributing your AWS credentials, you can delegate permission to make API requests using 1AM roles
For more information on Roles for CC2 please refer to the below link: http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

NEW QUESTION 20
You have been given a business requirement to retain log files for your application for 10 years. You need to regularly retrieve the most recent logs for troubleshooting. Your logging system must be cost-effective, given the large volume of logs. What technique should you use to meet these requirements?

• A. Store your log in Amazon CloudWatch Logs.
• B. Store your logs in Amazon Glacier.
• C. Store your logs in Amazon S3, and use lifecycle policies to archive to Amazon Glacier.
• D. Store your logs on Amazon EBS, and use Amazon EBS snapshots to archive them.

Answer: C

Explanation:
Option A is invalid, because cloud watch will not store the logs indefinitely and secondly it won't be the cost effective option.
Option B is invalid, because it won't server the purpose of regularly retrieve the most recent logs for troubleshooting. You will need to pay more to retrieve the logs faster from this storage.
Option D is invalid, because it is not an ideal or cost effective option.
You can define lifecycle configuration rules for objects that have a well-defined lifecycle. For example: if you are uploading periodic logs to your bucket, your application might need these logs for a week or a month after creation, and after that you might want to delete them.
Some documents are frequently accessed for a limited period of time. After that, these documents are less frequently accessed. Over time, you might not need real-time access to these objects, but your organization or regulations might require you to archive them for a longer period and then optionally delete them later.
You might also upload some types of data to Amazon S3 primarily for archival purposes, for example digital media archives, financial and healthcare records, raw genomics sequence data, long-term database backups, and data that must be retained for regulatory compliance.
For more information on Lifecycle management please refer to the below link: http://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.htmI
Note:
Option C is the cheapest option, but Cloud watch can store logs indefinetly or between 10 years and
one day.
"Log Retention—By default, logs are kept indefinitely and never expire. You can adjust the retention policy for each log group, keeping the indefinite retention, or
choosing a retention periods between 10 years and one day." https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatlsCloudWatchLogs.html

NEW QUESTION 21
When one creates an encrypted EBS volume and attach it to a supported instance type ,which of the following data types are encrypted?
Choose 3 answers from the options below

• A. Dataat rest inside the volume
• B. Alldata copied from the EBS volume to S3
• C. Alldata moving between the volume and the instance
• D. Allsnapshots created from the volume

Answer: ACD

Explanation:
This is clearly given in the aws documentation. Amazon EBS Encryption
Amazon CBS encryption offers a simple encryption solution for your CBS volumes without the need to build, maintain, and secure your own key management infrastructure. When you create an encrypted CBS volume and attach it to a supported instance type, the following types of data are encrypted:
• Data at rest inside the volume
• All data moving between the volume and the instance
• All snapshots created from the volume
• All volumes created from those snapshots
For more information on CBS encryption, please refer to the below url http://docs.aws.a mazon.com/AWSCC2/latest/UserGuide/CBSCncryption.html

NEW QUESTION 22
You are the IT administrator for your company. You have the responsibility of creating development environments which would confirm to the LAMP development stack. The requirement is that the
development team always gets the latest version of the LAMP stack each time a new instance is launched. Which of the following is an efficient and effective way to implement this requirement? Choose 2 answers from the options given below

• A. Create an AMI with all the artifacts of the LAMP stack and provide an instance to the development team based on the AMI.
• B. Create a cloudformation template and use the cloud-init directives to download and the install the LAMP stack packages.
• C. Use the User data section and use a custom script which will be used to download the necessary LAMP stack packages.
• D. Create an EBS Volume with the LAMP stack and attach it to an instance whenever it is required.

Answer: BC

Explanation:
Using User data and cloud-init directives you can always ensure you download the latest version of the LAMP stack and give it to the development teams. With AMI's
you will always have the same version and will need to create an AMI everytime the version of the LAMP stack changes.
The AWS Documentation mentions
When you launch an instance in Amazon CC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon CC2: shell scripts and cloud-init directives. You can
also pass this data into the launch wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).
For more information on User data please refer to the below link: http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/user-data.html

NEW QUESTION 23
You are a DevOps engineer for a company. You have been requested to create a rolling deployment solution that is cost-effective with minimal downtime. How should you achieve this? Choose two answers from the options below

• A. Re-deploy your application using a CloudFormation template to deploy Elastic Beanstalk
• B. Re-deploy with a CloudFormation template, define update policies on Auto Scalinggroups in your CloudFormation template
• C. Use UpdatePolicy attribute to specify how CloudFormation handles updates to Auto Scaling Group resource.
• D. After each stack is deployed, tear down the old stack

Answer: BC

Explanation:
The AWS::AutoScaling::AutoScalingGroup resource supports an UpdatePolicy attribute. This is used to define how an Auto Scalinggroup resource is updated when
an update to the Cloud Formation stack occurs. A common approach to updating an Auto Scaling group is to perform a rolling update, which is done by specifying the
AutoScalingRollingUpdate policy. This retains the same Auto Scalinggroup and replaces old instances with new ones, according to the parameters specified.
Option A is invalid because it is not efficient to use Cloudformation to use Clastic Beanstalk.
Option D is invalid because this is an inefficient process to tear down stacks when there are stack policies available
For more information on Autoscaling Rolling Updates please refer to the below link:
• https://aws.amazon.com/premiumsupport/knowledge-center/auto-scaling-group-rolling- updates/

NEW QUESTION 24
......