Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Professional
  5. DOP-C02 Discussions
  6. DOP-C02 Exam Topic 11 Question 106 Discussion

Amazon Web Services AWS Certified DevOps Engineer - Professional DOP-C02 Question # 106 Topic 11 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified DevOps Engineer - Professional DOP-C02 Question # 106 Topic 11 Discussion

DOP-C02 Exam Topic 11 Question 106 Discussion:
Question #: 106
Topic #: 11

A company deploys an application on on-premises devices in the company ' s on-premises data center. The company uses an AWS Direct Connect connection between the data center and the company ' s AWS account. During initial setup of the on-premises devices and during application updates, the application needs to retrieve configuration files from an Amazon Elastic File System (Amazon EFS) file system. All traffic from the on-premises devices to Amazon EFS must remain private and encrypted. The on-premises devices must follow the principle of least privilege for AWS access. The company ' s DevOps team needs the ability to revoke access from a single device without affecting the access of the other devices. Which combination of steps will meet these requirements? (Select TWO.)
A.

Create an IAM user that has an access key and a secret key for each device. Attach the AmazonElasticFileSystemFullAccess policy to all IAM users. Configure the AWS CLI on the on-premises devices to use the IAM user ' s access key and secret key.

B.

Generate certificates for each on-premises device in AWS Private Certificate Authority. Create a trust anchor in IAM Roles Anywhere that references an AWS Private CA. Create an IAM role that trusts IAM Roles Anywhere. Attach the AmazonElasticFileSystemClientReadWriteAccess to the role. Create an IAM Roles Anywhere profile for the IAM role. Configure the AWS CLI on the on-premises devices to use the aws_signing_helper command to obtain crede

C.

Create an IAM user that has an access key and a secret key for all devices. Attach the AmazonElasticFileSystemClientReadWriteAccess policy to the IAM user. Configure the AWS CLI on the on-premises devices to use the IAM user ' s access key and secret key.

D.

Use the amazon-efs-utils package to mount the EFS file system.

E.

Use the native Linux NFS client to mount the EFS file system.

Get Premium DOP-C02 Questions
Actual exam question for Amazon Web Services DOP-C02 exam by Echo6614 at Mar 15, 2026, 4:44:58 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next