DOP-C02 Exam Dumps : AWS Certified DevOps Engineer - Professional

The operating system (Amazon Linux) uses yum for package management. To use both the default and a custom repository, the simplest method is to add the custom repository configuration file under /etc/yum.repos.d/ using the yum-config-manager CLI, and enable it. This allows the system to access both repositories during patching automatically.

This approach requires minimal setup and effort and leverages the existing yum patching mechanisms.

Option A and D involve managing multiple patch baselines in Systems Manager Patch Manager, which does not natively support custom repositories — it relies on the underlying OS package manager.

Option B (Direct Connect) is not necessary unless network connectivity is an issue.

Thus, option C meets the requirement with the least effort.

This failure is typically due to incorrectly configured health checks in Elastic Load Balancing for the Classic Load Balancer, Application Load Balancer, or Network Load Balancer used to manage traffic for the deployment group. To resolve the issue, review and correct any errors in the health check configuration for the load balancer.

The company requires an organization-wide, centralized, and automated solution to detect sensitive data in Amazon S3, aggregate findings in one location, and quarantine affected objects with minimal operational overhead. AWS provides a native service specifically designed for this purpose: Amazon Macie .

Option A is essential because Amazon Macie automatically discovers and classifies sensitive data such as PII in S3 buckets using managed machine learning models. When enabled at the organization level , Macie scans buckets across all accounts and Regions. Integrating Macie with AWS Security Hub centralizes all findings in a single dashboard, allowing the company’s security officer to review and manage sensitive data alerts across the organization without building custom aggregation pipelines.

Detection alone is not sufficient; remediation is also required. Option C completes the solution by using Amazon EventBridge , which natively receives Macie findings in near real time. An EventBridge rule can trigger a Lambda function whenever Macie identifies sensitive data. The Lambda function can then copy the affected object to a quarantine S3 bucket and delete the original object, meeting the remediation requirement automatically and consistently.

Option D requires custom sensitive data detection logic, which is complex, error-prone, and unnecessary given Macie’s capabilities. Option E is invalid because SCPs cannot inspect or move data. Option B does not detect sensitive information.

Therefore, A and C together provide the most efficient, scalable, and AWS-recommended solution.