[2025-November-New]Braindump2go DOP-C02 Dumps VCE Free Share[Q340-Q370]
2025/November Latest Braindump2go DOP-C02 Exam Dumps with PDF and VCE Free Updated Today! Following are some new Braindump2go DOP-C02 Real Exam Questions!
QUESTION 340
A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform.
Which combination of steps will meet this requirement? (Choose two.)
A. Create an Amazon CloudWatch log group. Create an AWS CloudTrail trail that writes to the CloudWatch log group.
B. Create a new Amazon S3 bucket. Configure default audit logging on the Redshift cluster. Configure the S3 bucket as the target.
C. Configure the Redshift cluster database audit logging to include user activity logs. Configure Amazon CloudWatch as the target.
D. Create an Amazon CloudWatch dashboard that has a log widget. Configure the widget to display user details from the Redshift logs.
E. Create an AWS Lambda function that uses Amazon Athena to query the Redshift logs. Create an Amazon CloudWatch dashboard that has a custom widget type that uses the Lambda function.
Answer: BC
Explanation:
Amazon Redshift audit logging allows you to capture information about the activities performed on the database, including changes to users and the queries executed. By enabling default audit logging and specifying an S3 bucket as the target, you can store the logs in a centralized location. This step ensures that user activity and database changes are captured.
Redshift’s database audit logging can include user activity logs, which track the SQL queries performed by users and the changes they make. By configuring these logs and sending them to Amazon CloudWatch, you can monitor user activity in real time, making it easier to integrate with a monitoring and alerting dashboard.
By enabling audit logging for Amazon Redshift and sending the logs to S3 and CloudWatch, you can track changes to Redshift users and queries effectively and integrate the data into a dashboard for monitoring purposes.
QUESTION 341
A company uses an organization in AWS Organizations to manage its 500 AWS accounts. The organization has all features enabled. The AWS accounts are in a single OU. The developers need to use the CostCenter tag key for all resources in the organization’s member accounts. Some teams do not use the CostCenter tag key to tag their Amazon EC2 instances.
The cloud team wrote a script that scans all EC2 instances in the organization’s member accounts. If the EC2 instances do not have a CostCenter tag key, the script will notify AWS account administrators. To avoid this notification, some developers use the CostCenter tag key with an arbitrary string in the tag value.
The cloud team needs to ensure that all EC2 instances in the organization use a CostCenter tag key with the appropriate cost center value.
Which solution will meet these requirements?
A. Create an SCP that prevents the creation of EC2 instances without the CostCenter tag key. Create a tag policy that requires the CostCenter tag to be values from a known list of cost centers for all EC2 instances. Attach the policy to the OU. Update the script to scan the tag keys and tag values.
Modify the script to update noncompliant resources with a default approved tag value for the CostCenter tag key.
B. Create an SCP that prevents the creation of EC2 instances without the CostCenter tag key. Attach the policy to the OU. Update the script to scan the tag keys and tag values and notify the administrators when the tag values are not valid.
C. Create an SCP that prevents the creation of EC2 instances without the CostCenter tag key. Attach the policy to the OU. Create an IAM permission boundary in the organization’s member accounts that restricts the CostCenter tag values to a list of valid cost centers.
D. Create a tag policy that requires the CostCenter tag to be values from a known list of cost centers for all EC2 instances. Attach the policy to the OU.
Configure an AWS Lambda function that adds an empty CostCenter tag key to an EC2 instance. Create an Amazon EventBridge rule that matches events to the RunInstances API action with the Lambda function as the target.