DOP-C02 Exam Questions
498 real DOP-C02 exam questions with expert-verified answers and explanations. Page 1 of 10.
- Question #1Database Security
A company has multiple member accounts that are part of an organization in AWS Organizations. The security team needs to review every Amazon EC2 security group and their inbound an...
IAM rolesCross-account accessAWS OrganizationsSecurity groups - Question #2Management and Operations
A space exploration company receives telemetry data from multiple satellites. Small packets of data are received through Amazon API Gateway and are placed directly into an Amazon S...
SQSDead-letter queueMessage processingError handling - Question #3Deployment and Migration
A company wants to use AWS CloudFormation for infrastructure deployment. The company has strict tagging and resource requirements and wants to limit the deployment to two Regions....
CloudFormationService CatalogGovernanceControlled deployment - Question #4Management and Operations
A company requires that its internally facing web application be highly available. The architecture is made up of one Amazon EC2 web server instance and one NAT instance that provi...
High availabilityEC2 Auto ScalingApplication Load BalancerNAT Gateway - Question #5Management and Operations
A DevOps engineer is building a multistage pipeline with AWS CodePipeline to build, verify, stage, test, and deploy an application. A manual approval stage is required between the...
CodePipelineEventBridgeNotificationsWebhooks - Question #6Database Security
A company's application development team uses Linux-based Amazon EC2 instances as bastion hosts. Inbound SSH access to the bastion hosts is restricted to specific IP addresses, as...
AWS ConfigSecurity groupsSSH accessCompliance monitoring - Question #7Monitoring & Logging
A DevOps team manages an API running on-premises that serves as a backend for an Amazon API Gateway endpoint. Customers have been complaining about high response latencies, which t...
Latency diagnosisDistributed tracingLog collectionHybrid monitoring - Question #8Management and Operations
A company has an application that is using a MySQL-compatible Amazon Aurora Multi-AZ DB cluster as the database. A cross-Region read replica has been created for disaster recovery...
Aurora Multi-AZCross-Region replicaDisaster recoveryAutomated failover - Question #9Management and Operations
A company hosts its staging website using an Amazon EC2 instance backed with Amazon EBS storage. The company wants to recover quickly with minimal data losses in the event of netwo...
EC2 recoveryCloudWatch alarmsSystem status checkAutomated healing - Question #10Deployment and Migration
A company wants to use AWS development tools to replace its current bash deployment scripts. The company currently deploys a LAMP application to a group of Amazon EC2 instances beh...
CI/CDCodePipelineCodeBuildCodeDeployAutomated deployment - Question #11Management and Operations
A company runs an application with an Amazon EC2 and on-premises configuration. A DevOps engineer needs to standardize patching across both environments. Company policy dictates th...
Systems ManagerPatchingHybrid environmentMaintenance Windows - Question #12Deployment and Migration
A company has chosen AWS to host a new application. The company needs to implement a multi-account strategy. A DevOps engineer creates a new AWS account and an organization in AWS...
AWS Control TowerAWS OrganizationsAccount FactoryCustomizations for Control Tower - Question #13Workload-Specific Database Design
An online retail company based in the United States plans to expand its operations to Europe and Asia in the next six months. Its product currently runs on Amazon EC2 instances beh...
Multi-region architectureAuroraRead replicasData consistency - Question #14Deployment and Migration
A company is implementing a well-architected design for its globally accessible API stack. The design needs to ensure both high reliability and fast response times for users locate...
Global APIRoute 53Latency-based routingAPI GatewayMulti-region deployment - Question #15Configuration Management & Infrastructure as Code
A rapidly growing company wants to scale for developer demand for AWS development environments. Development environments are created manually in the AWS Management Console. The net...
CloudFormationNested StacksFn::ImportValueInfrastructure Automation - Question #16Security & Compliance
A company uses AWS Organizations to manage multiple accounts. Information security policies require that all unencrypted Amazon EBS volumes be marked as non-compliant. A DevOps eng...
AWS ConfigOrganizational RulesEBS EncryptionCompliance Management - Question #17Security & Compliance
A company is performing vulnerability scanning for all Amazon EC2 instances across many accounts. The accounts are in an organization in AWS Organizations. Each account's VPCs are...
Amazon InspectorEC2 Vulnerability ScanningSSM AgentInstance Profiles - Question #18SDLC Automation
A development team uses AWS CodeCommit for version control for applications. The development team uses AWS CodePipeline, AWS CodeBuild. and AWS CodeDeploy for CI/CD infrastructure....
CodeCommitPull RequestsEventBridgeCodeBuild - Question #19Monitoring & Logging
A company has deployed an application in a production VPC in a single AWS account. The application is popular and is experiencing heavy usage. The company's security team wants to...
VPC Flow LogsCloudWatch LogsSecurity AuditingTraffic Analysis - Question #20SDLC Automation
A DevOps engineer has automated a web service deployment by using AWS CodePipeline with the following steps: 1. An AWS CodeBuild project compiles the deployment artifact and runs u...
CodePipelineManual ApprovalCodeBuildAWS Lambda - Question #22SDLC Automation
A company runs an application on Amazon EC2 instances. The company uses a series of AWS CloudFormation stacks to define the application resources. A developer performs updates by b...
CodePipelineCodeBuildCodeDeployCloudFormation Change Sets - Question #23SDLC Automation
A DevOps engineer manages a web application that runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an EC2 Auto Scaling group across multi...
Blue/Green DeploymentCodeDeployEC2 Auto Scaling GroupApplication Load Balancer - Question #24Monitoring and Logging
A video-sharing company stores its videos in Amazon S3. The company has observed a sudden increase in video access requests, but the company does not know which videos are most pop...
S3 LoggingLog AnalysisAmazon AthenaData Analytics - Question #25Security & Compliance
A development team wants to use AWS CloudFormation stacks to deploy an application. However, the developer IAM role does not have the required permissions to provision the resource...
CloudFormationIAM Service RolesLeast PrivilegePermissions Management - Question #26Incident & Event Response
A production account has a requirement that any Amazon EC2 instance that has been logged in to manually must be terminated within 24 hours. All applications in the production accou...
CloudWatch LogsAWS LambdaEvent-driven automationEC2 Termination - Question #27Configuration Management & Infrastructure as Code
A company has enabled all features for its organization in AWS Organizations. The organization contains 10 AWS accounts. The company has turned on AWS CloudTrail in all the account...
AWS OrganizationsCloudFormation StackSetsAWS ConfigMulti-account Management - Question #28SDLC Automation
A company has many applications. Different teams in the company developed the applications by using multiple languages and frameworks. The applications run on premises and on diffe...
CodeCommitCodePipelineCodeBuildCodeDeployCI/CD - Question #29Reliability & Resilience
A company's application is currently deployed to a single AWS Region. Recently, the company opened a new office on a different continent. The users in the new office are experienci...
Multi-Region ArchitectureLatency OptimizationDynamoDB Global TablesRoute 53 Routing - Question #30Security & Compliance
A DevOps engineer needs to apply a core set of security controls to an existing set of AWS accounts. The accounts are in an organization in AWS Organizations. Individual teams will...
AWS OrganizationsSCPCloudTrail Organization TrailAWS Config - Question #31Security & Compliance
A company has its AWS accounts in an organization in AWS Organizations. AWS Config is manually configured in each AWS account. The company needs to implement a solution to centrall...
AWS ConfigAWS OrganizationsDelegated AdministratorOrganization Aggregator - Question #32SDLC Automation
A company wants to migrate its content sharing web application hosted on Amazon EC2 to a serverless architecture. The company currently deploys changes to its application by creati...
Serverless DeploymentAPI GatewayAWS LambdaLambda AliasesWeighted Routing - Question #33SDLC Automation
A development team uses AWS CodeCommit, AWS CodePipeline, and AWS CodeBuild to develop and deploy an application. Changes to the code are submitted by pull requests. The developmen...
CodeCommitPull RequestsEventBridgeCodeBuildPre-merge Testing - Question #34Incident & Event Response
A company has an application that runs on a fleet of Amazon EC2 instances. The application requires frequent restarts. The application logs contain error messages when a restart is...
CloudWatch AlarmsSystems Manager AutomationEC2 RestartAutomated Remediation - Question #35Security & Compliance
A DevOps engineer at a company is supporting an AWS environment in which all users use AWS IAM Identity Center (AWS Single Sign-On). The company wants to immediately disable creden...
EventBridgeIAM automationLambdaSNS - Question #36SDLC Automation
A company wants to set up a continuous delivery pipeline. The company stores application code in a private GitHub repository. The company needs to deploy the application components...
CodePipelineCodeDeployContinuous DeliveryGitHub integration - Question #37Reliability & Resilience
A company has an application that runs on Amazon EC2 instances that are in an Auto Scaling group. When the application starts up. the application needs to process data from an Amaz...
Auto Scaling GroupWarm PoolEC2 startup performanceCost optimization - Question #38Security & Compliance
A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS acco...
S3 securityS3 ACLsS3 Bucket PolicyCodeBuild artifacts - Question #39Security & Compliance
A company has developed a serverless web application that is hosted on AWS. The application consists of Amazon S3. Amazon API Gateway, several AWS Lambda functions, and an Amazon R...
CodeCommitCodeGuru ReviewerSecret detectionSource code security - Question #40Configuration Management & Infrastructure as Code
You have been asked to de-risk deployments at your company. Specifically, the CEO is concerned about outages that occur because of accidental inconsistencies between Staging and Pr...
CloudFormationInfrastructure as CodeEnvironment consistencyDeployment de-risking - Question #41Resilient Cloud Solutions
You are creating a new API for video game scores. Reads are 100 times more common than writes, and the top 1% of scores are read 100 times more frequently than the rest of the scor...
DynamoDB designElastiCacheCaching strategyRead/Write patterns - Question #42Reliability & Resilience
Your system uses a multi-master, multi-region DynamoDB configuration spanning two regions to achieve high availablity. For the first time since launching your system, one of the AW...
DynamoDB Global TablesMulti-region replicationEventual consistencyDisaster recovery - Question #43SDLC Automation
A DevOps Engineer needs to deploy a scalable three-tier Node.js application in AWS. The application must have zero downtime during deployments and be able to roll back to previous...
Elastic BeanstalkZero downtime deploymentCloudWatch LogsApplication deployment - Question #44Monitoring & Logging
A company has a mobile application that makes HTTP API calls to an Application Load Balancer (ALB). The ALB routes requests to an AWS Lambda function. Many different versions of th...
Lambda custom metricsCloudWatch MetricsApplication monitoringAPI Gateway monitoring - Question #45Resilient Cloud Solutions
A company provides an application to customers. The application has an Amazon API Gateway REST API that invokes an AWS Lambda function. On initialization, the Lambda function loads...
Lambda cold startProvisioned ConcurrencyApplication Auto ScalingPerformance optimization - Question #46Configuration Management & Infrastructure as Code
A company is adopting AWS CodeDeploy to automate its application deployments for a Java- Apache Tomcat application with an Apache Webserver. The development team started with a pro...
CodeDeployDeployment lifecycle hooksEnvironment variablesDynamic configuration - Question #47Security & Compliance
A company requires its developers to tag all Amazon Elastic Block Store (Amazon EBS) volumes in an account to indicate a desired backup frequency. This requirement Includes EBS vol...
AWS ConfigTagging enforcementComplianceEBS tagging - Question #48Reliability & Resilience
A company is using an Amazon Aurora cluster as the data store for its application. The Aurora cluster is configured with a single DB instance. The application performs read and wri...
Aurora availabilityAurora reader instanceMaintenance windowDatabase resilience - Question #49Security & Compliance
A company must encrypt all AMIs that the company shares across accounts. A DevOps engineer has access to a source account where an unencrypted custom AMI has been built. The DevOps...
AMI encryptionCross-account AMI sharingKMS key policyEC2 Auto Scaling - Question #50SDLC Automation
A company uses AWS CodePipeline pipelines to automate releases of its application A typical pipeline consists of three stages build, test, and deployment. The company has been usin...
CodeDeployCodePipelineEC2 Auto ScalingDeployment agentIAM roles - Question #51Security & Compliance
A company's security team requires that all external Application Load Balancers (ALBs) and Amazon API Gateway APIs are associated with AWS WAF web ACLs. The company has hundreds of...
AWS OrganizationsAWS Firewall ManagerAWS WAFSecurity policy enforcement