Browse Exams Pricing

ExamsDOP-C02Questions

DOP-C02 Exam Questions

498 real DOP-C02 exam questions with expert-verified answers and explanations. Page 7 of 10.

Question #304Security and Compliance
A large company runs critical workloads in multiple AWS accounts. The AWS accounts are managed under AWS Organizations with all features enabled. The company stores confidential cu...
AWS CloudTrailAWS OrganizationsS3 data eventsCentralized loggingSecurity auditing
Question #305Resilient Cloud Solutions
A DevOps team is deploying microservices for an application on an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. The cluster uses managed node groups. The DevOps team want...
EKS auto scalingHorizontal Pod Autoscaler (HPA)Kubernetes Cluster AutoscalerManaged node groups
Question #306Security and Compliance
A company has multiple AWS accounts. The company uses AWS IAM Identity Center that is integrated with a third-party SAML 2.0 identity provider (IdP). The attributes for access cont...
Attribute-Based Access Control (ABAC)IAM Identity Center (SSO)IAM policiesResource tagging
Question #307Security and Compliance
A security team wants to use AWS CloudTrail to monitor all actions and API calls in multiple accounts that are in the same organization in AWS Organizations. The security team need...
AWS OrganizationsService Control Policies (SCPs)AWS CloudTrailSecurity hardeningPreventive controls
Question #308SDLC Automation
A DevOps engineer needs to configure a blue/green deployment for an existing three-tier application. The application runs on Amazon EC2 instances and uses an Amazon RDS database. T...
Blue/Green deploymentApplication Load Balancer (ALB)Traffic shiftingCI/CD deployment strategies
Question #309Resilient Cloud Solutions
A company has an application that runs on Amazon EC2 instances in an Auto Scaling group. The application processes a high volume of messages from an Amazon Simple Queue Service (Am...
Auto Scaling groupAmazon SQSQueue-based scalingTarget tracking scaling policyCloudWatch metrics
Question #310Security and Compliance
A company has a single AWS account that runs hundreds of Amazon EC2 instances in a single AWS Region. The company launches and terminates new EC2 instances every hour. The account...
AWS ConfigEC2 instance profilesCompliance monitoringAutomated remediationSecurity best practices
Question #311Security and Compliance
A company uses AWS Organizations to manage hundreds of AWS accounts. The company has a team that is responsible for AWS Identity and Access Management (IAM). The IAM team wants to...
AWS OrganizationsIAM Identity Center (SSO)Delegated administrationLeast privilegePermission sets
Question #312Resilient Cloud Solutions
A company uses an Amazon Aurora PostgreSQL global database that has two secondary AWS Regions. A DevOps engineer has configured the database parameter group to guarantee an RPO of...
Aurora Global DatabaseRecovery Point Objective (RPO)Database replicationWrite blockingDisaster recovery
Question #313Monitoring and Logging
A company has a web application that is hosted on an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. The EKS cluster runs on AWS Fargate that is available through an intern...
EKS observabilityAWS FargateOpenTelemetry CollectorIAM Roles for Service Accounts (IRSA)OIDC provider
Question #314SDLC Automation
A company stores its Python-based application code in AWS CodeCommit. The company uses AWS CodePipeline to deploy the application. The CodeCommit repository and the CodePipeline pi...
CI/CD pipelineAWS CodePipelineAWS CodeBuildVulnerability scanningSecurity gates
Question #315Monitoring and Logging
A DevOps engineer deploys an application to a fleet of Amazon Linux EC2 instances. The DevOps engineer needs to monitor system metrics across the fleet. The DevOps engineer wants t...
CloudWatchEC2 monitoringCloudWatch agentdetailed monitoring
Question #316Configuration Management and Infrastructure as Code
A company uses AWS Systems Manager to manage a fleet of Amazon Linux EC2 instances that have SSM Agent installed. All EC2 instances are configured to use Instance Metadata Service...
Systems ManagerIAM rolesEC2 managementSSM Agent
Question #317Resilient Cloud Solutions
A company configured an Amazon S3 event source for an AWS Lambda function. The company needs the Lambda function to run when a new object is created or an existing object is modifi...
LambdaS3 eventsIAM resource policiesS3
Question #318Configuration Management and Infrastructure as Code
A company recently configured AWS Control Tower in its organization in AWS Organizations. The company enrolled all existing AWS accounts in AWS Control Tower. The company wants to...
AWS Control TowerAWS OrganizationsAWS Service CatalogStep Functions
Question #319Resilient Cloud Solutions
A company's web application uses an Application Load Balancer (ALB) to direct traffic to Amazon EC2 instances across three Availability Zones. The company has deployed a newer vers...
ALBZonal shiftCross-zone load balancingStatic stability
Question #320Monitoring & Logging
A company has several AWS accounts. An Amazon Connect instance runs in each account. The company uses an Amazon EventBridge default event bus in each account for event handling. A...
EventBridgeCross-accountCentralized loggingEvent routing
Question #321Monitoring and Logging
A company has deployed an Amazon Elastic Kubernetes Service (Amazon EKS) cluster with Amazon EC2 node groups. The company's DevOps team uses the Kubernetes Horizontal Pod Autoscale...
EKS monitoringCloudWatchFluent BitCloudWatch Agent
Question #322Resilient Cloud Solutions
A company discovers that its production environment and disaster recovery (DR) environment are deployed to the same AWS Region. All the production applications run on Amazon EC2 in...
FSx for NetApp ONTAPDisaster RecoveryCross-Region replicationRPO
Question #323Security and Compliance
During a security audit, a company discovered that some security groups allow SSH traffic from 0.0.0.0/0. A security team must implement a solution to detect and remediate this iss...
AWS ConfigSecurity GroupsSSHAuto-remediation
Question #324Configuration Management and Infrastructure as Code
A company's DevOps engineer must install a software package on 30 on-premises VMs and 15 Amazon EC2 instances. The DevOps engineer needs to ensure that all VMs receive the package...
Systems ManagerSSM AgentHybrid cloudConfiguration management
Question #325SDLC Automation
A company has an AWS CodePipeline pipeline in the eu-west-1 Region. The pipeline stores the build artifacts in an Amazon S3 bucket. The pipeline builds and deploys an AWS Lambda fu...
CodePipelineCross-Region deploymentCloudFormationS3 artifacts
Question #326Security and Compliance
A company uses an AWS Cloud Development Kit (AWS CDK) application for its infrastructure. The AWS CDK application creates AWS Lambda functions and the IAM roles that are attached t...
IAM permission boundariesAWS CDKLeast privilegeIAM roles
Question #327Security and Compliance
A company uses Amazon Elastic Container Registry (Amazon ECR) private registries to store container images. A DevOps team needs to ensure that the container images are regularly sc...
ECRContainer securityVulnerability scanningAWS Inspector
Question #328Incident & Event Response
A security team sets up a workflow that invokes an AWS Step Functions workflow when Amazon EventBridge matches specific events. The events can be generated by several AWS services....
EventBridgeStep FunctionsTroubleshootingCloudWatch
Question #329Incident & Event Response
A company's DevOps engineer uses AWS Systems Manager to perform maintenance tasks. The company has a few Amazon EC2 instances that require a restart after notifications from AWS He...
EventBridgeAWS HealthSystems Manager AutomationEC2 restart
Question #330SDLC Automation
A DevOps engineer manages an AWS CodePipeline pipeline that builds and deploys a web application on AWS. The pipeline has a source stage, a build stage, and a deploy stage. When de...
CodePipelineLambdaPost-deployment validationAutomated testing
Question #331Monitoring and Logging
A company has an application that uploads access logs to an Amazon CloudWatch Logs log group. The fields in the log lines include the response code and the application name. The co...
CloudWatch LogsMetric filtersLoggingMonitoring
Question #332Configuration Management and Infrastructure as Code
A DevOps engineer provisioned an Amazon Elastic Kubernetes Service (Amazon EKS) cluster with managed node groups. The DevOps engineer associated an OpenID Connect (OIDC) issuer wit...
EKSEBS CSI driverPersistentVolumeClaimIAM roles
Question #333Monitoring and Logging
A company runs a fleet of Amazon EC2 instances in a VPC. The company's employees remotely access the EC2 instances by using the Remote Desktop Protocol (RDP). The company wants to...
VPC Flow LogsCloudWatch LogsMetric filtersRDP
Question #334Configuration Management and Infrastructure as Code
A company is using Amazon Elastic Kubernetes Service (Amazon EKS) to run its applications. The EKS cluster is successfully running multiple pods. The company stores the pod images...
EKSPod IdentityIAM roles for Service AccountsOIDC
Question #335Security & Compliance
A company has multiple AWS accounts in an organization in AWS Organizations that has all features enabled. The company's DevOps administrator needs to improve security across all t...
AWS OrganizationsCloudTrailSecurity AuditIdentity Monitoring
Question #336Configuration Management & Infrastructure as Code
A company has an organization in AWS Organizations with many Oils that contain many AWS accounts. The organization has a dedicated delegated administrator AWS account. The company...
AWS OrganizationsCloudFormation HooksPolicy EnforcementServer-side Encryption
Question #337Resilient Cloud Solutions
A company is running an internal application in an Amazon Elastic Container Service (Amazon ECS) cluster on Amazon EC2. The ECS cluster instances can connect to the public internet...
VPC EndpointsECR Pull Through CacheECS NetworkingPrivate Networking
Question #338Security & Compliance
A company has a continuous integration pipeline where the company creates container images by using AWS CodeBuild. The created images are stored in Amazon Elastic Container Registr...
ECR Image ScanningAmazon InspectorEventBridgeSNS Notifications
Question #339Configuration Management & Infrastructure as Code
A DevOps administrator is configuring a repository to store a company's container images. The administrator needs to configure a lifecycle rule that automatically deletes container...
ECR Lifecycle PoliciesContainer Image ManagementCost Optimization
Question #340Monitoring and Logging
A company uses Amazon Redshift as its data warehouse solution. The company wants to create a dashboard to view changes to the Redshift users and the queries the users perform. Whic...
Redshift LoggingCloudWatch DashboardsDatabase AuditingUser Activity Monitoring
Question #341Security & Compliance
A company uses an organization in AWS Organizations to manage its 500 AWS accounts. The organization has all features enabled. The AWS accounts are in a single OU. The developers n...
AWS OrganizationsService Control Policies (SCPs)Tagging EnforcementCost Management
Question #342SDLC Automation
A DevOps engineer uses a pipeline in AWS CodePipeline. The pipeline has a build action and a deploy action for a single-page web application that is delivered to an Amazon S3 bucke...
AWS CodePipelineCloudFormation OutputsS3 DeploymentCI/CD Artifacts
Question #343Resilient Cloud Solutions
A company used a lift and shift strategy to migrate a workload to AWS. The company has an Auto Scaling group of Amazon EC2 instances. Each EC2 instance runs a web application, a da...
Application ArchitectureLoad Balancing (ALB)Auto ScalingPerformance Optimization
Question #344Security & Compliance
A company is using AWS Organizations and wants to implement a governance strategy with the following requirements: - AWS resource access is restricted to the same two Regions for a...
AWS OrganizationsService Control Policies (SCPs)AWS IAM Identity CenterMulti-account Governance
Question #345Incident & Event Response
A company detects unusual login attempts in many of its AWS accounts. A DevOps engineer must implement a solution that sends a notification to the company's security team when mult...
AWS CloudTrailCloudWatch LogsCloudWatch AlarmsSNS NotificationsFailed Logins
Question #346Security & Compliance
A company has deployed a new REST API by using Amazon API Gateway. The company uses the API to access confidential data. The API must be accessed from only specific VPCs in the com...
API GatewayResource PoliciesVPC AccessNetwork Security
Question #347SDLC Automation
A company runs a website by using an Amazon Elastic Container Service (Amazon ECS) service that is connected to an Application Load Balancer (ALB). The service was in a steady stat...
ECS DeploymentsALB Health ChecksTroubleshootingContainer Orchestration
Question #348Configuration Management & Infrastructure as Code
A company that uses electronic patient health records runs a fleet of Amazon EC2 instances with an Amazon Linux operating system. The company must continuously ensure that the EC2...
AWS Systems Manager Patch ManagerPatch BaselinesCompliance AutomationEC2 Patching
Question #349Configuration Management & Infrastructure as Code
A company use an organization in AWS Organizations to manage multiple AWS accounts. The company has enabled all features enabled for the organization. The company configured the or...
AWS Control TowerAWS OrganizationsAWS ConfigEventBridgeMulti-account Governance
Question #350Resilient Cloud Solutions
A company runs an application in an Auto Scaling group of Amazon EC2 instances behind an Application Load Balancer (ALB). The EC2 instances run Docker containers that make requests...
Serverless MigrationAWS FargateAmazon RDSApplication Modernization
Question #351Configuration Management & Infrastructure as Code
A company uses an organization in AWS Organizations to manage 10 AWS accounts. All features are enabled, and trusted access for AWS CloudFormation is enabled. A DevOps engineer nee...
CloudFormation StackSetsAWS OrganizationsIAM RolesMulti-account Deployment
Question #352SDLC Automation
A company runs an application that stores artifacts in an Amazon S3 bucket. The application has a large user base. The application writes a high volume of objects to the S3 bucket....
S3 Event NotificationsEventBridgeAWS Step FunctionsWorkflow Orchestration
Question #353SDLC Automation
A DevOps team supports an application that runs in an Amazon Elastic Container Service (Amazon ECS) cluster behind an Application Load Balancer (ALB). Currently, the DevOps team us...
AWS CodeDeployBlue/Green DeploymentCanary DeploymentAutomated Rollback

PreviousPage 7 of 10Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.