Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Amazon
  3. AWS DevOps Engineer Professional

Amazon AWS DevOps Engineer Professional Exam (page: 1)
Amazon AWS DevOps Engineer - Professional (DOP-C01)
Updated on: 09-Feb-2026

Viewing Page 1 of 27
AWS DevOps Engineer Professional PDF 208 Questions

A company wants to migrate its content sharing web application hosted on Amazon EC2 to a serverless architecture. The company currently deploys changes to its application by creating a new Auto Scaling group of EC2 instances and a new Elastic Load Balancer, and then shifting the tra c away using an Amazon Route
53 weighted routing policy.
For its new serverless application, the company is planning to use Amazon API Gateway and AWS Lambda. The company will need to update its deployment processes to work with the new application. It will also need to retain the ability to test new features on a small number of users before rolling the features out to the entire user base.
Which deployment strategy will meet these requirements?

  1. Use AWS CDK to deploy API Gateway and Lambda functions. When code needs to be changed, update the AWS CloudFormation stack and deploy the new version of the APIs and Lambda functions. Use a Route 53 failover routing policy for the canary release strategy.
  2. Use AWS CloudFormation to deploy API Gateway and Lambda functions using Lambda function versions. When code needs to be changed, update the CloudFormation stack with the new Lambda code and update the API versions using a canary release strategy. Promote the new version when testing is complete.
  3. Use AWS Elastic Beanstalk to deploy API Gateway and Lambda functions. When code needs to be changed, deploy a new version of the API and Lambda functions. Shift tra c gradually using an Elastic Beanstalk blue/green deployment.
  4. Use AWS OpsWorks to deploy API Gateway in the service layer and Lambda functions in a custom layer. When code needs to be changed, use OpsWorks to perform a blue/green deployment and shift tra c gradually.

Answer(s): B



A company's application is currently deployed to a single AWS Region. Recently, the company opened a new o ce on a different continent. The users in the new o ce are experiencing high latency. The company's application runs on Amazon EC2 instances behind an Application Load Balancer (ALB) and uses Amazon
DynamoDB as the database layer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones. A DevOps Engineer is tasked with minimizing application response times and improving availability for users in both Regions. Which combination of actions should be taken to address the latency issues? (Choose three.)

  1. Create a new DynamoDB table in the new Region with cross-Region replication enabled.
  2. Create new ALB and Auto Scaling group global resources and con gure the new ALB to direct tra c to the new Auto Scaling group.
  3. Create new ALB and Auto Scaling group resources in the new Region and con gure the new ALB to direct tra c to the new Auto Scaling group.
  4. Create Amazon Route 53 records, health checks, and latency-based routing policies to route to the ALB.
  5. Create Amazon Route 53 aliases, health checks, and failover routing policies to route to the ALB.
  6. Convert the DynamoDB table to a global table.

Answer(s): C,D,F



A DevOps engineer used an AWS CloudFormation custom resource to set up AD Connector. The AWS Lambda function executed and created AD Connector, but
CloudFormation is not transitioning from CREATE_IN_PROGRESS to CREATE_COMPLETE.
Which action should the engineer take to resolve this issue?

  1. Ensure the Lambda function code has exited successfully.
  2. Ensure the Lambda function code returns a response to the pre-signed URL.
  3. Ensure the Lambda function IAM role has cloudformation:UpdateStack permissions for the stack ARN.
  4. Ensure the Lambda function IAM role has ds:ConnectDirectory permissions for the AWS account.

Answer(s): B



A company plans to stop using Amazon EC2 key pairs for SSH access, and instead plans to use AWS Systems Manager Session Manager. To further enhance security, access to Session Manager must take place over a private network only.
Which combinations of actions will accomplish this? (Choose two.)

  1. Allow inbound access to TCP port 22 in all associated EC2 security groups from the VPC CIDR range.
  2. Attach an IAM policy with the necessary Systems Manager permissions to the existing IAM instance pro le.
  3. Create a VPC endpoint for Systems Manager in the desired Region.
  4. Deploy a new EC2 instance that will act as a bastion host to the rest of the EC2 instance eet.
  5. Remove any default routes in the associated route tables.

Answer(s): B,C



A company runs an application with an Amazon EC2 and on-premises con guration. A DevOps Engineer needs to standardize patching across both environments. Company policy dictates that patching only happens during non-business hours.
Which combination of actions will meet these requirements? (Choose three.)

  1. Add the physical machines into AWS Systems Manager using Systems Manager Hybrid Activations.
  2. Attach an IAM role to the EC2 instances, allowing them to be managed by AWS Systems Manager.
  3. Create IAM access keys for the on-premises machines to interact with AWS Systems Manager.
  4. Execute an AWS Systems Manager Automation document to patch the systems every hour.
  5. Use Amazon CloudWatch Events scheduled events to schedule a patch window.
  6. Use AWS Systems Manager Maintenance Windows to schedule a patch window.

Answer(s): A,B,F



A company has many applications. Different teams in the company developed the applications by using multiple languages and frameworks. The applications run on premises and on different servers with different operating systems. Each team has its own release protocol and process. The company wants to reduce the complexity of the release and maintenance of these applications. The company is migrating its technology stacks, including these applications, to AWS. The company wants centralized control of source code, a consistent and automatic delivery pipeline, and as few maintenance tasks as possible on the underlying infrastructure.
What should a DevOps engineer do to meet these requirements?

  1. Create one AWS CodeCommit repository for all applications. Put each application's code in different branch. Merge the branches, and use AWS CodeBuild to build the applications. Use AWS CodeDeploy to deploy the applications to one centralized application server.
  2. Create one AWS CodeCommit repository for each of the applications Use AWS CodeBuild to build the applications one at a time. Use AWS CodeDeploy to deploy the applications to one centralized application server.
  3. Create one AWS CodeCommit repository for each of the applications. Use AWS CodeBuild to build the applications one at a time to create one AMI for each server. Use AWS CloudFormation StackSets to automatically provision and decommission Amazon EC2 eets by using these AMIs.
  4. Create one AWS CodeCommit repository for each of the applications. Use AWS CodeBuild to build one Docker image for each application in Amazon Elastic Container Registry (Amazon ECR). Use AWS CodeDeploy to deploy the applications to Amazon Elastic Container Service (Amazon ECS) on infrastructure that AWS Fargate manages.

Answer(s): D


Reference:

https://towardsdatascience.com/ci-cd-logical-and-practical-approach-to-build-four-step-pipeline-on-aws-3f54183068ec



A DevOps engineer is developing an application for a company. The application needs to persist les to Amazon S3. The application needs to upload les with different security classi cations that the company de nes. These classi cations include con dential, private, and public. Files that have a con dential classi cation must not be viewable by anyone other than the user who uploaded them. The application uses the IAM role of the user to call the S3 API operations.
The DevOps engineer has modi ed the application to add a DataClassi cation tag with the value of con dential and an Owner tag with the uploading user's ID to each con dential object that is uploaded to Amazon S3. Which set of additional steps must the DevOps engineer take to meet the company's requirements?

  1. Modify the S3 bucket's ACL to grant bucket-owner-read access to the uploading user's IAM role. Create an IAM policy that grants
    s3:GetObject operations on the S3 bucket when aws:ResourceTag/DataClassi cation equals con dential, and s3:ExistingObjectTag/Owner equals ${aws:userid}. Attach the policy to the IAM roles for users who require access to the S3 bucket.
  2. Modify the S3 bucket policy to allow the s3:GetObject action when aws:ResourceTag/DataClassi cation equals con dential, and
    s3:ExistingObjectTag/Owner equals ${aws:userid}. Create an IAM policy that grants s3:GetObject operations on the S3 bucket. Attach the policy to the IAM roles for users who require access to the S3 bucket.
  3. Modify the S3 bucket policy to allow the s3:GetObject action when aws:ResourceTag/DataClassi cation equals con dential, and aws:RequesttTag/Owner equals ${aws:userid}. Create an IAM policy that grants s3:GetObject operations on the S3 bucket. Attach the policy to the IAM roles for users who require access to the S3 bucket.
  4. Modify the S3 bucket's ACL to grant authenticated-read access when aws:ResourceTag/DataClassi cation equals con dential, and
    s3:ExistingObjectTag/Owner equals ${aws:userid}. Create an IAM policy that grants s3:GetObject operations on the S3 bucket. Attach the policy to the IAM roles for users who require access to the S3 bucket.

Answer(s): B



A company has developed an AWS Lambda function that handles orders received through an API. The company is using AWS CodeDeploy to deploy the Lambda function as the nal stage of a CI/CD pipeline.
A DevOps Engineer has noticed there are intermittent failures of the ordering API for a few seconds after deployment. After some investigation, the DevOps
Engineer believes the failures are due to database changes not having fully propagated before the Lambda function begins executing.
How should the DevOps Engineer overcome this?

  1. Add a BeforeAllowTra c hook to the AppSpec le that tests and waits for any necessary database changes before tra c can ow to the new version of the Lambda function
  2. Add an AfterAllowTra c hook to the AppSpec le that forces tra c to wait for any pending database changes before allowing the new version of the Lambda function to respond
  3. Add a BeforeInstall hook to the AppSpec le that tests and waits for any necessary database changes before deploying the new version of the Lambda function
  4. Add a ValidateService hook to the AppSpec le that inspects incoming tra c and rejects the payload if dependent services, such as the database, are not yet ready

Answer(s): A



Viewing Page 1 of 27



Share your comments for Amazon AWS DevOps Engineer Professional exam with other users:

Tshegofatso 8/28/2023 11:51:00 AM

this website is very helpful
SOUTH AFRICA


philly 9/18/2023 2:40:00 PM

its my first time exam
SOUTH AFRICA


Beexam 9/4/2023 9:06:00 PM

correct answers are device configuration-enable the automatic installation of webview2 runtime. & policy management- prevent users from submitting feedback.
NEW ZEALAND


RAWI 7/9/2023 4:54:00 AM

is this dump still valid? today is 9-july-2023
SWEDEN


Annie 6/7/2023 3:46:00 AM

i need this exam.. please upload these are really helpful
PAKISTAN


Shubhra Rathi 8/26/2023 1:08:00 PM

please upload the oracle 1z0-1059-22 dumps
Anonymous


Shiji 10/15/2023 1:34:00 PM

very good questions
INDIA


Rita Rony 11/27/2023 1:36:00 PM

nice, first step to exams
Anonymous


Aloke Paul 9/11/2023 6:53:00 AM

is this valid for chfiv9 as well... as i am reker 3rd time...
CHINA


Calbert Francis 1/15/2024 8:19:00 PM

great exam for people taking 220-1101
UNITED STATES


Ayushi Baria 11/7/2023 7:44:00 AM

this is very helpfull for me
Anonymous


alma 8/25/2023 1:20:00 PM

just started preparing for the exam
UNITED KINGDOM


CW 7/10/2023 6:46:00 PM

these are the type of questions i need.
UNITED STATES


Nobody 8/30/2023 9:54:00 PM

does this actually work? are they the exam questions and answers word for word?
Anonymous


Salah 7/23/2023 9:46:00 AM

thanks for providing these questions
Anonymous


Ritu 9/15/2023 5:55:00 AM

interesting
CANADA


Ron 5/30/2023 8:33:00 AM

these dumps are pretty good.
Anonymous


Sowl 8/10/2023 6:22:00 PM

good questions
UNITED STATES


Blessious Phiri 8/15/2023 2:02:00 PM

dbua is used for upgrading oracle database
Anonymous


Richard 10/24/2023 6:12:00 AM

i am thrilled to say that i passed my amazon web services mls-c01 exam, thanks to study materials. they were comprehensive and well-structured, making my preparation efficient.
Anonymous


Janjua 5/22/2023 3:31:00 PM

please upload latest ibm ace c1000-056 dumps
GERMANY


Matt 12/30/2023 11:18:00 AM

if only explanations were provided...
FRANCE


Rasha 6/29/2023 8:23:00 PM

yes .. i need the dump if you can help me
Anonymous


Anonymous 7/25/2023 8:05:00 AM

good morning, could you please upload this exam again?
SPAIN


AJ 9/24/2023 9:32:00 AM

hi please upload sre foundation and practitioner exam questions
Anonymous


peter parker 8/10/2023 10:59:00 AM

the exam is listed as 80 questions with a pass mark of 70%, how is your 50 questions related?
Anonymous


Berihun 7/13/2023 7:29:00 AM

all questions are so important and covers all ccna modules
Anonymous


nspk 1/19/2024 12:53:00 AM

q 44. ans:- b (goto setup > order settings > select enable optional price books for orders) reference link --> https://resources.docs.salesforce.com/latest/latest/en-us/sfdc/pdf/sfom_impl_b2b_b2b2c.pdf(decide whether you want to enable the optional price books feature. if so, select enable optional price books for orders. you can use orders in salesforce while managing price books in an external platform. if you’re using d2c commerce, you must select enable optional price books for orders.)
Anonymous


Muhammad Rawish Siddiqui 12/2/2023 5:28:00 AM

"cost of replacing data if it were lost" is also correct.
SAUDI ARABIA


Anonymous 7/14/2023 3:17:00 AM

pls upload the questions
UNITED STATES


Mukesh 7/10/2023 4:14:00 PM

good questions
UNITED KINGDOM


Elie Abou Chrouch 12/11/2023 3:38:00 AM

question 182 - correct answer is d. ethernet frame length is 64 - 1518b. length of user data containing is that frame: 46 - 1500b.
Anonymous


Damien 9/23/2023 8:37:00 AM

i need this exam pls
Anonymous


Nani 9/10/2023 12:02:00 PM

its required for me, please make it enable to access. thanks
UNITED STATES