Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS DevOps Engineer Professional

Amazon AWS DevOps Engineer Professional Exam
AWS DevOps Engineer - Professional (DOP-C01) (Page 3 )

Updated On: 19-Jan-2026
Page 3 of 43
PDF with 208 Questions

A company wants to use AWS Systems Manager documents to bootstrap physical laptops for developers. The bootstrap code is stored in GitHub. A DevOps engineer has already created a Systems Manager activation, installed the Systems Manager agent with the registration code, and installed an activation ID on all the laptops.

Which set of steps should be taken next?

  1. Con gure the Systems Manager document to use the AWS-RunShellScript command to copy the les from GitHub to Amazon S3, then use the aws-downloadContent plugin with a sourceType of S3.
  2. Con gure the Systems Manager document to use the aws-con gurePackage plugin with an install action and point to the Git repository.
  3. Con gure the Systems Manager document to use the aws-downloadContent plugin with a sourceType of GitHub and sourcelnfo with the repository details.
  4. Con gure the Systems Manager document to use the aws:softwarelnventory plugin and run the script from the Git repository.

Answer(s): C



A company that uses electronic health records is running a eet of Amazon EC2 instances with an Amazon Linux operating system. As part of patient privacy requirements, the company must ensure continuous compliance for patches for operating system and applications running on the EC2 instances.

How can the deployments of the operating system and application patches be automated using a default and custom repository?

  1. Use AWS Systems Manager to create a new patch baseline including the custom repository. Run the AWS-RunPatchBaseline document using the run command to verify and install patches.
  2. Use AWS Direct Connect to integrate the corporate repository and deploy the patches using Amazon CloudWatch scheduled events, then use the CloudWatch dashboard to create reports.
  3. Use yum-con g-manager to add the custom repository under /etc/yum.repos.d and run yum-con g-manager-enable to activate the repository.
  4. Use AWS Systems Manager to create a new patch baseline including the corporate repository. Run the AWS- AmazonLinuxDefaultPatchBaseline document using the run command to verify and install patches.

Answer(s): A



A web application has been deployed using an AWS Elastic Beanstalk application. The application developers are concerned that they are seeing high latency in two different areas of the application:

· HTTP client requests to a third-party API
· MySQL client library queries to an Amazon RDS database

A DevOps engineer must gather trace data to diagnose the issues.

Which steps will gather the trace information with the LEAST amount of changes and performance impacts to the application?

  1. Add additional logging to the application code. Use the Amazon CloudWatch agent to stream the application logs into Amazon OpenSearch Service. Query the log data in OpenSearch Service.
  2. Instrument the application to use the AWS X-Ray SDK. Post trace data to an Amazon OpenSearch Service cluster. Query the trace data for calls to the HTTP client and the MySQL client.
  3. On the AWS Elastic Beanstalk management page for the application, enable the AWS X-Ray daemon. View the trace data in the X-Ray console.
  4. Instrument the application using the AWS X-Ray SDK. On the AWS Elastic Beanstalk management page for the application, enable the X-Ray daemon. View the trace data in the X-Ray console.

Answer(s): D



A company requires its internal business teams to launch resources through pre-approved AWS CloudFormation templates only. The security team requires automated monitoring when resources drift from their expected state.

Which strategy should be used to meet these requirements?

  1. Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use CloudFormation drift detection to detect when resources have drifted from their expected state.
  2. Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use AWS Con g rules to detect when resources have drifted from their expected state.
  3. Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a launch constraint. Use AWS Con g rules to detect when resources have drifted from their expected state.
  4. Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a template constraint. Use Amazon EventBridge noti cations to detect when resources have drifted from their expected state.

Answer(s): C



A space exploration company receives telemetry data from multiple satellites. Small packets of data are received through Amazon API Gateway and are placed directly into an Amazon Simple Queue Service (Amazon SOS) standard queue. A custom application is subscribed to the queue and transforms the data into a standard format.

Because of inconsistencies in the data that the satellites produce, the application is occasionally unable to transform the data. In these cases, the messages remain in the SQS queue. A DevOps engineer must develop a solution that retains the failed messages and makes them available to scientists for review and future processing.

Which solution will meet these requirements?

  1. Con gure AWS Lambda to poll the SOS queue and invoke a Lambda function to check whether the queue messages are valid. If validation fails, send a copy of the data that is not valid to an Amazon S3 bucket so that the scientists can review and correct the data. When the data is corrected, amend the message in the SOS queue by using a replay Lambda function with the corrected data
  2. Convert the SQS standard queue to an SQS FIFO queue. Con gure AWS Lambda to poll the SQS queue every 10 minutes by using an Amazon EventBridge schedule. Invoke the Lambda function to identify any messages with a SentTimestamp value that is older than 5 minutes, push the data to the same location as the application's output location, and remove the messages from the queue.
  3. Create an SOS dead-letter queue. Modify the existing queue by including a redrive policy that sets the Maximum Receives setting to 1 and sets the dead-letter queue ARN to the ARN of the newly created queue. Instruct the scientists to use the dead-letter queue to review the data that is not valid. Reprocess this data at a later time.
  4. Con gure API Gateway to send messages to different SOS virtual queues that are named for each of the satellites. Update the application to use a new virtual queue for any data that it cannot transform, and send the message to the new virtual queue. Instruct the scientists to use the virtual queue to review the data that is not valid. Reprocess this data at a later time.

Answer(s): C



Viewing page 3 of 43
Viewing questions 11 - 15 out of 208 questions



Post your Comments and Discuss Amazon AWS DevOps Engineer Professional exam prep with other Community members:

Join the AWS DevOps Engineer Professional Discussion