Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS DevOps Engineer Professional

Amazon AWS DevOps Engineer Professional Exam
AWS DevOps Engineer - Professional (DOP-C01) (Page 4 )

Updated On: 12-Feb-2026
Page 4 of 43
PDF with 208 Questions

A company wants to ensure that their EC2 instances are secure. They want to be noti ed if any new vulnerabilities are discovered on their instances, and they also want an audit trail of all login activities on the instances.
Which solution will meet these requirements?

  1. Use AWS Systems Manager to detect vulnerabilities on the EC2 instances. Install the Amazon Kinesis Agent to capture system logs and deliver them to Amazon S3.
  2. Use AWS Systems Manager to detect vulnerabilities on the EC2 instances. Install the Systems Manager Agent to capture system logs and view login activity in the CloudTrail console.
  3. Con gure Amazon CloudWatch to detect vulnerabilities on the EC2 instances. Install the AWS Con g daemon to capture system logs and view them in the AWS Con g console.
  4. Con gure Amazon Inspector to detect vulnerabilities on the EC2 instances. Install the Amazon CloudWatch Agent to capture system logs and record them via Amazon CloudWatch Logs.

Answer(s): D



A DevOps Engineer needs to back up sensitive Amazon S3 objects that are stored within an S3 bucket with a private bucket policy using the S3 cross-region replication functionality. The objects need to be copied to a target bucket in a different AWS Region and account. Which actions should be performed to enable this replication? (Choose three.)

  1. Create a replication IAM role in the source account.
  2. Create a replication IAM role in the target account.
  3. Add statements to the source bucket policy allowing the replication IAM role to replicate objects.
  4. Add statements to the target bucket policy allowing the replication IAM role to replicate objects.
  5. Create a replication rule in the source bucket to enable the replication.
  6. Create a replication rule in the target bucket to enable the replication.

Answer(s): A,D,E



A company is using Amazon EC2 for various workloads. Company policy requires that instances be managed centrally to standardize con gurations. These con gurations include standard logging, metrics, security assessments, and weekly patching.
How can the company meet these requirements? (Choose three.)

  1. Use AWS Con g to ensure all EC2 instances are managed by Amazon Inspector.
  2. Use AWS Con g to ensure all EC2 instances are managed by AWS Systems Manager.
  3. Use AWS Systems Manager to install and manage Amazon Inspector, Systems Manager Patch Manager, and the Amazon CloudWatch agent on all instances.
  4. Use Amazon Inspector to install and manage AWS Systems Manager, Systems Manager Patch Manager, and the Amazon CloudWatch agent on all instances.
  5. Use AWS Systems Manager maintenance windows with Systems Manager Run Command to schedule Systems Manager Patch Manager tasks. Use the Amazon CloudWatch agent to schedule Amazon Inspector assessment runs.
  6. Use AWS Systems Manager maintenance windows with Systems Manager Run Command to schedule Systems Manager Patch Manager tasks. Use Amazon CloudWatch Events to schedule Amazon Inspector assessment runs.

Answer(s): B,C,F



A business has an application that consists of ve independent AWS Lambda functions. The DevOps Engineer has built a CI/CD pipeline using AWS CodePipeline and AWS CodeBuild that builds, tests, packages, and deploys each Lambda function in sequence. The pipeline uses an Amazon CloudWatch Events rule to ensure the pipeline execution starts as quickly as possible after a change is made to the application source code.
After working with the pipeline for a few months, the DevOps Engineer has noticed the pipeline takes too long to complete. What should the DevOps Engineer implement to BEST improve the speed of the pipeline?

  1. Modify the CodeBuild projects within the pipeline to use a compute type with more available network throughput.
  2. Create a custom CodeBuild execution environment that includes a symmetric multiprocessing con guration to run the builds in parallel.
  3. Modify the CodePipeline con guration to execute actions for each Lambda function in parallel by specifying the same runOrder.
  4. Modify each CodeBuild project to run within a VPC and use dedicated instances to increase throughput.

Answer(s): C



A company is creating a software solution that executes a speci c parallel-processing mechanism. The software can scale to tens of servers in some special scenarios. This solution uses a proprietary library that is license-based, requiring that each individual server have a single, dedicated license installed. The company has 200 licenses and is planning to run 200 server nodes concurrently at most.
The company has requested the following features:
A mechanism to automate the use of the licenses at scale.
Creation of a dashboard to use in the future to verify which licenses are available at any moment.
What is the MOST effective way to accomplish these requirements?

  1. Upload the licenses to a private Amazon S3 bucket. Create an AWS CloudFormation template with a Mappings section for the licenses. In the template, create an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the Mappings section. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.
  2. Upload the licenses to an Amazon DynamoDB table. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script, acquire an available license from the DynamoDB table. Create an Auto Scaling lifecycle hook, then use it to update the mapping after the instance is terminated.
  3. Upload the licenses to a private Amazon S3 bucket. Populate an Amazon SQS queue with the list of licenses stored in S3. Create an AWS CloudFormation template that uses an Auto Scaling group to launch the servers. In the user data script acquire an available license from SQS.
    Create an Auto Scaling lifecycle hook, then use it to put the license back in SQS after the instance is terminated.
  4. Upload the licenses to an Amazon DynamoDB table. Create an AWS CLI script to launch the servers by using the parameter --count, with min:max instances to launch. In the user data script, acquire an available license from the DynamoDB table. Monitor each instance and, in case of failure, replace the instance, then manually update the DynamoDB table.

Answer(s): B






Post your Comments and Discuss Amazon AWS DevOps Engineer Professional exam prep with other Community members:

Join the AWS DevOps Engineer Professional Discussion