Free Amazon Web Services DOP-C02 Practice Exam with Questions & Answers | Set: 12

Name: How to Pass DOP-C02 Exams
Brand: Examstrack
SKU: dop-c02
Price: 31.5 USD
Availability: InStock

Questions 111

A company is building a serverless application that uses AWS Lambda functions to process data.

A BeginResponse Lambda function initializes data in response to specific application events. The company needs to ensure that a large number of Lambda functions are invoked after the BeginResponse Lambda function runs. Each Lambda function must be invoked in parallel and depends on only the outputs of the BeginResponse Lambda function. Each Lambda function has retry logic for invocation and must be able to fine-tune concurrency without losing data.

Which solution will meet these requirements with the MOST operational efficiency?

Options:

Create an Amazon Simple Notification Service (Amazon SNS) topic. Modify the BeginResponse Lambda function to publish to the SNS topic before the BeginResponse Lambda function finishes running. Subscribe all Lambda functions that need to invoke after the BeginResponse Lambda function runs to the SNS topic. Subscribe any new Lambda functions to the SNS topic.

Create an Amazon Simple Queue Service (Amazon SQS) queue for each Lambda function that needs to run after the BeginResponse Lambda function runs. Subscribe each Lambda function to its own SQS queue. Create an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe each SQS queue to the SNS topic. Modify the BeginResponse function to publish to the SNS topic when it finishes running.

Create an Amazon Simple Queue Service (Amazon SQS) queue for each Lambda function that needs to run after the BeginResponse Lambda function runs. Subscribe the Lambda function to the SQS queue. Create an Amazon Simple Notification Service (Amazon SNS) topic for each SQS queue. Subscribe the SQS queues to the SNS topics. Modify the BeginResponse function to publish to the SNS topics when the function finishes running.

Create an AWS Step Functions Standard Workflow. Configure states in the workflow to invoke the Lambda functions sequentially. Create an Amazon Simple Notification Service (Amazon SNS) topic. Modify the BeginResponse Lambda function to publish to the SNS topic before the Lambda function finishes running. Create a new Lambda function that is subscribed to the SNS topic and that invokes the Step Functions workflow.

Amazon Web Services DOP-C02 Premium Access

Kelvin

02-Apr-2026

Success was guaranteed with examstrack.com's help. I aced my DOP-C02 exam with flying colors.

Hannah

17-May-2026

While preparing for DOP-C02, the exam questions and answers helped me understand things in a practical way.

Questions 112

A DevOps team manages infrastructure for an application. The application uses long-running processes to process items from an Amazon Simple Queue Service (Amazon SQS) queue. The application is deployed to an Auto Scaling group.

The application recently experienced an issue where items were taking significantly longer to process. The queue exceeded the expected size, which prevented various business processes from functioning properly. The application records all logs to a third-party tool.

The team is currently subscribed to an Amazon Simple Notification Service (Amazon SNS) topic that the team uses for alerts. The team needs to be alerted if the queue exceeds the expected size.

Which solution will meet these requirements with the MOST operational efficiency?

Options:

Create an Amazon CloudWatch metric alarm with a period of 1 hour and a static threshold to alarm if the average of the ApproximateNumberOfMessagesDelayed metric is greater than the expected value. Configure the alarm to notify the SNS topic.

Create an Amazon CloudWatch metric alarm with a period of 1 hour and a static threshold to alarm if the sum of the ApproximateNumberOfMessagesVisible metric is greater than the expected value. Configure the alarm to notify the SNS topic.

Create an AWS Lambda function that retrieves the ApproximateNumberOfMessages SQS queue attribute value and publishes it as a new CloudWatch custom metric. Create an Amazon EventBridge rule that is scheduled to run every 5 minutes and that invokes the Lambda function. Configure a CloudWatch metrics alarm with a period of 1 hour and a static threshold to alarm if the sum of the new custom metric is greater than the expected value.

Create an AWS Lambda function that checks the ApproximateNumberOfMessagesDelayed SQS queue attribute and compares the value to a defined expected size in the function. Create an Amazon EventBridge rule that is scheduled to run every 5 minutes and that invokes the Lambda function. When the ApproximateNumberOfMessagesDelayed SQS queue attribute exceeds the expected size, send a notification the SNS topic.

Answer:

Explanation:

The Amazon SQS service publishes several standard CloudWatch metrics by default, including ApproximateNumberOfMessagesVisible, which represents the number of messages available for retrieval from the queue (i.e., the number of messages waiting to be processed). This is the primary metric to monitor queue backlog and processing delays.

Using ApproximateNumberOfMessagesVisible to monitor the visible messages in the queue gives a direct and near real-time indication of processing delays or backlog.

CloudWatch metrics are automatically collected and available without the need to create custom metrics or Lambda functions, which increases operational efficiency by reducing complexity and maintenance overhead.

Setting a CloudWatch alarm on this metric with a static threshold and a reasonable evaluation period (such as 1 hour) is sufficient to alert the team when the queue grows beyond an expected size.

The alarm can be directly configured to send notifications to an existing SNS topic, maintaining seamless integration with the team’s alerting mechanisms.

The ApproximateNumberOfMessagesDelayed metric refers to messages that are delayed and not available for processing yet due to delay settings, which is not the direct backlog that causes business process delays.

Options C and D introduce unnecessary complexity by requiring Lambda functions and custom metrics or scheduled invocations, which reduce operational efficiency compared to using built-in CloudWatch metrics and alarms.

Reference from AWS Official Documentation and Study Guide:

Amazon SQS Monitoring with CloudWatch Metrics: " Amazon SQS automatically sends metrics to CloudWatch, including ApproximateNumberOfMessagesVisible, which shows the number of messages available for retrieval. " (Source: Amazon SQS Monitoring - AWS Documentation)

Setting CloudWatch Alarms for SQS Queues: " You can create CloudWatch alarms on SQS metrics such as ApproximateNumberOfMessagesVisible to receive notifications when the queue size exceeds a threshold. " (Source: Amazon CloudWatch Alarms - AWS Documentation)

AWS DevOps Engineer Professional Exam Guide: " Efficient alerting for queue backlogs should leverage native CloudWatch metrics to minimize operational overhead. " (Source: Official AWS Certified DevOps Engineer Professional Study Guide)

Questions 113

A company has its AWS accounts in an organization in AWS Organizations. AWS Config is manually configured in each AWS account. The company needs to implement a solution to centrally configure AWS Config for all accounts in the organization The solution also must record resource changes to a central account.

Which combination of actions should a DevOps engineer perform to meet these requirements? (Choose two.)

Options:

Configure a delegated administrator account for AWS Config. Enable trusted access for AWS Config in the organization.

Configure a delegated administrator account for AWS Config. Create a service-linked role for AWS Config in the organization’s management account.

Create an AWS CloudFormation template to create an AWS Config aggregator. Configure a CloudFormation stack set to deploy the template to all accounts in the organization.

Create an AWS Config organization aggregator in the organization ' s management account. Configure data collection from all AWS accounts in the organization and from all AWS Regions.

Create an AWS Config organization aggregator in the delegated administrator account. Configure data collection from all AWS accounts in the organization and from all AWS Regions.

Questions 114

A company uses AWS Storage Gateway in file gateway mode in front of an Amazon S3 bucket that is used by multiple resources. In the morning when business begins, users do not see the objects processed by a third party the previous evening. When a DevOps engineer looks directly at the S3 bucket, the data is there, but it is missing in Storage Gateway.

Which solution ensures that all the updated third-party files are available in the morning?

Options:

Configure a nightly Amazon EventBridge event to invoke an AWS Lambda function to run the RefreshCache command for Storage Gateway.

Instruct the third party to put data into the S3 bucket using AWS Transfer for SFTP.

Modify Storage Gateway to run in volume gateway mode.

Use S3 Same-Region Replication to replicate any changes made directly in the S3 bucket to Storage Gateway.

Questions 115

A company runs applications in AWS accounts that are in an organization in AWS Organizations The applications use Amazon EC2 instances and Amazon S3.

The company wants to detect potentially compromised EC2 instances suspicious network activity and unusual API activity in its existing AWS accounts and in any AWS accounts that the company creates in the future When the company detects one to these events the company wants to use an existing Amazon Simple Notification Service (Amazon SNS) topic to send a notification to its operational support team for investigation and remediation.

Which solution will meet these requirements in accordance with AWS best practices?

Options:

In the organization ' s management account configure an AWS account as the Amazon GuardDuty administrator account. In the GuardDuty administrator account add the company ' s existing AWS accounts to GuardDuty as members In the GuardDuty administrator account create an Amazon EventBridge rule with an event pattern to match GuardDuty events and to forward matching events to the SNS topic.

In the organization ' s management account configure Amazon GuardDuty to add newly created AWS accounts by invitation and to send invitations to the existing AWS accounts Create an AWS Cloud Formation stack set that accepts the GuardDuty invitation and creates an Amazon EventBridge rule Configure the rule with an event pattern to match. GuardDuty events and to forward matching events to the SNS topic. Configure the Cloud Formation stack set

In the organization ' s management account. create an AWS CloudTrail organization trail Activate the organization trail in all AWS accounts in the organization. Create an SCP that enables VPC Flow Logs in each account in the organization. Configure AWS Security Hub for the organization Create an Amazon EventBridge rule with an even pattern to match Security Hub events and to forward matching events to the SNS topic.

In the organization ' s management account configure an AWS account as the AWS CloudTrail administrator account in the CloudTrail administrator account create a CloudTrail organization trail. Add the company ' s existing AWS accounts to the organization trail Create an SCP that enables VPC Flow Logs in each account in the organization. Configure AWS Security Hub for the organization. Create an Amazon EventBridge rule with an event pattern t

Questions 116

A company runs several applications in the same AWS account. The applications send logs to Amazon CloudWatch.

A data analytics team needs to collect performance metrics and custom metrics from the applications. The analytics team needs to transform the metrics data before storing the data in an Amazon S3 bucket. The analytics team must automatically collect any new metrics that are added to the CloudWatch namespace.

Which solution will meet these requirements with the LEAST operational overhead?

Options:

Configure a CloudWatch metric stream to include metrics from the application and the CloudWatch namespace. Configure the metric stream to deliver the metrics to an Amazon Data Firehose delivery stream. Configure the Firehose delivery stream to invoke an AWS Lambda function to transform the data. Configure the delivery stream to send the transformed data to the S3 bucket.

Configure a CloudWatch metrics stream to include all the metrics and to deliver the metrics to an Amazon Data Firehose delivery stream. Configure the Firehose delivery stream to invoke an AWS Lambda function to transform the data. Configure the delivery stream to send the transformed data to the S3 bucket.

Configure metric filters for the CloudWatch logs to create custom metrics. Configure a CloudWatch metric stream to deliver the application metrics to the S3 bucket.

Configure subscription filters on the application log groups to target an Amazon Data Firehose delivery stream. Configure the Firehose delivery stream to invoke an AWS Lambda function to transform the data. Configure the delivery stream to send the transformed data to the S3 bucket.

Questions 117

A company has an AWS account named PipelineAccount. The account manages a pipeline in AWS CodePipeline. The account uses an IAM role named CodePipeline_Service_Role and produces an artifact that is stored in an Amazon S3 bucket. The company uses a customer managed AWS KMS key to encrypt objects in the S3 bucket.

A DevOps engineer wants to configure the pipeline to use an AWS CodeDeploy application in an AWS account named CodeDeployAccount to deploy the produced artifact.

The DevOps engineer updates the KMS key policy to grant the CodeDeployAccount account permission to use the key. The DevOps engineer configures an IAM role named DevOps_Role in the CodeDeployAccount account that has access to the CodeDeploy resources that the pipeline requires. The DevOps engineer updates an Amazon EC2 instance role that operates within the CodeDeployAccount account to allow access to the S3 bucket and the KMS key that is in the PipelineAccount account.

Which additional steps will meet these requirements?

Options:

Update the S3 bucket policy to grant the CodeDeployAccount account access to the S3 bucket. Configure the DevOps_Role IAM role to have an IAM trust policy that allows the PipelineAccount account to assume the role. Update the CodePipeline_Service_Role IAM role to grant permission to assume the DevOps_Role role.

Update the S3 bucket policy to grant the CodeDeployAccount account access to the S3 bucket. Configure the DevOps_Role IAM role to have an IAM trust policy that allows the PipelineAccount account to assume the role. Update the DevOps_Role IAM role to grant permission to assume CodePipeline_Service_Role role.

Update the S3 bucket policy to grant the PipelineAccount account access to the S3 bucket. Configure the DevOps_Role IAM role to have an IAM trust policy that allows the PipelineAccount account to assume the role. Update the CodePipeline_Service_Role IAM to grant permission to assume the DevOps_Role role.

Update the S3 bucket policy to grant the CodeDeployAccount account access to the S3 bucket. Configure the DevOps_Role IAM role to have an IAM trust policy that allows the CodeDeployAccount account to assume the role. Update the CodePipeline_Service_Role IAM role to grant permission to assume the DevOps_Role role.

Questions 118

A company runs hundreds of EC2 instances with new instances launched/terminated hourly. Security requires all running instances to have an instance profile attached. A default profile exists and must be attached automatically to any instance missing one.

Which solution meets this requirement?

Options:

EventBridge rule for RunInstances API calls, invoke Lambda to attach default profile.

AWS Config with ec2-instance-profile-attached managed rule, automatic remediation using Systems Manager Automation runbook to attach profile.

EventBridge rule for StartInstances API calls, invoke Systems Manager Automation runbook to attach profile.

AWS Config iam-role-managed-policy-check managed rule, automatic remediation with Lambda to attach profile.

Questions 119

A DevOps engineer manages an AWS CodePipeline pipeline that builds and deploys a web application on AWS. The pipeline has a source stage, a build stage, and a deploy stage. When deployed properly, the web application responds with a 200 OK HTTP response code when the URL of the home page is requested. The home page recently returned a 503 HTTP response code after CodePipeline deployed the application. The DevOps engineer needs to add an automated test into the pipeline. The automated test must ensure that the application returns a 200 OK HTTP response code after the application is deployed. The pipeline must fail if the response code is not present during the test. The DevOps engineer has added a CheckURL stage after the deploy stage in the pipeline. What should the DevOps engineer do next to implement the automated test?

Options:

Configure the CheckURL stage to use an Amazon CloudWatch action. Configure the action to use a canary synthetic monitoring check on the application URL and to report a success or failure to CodePipeline.

Create an AWS Lambda function to check the response code status of the URL and to report a success or failure to CodePipeline. Configure an action in the CheckURL stage to invoke the Lambda function.

Configure the CheckURL stage to use an AWS CodeDeploy action. Configure the action with an input artifact that is the URL of the application and to report a success or failure to CodePipeline.

Deploy an Amazon API Gateway HTTP API that checks the response code status of the URL and that reports success or failure to CodePipeline. Configure the CheckURL stage to use the AWS Device Farm test action and to provide the API Gateway HTTP API as an input artifact.

Questions 120

A DevOps engineer is building a solution that uses Amazon Simple Queue Service (Amazon SQS) standard queues. The solution also includes an AWS Lambda function and an Amazon DynamoDB table. The Lambda function pulls content from the SQS queue and writes the content to the DynamoDB table.

The solution must maximize the scalability of the Lambda function and must prevent successfully processed SQS messages from being processed multiple times.

Which solution will meet these requirements?

Options:

Set the batch window to 1 second in the Lambda function ' s event source mapping.

Set the batch size to 1 in the Lambda function ' s event source mapping.

Set a value of ReportBatchItemFailures in the FunctionResponseTypes list in the Lambda function ' s event source mapping.

Set the reserved concurrency to 1 in the Lambda function ' s concurrency and recursion detection settings.

Exam Code: DOP-C02

Certification Provider: Amazon Web Services

Exam Name: AWS Certified DevOps Engineer - Professional

Last Update: May 30, 2026

Questions: 435

How to Pass DOP-C02 Exams

PDF + Testing Engine
~~$164.99~~ $49.5 Add to Cart

Testing Engine
~~$124.99~~ $37.5 Add to Cart

PDF (Q&A)
~~$104.99~~ $31.5 Add to Cart

Amazon Web Services Related Exams

How to pass Amazon Web Services SAP-C02 - AWS Certified Solutions Architect - Professional Exam

How to pass Amazon Web Services AIP-C01 - AWS Certified Generative AI Developer - Professional Exam

SCS-C03 - AWS Certified Security – Specialty

CLF-C02 - AWS Certified Cloud Practitioner

SOA-C03 - AWS Certified CloudOps Engineer - Associate

Data-Engineer-Associate - AWS Certified Data Engineer - Associate (DEA-C01)

GDP-C01 - AWS Certified Generative AI Developer - Professional

AIF-C01 - AWS Certified AI Practitioner Exam

MLA-C01 - AWS Certified Machine Learning Engineer - Associate

MLS-C01 - AWS Certified Machine Learning - Specialty

DVA-C02 - AWS Certified Developer - Associate

AXS-C01 - AWS Certified Alexa Skill Builder-Specialty

SOA-C01 - AWS Certified SysOps Administrator - Associate

Get Amazon Web Services Full Access

Amazon Web Services Free Exams
Get free access to Amazon Web Services exam prep materials and practice tests at Examstrack. Achieve your Amazon Web Services certification goals by exploring Examstrack.

Pre-Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Navigation:

examstrack logo

Hot Vendors:

Free Amazon Web Services DOP-C02 Practice Exam with Questions & Answers | Set: 12

How to Pass DOP-C02 Exams

Amazon Web Services Related Exams

Amazon Web Services Free Exams