New Year Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

DOP-C02 Exam Dumps : AWS Certified DevOps Engineer - Professional

PDF
DOP-C02 pdf
 Real Exam Questions and Answer
 Last Update: Jan 15, 2026
 Question and Answers: 392 With Explanation
 Compatible with all Devices
 Printable Format
 100% Pass Guaranteed
$25.5  $84.99
DOP-C02 exam
PDF + Testing Engine
DOP-C02 PDF + engine
 Both PDF & Practice Software
 Last Update: Jan 15, 2026
 Question and Answers: 392
 Discount Offer
 Download Free Demo
 24/7 Customer Support
$40.5  $134.99
Testing Engine
DOP-C02 Engine
 Desktop Based Application
 Last Update: Jan 15, 2026
 Question and Answers: 392
 Create Multiple Test Sets
 Questions Regularly Updated
  90 Days Free Updates
  Windows and Mac Compatible
$30  $99.99

Verified By IT Certified Experts

CertsTopics.com Certified Safe Files

Up-To-Date Exam Study Material

99.5% High Success Pass Rate

100% Accurate Answers

Instant Downloads

Exam Questions And Answers PDF

Try Demo Before You Buy

Certification Exams with Helpful Questions And Answers

AWS Certified DevOps Engineer - Professional Questions and Answers

Question 1

A DevOps engineer used an AWS Cloud Formation custom resource to set up AD Connector. The AWS Lambda function ran and created AD Connector, but Cloud Formation is not transitioning from CREATE_IN_PROGRESS to CREATE_COMPLETE.

Which action should the engineer take to resolve this issue?

Options:

A.

Ensure the Lambda function code has exited successfully.

B.

Ensure the Lambda function code returns a response to the pre-signed URL.

C.

Ensure the Lambda function IAM role has cloudformation UpdateStack permissions for the stack ARN.

D.

Ensure the Lambda function IAM role has ds ConnectDirectory permissions for the AWS account.

Buy Now
Question 2

A company uses Amazon Elastic Container Registry (Amazon ECR) for all images of the company's containerized infrastructure. The company uses the pull through cache functionality with the /external prefix to avoid throttling when the company retrieves images from external image registries. The company uses AWS Organizations for its accounts.

Every image in the registry must be encrypted with a specific, pre-provisioned AWS Key Management Service (AWS KMS) key. The company's internally created images already comply with this policy. However, cached external images use server-side encryption with Amazon S3 managed keys (SSE-S3).

The company must remove the noncompliant cache repositories. The company must also implement a secure solution to ensure that all new pull through cache repositories are automatically encrypted with the required KMS key.

Which solution will meet these requirements?

Options:

A.

Configure AWS Config. Add a custom rule that uses Guard syntax. Write the rule to enable KMS encryption for new repositories.

B.

Configure an ECR repository creation template for the prefix. Specify the KMS key. Wait for the repositories to repopulate.

C.

Configure an SCP for all AWS accounts that requires all ECR repositories to be KMS encrypted.

D.

Create a new Amazon EventBridge rule that triggers on all "ECR Pull Through Cache Action" events. Set AWS KMS as the rule target.

Question 3

A company is using an organization in AWS Organizations to manage multiple AWS accounts. The company's development team wants to use AWS Lambda functions to meet resiliency requirements and is rewriting all applications to work with Lambda functions that are deployed in a VPC. The development team is using Amazon Elastic Pile System (Amazon EFS) as shared storage in Account A in the organization.

The company wants to continue to use Amazon EPS with Lambda Company policy requires all serverless projects to be deployed in Account B.

A DevOps engineer needs to reconfigure an existing EFS file system to allow Lambda functions to access the data through an existing EPS access point.

Which combination of steps should the DevOps engineer take to meet these requirements? (Select THREE.)

Options:

A.

Update the EFS file system policy to provide Account B with access to mount and write to the EFS file system in Account A.

B.

Create SCPs to set permission guardrails with fine-grained control for Amazon EFS.

C.

Create a new EFS file system in Account B Use AWS Database Migration Service (AWS DMS) to keep data from Account A and Account B synchronized.

D.

Update the Lambda execution roles with permission to access the VPC and the EFS file system.

E.

Create a VPC peering connection to connect Account A to Account B.

F.

Configure the Lambda functions in Account B to assume an existing IAM role in Account A.