Back to AWS Certified DevOps Engineer Professional DOP-C02 questions

Scenario-based practice

Select Two (Multi-Select) Questions

Practise AWS Certified DevOps Engineer Professional DOP-C02 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

20
scenario questions
DOP-C02
exam code
Amazon Web Services
vendor

Scenario guide

How to approach select two (multi-select) questions

Multi-select questions tell you to 'Choose TWO' or 'Choose THREE'. Getting partial credit is not a thing — you must select all correct answers with no incorrect ones. The stem always states how many to choose, so trust it. These questions require precision, not best-guess elimination.

Quick answer

Select Two (Multi-Select) Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related DOP-C02 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1hardmulti select
Full question →

A DevOps team is designing a CI/CD pipeline for a microservices application. Each microservice has its own code repository and build artifacts. The team wants to use AWS CodePipeline with multiple parallel actions to build and test all microservices simultaneously. They also want to ensure that if one microservice's build fails, the pipeline does not block other microservices. Which THREE steps should the team take? (Choose THREE.)

Question 2mediummulti select
Full question →

A DevOps team is designing a CI/CD pipeline using AWS CodeBuild and CodePipeline. They want to use infrastructure as code to define the build environment. Which TWO options are valid approaches to define the build environment in CodeBuild?

Question 3mediummulti select
Full question →

A DevOps team is designing a monitoring strategy for a microservices application deployed on Amazon EKS. The application emits custom metrics, and the team needs to collect them with minimal latency and at high resolution. The team also needs to retain logs for 90 days for compliance. Which THREE steps should the team take to meet these requirements? (Choose three.)

Question 4mediummulti select
Full question →

A company is experiencing an ongoing security incident where an unauthorized user gained access to an AWS access key and is making API calls. The security team needs to immediately stop the unauthorized access and preserve evidence for investigation. Which TWO actions should the team take? (Choose TWO.)

Question 5mediummulti select
Full question →

A company uses AWS Organizations to manage multiple accounts. The Security team wants to prevent member accounts from disabling AWS CloudTrail or deleting CloudTrail log files. Which TWO actions should the Security team take in the organization's management account? (Choose TWO.)

Question 6easymulti select
Full question →

A DevOps engineer needs to restrict access to an S3 bucket so that only users from a specific AWS account can read objects. Which TWO methods can achieve this?

Question 7mediummulti select
Full question →

A company runs a microservices application on Amazon ECS with Fargate. The application includes a service that processes orders and stores them in an RDS PostgreSQL database. The company wants to ensure that the order service is resilient to AZ failures and can handle a sudden increase in order volume. Which TWO actions should the DevOps engineer take? (Choose TWO.)

Question 8easymulti select
Full question →

A company wants to design a highly available web application using AWS services. The application must be resilient to the failure of an entire AWS Region. Which THREE components should the architecture include? (Choose THREE.)

Question 9mediummulti select
Full question →

A company is building a multi-tier web application on AWS. The application must be resilient to the failure of an entire Availability Zone. The architecture includes an Application Load Balancer (ALB), EC2 instances in an Auto Scaling group, and an Amazon RDS for MySQL database. Which TWO actions should be taken to achieve this resilience? (Choose two.)

Question 10hardmulti select
Full question →

A company runs a critical application on AWS using Amazon EC2 instances in an Auto Scaling group, an Application Load Balancer (ALB), and an Amazon RDS for PostgreSQL Multi-AZ DB cluster. The application must maintain an RTO of 5 minutes and an RPO of 1 second for database transactions. The current setup meets these requirements, but the DevOps team wants to improve the resilience of the application tier to withstand a regional failure. Which THREE actions should be taken? (Choose three.)

Question 11hardmulti select
Full question →

A DevOps engineer is designing a deployment pipeline for a serverless application using AWS SAM. The pipeline must include the following stages: source, build, deploy to a development environment, run integration tests, and promote to production after manual approval. Which AWS services and features should be used to implement this pipeline? (Choose two.)

Question 12hardmulti select
Full question →

A company runs a web application on Amazon EC2 instances behind an Application Load Balancer. The DevOps team has enabled detailed CloudWatch metrics for the ALB and is using CloudWatch Logs for the EC2 instances. Recently, users report intermittent 503 errors. The team notices that the ALB's 'RequestCount' metric shows a sudden drop during error periods, while the 'ActiveConnectionCount' remains steady. Which TWO steps should the team take to diagnose the issue? (Choose two.)

Question 13mediummulti select
Full question →

Which of the following are valid strategies for implementing continuous integration in AWS? (Choose two.)

Question 14hardmulti select
Full question →

A company's application uses Amazon DynamoDB as its primary data store. The application experiences occasional throttling errors during traffic spikes. The DevOps team needs to implement a solution that ensures consistent performance without manual intervention. Which TWO actions should the team take? (Choose TWO.)

Question 15hardmulti select
Full question →

A company uses Amazon CloudWatch Logs to store logs from multiple applications. The security team requires that logs are encrypted at rest using a customer-managed KMS key. Additionally, logs must be retained for 7 years for compliance. Which THREE steps should the DevOps engineer take to meet these requirements? (Choose THREE.)

Question 16easymulti select
Read the full NAT/PAT explanation →

A DevOps engineer is monitoring an Amazon EC2 Auto Scaling group. The engineer wants to receive notifications when instances are launched or terminated. Which TWO AWS services can be used together to achieve this? (Choose TWO.)

Question 17mediummulti select
Full question →

A DevOps engineer is designing a monitoring solution for a serverless application using AWS Lambda, Amazon API Gateway, and Amazon DynamoDB. The team needs to monitor for errors and latency. Which TWO actions should the engineer take to implement comprehensive monitoring? (Choose TWO.)

Question 18hardmulti select
Full question →

A company is experiencing a DDoS attack on its application hosted on AWS. The application uses an Application Load Balancer (ALB) with an Auto Scaling group of EC2 instances. The security team needs to mitigate the attack with minimal latency impact on legitimate users. Which THREE actions should the team take? (Choose THREE.)

Question 19mediummulti select
Full question →

A company uses AWS CloudTrail to log API activity. The security team wants to be alerted when an IAM user creates a new access key. Which TWO steps should be taken to accomplish this? (Choose TWO.)

Question 20easymulti select
Full question →

A DevOps engineer is troubleshooting an Amazon RDS for PostgreSQL instance that is running out of storage. The engineer wants to resolve the issue without downtime. Which TWO actions can achieve this? (Choose two.)

These DOP-C02 practice questions are part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style DOP-C02 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.