AIP-C01 Practice Questions: 20 Free AWS Generative AI Developer Professional Questions (2026)

About the AIP-C01 AWS Generative AI Developer Professional Exam

AIP-C01 earns the AWS Certified Generative AI Developer - Professional credential. It is a professional-tier exam: 75 questions (65 scored, 10 unscored), 180 minutes, a $300 USD exam fee, and a scaled passing score of 750/1000. Scoring is compensatory — there is no minimum per domain, only an overall pass — so you cannot ignore a weak domain, but one strong domain can offset another.

The exam targets generative AI developers with around two years of experience building production applications on AWS and at least a year of hands-on generative AI work. The key framing: AIP-C01 is for developers who build *with* foundation models, not developers who *train* models. Training models from scratch, advanced ML training-loop mechanics, and data/feature engineering are explicitly out of scope. What is in scope is everything you do to take a foundation model and turn it into a governed, observable, cost-controlled production application — overwhelmingly using Amazon Bedrock and its sub-services.

AIP-C01 completes the AWS AI certification ladder. AIF-C01 (AI Practitioner) is the foundational concepts exam; MLA-C01 (Machine Learning Engineer - Associate) covers MLOps and SageMaker; AIP-C01 is the professional capstone for generative AI application development. AWS offers a 50%-off voucher chain down that ladder. Our 1,000-question AIP-C01 pack at readroo.st/marketplace/aip-c01-aws-generative-ai-developer is built from the official AWS exam guide and covers every task statement in all five domains.

Quick Answer Key (for Scanning After You Try the Questions)

Try each question first. This key is here for post-test review. 1-B, 2-B, 3-B, 4-B, 5-C, 6-B, 7-B, 8-B, 9-B, 10-B, 11-B, 12-B, 13-B, 14-B, 15-B, 16-B, 17-B, 18-C, 19-B, 20-B. If you score 16+ you are exam-ready. The most commonly missed questions on this set are Q3 (chunking strategy), Q5 (hybrid search), Q11 (retry strategy), and Q18 (model cascading vs caching).

AIP-C01 Exam Domain Breakdown

The official AWS exam guide publishes five domains with these exact weightings: 1. Foundation Model Integration, Data Management, and Compliance — 31% (FM selection, vector stores, retrieval design, chunking, embeddings, prompt engineering and governance) 2. Implementation and Integration — 26% (agentic AI, deployment strategies, enterprise integration, FM API integration, application patterns) 3. AI Safety, Security, and Governance — 20% (input/output safety controls, data security and privacy, governance and compliance, responsible AI) 4. Operational Efficiency and Optimization for GenAI Applications — 12% (cost optimization, performance optimization, monitoring) 5. Testing, Validation, and Troubleshooting — 11% (evaluation systems, troubleshooting)

The 20 questions below distribute as 6 from Domain 1, 5 from Domain 2, 4 from Domain 3, 3 from Domain 4, and 2 from Domain 5 — matching the official weights. Domains 1 and 2 together are 57% of the exam, so that is where most of your study time should go. The full ReadRoost AIP-C01 pack contains 1,000 scenario-based questions with explanations plus 500 review flashcards, built off the same blueprint.

Questions 1-6: Foundation Model Integration, Data Management, and Compliance

Domain: Foundation Model Integration, Data Management, and Compliance | Difficulty: Moderate 1. You need to add retrieval-augmented generation to an application: ingest a corporate document library, chunk and embed it, store the vectors, and retrieve relevant context at query time — with as little undifferentiated infrastructure work as possible. Which AWS capability fits best? A) Run an open-source vector database on EC2 and write a custom ingestion pipeline B) Use Amazon Bedrock Knowledge Bases, which manages ingestion, chunking, embedding, vector storage, and retrieval C) Store documents in S3 and prompt the model with the full library each call D) Fine-tune the foundation model on the document library

Correct Answer: B Amazon Bedrock Knowledge Bases is the managed RAG service: it handles ingestion, chunking, embedding generation, vector storage, and retrieval, so you avoid building and operating that pipeline yourself. Self-hosting a vector DB on EC2 is exactly the undifferentiated work the question asks you to avoid. Stuffing the whole library into every prompt blows the context window and cost. Fine-tuning bakes knowledge into weights and does not give you fresh, citable retrieval.

Domain: Foundation Model Integration, Data Management, and Compliance | Difficulty: Hard 2. A production application calls a Bedrock foundation model. During regional demand spikes you see throttling and occasional capacity errors, and you need higher resilience without managing infrastructure. What should you implement? A) Cache every response indefinitely and stop calling the model B) Use Cross-Region Inference so requests can be served from multiple AWS Regions, improving resilience and throughput C) Switch the whole workload to a self-managed model on EC2 D) Lower the model temperature to 0

Correct Answer: B Cross-Region Inference lets Bedrock route inference requests across multiple Regions, which raises resilience and effective throughput during demand spikes without you managing infrastructure. Caching helps for repeated identical prompts but cannot serve novel requests. Self-managing a model on EC2 adds the operational burden you are trying to avoid. Temperature controls output randomness and has nothing to do with throttling.

Domain: Foundation Model Integration, Data Management, and Compliance | Difficulty: Hard 3. Your RAG corpus is long policy documents with clear nested sections and subsections. Flat fixed-size chunking is splitting mid-section and hurting answer quality. Which chunking approach should you use? A) Increase fixed chunk size until each document is a single chunk B) Hierarchical chunking, which preserves parent-child structure so retrieval keeps section context C) Remove all chunking and embed entire documents D) Chunk on every sentence boundary

Correct Answer: B Hierarchical chunking preserves the parent-child structure of a document, so a retrieved child chunk carries its section context — exactly what long, structured policy documents need. Making each document one chunk destroys retrieval granularity and overflows context. Embedding entire documents has the same problem. Sentence-level chunks are too small and lose surrounding context.

Domain: Foundation Model Integration, Data Management, and Compliance | Difficulty: Moderate 4. You need to generate embeddings for a RAG application on AWS. Which option is the appropriate managed choice? A) Train a custom embedding model from scratch in SageMaker B) Use Amazon Titan Text Embeddings (or another embedding model available through Amazon Bedrock) C) Use a large language model to summarize each chunk and store the summary text instead of vectors D) Use Amazon Comprehend sentiment scores as the embedding vector

Correct Answer: B Amazon Titan Text Embeddings, available through Amazon Bedrock, is a managed embedding model purpose-built for converting text into vectors for semantic search and RAG. Training an embedding model from scratch is out of scope for this developer role and unnecessary. Storing summaries as text is not vector search. Comprehend sentiment scores are not semantic embeddings.

Domain: Foundation Model Integration, Data Management, and Compliance | Difficulty: Hard 5. Users search a knowledge base with a mix of exact product codes (which must match precisely) and natural-language questions (which need semantic matching). Pure vector search misses the exact codes. What retrieval design solves this? A) Increase the number of retrieved chunks (top-k) until codes appear B) Switch entirely to keyword search C) Use hybrid search that combines keyword (lexical) matching with vector (semantic) search and merges the results D) Lower the embedding model dimensionality

Correct Answer: C Hybrid search runs both lexical keyword matching and semantic vector search and combines the results, so exact identifiers are caught by the keyword side while natural-language intent is caught by the vector side. Simply raising top-k floods the context with noise and still may miss exact codes. Pure keyword search loses semantic recall. Embedding dimensionality does not fix exact-match retrieval.

Domain: Foundation Model Integration, Data Management, and Compliance | Difficulty: Moderate 6. Your team needs versioned, approvable, auditable prompt templates shared across several applications, rather than prompt strings scattered through code. Which AWS capabilities support this? A) Hard-code prompts in each Lambda function and rely on Git history B) Use Amazon Bedrock Prompt Management for versioned templates, with CloudTrail capturing an audit trail of changes C) Store prompts in a public S3 bucket D) Put all prompts in environment variables

Correct Answer: B Amazon Bedrock Prompt Management provides versioned, governable prompt templates that multiple applications can share, and CloudTrail records the audit trail of changes for compliance. Hard-coding prompts per function makes governance and reuse impossible. A public S3 bucket is an obvious security problem. Environment variables offer no versioning, approval, or audit.

Questions 7-11: Implementation and Integration

Domain: Implementation and Integration | Difficulty: Moderate 7. You need an application that can autonomously break a user request into steps, call tools (look up an order, check inventory, issue a refund), and reason over the results. Which approach fits the AIP-C01 scope? A) A single prompt that asks the model to "do everything" B) An agentic solution — for example, Amazon Bedrock Agents or Strands Agents — that plans, invokes tools, and reasons over tool output C) A static Step Functions state machine with no model involved D) A cron job that polls a queue

Correct Answer: B Autonomous multi-step task completion with tool use is the definition of an agentic AI solution. AWS supports this through Amazon Bedrock Agents and frameworks such as Strands Agents and AWS Agent Squad, which plan, invoke tools, and reason over the results. A single "do everything" prompt has no tool access. A static state machine with no model is not agentic. A polling cron job does no reasoning.

Domain: Implementation and Integration | Difficulty: Hard 8. You want to expose a set of internal tools to a model in a standardized, discoverable way so the model can call them without bespoke per-tool wiring. Which standard does AIP-C01 expect you to use? A) SOAP web services B) The Model Context Protocol (MCP) — implement an MCP server that publishes the tools, and the agent discovers and invokes them C) FTP D) A custom binary protocol unique to your application

Correct Answer: B The Model Context Protocol (MCP) is the standardized way to expose tools and resources to models so an agent can discover and call them without per-tool custom integration. SOAP and FTP are not designed for model-tool interaction. A bespoke binary protocol defeats the purpose of standardization and discoverability.

Domain: Implementation and Integration | Difficulty: Moderate 9. A customer-facing application has steady, high-volume, latency-sensitive Bedrock traffic and needs predictable performance and guaranteed capacity. Which deployment option should you choose? A) On-demand inference only, accepting variable throughput B) Provisioned Throughput for the model, which reserves dedicated capacity for predictable performance C) Batch inference submitted overnight D) Run the model on a single small EC2 instance

Correct Answer: B Provisioned Throughput reserves dedicated model capacity, giving the predictable performance and guaranteed throughput a steady, latency-sensitive, high-volume workload needs. On-demand inference is convenient but offers variable throughput under load. Batch inference is for asynchronous bulk jobs, not real-time customer traffic. A single small EC2 instance cannot serve this reliably and adds operational burden.

Domain: Implementation and Integration | Difficulty: Moderate 10. A chat application must display the model response token by token as it is generated, rather than waiting for the whole answer. How do you implement this with Bedrock? A) Poll the model every 500 ms for a partial answer B) Use the Bedrock streaming response API and stream tokens to the client over a connection such as WebSockets or server-sent events C) Generate the full response, then animate it character by character on the client D) Reduce max tokens until the response returns instantly

Correct Answer: B Bedrock streaming APIs return tokens as they are generated; streaming them to the client over WebSockets or server-sent events produces the real-time, token-by-token experience. Polling is inefficient and not how Bedrock streaming works. Animating a fully generated response only fakes streaming and does not improve time-to-first-token. Cutting max tokens just truncates the answer.

Domain: Implementation and Integration | Difficulty: Hard 11. Under load, intermittent Bedrock throttling exceptions are surfacing as user-facing errors. What is the correct resilience pattern for the API integration? A) Immediately retry in a tight loop until the call succeeds B) Implement retries with exponential backoff and jitter, and combine with rate limiting so the application backs off gracefully C) Catch the exception and return an empty response to the user D) Disable error logging so the errors are not visible

Correct Answer: B Exponential backoff with jitter — retrying after progressively longer, randomized delays — combined with client-side rate limiting is the standard resilient pattern for throttling-prone APIs, and it is built into the AWS SDKs. A tight retry loop amplifies the throttling. Returning an empty response hides a failure as a (wrong) success. Disabling logging removes visibility without fixing anything.

Questions 12-15: AI Safety, Security, and Governance

Domain: AI Safety, Security, and Governance | Difficulty: Moderate 12. You must prevent a customer-facing generative AI application from producing hateful, violent, or sexual content and from discussing a list of restricted topics. Which AWS capability is purpose-built for this? A) IAM resource policies on the model B) Amazon Bedrock Guardrails, which apply content filters and denied-topic rules to both prompts and responses C) AWS WAF rules on the API Gateway D) S3 bucket policies

Correct Answer: B Amazon Bedrock Guardrails apply configurable content filters and denied-topic policies to both the input prompt and the model output — exactly the requirement. IAM controls who can call the model, not what content it produces. AWS WAF filters HTTP traffic patterns, not generated content. S3 bucket policies govern object access.

Domain: AI Safety, Security, and Governance | Difficulty: Hard 13. Your application accepts free-text user input that is inserted into a prompt. You are concerned about prompt injection — users trying to override system instructions. What is an appropriate defense-in-depth measure? A) Trust the model to always ignore malicious instructions B) Apply input filtering and prompt-injection detection, use Bedrock Guardrails, and separate trusted system instructions from untrusted user input rather than concatenating them naively C) Disable the application whenever any unusual input appears D) Log the injection attempts and take no other action

Correct Answer: B Defense-in-depth against prompt injection combines input sanitization and injection detection, Guardrails on input and output, and careful prompt construction that keeps trusted system instructions separate from untrusted user content. Simply trusting the model is not a control. Shutting down the application on any unusual input is not viable for a production service. Logging alone detects but does not mitigate.

Domain: AI Safety, Security, and Governance | Difficulty: Moderate 14. User input sent to a foundation model may contain personally identifiable information (PII) that must not be stored or echoed back. Which AWS services help detect and redact PII in the pipeline? A) Amazon Rekognition and AWS Shield B) Amazon Comprehend (PII detection) and Amazon Macie (sensitive-data discovery), used to detect and redact PII before and after model calls C) Amazon Polly and Amazon Transcribe D) AWS Config and AWS Trusted Advisor

Correct Answer: B Amazon Comprehend can detect and redact PII entities in text, and Amazon Macie discovers and classifies sensitive data in storage — together they let you detect and redact PII in the GenAI pipeline. Rekognition is image/video analysis and Shield is DDoS protection. Polly and Transcribe are speech services. Config and Trusted Advisor are configuration and best-practice tooling, not PII redaction.

Domain: AI Safety, Security, and Governance | Difficulty: Moderate 15. A governance review asks you to document, for each foundation model your application uses, its intended use, limitations, and evaluation results, in a consistent auditable format. Which capability supports this? A) CloudWatch dashboards B) Amazon SageMaker model cards, which document a model’s intended use, limitations, and evaluation details C) An S3 bucket of free-form text files D) IAM access analyzer

Correct Answer: B SageMaker model cards provide a structured, consistent place to document a model’s intended use, limitations, risk rating, and evaluation results — the artifact governance and compliance reviews expect. CloudWatch dashboards show operational metrics. Free-form text files in S3 are neither structured nor consistently auditable. IAM Access Analyzer reviews resource access, not model documentation.

Questions 16-18: Operational Efficiency and Optimization

Domain: Operational Efficiency and Optimization | Difficulty: Moderate 16. A high-traffic assistant receives many prompts that share a large, identical instruction-and-context prefix. You want to cut token cost and latency for that repeated prefix. What should you use? A) Truncate the shared prefix until it fits in 100 tokens B) Use prompt caching so the repeated prefix is cached and not reprocessed and re-billed on every call C) Switch to the most expensive model available D) Remove the system instructions entirely

Correct Answer: B Prompt caching stores a repeated prompt prefix so it does not have to be reprocessed — and re-billed — on every invocation, cutting both token cost and latency for workloads with a large shared prefix. Truncating the prefix degrades quality. A more expensive model raises cost. Removing system instructions breaks the application behavior.

Domain: Operational Efficiency and Optimization | Difficulty: Moderate 17. Operations needs visibility into how your GenAI application is using Bedrock — token consumption, request volume, and a record of model inputs and outputs for troubleshooting. What should you enable? A) Nothing — Bedrock usage cannot be monitored B) Amazon Bedrock model invocation logging together with Amazon CloudWatch metrics for token usage and request volume C) Only AWS Cost Explorer at the end of the month D) A manual spreadsheet updated by developers

Correct Answer: B Bedrock model invocation logging captures model inputs and outputs for troubleshooting and auditing, and CloudWatch metrics track token usage and request volume in near real time. Cost Explorer shows spend after the fact but not per-invocation detail. A manual spreadsheet is neither reliable nor real-time. Bedrock usage is very much monitorable.

Domain: Operational Efficiency and Optimization | Difficulty: Hard 18. Most requests to your application are simple and could be handled by a smaller, cheaper model, but a minority are complex and need a larger model. You want to minimize cost without hurting quality on the hard requests. What is the recommended pattern? A) Always route everything to the largest model for safety B) Always route everything to the smallest model to minimize cost C) Implement model cascading (tiered FM usage): route by query complexity so simple requests use a smaller model and only complex requests escalate to a larger one D) Cache every response and never call a model again

Correct Answer: C Model cascading, or tiered foundation-model usage, routes requests by complexity — cheap small model for simple queries, larger model only for hard ones — minimizing cost while protecting quality where it matters. Always using the largest model wastes money on easy requests. Always using the smallest model fails the complex ones. Caching helps repeated prompts but cannot answer novel complex queries.

Questions 19-20: Testing, Validation, and Troubleshooting

Domain: Testing, Validation, and Troubleshooting | Difficulty: Hard 19. You need to evaluate the quality of thousands of RAG responses for relevance, factual accuracy, and faithfulness to retrieved context, and exact-match scoring is useless because phrasing varies. What is an appropriate evaluation approach? A) Have one engineer read a handful of responses and approve the release B) Use automated evaluation — Amazon Bedrock Model Evaluations and an LLM-as-a-judge approach with a defined rubric — to score responses at scale C) Compare every response to a single reference answer with a BLEU score D) Skip evaluation because generative output cannot be measured

Correct Answer: B Automated evaluation with Amazon Bedrock Model Evaluations and an LLM-as-a-judge rubric scores large volumes of free-form responses on relevance, accuracy, and faithfulness — which exact-match scoring cannot do. Spot-reading a handful of responses does not scale or generalize. BLEU against a single reference was built for translation and correlates poorly with RAG quality. Generative output absolutely can be evaluated — just not with exact match.

Domain: Testing, Validation, and Troubleshooting | Difficulty: Moderate 20. A document-summarization feature intermittently fails or returns truncated output when users submit very large documents. What is the most likely cause and the right fix? A) The IAM role is missing a permission — add AdministratorAccess B) The input exceeds the model context window — detect context-window overflow and apply dynamic chunking or summarize in stages so each call stays within the limit C) The AWS Region is wrong — move everything to us-east-1 D) The model temperature is too high — set it to 0

Correct Answer: B Intermittent failures and truncation on large inputs point to context-window overflow: the document plus prompt exceeds the model's token limit. The fix is to detect the overflow and apply dynamic chunking or staged (map-reduce style) summarization so each model call stays within the window. Granting AdministratorAccess is a security anti-pattern and unrelated. Region choice does not change context limits. Temperature controls randomness, not length.

How Did You Score?

17-20 correct: You are ready to book AIP-C01. Spend your remaining preparation drilling the heaviest domains — Foundation Model Integration (31%) and Implementation and Integration (26%) — and the scenario nuances where professional exams separate candidates: when to use provisioned throughput versus on-demand, hybrid versus pure vector search, and model cascading versus caching. The full 1,000-question ReadRoost AIP-C01 pack at readroo.st/marketplace/aip-c01-aws-generative-ai-developer covers every task statement.

12-16 correct: Solid base, but a professional-tier exam punishes shallow knowledge. Focus on Domain 1 — vector stores, chunking strategies, embeddings, retrieval design, and prompt governance — because at 31% it is the single largest scoring opportunity. Make sure you can reason about RAG architecture trade-offs, not just recall service names.

Under 12 correct: Build foundations first. If you have not taken AIF-C01 (AWS AI Practitioner), that foundational exam — and our aif-c01-practice-questions-free guide — is a good warm-up for the concepts AIP-C01 assumes. Then work through the official AWS AIP-C01 exam guide and the Amazon Bedrock documentation, focusing on Bedrock Knowledge Bases, Agents, Guardrails, and Prompt Management. AIP-C01 is a build-with-foundation-models exam, so hands-on time in Bedrock is worth more than any amount of reading. Come back to these 20 questions, then move on to the full pack.