A Developer has been asked to create an AWS Lambda function that is triggered any time updates are made to items in an Amazon DynamoDB table. The function has been created, and appropriate permissions have been added to the Lambda execution role. Amazon DynamoDB streams have been enabled for the table, but the function is still not being triggered. Which option would enable DynamoDB table updates to trigger the Lambda function?

Configure event source mapping for the Lambda function

Change the StreamViewType parameter value to NEW_AND_OLD_IMAGES for the DynamoDB table

Configure event source mapping for the Lambda function

Map an Amazon SNS topic to the DynamoDB streams

increase the maximum execution time (timeout) setting of the Lambda function

A Developer accesses AWS CodeCommit over SSH. The SSH keys configured to access AWS CodeCommit are tied to a user with the following permissions: The Developer needs to create/delete branches.Which specific IAM permissions need to be added, based on the principle of least privilege?

“codecommit:CreateBranch”“codecommit:DeleteBranch”

A company needs to ingest terabytes of data each hour from thousands of sources that are delivered almost continually throughout the day. The volume of messages generated varies over the course of the day. Messages must be delivered in real time for fraud detection and live operational dashboards.Which approach will meet these requirements?

Use Amazon Kinesis Data Streams with Kinesis Client Library to ingest and deliver messages

Send the messages to an Amazon SQS queue, then process the messages by using a fleet of Amazon EC2 instances

Use the Amazon S3 API to write messages to an S3 bucket, then process the messages by using Amazon Redshift

Use AWS Data Pipeline to automate the movement and transformation of data

Use Amazon Kinesis Data Streams with Kinesis Client Library to ingest and deliver messages

A company is running a Docker application on Amazon ECS. The application must scale based on user load in the last 15 seconds. How should a Developer instrument the code so that the requirement can be met?

Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds

Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds

Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds

Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds

Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds

A Developer wants to upload data to Amazon S3 and must encrypt the data in transit.Which of the following solutions will accomplish this task? (Choose two.)

Set up Client-Side Encryption with an AWS KMS-Managed Customer Master Key

Transfer the data over an SSL connection

Set up hardware VPN tunnels to a VPC and access S3 through a VPC endpoint

Set up Client-Side Encryption with an AWS KMS-Managed Customer Master Key

Set up Server-Side Encryption with AWS KMS-Managed Keys

Transfer the data over an SSL connection

Set up Server-Side Encryption with S3-Managed Keys

An AWS Lambda function must access an external site by using a regularly rotated user name and password. These items must be kept securely and cannot be stored in the function code. What combination of AWS services can be used to accomplish this? (Choose two.)

AWS Systems Manager Parameter Store

A Developer is working on an application that handles 10MB documents that contain highly-sensitive dat a. The application will use AWS KMS to perform client-side encryption. What steps must be followed?

Invoke the GenerateDataKey API to retrieve the plaintext version of the data encryption key to encrypt the data

Invoke the Encrypt API passing the plaintext data that must be encrypted, then reference the customer managed key ARN in the KeyId parameter

Invoke the GenerateRandom API to get a data encryption key, then use the data encryption key to encrypt the data

Invoke the GenerateDataKey API to retrieve the encrypted version of the data encryption key to encrypt the data

Invoke the GenerateDataKey API to retrieve the plaintext version of the data encryption key to encrypt the data

An application writes items to an Amazon DynamoDB table. As the application scales to thousands of instances, calls to the DynamoDB API generate occasional ThrottlingException errors. The application is coded in a language incompatible with the AWS SDK.How should the error be handled?

Add exponential backoff to the application logic

Use Amazon SQS as an API message bus

Pass API calls through Amazon API Gateway

Send the items to DynamoDB through Amazon Kinesis Data Firehose

A company is running an application built on AWS Lambda functions. One Lambda function has performance issues when it has to download a 50MB file from the Internet in every execution. This function is called multiple times a second. What solution would give the BEST performance increase?

Cache the file in the /tmp directory

Increase the Lambda maximum execution time

Put an Elastic Load Balancer in front of the Lambda function

A company needs to distribute firmware updates to its customers around the world.Which service will allow easy and secure control of the access to the downloads at the lowest cost?

Use Amazon CloudFront with signed URLs for Amazon S3

Create a dedicated Amazon CloudFront Distribution for each customer

Use Amazon CloudFront with AWS Lambda@Edge

Use Amazon API Gateway and AWS Lambda to control access to an S3 bucket

A Developer has a stateful web server on-premises that is being migrated to AWS. The Developer must have greater elasticity in the new design. How should the Developer re-factor the application to make it more elastic? (Choose two.)

Store session state data in an Amazon DynamoDB table

Use an ELB with an Auto Scaling group

Use pessimistic concurrency on Amazon DynamoDB

Use Amazon CloudFront with an Auto Scaling group

Use Amazon CloudFront with an AWS Web Application Firewall

Store session state data in an Amazon DynamoDB table

Use an ELB with an Auto Scaling group

A Developer is creating a template that uses AWS CloudFormation to deploy an application. This application is serverless and uses Amazon API Gateway, Amazon DynamoDB, and AWS Lambda. Which tool should the Developer use to define simplified syntax for expressing serverless resources?

CloudFormation serverless intrinsic functions

An AWS serverless application model

A CloudFormation serverless plugin

An e-commerce web application that shares session state on-premises is being migrated to AWS. The application must be fault tolerant, natively highly scalable, and any service interruption should not affect the user experience. What is the best option to store the session state?

Store the session state in Amazon ElastiCache

Store the session state in Amazon CloudFront

Store the session state in Amazon S3

Enable session stickiness using elastic load balancers

A Developer wants to debug an application by searching and filtering log dat a. The application logs are stored in Amazon CloudWatch Logs. The Developer creates a new metric filter to count exceptions in the application logs. However, no results are returned from the logs.What is the reason that no filtered results are being returned?

CloudWatch Logs only publishes metric data for events that happen after the filter is created

A setup of the Amazon CloudWatch interface VPC endpoint is required for filtering the CloudWatch Logs in the VPC

CloudWatch Logs only publishes metric data for events that happen after the filter is created

The log group for CloudWatch Logs should be first streamed to Amazon Elasticsearch Service before metric filtering returns the results

Metric data points for logs groups can be filtered only after they are exported to an Amazon S3 bucket

A Developer must analyze performance issues with production-distributed applications written as AWS Lambda functions. These distributed Lambda applications invoke other components that make up the applications. How should the Developer identify and troubleshoot the root cause of the performance issues in production?

Use AWS X-Ray, then examine the segments and errors

Add logging statements to the Lambda functions, then use Amazon CloudWatch to view the logs.

Use AWS Cloud Trail and then examine the logs

Use AWS X-Ray, then examine the segments and errors

Run Amazon Inspector agents and then analyze performance

A Developer is investigating an issue whereby certain requests are passing through an Amazon API Gateway endpoint /MyAPI, but the requests do not reach the AWS Lambda function backing /MyAPI. The Developer found that a second Lambda function sometimes runs at maximum concurrency allowed for the given AWS account. How can the Developer address this issue?

Configure the second Lambda function’s concurrency execution limit

Manually reduce the concurrent execution limit at the account level

Add another API Gateway stage for /MyAPI, and shard the requests

Configure the second Lambda function’s concurrency execution limit

Reduce the throttling limits in the API Gateway /MyAPI endpoint

A Developer is making changes to a custom application that is currently using AWS Elastic Beanstalk. After the Developer completes the changes, what solutions will update the Elastic Beanstalk environment with the new application version? (Choose two.)

Package the application code into a .tar file, and upload and deploy the packaged application from the AWS Management Console

Package the application code into a .zip file, create a new application version from the packaged application by using AWS CLI, then update the environment by using AWS CLI

Package the application code into a .zip file, and upload, then deploy the packaged application from the AWS Management Console

Package the application code into a .tar file, create a new application version from the AWS Management Console, then update the environment by using AWS CLI

Package the application code into a .tar file, and upload and deploy the packaged application from the AWS Management Console

Package the application code into a .zip file, create a new application version from the packaged application by using AWS CLI, then update the environment by using AWS CLI

Package the application code into a .zip file, create a new application version from the AWS Management Console, then rebuild the environment by using AWS CLI

A Developer is going to deploy an AWS Lambda function that requires significant CPU utilization.Which approach will MINIMIZE the average runtime of the function?

Deploy the function with its memory allocation set to the maximum amount

Deploy the function into multiple AWS Regions

Deploy the function into multiple Availability Zones

Deploy the function using Lambda layers

Deploy the function with its memory allocation set to the maximum amount

A Developer is publishing critical log data to a log group in Amazon CloudWatch Lops, which was created 2 months ago. The Developer must encrypt the log data using an AWS KMS customer master key (CMK) so future data can be encrypted to comply with me company's security policy How can the Developer meet this requirement?

Use the KMs console and associate the CMK with the log group

Use the Cloud Watch Logs console and enable the encrypt feature on the log group.

Use the AWS CLI create-log-group command and specify the key Amazon Resource Name (ARN)

Use the KMs console and associate the CMK with the log group

Use the AWS CLI associate-Kms-key command and specify the key Amazon Resource Name (ARN)

A company wants to containerize an existing three-tier web application and deploy it to Amazon ECS Fargate. The application is using session data to keep track of user activities. Which approach would provide the BEST user experience?

Enable session stickness in the existing Network Load Balancer and manage the session data in the container.

Provision a Redic cluster in Amazon ElasticCache and save the session data in the cluster

Create a session table in Amazon Redshift and save the session data in the database table.

Enable session stickness in the existing Network Load Balancer and manage the session data in the container.

Use an Amazon S3 bucket as data store and save the session data in the bucket.

A company has implemented AWS CodeDeploy as part of its cloud native CI/CD stack The company enables automatic rollbacks while deploying a new version of a popular web application from in place to Amazon EC2. What occurs it the deployment of the new version fails due to code regression?

CodeDeploy switches the Amazon Route 53 alias records back to the known good green deployment and terminates the failed blue deployment

The last known good deployment is automatically restored using the snapshot stored in Amazon S3

CodeDeploy switches the Amazon Route 53 alias records back to the known good green deployment and terminates the failed blue deployment

A new deployment of the last known good version of the application is deployed with a new deployment ID

AWS CodePipeline promotes the most recent deployment with a SUCCEEDED status to production

A Developer needs to deploy an application running on AWS Fargate using Amazon ECS. The application has environment variables that must be passed to a container tor the application to initialize How should the environment variables be passed to the container?

Define an array that includes the environment variables under the environment parameter within the task definition

Define an array that includes the environment variables under the environment parameter within the service definition

Define an array that includes the environment variables under the environment parameter within the task definition

Define an array that includes the environment variables under the entrypoint parameter within the task definition

Define in array that includes the environment variables under the entryPoint parameter within the service definition

A Developer decides lo store highly secure data in Amazon S3 and wants to implement server-side encryption (SSF) with granular control of who can access the master key Company policy requires that the master key be created, rotated, and disabled easily when needed, all for security reasons.Which solution should be used to moot these requirements?

SSFE with AWS KMS managed keys (SSE KMS)

SSE with Amazon S3 managed keys (SSE-S3)

SSFE with AWS KMS managed keys (SSE KMS)

SSE with customer provided encryption keys

A developer has created a new AWS IAM user that has s3 putobject permission to write to a specific Amazon bucket. This S3 bucket uses server-side encryption with AWS KMS managed keys (SEE-KMS) as the encryption. Using the access key and secret key of the IAM user, the application received an access denied error when calling the PutObject API. How can this issue be resolved?

Update the policy of the IAM user to allow the kms GenerateDatakey action

Update the policy of the IAM user to allow the s3 Encrypt action.

Update the bucket policy of the S3 bucket to allow the IAM user to upload objects

Update the policy of the IAM user to allow the kms GenerateDatakey action

Update the ACL of the bucket to allow the IAM user to upload objects

An application is running on a cluster of Amazon EC2 instance. While trying to read objects stored within a single Amazon S3 bucket that are encrypted with server-side encryption with AWS KMS managed keys (SSE-KMS), the application receives the following error:Service : AWSKMS: Status Code: 400: Code : ThrottlingExceptionWhich combination of steps should be taken to prevent this failure? (Select TWO.)

Contact AWS Support to request an AWS KMS rate limit increase.

Import a customer master key (CMK) with a larger key size.

Contact AWS Support to request an AWS KMS rate limit increase.

Perform error retries with exponential backoff in the application code.

Contact AWS Support to request a S3 rate limit increase.

Import a customer master key (CMK) with a larger key size.

Use more than one customer master key (CMK) to encrypt S3 data

An advertising company has a dynamic website with heavy traffic. The company wants to migrate the website infrastructure to AWS to handle everything except website development. Which solution BEST meets these requirements?

Deploy the website code in an AWS Elastic Beanstalk environment. Use Auto Scaling to scale the numbers of instance

Use AWS VM Import to migrate a web server image to AWS Launch the image on a computeoptimized Amazon EC2 instanceLaunch.

Launch multiple Amazon Lighsall instance behind a load balancer. Set up the website on those instances.

Deploy the website code in an AWS Elastic Beanstalk environment. Use Auto Scaling to scale the numbers of instance

Use Amazon S3 to host the website. Use Amazon CloudFornt to deliver the content at scale.

A Developer is migrating existing applications to AWS. These applications use MongoDB as their primary data store, and they will be deployed to Amazon EC2 instances. Management requires that the Developer minimize changes to applications while using AWS services Which solution should the Developer use to host MongoDB in AWS?

Replicate the existing MongoDB workload to Amazon DynamoDB

Install MongoDB on the same instance where the application is running

Deploy Amazon DocumentDB in MongoDB compatibility mode

Use Amazon API Gateway to translate API calls from MongoDB to Amazon DynamoDB.

Replicate the existing MongoDB workload to Amazon DynamoDB

A developer has written an application that runs on Amazon EC2 instances and generates a value every minute. The Developer wants to monitor and graph the values generated over time without logging in to the instance each time. Which approach should the Developer use to achieve this goal?

Publish each generated value as a custom metric to Amazon CloudWatch using available AWS SDKs

Use the Amazon CloudWatch metrics reported by default for all EC2 instances View each value from the CloudWatch console.

Develop the application to store each value in a file on Amazon S3 every minute with the Umestamp as the name

Publish each generated value as a custom metric to Amazon CloudWatch using available AWS SDKs

Store each value as a variable and add the variable to the list of EC2 metrics that should be reported to the Amazon CloudWatch console

A company stores all personally identifiable information (PII) in an Amazon DynamoDB table named PII in Account

Ask an Administrator in Account B to allow the EC2 IAM role permission to assume the AccessPII role

Include the AssumeRole API in the application code logic to obtain credentials to access the PlI table

An application running on Amazon EC2 instances in Account B requires access to the PII table. An administrators in Account A created an IAM role named AccessPII with privileges to access the PII table, and made account B a trusted entity.Which combination of actional steps should Developers take to access the table? (Select TWO )

Ask an Administrator in Account B to allow the EC2 IAM role permission to assume the AccessPII role

Ask an Administrator in Account B to allow the EC2 IAM role permission to assume the AccessPll role with predefined service control policies

Ask an Administrator in Account A to allow the EG2 IAM role permission to assume the AccessPII role with predefined service control policies.

Include the AssumeRole API in the application code logic to obtain credentials to access the PlI table

Include the GetSession token API in the application code logic to obtain credentials to access the Pll table

A developer is setting up Amazon API gateway for their company’s products. The API will be registered developers to query and update their environments. The company wants to limit the amount of requests end users send for.bot cost and security reason management wants to offer registered the option of buying larger packages that allow for more requests.

Enable throttling for the API Gateway stage Set a value tor both the rate and burst capacity If a registered larger package, create a stage for them, adjust the values, and share the new URL with them.

Set up Amazon CloudWatch API logging in API Gateway Create a filter based on the user and requestTime fields and create an alarm on this filter Write an AWS Lambda function to analyze the values and requester information, and respond accordingly Set up the function as the target tor the alarm If a registered user chooses a larger package, update the Lambda code with the values

Enable Amazon CloudWatch metrics for the API Gateway stage Set up CloudWatch alarms based oft the Count metric and the ApiName, Method, Resource, and Stage dimensions to alerts when request rates pass the threshold Set the alarm action to Deny If a registered user chooses a larger package, create a user-specific alarm and adjust the values

Set up a default usage plan specify values for the rate and burst capacity, and associate it with a stage If a registered user chooses a larger package, create a custom plan with the appropriate values and associate the plan with the user

A global company has an application running on Amazon EC2 instances that serves image files from Amazon S3. User requests from the browser are causing high traffic, which results in degraded performance. Which optimization solution should a Developer implement to increase application performance?

Create an Amazon ElastiCache cluster to cache and serve frequently accessed items.

Create multiple prefix in the S3 bucket to increase the request rate

Create an Amazon ElastiCache cluster to cache and serve frequently accessed items.

Use Amazon CloudFront to serve the content of images stored in Amazon S3.

Submit a ticket to AWS support to request a rate limit increase for the S3 bucket.

A Developer is writing an application that runs on Amazon EC2 instances in an Auto scaling group.The application data is stored in an Amazon DynamoDB table and records are constantly updated by all instances. An instance sometimes retrieves old dat a. The Developer wants to correct this by making sure the reads are strongly consistent.How can the developer accomplish this?

Create a new DynamoDB Accelerator (DAX) table.

Set consistentRead to true when calling Getitem.

Create a new DynamoDB Accelerator (DAX) table.

Set consistency to strong when calling Update Table.

Use the Getshardlterator command.

A company provides APIs as a service and commits to a service level agreement (SLA) with all its users. To comply with each SLA, what should the company do?

Enable default throttling limits for each stage after deploying the APIs.

Enable throttling limits for each method in Amazon API Getaway.

Create a usage plan for each user and request API keys to access the APIs.

Enable API rate limiting in Amazon cognito for each user.

Enable default throttling limits for each stage after deploying the APIs.

A Developer is migrating an on-premises application to AWS. The application currently takes user uploads and saves them to a local directory on the server. All uploads must be saved and made immediately available to all instances in an Auto scaling group.Which approach will meet these requirements?

Use Amazon S3 and rearchitect the application so all uploads are placed in S3.

Use Amazon EBS and configure the application AMI to use a snapshot of the same EBS instance on boot.

Use Amazon S3 and rearchitect the application so all uploads are placed in S3.

Use instance storage and share it between instances launched from the same Amazon machine image (AMI).

Use Amazon EBS and file synchronization software to achieve eventual consistency among the auto scaling group.

Amazon DVA-C01 Practice Test 7 - Free Online Exam Questions 241-280

An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C. What is the MOST secure way to allow the application to call AWS services in each audited account?

Become a Premium Member for full access

Unlock Premium Member

Amazon DVA-C01 Practice Test 7

Question

Drag and Drop

Hot Area

Amazon DVA-C01 Practice Tests

Practice Tests