ExamGecko
Search Search Login
Home Home / Amazon / DVA-C01

Amazon DVA-C01 Practice Test - Questions Answers, Page 18

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You are writing to a DynamoDB table and receive the following exception:" ProvisionedThroughputExceededException". though according to your Cloudwatch metrics for the table, you are not exceeding your provisioned throughput. What could be an explanation for this?
During non-peak hours, a Developer wants to minimize the execution time of a full Amazon DynamoDB table scan without affecting normal workloads. The workloads average half of the strongly consistent read capacity units during non-peak hours. How would the Developer optimize this scan?
You are providing AWS consulting services for a company developing a new mobile application that will be leveraging Amazon SNS Mobile Push for push notifications. In order to send direct notification messages to individual devices each device registration identifier or token needs to be registered with SNS; however the developers are not sure of the best way to do this. You advise them to:
A developer runs an application that uses an Amazon API Gateway REST API. The developer needs to implement a solution to proactively monitor the health of both API responses and latencies in case a deployment causes a service disruption despite passing deployment pipeline tests. The solution also must check for endpoint vulnerability and unauthorized changes to APIs. URLs, and website content. Which solution will meet these requirements?
Which of the following are correct statements with policy evaluation logic in AWS Identity and Access Management? Choose 2 answers
A company is migrating a web application from on premises to AWS. The company needs to move session storage from the application code to a shared service as part of the migration. The session storage data must be encrypted at rest. Which AWS services meet these requirements? (Choose two.)
A developer has written the following 1AM policy to provide access to an Amazon S3 bucket: Which access does the policy allow regarding the s3:GetObject and s3:PutObject actions'?
An application stores payroll information nightly in DynamoDB for a large number of employees across hundreds of offices. Item attributes consist of individual name, office identifier, and cumulative daily hours. Managers run reports for ranges of names working in their office. One query is. "Return all Items in this office for names starting with A through E". Which table configuration will result in the lowest impact on provisioned throughput for this query?
Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table. What is the most secure approach for signing requests to the DynamoDB API?
A developer is integrating Amazon ElastiCache in an application. The cache will store data from a database. The cached data must populate real-time dashboards. Which caching strategy will meet these requirements?

Question 171

Report
Export
Collapse

A customer wants to deploy its source code on an AWS Elastic Beanstalk environment. The customer needs to perform deployment with minimal outage and should only use existing instances to retain application access log. What deployment policy would satisfy these requirements?

A.
Rolling
A.
Rolling
Answers
B.
All at once
B.
All at once
Answers
C.
Rolling with an additional batch
C.
Rolling with an additional batch
Answers
D.
Immutable
D.
Immutable
Answers
Suggested answer: A

Question 172

Report
Export
Collapse

A Developer has been asked to build a real-time dashboard web application to visualize the key prefixes and storage size of objects in Amazon S3 buckets. Amazon DynamoDB will be used to store the Amazon S3 metadata. What is the optimal and MOST cost-effective design to ensure that the real-time dashboard is kept up to date with the state of the objects in the Amazon S3 buckets?

A.
Use an Amazon CloudWatch event backed by an AWS Lambda function. Issue an Amazon S3 API call to get a list of all Amazon S3 objects and persist the metadata within DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
A.
Use an Amazon CloudWatch event backed by an AWS Lambda function. Issue an Amazon S3 API call to get a list of all Amazon S3 objects and persist the metadata within DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
Answers
B.
Use Amazon S3 Event Notification backed by a Lambda function to persist the metadata into DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
B.
Use Amazon S3 Event Notification backed by a Lambda function to persist the metadata into DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
Answers
C.
Run a cron job within an Amazon EC2 instance to list all objects within Amazon S3 and persist the metadata into DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
C.
Run a cron job within an Amazon EC2 instance to list all objects within Amazon S3 and persist the metadata into DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
Answers
D.
Create a new Amazon EMR cluster to get all the metadata about Amazon S3 objects; persist the metadata into DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
D.
Create a new Amazon EMR cluster to get all the metadata about Amazon S3 objects; persist the metadata into DynamoDB. Have the web application poll the DynamoDB table to reflect this change.
Answers
Suggested answer: A

Question 173

Report
Export
Collapse

A Developer must repeatedly and consistently deploy a serverless RESTful API on AWS.

Which techniques will work? (Choose two.)

A.
Define a Swagger file. Use AWS Elastic Beanstalk to deploy the Swagger file.
A.
Define a Swagger file. Use AWS Elastic Beanstalk to deploy the Swagger file.
Answers
B.
Define a Swagger file. Use AWS CodeDeploy to deploy the Swagger file.
B.
Define a Swagger file. Use AWS CodeDeploy to deploy the Swagger file.
Answers
C.
Deploy a SAM template with an inline Swagger definition.
C.
Deploy a SAM template with an inline Swagger definition.
Answers
D.
Define a Swagger file. Deploy a SAM template that references the Swagger file.
D.
Define a Swagger file. Deploy a SAM template that references the Swagger file.
Answers
E.
Define an inline Swagger definition in a Lambda function. Invoke the Lambda function.
E.
Define an inline Swagger definition in a Lambda function. Invoke the Lambda function.
Answers
Suggested answer: C, D

Explanation:

https://aws.amazon.com/about-aws/whats-new/2017/02/aws-serverless-application-model-awssam-supports-inline-swagger-and-aws-cloudformation-intrinsic-functions/ https://aws.amazon.com/about-aws/whats-new/2017/02/aws-serverless-application-model-awssam-supports-inline-swagger-and-aws-cloudformation-intrinsic-functions/

Question 174

Report
Export
Collapse

A set of APIs are exposed to customers using the Amazon API Gateway. These APIs have caching enabled on the API Gateway. Customers have asked for an option to invalidate this cache for each of the APIs. What action can be taken to allow API customers to invalidate the API Cache?

A.
Ask customers to use AWS credentials to call the InvalidateCache API.
A.
Ask customers to use AWS credentials to call the InvalidateCache API.
Answers
B.
Ask customers to invoke an AWS API endpoint which invalidates the cache.
B.
Ask customers to invoke an AWS API endpoint which invalidates the cache.
Answers
C.
Ask customers to pass an HTTP header called Cache-Control:max-age=0.
C.
Ask customers to pass an HTTP header called Cache-Control:max-age=0.
Answers
D.
Ask customers to add a query string parameter called “INVALIDATE_CACHE” when making an API call.
D.
Ask customers to add a query string parameter called “INVALIDATE_CACHE” when making an API call.
Answers
Suggested answer: C

Explanation:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.htmlInvalidate an API Gateway Cache Entry A client of your API can invalidate an existing cache entry and reload it from the integration endpoint for individual requests. The client must send a request thatcontains the Cache-Control: max-age=0 header. The client receives the response directly from theintegration endpoint instead of the cache, provided that the client is authorized to do so. This replaces the existing cache entry with the new response, which is fetched from the integrationendpoint.

Question 175

Report
Export
Collapse

A Developer uses AWS CodeDeploy to automate application deployment that connects to an external MySQL database. The Developer wants to securely access the encrypted secrets, such as API keys and database passwords. Which of the following solutions would involve the LEAST administrative effort?

A.
Save the secrets in Amazon S3 with AWS KMS server-side encryption, and use a signed URL to access them by using the IAM role from Amazon EC2 instances.
A.
Save the secrets in Amazon S3 with AWS KMS server-side encryption, and use a signed URL to access them by using the IAM role from Amazon EC2 instances.
Answers
B.
Use the instance metadata to store the secrets and to programmatically access the secrets from EC2 instances.
B.
Use the instance metadata to store the secrets and to programmatically access the secrets from EC2 instances.
Answers
C.
Use the Amazon DynamoDB client-side encryption library to save the secrets in DynamoDB and to programmatically access the secrets from EC2 instances.
C.
Use the Amazon DynamoDB client-side encryption library to save the secrets in DynamoDB and to programmatically access the secrets from EC2 instances.
Answers
D.
Use AWS SSM Parameter Store to store the secrets and to programmatically access them by using the IAM role from EC2 instances.
D.
Use AWS SSM Parameter Store to store the secrets and to programmatically access them by using the IAM role from EC2 instances.
Answers
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameterstore.html

Question 176

Report
Export
Collapse

An application running on EC2 instances is storing data in an S3 bucket. Security policy mandates that all data must be encrypted in transit.

How can the Developer ensure that all traffic to the S3 bucket is encrypted?

A.
Install certificates on the EC2 instances.
A.
Install certificates on the EC2 instances.
Answers
B.
Create a bucket policy that allows traffic where SecureTransport is true.
B.
Create a bucket policy that allows traffic where SecureTransport is true.
Answers
C.
Create an HTTPS redirect on the EC2 instances.
C.
Create an HTTPS redirect on the EC2 instances.
Answers
D.
Create a bucket policy that denies traffic where SecureTransport is false.
D.
Create a bucket policy that denies traffic where SecureTransport is false.
Answers
Suggested answer: D

Explanation:

https://aws.amazon.com/blogs/security/how-to-use-bucket-policies-and-apply-defense-in-depth-tohelp-secure-your-amazon-s3-data/

Question 177

Report
Export
Collapse

A company is developing a new online game that will run on top of Amazon ECS. Four distinct Amazon ECS services will be part of the architecture, each requiring specific permissions to various AWS services. The company wants to optimize the use of the underlying Amazon EC2 instances by bin packing the containers based on memory reservation. Which configuration would allow the Development team to meet these requirements MOST securely?

A.
Create a new Identity and Access Management (IAM) instance profile containing the required permissions for the various ECS services, then associate that instance role with the underlying EC2 instances.
A.
Create a new Identity and Access Management (IAM) instance profile containing the required permissions for the various ECS services, then associate that instance role with the underlying EC2 instances.
Answers
B.
Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then configure each ECS service to reference the associated IAM role.
B.
Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then configure each ECS service to reference the associated IAM role.
Answers
C.
Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then, create an IAM group and configure the ECS cluster to reference that group.
C.
Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then, create an IAM group and configure the ECS cluster to reference that group.
Answers
D.
Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then configure each ECS task definition to referen?e the associated IAM role.
D.
Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then configure each ECS task definition to referen?e the associated IAM role.
Answers
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html.

Question 178

Report
Export
Collapse

A company needs to encrypt data at rest, but it wants to leverage an AWS managed service using its own master key. Which of the following AWS service can be used to meet these requirements?

A.
SSE with Amazon S3
A.
SSE with Amazon S3
Answers
B.
SSE with AWS KMS
B.
SSE with AWS KMS
Answers
C.
Client-side encryption
C.
Client-side encryption
Answers
D.
AWS IAM roles and policies
D.
AWS IAM roles and policies
Answers
Suggested answer: B

Question 179

Report
Export
Collapse

When a Developer tries to run an AWS CodeBuild project, it raises an error because the length of all environment variables exceeds the limit for the combined maximum of characters. What is the recommended solution?

A.
Add the export LC_ALL=“en_US.utf8” command to the pre_build section to ensure POSIX localization.
A.
Add the export LC_ALL=“en_US.utf8” command to the pre_build section to ensure POSIX localization.
Answers
B.
Use Amazon Cognito to store key-value pairs for large numbers of environment variables.
B.
Use Amazon Cognito to store key-value pairs for large numbers of environment variables.
Answers
C.
Update the settings for the build project to use an Amazon S3 bucket for large numbers of environment variables.
C.
Update the settings for the build project to use an Amazon S3 bucket for large numbers of environment variables.
Answers
D.
Use AWS Systems Manager Parameter Store to store large numbers of environment variables.
D.
Use AWS Systems Manager Parameter Store to store large numbers of environment variables.
Answers
Suggested answer: D

Question 180

Report
Export
Collapse

A Lambda function is packaged for deployment to multiple environments, including development, test, production, etc. Each environment has unique set of resources such as databases, etc. How can the Lambda function use the resources for the current environment?

A.
Apply tags to the Lambda functions.
A.
Apply tags to the Lambda functions.
Answers
B.
Hardcore resources in the source code.
B.
Hardcore resources in the source code.
Answers
C.
Use environment variables for the Lambda functions.
C.
Use environment variables for the Lambda functions.
Answers
D.
Use separate function for development and production.
D.
Use separate function for development and production.
Answers
Suggested answer: C
Total 608 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms