ExamGecko
Search Search Login
Home Home / Amazon / DVA-C01

Amazon DVA-C01 Practice Test - Questions Answers, Page 23

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You are writing to a DynamoDB table and receive the following exception:" ProvisionedThroughputExceededException". though according to your Cloudwatch metrics for the table, you are not exceeding your provisioned throughput. What could be an explanation for this?
During non-peak hours, a Developer wants to minimize the execution time of a full Amazon DynamoDB table scan without affecting normal workloads. The workloads average half of the strongly consistent read capacity units during non-peak hours. How would the Developer optimize this scan?
You are providing AWS consulting services for a company developing a new mobile application that will be leveraging Amazon SNS Mobile Push for push notifications. In order to send direct notification messages to individual devices each device registration identifier or token needs to be registered with SNS; however the developers are not sure of the best way to do this. You advise them to:
A company is migrating a web application from on premises to AWS. The company needs to move session storage from the application code to a shared service as part of the migration. The session storage data must be encrypted at rest. Which AWS services meet these requirements? (Choose two.)
A developer runs an application that uses an Amazon API Gateway REST API. The developer needs to implement a solution to proactively monitor the health of both API responses and latencies in case a deployment causes a service disruption despite passing deployment pipeline tests. The solution also must check for endpoint vulnerability and unauthorized changes to APIs. URLs, and website content. Which solution will meet these requirements?
Which of the following are correct statements with policy evaluation logic in AWS Identity and Access Management? Choose 2 answers
An application stores payroll information nightly in DynamoDB for a large number of employees across hundreds of offices. Item attributes consist of individual name, office identifier, and cumulative daily hours. Managers run reports for ranges of names working in their office. One query is. "Return all Items in this office for names starting with A through E". Which table configuration will result in the lowest impact on provisioned throughput for this query?
A developer has written the following 1AM policy to provide access to an Amazon S3 bucket: Which access does the policy allow regarding the s3:GetObject and s3:PutObject actions'?
Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table. What is the most secure approach for signing requests to the DynamoDB API?
A developer is integrating Amazon ElastiCache in an application. The cache will store data from a database. The cached data must populate real-time dashboards. Which caching strategy will meet these requirements?

Question 221

Report
Export
Collapse


Where can PortMapping be defined when launching containers in Amazon ECS?

A.
Security groups
A.
Security groups
Answers
B.
Amazon Elastic Container Registry (Amzon ECR)
B.
Amazon Elastic Container Registry (Amzon ECR)
Answers
C.
Container agent
C.
Container agent
Answers
D.
Task definition
D.
Task definition
Answers
Suggested answer: D

Question 222

Report
Export
Collapse

An application uses Amazon Kinesis Data Streams to ingest and process large streams of data records in real time. Amazon EC2 instances consume and process the data from the shards of the Kinesis data stream by using Amazon Kinesis Client Library (KCL). The application handles the failure scenarios and does not require standby workers. The application reports that a specific shard is receiving more data than expected. To adapt to the chnages in the rate of data flow, the “hot” shard is resharded.

Assuming that the initial number of shards in the Kinesis data stream is 4, and after resharding the number of shards increased to 6, what is the maximum number of EC2 instances that can be deployed to process data from all the shards?

A.
12
A.
12
Answers
B.
6
B.
6
Answers
C.
4
C.
4
Answers
D.
1
D.
1
Answers
Suggested answer: B

Explanation:

Typically, when you use the KCL, you should ensure that the number of instances does not exceed the number of shards (except for failure standby purposes). Each shard is processed by exactly one KCL worker and has exactly one corresponding record processor, so you never need multiple instances to process one shard. However, one worker can process any number of shards, so it's fine if the number of shards exceeds the number of instances. https://docs.aws.amazon.com/streams/latest/dev/kinesis-record-processor-scaling.html

Question 223

Report
Export
Collapse

A Development team is working on a case management solution that allows medical claims to be processed and reviewed. Users log in to provide information related to their medical and financial situations. As part of the application, sensitive documents such as medical records, medical imaging, bank statements, and receipts are uploaded to Amazon S3. All documents must be securely transmitted and stored. All access to the documents must be recorded for auditing.

What is the MOST secure approach?

A.
Use S3 default encryption using Advanced Encryption Standard-256 (AES-256) on the destination bucket.
A.
Use S3 default encryption using Advanced Encryption Standard-256 (AES-256) on the destination bucket.
Answers
B.
Use Amazon Cognito for authorization and authentication to ensure the security of the application and documents.
B.
Use Amazon Cognito for authorization and authentication to ensure the security of the application and documents.
Answers
C.
Use AWS Lambda to encrypt and decrypt objects as they are placed into the S3 bucket.
C.
Use AWS Lambda to encrypt and decrypt objects as they are placed into the S3 bucket.
Answers
D.
Use client-side encryption/decryption with Amazon S3 and AWS KMS.
D.
Use client-side encryption/decryption with Amazon S3 and AWS KMS.
Answers
Suggested answer: A

Explanation:

https://aws.amazon.com/s3/faqs/?nc1=h_ls.

Question 224

Report
Export
Collapse

A Developer is trying to make API calls using SDK. The IAM user credentials used by the application require multi-factor authentication for all API calls. Which method the Developer use to access the multi-factor authentication protected API?

A.
GetFederationToken
A.
GetFederationToken
Answers
B.
GetCallerIdentity
B.
GetCallerIdentity
Answers
C.
GetSessionToken
C.
GetSessionToken
Answers
D.
DecodeAutherizationMessage
D.
DecodeAutherizationMessage
Answers
Suggested answer: B

Question 225

Report
Export
Collapse

An Amazon RDS database instance is used by many applications to look up historical dat a. The query rate is relatively constant. When the historical data is updated each day, the resulting write traffic slows the read query performance and affects all application users.

What can be done to eliminate the performance impact on application users?

A.
Make sure Amazon RDS is Multi-AZ so it can better absorb increased traffic.
A.
Make sure Amazon RDS is Multi-AZ so it can better absorb increased traffic.
Answers
B.
Create an RDS Read Replica and direct all read traffic to the replica.
B.
Create an RDS Read Replica and direct all read traffic to the replica.
Answers
C.
Implement Amazon ElastiCache in front of Amazon RDS to buffer the write traffic.
C.
Implement Amazon ElastiCache in front of Amazon RDS to buffer the write traffic.
Answers
D.
Use Amazon DynamoDB instead of Amazon RDS to buffer the read traffic.
D.
Use Amazon DynamoDB instead of Amazon RDS to buffer the read traffic.
Answers
Suggested answer: B

Explanation:

https://aws.amazon.com/rds/details/read-replicas/

Question 226

Report
Export
Collapse

A company wants to implement authentication for its new REST service using Amazon API Gateway.

To authenticate the calls, each request must include HTTP headers with a client ID and user ID. Thesecredentials must be compared to authentication data in an Amazon DynamoDB table. What MUST the company do to implement this authentication in API Gateway?

A.
Implement an AWS Lambda authorizer that references the DynamoDB authentication table
A.
Implement an AWS Lambda authorizer that references the DynamoDB authentication table
Answers
B.
Create a model that requires the credentials, then grant API Gateway access to the authentication table
B.
Create a model that requires the credentials, then grant API Gateway access to the authentication table
Answers
C.
Modify the integration requests to require the credentials, then grant API Gateway access to the authentication table
C.
Modify the integration requests to require the credentials, then grant API Gateway access to the authentication table
Answers
D.
Implement an Amazon Cognito authorizer that references the DynamoDB authentication table
D.
Implement an Amazon Cognito authorizer that references the DynamoDB authentication table
Answers
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambdaauthorizer.html

Question 227

Report
Export
Collapse

A company is creating a REST service using an Amazon API Gateway with AWS Lambda integration.

The service must run different versions for testing purposes.

What would be the BEST way to accomplish this?

A.
Use an X-Version header to denote which version is being called and pass that header to the Lambda function(s)
A.
Use an X-Version header to denote which version is being called and pass that header to the Lambda function(s)
Answers
B.
Create an API Gateway Lambda authorizer to route API clients to the correct API version
B.
Create an API Gateway Lambda authorizer to route API clients to the correct API version
Answers
C.
Create an API Gateway resource policy to isolate versions and provide context to the Lambda function(s)
C.
Create an API Gateway resource policy to isolate versions and provide context to the Lambda function(s)
Answers
D.
Deploy the API versions as unique stages with unique endpoints and use stage variables to provide further context
D.
Deploy the API versions as unique stages with unique endpoints and use stage variables to provide further context
Answers
Suggested answer: A

Explanation:

The service run different versions for testing purposes. means different stages, stage variable is the way to go.

Question 228

Report
Export
Collapse

A Developer is storing sensitive documents in Amazon S3 that will require encryption at rest. The encryption keys must be rotated annually, at least. What is the easiest way to achieve this?

A.
Encrypt the data before sending it to Amazon S3
A.
Encrypt the data before sending it to Amazon S3
Answers
B.
Import a custom key into AWS KMS with annual rotation enabled
B.
Import a custom key into AWS KMS with annual rotation enabled
Answers
C.
Use AWS KMS with automatic key rotation
C.
Use AWS KMS with automatic key rotation
Answers
D.
Export a key from AWS KMS to encrypt the data
D.
Export a key from AWS KMS to encrypt the data
Answers
Suggested answer: C

Explanation:

https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html

https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.htmlYou can use the same techniques to view and manage the CMKs in your custom key store that you use for CMKs in the AWS KMS key store. You can control access with IAM and key policies, create tags and aliases, enable and disable the CMKs, and schedule key deletion. You can use the CMKs forcryptographic operations and use them with AWS services that integrate with AWS KMS. However,you cannot enable automatic key rotation and you cannot import key material into a CMK in a custom key store. Q: Can I rotate my keys? Yes. You can choose to have AWS KMS automatically rotate CMKs every year, provided that those keys were generated within AWS KMS HSMs. Automatic key rotation is not supported for imported keys, asymmetric keys, or keys generated in an AWS CloudHSM cluster using the AWS KMS custom key store feature. If you choose to import keys to AWS KMS or asymmetric keys or use a custom key store, you can manually rotate them by creating a new CMK and mapping an existing key alias from the old CMK to the new CMK. https://aws.amazon.com/kms/faqs/

Question 229

Report
Export
Collapse

When developing an AWS Lambda function that processes Amazon Kinesis Data Streams, Administrators within the company must receive a notice that includes the processed data. How should the Developer write the function to send processed data to the Administrators?

A.
Separate the Lambda handler from the core logic
A.
Separate the Lambda handler from the core logic
Answers
B.
Use Amazon CloudWatch Events to send the processed data
B.
Use Amazon CloudWatch Events to send the processed data
Answers
C.
Publish the processed data to an Amazon SNS topic
C.
Publish the processed data to an Amazon SNS topic
Answers
D.
Push the processed data to Amazon SQS
D.
Push the processed data to Amazon SQS
Answers
Suggested answer: C

Explanation:

https://stackoverflow.com/questions/13681213/what-is-the-difference-between-amazon-sns-andamazon-sqs https://stackoverflow.com/questions/31484868/can-you-publish-a-message-to-an-sns-topic-usingan-aws-lambda-function-backed-by/31485168

Question 230

Report
Export
Collapse

A Developer is writing a REST service that will add items to a shopping list. The service is built on Amazon API Gateway with AWS Lambda integrations. The shopping list items are send as query string parameters in the method request. How should the Developer convert the query string parameters to arguments for the Lambda function?

A.
Enable request validation
A.
Enable request validation
Answers
B.
Include the Amazon Resource Name (ARN) of the Lambda function
B.
Include the Amazon Resource Name (ARN) of the Lambda function
Answers
C.
Change the integration type
C.
Change the integration type
Answers
D.
Create a mapping template
D.
Create a mapping template
Answers
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/apigateway/latest/developerguide/integrating-api-with-aws-serviceslambda.html#api-as-lambda-proxy-expose-get-method-with-query-strings-to-call-lambda-function

Total 608 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms