ExamGecko
Search Search Login
Home Home / Amazon / DVA-C01

Amazon DVA-C01 Practice Test - Questions Answers, Page 25

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You are writing to a DynamoDB table and receive the following exception:" ProvisionedThroughputExceededException". though according to your Cloudwatch metrics for the table, you are not exceeding your provisioned throughput. What could be an explanation for this?
During non-peak hours, a Developer wants to minimize the execution time of a full Amazon DynamoDB table scan without affecting normal workloads. The workloads average half of the strongly consistent read capacity units during non-peak hours. How would the Developer optimize this scan?
You are providing AWS consulting services for a company developing a new mobile application that will be leveraging Amazon SNS Mobile Push for push notifications. In order to send direct notification messages to individual devices each device registration identifier or token needs to be registered with SNS; however the developers are not sure of the best way to do this. You advise them to:
A company is migrating a web application from on premises to AWS. The company needs to move session storage from the application code to a shared service as part of the migration. The session storage data must be encrypted at rest. Which AWS services meet these requirements? (Choose two.)
A developer runs an application that uses an Amazon API Gateway REST API. The developer needs to implement a solution to proactively monitor the health of both API responses and latencies in case a deployment causes a service disruption despite passing deployment pipeline tests. The solution also must check for endpoint vulnerability and unauthorized changes to APIs. URLs, and website content. Which solution will meet these requirements?
Which of the following are correct statements with policy evaluation logic in AWS Identity and Access Management? Choose 2 answers
An application stores payroll information nightly in DynamoDB for a large number of employees across hundreds of offices. Item attributes consist of individual name, office identifier, and cumulative daily hours. Managers run reports for ranges of names working in their office. One query is. "Return all Items in this office for names starting with A through E". Which table configuration will result in the lowest impact on provisioned throughput for this query?
A developer has written the following 1AM policy to provide access to an Amazon S3 bucket: Which access does the policy allow regarding the s3:GetObject and s3:PutObject actions'?
Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table. What is the most secure approach for signing requests to the DynamoDB API?
A developer is integrating Amazon ElastiCache in an application. The cache will store data from a database. The cached data must populate real-time dashboards. Which caching strategy will meet these requirements?

Question 241

Report
Export
Collapse

An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C. What is the MOST secure way to allow the application to call AWS services in each audited account?

A.
Configure cross-account roles in each audited account. Write code in Account A that assumes those roles
A.
Configure cross-account roles in each audited account. Write code in Account A that assumes those roles
Answers
B.
Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions
B.
Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions
Answers
C.
Deploy an application in each audited account with its own role. Have Account A authenticate with the application
C.
Deploy an application in each audited account with its own role. Have Account A authenticate with the application
Answers
D.
Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys
D.
Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys
Answers
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html

Question 242

Report
Export
Collapse

A Developer has been asked to create an AWS Lambda function that is triggered any time updates are made to items in an Amazon DynamoDB table. The function has been created, and appropriate permissions have been added to the Lambda execution role. Amazon DynamoDB streams have been enabled for the table, but the function is still not being triggered. Which option would enable DynamoDB table updates to trigger the Lambda function?

A.
Change the StreamViewType parameter value to NEW_AND_OLD_IMAGES for the DynamoDB table
A.
Change the StreamViewType parameter value to NEW_AND_OLD_IMAGES for the DynamoDB table
Answers
B.
Configure event source mapping for the Lambda function
B.
Configure event source mapping for the Lambda function
Answers
C.
Map an Amazon SNS topic to the DynamoDB streams
C.
Map an Amazon SNS topic to the DynamoDB streams
Answers
D.
increase the maximum execution time (timeout) setting of the Lambda function
D.
increase the maximum execution time (timeout) setting of the Lambda function
Answers
Suggested answer: B

Explanation:

https://docs.aws.amazon.com/en_us/amazondynamodb/latest/developerguide/Streams.Lambda.Tutorial.htmlCreate an event source mapping to tell Lambda to send records from your stream to a Lambdafunction. You can create multiple event source mappings to process the same data with multipleLambda functions, or process items from multiple streams with a single function.

Question 243

Report
Export
Collapse

A Developer accesses AWS CodeCommit over SSH. The SSH keys configured to access AWS CodeCommit are tied to a user with the following permissions:

The Developer needs to create/delete branches.

Which specific IAM permissions need to be added, based on the principle of least privilege?

A.
“codecommit:CreateBranch”“codecommit:DeleteBranch”
A.
“codecommit:CreateBranch”“codecommit:DeleteBranch”
Answers
B.
“codecommit:Put*”
B.
“codecommit:Put*”
Answers
C.
“codecommit:Update*”
C.
“codecommit:Update*”
Answers
D.
“codecommit:*”
D.
“codecommit:*”
Answers
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissionsreference.html#aa-branches https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-iam-identitybased-access-control.html

Question 244

Report
Export
Collapse

A company needs to ingest terabytes of data each hour from thousands of sources that are delivered almost continually throughout the day. The volume of messages generated varies over the course of the day. Messages must be delivered in real time for fraud detection and live operational dashboards.

Which approach will meet these requirements?

A.
Send the messages to an Amazon SQS queue, then process the messages by using a fleet of Amazon EC2 instances
A.
Send the messages to an Amazon SQS queue, then process the messages by using a fleet of Amazon EC2 instances
Answers
B.
Use the Amazon S3 API to write messages to an S3 bucket, then process the messages by using Amazon Redshift
B.
Use the Amazon S3 API to write messages to an S3 bucket, then process the messages by using Amazon Redshift
Answers
C.
Use AWS Data Pipeline to automate the movement and transformation of data
C.
Use AWS Data Pipeline to automate the movement and transformation of data
Answers
D.
Use Amazon Kinesis Data Streams with Kinesis Client Library to ingest and deliver messages
D.
Use Amazon Kinesis Data Streams with Kinesis Client Library to ingest and deliver messages
Answers
Suggested answer: D

Explanation:

https://aws.amazon.com/streaming-data/

Question 245

Report
Export
Collapse

A company is running a Docker application on Amazon ECS. The application must scale based on user load in the last 15 seconds. How should a Developer instrument the code so that the requirement can be met?

A.
Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds
A.
Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds
Answers
B.
Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds
B.
Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds
Answers
C.
Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds
C.
Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds
Answers
D.
Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds
D.
Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds
Answers
Suggested answer: B

Explanation:

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html#highresolution-metrics

Question 246

Report
Export
Collapse

A Developer wants to upload data to Amazon S3 and must encrypt the data in transit.

Which of the following solutions will accomplish this task? (Choose two.)

A.
Set up hardware VPN tunnels to a VPC and access S3 through a VPC endpoint
A.
Set up hardware VPN tunnels to a VPC and access S3 through a VPC endpoint
Answers
B.
Set up Client-Side Encryption with an AWS KMS-Managed Customer Master Key
B.
Set up Client-Side Encryption with an AWS KMS-Managed Customer Master Key
Answers
C.
Set up Server-Side Encryption with AWS KMS-Managed Keys
C.
Set up Server-Side Encryption with AWS KMS-Managed Keys
Answers
D.
Transfer the data over an SSL connection
D.
Transfer the data over an SSL connection
Answers
E.
Set up Server-Side Encryption with S3-Managed Keys
E.
Set up Server-Side Encryption with S3-Managed Keys
Answers
Suggested answer: B, D

Explanation:

https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html

Question 247

Report
Export
Collapse

A Developer is trying to deploy a serverless application using AWS CodeDeploy. The application was updated and needs to be redeployed. What file does the Developer need to update to push that change through CodeDeploy?

A.
dockerrun.aws.json
A.
dockerrun.aws.json
Answers
B.
buildspec.yml
B.
buildspec.yml
Answers
C.
appspec.yml
C.
appspec.yml
Answers
D.
ebextensions.config
D.
ebextensions.config
Answers
Suggested answer: C

Explanation:

https://docs.aws.amazon.com/codedeploy/latest/userguide/application-revisions-push.html

Question 248

Report
Export
Collapse

An AWS Lambda function must access an external site by using a regularly rotated user name and password. These items must be kept securely and cannot be stored in the function code. What combination of AWS services can be used to accomplish this? (Choose two.)

A.
AWS Certificate Manager (ACM)
A.
AWS Certificate Manager (ACM)
Answers
B.
AWS Systems Manager Parameter Store
B.
AWS Systems Manager Parameter Store
Answers
C.
AWS Trusted Advisor
C.
AWS Trusted Advisor
Answers
D.
AWS KMS
D.
AWS KMS
Answers
E.
Amazon GuardDuty
E.
Amazon GuardDuty
Answers
Suggested answer: B, D

Explanation:

https://docs.aws.amazon.com/kms/latest/developerguide/services-parameter-store.html

Question 249

Report
Export
Collapse

A Developer is building a web application that uses Amazon API Gateway to expose an AWS Lambda function to process requests from clients. During testing, the Developer notices that the API Gateway times out even though the Lambda function finishes under the set time limit.

Which of the following API Gateway metrics in Amazon CloudWatch can help the Developer troubleshoot the issue? (Choose two.)

A.
CacheHitCount
A.
CacheHitCount
Answers
B.
IntegrationLatency
B.
IntegrationLatency
Answers
C.
CacheMissCount
C.
CacheMissCount
Answers
D.
Latency
D.
Latency
Answers
E.
Count
E.
Count
Answers
Suggested answer: B, C

Explanation:

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-metrics-anddimensions.html

Question 250

Report
Export
Collapse

A Developer is working on an application that handles 10MB documents that contain highly-sensitive dat a. The application will use AWS KMS to perform client-side encryption. What steps must be followed?

A.
Invoke the Encrypt API passing the plaintext data that must be encrypted, then reference the customer managed key ARN in the KeyId parameter
A.
Invoke the Encrypt API passing the plaintext data that must be encrypted, then reference the customer managed key ARN in the KeyId parameter
Answers
B.
Invoke the GenerateRandom API to get a data encryption key, then use the data encryption key to encrypt the data
B.
Invoke the GenerateRandom API to get a data encryption key, then use the data encryption key to encrypt the data
Answers
C.
Invoke the GenerateDataKey API to retrieve the encrypted version of the data encryption key to encrypt the data
C.
Invoke the GenerateDataKey API to retrieve the encrypted version of the data encryption key to encrypt the data
Answers
D.
Invoke the GenerateDataKey API to retrieve the plaintext version of the data encryption key to encrypt the data
D.
Invoke the GenerateDataKey API to retrieve the plaintext version of the data encryption key to encrypt the data
Answers
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.htmlGenerateDataKey API: Generates a unique data key. This operation returns a plaintext copy of the data key and a copy that is encrypted under a customer master key (CMK) that you specify. You canuse the plaintext key to encrypt your data outside of KMS and store the encrypted data key with the encrypted data.

Total 608 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms