ExamGecko
Search Search Login
Home Home / Amazon / DVA-C01

Amazon DVA-C01 Practice Test - Questions Answers, Page 61

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You are writing to a DynamoDB table and receive the following exception:" ProvisionedThroughputExceededException". though according to your Cloudwatch metrics for the table, you are not exceeding your provisioned throughput. What could be an explanation for this?
You are providing AWS consulting services for a company developing a new mobile application that will be leveraging Amazon SNS Mobile Push for push notifications. In order to send direct notification messages to individual devices each device registration identifier or token needs to be registered with SNS; however the developers are not sure of the best way to do this. You advise them to:
A developer runs an application that uses an Amazon API Gateway REST API. The developer needs to implement a solution to proactively monitor the health of both API responses and latencies in case a deployment causes a service disruption despite passing deployment pipeline tests. The solution also must check for endpoint vulnerability and unauthorized changes to APIs. URLs, and website content. Which solution will meet these requirements?
During non-peak hours, a Developer wants to minimize the execution time of a full Amazon DynamoDB table scan without affecting normal workloads. The workloads average half of the strongly consistent read capacity units during non-peak hours. How would the Developer optimize this scan?
Which of the following are correct statements with policy evaluation logic in AWS Identity and Access Management? Choose 2 answers
A company is migrating a web application from on premises to AWS. The company needs to move session storage from the application code to a shared service as part of the migration. The session storage data must be encrypted at rest. Which AWS services meet these requirements? (Choose two.)
An application stores payroll information nightly in DynamoDB for a large number of employees across hundreds of offices. Item attributes consist of individual name, office identifier, and cumulative daily hours. Managers run reports for ranges of names working in their office. One query is. "Return all Items in this office for names starting with A through E". Which table configuration will result in the lowest impact on provisioned throughput for this query?
A developer has written the following 1AM policy to provide access to an Amazon S3 bucket: Which access does the policy allow regarding the s3:GetObject and s3:PutObject actions'?
Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table. What is the most secure approach for signing requests to the DynamoDB API?
A developer is integrating Amazon ElastiCache in an application. The cache will store data from a database. The cached data must populate real-time dashboards. Which caching strategy will meet these requirements?

Question 601

Report
Export
Collapse

A developer is writing a new serverless application for a company. Several other developers must collaborate on the code for this application, and the company expects frequent changes to the code. The developer needs to deploy the code from source control to AWS Lambda with the fewest number of manual steps. Which strategy for the build and deployment should the developer use to meet these requirements?

A.
Build the code locally, and then upload the code into the source control system. When a release is needed, run AWS CodePipeline to extract the uploaded build and deploy the resources.
A.
Build the code locally, and then upload the code into the source control system. When a release is needed, run AWS CodePipeline to extract the uploaded build and deploy the resources.
Answers
B.
Use the AWS Serverless Application Model (AWS SAM) CLI to build and deploy the application from the developer's local machine with the latest version checked out locally.
B.
Use the AWS Serverless Application Model (AWS SAM) CLI to build and deploy the application from the developer's local machine with the latest version checked out locally.
Answers
C.
Use AWS CodeBuild and AWS CodePipeline to invoke builds and corresponding deployments when configured source controlled branches have pull requests merged into them
C.
Use AWS CodeBuild and AWS CodePipeline to invoke builds and corresponding deployments when configured source controlled branches have pull requests merged into them
Answers
D.
Use the Lambda console to upload a .zip file of the application that is created by the AWS Serverless Application Model (AWS SAM) CLI build command.
D.
Use the Lambda console to upload a .zip file of the application that is created by the AWS Serverless Application Model (AWS SAM) CLI build command.
Answers
Suggested answer: C

Question 602

Report
Export
Collapse

A company is migrating a web application from on premises to AWS. The company needs to move session storage from the application code to a shared service as part of the migration. The session storage data must be encrypted at rest. Which AWS services meet these requirements? (Choose two.)

A.
Amazon ElastiCache for Redis
A.
Amazon ElastiCache for Redis
Answers
B.
Amazon ElastiCache for Memcached
B.
Amazon ElastiCache for Memcached
Answers
C.
Amazon CloudWatch
C.
Amazon CloudWatch
Answers
D.
AWS CloudTrail
D.
AWS CloudTrail
Answers
E.
Amazon DynamoDB
E.
Amazon DynamoDB
Answers
Suggested answer: A, E

Explanation:

https://aws.amazon.com/blogs/security/amazon-elasticache-now-supports-encryption-forelasticache-for-redis/ A) ElastiCache for Redis is always a good option as a distributed cache for session management -

https://aws.amazon.com/getting-started/hands-on/building-fast-session-caching-with-amazonelasticache-for-redis/ It also supports encrypt at rest - https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/atrest-encryption.html

E) DynamoDB is also common to store session state with TTL support. And all user data stored inAmazon DynamoDB is fully encrypted at rest - https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html

Question 603

Report
Export
Collapse

A developer is creating a Java application that will store sensitive data in an Amazon DynamoDB table. The data must be encrypted at all times. How can the developer meet this requirement?

A.
Enable encryption at rest by using an AWS Key Management Service (AWS KMS) AWS owned key for the DynamoDB table.
A.
Enable encryption at rest by using an AWS Key Management Service (AWS KMS) AWS owned key for the DynamoDB table.
Answers
B.
Enable encryption at rest by using an AWS Key Management Service (AWS KMS) customer managed key for the DynamoDB table.
B.
Enable encryption at rest by using an AWS Key Management Service (AWS KMS) customer managed key for the DynamoDB table.
Answers
C.
Implement client-side encryption in the application code by using the DynamoDB Encryption Client.
C.
Implement client-side encryption in the application code by using the DynamoDB Encryption Client.
Answers
D.
Use an HTTPS connection to encrypt data in transit.
D.
Use an HTTPS connection to encrypt data in transit.
Answers
Suggested answer: C

Explanation:

Client-side and server-side encryption:

"DynamoDB Encryption Client" supports client-side encryption, where you encrypt your table data before you send it to DynamoDB. However, DynamoDB provides a server-side encryption at rest feature that transparently encrypts your table when it is persisted to disk and decrypts it when you access the table.

https://docs.aws.amazon.com/dynamodb-encryption-client/latest/devguide/client-server-side.html

Question 604

Report
Export
Collapse

A developer is integrating Amazon ElastiCache in an application. The cache will store data from a database. The cached data must populate real-time dashboards. Which caching strategy will meet these requirements?

A.
A read-through cache
A.
A read-through cache
Answers
B.
A write-behind cache
B.
A write-behind cache
Answers
C.
A lazy-loading cache
C.
A lazy-loading cache
Answers
D.
A write-through cache
D.
A write-through cache
Answers
Suggested answer: D

Explanation:

https://docs.aws.amazon.com/AmazonElastiCache/latest/memug/Strategies.html#Strategies.WriteThrough

Question 605

Report
Export
Collapse

A company that manages movie reviews wants to make its movie review data available to its customers by calling a set of REST web service endpoints. The company will develop the retrieval functionality as AWS Lambda functions and will expose the functionality to customers as an Amazon API Gateway REST API.

The company needs to ensure that no consumer exceeds 100 requests a day to the API during the initial deployment. The company decides to use API Gateway API keys to restrict access. The company creates and issues API keys for each customer.

What should the company do next to meet these requirements with the LEAST administrative effort?

A.
Create a usage plan that applies throttling at 100 requests a day. Associate the usage plan with the API keys of all customers.
A.
Create a usage plan that applies throttling at 100 requests a day. Associate the usage plan with the API keys of all customers.
Answers
B.
Create an Amazon DynamoDB table to track all the requests that use a particular API key. For each request to the API, count the number of records in the DynamoDB table for that day for the API key. If the number of requests is 100 or greater, generate an exception.
B.
Create an Amazon DynamoDB table to track all the requests that use a particular API key. For each request to the API, count the number of records in the DynamoDB table for that day for the API key. If the number of requests is 100 or greater, generate an exception.
Answers
C.
Create a usage plan that applies a quota of 100 requests a day. Associate the usage plan with the API keys of all customers.
C.
Create a usage plan that applies a quota of 100 requests a day. Associate the usage plan with the API keys of all customers.
Answers
D.
Create an Amazon Aurora table to track all the requests that use a particular API key. For each request to the API, count the number of records in the Aurora table for that day for the API key. If the number of requests is 100 or greater, generate an exception.
D.
Create an Amazon Aurora table to track all the requests that use a particular API key. For each request to the API, count the number of records in the Aurora table for that day for the API key. If the number of requests is 100 or greater, generate an exception.
Answers
Suggested answer: C

Explanation:

What is quota in API gateway?

API quotas usually describe a certain amount of calls for longer intervals. For example, your API quota might be 5.000 calls per month. Remember that this could be combined with a rate limit or throttling setup e.g. 20 TPS (Transactions per Second).

What is throttling in AWS API gateway?

AWS throttling limits are applied across all accounts and clients in a region. These limit settings exist to prevent your API—and your account—from being overwhelmed by too many requests. These limits are set by AWS and can't be changed by a customer.

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-usage-planswith-console.html#api-gateway-usage-plan-create Choose Enable quota, and set specify a value (for example, 5000) for a selected time interval (for example, Month).

Question 606

Report
Export
Collapse

A developer is writing a web application that allows users to sign in. The application will run on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances will run in an Auto Scaling group across multiple Availability Zones.

How can the developer ensure that users stay signed in when the Auto Scaling group is scaled down?

A.
Enable sticky sessions on the ALB target group.
A.
Enable sticky sessions on the ALB target group.
Answers
B.
Create an Amazon DynamoDB table. Configure the application to use the DynamoDB table to store session state such as login status.
B.
Create an Amazon DynamoDB table. Configure the application to use the DynamoDB table to store session state such as login status.
Answers
C.
Create an Amazon Elastic Block Store (Amazon EBS) volume. Use EBS Multi-Attach to attach the volume to all instances in the Auto Scaling group. Configure the application to use the volume to store session state such as login status.
C.
Create an Amazon Elastic Block Store (Amazon EBS) volume. Use EBS Multi-Attach to attach the volume to all instances in the Auto Scaling group. Configure the application to use the volume to store session state such as login status.
Answers
D.
Enable deregistration delay on the ALB target group.
D.
Enable deregistration delay on the ALB target group.
Answers
Suggested answer: B

Question 607

Report
Export
Collapse

A company has an application that runs on AWS Elastic Beanstalk in a load-balanced environment.

The company needs to update the instance types in the environment to a more recent generation of instance types. The company must minimize downtime during the deployment of this configuration change. Which deployment options will meet these requirements? (Choose two.)

A.
Disabled
A.
Disabled
Answers
B.
Rolling based on Health
B.
Rolling based on Health
Answers
C.
Immutable
C.
Immutable
Answers
D.
All at once
D.
All at once
Answers
E.
Canary
E.
Canary
Answers
Suggested answer: B, C

Explanation:

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.rollingupdates.html

Question 608

Report
Export
Collapse

A developer uses server-side encryption with Amazon S3 managed encryption keys (SSE-S3) to store data in Amazon S3. The developer needs to decrypt and download the encrypted objects by using the GetObject API call. What is the LEAST amount of information that the developer must provide in the API call to meet this requirement?

A.
The S3 object key only
A.
The S3 object key only
Answers
B.
The S3 object key and the encryption key
B.
The S3 object key and the encryption key
Answers
C.
The S3 object key and the Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) key
C.
The S3 object key and the Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) key
Answers
D.
The S3 object key and a randomly salted Hash-based Message Authentication Code (HMAC) value of the encryption key
D.
The S3 object key and a randomly salted Hash-based Message Authentication Code (HMAC) value of the encryption key
Answers
Suggested answer: A

Explanation:

https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html

Encryption request headers, like x-amz-server-side-encryption, should not be sent for GET requestsif your object uses server-side encryption with KMS keys (SSE-KMS) or server-side encryption with Amazon S3–managed encryption keys (SSE-S3). If your object does use these types of keys, you’ll get an HTTP 400 BadRequest error.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html#API_GetObject_Examples

https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/get-object.htmlSample Request:

The following request returns the object my-image.jpg.

GET /my-image.jpg HTTP/1.1

Host: bucket.s3.<Region>.amazonaws.com

Date: Mon, 3 Oct 2016 22:32:00 GMT

Authorization: authorization string


Total 608 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms