Amazon DVA-C02 Practice Test - Questions Answers, Page 15
List of questions
Question 141
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer is migrating an application to Amazon Elastic Kubernetes Service (Amazon EKS). The developer migrates the application to Amazon Elastic Container Registry (Amazon ECR) with an EKS cluster.
As part of the application migration to a new backend, the developer creates a new AWS account. The developer makes configuration changes to the application to point the application to the new AWS account and to use new backend resources. The developer successfully tests the changes within the application by deploying the pipeline.
The Docker image build and the pipeline deployment are successful, but the application is still connecting to the old backend. The developer finds that the application's configuration is still referencing the original EKS cluster and not referencing the new backend resources.
Which reason can explain why the application is not connecting to the new resources?
Explanation:
The correct answer is C) The developer did not update the Docker image tag to a new version.
C) The developer did not update the Docker image tag to a new version. This is correct. When deploying an application to Amazon EKS, the developer needs to specify the Docker image tag that contains the application code and configuration. If the developer does not update the Docker image tag to a new version after making changes to the application, the EKS cluster will continue to use the old Docker image tag that references the original backend resources. To fix this issue, the developer should update the Docker image tag to a new version and redeploy the application to the EKS cluster.
A) The developer did not successfully create the new AWS account. This is incorrect. The creation of a new AWS account is not related to the application's connection to the backend resources. The developer can use any AWS account to host the EKS cluster and the backend resources, as long as they have the proper permissions and configurations.
B) The developer added a new tag to the Docker image. This is incorrect. Adding a new tag to the Docker image is not enough to deploy the changes to the application. The developer also needs to update the Docker image tag in the EKS cluster configuration, so that the EKS cluster can pull and run the new Docker image.
D) The developer pushed the changes to a new Docker image tag. This is incorrect. Pushing the changes to a new Docker image tag is not enough to deploy the changes to the application. The developer also needs to update the Docker image tag in the EKS cluster configuration, so that the EKS cluster can pull and run the new Docker image.
1: Amazon EKS User Guide, ''Deploying applications to your Amazon EKS cluster'', https://docs.aws.amazon.com/eks/latest/userguide/deploying-applications.html
2: Amazon ECR User Guide, ''Pushing an image'', https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-push-ecr-image.html
3: Amazon EKS User Guide, ''Updating an Amazon EKS cluster'', https://docs.aws.amazon.com/eks/latest/userguide/update-cluster.html
Question 142
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer wants to deploy a new version of an AWS Elastic Beanstalk application. During deployment, the application must maintain full capacity and avoid service interruption. Additionally, the developer must minimize the cost of additional resources that support the deployment.
Which deployment method should the developer use to meet these requirements?
Explanation:
The immutable deployment method is the best option for this scenario, because it meets the requirements of maintaining full capacity, avoiding service interruption, and minimizing the cost of additional resources.
The immutable deployment method creates a new set of instances in a separate Auto Scaling group and deploys the new version of the application to them. Then, it swaps the new instances with the old ones and terminates the old instances. This way, the application maintains full capacity during the deployment and avoids any downtime. The cost of additional resources is also minimized, because the new instances are only created for a short time and then replaced by the old ones.
The other deployment methods do not meet all the requirements:
The all at once method deploys the new version to all instances simultaneously, which causes a short period of downtime and reduced capacity.
The rolling with additional batch method deploys the new version in batches, but for the first batch it creates new instances instead of using the existing ones. This increases the cost of additional resources and reduces the capacity of the original environment.
The blue/green method creates a new environment with a new set of instances and deploys the new version to them. Then, it swaps the URLs between the old and new environments. This method maintains full capacity and avoids service interruption, but it also increases the cost of additional resources significantly, because it duplicates the entire environment.
Question 143
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer is building a serverless application by using AWS Serverless Application Model (AWS SAM) on multiple AWS Lambda functions.
When the application is deployed, the developer wants to shift 10% of the traffic to the new deployment of the application for the first 10 minutes after deployment. If there are no issues, all traffic must switch over to the new version.
Which change to the AWS SAM template will meet these requirements?
Explanation:
The AWS Serverless Application Model (AWS SAM) comes built-in with CodeDeploy to provide gradual AWS Lambda deployments1. TheDeploymentPreferenceproperty in AWS SAM allows you to specify the type of deployment that you want. TheCanary10Percent10Minutesoption means that 10 percent of your customer traffic is immediately shifted to your new version.After 10 minutes, all traffic is shifted to the new version1.TheAutoPublishAliasproperty in AWS SAM allows AWS SAM to automatically create an alias that points to the updated version of the Lambda function1. Therefore, option A is correct.
Question 144
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company developed an API application on AWS by using Amazon CloudFront, Amazon API Gateway, and AWS Lambd a. The API has a minimum of four requests every second. A developer notices that many API users run the same query by using the POST method. The developer wants to cache the POST request to optimize the API resources.
Which solution will meet these requirements?
Explanation:
Amazon API Gateway provides tools for creating and documenting web APIs that route HTTP requests to Lambda functions2. You can secure access to your API with authentication and authorization controls.Your APIs can serve traffic over the internet or can be accessible only within your VPC2.You can override the cache method in the selected stage of API Gateway2. Therefore, option B is correct.
Question 145
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company is building a compute-intensive application that will run on a fleet of Amazon EC2 instances. The application uses attached Amazon Elastic Block Store (Amazon EBS) volumes for storing data. The Amazon EBS volumes will be created at time of initial deployment. The application will process sensitive information. All of the data must be encrypted. The solution should not impact the application's performance.
Which solution will meet these requirements?
Explanation:
Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes for use with Amazon EC2 instances1.Amazon EBS encryption offers a straight-forward encryption solution for your EBS resources associated with your EC2 instances1.When you create an encrypted EBS volume and attach it to a supported instance type, the following types of data are encrypted: Data at rest inside the volume, all data moving between the volume and the instance, all snapshots created from the volume, and all volumes created from those snapshots1. Therefore, option A is correct.
Question 146
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer is creating a new REST API by using Amazon API Gateway and AWS Lambd
a. The development team tests the API and validates responses for the known use cases before deploying the API to the production environment.
The developer wants to make the REST API available for testing by using API Gateway locally.
Which AWS Serverless Application Model Command Line Interface (AWS SAM CLI) subcommand will meet these requirements?
Explanation:
The AWS Serverless Application Model Command Line Interface (AWS SAM CLI) is a command-line tool for local development and testing of Serverless applications2.Thesam local start-apisubcommand of AWS SAM CLI is used to simulate a REST API by starting a new local endpoint3. Therefore, option D is correct.
Question 147
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer is creating an AWS Lambda function that consumes messages from an Amazon Simple Queue Service (Amazon SQS) standard queue. The developer notices that the Lambda function processes some messages multiple times.
How should developer resolve this issue MOST cost-effectively?
Explanation:
Amazon Simple Queue Service (Amazon SQS) is a fully managed queue service that allows you to de-couple and scale for applications1.Amazon SQS offers two types of queues: Standard and FIFO (First In First Out) queues1.The FIFO queue uses themessageDeduplicationIdproperty to treat messages with the same value as duplicate2. Therefore, changing the Amazon SQS standard queue to an Amazon SQS FIFO queue using the Amazon SQS message deduplication ID can help resolve the issue of the Lambda function processing some messages multiple times. Therefore, option A is correct.
Question 148
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer has observed an increase in bugs in the AWS Lambda functions that a development team has deployed in its Node.js application.
To minimize these bugs, the developer wants to implement automated testing of Lambda functions in an environment that closely simulates the Lambda environment.
The developer needs to give other developers the ability to run the tests locally. The developer also needs to integrate the tests into the team's continuous integration and continuous delivery (CI/CD) pipeline before the AWS Cloud Development Kit (AWS CDK) deployment.
Which solution will meet these requirements?
Explanation:
The AWS Serverless Application Model Command Line Interface (AWS SAM CLI) is a command-line tool for local development and testing of Serverless applications3.Thesam local generate-eventcommand of AWS SAM CLI generates sample events for automated tests3.Thesam local invokecommand is used to invoke Lambda functions3. Therefore, option C is correct.
Question 149
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer wants to add request validation to a production environment Amazon API Gateway API. The developer needs to test the changes before the API is deployed to the production environment. For the test, the developer will send test requests to the API through a testing tool.
Which solution will meet these requirements with the LEAST operational overhead?
Explanation:
Amazon API Gateway allows you to create, deploy, and manage a RESTful API to expose backend HTTP endpoints, AWS Lambda functions, or other AWS services1.You can use API Gateway to perform basic validation of an API request before proceeding with the integration request1.When the validation fails, API Gateway immediately fails the request, returns a 400 error response to the caller, and publishes the validation results in CloudWatch Logs1.
To test changes before deploying to a production environment, you can modify the existing API to add request validation and deploy the updated API to a new API Gateway stage1. This allows you to perform tests without affecting the production environment.Once testing is complete and successful, you can then deploy the updated API to the API Gateway production stage1.
This approach has the least operational overhead as it avoids unnecessary creation of new APIs or exporting and importing of APIs.It leverages the existing infrastructure and only requires changes in the configuration of the existing API1.
Question 150
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A developer creates a static website for their department The developer deploys the static assets for the website to an Amazon S3 bucket and serves the assets with Amazon CloudFront The developer uses origin access control (OAC) on the CloudFront distribution to access the S3 bucket
The developer notices users can access the root URL and specific pages but cannot access directories without specifying a file name. For example, /products/index.html works, but /products returns an error The developer needs to enable accessing directories without specifying a file name without exposing the S3 bucket publicly.
Which solution will meet these requirements'?
Explanation:
Problem: Directory access without file names fails.
S3 Static Website Hosting:
Configuring S3 as a static website enables automatic serving ofindex.htmlfor directory requests.
Bucket policies ensure correct access permissions.
Updating the CloudFront origin simplifies routing.
Avoiding Public Exposure: The S3 website endpoint allows CloudFront to access content without making the bucket public.
S3 Static Website Hosting:https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html
Question