ExamGecko
Search Search Login
Home Home / Amazon / DVA-C02
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A developer is building an application that gives users the ability to view bank account from multiple sources in a single dashboard. The developer has automated the process to retrieve API credentials for these sources. The process invokes an AWS Lambda function that is associated with an AWS CloudFormation cotton resource. The developer wants a solution that will store the API credentials with minimal operational overhead. When solution will meet these requirements?
A developer needs to store configuration variables for an application. The developer needs to set an expiration date and time for me configuration. The developer wants to receive notifications. Before the configuration expires. Which solution will meet these requirements with the LEAST operational overhead?
A company needs to distribute firmware updates to its customers around the world. Which service will allow easy and secure control of the access to the downloads at the lowest cost?
An application that is deployed to Amazon EC2 is using Amazon DynamoDB. The app cation calls the DynamoDB REST API Periodically the application receives a ProvisionedThroughputExceededException error when the application writes to a DynamoDB table. Which solutions will mitigate this error MOST cost-effectively^ (Select TWO)
A company uses an AWS Lambda function to transfer files from an Amazon S3 bucket to the company's SFTP server. The Lambda function connects to the SFTP server by using credentials such as username and password. The company uses Lambda environment variables to store these credentials. A developer needs to implement encrypted username and password credentials. Which solution will meet these requirements?
A developer deployed an application to an Amazon EC2 instance The application needs to know the public IPv4 address of the instance How can the application find this information?
A developer is working on a Python application that runs on Amazon EC2 instances. The developer wants to enable tracing of application requests to debug performance issues in the code. Which combination of actions should the developer take to achieve this goal? (Select TWO)
A developer is building a new application on AWS. The application uses an AWS Lambda function that retrieves information from an Amazon DynamoDB table. The developer hard coded the DynamoDB table name into the Lambda function code. The table name might change over time. The developer does not want to modify the Lambda code if the table name changes. Which solution will meet these requirements MOST efficiently?
A developer is creating a stock trading application. The developer needs a solution to send text messages to application users to confirmation when a trade has been completed. The solution must deliver messages in the order a user makes stock trades. The solution must not send duplicate messages. Which solution will meet these requirements?
A company has a serverless application that uses Amazon API Gateway backed by AWS Lambda proxy integration. The company is developing several backend APIs. The company needs a landing page to provide an overview of navigation to the APIs. A developer creates a new /LandingPage resource and a new GET method that uses mock integration. What should the developer do next to meet these requirements?

Question 159 - DVA-C02 discussion

Report
Export

A company has an application that is hosted on Amazon EC2 instances The application stores objects in an Amazon S3 bucket and allows users to download objects from the S3 bucket A developer turns on S3 Block Public Access for the S3 bucket After this change, users report errors when they attempt to download objects The developer needs to implement a solution so that only users who are signed in to the application can access objects in the S3 bucket.

Which combination of steps will meet these requirements in the MOST secure way? (Select TWO.)

A.
Create an EC2 instance profile and role with an appropriate policy Associate the role with the EC2 instances
Answers
A.
Create an EC2 instance profile and role with an appropriate policy Associate the role with the EC2 instances
B.
Create an 1AM user with an appropriate policy. Store the access key ID and secret access key on the EC2 instances
Answers
B.
Create an 1AM user with an appropriate policy. Store the access key ID and secret access key on the EC2 instances
C.
Modify the application to use the S3 GeneratePresignedUrl API call
Answers
C.
Modify the application to use the S3 GeneratePresignedUrl API call
D.
Modify the application to use the S3 GetObject API call and to return the object handle to the user
Answers
D.
Modify the application to use the S3 GetObject API call and to return the object handle to the user
E.
Modify the application to delegate requests to the S3 bucket.
Answers
E.
Modify the application to delegate requests to the S3 bucket.
Suggested answer: A, C

Explanation:

IAM Roles for EC2 (A):The most secure way to provide AWS permissions from EC2.

Create a role with a policy allowings3:GetObjecton the specific bucket.

Attach the role to an instance profile and associate that profile with your instances.

Pre-signed URLs (C):Temporary, authenticated URLs for specific S3 actions.

Modify the app to use the AWS SDK to callGeneratePresignedUrl.

Embed these URLs when a user is properly logged in, allowing download access.

IAM Roles for EC2:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html

Generating Presigned URLs:https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.htm

Show Answer
asked 16/09/2024
Brian Lester
33 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms