Cloud Practice

#81 (Accuracy: 100% / 3 votes)

A developer wants to use AWS CodeDeploy to deploy an AWS Lambda function.

What are the MINIMUM properties required in the 'resources' section of the AppSpec file for CodeDeploy to deploy the function successfully?

A. name, alias, currentversion, and targetversion
B. TaskDefinition, ContainerName, and PlatformVersion
C. TaskDefinition, ContainerName, and ContainerPort
D. name, currentversion, NetworkConfiguration, and PlatformVersion

#82 (Accuracy: 100% / 3 votes)

A developer is working on a serverless project. Initial testing shows that a cold start takes about 8 seconds on average for AWS Lambda functions.

Which actions should the developer take to reduce the cold start time? (Choose two.)

A. Add a dependency injection framework to the project.
B. Reduce the deployment package by including only the needed modules.
C. Configure provisioned concurrency for the Lambda functions.
D. Increase the timeout setting for the Lambda functions.
E. Change the Lambda invocation mode from synchronous to asynchronous.

#83 (Accuracy: 100% / 3 votes)

A company is running a web application that is using Amazon Cognito for authentication. The company does not want to use multi-factor authentication (MFA) for all the visitors every time, but the company's security team has concerns about compromised credentials. The development team needs to configure mandatory
MFA only when suspicious sign-in attempts are detected.
Which Amazon Cognito feature will meet these requirements?

A. Short message service (SMS) text message MFA
B. Advanced security metrics
C. Time-based one-time password (TOTP) software token MFA
D. Adaptive authentication

#84 (Accuracy: 100% / 3 votes)

An ecommerce company is launching a new application that will be publicly accessible. The company deployed the application on Amazon EC2 instances behind an Application Load Balancer (ALB) in the us-east-1 Region. The EC2 instances are in an Auto Scaling group.

A developer needs to make the application secure by using TLS/SSL certificates provisioned by AWS. The developer also needs to configure the existing domain www.example.com in Amazon Route 53.

Which combination of steps should the developer take to meet these requirements? (Choose two.)

A. Configure an A record in Route 53 with the ALB as the target. Request the www.example.com TLS/SSL certificate in IAM server certificates.
B. Configure an A record in Route 53 with the ALB as the target. Request the www.example.com TLS/SSL certificate in AWS Certificate Manager (ACM).
C. Add the www.example.com certificate to the HTTP listener. Add a rule with www.example.com as the host. Forward the traffic to a target group that contains the Auto Scaling group.
D. Configure an A record in Route 53 with the ALB as the target. Request the www.example.com TLS/SSL certificate in Route 53.
E. Create an HTTPS listener in the ALB. Add the www.example.com certificate to the listener. Add a rule with www.example.com as the host. Forward the traffic to a target group that contains the Auto Scaling group.

#85 (Accuracy: 100% / 2 votes)

A company has a web application that contains an Amazon API Gateway REST API. A developer has created an AWS CloudFormation template for the initial deployment of the application. The developer has deployed the application successfully as part of an AWS CodePipeline continuous integration and continuous delivery (CI/CD) process. All resources and methods are available through the deployed stage endpoint.

The CloudFormation template contains the following resource types:

• AWS::ApiGateway::RestApi
• AWS::ApiGateway::Resource
• AWS::ApiGateway::Method
• AWS::ApiGateway::Stage
• AWS::ApiGateway::Deployment

The developer adds a new resource to the REST API with additional methods and redeploys the template. CloudFormation reports that the deployment is successful and that the stack is in the UPDATE_COMPLETE state. However, calls to all new methods are returning 404 (Not Found) errors.

What should the developer do to make the new methods available?

A. Specify the disable-rollback option during the update-stack operation.
B. Unset the CloudFormation stack failure options.
C. Add an AWS CodeBuild stage to CodePipeline to run the aws apigateway create-deployment AWS CLI command.
D. Add an action to CodePipeline to run the aws cloudfront create-invalidation AWS CLI command.

#86 (Accuracy: 100% / 3 votes)

A company wants to migrate applications from its on-premises servers to AWS. As a first step, the company is modifying and migrating a non-critical application to a single Amazon EC2 instance. The application will store information in an Amazon S3 bucket. The company needs to follow security best practices when deploying the application on AWS.

Which approach should the company take to allow the application to interact with Amazon S3?

A. Create an IAM role that has administrative access to AWS. Attach the role to the EC2 instance.
B. Create an IAM user. Attach the AdministratorAccess policy. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.
C. Create an IAM role that has the necessary access to Amazon S3. Attach the role to the EC2 instance.
D. Create an IAM user. Attach a policy that provides the necessary access to Amazon S3. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.

#87 (Accuracy: 100% / 5 votes)

A developer runs an application that uses an Amazon API Gateway REST API. The developer needs to implement a solution to proactively monitor the health of both API responses and latencies in case a deployment causes a service disruption despite passing deployment pipeline tests. The solution also must check for endpoint vulnerability and unauthorized changes to APIs, URLs, and website content.

Which solution will meet these requirements?

A. Use the Amazon CloudWatch Synthetics canary functionality to call the API and check the responses and duration of the request.
B. Use a custom health check in the API that queries hosts to check the duration of the request.
C. Implement a custom AWS Lambda function with an Amazon EventBridge event to periodically call the API and check the responses and duration of the request.
D. Use the built-in API Gateway metrics to monitor the average duration of the API response.

#88 (Accuracy: 100% / 2 votes)

A developer creates an AWS Lambda function that publishes a message to an Amazon Simple Queue Service (Amazon SQS) queue. The developer needs to ensure that the message is not processed for 60 seconds after delivery to the destination queue.

Which solution will meet these requirements?

A. Increase the SQS queue’s delivery delay value to 60 seconds.
B. Increase the SQS queue’s visibility timeout value to 60 seconds.
C. Increase the Lambda function’s timeout value to 60 seconds.
D. Increase the Lambda function’s memory.

#89 (Accuracy: 100% / 3 votes)

A developer is building a web application that uses Amazon API Gateway to expose an AWS Lambda function to process requests from clients. During testing, the developer notices that the API Gateway times out even though the Lambda function finishes under the set time limit.

Which of the following API Gateway metrics in Amazon CloudWatch can help the developer troubleshoot the issue? (Choose two.)

A. CacheHitCount
B. IntegrationLatency
C. CacheMissCount
D. Latency
E. Count

#90 (Accuracy: 100% / 2 votes)

A company is using Amazon Cognito user pools for sign-up and login functionality for a web application. The company is using Amazon RDS for the application’s data persistence and is using Amazon API Gateway and AWS Lambda for the application’s API functionality. Users must provide their first name, last name, email address, and phone number to sign up. All API endpoints have a Cognito user pool authorizer to guard against unauthenticated requests.

A developer wants to show a personalized welcome screen to users after they log in. The welcome screen needs to show the user’s first name and the user’s previous login date. According to company policy, developers who work on the web application cannot store any personally identifiable information in RDS instances.

Which solution should the developer implement to meet these requirements?

A. After successful login, submit a Cognito request for user tokens. When redirecting to the welcome screen, provide the identity token in the Authorization header of the request. Extract the user name from the given_name claim and the user’s universally unique identifier (UUID) from the sub claim inside the identity token. Use the UUID as the key to store and retrieve the previous login information from the database.
B. After successful login, submit a Cognito request for user tokens. When redirecting to the welcome screen, provide the access token in the Authorization header of the request. Extract the user name from the given_name claim and the user’s universally unique identifier (UUID) from the sub claim inside the access token. Use the UUID as the key to store and retrieve the previous login information from the database.
C. After successful login, submit a Cognito request for user tokens. When redirecting to the welcome screen, provide the identity token in the Authorization header of the request. Extract the user name from the given_name claim and the user’s universally unique identifier (UUID) from the iss claim inside the identity token. Use the UUID as the key to store and retrieve the previous login information from the database.
D. After successful login, submit a Cognito request for user tokens. When redirecting to the welcome screen, provide the access token in the Authorization header of the request. Extract the user name from the given_name claim and the user’s universally unique identifier (UUID) from the iss claim inside the access token. Use the UUID as the key to store and retrieve the previous login information from the database.

There are 237 results