Amazon AWS Certified Developer - Associate DVA-C02
Prev

There are 313 results

Next
#151 (Accuracy: 100% / 1 votes)
A developer is creating a new batch application that will run on an Amazon EC2 instance. The application requires read access to an Amazon S3 bucket. The developer needs to follow security best practices to grant S3 read access to the application.

Which solution meets these requirements?
  • A. Add the permissions to an IAM policy. Attach the policy to a role. Attach the role to the EC2 instance profile.
  • B. Add the permissions inline to an IAM group. Attach the group to the EC2 instance profile.
  • C. Add the permissions to an IAM policy. Attach the policy to a user. Attach the user to the EC2 instance profile.
  • D. Add the permissions to an IAM policy. Use IAM web identity federation to access the S3 bucket with the policy.
#152 (Accuracy: 100% / 1 votes)
A developer updates an AWS Lambda function that an Amazon API Gateway API uses. The API is the backend for a web application.

The developer needs to test the updated Lambda function before deploying the Lambda function to production. The testing must not affect any production users of the web application.

Which solution will meet these requirements in the MOST operationally efficient way?
  • A. Create a canary release deployment for the existing API stage. Deploy the API to the existing stage. Test the updated Lambda function by using the existing URL.
  • B. Update the API Gateway API endpoint type to private. Deploy the changes to the existing API stage. Test the API by using the existing URL.
  • C. Create a new test API stage in API Gateway. Add stage variables to deploy the updated Lambda function to only the test stage. Test the updated Lambda function by using the new stage URL.
  • D. Create a new AWS CloudFormation stack to deploy a copy of the entire production API and Lambda function. Use the stack's API URL to test the updated Lambda function.
#153 (Accuracy: 100% / 1 votes)
A company is developing an application that will be accessed through the Amazon API Gateway REST API. Registered users should be the only ones who can access certain resources of this API. The token being used should expire automatically and needs to be refreshed periodically.

How can a developer meet these requirements?
  • A. Create an Amazon Cognito identity pool, configure the Amazon Cognito Authorizer in API Gateway, and use the temporary credentials generated by the identity pool.
  • B. Create and maintain a database record for each user with a corresponding token and use an AWS Lambda authorizer in API Gateway.
  • C. Create an Amazon Cognito user pool, configure the Cognito Authorizer in API Gateway, and use the identity or access token.
  • D. Create an IAM user for each API user, attach an invoke permissions policy to the API, and use an IAM authorizer in API Gateway.
#154 (Accuracy: 100% / 1 votes)
A developer creates an AWS Lambda function that is written in Java. During testing, the Lambda function does not work how the developer expected. The developer wants to use tracing capabilities to troubleshoot the problem.

Which AWS service should the developer use to accomplish this goal?
  • A. AWS Trusted Advisor
  • B. Amazon CloudWatch
  • C. AWS X-Ray
  • D. AWS CloudTrail
#155 (Accuracy: 100% / 1 votes)
A company runs an ecommerce application on AWS. The application stores data in an Amazon Aurora database.

A developer is adding a caching layer to the application. The caching strategy must ensure that the application always uses the most recent value for each data item.

Which caching strategy will meet these requirements?
  • A. Implement a TTL strategy for every item that is saved in the cache.
  • B. Implement a write-through strategy for every item that is created and updated.
  • C. Implement a lazy loading strategy for every item that is loaded.
  • D. Implement a read-through strategy for every item that is loaded.
#156 (Accuracy: 100% / 1 votes)
A company is working on a new serverless application. A developer needs to find an automated way to deploy AWS Lambda functions and the dependent infrastructure with minimum coding effort. The application also needs to be reliable.

Which method will meet these requirements with the LEAST operational overhead?
  • A. Build the application by using shell scripts to create .zip files for each Lambda function. Manually upload the .zip files to the AWS Management Console.
  • B. Build the application by using the AWS Serverless Application Model (AWS SAM). Use a continuous integration and continuous delivery (CI/CD) pipeline and the SAM CLI to deploy the Lambda functions.
  • C. Build the application by using shell scripts to create .zip files for each Lambda function. Upload the .zip files. Deploy the .zip files as Lambda functions by using the AWS CLI in a continuous integration and continuous delivery (CI/CD) pipeline.
  • D. Build a container for each Lambda function. Store the container images in AWS CodeArtifact. Deploy the containers as Lambda functions by using the AWS CLI in a continuous integration and continuous delivery (CI/CD) pipeline.
#157 (Accuracy: 100% / 1 votes)
A developer is creating a web application for a school that stores data in Amazon DynamoDB. The ExamScores table has the following attributes: student_id, subject_name, and top_score.

Each item in the ExamScores table is identified with student_id as the partition key and subject_name as the sort key. The web application needs to display the student _id for the top scores for each school subject. The developer needs to increase the speed of the queries to retrieve the student_id for the top scorer for each school subject.

Which solution will meet these requirements?
  • A. Create a local secondary index (LSI) with subject_name as the partition key and top_score as the sort key.
  • B. Create a local secondary index (LSI) with top_score as the partition key and student_id as the sort key.
  • C. Create a global secondary index (GSI) with subject_name as the partition key and top_score as the sort key.
  • D. Create a global secondary index (GSI) with subject_name as the partition key and student_id as the sort key.
#158 (Accuracy: 100% / 4 votes)
A company hosts a client-side web application for one of its subsidiaries on Amazon S3. The web application can be accessed through Amazon CloudFront from https://www.example.com. After a successful rollout, the company wants to host three more client-side web applications for its remaining subsidiaries on three separate S3 buckets.
To achieve this goal, a developer moves all the common JavaScript files and web fonts to a central S3 bucket that serves the web applications. However, during testing, the developer notices that the browser blocks the JavaScript files and web fonts.
What should the developer do to prevent the browser from blocking the JavaScript files and web fonts?
  • A. Create four access points that allow access to the central S3 bucket. Assign an access point to each web application bucket.
  • B. Create a bucket policy that allows access to the central S3 bucket. Attach the bucket policy to the central S3 bucket
  • C. Create a cross-origin resource sharing (CORS) configuration that allows access to the central S3 bucket. Add the CORS configuration to the central S3 bucket.
  • D. Create a Content-MD5 header that provides a message integrity check for the central S3 bucket. Insert the Content-MD5 header for each web application request.
#159 (Accuracy: 94% / 16 votes)
A company is migrating an on-premises database to Amazon RDS for MySQL. The company has read-heavy workloads. The company wants to refactor the code to achieve optimum read performance for queries.
Which solution will meet this requirement with LEAST current and future effort?
  • A. Use a multi-AZ Amazon RDS deployment. Increase the number of connections that the code makes to the database or increase the connection pool size if a connection pool is in use.
  • B. Use a multi-AZ Amazon RDS deployment. Modify the code so that queries access the secondary RDS instance.
  • C. Deploy Amazon RDS with one or more read replicas. Modify the application code so that queries use the URL for the read replicas.
  • D. Use open source replication software to create a copy of the MySQL database on an Amazon EC2 instance. Modify the application code so that queries use the IP address of the EC2 instance.
#160 (Accuracy: 100% / 1 votes)
An IAM role is attached to an Amazon EC2 instance that explicitly denies access to all Amazon S3 API actions. The EC2 instance credentials file specifies the IAM access key and secret access key, which allow full administrative access.

Given that multiple modes of IAM access are present for this EC2 instance, which of the following is correct?
  • A. The EC2 instance will only be able to list the S3 buckets.
  • B. The EC2 instance will only be able to list the contents of one S3 bucket at a time.
  • C. The EC2 instance will be able to perform all actions on any S3 bucket.
  • D. The EC2 instance will not be able to perform any S3 action on any S3 bucket.