Amazon AWS Certified Developer - Associate DVA-C02
Prev

There are 313 results

Next
#161 (Accuracy: 100% / 2 votes)
A company is using AWS CloudFormation templates to deploy AWS resources. The company needs to update one of its AWS CloudFormation stacks.

What can the company do to find out how the changes will impact the resources that are running?
  • A. Investigate the change sets.
  • B. Investigate the stack policies.
  • C. Investigate the Metadata section.
  • D. Investigate the Resources section.
#162 (Accuracy: 100% / 1 votes)
A company uses AWS CloudFormation templates to manage infrastructure for a public-facing application in its development, pre-production, and production environments. The company needs to scale for increasing customer demand. A developer must upgrade the Amazon RDS DB instance type to a larger instance.

The developer deploys an update to the CloudFormation stack with the instance size change in the pre-production environment.
The developer notices that the stack is in an UPDATE_ROLLBACK_FAILED slate in CloudFormation.

Which option is the cause of this issue?
  • A. The new instance type specified in the CloudFormation template is invalid
  • B. The database was deleted or modified manually outside of the CloudFormation stack
  • C. There is a syntax error in the CloudFormation template
  • D. The developer has insufficient IAM permissions to provision an instance of the specified type
#163 (Accuracy: 100% / 3 votes)
A developer is storing many objects in a single Amazon S3 bucket. The developer needs to optimize the S3 bucket for high request rates.

How should the developer store the objects to meet this requirement?
  • A. Store the objects by using S3 Intelligent-Tiering.
  • B. Store the objects at the root of the S3 bucket.
  • C. Store the objects by using object key names distributed across multiple prefixes.
  • D. Store each object with an object tag named "prefix" that contains a unique value.
#164 (Accuracy: 100% / 3 votes)
A developer is writing an application to analyze the traffic to a fleet of Amazon EC2 instances. The EC2 instances run behind a public Application Load Balancer (ALB). An HTTP server runs on each of the EC2 instances, logging all requests to a log file.

The developer wants to capture the client public IP addresses.
The developer analyzes the log files and notices only the IP address of the ALB.

What must the developer do to capture the client public IP addresses in the log file?
  • A. Add a Host header to the HTTP server log configuration file.
  • B. Install the Amazon CloudWatch Logs agent on each EC2 instance. Configure the agent to write to the log file.
  • C. Install the AWS X-Ray daemon on each EC2 instance. Configure the daemon to write to the log file.
  • D. Add an X-Forwarded-For header to the HTTP server log configuration file.
#165 (Accuracy: 100% / 3 votes)
A developer uses AWS IAM Identity Center (AWS Single Sign-On) to interact with the AWS CLI and AWS SDKs on a local workstation. API calls to AWS services were working when the SSO access was first configured. However, the developer is now receiving Access Denied errors. The developer has not changed any configuration files or scripts that were previously working on the workstation.

What is the MOST likely cause of the developer's access issue?
  • A. The access permissions to the developer's AWS CLI binary file have changed.
  • B. The permission set that is assumed by IAM Identity Center does not have the necessary permissions to complete the API call.
  • C. The credentials from the IAM Identity Center federated role have expired.
  • D. The developer is attempting to make API calls to the incorrect AWS account.
#166 (Accuracy: 100% / 4 votes)
A developer is investigating an issue in part of a company's application. In the application, messages are sent to an Amazon Simple Queue Service (Amazon SQS) queue. The AWS Lambda function polls messages from the SQS queue and sends email messages by using Amazon Simple Email Service (Amazon SES). Users have been receiving duplicate email messages during periods of high traffic.

Which reasons could explain the duplicate email messages? (Choose two.)
  • A. Standard SQS queues support at-least-once message delivery.
  • B. Standard SQS queues support exactly-once processing, so the duplicate email messages are because of user error.
  • C. Amazon SES has the DomainKeys Identified Mail (DKIM) authentication incorrectly configured.
  • D. The SQS queue's visibility timeout is lower than or the same as the Lambda function's timeout.
  • E. The Amazon SES bounce rate metric is too high.
#167 (Accuracy: 100% / 2 votes)
A company wants to migrate applications from its on-premises servers to AWS. As a first step, the company is modifying and migrating a non-critical application to a single Amazon EC2 instance. The application will store information in an Amazon S3 bucket. The company needs to follow security best practices when deploying the application on AWS.

Which approach should the company take to allow the application to interact with Amazon S3?
  • A. Create an IAM role that has administrative access to AWS. Attach the role to the EC2 instance.
  • B. Create an IAM user. Attach the AdministratorAccess policy. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.
  • C. Create an IAM role that has the necessary access to Amazon S3. Attach the role to the EC2 instance.
  • D. Create an IAM user. Attach a policy that provides the necessary access to Amazon S3. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.
#168 (Accuracy: 100% / 4 votes)
A company has a web application that is hosted on Amazon EC2 instances. The EC2 instances are configured to stream logs to Amazon CloudWatch Logs. The company needs to receive an Amazon Simple Notification Service (Amazon SNS) notification when the number of application error messages exceeds a defined threshold within a 5-minute period.

Which solution will meet these requirements?
  • A. Rewrite the application code to stream application logs to Amazon SNS. Configure an SNS topic to send a notification when the number of errors exceeds the defined threshold within a 5-minute period.
  • B. Configure a subscription filter on the CloudWatch Logs log group. Configure the filter to send an SNS notification when the number of errors exceeds the defined threshold within a 5-minute period.
  • C. Install and configure the Amazon Inspector agent on the EC2 instances to monitor for errors. Configure Amazon Inspector to send an SNS notification when the number of errors exceeds the defined threshold within a 5-minute period.
  • D. Create a CloudWatch metric filter to match the application error pattern in the log data. Set up a CloudWatch alarm based on the new custom metric. Configure the alarm to send an SNS notification when the number of errors exceeds the defined threshold within a 5-minute period.
#169 (Accuracy: 100% / 4 votes)
A company has migrated an application to Amazon EC2 instances. Automatic scaling is working well for the application user interface. However, the process to deliver shipping requests to the company’s warehouse staff is encountering issues. Duplicate shipping requests are arriving, and some requests are lost or arrive out of order.

The company must avoid duplicate shipping requests and must process the requests in the order that the requests arrive.
Requests are never more than 250 KB in size and take 5-10 minutes to process. A developer needs to rearchitect the application to improve the reliability of the delivery and processing of the requests.

What should the developer do to meet these requirements?
  • A. Create an Amazon Kinesis Data Firehose delivery stream to process the requests. Create an Amazon Kinesis data stream. Modify the application to write the requests to the Kinesis data stream.
  • B. Create an AWS Lambda function to process the requests. Create an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the Lambda function to the SNS topic. Modify the application to write the requests to the SNS topic.
  • C. Create an AWS Lambda function to process the requests. Create an Amazon Simple Queue Service (Amazon SQS) standard queue. Set the SQS queue as an event source for the Lambda function. Modify the application to write the requests to the SQS queue.
  • D. Create an AWS Lambda function to process the requests. Create an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Set the SQS queue as an event source for the Lambda function. Modify the application to write the requests to the SQS queue.
#170 (Accuracy: 100% / 3 votes)
A company is hosting a workshop for external users and wants to share the reference documents with the external users for 7 days. The company stores the reference documents in an Amazon S3 bucket that the company owns.

What is the MOST secure way to share the documents with the external users?
  • A. Use S3 presigned URLs to share the documents with the external users. Set an expiration time of 7 days.
  • B. Move the documents to an Amazon WorkDocs folder. Share the links of the WorkDocs folder with the external users.
  • C. Create temporary IAM users that have read-only access to the S3 bucket. Share the access keys with the external users. Expire the credentials after 7 days.
  • D. Create a role that has read-only access to the S3 bucket. Share the Amazon Resource Name (ARN) of this role with the external users.