FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 6: AWS Certified Developer Associate (DVA-C01)

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 101

Multiple Choice

Review LaterAdd Note

Review Later

A software company needs to make sure user-uploaded documents are securely stored in Amazon S3. The documents must be encrypted at rest in Amazon S3. The company does not want to manage the security infrastructure in-house, but the company still needs extra protection to ensure it has control over its encryption keys due to industry regulations. Which encryption strategy should a Developer use to meet these requirements?

A) Server-side encryption with Amazon S3 managed keys (SSE-S3)
B) Server-side encryption with customer-provided encryption keys (SSE-C)
C) Server-side encryption with AWS KMS managed keys (SSE-KMS)
D) Client-side encryption

E) A) and B)
F) B) and D)

Correct Answer

verified

Show Answer

Question 102

Multiple Choice

Review LaterAdd Note

Review Later

A developer is trying to get data from an Amazon DynamoDB table called demoman-table. The developer configured the AWS CLI to use a specific IAM user's credentials and executed the following command: The command returned errors and no rows were returned. What is the MOST likely cause of these issues?

A) The command is incorrect; it should be rewritten to use put-item with a string argument. The command is incorrect; it should be rewritten to use put-item with a string argument.
B) The developer needs to log a ticket with AWS Support to enable access to the demoman-table.
C) Amazon DynamoDB cannot be accessed from the AWS CLI and needs to be called via the REST API.
D) The IAM user needs an associated policy with read access to demoman-table.

E) A) and C)
F) None of the above

Correct Answer

verified

Show Answer

Question 103

Multiple Choice

Review LaterAdd Note

A developer is monitoring an application running on an Amazon EC2 instance. The developer has configured a custom Amazon CloudWatch metric with data granularity of 1 second. If there are any issues, the developer wants to be notified within 30 seconds using Amazon Simple Notification Service (Amazon SNS) . Which CloudWatch mechanism will satisfy this requirement?

A company has an AWS CloudFormation template that is stored as a single file. The template is able to launch and create a full infrastructure stack. Which best practice would increase the maintainability of the template?

A company is launching an ecommerce website and will host the static data in Amazon S3. The company expects approximately 1,000 transactions per second (TPS) for GET and PUT requests in total. Logging must be enabled to track all requests and must be retained for auditing purposes. What is the MOST cost-effective solution?

A developer is implementing authentication and authorization for an application. The developer needs to ensure that the user credentials are never exposed. Which approach should the developer take to meet this requirement?

A meteorological system monitors 600 temperature gauges, obtaining temperature samples every minute and saving each sample to a DynamoDB table. Each sample involves writing 1K of data and the writes are evenly distributed over time. How much write throughput is required for the target table?

An Amazon DynamoDB table uses a Global Secondary Index (GSI) to support read queries. The primary table is write-heavy, whereas the GSI is used for read operations. Looking at Amazon CloudWatch metrics, the Developer notices that write operations to the primary table are throttled frequently under heavy write activity. However, write capacity units to the primary table are available and not fully consumed. Why is the table being throttled?

How can a developer use a debugger for AWS Lambda code that is deployed with AWS Serverless Application Model (AWS SAM) ?

A Developer needs to create an application that supports Security Assertion Markup Language (SAML) and Facebook authentication. It must also allow access to AWS services, such as Amazon DynamoDB. Which AWS service or feature will meet these requirements with the LEAST amount of additional coding?

What type of block cipher does Amazon S3 offer for server side encryption?

Company B provides an online image recognition service and utilizes SQS to decouple system components for scalability The SQS consumers poll the imaging queue as often as possible to keep end-to-end throughput as high as possible. However, Company B is realizing that polling in tight loops is burning CPU cycles and increasing costs with empty responses. How can Company B reduce the number of empty responses?

A Developer has created a new AWS IAM user that has s3 putObject permission to write to a specific Amazon S3 bucket. This S3 bucket uses server-side encryption with AWS KMS managed (SSE-KMS) as the default encryption. Using the access key and secret key of the IAM user, the application received an access denied error when calling the PutObject API. How can this issue be resolved?

An organization is using Amazon API Gateway to provide a public API called "Survey" for collecting user feedback posts about its products. The survey API has "DEV" and "PROD" stages and consists of one resource " /feedback " which allows users to retrieve/create/update single feedback posts. A version-controlled Swagger file is used to define a new API that retrieves multiple feedback posts. To add the new API resource " /listFeedbackForProduct " the developer makes changes to the Swagger file defining an API, uploads the file to the organization's version control system, and uses the API Gateway Import API feature to apply the changes to the Survey API. After successful import, the developer runs the tests against the DEV stage and finds that resource " " is not available. What is MOST likely the reason for resource not being available?

A developer is building a new application that uses an Amazon DynamoDB table. The specification states that all items that are older than 48 hours must be removed. Which solution will meet this requirement?

A Developer has discovered that an application responsible for processing messages in an Amazon SQS queue is routinely falling behind. The application is capable of processing multiple messages in one execution, but is only receiving one message at a time. What should the Developer do to increase the number of messages the application receives?

When uploading an object, what request header can be explicitly specified in a request to Amazon S3 to encrypt object data when saved on the server side?

When a Simple Queue Service message triggers a task that takes 5 minutes to complete, which process below will result in successful processing of the message and remove it from the queue while minimizing the chances of duplicate processing?

During non-peak hours, a Developer wants to minimize the execution time of a full Amazon DynamoDB table scan without affecting normal workloads. The workloads average half of the strongly consistent read capacity units during non-peak hours. How would the Developer optimize this scan?

An organization is storing large files in Amazon S3, and is writing a web application to display meta-data about the files to end-users. Based on the metadata a user selects an object to download. The organization needs a mechanism to index the files and provide single-digit millisecond latency retrieval for the metadata. What AWS service should be used to accomplish this?