DVA-C01 : AWS Certified Developer Associate : Part 15

  1. A developer needs to manage AWS infrastructure as code and must be able to deploy multiple identical copies of the infrastructure, stage changes, and revert to previous versions.Which approach addresses these requirements?

    • Use cost allocation reports and AWS OpsWorks to deploy and manage the infrastructure.
    • Use Amazon CloudWatch metrics and alerts along with resource tagging to deploy and manage the infrastructure.
    • Use AWS Elastic Beanstalk and AWS CodeCommit to deploy and manage the infrastructure.
    • Use AWS CloudFormation and AWS CodeCommit to deploy and manage the infrastructure.
  2. What is required to trace Lambda-based applications with AWS X-Ray?

    • Send logs from the Lambda application to an S3 bucket; trigger a Lambda function from the bucket to send data to AWS X-Ray.
    • Trigger a Lambda function from the application logs in Amazon CloudWatch to submit tracing data to AWS X-Ray.
    • Use an IAM execution role to give the Lambda function permissions and enable tracing.
    • Update and add AWS X-Ray daemon code to relevant parts of the Lambda function to set up the trace.
  3. A development team is building a new application that will run on Amazon EC2 and use Amazon DynamoDB as a storage layer. The developers all have assigned IAM user accounts in the same IAM group. The developers currently can launch EC2 instances, and they need to be able to launch EC2 instances with an instance role allowing access to Amazon DynamoDB.​ Which AWS IAM changes are needed when creating an instance role to provide this functionality?

    • Create an IAM permission policy attached to the role that allows access to DynamoDB. Add a trust policy to the role that allows DynamoDB to assume the role. Attach a permissions policy to the development group in AWS IAM that allows developers to use the iam:GetRole and iam:PassRole permissions for the role.
    • Create an IAM permissions policy attached to the role that allows access to DynamoDB. Add a trust policy to the role that allows Amazon EC2 to assume the role. Attach a permissions policy to the development group in AWS IAM that allows developers to use the iam:PassRole permission for the role.
    • Create an IAM permission policy attached to the role that allows access to Amazon EC2. Add a trust policy to the role that allows DynamoDB to assume the role. Attach a permissions policy to the development group in AWS IAM that allows developers to use the iam:PassRole permission for the role.
    • Create an IAM permissions policy attached to the role that allows access to DynamoDB. Add a trust policy to the role that allows Amazon EC2 to assume the role. Attach a permissions policy to the development group in AWS IAM that allows developers to use the iam:GetRole permission for the role.
  4. A developer is migrating code to an AWS Lambda function that will an Amazon Aurora MySQL database. What is the MOST secure way to authenticate the function to the database?

    • Store the database credentials as encrypted parameters in AWS Systems Manager Parameters Store. Obtain the credentials from Systems Manager when the Lambda function needs to connect to the database.
    • Store the database credentials in AWS Secrets Manager. Let Secrets Manager handle the rotation of the credentials, as required.
    • Store the database credentials in an Amazon S3 bucket that has a restrictive bucket policy for the Lambda role when accessing the credentials. Use AWS KMS to encrypt the data.
    • Create a policy with rds-db:connect access to the database and attach it to the role assigned to the Lambda function.
  5. A development team uses AWS Elastic Beanstalk for application deployment. The team has configured the application version lifecycle policy to limit the number of application versions to 25. However, even with the lifecycle policy, the source bundle is deleted from the Amazon S3 source bucket.What should a developer do in the Elastic Beanstalk application version lifecycle settings to retain the source code in the S3 bucket?

    • Change the Set the application versions limit by total count setting to zero.
    • Disable the Lifecycle policy setting.
    • Change the Set the application version limit by age setting to zero.
    • Set Retention to Retain source bundle in S3.
  6. A developer has built a market application that stores pricing data in Amazon DynamoDB with Amazon ElastiCache in front. The prices of items in the market change frequently. Sellers have begun complaining that, after they update the price of an item, the price does not actually change in the product listing. What could be causing this issue?

    • The cache is not being invalidated when the price of the item is changed
    • The price of the item is being retrieved using a write-through ElastiCache cluster
    • The DynamoDB table was provisioned with insufficient read capacity
    • The DynamoDB table was provisioned with insufficient write capacity
  7. A developer is provided with an HTTPS clone URL for an AWS CodeCommit repository. What needs to be configured before cloning this repository?

    • Use AWS KMS to set up public and private keys for use with AWS CodeCommit.
    • Set up the Git credential helper to use an AWS credential profile, and enable the helper to send the path to the repositories.
    • Use AWS Certificate Manager to provision public and private SSL/TLS certificates.
    • Generate encryption keys using AWS CloudHSM, then export the key for use with AWS CodeCommitl.
    Explanation:

    AWS credential profile, and enabling the Git credential helper to send the path to repositories:

  8. A developer is building an application using an Amazon API Gateway REST API backed by an AWS Lambda function that interacts with an Amazon DynamoDB table. During testing, the developer observes high latency when making requests to the API. How can the developer evaluate the end-to-end latency and identify performance bottlenecks?

    • Enable AWS CloudTrail logging and use the logs to map each latency and bottleneck.
    • Enable and configure AWS X-Ray tracing on API Gateway and the Lambda function. Use X-Ray to trace and analyze user requests.
    • Enable Amazon CloudWatch Logs for the Lambda function. Enable execution logs for API Gateway to view and analyze user request logs.
    • Enable VPC Flow Logs to capture and analyze network traffic within the VPC.
  9. A developer is writing an AWS Lambda function. The developer wants to log key events that occur during the Lambda function and include a unique identifier to associate the events with a specific function invocation. Which of the following will help the developer accomplish this objective?

    • Obtain the request identifier from the Lambda context object. Architect the application to write logs to the console.
    • Obtain the request identifier from the Lambda event object. Architect the application to write logs to a file.
    • Obtain the request identifier from the Lambda event object. Architect the application to write logs to the console.
    • Obtain the request identifier from the Lambda context object. Architect the application to write logs to a file.
  10. An IAM role is attached to an Amazon EC2 instance that explicitly denies access to all Amazon S3 API actions. The EC2 instance credentials file specifies the IAM access key and secret access key, which allow full administrative access. Given that multiple modes of IAM access are present for this EC2 instance, which of the following is correct?

    • The EC2 instance will only be able to list the S3 buckets.
    • The EC2 instance will only be able to list the contents of one S3 bucket at a time.
    • The EC2 instance will be able to perform all actions on any S3 bucket.
    • The EC2 instance will not be able to perform any S3 action on any S3 bucket.
  11. Two containerized microservices are hosted on Amazon EC2 ECS. The first microservice reads an Amazon RDS Aurora database instance, and the second microservice reads an Amazon DynamoDB table.How can each microservice be granted the minimum privileges?

    • Set ECS_ENABLE_TASK_IAM_ROLE to false on EC2 instance boot in ECS agent configuration file. Run the first microservice with an IAM role for ECS tasks with read-only access for the Aurora database. Run the second microservice with an IAM role for ECS tasks with read-only access to DynamoDB.
    • Set ECS_ENABLE_TASK_IAM_ROLE to false on EC2 instance boot in the ECS agent configuration file. Grant the instance profile role read-only access to the Aurora database and DynamoDB.
    • Set ECS_ENABLE_TASK_IAM_ROLE to true on EC2 instance boot in the ECS agent configuration file. Run the first microservice with an IAM role for ECS tasks with read-only access for the Aurora database. Run the second microservice with an IAM role for ECS tasks with read-only access to DynamoDB.
    • Set ECS_ENABLE_TASK_IAM_ROLE to true on EC2 instance boot in the ECS agent configuration file. Grant the instance profile role read-only access to the Aurora database and DynamoDB.
  12. A developer has written an AWS Lambda function using Java as the runtime environment. The developer wants to isolate a performance bottleneck in the code. Which steps should be taken to reveal the bottleneck?

    • Use the Amazon CloudWatch API to write timestamps to a custom CloudWatch metric. Use the CloudWatch console to analyze the resulting data.
    • Use the AWS X-Ray API to write trace data into X-Ray from strategic places within the code. Use the Amazon CloudWatch console to analyze the resulting data.
    • Use the AWS X-Ray API to write trace data into X-Ray from strategic places within the code. Use the X-Ray console to analyze the resulting data.
    • Use the Amazon CloudWatch API to write timestamps to a custom CloudWatch metric. Use the AWS X-Ray console to analyze the resulting data.
  13. A developer added a new feature to an application running on an Amazon EC2 instance that uses Amazon SQS. After deployment, the developer noticed a significant increase in Amazon SQS costs. When monitoring the Amazon SQS metrics on Amazon CloudWatch, the developer found that on average one message per minute is posted on this queue.What can be done to reduce Amazon SQS costs for this application?

    • Increase the Amazon SQS queue polling timeout.
    • Scale down the Amazon SQS queue to the appropriate size for low traffic demand.
    • Configure push delivery via Amazon SNS instead of polling the Amazon SQS queue.
    • Use an Amazon SQS first-in, first-out (FIFO) queue instead of a standard queue.
  14. A developer is using Amazon DynamoDB to store application data. The developer wants to further improve application performance by reducing response times for read and write operations.Which DynamoDB feature should be used to meet these requirements?

    • Amazon DynamoDB Streams
    • Amazon DynamoDB Accelerator
    • Amazon DynamoDB global tables
    • Amazon DynamoDB transactions
  15. A developer is creating a script to automate the deployment process for a serverless application. The developer wants to use an existing AWS Serverless Application Model (AWS SAM) template for the application. What should the developer use for the project? (Choose two.)

    • Call aws cloudformation package to create the deployment package. Call aws cloudformation deploy to deploy the package afterward.
    • Call sam package to create the deployment package. Call sam deploy to deploy the package afterward.
    • Call aws s3 cp to upload the AWS SAM template to Amazon S3. Call aws lambda update-function-code to create the application.
    • Create a ZIP package locally and call aws serverlessrepo create-application to create the application.
    • Create a ZIP package and upload it to Amazon S3. Call aws cloudformation create-stack to create the application.
  16. A development team is designing a mobile app that requires multi-factor authentication.Which steps should be taken to achieve this? (Choose two.)

    • Use Amazon Cognito to create a user pool and create users in the user pool.
    • Send multi-factor authentication text codes to users with the Amazon SNS Publish API call in the app code.
    • Enable multi-factor authentication for the Amazon Cognito user pool.
    • Use AWS IAM to create IAM users.
    • Enable multi-factor authentication for the users created in AWS IAM.
  17. A gaming application stores scores for players in an Amazon DynamoDB table that has four attributes: user_id, user_name, user_score, and user_rank. The users are allowed to update their names only. A user is authenticated by web identity federation.Which set of conditions should be added in the policy attached to the role for the dynamodb: PutItem API call?

    • DVA-C01 AWS Certified Developer Associate Part 15 Q17 013
      DVA-C01 AWS Certified Developer Associate Part 15 Q17 013
    • DVA-C01 AWS Certified Developer Associate Part 15 Q17 014
      DVA-C01 AWS Certified Developer Associate Part 15 Q17 014
    • DVA-C01 AWS Certified Developer Associate Part 15 Q17 015
      DVA-C01 AWS Certified Developer Associate Part 15 Q17 015
    • DVA-C01 AWS Certified Developer Associate Part 15 Q17 016
      DVA-C01 AWS Certified Developer Associate Part 15 Q17 016
  18. A developer is using AWS CodeDeploy to deploy an application running on Amazon EC2. The developer wants to change the file permissions for a specific deployment file.Which lifecycle event should a developer use to meet this requirement?

    • AfterInstall
    • DownloadBundle
    • BeforeInstall
    • ValidateService
    Explanation:

    You can use the AfterInstall deployment lifecycle event for tasks such as configuring your application or changing file permissions.

  19. Given the following AWS CloudFormation template:

    DVA-C01 AWS Certified Developer Associate Part 15 Q19 017
    DVA-C01 AWS Certified Developer Associate Part 15 Q19 017

    What is the MOST efficient way to reference the new Amazon S3 bucket from another AWS CloudFormation template?

    •  Use ResultPath in a Catch statement to include the error with the original input.
    • Use InputPath in a Catch statement and set the value to null.
    • Use ErrorEquals in a Retry statement to include the error with the original input.
    • Use OutputPath in a Retry statement and set the value to $.
    Explanation:

    Use ResultPath in a Catch to include the error with the original input.

  20. A company is developing a report executed by AWS Step Functions. Amazon CloudWatch shows errors in the Step Functions task state machine. To troubleshoot each task, the state input needs to be included along with the error message in the state output.

    Which coding practice can preserve both the original input and the error for the state?

    • Use ResultPath in a Catch statement to include the error with the original input.
    • Use InputPath in a Catch statement and set the value to null.
    • Use ErrorEquals in a Retry statement to include the error with the original input.
    • Use OutputPath in a Retry statement and set the value to $.
    Explanation:

    Use ResultPath in a Catch to include the error with the original input.

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments