Secure Checkout

100% SECURE CHECKOUT

Buy your braindumps confidently with our secure SSL certification and safe payment methods.

Read More
Download Demo

DOWNLOAD 100% FREE DEMO

Download the demo of your desired dumps free on just one click before purchase. 100% singup free demo.

Read More
Guarentee

100% MONEY BACK GUARANTEE

Get your certification in 1st attempt or get your 100% payment back according to our refund policy.

Read More
Customer Support

24/7 CUSTOMER SUPPORT

Resolve your issues and queries quickly with our dedicated 24/7 live customer support team.

Read More

Amazon DVA-C01 Dumps

We at Dumpssure certify you that our platform is one of the most authentic website for Amazon DVA-C01 exam questions and their correct answers. Pass your Amazon DVA-C01 exam with flying marks, and that too with little effort. With the purchase of this pack, you wil also get free demo questions dumps. We ensure your 100% success in DVA-C01 Exam with the help of our provided material.

DumpsSure offers a unique Online Test Engine where you can fully practice your DVA-C01 exam questions. This is one-of-a-kind feature which our competitors won't provide you. Candidates can practice the way they would want to attempt question at the real examination time.

Dumpssure also offers an exclusive 'Exam Mode' where you can attempt 50 random questions related to your DVA-C01 exam. This mode is exactly the same as of real DVA-C01 certification exam. Attempt all the questions within a limited time and test your knowledge on the spot. This mode will definitely give you an edge in real exam.

Our success rate from past 6 years is above 96% which is quite impressive and we're proud of it. Our customers are able to build their career in any field the wish. Let's dive right in and make the best decision of your life right now. Choose the plan you want, download the DVA-C01 exam dumps and start your preparation for a successful professional.

Why Dumpssure is ever best for the preparation for Amazon DVA-C01 exam?

Dumpssure is providing free Amazon DVA-C01 question answers for your practice, to avail this facility you just need to sign up for a free account on Dumpssure. Thousands of customers from entire world are using our DVA-C01 dumps. You can get high grades by using these dumps with money back guarantee on DVA-C01 dumps PDF.

A vital device for your assistance to pass your Amazon DVA-C01 Exam

Our production experts have been preparing such material which can succeed you in Amazon DVA-C01 exam in a one day. They are so logical and notorious about the questions and their answers that you can get good marks in Amazon DVA-C01 exam. So DUMPSSURE is offering you to get excellent marks.

Easy access on your mobile for the users

The basic mean of Dumpssure is to provide the most important and most accurate material for our users. You just need to remain connected to internet for getting updates even on your mobile. After purchasing, you can download the Amazon DVA-C01 study material in PDF format and can read it easily, where you have desire to study.

Amazon DVA-C01 Questions and Answers can get instantly

Our provided material is regularly updated step by step for new questions and answers for Amazon Exam Dumps, so that you can easily check the behaviour of the question and their answers and you can succeed in your first attempt.

Amazon DVA-C01 Dumps are demonstrated by diligence Experts

We are so keen to provide our users with that questions which are verified by the Amazon Professionals, who are extremely skilled and have spent many years in this field.

Money Back Guarantee

Dumpssure is so devoted to our customers that we provide to most important and latest questions to pass you in the Amazon DVA-C01 exam. If you have purchased the complete DVA-C01 dumps PDF file and not availed the promised facilities for the Amazon exams you can either replace your exam or claim for money back policy which is so simple for more detail visit Guarantee Page.

Amazon DVA-C01 Sample Questions

Question # 1

A company uses the AWS SDK for JavaScript in the Browser to build a web application and then hosts the application on Amazon S3. The company wants the application to support 10,000 users concurrently. The company selects Amazon DynamoDB to store user preferences in a table. There is a requirement to uniquely identify users at any scale. Which solution will meet these requirements?

A. Create a user cookie. Attach an 1AM role to the S3 bucket that hosts the application. 
B. Deploy an Amazon CloudFront distribution with an origin access identity (OAI) to access the S3 bucket. 
C. Configure and use Amazon Cognito. Access DynamoDB with the authenticated users. 
D. Create an IAM user for each user. Use fine-grained access control on the DynamoDB table to control access. 



Question # 2

A developer deployed an application to an Amazon EC2 instance. The application needs to know the public IPv4 address of the instance. How can the application find this information? 

A. Query the instance metadata from http://169.254.169.254/latest/meta-data/. 
B. Query the instance user data from http://169 254.169.254/latest/user-data/. 
C. Query the Amazon Machine Image (AMI) information from http://169 254.169.254/latesl/meta-data/ami/. 
D. Check the hosts file of the operating system.



Question # 3

A company has a front-end application that runs on four Amazon EC2 instances behind an Elastic Load Balancer (ELB) in a production environment that is provisioned by AWS Elastic Beanstalk. A developer needs to deploy and test new application code while updating the Elastic Beanstalk platform from the current version to a newer version of Node.js. The solution must result in zero downtime for the application. Which solution meets these requirements? 

A. Clone the production environment to a different platform version. Deploy the new application code, and test it. Swap the environment URLs upon verification. 
B. Deploy the new application code in an all-at-once deployment to the existing EC2 instances. Test the code. Redeploy the previous code if verification fails. 
C. Perform an immutable update to deploy the new application code to new EC2 instances. Serve traffic to the new instances after they pass health checks 
D. Use a rolling deployment for the new application code. Apply the code to a subset of EC2 instances until the tests pass. Redeploy the previous code if the tests fail. 



Question # 4

A company is running an application on AWS Elastic Beanstalk in a single-instance environment. The company's deployments must avoid any downtime. Which deployment option will meet these requirements? 

A. All at once
 B. Rolling 
C. Rolling with additional batch 
D. Immutable 



Question # 5

A company has a serverless application that uses Amazon API Gateway backed by AWS Lambda proxy integration. The company is developing several backend APIs. The company needs a landing page to arovide an overview ol navigation to the APIs. \ developer creates a new /LandingPage resource and a new GET method that uses mock integration. What should the developer do next to meet these requirements?

A. Configure the integration request mapping template with Content-Type of text/html and statusCode of 200. Configure the integration response mapping template with ContentType of application/json. In the integration response mapping template, include the LandingPage HTML code that references the APIs. 
B. Configure the integration request mapping template with Content-Type of application/json. In the integration request mapping template, include the LandingPage HMTL code that references the APIs. Configure the integration response mapping template with Content-Type of text/html and statusCode of 200.
 C. Configure the integration request mapping template with Content-Type of application/json and statusCode of 200. Configure the integration response mapping template with Content-Type of text/html. In the integration response mapping template, include the LandingPage HTML code that references the APIs. 
D. Configure the integration request mapping template with Content-Type of text/html. In the integration request mapping template, include the LandingPage HTML code that references the APIs. Configure the integration response mapping template with Content-Type of application/json and statusCode of 200.



Question # 6

A company is using continuous integral ion/continuous delivery (CI/CD) systems. A that run on premises. Which AWS service should the developer use to meet these requirements? 

A. AWSCIoud9 
B. AWS CodeBuild 
C. AWS Elastic Beanstalk 
D. AWS CodeDeploy 



Question # 7

A developer is working on a Python application that runs on Amazon EC2 instances. The developer wants to enable tracing of application requests to debug performance issues in the code. Which combination of actions should the developer take to achieve this goal? (Select TWO.) 

A. Install the Amazon CloudWatch agent on the EC2 instances. 
B. Install the AWS X-Ray daemon on the EC2 instances 
C. Configure the application to write JSON-formatted logs to /var/log/cloudwatch. 
D. Configure the application to write trace data to /var/log/xray. 
E. Install and configure the AWS X-Ray SDK for Python in the application. 



Question # 8

A company has an application that runs on AWS Elastic Beanstalk in a load-balanced environment. The company needs to update the instance types in the environment to a more recent generation of instance types. The company must minimize downtime during the deployment of this configuration change. Which deployment options will meet these requirements? (Choose two.)

 A. Disabled 
B. Rolling based on Health 
C. Immutable 
D. All at once
 E. Canary 



Question # 9

A development team set up a pipeline to launch a test environment. The developers want to automate tests for their application. The team created an AWS CodePipeline stage to deploy the application to a test environment in batches using AWS Elastic Beanstalk. A later CodePipeline stage contains a single action that uses AWS CodeBuild to run numerous automated Selenium-based tests on the deployed application. The team must speed up the pipeline without removing any of the individual tests. Which set of actions will MOST effectively speed up application deployment and testing?

A. Set up an all-at-once deployment in Elastic Beanstalk. Run tests in parallel with multiple CodeBuild actions. 
B. Set up a rolling update in Elastic Beanstalk. Run tests in serial with a single CodeBuild action. 
C. Set up an immutable update in Elastic Beanstalk. Run tests in serial with a single CodeBuild action. 
D. Set up a traffic-splitting deployment in Elastic Beanstalk. Run tests in parallel with multiple CodeBuild actions. 



Question # 10

A developer wants to migrate a Windows .NET application that is running on IIS with a Microsoft SQL Server database to AWS. The developer does not want to think about provisioning and managing the infrastructure. What should the developer do to migrate the application with the LEAST amount of effort? 

A. Launch Amazon EC2 instances for Windows Server. Back up and restore the database to Amazon RDS. Deploy the web application to the new EC2 instances 
B. Back up and restore the database to Amazon RDS. Use the .NET Migration Assistant for AWS Elastic Beanstalk to migrate the web application to a preconfigured solution stack that Elastic Beanstalk provides. 
C. Migrate the database to Amazon DynamoDB Use Amazon API Gateway and AWS Lambda to create a web application interface that is hosted in an Amazon S3 bucket. 
D. Containerize the application on premises. Push the image to Amazon Elastic Container Registry (Amazon ECR). Create an AWS CloudFormation template to deploy the application



Question # 11

A developer is exposing an API by using Amazon API Gateway and AWS Lambda as the backend for an application. The developer wants to add validation rules for a POST method to ensure that the data (rom the frontend web form is valid. The validation rules must include mandatory fields, data type, length, and regular expressions. Which solution will meet these requirements? 

A. Create an API Gateway model with schema for data validation. 
B. Create API Gateway HTTP request headers for data validation.
 C. Create API Gateway URL query string parameters for data validation. 
D. Create API Gateway URL path parameters for data validation 



Question # 12

A developer has built an application running on AWS Lambda using AWS Serverless Application Model (AWS SAM). What is the correct sequence of steps to successfully deploy the application? 

A. 1. Build the SAM template in Amazon EC2. 2. Package the SAM template to Amazon EBS storage. 3. Deploy the SAM template from Amazon EBS. 
B. 1. Build the SAM template locally. 2. Package the SAM template onto Amazon S3. 3. Deploy the SAM template from Amazon S3. 
C. 1. Build the SAM template locally. 2. Deploy the SAM template from Amazon S3. 3. Package the SAM template for use. 
D. 1. Build the SAM template locally. 2 Package the SAM template from AWS CodeCommit. 



Question # 13

An open-source map application gathers data from several geolocation APIs. The application's source code repository is public and can be used by anyone, but the geolocation APIs must not be directly accessible. A developer must implement a solution to prevent the credentials that are used to access the APIs from becoming public. The solution also must ensure that the application still functions properly. Which solution will meet these requirements MOST cost-effectively?

A. Store the credentials in AWS Secrets Manager. Retrieve the credentials by using the GetSecretValue API operation. 
B. Store the credentials in AWS Key Management Service (AWS KMS). Retrieve the credentials by using the GetPublicKey API operation. 
C. Store the credentials in AWS Security Token Service (AWS STS). Retrieve the credentials by using the GetCallerldentity API operation. 
D. Store the credentials in AWS Systems Manager Parameter Store. Retrieve the credentials by using the GetParameter API operation. 



Question # 14

An application that is running on Amazon EC2 instances stores data in an Amazon S3 bucket. All the data must be encrypted in transit. How can a developer ensure that all traffic to the S3 bucket is encrypted? 

A. Install certificates on the EC2 instances. 
B. Create a private VPC endpoint. 
C. Configure the S3 bucket with server-side encryption with AWS KMS managed encryption keys (SSE-KMS). 
D. Create an S3 bucket policy that denies traffic when the value for the aws:SecureTransport condition key is false. 



Question # 15

A company uses Amazon DynamoDB as a data store for its order management system. The company frontend application stores orders in a DynamoDB table. The DynamoDB table is configured to send change events to a DynamoDB stream. The company uses an AWS Lambda function to log and process the incoming orders based on data from the DynamoDB stream. An operational review reveals that the order quantity of incoming orders is sometimes set to 0. A developer needs to create a dashboard that will show how many unique customers this problem affects each day. What should the developer do to implement the dashboard? 

A. Grant the Lambda function's execution role permissions to upload logs to Amazon CloudWatch Logs. Implement a CloudWatch Logs Insights query that selects the number of unique customers for orders with order quantity equal to 0 and groups the results in 1-day periods. Add the CloudWatch Logs Insights query to a CloudWatch dashboard. 
B. Use Amazon Athena to query AWS CloudTrail API logs for API calls. Implement an Athena query that selects the number of unique customers for orders with order quantity equal to 0 and groups the results in 1 -day periods. Add the Athena query to an Amazon CloudWatch dashboard. 
C. Configure the Lambda function to send events to Amazon EventBridge. Create an EventBridge rule that groups the number of unique customers for orders with order quantity equal to 0 in 1 -day periods. Add a CloudWatch dashboard as the target of the rule. 
D. Turn on custom Amazon CloudWatch metrics for the DynamoDB stream of the DynamoDB table. Create a CloudWatch alarm that groups the number of unique customers for orders with order quantity equal to 0 in 1-day periods. Add the CloudWatch alarm to a CloudWatch dashboard. 



Question # 16

A company that manages movie reviews wants to make its movie review data available to its customers by calling a set of REST web service endpoints. The company will develop the retrieval functionality as AWS Lambda functions and will expose the functionality to customers as an Amazon API Gateway REST API. The company needs to ensure that no consumer exceeds 100 requests a day to the API during the initial deployment. The company decides to use API Gateway API keys to restrict access. The company creates and issues API keys for each customer. What should the company do next to meet these requirements with the LEAST administrative effort?

A. Create a usage plan that applies throttling at 100 requests a day. Associate the usage plan with the API keys of all customers. 
B. Create an Amazon DynamoDB table to track all the requests that use a particular API key. For each request to the API, count the number of records in the DynamoDB table for that day for the API key. If the number of requests is 100 or greater, generate an exception. 
C. Create a usage plan that applies a quota of 100 requests a day. Associate the usage plan with the API keys of all customers. 
D. Create an Amazon Aurora table to track all the requests that use a particular API key. For each request to the API, count the number of records in the Aurora table for that day for the API key. If the number of requests is 100 or greater, generate an exception. 



Question # 17

A company uses AWS CloudFormation to deploy an application that uses an Amazon API Gateway REST API with AWS Lambda function integration. The application uses Amazon DynamoDB for data persistence. The application has three stages, development, testing, and production. Each stage uses its own DynamoDB table. The company has encountered unexpected issues when promoting changes to the production stage. The changes were successful in the development and testing stages. A developer needs to route 20% of the traffic to the new production stage API with the next production release. The developer needs to route the remaining 80% of the traffic to the existing production stage. The solution must minimize the number of errors that any single customer experiences. Which approach should the developer take to meet these requirements? 

A. Update 20% of the planned changes to the production stage. Deploy the new production stage. Monitor the results. Repeat this process five times to test all planned changes 
B. Update the Amazon Route 53 DNS record entry for the production stage API to use a weighted routing policy Set the weight to a value of 80. Add a second record for the production domain name Change the second routing policy to a weighted routing policy. Set the weight of the second policy to a value of 20. Change the alias of the second policy to use the testing stage API. 
C. Deploy an Application Load Balancer (ALB) in front of the REST API Change the production API Amazon Route 53 record to point traffic to the ALB Register the production and testing stages as targets of the ALB with weights of 80% and 20%. respectively. 
D. Configure canary settings for the production stage API. Change the percentage of traffic directed to canary deployment to 20%. Make the planned updates to the production stage Deploy the changes. 



Question # 18

A developer runs an application that uses an Amazon API Gateway REST API. The developer needs to implement a solution to proactively monitor the health of both API responses and latencies in case a deployment causes a service disruption despite passing deployment pipeline tests. The solution also must check for endpoint vulnerability and unauthorized changes to APIs. URLs, and website content. Which solution will meet these requirements? 

A. Use the Amazon CloudWatch Synthetics canary functionality to call the API and check the responses and duration of the request. 
B. Use a custom health check in the API that queries hosts to check the duration of the request. 
C. Implement a custom AWS Lambda function with an Amazon EventBridge event to periodically call the API and check the responses and duration of the request. 
D. Use the built-in API Gateway metrics to monitor the average duration of the API response. 



Question # 19

A developer is testing a new file storage application that uses an Amazon CloudFront distribution to serve content from an Amazon S3 bucket. The distribution accesses the S3 bucket by using an origin access identity (OAI). The S3 bucket's permissions explicitly deny access to all other users. The application prompts users to authenticate on a login page and then uses signed cookies to allow users to access their personal storage directories. The developer has configured the distribution to use its default cache behavior with restricted viewer access and has set the origin to point to the S3 bucket. However, when the developer tries to navigate to the login page, the developer receives a 403 Forbidden error. The developer needs to implement a solution to allow unauthenticated access to the login page. The solution also must keep all private content secure. Which solution will meet these requirements?

A. Add a second cache behavior to the distribution with the same origin as the default cache behavior. Set the path pattern for the second cache behavior to the path of the login page, and make viewer access unrestricted. Keep the default cache behavior’s settings unchanged. 
B. Add a second cache behavior to the distribution with the same origin as the default cache behavior. Set the path pattern for the second cache behavior to *, and make viewer access restricted. Change the default cache behavior's path pattern to the path of the login page, and make viewer access unrestricted. 
C. Add a second origin as a failover origin to the default cache behavior. Point the failover origin to the S3 bucket. Set the path pattern for the primary origin to * and make viewer access restricted. Set the path pattern for the failover origin to the path of the login page, and make viewer access unrestricted. 
D. Add a bucket policy to the S3 bucket to allow read access. Set the resource on the policy to the Amazon Resource Name (ARN) of the login page object in the S3 bucket. Add a CloudFront function to the default cache behavior to redirect unauthorized requests to the login page’s S3 URI. 



Question # 20

A movie fan club hosts a serverless web application in an Amazon S3 bucket. The application uses an AWS Lambda function that is exposed by an Amazon API Gateway API. The function queries an Amazon DynamoDB table to list actors sorted by movie. In the DynamoDB table. Actor is the primary key, Movie is the sort key, and Role and Year are attributes. In the web application, a developer wants to add a page that is named Phase 1 that lists only the movies that were released between 2008 and 2012. The developer needs to fetch the Phase 1 items in a way that minimizes the impact on the DynamoDB table. Which solution will meet these requirements? 

A. Create a global secondary index (GSl) with the Year attribute as the sort key. Create a Lambda function to return the results from a new method in the API. 
B. Design a Lambda function that scans the DynamoDB table and filters the results for the Phase 1 items. Invoke the function from a new method in the API. 
C. Use a DynamoDB stream to send items that are filtered by Year to a new DynamoDB table. Invoke a Lambda function from a new method in the API. 
D. Set up an Amazon CloudFront distribution. Create a Lambda@Edge function to filter the items that are returned from the API request. 



Question # 21

A company manages a financial services application that stores a large volume of data in an Amazon DynamoDB table. A developer needs to improve the performance of the DynamoDB read queries without increasing the cost. Which solution meets these requirements? 

A. Use parallel scans 
B. Add a local secondary index (LSI). 
C. Create a DynamoDB Accelerator (DAX) cluster. 
D. Query with the Projection Expression parameter 



Question # 22

A developer is troubleshooting a new AWS Lambda function. The function should run automatically each time a new object is uploaded to an Amazon S3 bucket. However, the developer finds that all calls failed before they reached the application code inside the function. Which of the following is a possible reason for this failure?

 A. The function resource policy does not allow access from Amazon S3. 
B. The function execution role does not allow access from Amazon S3. 
C. The function execution role does not allow access to Amazon S3. 
D. The IAM user does not have access to Amazon S3. 



Question # 23

A developer is implementing an AWS Lambda function that will be invoked when an object is uploaded to Amazon S3. The developer wants to test the Lambda function in a local development machine before publishing the function to a production AWS account. Which solution will meet these requirements with the LEAST operational overhead? 

A. Upload an object to Amazon S3 by using the aws s3api put-object CLI command. Wait for the local Lambda invocation from the S3 event. 
B. Create a sample JSON text file for a put object S3 event. Invoke the Lambda function locally. Use the aws lambda invoke CLI command with the JSON file and Lambda function name as arguments. 
C. Use the sam local start-lambda CLI command lo start Lambda. Use the sam local generate-event s3 put CLI command to create the Lambda test JSON file. Use the sam local invoke CLI command with the JSON file as the argument to invoke the Lambda function. 
D. Create a JSON string for the put object S3 event. In the AWS Management Console, use the JSON string to create a test event for the local Lambda function. Perform the test. 



Question # 24

A company has an application that provides blog hosting services to its customers. The application includes an Amazon DynamoDB table with a primary key The primary key consists of the customers' UserName as a partition key and the NumberOIBIogs as a sort key. The application stores the TotalReactionsOnBlogs as an attribute on the same DynamoDB table. A developer needs to implement an operation to retrieve the top 10 customers based on the greatest number of reactions on their blogs This operation must not consume the DynamoDB table's existing read capacity. What should the developer do to meet these requirements in the MOST operationally efficient manner?

A. For the existing DynamoDB table, create a new global secondary index (GSI) that has the UserName as a partition key and the TotalReactionsOnBlogs as a sort key. 
B. For the existing DynamoDB table, create a new local secondary index (LSI) that has the UserName as a partition key and the TotalReactionsOnBlogs as a sort key
C. Back up and restore the DynamoDB table to a new DynamoDB table Create a new global secondary index (GSI) that has the UserName as a partition key and the TotalReactionsOnBlogs as a sort key Delete the old DynamoDB table 
D. Back up and restore the DynamoDB table to a new DynamoDB table. Create a new local secondary index (LSI) that has the UserName as a partition key and the TotalReactionsOnBlogs as a sort key. Delete the old DynamoDB table. 



Question # 25

A company is building a serverless application that uses AWS Lambda. The application includes Lambda functions that are exposed by Amazon API Gateway The functions will use several large third-party libraries, and the build artifacts will exceed 50 MB in size. Which combination of steps should a developer take to prepare and perform the deployment? (Select TWO.) 

A. Issue the aws lambda update-function-code CLI command with the -zip-file fileb://myfunction.zip parameter 
B. Upload the build artifact to Amazon S3. 
C. Issue the aws cloudformation package CLI command. 
D. Issue the aws lambda update-function-code CLI command with the -s3-bucket and -s3- key parameters. 
E. Issue the aws lambda update-function-code CLI command with a parameter that points to the source code in AWS CodeCommit. 



Question # 26

An AWS Lambda function requires read access to an Amazon S3 bucket and requires read/write access to an Amazon DynamoDB table. The correct 1AM policy already exists. What is the MOST secure way to grant the Lambda function access to the S3 bucket and the DynamoDB table? 

A. Attach the existing IAM policy to the Lambda function. 
B. Create an IAM role for the Lambda function. Attach the existing IAM policy to the role. Attach the role to the Lambda function. 
C. Create an IAM user with programmatic access. Attach the existing IAM policy to the user. Add the user access key ID and secret access key as environment variables in the Lambda function. 
D. Add the AWS account root user access key ID and secret access key as encrypted environment variables in the Lambda function. 



Question # 27

A media company wants to test its web application more frequently. The company deploys the application by using a separate AWS CloudFormation stack for each environment. The same CloudFormation template is deployed to each stack as the application progresses through the development lifecycle. A developer needs to build an automated alert for the quality assurance (QA) team. The developer wants the alert to occur for new deployments in the final pre-production environment. Which solution will moot these requirements?

A. Create an Amazon Simple Notification Service (Amazon SNS) topic. Add a subscription to notify the QA team. Update the CloudFormation stack options to point to the SNS topic in the pro-production environment. Most Voted 
B. Create an AWS Lambda function that notifies the QA team. Create an Amazon EventBridge rule to invoke the Lambda function on the default event bus. Filter the events on the CloudFormation service and the CloudFormation stack Amazon Resource Name (ARM). 
C. Create an Amazon CloudWatch alarm that monitors the metrics from CloudFormation. Filter the metrics on the stack name and the stack status. Configure the alarm to notify the QA team. 
D. Create an AWS Lambda function that notifies the QA team. Configure the event source mapping to receive events from CloudFormation. Specify the filtering values to limit invocations to the desired CloudFormation stack.



Question # 28

A developer needs to deploy an application to AWS Elastic Beanstalk for a company. The application consists of a single Docker image. The company's automated continuous integration and continuous delivery (CI/CD) process builds the Docker image and pushes the image to a public Docker registry. How should the developer deploy the application to Elastic Beanstalk? 

A. Create a Dockerfile. Configure Elastic Beanstalk to build the application as a Docker image. 
B. Create a docker-compose.yml file. Use the Elastic Beanstalk CLI to deploy the application. 
C. Create a .zip file that contains the Docker image. Upload the .zip file to Elastic Beanstalk. 
D. Create a Dockerfile. Run the Elastic Beanstalk CLI eb local run command in the same directory. 



Question # 29

A developer is writing a new web application that will be deployed and managed with AWS Elastic Beanstalk. The application will include an Amazon RDS DB instance. What steps should the developer take to access the RDS DB instance from the code? (Select TWO.) 

A. Modify the endpoint name using either the AWS Management Console or AWS CLI 
B. Upload the driver to Amazon S3 and reference it in the code 
C. Download the appropriate database driver and include it with the application. 
D. Construct a connection string using the Elastic Beanstalk environment variables 
E. Create a CNAME record referencing database instances ALIAS. 



Question # 30

\ developer is designing a serverless application for a game in which users register and log in through a web browser. The application makes requests on behalf of users to a set of AWS Lambda functions that un behind an Amazon API Gateway HTTP API. rhe developer needs to implement a solution to register and log in users on the application's sign-in page. The solution must minimize operational overhead and must minimize ongoing management of user identities. Which solution will meet these requirements? 

A. Create Amazon Cognito user pools for external social identity providers. Configure 1AM roles for the identity pools. 
B. Program the sign-in page to create users' 1AM groups with the 1AM roles attached to the groups. 
C. Create an Amazon RDS for SQL Server DB instance to store the users and manage the permissions to the backend resources in AWS. 
D. Configure the sign-in page to register and store the users and their passwords in an Amazon DynamoDB table with an attached 1AM policy. 



Question # 31

A developer is creating a new batch application that will run on an Amazon EC2 instance. The application requires read access to an Amazon S3 bucket. The developer needs to follow security best practices to grant S3 read access to the application. Which solution meets these requirements? 

A. Add the permissions to an 1AM policy. Attach the policy to a role Attach the role to the EC2 instance profile. 
B. Add the permissions inline to an 1AM group. Attach the group to the EC2 instance profile. 
C. Add the permissions to an 1AM policy. Attach the policy to a user Attach the user to the EC2 instance profile. 
D. Add the permissions to an 1AM policy. Use 1AM web identity federation to access the S3 bucket with the policy 



Question # 32

Which solution will meet these requirements? 

A. Build the container from the amazon/aws-xray-daemon base image. Use the AWS XRay SDK to instrument the application.
B. Install the Amazon CloudWatch agent on the container image. Use the CloudWatch SDK to publish custom metrics from each of the microservices. 
C. Install the AWS X-Ray daemon on each of the ECS instances. 
D. Configure AWS CloudTrail data events to capture the traffic between the microservices. 



Question # 33

A company that has multiple offices uses an Amazon DynamoDB table to store employee payroll information. Item attributes consist of employee names, office identifiers, and cumulative daily hours worked. The most frequently used query extracts a report of an alphabetical subset of employees for a specific office. Which design of the DynamoDB table primary key will have the MINIMUM performance impact? 

A. Partition key on the office identifier and sort key on the employee name
B. Partition key on the employee name and sort key on the office identifier 
C. Partition key on the employee name 
D. Partition key on the office identifier 



Question # 34

A developer is creating a web application that collects highly regulated and confidential user data through a POST request. The web application is served through Amazon CloudFront. User names and phone numbers must be encrypted at the edge and must remain encrypted throughout the entire application stack. What is the MOST secure way to meet these requirements?

A. Enforce Match Viewer with HTTPS Only on CloudFront. 
B. Use only the newest TLS security policy on CloudFront.
C. Enforce a signed URL on CloudFront on the front end. 
D. Use field-level encryption on CloudFront. 



Question # 35

A developer is debugging an AWS Lambda function behind an Amazon API Gateway. Whenever the API Gateway endpoint is called, HTTP status code 200 is returned even though AWS Lambda is recording a 4xx error. What change needs to be made to return a proper error code through the API Gateway?  

A. Enable CORS in the API Gateway method settings. 
B. Use a Lambda proxy integration to return HTTP codes and headers. 
C. Enable API Gateway error pass-through. 
D. Return the value in the header X-Amzn-ErrorType. 



Question # 36

A company must encrypt sensitive data that the company will store in Amazon S3. A developer must retain total control over the company's AWS Key Management Service (AWS KMS) key and the company’s data keys. The company currently uses an onpremises hardware security module (HSM) solution. The company wants to move its key management onto AWS. Which solution will meet these requirements?

A. Implement server-side encryption with AWS KMS managed keys (SSE-KMS). Use AWS CloudHSM to generate the KMS key and data keys to use with AWS KMS. 
B. Implement server-side encryption with customer-provided encryption keys (SSE-C). Use AWS CloudHSM to generate the KMS key and manage the data keys that the company will use to read and write objects to Amazon S3. 
C. Implement server-side encryption with Amazon S3 managed encryption keys (SSE-S3). Use AWS CloudHSM to generate the KMS key and manage the data keys that the company will use to read and write objects to Amazon S3. 
D. Implement server-side encryption with AWS KMS managed keys (SSE-KMS). Use the AWS KMS custom key store feature to manage the data keys. Then read or write objects to Amazon S3 as normal. 



Question # 37

A developer at a company recently created a serverless application to process and show data from business reports. The application's user interface (Ul) allow users to select and start processing the files. The Ul displays a message when the result is available to view. The application uses AWS Step Functions with A Lambda functions "to process the files. The developer used Amazon API Gateway and Lambda functions to create an API to support the Ul. The company's Ul team reports that the request to process a file is often returning timeout errors because of the size or complexity of the files. The Ul team w< API to provide an immediate response so that the Ul can display a message while the files are being processed. The backend process that is invoked by the A needs to send an email message when the report processing is complete. What should the developer do to configure the API to meet these requirements? 

A. Change the API Gateway route to add an X-Amz-lnvocation-Type header with a static value of 'Event' in the integration request. Deploy the API Gatt stage to apply the changes. 
B. Change the configuration of the Lambda function that implements the request to process a file. Configure the maximum age of the event so that the Lambda function will run asynchronously. 
C. Change the API Gateway timeout value to match the Lambda function timeout value. Deploy the API Gateway stage to apply the changes. 
D. Change the API Gateway route to add an X-Amz-Target header with a static value of 'Async' in the integration request. Deploy the API Gateway stag apply the changes. 



Question # 38

A developer notices timeouts from the AWS CLI when the developer runs list commands. What should the developer do to avoid these timeouts?

A. Use the -page-size parameter to request a smaller number of items. 
B. Use shorthand syntax to separate the list by a single space. 
C. Use the yaml-stream output for faster viewing of large datasets. 
D. Use quotation marks around strings to enclose data structure. 



Question # 39

A developer is monitoring an application that runs on an Amazon EC2 instance. The developer has configured a custom Amazon CloudWatch metric with d#ta granularity of 1 second. If any issues occur, the developer wants to be notified within 30 seconds by Amazon Simple Notification Service (Amazon SNS). What should the developer do to meet this requirement?

A. Configure a high-resolution CloudWatch alarm. 
B. Set up a custom CloudWatch dashboard. .
C. Use Amazon CloudWatch Logs Insights
D. Change to a default CloudWatch metric. 



Question # 40

A developer is managing an application that uploads user files to an Amazon S3 bucket named companybucket. The company wants to maintain copies of all the files uploaded by users for compliance purposes, while ensuring users still have access to the data through the application. Which IAM permissions should be applied to users to ensure they can create but not remove files from the bucket? 




D. 



Question # 41

A company is creating a continuous integration and continuous delivery (CI/CD) process by using AWS CodePipeline for its application on AWS The CI/CD process will pull code from an AWS CodeCommit repository, create the application infrastructure by using AWS Cloud Formation, deploy the frontend code to an Amazon S3 bucket that is configured for static website hosting, and deploy the application backend on an Amazon Elastic Container Service (Amazon ECS) cluster. A developer needs to create a new CodePipeline stage that creates the application infrastructure. Which solution will meet these requirements with the LEAST operational overhead? 

A. Create a new action with AWS Lambda as the action provider Create a Lambda function that makes an AWS SDK API call to create the CloudFormation stack 
B. Create a new action with CloudFormation as the action provider Set the action mode to CREATE UPDATE Target the CloudFormation stack to be launched. 
C. Create a new action with Jenkins as the action provider. Create and configure a Jenkins job to make an API call by using the AWS CLI to create the CloudFormation stack. 
D. Create a new action with AWS CodeBuikl as the action provider Configure the buildspec to make an API call by using the AWS CLI to create the CloudFormation stack 



Question # 42

A developer uses server-side encryption with Amazon S3 managed encryption keys (SSES3) to store data in Amazon S3. The developer needs to decrypt and download the encrypted objects by using the GetObject API call. What is the LEAST amount of information that the developer must provide in the API call to meet this requirement? 

A. The S3 object key only 
B. The S3 object key and the encryption key 
C. The S3 object key and the Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) key 
D. The S3 object key and a randomly salted Hash-based Message Authentication Code (HMAC) value of the encryption key



Question # 43

A developer is writing an application that will run on Amazon EC2 instances in an Auto Scaling group. The developer wants to externalize the session state to support the application. Miich AWS services or resources can the developer use to meet these requirements? (Select TWO.) A. Amazon DynamoDB 

B. Amazon Cognito
C. Amazon ElastiCache 
D. Application Load Balancer 
E. Amazon Simple Queue Service (Amazon SQS) 



What Our Client Says