An organization is storing large files in Amazon S3, and is writing a web application to display meta-data about the files to end-users. Based on the metadata a user selects an object to download. The organization needs a mechanism to index the files and provide single-digit millisecond latency retrieval for the metadata.
What AWS service should be used to accomplish this?

A. Amazon DynamoDB
B. Amazon EC2
C. AWS Lambda
D. Amazon RDS

An application under development is required to store hundreds of video files. The data must be encrypted within the application prior to storage, with a unique key for each video file.
How should the Developer code the application?

A. Use the KMS Encrypt API to encrypt the data. Store the encrypted data key and data.
B. Use a cryptography library to generate an encryption key for the application. Use the encryption key to encrypt the data. Store the encrypted data.
C. Use the KMS GenerateDataKey API to get a data key. Encrypt the data with the data key. Store the encrypted data key and data.
D. Upload the data to an S3 bucket using server side-encryption with an AWS KMS key.

A company has an Amazon S3 bucket containing premier content that it intends to make available to only paid subscribers of its website. The S3 bucket currently has default permissions of all objects being private to prevent inadvertent exposure of the premier content to non-paying website visitors.
How can the company limit the ability to download a premier content file in the S3 bucket to paid subscribers only?

A. Apply a bucket policy that allows anonymous users to download the content from the S3 bucket.
B. Generate a pre-signed object URL for the premier content file when a paid subscriber requests a download.
C. Add a bucket policy that requires multi-factor authentication for requests to access the S3 bucket objects.
D. Enable server-side encryption on the S3 bucket for data protection against the non-paying website visitors.

A developer is developing an application that uses signed requests (Signature Version 4) to call other AWS services. The developer has created a canonical request, has created the string to sign, and has calculated signing information.
Which methods could the developer use to complete a signed request? (Choose two.)

A. Add the signature to an HTTP header that is named Authorization
B. Add the signature to a session cookie
C. Add the signature to an HTTP header that is named Authentication
D. Add the signature to a query string parameter that is named X-Amz-Signature
E. Add the signature to an HTTP header that is named WWW-Authenticate

A developer must build a mobile application that allows users to read and write data from an Amazon DynamoDB table to store user state for each unique user. The solution needs to limit data access to allow users access only to their own data.
Which solution below is the most secure?

A. Embed AWS access credentials into the application and create DynamoDB queries that limit user access.
B. Use Amazon Cognito identity pools to assign unique identifiers and provide user access.
C. Modify the DynamoDB table to allow public read and writes, then add client-side filtering.
D. Create a web portal for users to create an account on AWS Directory Service.

A software engineer developed an AWS Lambda function in Node.js to do some CPU-intensive data processing. With the default settings, the Lambda function takes about 5 minutes to complete.
Which approach should a developer take to increase the speed of completion?

A. Instead of using Node.js. rewrite the Lambda function using Python.
B. Instead of packaging the libraries in the ZIP file with the function, move them to a Lambda layer and use the layer with the function.
C. Allocate the maximum available CPU units to the function.
D. Increase the available memory to the function.

In a move toward using microservices, a company's management team has asked all development teams to build their services so that API requests depend only on that service's data store. One team is building a Payments service which has its own database; the service needs data that originates in the Accounts database.
Both are using Amazon DynamoDB.
What approach will result in the simplest, decoupled, and reliable method to get near-real time updates from the Accounts database?

A. Use Amazon Glue to perform frequent ETL updates from the Accounts database to the Payments database.
B. Use Amazon ElastiCache in Payments, with the cache updated by triggers in the Accounts database.
C. Use Amazon Kinesis Data Firehose to deliver all changes from the Accounts database to the Payments database.
D. Use Amazon DynamoDB Streams to deliver all changes from the Accounts database to the Payments database.

A software company must ensure that documents that are uploaded by users are securely stored in Amazon S3. The documents must be encrypted at rest in Amazon S3. The company wants to avoid client-side encryption and does not want to manage the security infrastructure. In addition, the company wants control over the keys that are used for encryption at rest.
Which solution for encryption keys should a developer use to meet these requirements?

A. Amazon S3 managed keys
B. Application-level encryption with customer-provided encryption keys that are stored in an on-premises hardware security module (HSM)
C. AWS Key Management Service (AWS KMS) customer managed keys
D. IAM access keys

A development team sets up a project's file directory structure in AWS CodeCommit. The team plans to use AWS CodeBuild and AWS CodeDeploy. The team creates the necessary configuration files for CodeBuild and CodeDeploy. The team wants to name and place these files according to service defaults.
Where should the team place the CodeBuild and CodeDeploy files?

A. A directory named "aws" under the route source directory
B. A directory named "deploy" under the root source directory
C. A directory named "scripts" under the root source directory
D. The root of the source directory

A developer is writing an application that runs on Amazon EC2 instances in an Auto Scaling group The application data is stored in an Amazon DynamoDB table and records are constantly updated by all instances.
An instance sometimes retrieves old data. The developer wants to correct this by making sure the reads are strongly consistent.
How can the developer accomplish this?

A. Set ConsistentRead to true when calling GetItem.
B. Create a new DynamoDB Accelerator (DAX) table
C. Set Consistency to strong when calling UpdateTable.
D. Use the GetShardIterator command.