AWS Certified Developer Associate DVA-C01 – Question080

A Developer will be using the AWS CLI on a local development server to manage AWS services. What can be done to ensure that the CLI uses the Developer’s IAM permissions when making commands?

A.
Specify the Developer’s IAM access key ID and secret access key as parameters for each CLI command.
B. Run the aws configureCLI command, and provide the Developer’s IAM access key ID and secret access key.
C. Specify the Developer’s IAM user name and password as parameters for each CLI command.
D. Use the Developer’s IAM role when making the CLI command.

AWS Certified Developer Associate DVA-C01 – Question079

A Developer needs to use AWS X-Ray to monitor an application that is deployed on EC2 instances. What steps have to be executed to perform the monitoring?

A.
Deploy the X-Ray SDK with the application and use X-Ray annotation.
B. Install the X-Ray daemon and instrument the application code.
C. Install the X-Ray daemon and configure it to forward data to Amazon CloudWatch Events.
D. Deploy the X-Ray SDK with the application and instrument the application code.

Correct Answer: A

Explanation:

AWS Certified Developer Associate DVA-C01 – Question078

An application is real-time processing millions of events that are received through an API. What service could be used to allow multiple consumers to process the data concurrently and MOST cost-effectively?

A.
Amazon SNS with fanout to an SQS queue for each application
B. Amazon SNS with fanout to an SQS FIFO (first-in, firtst-out) queue for each application
C. Amazon Kinesis Firehouse
D. Amazon Kinesis Streams

Correct Answer: D

Explanation:

AWS Certified Developer Associate DVA-C01 – Question077

A Developer is creating a mobile application with a limited budget. The solution requires a scalable service that will enable customers to sign up and authenticate into the mobile application while using the organization’s current SAML 2.0 identity provider.
Which AWS service should be used to meet these requirements?

A.
AWS Lambda
B. Amazon Cognito
C. AWS IAM
D. Amazon EC2

Correct Answer: B

AWS Certified Developer Associate DVA-C01 – Question076

The Developer for a retail company must integrate a fraud detection solution into the order processing solution. The fraud detection solution takes between ten and thirty minutes to verify an order. At peak, the web site can receive one hundred orders per minute.
What is the most scalable method to add the fraud detection solution to the order processing pipeline?

A.
Add all new orders to an Amazon SQS queue. Configure a fleet of 10 EC2 instances spanning multiple AZs with the fraud detection solution installed on them to pull orders from this queue. Update the order with a pass or fails status.
B. Add all new orders to an SQS queue. Configure an Auto Scaling group that uses the queue depth metric as its unit of scale to launch a dynamically-sized fleet of EC2 instances spanning multiple AZs with the fraud detection solution installed on them to pull orders from this queue. Update the order with a pass or fails status.
C. Add all new orders to an Amazon Kinesis Stream. Subscribe a Lambda function to automatically read batches of records from the Kinesis Stream. The Lambda function includes the fraud detection software and will update the order with a pass or fail status.
D. Write all new orders to Amazon DynamoDB. Configure DynamoDB Streams to include all new orders. Subscribe a Lambda function to automatically read batches of records from the Kinesis Stream. The Lambda function includes the fraud detection software and will update the order with a pass or fail status.

Correct Answer: D

AWS Certified Developer Associate DVA-C01 – Question075

A Lambda function is packaged for deployment to multiple environments, including development, test, production, etc. Each environment has unique set of resources such as databases, etc.
How can the Lambda function use the resources for the current environment?

A.
Apply tags to the Lambda functions.
B. Hardcore resources in the source code.
C. Use environment variables for the Lambda functions.
D. Use separate function for development and production.

Correct Answer: C

AWS Certified Developer Associate DVA-C01 – Question074

When a Developer tries to run an AWS CodeBuild project, it raises an error because the length of all environment variables exceeds the limit for the combined maximum of characters.
What is the recommended solution?

A.
Add the exportLC_ALL=“en_US.utf8”command to the pre_build section to ensure POSIX localization.
B. Use Amazon Cognito to store key-value pairs for large numbers of environment variables.
C. Update the settings for the build project to use an Amazon S3 bucket for large numbers of environment variables.
D. Use AWS Systems Manager Parameter Store to store large numbers of environment variables.

AWS Certified Developer Associate DVA-C01 – Question073

A company needs to encrypt data at rest, but it wants to leverage an AWS managed service using its own master key.
Which of the following AWS service can be used to meet these requirements?

A.
SSE with Amazon S3
B. SSE with AWS KMS
C. Client-side encryption
D. AWS IAM roles and policies

Correct Answer: B

AWS Certified Developer Associate DVA-C01 – Question072

A company is developing a new online game that will run on top of Amazon ECS. Four distinct Amazon ECS services will be part of the architecture, each requiring specific permissions to various AWS services. The company wants to optimize the use of the underlying Amazon EC2 instances by bin packing the containers based on memory reservation.
Which configuration would allow the Development team to meet these requirements MOST securely?

A.
Create a new Identity and Access Management (IAM) instance profile containing the required permissions for the various ECS services, then associate that instance role with the underlying EC2 instances.
B. Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then configure each ECS service to reference the associated IAM role.
C. Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then, create an IAM group and configure the ECS cluster to reference that group.
D. Create four distinct IAM roles, each containing the required permissions for the associated ECS service, then configure each ECS task definition to referenсe the associated IAM role.

Correct Answer: C

AWS Certified Developer Associate DVA-C01 – Question071

An application running on EC2 instances is storing data in an S3 bucket. Security policy mandates that all data must be encrypted in transit.
How can the Developer ensure that all traffic to the S3 bucket is encrypted?

A.
Install certificates on the EC2 instances.
B. Create a bucket policy that allows traffic where SecureTransport is true.
C. Create an HTTPS redirect on the EC2 instances.
D. Create a bucket policy that denies traffic where SecureTransport is false.

Correct Answer: B