An application uses an Amazon CloudFront distribution to deliver static content from Amazon S3 buckets that are set up in multiple AWS Regions around the world. A developer receives reports of problems with latency when cached content is updated.
The developer plans to address this problem by redirecting requests on cache misses to the S3 bucket in the Region that is nearest to the user's country. The developer configures the distribution to cache based on the CloudFront-Viewer-Country request header.
What should the developer do next to redirect requests on cache misses?

A. Create a CloudFront function to redirect requests based on the value of the CloudFront-Viewer-Country header. Associate the CloudFront function with the distribution's origin request event.
B. Create a Lambda@Edge function to redirect requests based on the value of the CloudFront-Viewer-Country header. Associate the Lambda@Edge function with the distribution's origin request event.
C. Create a Lambda@Edge function to redirect requests based on the value of the CloudFront-Viewer-Country header. Associate the Lambda@Edge function with the distribution's viewer request event.
D. Create a CloudFront function to redirect requests based on the value of the CloudFront-Viewer-Country header. Associate the CloudFront function with the distribution's viewer request event.

A development team uses AWS CodeBuild for build and test activities in a PHP application. The build process requires the team to download and install three PHP packages from the internet. The install section of the buildspec.yml file includes commands to download and install these three packages. The team wants to reduce build time.
Which solution will reduce build time the MOST?

A. Download the package files from the internet. Upload the package files into an Amazon S3 bucket. Change the buildspec's install section to use the S3 bucket as the download location.
B. Define a VPC endpoint for CodeBuild. Install the package files on an Amazon EC2 instance in the VPC. Change the buildspec's install section to use the EC2 instance as the download location.
C. Run the build on Jenkins by using the Jenkins plugin for CodeBuild. Pre-install the packages on the Jenkins server once. Remove the install commands from the buildspec.
D. Create a custom CodeBuild image with the package files already downloaded and installed. Alter the CodeBuild project to use the custom image. Remove the install commands from the buildspec.

A Development team wants to instrument their code to provide more detailed information to AWS X-Ray than simple outgoing and incoming requests. This will generate large amounts of data, so the Development team wants to implement indexing so they can filter the data.
What should the Development team do to achieve this?

A. Add annotations to the segment document and the code
B. Add metadata to the segment document and the code
C. Configure the necessary X-Ray environment variables
D. Install required plugins for the appropriate AWS SDK

An AWS Elastic Beanstalk application needs to be deployed in multiple regions and requires a different Amazon Machine Image (AMI) in each region.
Which AWS CloudFormation template key can be used to specify the correct AMI for each region?

A. Parameters
B. Outputs
C. Mappings
D. Resources

A development team uses AWS CodeDeploy to deploy software changes to Amazon EC2 instances. The deployments begin to fail. The team traces the problem to a specific EC2 instance. The CodeDeploy agent's log file contains the following error message:
InvalidSignatureException Signature expired: |time| is now earlier than |time|
What is the underlying cause of this issue?

A. The development team signed the CodeDeploy revision after the team created the deployment.
B. The development team signed the CodeDeploy revision with a key that was not valid.
C. The deployment did not finish within the specified time frame.
D. The date setting or the time setting on the EC2 instance is not correct.

A developer is building an application that supports multiple languages. The directory structure and file names for all versions of the website are identical. When a user views the website, the preferred language is added as a query string parameter. The following is an example of the URL: http://d111111abcdef2.doudfront.net/main.html?language=de.
The query string is passed to Amazon CloudFront. No matter which language the developer selects, the English page is returned. If the developer accesses the website directly and bypasses CloudFront. the page works as expected
What should the developer do so that the content of the page matches the language that the developer selects?

A. Create a new CloudFront origin request policy. Set the query string option to All. Update the CloudFront distribution to use the new cache policy.
B. Create a new CloudFront cache policy. Set the minimum and maximum TTL to 1 hour. Update the CloudFront distribution to use the new cache policy.
C. Create a new CloudFront cache policy. Set the query string option to None. Update the CloudFront distribution to use the new cache policy.
D. Create a new CloudFront cache policy. Set the query string option to Whitelist, and include the language string. Update the CloudFront distribution to use the new cache policy.

A company has a two-tier application that consists of a frontend application and an Amazon RDS for MySQL database. The frontend application retrieves data from the database. The data consists of postal codes and their associated geographic coordinates The application performs many more database reads than writes. The application retrieves each postal code from the database thousands of times each day.
A developer must improve the performance of the application to decrease latency.
Which change should the developer make to the application to meet these requirements?

A. Modify the application to use a lazy loading caching strategy with a small TTL value.
B. Modify the application to use a write-behind caching strategy.
C. Modify the application to use a write-through caching strategy.
D. Modify the application to use a lazy loading caching strategy with a large TTL value.

A company is using Amazon OpenSearch Service to implement an audit monitoring system. A developer needs to create an AWS CloudFormation custom resource that is associated with an AWS Lambda function to configure the OpenSearch Service domain. The Lambda function must access the OpenSearch Service domain by using OpenSearch Service internal master user credentials.
What is the MOST secure way to pass these credentials to the Lambda function?

A. Use a CloudFormation parameter to pass the master user credentials at deployment to the OpenSearch Service domain's MasterUserOptions and the Lambda function's environment variable. Set the NoEcho attribute to true.
B. Use a CloudFormation parameter to pass the master user credentials at deployment to the OpenSearch Service domain's MasterUserOptions and to create a parameter in AWS Systems Manager Parameter Store. Set the NoEcho attribute to true. Create an IAM role that has the ssm GetParameter permission. Assign the role to the Lambda function. Store the parameter name as the Lambda function's environment variable. Resolve the parameter's value at runtime
C. Use a CloudFormation parameter to pass the master user credentials at deployment to the OpenSearch Service domain's MasterUserOptions and the Lambda function's environment variable. Encrypt the parameter's value by using the AWS Key Management Service (AWS KMS) encrypt command.
D. Use CloudFormation to create an AWS Secrets Manager secret. Use a CloudFormation dynamic reference to retrieve the secret's value for the OpenSearch Service domain's MasterUserOptions. Create an IAM role that has the secretsmanager:GetSecretValue permission. Assign the role to the Lambda function. Store the secret's name as the Lambda function's environment variable. Resolve the secret's value at runtime.

A developer is working on a serverless application that needs to process any changes to an Amazon DynamoDB table with an AWS Lambda function.
How should the developer configure the Lambda function to detect changes to the DynamoDB table?

A. Create an Amazon Kinesis data stream, and attach it to the DynamoDB table. Create a trigger to connect the data stream to the Lambda function.
B. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to invoke the Lambda function on a regular schedule. Connect to the DynamoDB table from the Lambda function to detect changes.
C. Enable DynamoDB Streams on the table. Create a trigger to connect the DynamoDB stream to the Lambda function.
D. Create an Amazon Kinesis Data Firehose delivery stream, and attach it to the DynamoDB table. Configure the delivery stream destination as the Lambda function.

An open-source map application gathers data from several geolocation APIs. The application's source code repository is public and can be used by anyone, but the geolocation APIs must not be directly accessible.
A developer must implement a solution to prevent the credentials that are used to access the APIs from becoming public. The solution also must ensure that the application still functions properly.
Which solution will meet these requirements MOST cost-effectively?

A. Store the credentials in AWS Secrets Manager. Retrieve the credentials by using the GetSecretValue API operation.
B. Store the credentials in AWS Key Management Service (AWS KMS). Retrieve the credentials by using the GetPublicKey API operation.
C. Store the credentials in AWS Security Token Service (AWS STS). Retrieve the credentials by using the GetCallerldentity API operation.
D. Store the credentials in AWS Systems Manager Parameter Store. Retrieve the credentials by using the GetParameter API operation.