Question 6 of 404

A developer is creating an AWS CloudFormation template to deploy Amazon EC2 instances across multiple AWS accounts. The developer must choose the EC2 instances from a list of approved instance types.

How can the developer incorporate the list of approved instance types in the CloudFormation template?

    Correct Answer: D

    To incorporate a list of approved EC2 instance types in the CloudFormation template, the developer should create a parameter with AllowedValues that includes the list of approved instance types. This allows users to select from the pre-approved instance types when launching the CloudFormation stack, ensuring compliance and simplifying the template management by restricting the instance types to the predefined list.

Question 7 of 404

A developer has an application that makes batch requests directly to Amazon DynamoDB by using the BatchGetItem low-level API operation. The responses frequently return values in the UnprocessedKeys element.

Which actions should the developer take to increase the resiliency of the application when the batch response includes values in UnprocessedKeys? (Choose two.)

    Correct Answer: BD

    To increase the resiliency of the application when the batch response includes values in UnprocessedKeys, the developer should implement a retry mechanism with exponential backoff and randomized delay. This approach helps prevent overwhelming the system with repeated immediate requests and increases the likelihood of successful retries during transient issues. Additionally, increasing the provisioned read capacity of the DynamoDB tables being accessed can help reduce the frequency of unprocessed keys by ensuring that there is sufficient read capacity to handle the requests.

Question 8 of 404

A company is running a custom application on a set of on-premises Linux servers that are accessed using Amazon API Gateway. AWS X-Ray tracing has been enabled on the API test stage.

How can a developer enable X-Ray tracing on the on-premises servers with the LEAST amount of configuration?

    Correct Answer: B

    The X-Ray daemon is designed to collect and relay trace data to the X-Ray service with minimal configuration. By installing and running the X-Ray daemon on the on-premises servers, you enable the servers to capture data and relay it directly to AWS X-Ray. This is the least complex method compared to other options that require additional configuration or development effort, like setting up AWS Lambda functions or using the X-Ray SDK, which would need more detailed implementation steps.

Question 9 of 404

A company wants to share information with a third party. The third party has an HTTP API endpoint that the company can use to share the information. The company has the required API key to access the HTTP API.

The company needs a way to manage the API key by using code. The integration of the API key with the application code cannot affect application performance.

Which solution will meet these requirements MOST securely?

    Correct Answer: A

    Storing the API credentials in AWS Secrets Manager is the most secure and practical solution. AWS Secrets Manager provides a secure way to manage and retrieve sensitive information, like API keys, without hardcoding them in the source code or storing them in less secure locations. By using AWS SDK to retrieve the credentials at runtime, the application can maintain strong security without compromising performance.

Question 10 of 404

A developer is deploying a new application to Amazon Elastic Container Service (Amazon ECS). The developer needs to securely store and retrieve different types of variables. These variables include authentication information for a remote API, the URL for the API, and credentials. The authentication information and API URL must be available to all current and future deployed versions of the application across development, testing, and production environments.

How should the developer retrieve the variables with the FEWEST application changes?

    Correct Answer: A

    The developer should use AWS Systems Manager Parameter Store to securely store and manage configuration data such as API URLs. This allows the application to retrieve these variables without hardcoding them, ensuring that the configuration can be easily updated without changing the application itself. Additionally, storing sensitive credentials in AWS Secrets Manager provides enhanced security since Secrets Manager is specifically designed to manage sensitive information like credentials. This approach minimizes application changes while ensuring secure and organized management of all required variables across different environments.