AWS Certified Developer - Associate

Here you have the best Amazon DVA-C02 practice exam questions

  • You have 404 total questions to study from
  • Each page has 5 questions, making a total of 81 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 14, 2024
Question 1 of 404

A company is implementing an application on Amazon EC2 instances. The application needs to process incoming transactions. When the application detects a transaction that is not valid, the application must send a chat message to the company's support team. To send the message, the application needs to retrieve the access token to authenticate by using the chat API.

A developer needs to implement a solution to store the access token. The access token must be encrypted at rest and in transit. The access token must also be accessible from other AWS accounts.

Which solution will meet these requirements with the LEAST management overhead?

    Correct Answer: C

    The access token must be stored securely, both at rest and in transit, and it must be accessible from other AWS accounts with minimal management overhead. AWS Secrets Manager is designed specifically for managing secrets like access tokens and provides built-in encryption using AWS KMS. It also supports resource-based policies that allow access from other accounts, which aligns perfectly with the requirement. Additionally, Secrets Manager automates many aspects of secret management, including rotation, which reduces management overhead compared to other services. This makes AWS Secrets Manager the most appropriate choice.

Question 2 of 404

A company is running Amazon EC2 instances in multiple AWS accounts. A developer needs to implement an application that collects all the lifecycle events of the EC2 instances. The application needs to store the lifecycle events in a single Amazon Simple Queue Service (Amazon SQS) queue in the company's main AWS account for further processing.

Which solution will meet these requirements?

    Correct Answer: D

    The best solution is to configure the permissions on the main account's event bus to receive events from all accounts. An Amazon EventBridge rule should be created in each account to send all the EC2 instance lifecycle events to the main account's event bus. Then, within the main account's event bus, an EventBridge rule should be set up to match all EC2 instance lifecycle events and target the SQS queue. This approach leverages EventBridge’s cross-account event sharing capabilities, ensures centralization of event management, and does not introduce unnecessary complexity or inefficiency.

Question 3 of 404

An application is using Amazon Cognito user pools and identity pools for secure access. A developer wants to integrate the user-specific file upload and download features in the application with Amazon S3. The developer must ensure that the files are saved and retrieved in a secure manner and that users can access only their own files. The file sizes range from 3 KB to 300 MB.

Which option will meet these requirements with the HIGHEST level of security?

    Correct Answer: D

    To ensure that only authenticated users can access their own files using Amazon Cognito user pools and identity pools, and to maintain the highest level of security, utilizing IAM policies within the Amazon Cognito identity prefix is the optimal approach. By implementing this IAM policy, each user is restricted to accessing only their personalized folders in Amazon S3, ensuring file security and user-specific access control. This method leverages AWS's built-in security mechanisms, which are robust and reliable, to enforce strict access rules, thereby mitigating potential risks associated with custom-built solutions or additional overhead in managing external tables.

Question 4 of 404

A company is building a scalable data management solution by using AWS services to improve the speed and agility of development. The solution will ingest large volumes of data from various sources and will process this data through multiple business rules and transformations.

The solution requires business rules to run in sequence and to handle reprocessing of data if errors occur when the business rules run. The company needs the solution to be scalable and to require the least possible maintenance.

Which AWS service should the company use to manage and automate the orchestration of the data flows to meet these requirements?

    Correct Answer: B

    AWS Step Functions is the appropriate service for managing and automating the orchestration of data flows. It allows the execution of business rules in sequence and includes features for error handling and reprocessing of data. This service is designed to build scalable workflows with minimal maintenance, which aligns perfectly with the requirements.

Question 5 of 404

A developer has created an AWS Lambda function that is written in Python. The Lambda function reads data from objects in Amazon S3 and writes data to an Amazon DynamoDB table. The function is successfully invoked from an S3 event notification when an object is created. However, the function fails when it attempts to write to the DynamoDB table.

What is the MOST likely cause of this issue?

    Correct Answer: C

    The most likely cause of the issue is that the Lambda function does not have IAM permissions to write to DynamoDB. When AWS Lambda functions interact with other AWS services, appropriate IAM permissions are required. If the Lambda function is able to read from S3 but fails when writing to DynamoDB, it indicates that the function's IAM role may lack the necessary permissions for DynamoDB write operations.