Amazon DVA-C01 Certification Practice Questions & Answers

Question 6 of 443

A developer is configuring an Amazon CloudFront distribution for a new application to provide encryption in transit. The application is running in the eu-west-1

Region. The developer creates a new certificate in AWS Certificate Manager (ACM) in eu-west-1, but the certificate is not visible in the CloudFront distribution settings.

What should the developer do to fix this problem?

A.

Create the certificate for the domain in the same Region as the application. Ensure that the alternate domain name (CNAME) in the distribution settings matches the domain name in the certificate.

B.

Create the certificate in the eu-west-1 Region. Ensure that the alternate domain name (CNAME) in the distribution settings matches the domain name in the certificate.

C.

Recreate the CloudFront distribution in the same Region as the certificate.

D.

Specify the ACM certificate name as the default root object of the CloudFront distribution.

Question 7 of 443

A developer is building an application that runs behind an Application Load Balancer (ALB). The ALB is configured as the origin for an Amazon CloudFront distribution. Users will log in to the application by using their social media accounts.

How can the developer authenticate users?

A.

Validate the users by inspecting the tokens in an AWS Lambda authorizer on the ALB.

B.

Configure the ALB to use Amazon Cognito as one of the authentication providers.

C.

Configure CloudFront to use Amazon Cognito as one of the authentication providers.

D.

Validate the users by calling the Amazon Cognito API in an AWS Lambda authorizer on the ALB.

Question 8 of 443

A company has an application that analyzes photographs. A developer is preparing the application for deployment to Amazon EC2 instances. The application's image analysis functions require a mix of GPU instances and CPU instances that run on Amazon Linux. The developer needs to add code to the application so that the functions can determine whether they are running on a GPU instance.

What should the functions do to obtain this information?

A.

Call the DescribeInstances API operation and filter on the current instance ID. Examine the ElasticGpuAssociations property.

B.

Evaluate the GPU AVAILABLE environment variable.

C.

Call the DescribeElasticGpus API operation.

D.

Retrieve the instance type from the instance metadata.

Question 9 of 443

A company has an application that uses Amazon Cognito user pools as an identity provider. The company must secure access to user records. The company has set up multi-factor authentication (MFA). The company also wants to send a login activity notification by email every time a user logs in.

What is the MOST operationally efficient solution that meets this requirement?

A.

Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon API Gateway API to invoke the function. Call the API from the client side when login confirmation is received.

B.

Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon Cognito post authentication Lambda trigger for the function.

C.

Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Create an Amazon CloudWatch Logs log subscription filter to invoke the function based on the login status.

D.

Configure Amazon Cognito to stream all logs to Amazon Kinesis Data Firehose. Create an AWS Lambda function to process the streamed logs and to send the email notification based on the login status of each user.

Question 10 of 443

A company hosts a three-tier web application on AWS behind an Amazon CloudFront distribution. A developer wants a dashboard to monitor error rates and anomalies of the CloudFront distribution with the shortest possible refresh interval.

Which combination of slops should the developer take to meet these requirements? (Choose two.)

A.

Activate real-time logs on the CloudFront distribution. Create a stream in Amazon Kinesis Data Streams.

B.

Export the CloudFront logs to an Amazon S3 bucket. Detect anomalies and error rates with Amazon QuickSight.

C.

Configure Amazon Kinesis Data Streams to deliver logs to Amazon OpenSearch Service (Amazon Elasticsearch Service). Create a dashboard in OpenSearch Dashboards (Kibana).

D.

Create Amazon CloudWatch alarms based on expected values of selected CloudWatch metrics to detect anomalies and errors.

E.

Design an Amazon CloudWatch dashboard of the selected CloudFront distribution metrics.