A company maintains an application that uses an Amazon RDS DB instance for its database. A developer needs to implement encryption at rest for the database. Which combination of steps should the developer take to meet this requirement? (Choose two.)
A. Enable encryption on the DB instance in the AWS Management Console.
B. Stop the DB instance.
C. Restore the DB instance from the encrypted snapshot.
D. Take a snapshot of the DB instance, and create an encrypted copy of the snapshot.
E. Create a customer managed key in AWS Key Management Service (AWS KMS).
A company is using an AWS Lambda function to process records from an Amazon Kinesis data stream. The company recently observed slow processing of the records. A developer notices that the iterator age metric for the function is increasing and that the Lambda run duration is constantly above normal.
Which actions should the developer take to increase the processing speed? (Choose two.)
A. Increase the number of shards of the Kinesis data stream.
B. Decrease the timeout of the Lambda function.
C. Increase the memory that is allocated to the Lambda function.
D. Decrease the number of shards of the Kinesis data stream.
E. Increase the timeout of the Lambda function.
A developer is building a highly secure healthcare application using serverless components. This application requires writing temporary data to /tmp storage on an AWS Lambda function. How should the developer encrypt this data?
A. Enable Amazon EBS volume encryption with an AWS KMS CMK in the Lambda function configuration so that all storage attached to the Lambda function is encrypted.
B. Set up the Lambda function with a role and key policy to access an AWS KMS CMK. Use the CMK to generate a data key used to encrypt all data prior to writing to /tmp storage.
C. Use OpenSSL to generate a symmetric encryption key on Lambda startup. Use this key to encrypt the data prior to writing to /tmp storage.
D. Use an on-premises hardware security module (HSM) to generate keys, where the Lambda function requests a data key from the HSM and uses that to encrypt data on all requests to the function.
An application that is deployed to Amazon EC2 is using Amazon DynamoDB. The application calls the DynamoDB REST API. Periodically, the application receives a ProvisionedThroughputExceededException error when the application writes to a DynamoDB table.
Which solutions will mitigate this error MOST cost-effectively? (Choose two.)
A. Modify the application code to perform exponential backoff when the error is received.
B. Modify the application to use the AWS SDKs for DynamoDB.
C. Increase the read and write throughput of the DynamoDB table.
D. Create a DynamoDB Accelerator (DAX) cluster for the DynamoDB table.
E. Create a second DynamoDB table. Distribute the reads and writes between two tables.
An organization is using Amazon API Gateway to provide a public API called “Survey” for collecting user feedback posts about its products. The survey API has “DEV” and “PROD” stages and consists of one resource “/feedback” which allows users to retrieve/create/update single feedback posts.
A version-controlled Swagger file is used to define a new API that retrieves multiple feedback posts. To add the new API resource “/listFeedbackForProduct” the developer makes changes to the Swagger file defining an API, uploads the file to the organization's version control system, and uses the API Gateway Import API feature to apply the changes to the Survey API. After successful import, the developer runs the tests against the DEV stage and finds that resource “/listFeedbackForProduct” is not available.
What is MOST likely the reason for resource not being available?
A. Even though the Swagger import was successful, resource creation failed afterwards.
B. There is a propagation delay of several minutes in creating API Gateway resources after import.
C. The developer needs to restart the API Gateway stage after import in order to apply the changes.
D. The developer needs to create a new deployment after import in order to deploy the changes.
A developer is troubleshooting the permissions of an application that needs to make changes to an Amazon RDS database. The developer has access to the IAM role that the application is using. Which command structure should the developer use to test the role permissions?
A. aws sts assume-role
B. aws iam attach-role-policy
C. aws ssm resume-session
D. aws rds add-role-to-db-cluster
A developer is building an application that processes a stream of user-supplied data. The data stream must be consumed by multiple Amazon EC2 based processing applications in parallel and in real time. Each processor must be able to resume without losing data if there is a service interruption. The Application Architect plans to add other processors in the near future, and wants to minimize the amount data duplication involved.
Which solution will satisfy these requirements?
A. Publish the data to Amazon SQS.
B. Publish the data to Amazon Kinesis Data Firehose.
C. Publish the data to Amazon CloudWatch Events.
D. Publish the data to Amazon Kinesis Data Streams.
A developer is storing JSON files in an Amazon S3 bucket. The developer wants to securely share an object with a specific group of people. How can the developer securely provide temporary access to the objects that are stored in the S3 bucket?
A. Set object retention on the files. Use the AWS software development kit (SDK) to restore the object before subsequent requests. Provide the bucket's S3 URL.
B. Use the AWS software development kit (SDK) to generate a presigned URL. Provide the presigned URL.
C. Set a bucket policy that restricts access after a period of time. Provide the bucket's S3 URL.
D. Configure static web hosting on the S3 bucket. Provide the bucket's web URL.
A developer has written a multi-threaded application that is running on a fleet of Amazon EC2 instances. The operations team has requested a graphical method to monitor the number of running threads over time. What is the MOST efficient way to fulfill this request?
A. Periodically send the thread count to AWS X-Ray segments, then generate a service graph on demand.
B. Create a custom Amazon CloudWatch metric and periodically perform a PutMetricData call with the current thread count.
C. Periodically log thread count data to Amazon S3. Use Amazon Kinesis to process the data into a graph.
D. Periodically write the current thread count to a table using Amazon DynamoDB and use Amazon CloudFront to create a graph.
A developer is creating an event handling system. To handle messages asynchronously, the developer created a standard Amazon SQS queue. Quality assurance testing reveals that some events were processed multiple times. What is the recommended way to ensure the events are not processed more than once?
A. Change long polling to short polling.
B. Use a FIFO queue and configure deduplication.
C. Convert the standard SQS queue into a FIFO queue.
D. Send the messages with message timers.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DVA-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.