You have an environment that consists of a public subnet using Amazon VPC and 3 instances that are running in this subnet. These three instances can successfully communicate with other hosts on the Internet. You launch a fourth instance in the same subnet, using the same AMI and security group configuration you used for the others, but find that this instance cannot be accessed from the Internet.
What should you do to enable internet access?
A. Deploy a NAT instance into the public subnet.
B. Modify the routing table for the public subnet
C. Configure a publically routable IP Address In the host OS of the fourth instance.
D. Assign an Elastic IP address to the fourth instance.
A company is using Amazon API Gateway to manage access to a set of microservices implemented as AWS
Lambda functions. Following a bug report, the company makes a minor breaking change to one of the APIs.
In order to avoid impacting existing clients when the new API is deployed, the company wants to allow clients six months to migrate from v1 to v2.
Which approach should the Developer use to handle this change?
A. Update the underlying Lambda function and provide clients with the new Lambda invocation URL.
B. Use API Gateway to automatically propagate the change to clients, specifying 180 days in the phased deployment parameter.
C. Use API Gateway to deploy a new stage named v2 to the API and provide users with its URL.
D. Update the underlying Lambda function, create an Amazon CloudFront distribution with the updated Lambda function as its origin.
A nightly batch job loads 1 million new records into a DynamoDB table. The records are only needed for one hour, and the table needs to be empty by the next night's batch job. Which is the MOST efficient and cost-effective method to provide an empty table?
A. Use DeleteItem using a ConditionExpression.
B. Use BatchWriteItem to empty all of the rows.
C. With a recursive function that scans and calls out DeleteItem.
D. Create and then delete the table after the task has completed.
A Developer is migrating existing applications to AWS. These applications use MongoDB as their primary data store, and they will be deployed to Amazon EC2 instances. Management requires that the Developer minimize changes to applications while using AWS services
Which solution should the Developer use to host MongoDB in AWS?
A. Install MongoDB on the same instance where the application is running
B. Deploy Amazon DocumentDB in MongoDB compatibility mode
C. Use Amazon API Gateway to translate API calls from MongoDB to Amazon DynamoDB.
D. Replicate the existing MongoDB workload to Amazon DynamoDB
An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C. What is the MOST secure way to allow the application to call AWS services in each audited account?
A. Configure cross-account roles in each audited account. Write code in Account A that assumes those roles
B. Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions
C. Deploy an application in each audited account with its own role. Have Account A authenticate with the application
D. Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys
A company developed a set of APIs that are being served through the Amazon API Gateway. The API calls need to be authenticated based on OpenID identity providers such as Amazon or Facebook. The APIs should allow access based on a custom authorization model.
Which is the simplest and MOST secure design to use to build an authentication and authorization model for the APIs?
A. Use Amazon Cognito user pools and a custom authorizer to authenticate and authorize users based on JSON Web Tokens.
B. Build a OpenID token broker with Amazon and Facebook. Users will authenticate with these identify providers and pass the JSON Web Token to the API to authenticate each API call.
C. Store user credentials in Amazon DynamoDB and have the application retrieve temporary credentials
D. from AWS STS. Make API calls by passing user credentials to the APIs for authentication and authorization.
E. Use Amazon RDS to store user credentials and pass them to the APIs for authentications and authorization.
While developing an application that runs on Amazon EC2 in an Amazon VPC, a Developer identifies the need for centralized storage of application-level logs. Which AWS service can be used to securely store these logs?
A. Amazon EC2 VPC Flow Logs
B. Amazon CloudWatch Logs
C. Amazon CloudSearch
D. AWS CloudTrail
A Developer is storing sensitive documents in Amazon S3 that will require encryption at rest. The encryption keys must be rotated annually, at least. What is the easiest way to achieve this?
A. Encrypt the data before sending it to Amazon S3
B. Import a custom key into AWS KMS with annual rotation enabled
C. Use AWS KMS with automatic key rotation
D. Export a key from AWS KMS to encrypt the data
An application uses Lambda functions to extract metadata from files uploaded to an S3 bucket; the metadata is stored in Amazon DynamoDB. The application starts behaving unexpectedly, and the Developer wants to examine the logs of the Lambda function code for errors.
Based on this system configuration, where would the Developer find the logs?
A. Amazon S3
B. AWS CloudTrail
C. Amazon CloudWatch
D. Amazon DynamoDB
What happens, by default, when one of the resources in a CloudFormation stack cannot be created?
A. Previously-created resources are kept but the stack creation terminates.
B. Previously-created resources are deleted and the stack creation terminates.
C. The stack creation continues, and the final results indicate which steps failed.
D. CloudFormation templates are parsed in advance so stack creation is guaranteed to succeed.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DVA-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.