A company built an online event platform. For each event, the company organizes quizzes and generates leaderboards that are based on the quiz scores. The company stores the leaderboard data in Amazon DynamoDB and retains the data
for 30 days after an event is complete. The company then uses a scheduled job to delete the old leaderboard data.
The DynamoDB table is configured with a fixed write capacity. During the months when many events occur, the DynamoDB write API requests are throttled when the scheduled delete job runs.
A developer must create a long-term solution that deletes the old leaderboard data and optimizes write throughput.
Which solution meets these requirements?
A. Configure a TTL attribute for the leaderboard data.
B. Use DynamoDB Streams to schedule and delete the leaderboard data.
C. Use AWS Step Functions to schedule and delete the leaderboard data.
D. Set a higher write capacity when the scheduled delete job runs.
A company has a REST application that consists of an Amazon API Gateway API and several AWS Lambda functions. A developer is responding to an alert that the API Gateway API's HTTP response error rate has unexpectedly increased. The developer must determine which Lambda function is malfunctioning and must make the determination as quickly as possible.
Which solution will meet these requirements?
A. Implement error handling in the functions to write error logs to the AWS X-Ray API. Use the X-Ray console to query the logs.
B. Enable Amazon CloudWatch Logs and detailed CloudWatch metrics. Use CloudWatch Logs Insights to query the API Gateway logs.
C. Download the API Gateway logs and Lambda invocation logs from Amazon S3. Perform a line-by-line search against them.
D. Export the API Gateway logs and Lambda invocation logs from Amazon EventBridge (Amazon CloudWatch Events) and Amazon CloudWatch Logs. Perform a line-by-line search against them.
A developer has written an application that writes data to Amazon DynamoDB. The DynamoDB table has been configured to use conditional writes. During peak usage times, writes are failing due to a ConditionalCheckFailedException error. How can the developer increase the application's reliability when multiple clients are attempting to write to the same record?
A. Write data to an Amazon SNS topic.
B. Increase the amount of write capacity for the table to anticipate short-term spikes or bursts in write operations.
C. Implement a caching solution, such as DynamoDB Accelerator or Amazon ElastiCache.
D. Implement error retries and exponential backoff with jitter.
A company is hosting a workshop for external users and wants to share the reference documents with the external users for 7 days. The company stores the reference documents in an Amazon S3 bucket that the company owns. What is the MOST secure way to share the documents with the external users?
A. Use S3 presigned URLs to share the documents with the external users. Set an expiration time of 7 days.
B. Move the documents to an Amazon WorkDocs folder. Share the links of the WorkDocs folder with the external users.
C. Create temporary IAM users that have read-only access to the S3 bucket. Share the access keys with the external users. Expire the credentials after 7 days.
D. Create a role that has read-only access to the S3 bucket. Share the Amazon Resource Name (ARN) of this role with the external users.
A company runs a traditional three-tier application, including its NoSQL database, on Amazon EC2 instances in a VPC. The company wants to migrate the database to Amazon DynamoDB.
During testing, a developer notices that the application on the EC2 instances cannot write data to the DynamoDB table. The developer needs to grant the application write access to the DynamoDB table in a secure manner.
Which combination of actions will meet these requirements? (Choose two.)
A. Create a gateway VPC endpoint for DynamoDB. Specify the VPC ID in the --vpc-id parameter.
B. Create an interface VPC endpoint for DynamoDB. Specify the VPC ID in the --vpc-id parameter.
C. Create an IAM user that allows write access to the DynamoDB table. Add the user to the EC2 Instances.
D. Create an IAM role that allows write access to the DynamoDB table. Add the role to the EC2 instances.
E. Create an IAM group that allows write access to the DynamoDB table. Add the group to the EC2 instances.
The developer is creating a web application that collects highly regulated and confidential user data through a POST request. The web application is served through Amazon CloudFront. User names and phone numbers must be encrypted at the edge and must remain encrypted throughout the entire application stack.
What is the MOST secure way to meet these requirements?
A. Enforce Match Viewer with HTTPS Only on CloudFront.
B. Use only the newest TLS security policy on CloudFront.
C. Enforce a signed URL on CloudFront on the front end.
D. Use field-level encryption on CloudFront.
A developer is writing code for an AWS Lambda function. The function will be used as a Lambda authorizer so that Amazon API Gateway can control access to a specific API. What should this code return in addition to the principal identifier upon successful authentication?
A. An HTTP response status code of 200 that indicates successful completion
B. An integer 0 that indicates successful completion
C. The Amazon Resource Name (ARN) of an IAM role that will be assumed for authentication
D. A policy document with desired permissions
A company is serving private media content on Amazon S3 by using an Amazon CloudFront distribution. A developer needs to secure the media content with the signed URL. What should the developer do to meet this requirement?
A. Use an access Key and a secret access key to generate an S3 presigned URL. Replace the S3 hostname with a CloudFront distribution name in the URL.
B. Create an SSH-2 RSA key pair. Upload the public key to CloudFront, and assign the public key to a trusted signer. Use a public key and key ID to sign the CloudFront URL.
C. Create an SSH-2 DSA key pair. Upload the public key to CloudFront, and assign the public key to a trusted signer. Use a private key and key ID to sign the CloudFront URL.
D. Create an SSH-2 RSA key pair. Upload the public key to CloudFront, and assign the public key to a trusted signer. Use a private key and key ID to sign the CloudFront URL.
A developer is creating an AWS Serverless Application Model (AWS SAM) template. The AWS SAM template contains the definition of multiple AWS Lambda functions, an Amazon S3 bucket, and an Amazon CloudFront distribution. One of
the Lambda functions runs on Lambda@Edge in the CloudFront distribution. The S3 bucket is configured as an origin for the CloudFront distribution.
When the developer deploys the AWS SAM template in the eu-west-1 Region, the creation of the stack fails.
What could have caused this issue?
A. CloudFront distributions can be created only in the us-east-1 Region.
B. Lambda@Edge functions can be created only in the us-east-1 Region.
C. A single AWS SAM template cannot contain multiple Lambda functions.
D. The CloudFront distribution and the S3 bucket cannot be created in the same Region.
A company manages a website that runs on Amazon EC2 instances behind an Elastic Load Balancer. The EC2 Instances are CPU-constrained. The company's engineering team needs to secure the inbound internet traffic. Which combination of steps will meet these requirements? (Choose two.)
A. Configure th
B. Configure SSL certificates on the Elastic Load Balancer.
C. Configure the Elastic Load Balancer with a Loadable Storage System.
D. Install SSL certificates on the EC2 instances.
E. Configure the Elastic Load Balancer with SSL termination.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DVA-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.