Amazon DVA-C02 Online Practice
Questions and Exam Preparation
DVA-C02 Exam Details
Exam Code
:DVA-C02
Exam Name
:AWS Certified Developer - Associate (DVA-C02)
Certification
:Amazon Certifications
Vendor
:Amazon
Total Questions
:574 Q&As
Last Updated
:May 27, 2026
Amazon DVA-C02 Online Questions &
Answers
Question 211:
When a developer tries to run an AWS CodeBuild project, it raises an error because the length of all environment variables exceeds the limit for the combined maximum of characters.
What is the recommended solution?
A. Add the export LC_ALL="en_US.utf8" command to the pre_build section to ensure POSIX localization. B. Use Amazon Cognito to store key-value pairs for large numbers of environment variables. C. Update the settings for the build project to use an Amazon S3 bucket for large numbers of environment variables. D. Use AWS Systems Manager Parameter Store to store large numbers of environment variables.
D. Use AWS Systems Manager Parameter Store to store large numbers of environment variables.
Explanation
Question 212:
A company needs to deploy all its cloud resources by using AWS CloudFormation templates. A developer must create an Amazon Simple Notification Service (Amazon SNS) automatic notification to help enforce this rule. The developer creates an SNS topic and subscribes the email address of the company's security team to the SNS topic.
The security team must receive a notification immediately if an IAM role is created without the use of CloudFormation. Which solution will meet this requirement?
A. Create an AWS Lambda function to filter events from CloudTrail if a role was created without CloudFormation. Configure the Lambda function to publish to the SNS topic. Create an Amazon EventBridge schedule to invoke the Lambda function every 15 minutes. B. Create an AWS Fargate task in Amazon Elastic Container Service (Amazon ECS) to filter events from CloudTrail if a role was created without CloudFormation. Configure the Fargate task to publish to the SNS topic. Create an Amazon EventBridge schedule to run the Fargate task every 15 minutes. C. Launch an Amazon EC2 instance that includes a script to filter events from CloudTrail if a role was created without CloudFormation. Configure the script to publish to the SNS topic. Create a cron job to run the script on tile EC2 instance every 15 minutes. D. Create an Amazon EventBridge rule to filter events from CloudTrail if a role was created without CloudFormation. Specify the SNS topic as the target of the EventBridge rule.
D. Create an Amazon EventBridge rule to filter events from CloudTrail if a role was created without CloudFormation. Specify the SNS topic as the target of the EventBridge rule.
Explanation
Creating an Amazon EventBridge rule is the most efficient and scalable way to monitor and react to events from CloudTrail, such as the creation of an IAM role without CloudFormation. EventBridge allows you to specify a filter pattern to match the events you are interested in, and then specify an SNS topic as the target to send notifications. This solution does not require any additional resources or code, and it can trigger notifications in near real-time. The other solutions involve creating and managing additional resources, such as Lambda functions, Fargate tasks, or EC2 instances, and they rely on polling CloudTrail events every 15 minutes, which can introduce delays and increase costs. References Using Amazon EventBridge rules to process AWS CloudTrail events Using AWS CloudFormation to create and manage AWS Batch resources How to use AWS CloudFormation to configure auto scaling for Amazon Cognito and AWS AppSync Using AWS CloudFormation to automate the creation of AWS WAF web ACLs, rules, and conditions
Question 213:
A software company must ensure that documents that are uploaded by users are securely stored in Amazon S3. The documents must be encrypted at rest in Amazon S3. The company wants to avoid client-side encryption and does not want to manage the security infrastructure. In addition, the company wants control over the keys that are used for encryption at rest.
Which solution for encryption keys should a developer use to meet these requirements?
A. Amazon S3 managed keys B. Application-level encryption with customer-provided encryption keys that are stored in an on-premises hardware security module (HSM) C. AWS Key Management Service (AWS KMS) customer managed keys D. IAM access keys
C. AWS Key Management Service (AWS KMS) customer managed keys
Explanation
Question 214:
A company built an online event platform For each event the company organizes quizzes and generates leaderboards that are based on the quiz scores. The company stores the leaderboard data in Amazon DynamoDB and retains the data for 30 days after an event is complete The company then uses a scheduled job to delete the old leaderboard data
The DynamoDB table is configured with a fixed write capacity. During the months when many events occur, the DynamoDB write API requests are throttled when the scheduled delete job runs.
A developer must create a long-term solution that deletes the old leaderboard data and optimizes write throughput
Which solution meets these requirements?
A. Configure a TTL attribute for the leaderboard data B. Use DynamoDB Streams to schedule and delete the leaderboard data C. Use AWS Step Functions to schedule and delete the leaderboard data. D. Set a higher write capacity when the scheduled delete job runs
A. Configure a TTL attribute for the leaderboard data
Explanation
"deletes the item from your table without consuming any write throughput" https:// docs.aws.amazon.com/amazondynamodb/latest/developerguide/TTL.html
Question 215:
A photo sharing application uses Amazon S3 to store image files. All user images are manually audited for inappropriate content by a third-party company. The audits are completed 1-24 hours after user upload and the results are written to an Amazon DynamoDB table, which uses the S3 object key as a primary key. The database items can be queried by using a REST API created by the third-party company.
An application developer needs to implement an automated process to tag all S3 objects with the results of the content audit.
What should the developer do to meet these requirements in the MOST operationally efficient way?
A. Create an AWS Lambda function to run in response to the s3:ObjectCreated event type. Write the S3 key to an Amazon Simple Queue Service (Amazon SQS) queue with a visibility timeout of 24 hours. Create and configure a second Lambda function to read items from the queue. Retrieve the results for each item from the DynamoDB table. Tag each S3 object accordingly. B. Create an AWS Lambda function to run in response to the s3:ObjectCreated event type. Integrate the function into an AWS Step Functions standard workflow. Define an AWS Step Functions Wait state and set the value to 24 hours. Create and configure a second Lambda function to retrieve the audit results and tag the S3 objects accordingly after the Wait state is over. C. Create an AWS Lambda function to load all untagged S3 objects. Retrieve the results for each item from the REST API and tag each S3 object accordingly. Create and configure an Amazon EventBridge rule to run at regular intervals. Set the Lambda function as a target for the EventBridge rule. D. Launch an Amazon EC2 instance. Deploy a script to the EC2 instance to use the external database results to tag the S3 objects accordingly. Configure a crontab file to run the script at regular intervals.
A. Create an AWS Lambda function to run in response to the s3:ObjectCreated event type. Write the S3 key to an Amazon Simple Queue Service (Amazon SQS) queue with a visibility timeout of 24 hours. Create and configure a second Lambda function to read items from the queue. Retrieve the results for each item from the DynamoDB table. Tag each S3 object accordingly.
Explanation
Question 216:
A developer is building a web application that uses Amazon API Gateway to expose an AWS Lambda function to process requests from clients. During testing, the developer notices that the API Gateway times out even though the Lambda function finishes under the set time limit.
Which of the following API Gateway metrics in Amazon CloudWatch can help the developer troubleshoot the issue? (Choose two.)
A. CacheHitCount B. IntegrationLatency C. CacheMissCount D. Latency E. Count
B. IntegrationLatency D. Latency
Explanation
Question 217:
A developer wants to expand an application to run in multiple AWS Regions. The developer wants to copy Amazon Machine Images (AMIs) with the latest changes and create a new application stack in the destination Region. According to company requirements, all AMIs must be encrypted in all Regions. However, not all the AMIs that the company uses are encrypted.
How can the developer expand the application to run in the destination Region while meeting the encryption requirement?
A. Create new AMIs, and specify encryption parameters. Copy the encrypted AMIs to the destination Region. Delete the unencrypted AMIs. B. Use AWS Key Management Service (AWS KMS) to enable encryption on the unencrypted AMIs. Copy the encrypted AMIs to the destination Region. C. Use AWS Certificate Manager (ACM) to enable encryption on the unencrypted AMIs. Copy the encrypted AMIs to the destination Region. D. Copy the unencrypted AMIs to the destination Region. Enable encryption by default in the destination Region.
A. Create new AMIs, and specify encryption parameters. Copy the encrypted AMIs to the destination Region. Delete the unencrypted AMIs.
Explanation
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html Encrypt an unencrypted image during copy In this scenario, an AMI backed by an unencrypted root snapshot is copied to an AMI with an encrypted root snapshot. The CopyImage action is invoked with two encryption parameters, including a customer managed key.
Question 218:
A developer is creating an application that uses an AWS Lambda function to transform and load data from an Amazon S3 bucket. When the developer tests the application, they find that some invocations of the Lambda function are slower than others.
The developer needs to update the Lambda function to have predictable invocation durations with low latency. Any initialization activities, such as loading libraries and instantiating clients, must run during allocation time rather than during actual function invocations.
Which combination of steps will meet these requirements? (Select TWO.)
A. Create a schedule group in Amazon EventBridge Scheduler to invoke the Lambda function. B. Configure provisioned concurrency for the Lambda function to ensure the necessary number of execution environments. C. Use the $LATEST version of the Lambda function. D. Configure reserved concurrency for the Lambda function to have the necessary number of execution environments. E. Deploy changes and publish a new version of the Lambda function.
B. Configure provisioned concurrency for the Lambda function to ensure the necessary number of execution environments. D. Configure reserved concurrency for the Lambda function to have the necessary number of execution environments.
Explanation
Question 219:
A company is using Amazon OpenSearch Service to implement an audit monitoring system. A developer needs to create an AWS CloudFormation custom resource that is associated with an AWS Lambda function to configure the OpenSearch Service domain. The Lambda function must access the OpenSearch Service domain by using OpenSearch Service internal master user credentials.
What is the MOST secure way to pass these credentials to the Lambda function?
A. Use a CloudFormation parameter to pass the master user credentials at deployment to the OpenSearch Service domain's MasterUserOptions and the Lambda function's environment variable. Set the NoEcho attribute to true. B. Use a CloudFormation parameter to pass the master user credentials at deployment to the OpenSearch Service domain's MasterUserOptions and to create a parameter in AWS Systems Manager Parameter Store. Set the NoEcho attribute to true. Create an IAM role that has the ssm:GetParameter permission. Assign the role to the Lambda function. Store the parameter name as the Lambda function's environment variable. Resolve the parameter's value at runtime. C. Use a CloudFormation parameter to pass the master user credentials at deployment to the OpenSearch Service domain's MasterUserOptions and the Lambda function's environment variable. Encrypt the parameter's value by using the AWS Key Management Service (AWS KMS) encrypt command. D. Use CloudFormation to create an AWS Secrets Manager secret. Use a CloudFormation dynamic reference to retrieve the secret's value for the OpenSearch Service domain's MasterUserOptions. Create an IAM role that has the secretsmanager:GetSecretValue permission. Assign the role to the Lambda function. Store the secret's name as the Lambda function's environment variable. Resolve the secret's value at runtime.
D. Use CloudFormation to create an AWS Secrets Manager secret. Use a CloudFormation dynamic reference to retrieve the secret's value for the OpenSearch Service domain's MasterUserOptions. Create an IAM role that has the secretsmanager:GetSecretValue permission. Assign the role to the Lambda function. Store the secret's name as the Lambda function's environment variable. Resolve the secret's value at runtime.
Explanation
Question 220:
A company's application has an AWS Lambda function that processes messages from IoT devices. The company wants to monitor the Lambda function to ensure that the Lambda function is meeting its required service level agreement (SLA).
A developer must implement a solution to determine the application's throughput in near real time. The throughput must be based on the number of messages that the Lambda function receives and processes in a given time period. The Lambda function performs initialization and post-processing steps that must not factor into the throughput measurement.
What should the developer do to meet these requirements?
A. Use the Lambda function's ConcurrentExecutions metric in Amazon CloudWatch to measure the throughput. B. Modify the application to log the calculated throughput to Amazon CloudWatch Logs. Use Amazon EventBridge to invoke a separate Lambda function to process the logs on a schedule. C. Modify the application to publish custom Amazon CloudWatch metrics when the Lambda function receives and processes each message. Use the metrics to calculate the throughput. D. Use the Lambda function's Invocations metric and Duration metric to calculate the throughput in Amazon CloudWatch.
C. Modify the application to publish custom Amazon CloudWatch metrics when the Lambda function receives and processes each message. Use the metrics to calculate the throughput.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your DVA-C02 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.