Amazon DVA-C02 Online Practice Questions and Exam Preparation

Amazon DVA-C02 Online Questions & Answers

• Question 351:

  A developer has been asked to create an AWS Lambda function that is invoked any time updates are made to items in an Amazon DynamoDB table. The function has been created, and appropriate permissions have been added to the Lambda execution role. Amazon DynamoDB streams have been enabled for the table, but the function is still not being invoked.

  Which option would enable DynamoDB table updates to invoke the Lambda function?

  A. Change the StreamViewType parameter value to NEW_AND_OLD_IMAGES for the DynamoDB table.
  B. Configure event source mapping for the Lambda function.
  C. Map an Amazon Simple Notification Service (Amazon SNS) topic to the DynamoDB streams.
  D. Increase the maximum runtime (timeout) setting of the Lambda function.
  B. Configure event source mapping for the Lambda function.

  ---

  Explanation

• Question 352:

  A company runs an AWS CodeBuild project on medium-sized Amazon EC2 instances. The company wants to cost optimize the project and reduce the provisioning time.

  Which solution should the company choose to achieve this goal?

  A. Configure the project to run on a CodeBuild reserved capacity fleet.
  B. Select AWS Lambda as the compute mode for the CodeBuild project.
  C. Configure the project to run on a CodeBuild on-demand fleet.
  D. Set up Amazon S3 caching for the CodeBuild project.
  C. Configure the project to run on a CodeBuild on-demand fleet.

  ---

  Explanation

• Question 353:

  A developer is creating an application for a company. The application needs to read the file doc.txt that is placed in the root folder of an Amazon S3 bucket that is named DOC-EXAMPLE-BUCKET. The company's security team requires the principle of least privilege to be applied to the application's IAM policy.

  Which IAM policy statement will meet these security requirements?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A

  ---

  Explanation

• Question 354:

  A company is building an application to accept data from customers. The data must be encrypted at rest and in transit.

  The application uses an Amazon API Gateway API that invokes AWS Lambda functions. The Lambda functions store the data in an Amazon Aurora MySQL DB cluster. The application worked properly during testing.

  A developer then configured an Amazon CloudFront distribution with field-level encryption using an AWS Key Management Service (AWS KMS) key. After this configuration, the application behaved unexpectedly, with all the data in the database changing from plaintext to ciphertext.

  The developer must ensure that the data is not stored in the database as ciphertext due to the CloudFront field-level encryption.

  Which solution will meet this requirement?

  A. Change the CloudFront Viewer Protocol Policy from "HTTP and HTTPS" to "HTTPS only."
  B. Add a Lambda function that uses the KMS key to decrypt the data fields before saving the data to the database.
  C. Enable encryption on the DB cluster by using the same KMS key that is used in CloudFront.
  D. Request and deploy a new SSL certificate to use with the CloudFront distribution.
  B. Add a Lambda function that uses the KMS key to decrypt the data fields before saving the data to the database.

  ---

  Explanation

• Question 355:

  A developer needs to retrieve all data from an Amazon DynamoDB table that matches a particular partition key. Which solutions will meet this requirement in the most operationally efficient way? (Select TWO.)

  A. Use the Scan API and a filter expression to match on the key.
  B. Use the GetItem API with a request parameter for key that contains the partition key name and specific key value.
  C. Use the ExecuteStatement API and a filter expression to match on the key.
  D. Use the GetItem API and a PartiQL statement to match on the key.
  E. Use the ExecuteStatement API and a PartiQL statement to match on the key.
  B. Use the GetItem API with a request parameter for key that contains the partition key name and specific key value.
  E. Use the ExecuteStatement API and a PartiQL statement to match on the key.

  ---

  Explanation

• Question 356:

  A developer has observed an increase in bugs in the AWS Lambda functions that a development team has deployed in its Node.js application. To minimize these bugs, the developer wants to implement automated testing of Lambda

  functions in an environment that closely simulates the Lambda environment.

  The developer needs to give other developers the ability to run the tests locally. The developer also needs to integrate the tests into the team's continuous integration and continuous delivery (CI/CD) pipeline before the AWS Cloud

  Development Kit (AWS CDK) deployment.

  Which solution will meet these requirements?

  A. Create sample events based on the Lambda documentation. Create automated test scripts that use the cdk local invoke command to invoke the Lambda functions. Check the response. Document the test scripts for the other developers on the team. Update the CI/CD pipeline to run the test scripts.
  B. Install a unit testing framework that reproduces the Lambda execution environment. Create sample events based on the Lambda documentation. Invoke the handler function by using a unit testing framework. Check the response. Document how to run the unit testing framework for the other developers on the team. Update the CI/CD pipeline to run the unit testing framework.
  C. Install the AWS Serverless Application Model (AWS SAM) CLI tool. Use the sam local generate-event command to generate sample events for the automated tests. Create automated test scripts that use the sam local invoke command to invoke the Lambda functions. Check the response. Document the test scripts for the other developers on the team. Update the CI/CD pipeline to run the test scripts.
  D. Create sample events based on the Lambda documentation. Create a Docker container from the Node.js base image to invoke the Lambda functions. Check the response. Document how to run the Docker container for the other developers on the team. Update the CI/CD pipeline to run the Docker container.
  C. Install the AWS Serverless Application Model (AWS SAM) CLI tool. Use the sam local generate-event command to generate sample events for the automated tests. Create automated test scripts that use the sam local invoke command to invoke the Lambda functions. Check the response. Document the test scripts for the other developers on the team. Update the CI/CD pipeline to run the test scripts.

  ---

  Explanation

• Question 357:

  A developer needs to launch a new Amazon EC2 instance by using the AWS CLI.

  Which AWS CLI command should the developer use to meet this requirement?

  A. aws ec2 bundle-instance
  B. aws ec2 start-instances
  C. aws ec2 confirm-product-instance
  D. aws ec2 run-instances
  D. aws ec2 run-instances

  ---

  Explanation

• Question 358:

  A company runs an application on AWS. The company deployed the application on Amazon EC2 instances. The application stores data on Amazon Aurora.

  The application recently logged multiple application-specific custom DECRYP_ERROR errors to Amazon CloudWatch logs. The company did not detect the issue until the automated tests that run every 30 minutes failed. A developer must implement a solution that will monitor for the custom errors and alert a development team in real time when these errors occur in the production environment.

  Which solution will meet these requirements with the LEAST operational overhead?

  A. Configure the application to create a custom metric and to push the metric to CloudWatch. Create an AWS CloudTrail alarm. Configure the CloudTrail alarm to use an Amazon Simple Notification Service (Amazon SNS) topic to send notifications.
  B. Create an AWS Lambda function to run every 5 minutes to scan the CloudWatch logs for the keyword DECRYP_ERROR. Configure the Lambda function to use Amazon Simple Notification Service (Amazon SNS) to send a notification.
  C. Use Amazon CloudWatch Logs to create a metric filter that has a filter pattern for DECRYP_ERROR. Create a CloudWatch alarm on this metric for a threshold >=1. Configure the alarm to send Amazon Simple Notification Service (Amazon SNS) notifications.
  D. Install the CloudWatch unified agent on the EC2 instance. Configure the application to generate a metric for the keyword DECRYP_ERROR errors. Configure the agent to send Amazon Simple Notification Service (Amazon SNS) notifications.
  C. Use Amazon CloudWatch Logs to create a metric filter that has a filter pattern for DECRYP_ERROR. Create a CloudWatch alarm on this metric for a threshold >=1. Configure the alarm to send Amazon Simple Notification Service (Amazon SNS) notifications.

  ---

  Explanation

• Question 359:

  A company is building a microservices application that consists of many AWS Lambda functions. The development team wants to use AWS Serverless Application Model (AWS SAM) templates to automatically test the Lambda functions. The development team plans to test a small percentage of traffic that is directed to new updates before the team commits to a full deployment of the application.

  Which combination of steps will meet these requirements in the MOST operationally efficient way? (Choose two.)

  A. Use AWS SAM CLI commands in AWS CodeDeploy to invoke the Lambda functions to test the deployment.
  B. Declare the EventInvokeConfig on the Lambda functions in the AWS SAM templates with OnSuccess and OnFailure configurations.
  C. Enable gradual deployments through AWS SAM templates.
  D. Set the deployment preference type to Canary10Percent30Minutes. Use hooks to test the deployment.
  E. Set the deployment preference type to Linear10PercentEvery10Minutes. Use hooks to test the deployment.
  C. Enable gradual deployments through AWS SAM templates.
  D. Set the deployment preference type to Canary10Percent30Minutes. Use hooks to test the deployment.

  ---

  Explanation

• Question 360:

  A company is using Amazon RDS as the backend database for its application. After a recent marketing campaign, a surge of read requests to the database increased the latency of data retrieval from the database. The company has decided to implement a caching layer in front of the database. The cached content must be encrypted and must be highly available.

  Which solution will meet these requirements?

  A. Amazon CloudFront
  B. Amazon ElastiCache for Memcached
  C. Amazon ElastiCache for Redis in cluster mode
  D. Amazon DynamoDB Accelerator (DAX)
  C. Amazon ElastiCache for Redis in cluster mode

  ---

  Explanation