1. Home
  2. Amazon
  3. DVA-C02

Amazon DVA-C02 Online Practice Questions and Exam Preparation

DVA-C02 Exam Details

  • Exam Code
    :DVA-C02
  • Exam Name
    :AWS Certified Developer - Associate (DVA-C02)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :574 Q&As
  • Last Updated
    :May 27, 2026

Amazon DVA-C02 Online Questions & Answers

  • Question 441:

    A company has a web application that is hosted on Amazon EC2 instances The EC2 instances are configured to stream logs to Amazon CloudWatch Logs The company needs to receive an Amazon Simple Notification Service (Amazon SNS) notification when the number of application error messages exceeds a defined threshold within a 5-minute period

    Which solution will meet these requirements?

    A. Rewrite the application code to stream application logs to Amazon SNS Configure an SNS topic to send a notification when the number of errors exceeds the defined threshold within a 5-minute period
    B. Configure a subscription filter on the CloudWatch Logs log group. Configure the filter to send an SNS notification when the number of errors exceeds the defined threshold within a 5-minute period.
    C. Install and configure the Amazon Inspector agent on the EC2 instances to monitor for errors Configure Amazon Inspector to send an SNS notification when the number of errors exceeds the defined threshold within a 5-minute period
    D. Create a CloudWatch metric filter to match the application error pattern in the log data. Set up a CloudWatch alarm based on the new custom metric. Configure the alarm to send an SNS notification when the number of errors exceeds the defined threshold within a 5- minute period.

  • Question 442:

    A developer is writing a web application that is deployed on Amazon EC2 instances behind an internet-facing Application Load Balancer (ALB). The developer must add an Amazon CloudFront distribution in front of the ALB. The developer also must ensure that customer data from outside the VPC is encrypted in transit.

    Which combination of CloudFront configuration settings should the developer use to meet these requirements? (Choose two.)

    A. Restrict viewer access by using signed URLs.
    B. Set the Origin Protocol Policy setting to Match Viewer.
    C. Enable field-level encryption.
    D. Enable automatic object compression.
    E. Set the Viewer Protocol Policy setting to Redirect HTTP to HTTPS.

  • Question 443:

    A company has an application that uses Amazon Cognito user pools as an identity provider. The company must secure access to user records. The company has set upmulti- factor authentication (MFA). The company also wants to send a login activity notification by email every time a user logs in.

    What is the MOST operationally efficient solution that meets this requirement?

    A. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon API Gateway API to invoke the function. Call the API from the client side when login confirmation is received.
    B. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon Cognito post authentication Lambda trigger for the function.
    C. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Create an Amazon CloudWatch Logs log subscription filter to invoke the function based on the login status.
    D. Configure Amazon Cognito to stream all logs to Amazon Kinesis Data Firehose. Create an AWS Lambda function to process the streamed logs and to send the email notification based on the login status of each user.

  • Question 444:

    A developer maintains an Amazon API Gateway REST API. Customers use the API through a frontend UI and Amazon Cognito authentication.

    The developer has a new version of the API that contains new endpoints and backward- incompatible interface changes. The developer needs to provide beta access to other developers on the team without affecting customers.

    Which solution will meet these requirements with the LEAST operational overhead?

    A. Define a development stage on the API Gateway API. Instruct the other developers to point the endpoints to the development stage.
    B. Define a new API Gateway API that points to the new API application code. Instruct the other developers to point the endpoints to the new API.
    C. Implement a query parameter in the API application code that determines which code version to call.
    D. Specify new API Gateway endpoints for the API endpoints that the developer wants to add.

  • Question 445:

    A developer is building an ecommerce application. When there is a sale event, the application needs to concurrently call three third-party systems to record the sale. The developer wrote three AWS Lambda functions. There is one Lambda function for each third-party system, which contains complex integration logic.

    These Lambda functions are all independent. The developer needs to design the application so each Lambda function will run regardless of others' success or failure.

    Which solution will meet these requirements?

    A. Publish the sale event from the application to an Amazon Simple Queue Service (Amazon SQS) queue. Configure the three Lambda functions to poll the queue.
    B. Publish the sale event from the application to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the three Lambda functions to be triggered by the SNS topic.
    C. Publish the sale event from the application to an Application Load Balancer (ALB). Add the three Lambda functions as ALB targets.
    D. Publish the sale event from the application to an AWS Step Functions state machine. Move the logic from the three Lambda functions into the Step Functions state machine.

  • Question 446:

    A developer maintains applications that store several secrets in AWS Secrets Manager. The applications use secrets that have changed over time. The developer needs to identify required secrets that are still in use. The developer does not

    want to cause any application downtime.

    What should the developer do to meet these requirements?

    A. Configure an AWS CloudTrail log file delivery to an Amazon S3 bucket. Create an Amazon CloudWatch alarm for the GetSecretValue Secrets Manager API operation requests.
    B. Create a secretsmanager-secret-unused AWS Config managed rule. Create an Amazon EventBridge rule to initiate notifications when the AWS Config managed rule is met.
    C. Deactivate the applications secrets and monitor the applications error logs temporarily.
    D. Configure AWS X-Ray for the applications. Create a sampling rule to match the GetSecretValue Secrets Manager API operation requests.

  • Question 447:

    A developer has created an AWS Lambda function to provide notification through Amazon Simple Notification Service (Amazon SNS) whenever a file is uploaded to Amazon S3 that is larger than 50 MB. The developer has deployed and tested the Lambda function by using the CLI. However, when the event notification is added to the S3 bucket and a 3,000 MB file is uploaded, the Lambda function does not launch.

    Which of the following is a possible reason for the Lambda function's inability to launch?

    A. The S3 event notification does not activate for files that are larger than 1,000 MB.
    B. The resource-based policy for the Lambda function does not have the required permissions to be invoked by Amazon S3.
    C. Lambda functions cannot be invoked directly from an S3 event.
    D. The S3 bucket needs to be made public.

  • Question 448:

    A company is migrating legacy internal applications to AWS. Leadership wants to rewrite the internal employee directory to use native AWS services. A developer needs to create a solution for storing employee contact details and high-resolution photos for use with the new application.

    Which solution will enable the search and retrieval of each employee's individual details and high-resolution photos using AWS APIs?

    A. Encode each employee's contact information and photos using Base64. Store the information in an Amazon DynamoDB table using a sort key.
    B. Store each employee's contact information in an Amazon DynamoDB table along with the object keys for the photos stored in Amazon S3.
    C. Use Amazon Cognito user pools to implement the employee directory in a fully managed software-as-a-service (SaaS) method.
    D. Store employee contact information in an Amazon RDS DB instance with the photos stored in Amazon Elastic File System (Amazon EFS).

  • Question 449:

    A developer has code that is stored in an Amazon S3 bucket. The code must be deployed as an AWS Lambda function across multiple accounts in the same AWS Region as the S3 bucket. An AWS CloudFormation template that runs for each account will deploy the Lambda function.

    What is the MOST secure way to allow CloudFormation to access the Lambda code in the S3 bucket?

    A. Grant the CloudFormation service role the S3 ListBucket and GetObject permissions. Add a bucket policy to Amazon S3 with the pnncipal of "AWS": [account numbers].
    B. Grant the CloudFormation service role the S3 GetObject permission. Add a bucket policy to Amazon S3 with the principal of "*".
    C. Use a service-based link to grant the Lambda function the S3 ListBucket and GetObject permissions by explicitly adding the S3 bucket's account number in the resource.
    D. Use a service-based link to grant the Lambda function the S3 GetObject permission. Add a resource of "*" to allow access to the S3 bucket.

  • Question 450:

    A company stores customer credit reports in an Amazon S3 bucket. An analytics service uses standard Amazon S3 GET requests to access the reports. A developer must implement a solution to redact personally identifiable information (PII) from the reports before they reach the analytics service.

    Which solution will meet this requirement?

    A. Load the S3 objects into Amazon Redshift by using a COPY command. Implement dynamic data masking. Refactor the analytics service to read from Amazon Redshift.
    B. Set up an S3 Object Lambda function. Attach the function to an S3 Object Lambda Access Point. Program the function to call a PII redaction API.
    C. Use AWS Key Management Service (AWS KMS) to implement encryption in the S3 bucket. Re-upload all the existing S3 objects. Give the kms permission to the analytics service.
    D. Create an Amazon Simple Notification Service (Amazon SNS) topic. Implement message data protection. Refactor the analytics service to publish data access requests to the SNS topic.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DVA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.