Amazon DVA-C02 Practice Test : Free Online Preparation

Question 1
- A developer designed an application on an Amazon EC2 instance The application makes API requests to objects in an Amazon S3 bucket Which combination of steps will ensure that the application makes the API requests in the MOST secure manner? (Select TWO.)
  
  A : Create an IAM user that has permissions to the S3 bucket. Add the user to an IAM group.
  
  B :
  Create an IAM role that has permissions to the S3 bucket
  
  C :
  Add the IAM role to an instance profile. Attach the instance profile to the EC2 instance.
  
  D : Create an IAM role that has permissions to the S3 bucket. Assign the role to an IAM group.
  
  E : Store the credentials of the IAM user in the environment variables on the EC2 instance.
  
  Answer: B,C
Question 2
- A company needs to package and deploy an application that uses AWS Lambda to compress and decompress video clips. The application uses a video codec library that is larger than 250 MB. The application uses the library to compress the videos before storage and to decompress the videos upon retrieval.
  A : Create one Lambda function. Upload one zip file that contains code to handle video compression and decompression to the function. Include the codec library in the zip file
  
  B : Create two Lambda functions. Upload one zip file that contains code to handle video compression to one function. Upload a second zip file that contains code for video decompression to the second function. Include the codec library in both zip files.
  
  C : Create two Lambda functions. Upload one zip file that contains code to handle video compression to one function. Upload a second zip file that contains code for video decompression to the second function. Create one Lambda layer for the codec library. Add the layer to both functions.
  
  D : Create two Lambda functions. Build one container image that contains code to handle video compression and a second image that contains video decompression code. Add the codec library to both images. Upload the images to Amazon ECR. Use the containers to create the Lambda functions.
  
  Answer: D
Question 3
- A developer is designing a serverless application for a game in which users register and log in through a web browser. The application makes requests on behalf of users to a set of AWS Lambda functions that run behind an Amazon API Gateway HTTP API.
  The developer needs to implement a solution to register and log in users on the application's sign-in page. The solution must minimize operational overhead and must minimize ongoing management of user identities.
  Which solution will meet these requirements?
  A : Create Amazon Cognito user pools for external social identity providers. Configure IAM roles for the identity pools.
  
  B : Program the sign-in page to create users' IAM groups with the IAM roles attached to the groups.
  
  C : Create an Amazon RDS for SQL Server DB instance to store the users and manage the permissions to the backend resources in AWS.
  
  D : Configure the sign-in page to register and store the users and their passwords in an Amazon DynamoDB table with an attached IAM policy.
  
  Answer: A
Question 4
- A company must deploy all its Amazon RDS DB instances by using AWS CloudFormation templates as part of AWS CodePipeline continuous integration and continuous delivery (CI/CD) automation. The primary password for the DB instance must be automatically generated as part of the deployment process.
  Which solution will meet these requirements with the LEAST development effort?
  
  A : Create an AWS Lambda-backed CloudFormation custom resource. Write Lambda code that generates a secure string. Return the value of the secure string as a data field of the custom resource response object. Use the CloudFormation Fn::GetAtt intrinsic function to get the value of the secure string. Use the value to create the DB instance.
  
  B : Use the AWS CodeBuild action of CodePipeline to generate a secure string by using the following AWS CLI command: aws secretsmanager get-random-password. Pass the generated secure string as a CloudFormation parameter with the NoEcho attribute set to true. Use the parameter reference to create the DB instance.
  
  C : Create an AWS Lambda-backed CloudFormation custom resource. Write Lambda code that generates a secure string. Return the value of the secure string as a data field of the custom resource response object. Use the CloudFormation Fn::GetAtt intrinsic function to get a value of the secure string. Create secrets in AWS Secrets Manager. Use the secretsmanager dynamic reference to use the value stored in the secret to create the DB instance.
  
  D : Use the AWS::SecretsManager::Secret resource to generate a secure string. Store the secure string as a secret in AWS Secrets Manager. Use the secretsmanager dynamic reference to use the value stored in the secret to create the DB instance.
  
  Answer: B
Question 5
- A developer is updating an Amazon API Gateway REST API to have a mock endpoint. The developer wants to update the integration request mapping template so the endpoint will respond to mock integration requests with specific HTTP status codes based on various conditions.
  A : { if( $input.params(‘integration’) == "mock" ) "statusCode": 404 else "statusCode": 500 end }
  
  B : { if( $input.params('scope') == "internal" ) "statusCode": 200 else "statusCode": 500 end }
  
  C : { if( $input.path("integration") ) "statusCode": 200 else "statusCode":404 end }
  
  D : { if( $context.integration.status ) "statusCode": 200 else "statusCode": 500 end }
  
  Answer: D

Free Amazon DVA-C02 Exam Questions

Try our Free Demo Practice Tests for Comprehensive DVA-C02 Exam Preparation