Updated DVA-C01 Dumps PDF - DVA-C01 Real Valid Brain Dumps With 610 Questions!
100% Free DVA-C01 Exam Dumps Use Real Amazon AWS Certified Associate Dumps
NEW QUESTION 32
An application running on Amazon EC2 instances must access objects within an Amaon S3 busket that are encrypted using server-side encryption using AWS KMS encryption keys (SSE-KMS). The application must have access to the customer master key (CMK) to decrypt the objects.
Which combination of steps will grant the application access? (Select TWO.)
- A. Write a key policy that enables IAM policies to grant access to the key.
- B. Create a Systems Manager parameter that exposes the KMS key to the EC2 instances.
- C. Write an S3 bucket policy that grants the bucket access to the key.
- D. Grant access to the key in the S3 bucket's ACL
- E. Grant access to the key in the IAM EC2 role attached to the application's EC2 instances.
Answer: B,C
NEW QUESTION 33
A company is running its website on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an Amazon EC2 Auto Scaling group. A developer needs to secure the internet-facing connection with HTTPS. The developer uses AWS Certificate Manager (ACM) to issue an X.509 certificate.
What should the developer do to secure the connection?
- A. Configure the ALB to use the X.509 certificate by using the AWS Management Console.
- B. Configure each EC2 instance to use the same X.509 certificate by using the AWS Management Console.
- C. Export the root key of the X.509 certificate to an Amazon S3 bucket. Configure each EC2 instance to use the same X.509 certificate from the S3 bucket.
- D. Export the root key of the X.509 certificate to an Amazon S3 bucket. Configure the ALB to use the X.509 certificate from the S3 bucket.
Answer: A
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/configure-acm-certificates-ec2/
https://aws.amazon.com/premiumsupport/knowledge-center/associate-acm-certificate-alb-nlb/ Configuring an Amazon Issued ACM public certificate for a website that's hosted on an EC2 instance requires exporting the certificate. However, you can't export the certificate because ACM manages the private key that signs and creates the certificate.
Instead, you can associate an ACM certificate with a load balancer or an ACM SSL/TLS certificate with a CloudFront distribution.
Associate an ACM SSL certificate with an Application Load Balancer
Open the Amazon EC2 console.
In the navigation pane, choose Load Balancers, and then choose your Application Load Balancer.
Choose Add listener.
For Protocol, choose HTTPS.
For port, choose 443.
For Default action(s), choose Forward to, and then select your ALB target group from the dropdown list.
For Default SSL certificate, choose From ACM (recommended) and then choose the ACM certificate.
Choose Save.
NEW QUESTION 34
A Developer has created a large Lambda function, and deployment is failing with the following error:
ClientError: An error occurred (InvalidParameterValueException) when calling the
CreateFunction operation: Unzipped size must be smaller than XXXXXXXXX bytes', where XXXXXXXXX is the current Lambda limit
What can the Developer do to fix this problem?
- A. Break the function into multiple smaller Lambda functions.
- B. ZIP the ZIP file twice to compress it further.
- C. Use a compression algorithm that is more efficient than ZIP.
- D. Submit a limit increase request to AWS Support to increase the function to the size needed.
Answer: A
NEW QUESTION 35
A company is adding items to an Amazon DynamoDB table from an AWS Lambda function that is written in Python A developer needs to implement a solution that inserts records in the DynamoDB table and performs automatic retry when the insert fails Which solution meets these requirements with MINIMUM code changes?
- A. Queue the items in AWS Glue: which will put them into the DynamoDB table
- B. Configure the Python code to run the AWS CLl through shell to call the Putltem operation
- C. Use the AWS software development kit (SDK) for Python (boto3) to call the Putltem operation
- D. Call the Putltem operation from Python by using the DynamoDB HTTP API
Answer: C
NEW QUESTION 36
A company is launching a poling application. The application will store the results of each pool an Amazon DynamoDB table. Management wants to remove pool data after a few data and store an archive of those records in Amazon S3.
Which approach would allow the application to archive each poll's data while keeping complexity to a MINIMUM?
- A. Enable cross-Region replication on the S3 bucket to achieve the poll data.
- B. Enable DynamoDB Streams on the table. Configure the steam as trigger for AWS Lambda. Save records to Amazon S3 when records on the stream are modified.
- C. Schedule an AWS Lambda function to periodically scan the DynamoDB table. Use the BatchWritten operation to delete the results of a scan Enable DynamoDB Stream on the table and store the records removed from the stream in Amazon S3.
- D. Enable Time to Live (TTL) on the DynamoDB table. Enable DynamoDB Streams on the table and store the records removed from the stream in Amazon S3.
Answer: B
NEW QUESTION 37
A Developer is writing a REST service that will add items to a shopping list. The service is built on Amazon API Gateway with AWS Lambda integrations. The shopping list items are send as query string parameters in the method request.
How should the Developer convert the query string parameters to arguments for the Lambda function?
- A. Include the Amazon Resource Name (ARN) of the Lambda function
- B. Change the integration type
- C. Create a mapping template
- D. Enable request validation
Answer: B
Explanation:
Explanation
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-integration-types.html
NEW QUESTION 38
A company has multiple Developers located across the globe who are updating code incrementally for a development project. When Developers upload code concurrently, internet connectivity is slow and it is taking a long time to upload code for deployment in AWS Elastic Beanstalk.
Which step will result in minimized upload and deployment time with the LEAST amount of administrative effort?
- A. Allow the Developers to upload the code to a central FTP server to deploy the application to Elastic Beanstalk.
- B. Allow the Developers to upload the code to an Amazon S3 bucket, and deploy it directly to Elastic Beanstalk.
- C. Create an AWS CodeCommit repository, allow the Developers to commit code to it, and then directly deploy the code to Elastic Beanstalk.
- D. Create a code repository on an Amazon EC2 instance so that all Developers can update the code, and deploy the application from the instance to Elastic Beanstalk.
Answer: C
Explanation:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/deploy-codecommit-elastic-beanstalk/
NEW QUESTION 39
A developer is writing a web application that must share secure documents with end users The documents are stored in a private Amazon S3 bucket The application must allow only authenticated users to download specific documents when requested, and only for a duration of 15 minutes How can the developer meet these requirements?
- A. Modify the S3 bucket policy to only allow specific users to download the documents Revert the change after 15 minutes.
- B. Use server-side encryption with AWS KMS managed keys (SSE-KMS) and download the documents using HTTPS
- C. Copy the documents to a separate S3 bucket that has a lifecycle policy for deletion after 15 minutes
- D. Create a presigned S3 URL using the AWS SDK with an expiration time of 15 minutes
Answer: C
NEW QUESTION 40
An Amazon RDS database instance is used by many applications to look up historical dat a. The query rate is relatively constant. When the historical data is updated each day, the resulting write traffic slows the read query performance and affects all application users.
What can be done to eliminate the performance impact on application users?
- A. Implement Amazon ElastiCache in front of Amazon RDS to buffer the write traffic.
- B. Create an RDS Read Replica and direct all read traffic to the replica.
- C. Use Amazon DynamoDB instead of Amazon RDS to buffer the read traffic.
- D. Make sure Amazon RDS is Multi-AZ so it can better absorb increased traffic.
Answer: B
Explanation:
Reference:
https://aws.amazon.com/rds/details/read-replicas/
NEW QUESTION 41
A serverless application uses an API Gateway and AWS Lambda.
Where should the Lambda function store its session information across function calls?
- A. In an Amazon DynamoDB table
- B. In the local filesystem
- C. In an Amazon SQS queue
- D. In an SQLite session table using -DSQLITE_ENABLE_SESSION
Answer: A
NEW QUESTION 42
A company uses Amazon DynamoDB as a data store for its order management system. The company frontend application stores orders in a DynamoDB table. The DynamoDB table is configured to send change events to a DynamoDB stream. The company uses an AWS Lambda function to log and process the incoming orders based on data from the DynamoDB stream.
An operational review reveals that the order quantity of incoming orders is sometimes set to 0. A developer needs to create a dashboard that will show how many unique customers this problem affects each day.
What should the developer do to implement the dashboard?
- A. Turn on custom Amazon CloudWatch metrics for the DynamoDB stream of the DynamoDB table. Create a CloudWatch alarm that groups the number of unique customers for orders with order quantity equal to 0 in 1-day periods. Add the CloudWatch alarm to a CloudWatch dashboard.
- B. Grant the Lambda function's execution role permissions to upload logs to Amazon CloudWatch Logs. Implement a CloudWatch Logs Insights query that selects the number of unique customers for orders with order quantity equal to 0 and groups the results in 1-day periods. Add the CloudWatch Logs Insights query to a CloudWatch dashboard.
- C. Use Amazon Athena to query AWS CloudTrail API logs for API calls. Implement an Athena query that selects the number of unique customers for orders with order quantity equal to 0 and groups the results in 1 -day periods. Add the Athena query to an Amazon CloudWatch dashboard.
- D. Configure the Lambda function to send events to Amazon EventBridge. Create an EventBridge rule that groups the number of unique customers for orders with order quantity equal to 0 in 1 -day periods. Add a CloudWatch dashboard as the target of the rule.
Answer: A
NEW QUESTION 43
A Developer is migrating an on-premises application to AWS. The application currently takes user uploads and saves them to a local directory on the server. All uploads must be saved and made immediately available to all instances in an Auto scaling group.
Which approach will meet these requirements?
- A. Use Amazon EBS and file synchronization software to achieve eventual consistency among the auto scaling group.
- B. Use instance storage and share it between instances launched from the same Amazon machine image (AMI).
- C. Use Amazon S3 and rearchitect the application so all uploads are placed in S3.
- D. Use Amazon EBS and configure the application AMI to use a snapshot of the same EBS instance on boot.
Answer: A
NEW QUESTION 44
A developer is building an application on Amazon EC2 The developer encountered an "Access Denied" error on some of the API calls to AWS services while testing The developer needs to modify permissions that have been already given to the instance How can these requirements be met with minimal changes and minimum downtime?
- A. Update the attached 1AM role adding the needed permissions
- B. Stop the instance Update the attached 1AM role adding the needed permissions. Start the instance
- C. Make a new 1AM role with the needed permissions Stop the instance. Attach the new 1AM role to the instance Start the instance.
- D. Delete the existing 1AM role Attach a new 1AM role with the needed permissions
Answer: A
NEW QUESTION 45
In AWS, which security aspects are the customer's responsibility? Choose 4 answers
- A. Decommissioning storage devices
- B. Life-cycle management of IAM credentials
- C. Encryption of EBS (Elastic Block Storage) volumes
- D. Patch management on the EC2 instance's operating system
- E. Security Group and ACL (Access Control List) settings
- F. Controlling physical access to compute resources
Answer: B,C,D,E
Explanation:
Reference:
Physical and Environmental Security
AWS's data centers are state of the art, utilizing innovative architectural and engineering approaches. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.
Storage Decommissioning
When a storage device has reached the end of its useful life, AWS procedures include a decommissioning process that is designed to prevent customer data from being exposed to unauthorized individuals.
AWS uses the techniques detailed in DoD 5220.22-M (National Industrial Security Program Operating Manual) or NIST 800-88 (Guidelines for Media Sanitization) to destroy data as part of the decommissioning process.
All decommissioned magnetic storage devices are degaussed and physically destroyed in accordance with industry-standard practices.
NEW QUESTION 46
A developer wants to modify the following AWS Cloud Formation template to embed another CloudFormation stack:
Which syntax should the developer add to the blank line of the CloudFormation template to meet this requirement?
- A. "Type" : "AWS;:CloudFcrmation::NestedStack",
- B. "Mapping" : "AWS::CloudFormation::Stack",
- C. "Type" : "AWS::CloudFormation::Stack",
- D. "Mapping" : "AWS::CloudFormation::NestedStack",
Answer: B
NEW QUESTION 47
An application is using Amazon DynamoDB as its data store, and should be able to read 100 items per second as strongly consistent reads. Each item is 5 KB in size.
To what value should the table's provisioned read throughput be set?
- A. 200 read capacity units
- B. 50 read capacity units
- C. 500 read capacity unitsc
- D. 100 read capacity units
Answer: D
NEW QUESTION 48
A Development team has pushed out 10 applications running on several Amazon EC2 instances. The Operations team is asking for a graphical representation of one key performance metric for each application.
These metrics should be available on one screen for easy monitoring.
Which steps should the Developer take to accomplish this using Amazon CloudWatch?
- A. Create a custom dimension with a unique metric name for each application.
- B. Create a custom event with a unique metric name for each application.
- C. Create a custom alarm with a unique metric name for each application.
- D. Create a custom namespace with a unique metric name for each application.
Answer: A
NEW QUESTION 49
......
AWS DVA-C01 Exam Certification Details:
| Duration | 130 minutes |
| Exam Price | $150 USD |
| Passing Score | 720 / 1000 |
| Exam Name | AWS Developer Associate (AWS-CDA) |
| Recommended Training / Books | Developing on AWS |
| Sample Questions | AWS DVA-C01 Sample Questions |
| Number of Questions | 65 |
Amazon DVA-C01 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
Pass Your DVA-C01 Exam Easily With 100% Exam Passing Guarantee: https://www.examcollectionpass.com/Amazon/DVA-C01-practice-exam-dumps.html