AWS Developer Associate Practice Quiz

Description

A pool of 200 questions randomly selected to give you 65 questions to mimic the AWS Developer Associate Test. Answers are randomly ordered. Mix of multiple-choice and multiple-answer questions.
Bill Rawlinson
Quiz by Bill Rawlinson, updated more than 1 year ago
Bill Rawlinson
Created by Bill Rawlinson over 4 years ago
1108
0

Resource summary

Question 1

Question
You're a developer doing contract work for the media sector. Since you work alone, you opt for technologies that require little maintenance, which allows you to focus more on your coding. You have chosen AWS Elastic Beanstalk to assist with the deployment of your applications. While reading online documentation you find that Elastic Beanstalk relies on a similar deployment service to provision your resources. Which of the following services is it?
Answer
  • Systems Manager
  • CloudFormation
  • AWS Lambda
  • CodeCommit

Question 2

Question
You have created a Java application that uses RDS for its main data storage and ElastiCache for user session storage. The application will be deployed using Elastic Beanstalk and each deployment performed should allow any application server to reuse the RDS database while user session data stored in ElastiCache can be created for every single deployment. Which configuration will allow you to achieve that? (Select two)
Answer
  • ElastiCache defined in .ebextensions/
  • ElastiCache database defined externally and referenenced through env variables
  • RDS database defined in .ebextensions/
  • ElastiCache bundled with the app source code
  • RDS database defined externally and referenenced through env variables

Question 3

Question
Your team lead has decided to make changes to a current application written in Node.js and running on a Linux server. The team lead would like to deploy the application to a Docker container, then decouple the application into microservices. Which AWS service is best suited for this change?
Answer
  • ECS
  • ECR
  • Lambda
  • EC2

Question 4

Question
An application is hosted by a 3rd party and exposed at yourapp.3rdparty.com. You would like to have your users access your application using www.mydomain.com, which you own and manage under Route 53. What record should you create?
Answer
  • Create an A Record
  • Create a CNAME record
  • Create a PTR record
  • Create an Alias record

Question 5

Question
You have launched EC2 instances hosting the same application version. Instances are launched based on traffic using an auto-scaling group. Each EC2 instance is assigned an instance-id and plan on capturing this data within the application. How can this be accomplished?
Answer
  • Use EC2 User Data
  • Attach an IAM role and allow EC2 describes-instances permission
  • Use EC2 meta data service
  • Inject that information using AWS Lambda

Question 6

Question
You are creating a Cloud Formation template to deploy your CMS application running on an EC2 instance within your AWS account. Because you would like to deploy the application across multiple regions you have decided to create a Map of all the possible values for the base AMI. How should you invoke the !FindInMap function?
Answer
  • !FindInMap [ MapName, TopLevelKey, SecondLevelKey ]
  • !FindInMap [ MapName, TopLevelKey ]
  • !FindInMap [ MapName ]
  • !FindInMap [ MapName, TopLevelKey, SecondLevelKey, ThirdLevelKey ]

Question 7

Question
You are a developer at a company that creates serverless functions in AWS Lambda. Functions are invoked by clients via AWS API Gateway, which anyone can access. Your team lead would like to control access using a 3rd party authorized mechanism. Which authorizer should you use?
Answer
  • IAM permissions with sigv4
  • Lambda Authorizer
  • Cognito User Pools
  • API Gateway User Pools

Question 8

Question
A company recently migrated its internal resources to a cloud serverless infrastructure. The infrastructure is composed of AWS Lambda functions, API Gateway, and EC2 instances where applications utilize API Gateway. In addition, the company enabled CloudWatch Logs for API Gateway but CloudWatch logs are not being written. What is the likely cause of this issue?
Answer
  • Also enable X-Ray integration
  • Check the CloudWatch Logs Policy
  • Check the Service IAM permissions
  • Ensure in-flight encryption is disabled

Question 9

Question
You have deployed a Java application to an EC2 instance where it uses the X-Ray SDK. When testing from your personal computer, the application sends data to X-Ray but when the application runs from within EC2, the application fails to send data to X-Ray. Which of the following does NOT help you with debugging the issue?
Answer
  • EC2 X-Ray Daemon
  • X-Ray sampling
  • EC2 Instance Role
  • CloudTrail

Question 10

Question
A developer in your company has configured an AWS CodeBuild build. The build fails and the developer needs to quickly troubleshoot the issue to see which commands or settings located in the BuildSpec file are causing an issue. Which approach will help them accomplish this?
Answer
  • Freeze the CodeBuild during its next execution
  • SSH into the CodeBuild Docker container
  • Run AWS CodeBuild locally
  • Enable detailed monitoring

Question 11

Question
You've been hired as a developer to work on an application. The application is hosted on multiple EC2 instances backed by an ASG. All instances interact with an SQS queue. It's been noticed that a specific consumer on an EC2 instance fails to process a message, it takes up to 30 seconds for that message to be processed by other consumers. You want to make sure other consumers may get that message faster, and don't mind introducing the risk of duplicate processing. What change should you make?
Answer
  • decrease VisibilityTimeout
  • disable LongPolling
  • Use a FIFO queue
  • Use a lower DelaySeconds

Question 12

Question
As a Developer, you have the responsibility of maintaining the infrastructure of the company's technology. The company is limited in the number of engineers it can hire and need to keep maintenance very low. One of those assets under your maintenance is AWS Lambda functions and you would like to deploy new versions and shift traffic to them. Which AWS service meets your needs?
Answer
  • CodeCommit
  • CodeBuild
  • CodeDeploy
  • CodePipeline

Question 13

Question
You are creating an Amazon DynamoDB table that will hold game scores for a Node.Js application and needs to perform another kind of queries using different attributes as query criteria. Which of the following will help you achieve that?
Answer
  • Create an LSI
  • Call Scan
  • Create a GSI
  • Migrate away from DynamoDb

Question 14

Question
A Developer was called to fix an issue with a system that uses SQS. The SQS consumers take an unpredictably long time to process messages and therefore some consumers are receiving duplicate messages from the SQS queue. Which action should be taken to resolve the issue?
Answer
  • Use DeleteMessage at the Consumer Level
  • Use the <code>ChangeMessageVisibility</code> API at the Consumer Level
  • Change the <code>VisibilityTimeout</code> of the Queue
  • Use Long Polling

Question 15

Question
A developer has been asked to create an application that can be deployed across a fleet of EC2 instances. The configuration must allow for full control over the deployment steps using blue-green deployment. Which service will help you achieve that?
Answer
  • CodeBuild
  • CodeDeploy
  • Elastic Beanstalk
  • CodePipeline

Question 16

Question
An organization is investigating an issue where ten virtual machines were terminated unexpectedly. You have been hired as an independent consultant to find out how this happened. Which AWS service will assist with this task?
Answer
  • CloudWatch
  • CloudTrail
  • EC2 Logs
  • Config
  • IAM

Question 17

Question
A developer has been asked to create an AWS Elastic Beanstalk environment. The environment will handle deployment for an application that has high traffic and runs 24/7. You would like to deploy a new application version using Beanstalk but don't want to bring your capacity down. You are also very cost-conscious and want to ensure any added cost will be minimal. Which deployment meets this need?
Answer
  • immutable
  • rolling with additional batches
  • all at once
  • rolling
  • blue/green

Question 18

Question
Applications running on EC2 instances process messages from an SQS queue but sometimes they experience errors due to messages not being processed. To isolate the messages, which option will help with further debugging?
Answer
  • Increase the VisibilityTimeout
  • Use DeleteMessage
  • Reduce the VisibilityTimeout
  • Implement a DLQ

Question 19

Question
Your team lead has finished creating a CodeBuild project in the management console. and a build spec has been defined for the project. After the build is run, CodeBuild fails to pull a Docker image into the build environment. What is the most likely cause?
Answer
  • The Docker image is too big
  • The Docker image is missing some tags
  • CodeBuild cannot work with custom Docker images
  • Missing IAM permissions for the CodeBuild Service

Question 20

Question
You've just deployed an AWS Lambda function. The lambda function will be invoked via the API Gateway. The API Gateway will need to control access to it. Which of the following mechanisms is not supported for API Gateway?
Answer
  • IAM permissions with sigv4
  • STS
  • Lambda Authorizer
  • Cognito User Pools

Question 21

Question
You are a developer working on AWS Lambda functions that are triggered by Amazon API Gateway and would like to perform testing on a small amount of traffic for new API versions. Which of the following features will accomplish this task?
Answer
  • Custom Authorizers
  • Stage Variables
  • Mapping Templates
  • Canary Deployment

Question 22

Question
You are responsible for an application that runs on multiple Amazon EC2 instances. In front of the instances is an Internet-facing load balancer that takes requests from clients over the internet and distributes them to the EC2 instances. A health check is configured to ping the index.html page found in the root directory for the health status. When accessing the website via the internet visitors of the website receive timeout errors. What should be checked first to resolve the issue?
Answer
  • IAM Roles
  • Security Groups
  • Application is Down
  • ALB is Warming Up

Question 23

Question
You are a Developer working with AWS CloudFormation templates. Your templates provision a VPC with one subnet and would like other stacks to use the output value of the subnet created. What must you do to provide this information to another stack? (Select all that Apply)
Answer
  • Expose
  • Export
  • Fn::Ref
  • Import
  • Output

Question 24

Question
A company that specializes in cloud communications platform as a service allows software developers to programmatically use their services to send and receive text messages. The initial platform did not have a scalable architecture as all components were hosted on one server and should be redesigned for high availability and scalability. Which of the following options can be used to implement the REST API? (select two)
Answer
  • ALB + ECS
  • EBS + RDS
  • SES + S3
  • CloudWatch + CloudFront
  • API Gateway + Lambda

Question 25

Question
As a DynamoDB expert, companies in your area rely on your expertise to train their developers. You have been hired to consult with a company that uses the NoSQL database for mobile applications. The developers are using DynamoDB to perform operations such as GetItem but are limited in knowledge. They would like to be more efficient with retrieving some attributes rather than all. Which of the following recommendations would you provide?
Answer
  • Use a FilterExpression
  • Specify a ProjectExpression
  • Use the --query parameter
  • Use a Scan

Question 26

Question
A developer at a university is encrypting a large XML payload transferred over the network using AWS KMS and wants to test the application before going to production. What is the maximum data size supported by AWS KMS?
Answer
  • 16KB
  • 1MB
  • 32KB
  • 4KB
  • 1GB
  • 2KB
  • 8KB

Question 27

Question
Recently in your organization, the AWS X-Ray SDK was bundled into each function to record outgoing calls for tracing purposes. When your team leader goes to the X-Ray service in the AWS Management Console to get an overview of the information collected, they discover that no data is available. What is the most likely reason for this?
Answer
  • X-Ray only works with AWS Lambda aliases
  • Enable X-Ray sampling
  • Fix the IAM Role
  • Change the security groups rules

Question 28

Question
A company has hired you as a team lead over a group of developers working on security applications. Developers will work within Linux executing commands with the AWS CLI. When developers receive authorization exceptions which of the following services will not assist in resolving the issue?
Answer
  • STS
  • IAM
  • CloudTrail
  • CloudWatch

Question 29

Question
You are a cloud architect consultant in a Silicon Valley city. Many companies in the city have mobile apps that capture and send data to Amazon Kinesis Data Streams. They have been getting a ProvisionedThroughputExceededException exception. You have been contacted to help and upon careful analysis, you are seeing that messages are being sent one by one while being sent at a high rate. Which of the following options will help with the exception while keeping costs at a minimum?
Answer
  • Batch Messages
  • Decrease the Stream retention duration
  • Increase the number of shards
  • Use Exponential Backoff

Question 30

Question
A company's application is deployed by AWS Elastic Beanstalk to EC2 instances in two availability zones. The application makes API requests to AWS API Gateway and the security team requested that authentication be added to these requests. Which of the following authentication methods will fulfill the requirement?
Answer
  • IAM permissions with sigv4
  • Lambda Authorizer
  • Cognito User Pools
  • API Gateway User Pools

Question 31

Question
A pipeline was created from the AWS Management Console using service AWS CodePipeline. The process consists of pulling code changes committed to GitHub, generating a build with AWS CodeBuild, and deploying to an AWS Elastic Beanstalk environment. Unexpectedly, your unchanged CodePipeline broke because it cannot find or use the target Elastic Beanstalk environment to deploy your application to. What should you do to find the root cause of this problem? (select three)
Answer
  • Look in IAM for Policy changes
  • Look in CloudFormation for deletions
  • Look in CloudTrail for a 'delete' event in Elastic Beanstalk
  • Look in CodePipeline for changes
  • Look in S3 for access logs

Question 32

Question
The AWS account administrator for the company gave you web access to their AWS Management Console. You need to create several API Gateway APIs to assist developers in waiting to retrieve data from the company's database. Your developers have worked on the API in the development environment, but it seems that the changes they did are not reflected in the API. What needs to happen?
Answer
  • Check IAM permissions
  • Enable Custom Authorizer
  • Use Stage Variables
  • Deploy to a stage

Question 33

Question
An AWS Lambda function written in Golang was deployed six months ago and recently a new version was released that included the use of the X-Ray SDK. The change altered the permissions on the IAM role of the Lambda function to allow the X-Ray SDK to send data to X-Ray. While testing you find that data is not being sent to X-Ray, what is a likely reason?
Answer
  • Authorize Lambda source in the X-Ray console
  • The IAM permissions
  • Lambda X-Ray active tracing must be enabled
  • The X-Ray agent must be loaded with the code

Question 34

Question
You are a Developer working with Amazon ECS container instances and would like to isolate credentials so that a container never has access to credentials intended for another container belonging to another task. Which of the following actions must you take to achieve that?
Answer
  • Use the parameter store to pass in AWS credentials
  • Assign an IAM role to the EC2 instance
  • Load the credentials within the docker container
  • Create an IAM Role for ECS and assign it to the tasks

Question 35

Question
Your team lead has asked you to learn AWS CloudFormation to create a collection of related AWS resources and provision them in an orderly fashion. You decide to provide AWS-specific parameter types to catch invalid values. When specifying parameters which of the following is not a valid Parameter type?
Answer
  • String
  • DependantParameter
  • CommaDelimitedList
  • AWS::EC2::KeyPair::KeyName

Question 36

Question
You are producing data to AWS Kinesis using AWS Lambda which sits behind an API Gateway. Data represents a clickstream from the users navigating your website. You want to make sure your Kinesis stream can scale over time due to increased volume, what would you need to do? (select two)
Answer
  • The partition key must take a great number of different values
  • You need to add shards
  • You need to enable auto-scaling
  • The partition key must only take few values
  • You need to remove shards

Question 37

Question
Your security company requires that all data sent to external storage be encrypted before being sent. Your external storage is an Amazon Simple Storage Service (Amazon S3) bucket. Which of the following encryption solutions will meet this requirement?
Answer
  • SSE-S3
  • SSE-C
  • Client Side Encryption
  • SSE-KMS

Question 38

Question
You are a developer working remotely from home. The company has given you an IAM user account with an access key and secret access key that allows permissions to a few AWS services. You would like to be able to retrieve the CodeBuild logs for failed builds and analyze them in Athena. Which steps should you take to extract the logs out of CodeBuild?
Answer
  • Use CloudWatch Events
  • Use AWS Lambda integration
  • Enable S3 and CLoudWatch Logs Integration
  • Use Kinesis

Question 39

Question
A company has a cloud system in AWS with components that send and receive messages using SQS queues. While reviewing the system you see that it processes a lot of information and would like to be aware of any limits of the system. Which of the following is the maximum number of messages that can be stored in an SQS queue?
Answer
  • no limit
  • 10000
  • 100000
  • 10000000

Question 40

Question
You started an online learning platform using AWS Lambda functions and AWS Gateway API. Your first version was successful and you began developing new features for the second version. You would like to gradually introduce the second version by routing 10% of the incoming traffic to the new AWS Lambda function version. What should you do?
Answer
  • Use Route 53
  • Use environment variables
  • Use AWS Lambda aliases
  • Deploy Lambda in a VPC

Question 41

Question
You are a developer making programmatic API calls to AWS KMS. You have security compliance requests that require the use of encryption keys to encrypt large amounts of data using a practice known as envelope encryption. Which of the following API actions should you call?
Answer
  • Encrypt
  • Decrypt
  • RetrieveCMK
  • GenerateDataKey

Question 42

Question
You have an Application Load Balancer listening on port 80 registered with a single EC2 instance also listening on port 80. You plan on changing the listener. Which of the following options is not a supported listener?
Answer
  • Websocket
  • HTTP
  • HTTPS
  • TCP

Question 43

Question
A media sharing company is experiencing a very high volume of data traffic in a short period of time. An Amazon Simple Queue Service (SQS) queue is being used to manage transactions. The team lead over the project is aware of the message size limit sent to the queue and is looking for a way to allow larger size messages over 1 MB. What can be done to achieve this?
Answer
  • Use the MultiPart API
  • Get a service limit increase from AWS
  • Use gzip compression
  • Use the SQS Extended Client

Question 44

Question
A telecommunications company that provides internet service for mobile device users maintains over 100 c4.large instances in the us-east-1 region. The EC2 instances perform complex algorithms. The manager would like to track CPU utilization of the EC2 instances that evaluate as frequently as every 10 seconds. What do you suggest they do?
Answer
  • Enable EC2 detailed monitoring
  • Create a high-resolution custom metric and push the data using a script triggered every 10 seconds.
  • Simply get it from the CloudWatch Metrics
  • Open a support ticket with AWS

Question 45

Question
Your company is starting to move away from reserving EC2 instances and would like to adopt a more agile form of serverless architecture. You would like to deploy Docker containers to AWS without the hassle of using EC2 instances. Which service do you recommend?
Answer
  • ECS
  • EKS
  • Fargate
  • Beanstalk

Question 46

Question
Your company uses an Application Load Balancer to route incoming end-user traffic to applications hosted on Amazon EC2 instances. The applications capture incoming request information and store it in the Amazon Relational Database Service (RDS) running Microsoft SQL Server DB engines. Your team lead requested that you capture the clients IP address, how will you achieve that?
Answer
  • We should change the client application to send their IP as part of the payloads
  • Use the header X-Forwarded-For
  • Use the header X-Forwarded-IP
  • Change the security groups rules

Question 47

Question
You are a developer working with the AWS CLI and you run the following command aws ec2 monitor-instances --instance-ids i-9999999990abcdef0. The command enables detailed monitoring for your instance using Amazon CloudWatch. In what time-frequency will your instance send metric data to CloudWatch?
Answer
  • 2 minutes
  • 1 minute
  • 30 seconds
  • 5 minutes

Question 48

Question
You have enabled a Dead Letter Queue (DLQ) for AWS Lambda function. Which of the following will put a message into a DLQ after being processed by AWS Lambda? (Select two)
Answer
  • The invocation was synchronous
  • The invocation succeeded
  • The invocation was asynchronous
  • The invocation failed
  • The invocation failed only once but succeeded afterwards

Question 49

Question
Your CloudFormation template launches a two-tier web application in two availability zones. The web tier has fifty compute-optimized EC2 instances running complex algorithms. Within the application, custom metrics are being published to CloudWatch every 5 minutes. It is now a requirement to get the metrics as fast as possible in CloudWatch with a high-resolution metric. What's the smallest metric resolution you can achieve in CloudWatch?
Answer
  • 30 seconds
  • 5 seconds
  • 10 seconds
  • 1 second

Question 50

Question
Recently your employer laid off hundreds of engineers and responsibilities were delegated to developers in your department. Developers now have full control over modeling the entire software delivery process from coding to deployment and you are responsible for any manual approval actions in the process. Which of the following approaches should the company take to achieve this?
Answer
  • Create one CodePipeline for your entire flow, and add a manual approval step
  • Create multiple CodePipelines for each environment and link them using AWS Lambda
  • Create deeply integrated AWS CodePipelines for each environment
  • Use CodeDeploy Pipeline integrator

Question 51

Question
You are a Developer looking to create a custom configuration for EC2 instances in an Auto Scaling group. Your solution should allow auto-scaling based on metrics based on the average RAM usage inside your EC2 instances. Which option provides the best solution?
Answer
  • Migrate your application to AWS Lambda
  • Create a custom alarm for your ASG and make your instances trigger the alarm using PutAlarmData API
  • Enable detailed monitoring for EC2 and ASG to get the RAM usage data and create a CloudWatch Alarm on top of it.
  • Create a custom metric in CloudWatch and make your instances send data to it using PutMetricData. Create an alarm based on that metric

Question 52

Question
You have migrated an on-premise SQL Server database to an Amazon Relational Database Service (RDS) database attached to a VPC inside a private subnet. Also, you upgraded your Java application hosted on-premise to an Amazon Lambda function that will process code written in Java that will need to retrieve data from your RDS instance. Which of the following should you do to create a network connection between your AWS Lambda function to your RDS instance?
Answer
  • Use an alias
  • Assign an IAM Role
  • Use Environment variables to pass in the RDS connection string
  • Deploy in a VPC and assign a Security Group

Question 53

Question
Your microservices infrastructure processes API calls from clients, performs request filtering and caching using the AWS API Gateway. Users report receiving 501 error codes and you would like to find out which service is failing. Which of the following do you choose to help you troubleshoot?
Answer
  • CloudTrail
  • API Gateway
  • CloudWatch
  • X-Ray

Question 54

Question
Your company has a three-year contract with a healthcare provider. The contract states that monthly database backups must be retained for the duration of the contract for compliance purposes. Currently, the backup retention period limit in the Amazon Relational Database Service (RDS) does not allow for automated backups to meet your requirements. Which of the following solutions can help you meet your requirements?
Answer
  • Create a cron event in CloudWatch, which triggers an AWS Lambda function that triggers the snapshotting feature
  • Enable RDS periodic backups
  • Enable RDS Read replicas
  • Enable RDS Multi-AZ

Question 55

Question
A team of forty developers, some working remotely and some working on-site, collaborate with one another while working with version control repositories. Before changes are merged to AWS CodeCommit repositories, reviewers add comments and questions to pull requests. The team lead would like email notifications every time someone comments on a pull request for AWS CodeCommit. How can this be accomplished efficiently?
Answer
  • AWS Lambda function that periodically checks for new comments
  • CodeBuild
  • CloudWatch Event Rules
  • SQS
  • SES

Question 56

Question
You have taken a position as a Developer in downtown Paris. On your first day of work, you are given an IAM user to send requests to AWS services using the AWS SDK for JavaScript. Your first task is to add items to a DynamoDB table using the AWS SDK without making SDK configuration changes. In which AWS region will your application make requests to?
Answer
  • us-east-1
  • us-east-2
  • eu-west-1
  • us-west-1

Question 57

Question
A mobile game company is experiencing heavy read traffic to an Amazon Relational Database Service (RDS) database that retrieves player’s scores and stats. The RDS database instance type is a db.m5.12xlarge and they would like to create a strategy in which read traffic is served from a caching layer to free resources on the database and allow them to downsize the database instance type to lower costs. Which of the following solutions do you recommend?
Answer
  • RDS Read Replicas
  • ElastiCache in front of RDS
  • Redshift
  • Switch Application code to AWS Lambda

Question 58

Question
You’re a developer using the AWS CLI who deploys often using AWS Elastic Beanstalk and want to be able to quickly rollback any failed deployments. Cost is not a problem and the impact should be minimal. Which deployment policy fits your needs?
Answer
  • Immutable
  • Rolling
  • Rolling with additional batches
  • All at once

Question 59

Question
You have enabled an Amazon Simple Queue Service DLQ (Dead-Letter Queue) for your AWS Lambda function. Any asynchronous invocations that fail are retried twice before directing unprocessed events to the dead-letter queue. After two failed invocation attempts, the data does not appear in the dead-letter queue, what is a likely reason for this?
Answer
  • Fix the IAM Role
  • Use synchronous invocations instead
  • Use aliases instead
  • You need to disable encryption

Question 60

Question
Which of the following two statements is true about Amazon EBS encryption? (Select All that Apply)
Answer
  • A snapshot of an encrypted volume is always encrypted
  • Restoring a volume from an encrypted snapshot can be an un-encrypted volume
  • A snapshot of an encrypted volume can be encrypted or unencrypted
  • Restoring a volume from an encrypted snapshot must be an encrypted volume
  • EBS encryption impacts performance

Question 61

Question
Your company manages hundreds of EC2 instances running Linux. The instances are configured in several Availability Zones in the eu-west-3 region. Your manager has requested to collect system memory metrics on all EC2 instances using a script. Which of the following solutions will help you collect this data?
Answer
  • Use a cron job on the instances that push the EC2 RAM metric as a Custom metric
  • Use instance metadata ram disk-id
  • Access as a standard CloudWatch metric
  • Use X-Ray

Question 62

Question
You are working on a project that has over 100 dependencies. Every time your AWS CodeBuild runs a build step it has to resolve Java dependencies from external Ivy repositories which take a long time. Your manager wants to speed this process up in AWS CodeBuild. Which of the following will help you do this with minimal effort?
Answer
  • Setup a Nexus repository in EC2 that will act as an internal dependency cache
  • Reduce the number of dependencies
  • Ship all the dependencies as part of the source code
  • Enable S3 caching

Question 63

Question
You are running a public DNS service on an EC2 instance where the DNS name is pointing to the IP address of the instance. You wish to upgrade your DNS service but would like to do it without any downtime. Which of the following options will help you accomplish this?
Answer
  • Use Route 53
  • Create a Load Balancer and an auto scaling group
  • Provide a static private IP
  • Elastic IP

Question 64

Question
A development team uses the AWS SDK for Java to maintain an application that stores data in AWS DynamoDB. The application makes use of Scan operations to return several items from a 25 GB table. There is no possibility of creating indexes to retrieve these items in a predictable way. Developers are trying to get these specific rows from DynamoDB as fast as possible. Which of the following options can be used to improve the performance of the Scan operation?
Answer
  • Use a Query
  • Use a ProjectionExpression
  • Use a FilterExpression
  • Use parallel scans

Question 65

Question
You are a manager for a tech company that has just hired a team of developers to work on the company's AWS infrastructure. All the developers are reporting to you that when using the AWS CLI to execute commands it fails with the following exception: You are not authorized to perform this operation. Encoded authorization failure message: 6h34GtpmGjJJUm946eDVBfzWQJk6z5GePbbGDs9Z2T8xZj9EZtEduSnTbmrR7pMqpJrVYJCew2m8YBZQf4HRWEtrpncANrZMsnzk. Which of the following actions will help developers decode the message?
Answer
  • AWS IAM decode-authorization-message
  • AWS STS decode-authorization-message
  • Use KMS decode-authorization-message
  • AWS Cognito Decoder

Question 66

Question
Your company had a recent data breach where an ex-employee had gained access to your Windows Server using credentials that were never revoked after termination. The perpetrator removed all web.config files from all production web application root directories, leaving web applications down for hours. There were no backups of the secret keys being stored in the configuration files or any EC2 snapshots to recover the information. Using AWS Parameter Store how can you add secret application data and notify the security audit team when changes are made?
Answer
  • SES
  • SQS
  • SNS
  • CloudTrail

Question 67

Question
A developer has pushed a Lambda function that pushes data into an RDS MySQL database with the following Python code: def handler(event, context): mysql = mysqlclient.connect() data = event['data'] mysql.execute(f"INSERT INTO foo (bar) VALUES (${data});") mysql.close() return On the first execution, the Lambda function takes 2 seconds to execute. On the second execution and all the subsequent ones, the Lambda function takes 1.9 seconds to execute. What can be done to improve the execution time of the Lambda function?
Answer
  • Upgrade the MySQL instance type
  • Change the runtime to Node.js
  • Increase the Lambda function RAM
  • Move the database connection out of the handler

Question 68

Question
Your development team uses the AWS SDK for Java on a web application that uploads files to several Amazon Simple Storage Service (S3) buckets using the SSE-KMS encryption mechanism. Developers are reporting that they are receiving permission errors when trying to push their objects over HTTP. Which of the following headers should they include in their request?
Answer
  • 'x-amz-server-side-encryption': 'SSE-KMS'
  • 'x-amz-server-side-encryption': 'SSE-S3'
  • 'x-amz-server-side-encryption': 'aws:kms'
  • 'x-amz-server-side-encryption': 'AES256'

Question 69

Question
You are a system administrator whose company recently moved its production application to AWS and migrated data from MySQL to AWS DynamoDB. You are adding new tables to AWS DynamoDB and need to allow your application to query your data by the primary key and an alternate key. This option must be added when first creating tables otherwise changes cannot be made afterward. Which of the following actions should you take?
Answer
  • Create a GSI
  • Call Scan
  • Create an LSI
  • Migrate away from DynamoDb

Question 70

Question
As part of internal regulations, you must ensure that all communications to Amazon S3 are encrypted. For which of the following encryption mechanisms will a request get rejected if the connection is not using HTTPS?
Answer
  • SSE-KMS
  • SSE-C
  • Client Side Encryption
  • SSE-S3

Question 71

Question
You have moved your on-premise infrastructure to AWS and are in the process of configuring an AWS Elastic Beanstalk deployment environment for production, development, and testing. You have configured your production environment to use a rolling deployment to prevent your application from becoming unavailable to users. For the development and testing environment, you would like to deploy quickly and are not concerned about downtime. Which of the following deployment policies meet your needs?
Answer
  • immutable
  • all at once
  • rolling with additional batches
  • rolling
  • blue/green

Question 72

Question
An organization recently began using AWS CodeCommit for its source control service. A compliance security team visiting the organization was auditing the software development process and noticed developers making many git push commands within their development machines. The compliance team requires that encryption be used for this activity. How can the organization ensure source code is encrypted in transit and at rest?
Answer
  • Use a git command line hook to encrypt the code client side
  • Enable KMS encryption
  • Use AWS Lambda as a hook to encrypt the pushed code
  • Repositories are automatically encrypted at rest

Question 73

Question
You have a web application hosted on EC2 that makes GET and PUT requests for objects stored in Amazon Simple Storage Service (S3) using the SDK for PHP. As the security team completed the final review of your application for vulnerabilities, they noticed that your application uses hardcoded IAM access key and secret access key to gain access to AWS services. They recommend you leverage a more secure setup, which should leverage temporary credentials if possible. How do you accomplish that?
Answer
  • Use the SSM parameter store
  • Use environment variables
  • Hardcode the credentials in the application code
  • Use an IAM Instance Role

Question 74

Question
Your application sends messages to an Amazon Simple Queue Service (SQS) queue frequently, which are then polled by another application that specifies which message to retrieve. Which of the following options describe the maximum number of messages that can be retrieved at one time?
Answer
  • 100
  • 5
  • 10
  • 1000
  • 3
  • 25

Question 75

Question
You are working for a technology startup building web and mobile applications. You would like to pull Docker images from the ECR repository called demo so you can start running local tests against the latest application version. Which of the following commands must you run to pull existing Docker images from ECR? (Select two)
Answer
  • docker pull 1234567890.dkr.ecr.eu-west-1.amazonaws.com/demo:latest
  • $(aws ecr get-login --no-include-email)
  • docker login -u $AWS_ACCESS_KEY_ID -p $AWS_SECRET_ACCESS_KEY
  • aws docker push 1234567890.dkr.ecr.eu-west-1.amazonaws.com/demo:latest
  • docker build -t 1234567890.dkr.ecr.eu-west-1.amazonaws.com/demo:latest

Question 76

Question
Your company has been hired to build a resilient mobile voting app for an upcoming music award show that expects to have 5 to 20 million viewers. The mobile voting app will be marketed heavily months in advance so you are expected to handle millions of messages in the system. You are configuring Amazon Simple Queue Service (SQS) queues for your architecture that should receive messages from 20 KB to 200 KB. Is it possible to send these messages to SQS?
Answer
  • Yes, the max message size is 512KB
  • Yes, the max message size is 256KB
  • No, the max message size is 128KB
  • No, the max message size is 64KB
  • Yes, the max message size is 1MB
  • Yes, the max message size is 5MB

Question 77

Question
ou have a Java-based application running on EC2 instances loaded with AWS CodeDeploy agents. You are considering different options for deployment, one is the flexibility that allows for incremental deployment of your new application versions and replaces existing versions in the EC2 instances. The other option is a strategy in which an Auto Scaling group is used to perform a deployment. Which of the following options will allow you to deploy in this manner? (Select two)
Answer
  • Cattle Deployment
  • Classic Deployment
  • In-place Deployment
  • Blue/Green Deployment

Question 78

Question
A .NET developer team works with many ASP.NET web applications that use EC2 instances to host them on IIS. The deployment process needs to be configured so that multiple versions of the application can run in AWS Elastic Beanstalk. One version would be used for development, testing, and another version for load testing. Which of the following methods do you recommend?
Answer
  • Create an Application Load Balancer to route based on hostname so you can pass on parameters to the development Elastic Beanstalk environment. Create a file in .ebextensions/ in order to know how to handle the traffic coming from the ALB
  • You cannot have multiple development environments in Elastic Beanstalk, just one development and one production environment
  • Use only one Beanstalk environment and perform configuration changes using an Ansible script
  • Define a dev environment with a single instance and a 'load test' environment that has settings close to production

Question 79

Question
You are designing a high-performance application that requires millions of connections. You have several EC2 instances running Apache2 web servers and the application will require capturing the user’s original source IP address and source port without the use of X-Forwarded-For. Which of the following options will meet your needs?
Answer
  • Application Load Balancer
  • Network Load Balancer
  • Elastic Load Balancer
  • Classic Load Balancer

Question 80

Question
You have a popular three-tier web application that is used by users throughout the entire globe receiving thousands of incoming requests daily. You have AWS Route 53 policies to automatically distribute weighted traffic to the API resources located at URL api.global.com. What is an alternative way of distributing traffic to a web application?
Answer
  • S3
  • CloudFront
  • ELB
  • Auto Scaling

Question 81

Question
Your company manages MySQL databases on EC2 instances to have full control. Applications on other EC2 instances managed by an ASG make requests to these databases to get information that displays data on dashboards viewed on mobile phones, tablets, and web browsers. Your manager would like to scale your Auto Scaling group based on the number of requests per minute. How can you achieve this?
Answer
  • You create a CloudWatch custom metric and build an alarm to scale your ASG
  • Attach an Elastic Load Balancer
  • Attach additional Elastic File Storage
  • You enable detailed monitoring and use that to scale your ASG

Question 82

Question
Your mobile application needs to perform API calls to DynamoDB. You do not want to store AWS secret and access keys onto the mobile devices and need all the calls to DynamoDB made with a different identity per mobile device. Which of the following services allows you to achieve this?
Answer
  • Cognito Identity Pools
  • Cognito User Pools
  • Cognito Sync
  • IAM

Question 83

Question
Your organization is looking into making a change to all virtual machines in the cloud. They would like to take advantage of running a bootstrap script for their Windows Server 2012 Base AMI virtual machines when they first boot. Which of the following options will allow the organization to achieve this?
Answer
  • Custom AMI
  • Mount EFS network Drives
  • EC2 Meta Data
  • EC2 User Data

Question 84

Question
As a Full-stack Web Developer, you are involved with every aspect of a company’s platform from development with PHP and JavaScript to the configuration of NoSQL databases with Amazon DynamoDB. You are not concerned about your response receiving stale data from your database and need to perform 16 eventually consistent reads per second of 12 KB in size each. How many read capacity units (RCUs) do you need?
Answer
  • 12
  • 192
  • 24
  • 48
  • 16
  • 3

Question 85

Question
A popular mobile app retrieves data from an AWS DynamoDB table that was provisioned with read-capacity units (RCU’s) that are evenly shared across four partitions. One of those partitions is receiving more traffic than the other partitions, causing hot partition issues. What technology will allow you to reduce the read traffic on your AWS DynamoDB table with minimal effort?
Answer
  • More Partitions
  • ElastiCache
  • DynamoDB Streams
  • DynamoDB DAX

Question 86

Question
You would like your Elastic Beanstalk environment to expose an HTTPS endpoint instead of an HTTP endpoint to get in-flight encryption between your clients and your web servers. What must be done to set up HTTPS on Beanstalk?
Answer
  • Create an .ebextensions file to configure the Load Balancer
  • Use a separate CloudFormation template to load the SSL certificate onto the Load Balancer
  • Open up the port 80 for the security group
  • Configure Health Checks

Question 87

Question
You would like to run the X-Ray daemon for your Docker containers deployed using AWS Fargate. What do you need to do to ensure the setup will work? (select two)
Answer
  • Deploy the X-Ray daemon agent as a process on your EC2 instance
  • Deploy the X-Ray daemon agent as a daemon set on ECS
  • Provide the correct IAM task role to the X-Ray container
  • Deploy the X-Ray daemon agent as a sidecar container
  • Provide the correct IAM instance role to the EC2 instance

Question 88

Question
Your company wants to move away from manually managing Lambda in the AWS console and wants to upload and update them using AWS CloudFormation. How do you declare an AWS Lambda function in CloudFormation? (select two)
Answer
  • Upload all the code to CodeCommit and refer to the CodeCommit Repository in <code>AWS::Lambda::Function</code> block
  • Upload all the code as a zip to S3 and refer the object in <code>AWS::Lambda::Function</code> block
  • Upload all the code as a folder to S3 and refer the folder in <code>AWS::Lambda::Function</code> block
  • Write the AWS Lambda code inline in CloudFormation in the <code>AWS::Lambda::Function</code> block and reference the dependencies as a zip file stored in S3.
  • Write the AWS Lambda code inline in CloudFormation in the <code>AWS::Lambda::Function</code> block as long as there are no third-party dependencies.

Question 89

Question
One of your Kinesis Stream is experiencing increased traffic due to a sale day. Therefore your Kinesis Administrator has split shards and thus you went from having 6 shards to having 10 shards in your Kinesis Stream. Your consuming application is running a KCL-based application on EC2 instances. What is the maximum number of EC2 instances that can be deployed to process the shards?
Answer
  • 6
  • 20
  • 16
  • 10
  • 60
  • 8

Question 90

Question
Which of the following CLI options will allow you to retrieve a subset of the attributes coming from a DynamoDB scan?
Answer
  • --filter-expression
  • --projection-expression
  • --page-size
  • --max-items

Question 91

Question
Your company likes to operate multiple AWS accounts so that teams have their environments. Services deployed across these accounts interact with one another, and now there's a requirement to implement X-Ray traces across all your applications deployed on EC2 instances and AWS accounts. As such, you would like to have a unified account to view all the traces. What should you do in your X-Ray daemon set up to make this work? (select two)
Answer
  • Create a role in the target unified account and allow roles in each sub-account to assume the role.
  • Configure the X-Ray daemon to use an IAM instance role
  • Create a user in the target unified account and generate access and secret keys
  • Configure the X-Ray daemon to use access and secret keys
  • Enable Cross Account collection in the X-Ray console

Question 92

Question
You have created a DynamoDB table to support your application and provisioned RCU and WCU to it so that your application has been running for over a year now without any throttling issues. Your application now requires a second type of queries over your table and as such, you have decided to create an LSI and a GSI on a new table to support that use case. One month after having implemented such indexes, it seems your table is experiencing throttling. Upon looking at the table's metrics, it seems the RCU and WCU provisioned are still sufficient. What's happening?
Answer
  • The LSI is throttling so you need to provision more RCU and WCU to the LSI
  • Metrics are lagging in your CloudWatch dashboard and you should see the RCU and WCU peaking for the main table in a few minutes
  • Adding both an LSI and a GSI to a table is not recommended by AWS best practices as this is a known cause for creating throttles
  • The GSI is throttling so you need to provision more RCU and WCU to the GSI

Question 93

Question
You are using AWS SQS FIFO queues to get the ordering of messages on a per user_id basis. As a developer, which message parameter should you set the value of to user_id to guarantee the ordering?
Answer
  • MessageGroupId
  • MessageDeduplicationId
  • MessageOrderId
  • MessageHash

Question 94

Question
You would like to paginate the results of an S3 List to show 100 results per page to your users, and minimize the number of API calls that you will use. Which CLI options should you use? (select two)--
Answer
  • --page-size
  • --max-items
  • --next-token
  • --starting-token
  • --limit

Question 95

Question
You are using AWS SQS FIFO queues to get the ordering of messages on a per user_id basis. On top of this, you would like to make sure that duplicate messages should not be sent to SQS as this would cause application failure. As a developer, which message parameter should you set the value of to deduplicate messages?
Answer
  • ReceiveRequestAttemptId
  • MessageGroupId
  • MessageDeduplicationId
  • ContentBasedDeduplication

Question 96

Question
You would like to have a one-stop dashboard for all the CICD needs of one of your projects. You don't need heavy control of the individual configuration of each component in your CICD, but need to be able to get a holistic view of your projects. Which service do you recommend?
Answer
  • CodeBuild
  • CodeDeploy
  • CodeStar
  • CodePipeline

Question 97

Question
Your client has tasked you with finding a service that would enable you to get cross-account tracing and visualization. Which service do you recommend?
Answer
  • X-Ray
  • VPC Flow Logs
  • CloudWatch Events
  • CloudTrail

Question 98

Question
A Developer at a company is working on a CloudFormation template to set up resources. Resources will be defined using code and provisioned based on conditions. Which section of a CloudFormation template does not allow for conditions?
Answer
  • Outputs
  • Resources
  • Conditions
  • Parameters

Question 99

Question
Your client is migrating an application to the cloud that will handle thousands of requests. The application will need a load balancer and an auto-scaling group and must be stateless. Which AWS service will provide an in-memory data store for your application's session state?
Answer
  • S3
  • DynamoDB
  • RDS
  • ElastiCache

Question 100

Question
You are developing a highly available web application using DynamoDB for its data access. What is the maximum number of attributes that can be combined in a primary key when you create the database?
Answer
  • 1
  • 2
  • 3
  • 4
  • 5

Question 101

Question
Which of the following best describes how KMS Encryption works?
Answer
  • KMS stores the CMK, and receives data from the clients, which it encrypts and sends back.
  • KMS receives CMK from the client at every Encrypt call, and encrypts the data with that
  • KMS sends the CMK to the client, which performs the encryption and then deletes the CMK
  • KMS generates a new CMK for each Encrypt call and encrypts the data with it

Question 102

Question
A company would like to deploy new application versions with Elastic Beanstalk to EC2 instances. When a deployment is executed some instances should serve requests with the old version of the application, while other instances serve new requests until the deployment is completed. Which deployment meets this requirement without incurring costs?
Answer
  • immutable
  • rolling
  • rolling with additional batches
  • all at once
  • blue/green

Question 103

Question
A company is undergoing a compliance audit by the government. The company has hundreds of IAM users that make API calls but specifically it needs to be determined who is making KMS API calls. Which of the following services should the audit team use?
Answer
  • CloudTrail
  • CloudWatch Metrics
  • X-Ray
  • CloudWatch Alarms

Question 104

Question
Your company hired an outside consultant to help with redesigning internal systems. The company wants to allow consuming applications to process nearly limitless streams of data in flight. Which solution should the outside consultant recommend?
Answer
  • SQS
  • SNS
  • Kinesis Stream
  • Lambda

Question 105

Question
You run a SAAS company for the healthcare industry that is used worldwide where users pay a monthly subscription. There have been requests by mobile developers to expose public APIs created with API Gateway. You decide to make the APIs available to mobile developers as product offerings. Which feature will allow you to do that?
Answer
  • CloudTrail
  • AWS Billing
  • Usage Plans and API Keys
  • AWS Lambda Custom Authorizers

Question 106

Question
A Developer is designing a system where only a single server can be used to run an application. The single server will have multiple containers of a service running. Which services can be used to meet this requirement?
Answer
  • ALB + Beanstalk
  • Classic Load Balancer + ECS
  • ALB + ECS
  • Classic Load Balancer + Beanstalk

Question 107

Question
Your global organization has an infrastructure that is deployed with Cloud Formation. One employee, in us-east-1, has created a stack 'Application1' and made an exported output with the name 'ELBDNSName'. Another employee has created a stack for a different application 'Application2' in us-east-2 and also exported an output with the name 'ELBDNSName'. The first employee wanted to deploy the Cloud Formation stack 'Application1' in us-east-2, but it got an error. What is the cause of the error?
Answer
  • Output Values in CloudFormation must have unique names across all regions
  • Exported Output Values in CloudFormation must have unique names across all regions
  • Exported Output Values in CloudFormation must have unique names within a single region
  • Output Values in CloudFormation must have unique names within a single region

Question 108

Question
You are configuring your CloudFront distribution to tell CloudFront where you want the content to be delivered from. When configuring settings, which protocol is not supported?
Answer
  • UDP
  • HTTP
  • HTTPS
  • RTMP

Question 109

Question
Your company has stored all application secrets in SSM Parameter Store. The audit team has requested to get a report to better understand when and who has issued API calls against SSM Parameter Store. Which AWS service can you use to produce your report?
Answer
  • CloudTrail
  • SSM Parameter Store List Feature
  • SSM Parameter Store Access Logs in CloudWatch Logs
  • SSM Parameter Store Access Logs in S3

Question 110

Question
You are running workloads on AWS and have embedded database connection strings within each web server hosting your applications. After failing a security audit you are encouraged to take a different approach where you store your secrets. Which AWS service can you use to manage your database connection strings?
Answer
  • SSM Parameter Store
  • EFS
  • EBS
  • KMS

Question 111

Question
A company has experienced high latency on its main application, affecting thousands of users daily. You have been hired to redesign the application and find that the company has been using a hybrid approach where the application is hosted on EC2 instances but the databases are hosted within the corporate network. After some research, you conclude that a first step to reducing latency is to use an in-memory cache service. Which of the following services best meets your needs?
Answer
  • Parameter Store
  • RDS
  • DynamoDB
  • ElastiCache

Question 112

Question
You have been hired as a new Developer with no experience using CloudFormation. To learn how it works you quickly create a template and upload it through the management console. You find that the template is missing a section that is required. Which section of the template is required?
Answer
  • Mappings
  • Parameters
  • Outputs
  • Resources

Question 113

Question
You have created a target group that has marked all your EC2 instances as unhealthy. Surprisingly, when you enter the IP address of the EC2 instances in your web browser, you can access your website. What could be the reason your instances are being marked as unhealthy? (Select two)
Answer
  • The security group of the EC2 instance does not allow for traffic from the security group of the Application Load Balancer
  • The route for the health check is misconfigured
  • The EBS volumes have been improperly mounted
  • Your web-app has a runtime that is not supported by the Application Load Balancer
  • You need to attach Elastic IP to the EC2 instances

Question 114

Question
You are the administrator for the company's AWS account that manages new users. Five new employees have been hired to a new department who will be performing the same tasks and you will need to create new IAM users for these employees. Which approach follows best practices?
Answer
  • Never assign the same policy to two users
  • Create a group, assign the policy to the group and the users to the group
  • Use only one account shared by your users
  • Let your users have admin rights

Question 115

Question
Your company has a workflow in AWS consisting of CodePipeline and CodeBuild. In the process, CodeBuild attempts to pull Docker images from Amazon ECR and fails with an authorization error. Which of the following actions should you take?
Answer
  • Open AWS Support Ticket
  • Delete and Recreate the ECR Repositories
  • Double Check your IAM Permissions for CodeBuild service
  • You first need to run an ECS instance

Question 116

Question
You want to provision your own Docker images that can be used as input sources for CodeBuild. These images will contain cached dependencies as well as special tooling for your builds that are proprietary to your company. Which of the following services will you use to send your Docker images to?
Answer
  • ECS
  • ECR
  • EFS
  • EBS
  • ELB

Question 117

Question
A developer has been asked to create a web application that will handle thousands of requests. Since there are no architects around for server provisioning and deployment, the entire time must be used to write custom code. What tool should the developer use?
Answer
  • CodePipeline
  • CodeDeploy
  • Elastic Beanstalk
  • ECS Classic

Question 118

Question
You are a developer working on AWS Lambda functions that are invoked over HTTPS. The functions are invoked via REST API's using Amazon API Gateway for methods such as GET and PUT. When a GET request is invoked by consumers all fields returned by your Lambda functions are seen. Your supervisor asks you to format the data response. What can you do with API Gateway to satisfy the request?
Answer
  • Deploy an interceptor shell script
  • Use Mapping Templates
  • Use a stage variable
  • Use a Lambda custom interceptor

Question 119

Question
Your company has created a localized application and as such would like their Brazilian users to be served by their Brazilian servers. Other users around the globe should not be able to access your servers through DNS queries. Which Route 53 routing policy meets this requirement?
Answer
  • Latency
  • Geolocation
  • Failover
  • Weighted

Question 120

Question
Your departments have distinct AWS accounts and would like to debug and trace data across accounts and visualize it in a centralized account. What would you use to achieve that?
Answer
  • CloudTrail
  • VPC Flow Logs
  • CloudWatch Events
  • X-Ray

Question 121

Question
A company is developing a highly available web application using stateless web servers. Currently, the application is hosted on one EC2 instance that is installed along with Microsoft SQL Server. The company's Developer is redesigning the architecture to allow for scalability. One of those changes will require the replacement of the relational database to a NoSQL database technology. Which of the following services should you use given these requirements?
Answer
  • RDS
  • DynamoDB
  • Redshift
  • ElastiCache

Question 122

Question
Your business requires an order-processing application that will process orders during weekdays between the hours of 8 am to 5 pm. No operations will take place evenings or weekends and for keeping costs low, no servers must be running after hours. Which instance type will meet these requirements?
Answer
  • Scheduled Instances
  • On-Demand Instances
  • Classic Instances
  • Spot Instnaces

Question 123

Question
You're a developer working on a big scale order processing application. After completing features, you commit your code to AWS CodeCommit and begin building the project with AWS CodeBuild before it gets deployed to the server. The build is taking too long and the error points to an issue resolving dependencies from a third-party. You would like to prevent a build running this long in the future for the same reasons. Which of the following will help?
Answer
  • Enable Code Build Timeouts
  • Use AWS Lambda
  • Use AWS CloudWatch Events
  • Use VPC Flow Logs

Question 124

Question
You have written an application that uploads objects onto an S3 bucket. Every single multi-part upload request is at least 1TB in size. You expect the multi-part request to increase in size as operations begin to grow. What is the maximum file size for individual objects stored on an S3 bucket?
Answer
  • 5 TB
  • 5 GB
  • infinite
  • 1 TB
  • 500 GB
  • 2 TB
  • 10 TB
  • 256 GB

Question 125

Question
Your Elastic Beanstalk application must encrypt payloads of up to 10MB. Which method will help you achieve that?
Answer
  • Use the Encryption SDK
  • KMS Encrypt API Call
  • S3 Encrypt API Call
  • IAM Encrypt API Call

Question 126

Question
As a developer for a company working on AWS workloads, you understand that AWS CloudWatch logs are kept indefinitely and never expire. You are given a security compliance request that requires logs to be deleted after 1 week. Which of the following options will do that?
Answer
  • CloudWatch Log Streams
  • AWS Lambda with CloudWatch Event
  • CloudWatch S3 Exporter
  • CloudWatch log expiration policies

Question 127

Question
Your company has configured AWS Organizations to manage multiple AWS accounts. Within each AWS account, there are many CloudFormation scripts running. Your manager has requested that each script output the account number of the account the script was executed in. Which Pseudo parameter will you use to get this information?
Answer
  • AWS::StackName
  • AWS::NoValue
  • AWS::Region
  • AWS::AccountId

Question 128

Question
You are a developer for a web application written in .NET which uses the AWS SDK. You need to implement an authentication mechanism that returns a JWT (JSON Web Token). Which AWS service will help you with token handling and validation?
Answer
  • Cognito Sync
  • API Gateway
  • Cognito Identity Pools
  • Cognito User Pools

Question 129

Question
A company has configured a continuous delivery service using AWS CodePipeline. The stages of a software release have been modeled and the pipeline created will copy files or changes that will be worked on by the actions and stages. Which of the following AWS service will assist in the storage of these files?
Answer
  • EFS
  • EBS
  • SQS
  • SNS
  • AWS Lambda
  • S3

Question 130

Question
You are a developer in a manufacturing company that has several servers on-site. The company decides to move new development to the cloud using serverless technology. You decide to use the AWS Serverless Application Model (AWS SAM) and work with an AWS SAM template file to represent your serverless architecture. Which of the following is not a valid serverless resource type?
Answer
  • AWS::Serverless::UserPool
  • AWS::Serverless::Function
  • AWS::Serverless::Api
  • AWS::Serverless::SimpleTable

Question 131

Question
Your team lead is reviewing a CloudFormation template written by you. The template you created was written in YAML and it will be reused by many. After your team lead finished reviewing the template, they found a section that was not valid. Which of the following sections was it?
Answer
  • Conditions
  • Resources
  • Parameters
  • Dependencies
  • Outputs

Question 132

Question
You have configured the AWS CLI on your workstation. Your default region is us-east-1 and your IAM user has permissions to operate commands on services such as EC2, S3, and RDS in any region. You would like to execute a command to stop an EC2 instance in the us-east-2 region. What must you do to achieve this?
Answer
  • You should create a new profile just for that other region
  • You need the override the default region use aws configure
  • Use the --region parameter
  • Use boto3 dependency injection

Question 133

Question
You are working with a template document written in YAML that represents the architecture of a serverless application. When you read the document you see the first line contains Transform: 'AWS::Serverless-2016-10-31'. What does the Transform section in the document represent?
Answer
  • It is a Lamda function definition
  • It is an intrinsic function
  • It is a SAM template
  • It is a CloudFormation parameter

Question 134

Question
You have chosen AWS Elastic Beanstalk to upload your application code and allow it to handle details such as provisioning resources and monitoring. When creating configuration files for AWS Elastic Beanstalk which naming convention should you follow?
Answer
  • .ebextensions_<mysettings>.config
  • .ebextensions/<mysettings>.config
  • .config/<mysettings>.ebextensions
  • .config_<mysettings>.ebextensions

Question 135

Question
A company has created a software delivery process using AWS CodePipeline. The Developer has managed to model all the resources and has executed the pipeline and during the process, the pipeline fails due to an authorization error. Which step should be taken first to solve the issue?
Answer
  • Audit the S3 bucket CORS policy where the artifacts are stored
  • Check changes in CloudTrail
  • Check the recent changes in CloudWatch
  • Check the Service IAM permissions

Question 136

Question
You're a developer for Movie Gallery, a company that just migrated to the cloud. A database must be created using NoSQL technology to hold movies that are listed for public viewing. You are taking an important step in designing the database with DynamoDB and need to choose the appropriate partition key. Which of the following unique attributes satisfies this requirement?
Answer
  • lead_actor_name
  • producer_name
  • move_id
  • movie_language

Question 137

Question
A company is starting to automate the creation of ECS clusters using CloudFormation. The process has worked for a while, but after creating task definitions and assigning roles, engineers discover that the tasks for containers are not using the permissions assigned to them. Which ECS config must be set in /etc/ecs/ecs.config to allow ECS tasks to use IAM roles?
Answer
  • ECS_AVAILABLE_LOGGING_DRIVERS
  • ECS_ENGINE_AUTH_DATA
  • ECS_ENABLE_TASK_IAM_ROLE
  • ECS_CLUSTER

Question 138

Question
You are a developer writing a CloudFormation template written in YAML. Your template will consist of the creation of EC2 instances and one RDS resource. Once your resources are created you would like to output the connection endpoint for the RDS database. Which intrinsic function returns the value needed?
Answer
  • !Sub
  • !Ref
  • !GetAtt
  • !FindInMap

Question 139

Question
You're a developer maintaining a web application written in .NET. The application makes references to public objects in a public S3 accessible bucket using a public URL. While doing a code review your colleague advises that the approach is not a best practice because some of the objects contain private data. After the administrator makes the S3 bucket private you can no longer access the S3 objects but you would like to create an application that will enable people to access some objects as needed with a time policy constraint. Which of the following options will give access to the objects?
Answer
  • Using bucket policy
  • Using pre-signed URL
  • Using Routing policy
  • Not Possible

Question 140

Question
You have created an AWS CodePipeline pipeline that performs many actions in a specified order. After careful revision of your steps, you determine that some steps need to run at the same time instead of by specified order to speed up your pipeline. What method will achieve this?
Answer
  • Upgrade the AWS CodePipeline instance type
  • Re-design the pipeline to include steps to occur in parallel where possible
  • Ask for a 'speed boost' from the AWS support
  • Enable pipeline caching

Question 141

Question
A developer created an online shopping application that runs on EC2 instances behind load balancers. The same web application version is hosted on several EC2 instances and the instances run in an Auto Scaling group. The application uses STS to request credentials but after an hour your application stops working. What is the most likely cause of this?
Answer
  • The IAM service is experiencing downtime once an hour
  • Your IAM policy is wrong
  • A lambda function revokes your access every hour
  • Your application needs to renew the credentials after 1 hour when they expire

Question 142

Question
Your development team created a popular mobile app written for Android and are searching for a technology that can send messages to mobile devices using a mobile app. Mobile app users will register and be given permission to access AWS resources. Which technology would you recommend for subscribing users to messages?
Answer
  • SES
  • SQS
  • SNS
  • Kinesis

Question 143

Question
You are working for a small organization that does not have a database administrator and are needing to install a database on the cloud quickly to support an accounting application used by thousands of users. The application will act as a backend and will perform (CRUD) operations such as create, read, update and delete as well as inner joins. Which database is best suited for this scenario?
Answer
  • Redshift
  • DynamoDB
  • RDS
  • Fargate
  • ElastiCache

Question 144

Question
When your company first created an AWS account, you began with a single sign-in principal called a root user account that had complete access to all AWS services and resources. What should you do to adhere to best practices for using the root user account?
Answer
  • It should be accessible by no one, throw away the passwords after creating the account
  • It should be accessible by 3 to 6 members of the IT team
  • It should be accessible using the access_key_id and secret_access_key_id
  • It should be accessible by one admin only after enabling Multi-factor authentication

Question 145

Question
Your company is new to cloud computing and would like to host a static HTML5 website on the cloud and be able to access it via domain www.mycompany.com. You have created a bucket in Amazon Simple Storage Service (S3), enabled website hosting, and set the index.html as the default page. Finally, you create an Alias record in Amazon Route 53 that points to the S3 website endpoint of your S3 bucket. When you test the domain www.mycompany.com you get the following error: 'HTTP response code 403 (Access Denied)'. What can you do to resolve this error?
Answer
  • Enable CORS
  • Create an IAM Role
  • Create a bucket policy
  • Enable Encryption

Question 146

Question
You were assigned to a project that requires the use of the AWS CLI to build a project with AWS CodeBuild. Your project's root directory includes the buildspec.yml file to run build commands and would like your build artifacts to be automatically encrypted at the end. How should you configure CodeBuild to accomplish this?
Answer
  • Specify a KMS key to use
  • Use an AWS Lambda Hook
  • Use the AWS Encryption SDK
  • Use In Flight Encryption (SSL)

Question 147

Question
A security company is requiring all developers to perform server-side encryption with customer-provided encryption keys when performing operations in AWS S3. Developers should write software with C# using the AWS SDK and implement the requirement in the PUT, GET, Head, and Copy operations. Which of the following encryption methods meets this requirement?
Answer
  • Client Side Encryption
  • SSE-KMS
  • SSE-C
  • SSE-S3

Question 148

Question
You are a Developer consultant working on several client projects using cloud technology and spending less time managing resources and more time focusing on applications is a priority. You have created AWS CloudFormation templates that are reusable by taking advantage of input parameters to name resources based on client names. You would like to save your templates on the cloud, which storage option should you choose?
Answer
  • EFS
  • EBS
  • S3
  • ECR

Question 149

Question
Correct answer - "S3": If you upload a local template file, AWS CloudFormation uploads it to an Amazon Simple Storage Service (Amazon S3) bucket in your AWS account. If you don't already have an S3 bucket that was created by AWS CloudFormation, it creates a unique bucket for each region in which you upload a template file. If you already have an S3 bucket that was created by AWS CloudFormation in your AWS account, AWS CloudFormation adds the template to that bucket. Incorrect: "EBS" - Amazon EBS is a recommended storage option when data must be quickly accessible and requires long-term persistence "EFS" - EFS is a file storage service where you mount the file system on an Amazon EC2 Linux-based instance which is not an option for CloudFormation "ECR" - Amazon ECR eliminates the need to operate your container repositories or worry about scaling the underlying infrastructure which does not apply to CloudFormation For more information visit https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-using-console-create-stack-template.html
Answer
  • CodeBuild cannot talk to ECR because of security group issues
  • The ECR repository is stale, you must delete and re-create it
  • The IAM permissions are wrong for the CodeBuild service
  • The ECS instances are misconfigured and must contain additional data in /etc/ecs/ecs.config

Question 150

Question
You are a DynamoDB developer for an aerospace company that requires you to write 6 objects per second of 4.5KB in size each. What write capacity unit is needed for your project?
Answer
  • 46
  • 24
  • 48
  • 15
  • 30
  • 6

Question 151

Question
Which of the following statements is true for SNS?
Answer
  • Lambda can be a target of SNS
  • Messages are sent to all subscribers
  • SNS Messages can be retrieved at a later date
  • SQS Can be a target of SNS
  • Lambda have to manually confirm subscriptions to a SNS topic
  • Email Users have to manually confirm subscriptions to SNS

Question 152

Question
When you update your application versions, AWS Elastic Beanstalk performs an in-place update and your application becomes unavailable to users for a short period. Instead, you would like to redirect traffic to the new version using a DNS switch. Which deployment method will allow you to do this?
Answer
  • rolling with additional batches
  • all at once
  • immutable
  • rolling
  • blue/green

Question 153

Question
You are a developer working at a cloud company that embraces serverless. You have performed your initial deployment and would like to work towards adding API Gateway stages and associate them with existing deployments. Your stages will include prod, test, and dev and will need to match a Lambda version that can be updated over time. Which of the following features must you add to achieve this?
Answer
  • Lambda X-Ray Integration
  • Stage Variables
  • Lambda Aliases
  • Mapping Templates
  • Lambda Versions

Question 154

Question
A company has AWS Lambda functions where each is invoked by other AWS services such as Amazon Kinesis Data Firehose, Amazon API Gateway, Amazon Simple Storage Service, or Amazon CloudWatch Events. What all functions have in common is that they all process heavy workloads such as big data analysis, large file processing, and statistical computations. What should you do to improve the performance of your AWS Lambda functions without changing your code?
Answer
  • Increase the instance type for your functions
  • Increase the RAM assigned to your function
  • Change your function runtime to use Golang
  • Increase the timeout

Question 155

Question
Your security team is concerned that proper training on encryption was not given to the development team. They have requested your help in determining which KMS API requests are being made, including both management requests such as create/disable keys to cryptographic requests such as encrypt/decrypt. What AWS service should you use to get this information?
Answer
  • VPC Flow Logs
  • CloudTrail
  • KMS Policies
  • IAM

Question 156

Question
You are a Developer for a company that uses Amazon ECS container instances. You are revising agent configuration variables for tasks that were written by junior architects. You find that a setting was missed and will need to include an option in the configuration to authorize IAM roles. Which of the following options must you set?
Answer
  • ECS_ENGINE_AUTH_DATA
  • ECS_AVAILABLE_LOGGING_DRIVERS
  • ECS_ENABLE_TASK_IAM_ROLE
  • ECS_CLUSTER

Question 157

Question
You are a Developer working for the food channel. Currently, there are 3 EC2 instances running behind an Application Load Balancer and have been asked to create a web application where web visitors enter ingredients and recipes will be generated. No complex joins would be required and IAM policies should be created for each table. Which of the following database technologies meets these requirements?
Answer
  • DyanamoDB
  • RDS MySQL
  • ElastiCache
  • Redshift
  • MongoDB

Question 158

Question
You are a Developer handling a deployment service that automates application deployments to Amazon EC2 instances. Most of the deployments consist of code, but sometimes web and configuration files. One of your deployments failed and was rolled back by AWS CodeDeploy to the last known good application revision. During rollback which of the following instances did AWS CodeDeploy deploy first to?
Answer
  • To the non-failed instances
  • To the failed instances
  • To new instances
  • You can not rollback CodeDeploy

Question 159

Question
You are a developer working on an AWS CloudFormation template that will create resources for a company's cloud infrastructure. Your template is composed of three stacks which are Stack-A, Stack-B, and Stack-C. Stack-A will provision a VPC, a security group, and subnets for public web applications that will be referenced in Stack-B and Stack-C. After running the stacks you decide to delete them, in which order should you do it?
Answer
  • B -> C -> A
  • A -> B -> C
  • A -> C -> B
  • C -> A -> B
  • B -> A -> C

Question 160

Question
Your company has embraced cloud-native microservices architectures. New applications must be dockerized and stored in a registry service offered by AWS. The architecture should support dynamic port mapping and support multiple tasks from a single service on the same container instance. All services should run on the same EC2 instance. Which technology will best fit your company requirements?
Answer
  • ALB + ECS
  • CLB + Beanstalk
  • ALB + Beanstalk
  • CLB + ECS

Question 161

Question
A team lead has asked you to create an AWS CloudFormation template that creates EC2 instances and RDS databases. The template should be reusable by allowing the user to input a parameter value for an Amazon EC2 AMI ID. Which of the following intrinsic function should you choose to reference the parameter?
Answer
  • !Param
  • !GetAtt
  • !Ref
  • !Join

Question 162

Question
Your company stores security reports in Amazon Simple Storage Service (S3) but is worried that after storing 10 years' worth of documents they will have to migrate their data to another service provider due to storage limits. Your team lead has asked you to look into this matter, what is the maximum storage limit per S3 buckets?
Answer
  • 25 TB
  • 10 TB
  • Unlimited
  • 5 TB
  • 100 TB

Question 163

Question
You are a developer working on a web application written in Java and would like to use AWS Elastic Beanstalk for deployment because it would handle deployment, capacity provisioning, load balancing, auto-scaling, and application health monitoring. In the past, you connected to your provisioned instances through SSH to issue configuration commands but instead would like a configuration file that automatically applies settings for you. Which of the following options would help do this?
Answer
  • Use SSM parameter store as an input to your Elastic Beanstalk Configurations
  • Deploy a CloudFormation wrapper
  • Include config files in .ebextensions/ at the root of your source code
  • Use an AWS Lambda hook

Question 164

Question
You are the owner of a small company running workloads on AWS and recently lost all your developers. You need to provision more resources for a client and while going through existing AWS CloudFormation templates you decide that you need to change several major sections to fulfill a request. Which of the following sections in an AWS CloudFormation template is not valid?
Answer
  • Metadata
  • Parameters
  • Mappings
  • Groups

Question 165

Question
You are a Developer for a company that has multiple AWS accounts managed with AWS Organizations. You are in the process of creating an Amazon Simple Storage Service (S3) bucket named 'prod' in one account that will contain log files from EC2 instances in production. When creating the bucket an error message displays 'Bucket name already exists'. You check your current account for a duplicate name and none exists. What is the most likely reason for this?
Answer
  • Someone else in the world already created a bucket named 'prod'
  • Wrong IAM Permissions
  • Bucket name is too short
  • 'prod' is a reserved bucket name

Question 166

Question
You are an administrator for a video-on-demand web application where content creators upload videos directly into S3. Recent support requests from customers state that uploading video files near 500GB size causes the website to break. After doing some investigation you find the following error: 'Your proposed upload exceeds the maximum allowed size'. What must you do to solve this error?
Answer
  • IAM permissions are incorrect
  • Maximum file size is 5GB
  • Need to use Multi-Part upload
  • Need to place a service limit increase request with AWS

Question 167

Question
You are the administrator for a software development company specializing in medical algorithms. and have created an AWS CodePipeline pipeline through the AWS Management Console. You would like to view a list of API calls performed by your pipeline because many changes have been made by you and other administrators. Which AWS service will provide this information?
Answer
  • CloudWatch Logs
  • CodePipeline Logs
  • IAM
  • CloudTrail

Question 168

Question
You are an administrator setting permissions to other IAM users with limited permissions. On the AWS Management Console, you created a dev group where new developers will be added to, and on your workstation, you configured a developer profile. You would like to test that this user cannot terminate instances. Which of the following options would you execute?
Answer
  • Using the CLI, create a dummy EC2 and delete it using another CLI call
  • Use the AWS CLI --test option
  • Retrieve the policy using the EC2 metadata service and use the IAM policy simulator
  • Use the AWS CLI --dry-run option

Question 169

Question
A weather app for the Android phone assists citizens with preparation tips for Hurricanes in Florida before hurricanes land. The next version of the weather app will include notification messages directly to mobile apps notifying of updates and upcoming developing storms. Which of the following technologies will help with the second version?
Answer
  • Lambda
  • SQS
  • SNS
  • Kinesis

Question 170

Question
You have a workload that requires persistent block storage for Microsoft SQL Server. High availability and durability is a requirement. The solution must allow for daily snapshots and be attachable to other EC2 instances in case of instance failures. Which of the following storage options should you choose?
Answer
  • S3
  • EBS
  • FTP
  • RDS

Question 171

Question
A developer in your company was just promoted to Developer and will be in charge of code deployment using AWS CodeCommit and AWS CodeDeploy. New requirements have been given to control deployment details by changing file permissions when applications are deployed and verifying the deployment success. Which of the following actions should the new Developer take?
Answer
  • define a appspec.yml file in the codebuild/ directory
  • define a buildspec.yml file in the root directory
  • define a buildspec.yml file in the codebuild/ directory
  • define a appspec.yml file in the root directory

Question 172

Question
A university has created a student portal that is accessible through a smartphone app and web application. The smartphone app is available in both Android and IOS and the web application works on most major browsers. Students will be able to do group study online and create forum questions. All changes made in smartphone devices should be available even when offline and should synchronize with other devices. Which of the following AWS services will meet these requirements?
Answer
  • S3
  • Cognito Identity Pools
  • EFS
  • Cognito Sync

Question 173

Question
You have been hired to work for a company that produces open-source software. In the last year, the company has been working with its cloud engineers to build server applications. Your task will be to work with other developers in creating a REST API following the serverless approach. All the developers in the company only develop in the Node.Js language. Which of the following technologies should you choose?
Answer
  • API Gateway + Lambda
  • ELB + ECS
  • ALB + ECS on EC2
  • Route 53 on EC2

Question 174

Question
Which of the following statements is true about AWS CloudFormation?
Answer
  • CloudFormation templates are static and do not allow parameters
  • The order in which resources are created does not need to be specified.
  • CloudFormation templates can only be valid for one region and account
  • CloudFormation templates lock the configuration of the created resources

Question 175

Question
As a senior architect, you are responsible for the development, support, maintenance, and implementation of all database applications written using NoSQL technology. A new project demands a throughput requirement of 10 strongly consistent reads per second of 6KB in size each. How many read capacity units will you need when configuring your DynamoDB table?
Answer
  • 20
  • 10
  • 60
  • 30
  • 5
  • 40
  • 50

Question 176

Question
You are a Developer working with data on an EC2 instance running Windows. You have installed Kinesis Agent for Windows to stream JSON-formatted log files to Amazon Simple Storage Service (S3) via Amazon Kinesis Data Firehose. You gathered a list of all available sink types to change the destination of the log if needed. Which of the following sink types is not supported by Kinesis Firehose?
Answer
  • S3
  • ElasticSearch
  • ElastiCache
  • Redshift

Question 177

Question
You are a Developer at a company and are responsible for the data management of the AWS Kinesis streams. The security team has required stricter requirements by leveraging security mechanisms available with the Kinesis Data Streams service that won't require code changes on your end. Which of the following features meet the requirements?
Answer
  • Envelope Encryption
  • SSE-C Encryption
  • Encryption in flight with HTTPS
  • Client Side Encryption
  • KMS Encryption for data at rest

Question 178

Question
You have set up an internet-facing load balancer to route requests to virtual machines inside a private VPC. The virtual machines will be launched from a single custom Amazon Machine Image (AMI), private to your organization, with pre-installed software. Which of the following AWS services will help you create your virtual machines?
Answer
  • ElastiCache
  • EC2
  • RDS
  • DynamoDB

Question 179

Question
You have launched several AWS Lambda functions written in Java. A new requirement was given that over 1MB of data should be passed to the functions and should be encrypted and decrypted at runtime. Which of the following methods is suitable for encrypting the data?
Answer
  • KMS direction encryption and store as file
  • Envelope Encryption and store as file within the code
  • Envelope Encryption and store as environment variable
  • KMS Encryption and store as environment variable

Question 180

Question
You have created a continuous delivery service model with automated steps using AWS CodePipeline. Your pipeline uses your code, maintained in a CodeCommit repository, AWS CodeBuild, and AWS Elastic Beanstalk to automatically deploy your code every time there is a code change. However, the deployment part to Elastic Beanstalk is taking a very long time due to resolving dependencies on all of your 100 target EC2 instances. Which of the following actions should you take to improve performance with limited code changes?
Answer
  • Store dependencies in S3
  • Bundle the dependencies in the source code in CodeCommit
  • Bundle the dependencies in the source code during the last stage of CodeBuild
  • Create a custom platform for Elastic Beanstalk

Question 181

Question
An organization has a requirement to send emails to multiple users from their application hosted on an EC2 instance in a private VPC. Email recipients should not be IAM users and you will reuse the organization's email template for use in the email. Which of the following AWS services should you use?
Answer
  • SNS
  • SES
  • SQS With Lambda
  • Kinesis

Question 182

Question
A company uses AWS CodeDeploy to deploy applications from GitHub to EC2 instances running Amazon Linux. The deployment process uses a file called appspec.yml for specifying deployment hooks. A final lifecycle event should be specified to verify the deployment success. Which of the following hook events should be used to verify the success of the deployment?
Answer
  • ValidateService
  • AfterInstall
  • ApplicationStart
  • AllowTraffic

Question 183

Question
A company has created an Amazon S3 bucket that holds customer data that gets accessed by the company's internal software application and other developers. The team lead has enabled access logging to track requests and learn more about the requester, actions, and the response status of requests. Before access logging was turned on the bucket size was 1GB and in a few days, it grew to 100 GB. The team lead is puzzled because no new files have been added lately. Which of the following reasons explains this behavior?
Answer
  • Without bucket policies, the bucket will grow in size rapidly
  • You experienced a DDOS on your S3 bucket
  • Encryption has been enabled
  • S3 access logging is pointing to the same bucket and you are getting exponential growth

Question 184

Question
You are a team lead on a company that has an application using Amazon Relational Database Service (RDS) Multi-AZ. The marketing department has informed you about an upcoming ad that will drive thousands of new visitors to the website. Which of the following will help you handle the load?
Answer
  • RDS Multi AZ
  • RDS Read Replicas
  • RDS Backups
  • RDS Maintenance Upgrades

Question 185

Question
A sports media company has hired you to help with their microservices architecture. The company needs help writing applications in Node. Js that run on the cloud without managing any servers. They would also like to have dev, test, and production environments for the developers to work with. Most importantly, you were asked to help developers debug their microservices if issues come up with development. Which of the following services will you implement?
Answer
  • CloudWatch Logs
  • CloudTrail
  • X-Ray
  • Systems Manager

Question 186

Question
A developer with access to the AWS Management Console terminated an instance in the us-east-1a availability zone. The attached EBS volume remained and is now available for attachment to other instances. Your colleague launches a new Linux EC2 instance in the us-east-1e availability zone and is attempting to attach the EBS volume. Your colleague informs you that it is not possible and need your help. Which of the following explanations would you provide to them?
Answer
  • Missing IAM Permissions
  • EBS volumes are region locked
  • EBS volumes are AZ locked
  • EBS volume is encrypted

Question 187

Question
Your web application front end consists of 5 EC2 instances behind an Application Load Balancer. You have configured your web application to capture the IP address of the client making requests. When viewing the data captured you notice that every IP address being captured is the same, which also happens to be the IP address of the Application Load Balancer. What should you do to identify the true IP address of the client?
Answer
  • Look into the X-Forwarded-Proto header in the backend
  • Modify the front-end of the website so that the users send their IP in the requests
  • Look into the X-Forwarded-For header in the backend
  • Look into the client's cookie

Question 188

Question
You create an Auto Scaling group to work with an Application Load Balancer. The scaling group is configured with a minimum size value of 5, a maximum value of 20, and the desired capacity value of 10. One of the 10 EC2 instances has been reported as unhealthy. Which of the following actions will take place?
Answer
  • The ASG will terminate the EC2 Instance
  • The ASG will detach the EC2 instance from the group, and leave it running
  • The ASG will keep the instance running and re-start the application
  • The ASG will format the root EBS drive on the EC2 instance and run the User Data again

Question 189

Question
You currently have an AWS Lambda function with python code, libraries, and dependencies included in a 40MB deployment package ready for direct upload. Your function is failing because as the package unzips, it exceeds the unzipped size limit. What can you do to resolve this issue?
Answer
  • You need to zip your function with higher compression ratio
  • You need to place a service limit increase
  • You need to upload a smaller function and load extra files at runtime into the /tmp directory
  • The limit of unzipped functions is 512MB so you don't need to do any changes

Question 190

Question
You have deployed a traditional 3-tier web application architecture with a Classic Load Balancer, an Auto Scaling group, and an Amazon Relational Database Service (RDS) database. Users are reporting daily that they have to re-authenticate into the website often. The session information is stored in memory for each application instance. What should you do to make the application tier stateless and outsource the session information?
Answer
  • Use Elastic IP
  • Enable RDS and Replicas
  • Enable Load Balancer Stickiness
  • Add an ElastiCache Cluster

Question 191

Question
An Amazon Simple Storage Service (S3) bucket holds images uploaded from a website. When new objects are created in the bucket an AWS Lambda function is invoked based on the function ARN configured. When new function versions are promoted changes should not have to be made in the configuration to point to the new function ARN. How can you accomplish this?
Answer
  • Use environment variables
  • Enable X-Ray integration
  • Use AWS Lambda aliases
  • Disable AWS Lambda versioning

Question 192

Question
Your company has launched a static website using Amazon S3 but would now like to migrate the website to Amazon EC2 to order to introduce a web server that will serve dynamic content. Developers are only familiar with the programming language C# using the .Net Framework and will require the website to be moved to Amazon EC2 Windows instances. This change will also require Elastic Load Balancing load balancers in front of the EC2 instances. How can you ensure the URL for your users does not change during the migration?
Answer
  • Expose a domain name created with Route 53
  • Use the domain name provided by the ELB
  • Use the domain name provided by the API Gateway
  • Use the domain name provided by CloudFront

Question 193

Question
You have a workflow process that pulls code from AWS CodeCommit and deploys to EC2 instances associated with tag group ProdBuilders. You would like to configure the instances to archive no more than 2 application revisions to conserve disk space. Which of the following will allow you to implement this?
Answer
  • CloudWatch Log Agent
  • CodeDeploy Agent
  • Mount EBS Volumes on the EC2 instance
  • Have a load balancer in front of your instances

Question 194

Question
You are working inside a t2.small instance bastion host that has the AWS CLI installed to help manage all your AWS services. You would like to know the security group of the current instance and the instance id. Which of the following should you do to get that information?
Answer
  • Create an IAM role and attach it to my EC2 instance so I can perform a 'describe' API call
  • Query the user data at http://169.254.169.254/latest/user-data
  • Query the metadata at http://169.254.169.254/latest/meta-data
  • Query the user data at http://254.169.254.169/latest/meta-data

Question 195

Question
You have been a developer for the government since the last decade building applications that exchange data between each other. Your applications use Amazon Simple Queue Service (SQS) for its message queue service. Due to recent government hacks, security measures have become stricter and require you to store data in encrypted queues. Which of the following steps can you take to meet your requirements without making changes to the existing code?
Answer
  • Change IAM policy
  • Use the SSL endpoint
  • Use Client Side Encryption
  • Enable SQS KMS encryption

Question 196

Question
Your entire stack is integrated with AWS X-Ray. The Developer at your company has noticed too much data going into X-Ray and the AWS monthly usage charges have skyrocketed as a result. The Developer has requested you make changes to mitigate the issue. How can this be done with minimal disruption to obtain tracing trends while reducing costs?
Answer
  • Enable X-Ray Sampling
  • Filter the amount of data sent client side
  • Custom configuration for the X-Ray agents
  • Implement a network security rule

Question 197

Question
Your team does a lot of programming with the AWS CloudWatch Query API. You publish metric data to Amazon CloudWatch that is an average of 20 KB in size for HTTP POST requests. Lately, you have received a lot of throttling errors, making your applications unreliable during business hours. Which of the following can you do to make your applications reliable and ensure your metrics get sent to CloudWatch?
Answer
  • Check IAM Policy
  • Use Kinesis Stream
  • Use Expotential Backoff for retries
  • Enable high throughput metrics in CloudWatch

Question 198

Question
Your company hosts a static website on Amazon Simple Storage Service (S3) written in HTML5. The website targets members of an aviation association in the United States. In the last year, the aviation association has grown worldwide and hundreds of thousands of visitors access the website monthly. Visitors from different parts of the world are experiencing slow performance due to latency while users in the United States experience normal response times. What service can mitigate this issue?
Answer
  • ElastiCache
  • CloudFront
  • S3 Caching
  • EFS

Question 199

Question
You are a developer working with the AWS CLI to create Lambda functions that contain environment variables. Your functions will require over 50 environment variables consisting of sensitive information to database table names. What is the total set size of AWS Lambda environment variables you can create?
Answer
  • 1MB
  • 32KB
  • 4KB
  • 1KB
  • 256KB

Question 200

Question
Your web application front end consists of multiple Amazon EC2 instances behind an Elastic Load Balancing load balancer running in three Availability Zones running the desired capacity of 5 EC2 instances. You would like to integrate AWS CodeDeploy for automating application deployment, which will reroute traffic from your application's original environment to the new environment or choose to stop instances and install the new application version. Which of the following options will you choose from?
Answer
  • rolling
  • immutable
  • blue/green
  • rolling with additional batches
  • all at once
  • in-place deployment
Show full summary Hide full summary

Similar

AWS: Mock Quiz
Sarwesh Saurabh
Amazon Web Services
Stephen Gibbons
AWS Developer Associate Practice Quiz #2
Bill Rawlinson
AWS Notes
Stephen Gibbons
AWS: ELB
Sarwesh Saurabh
Chapter 2. Understanding Your AWS Account
Julio Gutierrez
Chapter 1. The Cloud
Julio Gutierrez
AWS Ch7 Exam
Tim Urista
AWS Certified Solutions Architect Associate notes
Gaurav Sehgal
AWS: RDS
Sarwesh Saurabh