Amazon (DVA-C01) Exam Questions And Answers page 27
A developer is creating a website that will be hosted from an Amazon S3 bucket. The website must support secure browser connections.
Which combination of actions must the developer take to meet this requirement? (Choose two.)
Which combination of actions must the developer take to meet this requirement? (Choose two.)
Create an Amazon CloudFront distribution. Set the S3 bucket as an origin.
Configure the Elastic Load Balancer with an SSL/TLS certificate.
Configure the Amazon CloudFront distribution with an SSL/TLS certificate.
Configure the S3 bucket with an SSL/TLS certificate.
Storage Services
Security and Identity Services
A developer is creating AWS CloudFormation templates to manage an application s deployment in Amazon Elastic Container Service (Amazon ECS) through AWS CodeDeploy. The developer wants to automatically deploy new versions of the application to a percentage of users before the new version becomes available for all users.
How should the developer manage the deployment of the new version?
How should the developer manage the deployment of the new version?
Modify the CloudFormation template to include a Transform section and the AWS::CodeDeploy::BlueGreen hook.
Deploy the new version in a new CloudFormation stack. After testing is complete, update the application s DNS records for the new stack.
Run CloudFormation stack updates on the application stack to deploy new application versions when they are available.
Create a nested stack for the new version. Include a Transform section and the AWS::CodeDeploy::BlueGreen hook.
Storage Services
Database Services
A developer is creating AWS CloudFormation templates to manage an application s deployment in Amazon Elastic Container Service (Amazon ECS) through AWS CodeDeploy. The developer wants to automatically deploy new versions of the application to a percentage of users before the new version becomes available for all users.
How should the developer manage the deployment of the new version?
How should the developer manage the deployment of the new version?
Modify the CloudFormation template to include a Transform section and the AWS::CodeDeploy::BlueGreen hook.
Deploy the new version in a new CloudFormation stack. After testing is complete, update the application s DNS records for the new stack.
Run CloudFormation stack updates on the application stack to deploy new application versions when they are available.
Create a nested stack for the new version. Include a Transform section and the AWS::CodeDeploy::BlueGreen hook.
Storage Services
Deployment and Management
A developer is debugging an AWS Lambda function behind an Amazon API Gateway. Whenever the API Gateway endpoint is called, HTTP status code 200 is returned even though AWS Lambda is recording a 4xx error.
What change needs to be made to return a proper error code through the API Gateway?
What change needs to be made to return a proper error code through the API Gateway?
Enable CORS in the API Gateway method settings
Use a Lambda proxy integration to return HTTP codes and headers
Enable API Gateway error pass-through.
Return the value in the header x-Amzn-ErrorType.
Deployment and Management
Monitoring and Troubleshooting
A developer is deploying an application on Amazon EC2 instances that run in Account A. The application needs to read data from an existing Amazon Kinesis data stream in Account B.
Which actions should the developer take to provide the application with access to the stream? (Choose two.)
Which actions should the developer take to provide the application with access to the stream? (Choose two.)
Update the instance profile role in Account A with stream read permissions
Create an IAM role with stream read permissions in Account B
Add a trust policy to the instance profile role and IAM role in Account to allow the instance profile role to assume the IAM role
Add a trust policy to the instance profile role and IAM role in Account to allow reads from the stream
Add a resource-based policy in Account to allow read access from the instance profile role
Storage Services
Security and Identity Services
A developer is designing a distributed application built using a microservices architecture spanning multiple AWS accounts. The company s operations team wants to analyze and debug application issues from a centralized account.
How can the developer meet these requirements?
How can the developer meet these requirements?
Use an Amazon X-Ray agent with role assumption to publish data into the centralized account.
Use Amazon X-Ray and create a new IAM user to publish the access keys into the centralized account.
Use VPC Flow Logs to collect applications logs across different accounts.
Enable AWS CloudTrail to publish the trails in an Amazon S3 bucket in the centralized account.
Deployment and Management
Monitoring and Troubleshooting
A developer is designing a distributed application built using a microservices architecture spanning multiple AWS accounts. The company s operations team wants to analyze and debug application issues from a centralized account.
How can the developer meet these requirements?
How can the developer meet these requirements?
Use an Amazon X-Ray agent with role assumption to publish data into the centralized account.
Use Amazon X-Ray and create a new IAM user to publish the access keys into the centralized account.
Use VPC Flow Logs to collect applications logs across different accounts.
Enable AWS CloudTrail to publish the trails in an Amazon S3 bucket in the centralized account.
Deployment and Management
Monitoring and Troubleshooting
A Developer is designing a fault-tolerant environment where client sessions will be saved.
How can the Developer ensure that no sessions are lost if an Amazon EC2 instance fails?
How can the Developer ensure that no sessions are lost if an Amazon EC2 instance fails?
Use sticky sessions with an Elastic Load Balancer target group.
Use Amazon SQS to save session data.
Use Amazon DynamoDB to perform scalable session handling.
Use Elastic Load Balancer connection draining to stop sending requests to failing instances.
Storage Services
Deployment and Management
A Developer is designing an AWS Lambda function that create temporary files that are less than 10 MB during execution. The temporary files will be accessed and modified multiple times during execution. The Developer has no need to save or retrieve these files in the future.
Where should the temporary file be stored?
Where should the temporary file be stored?
the /tmp directory
Amazon EFS
Amazon EBS
Amazon S3
Compute Services
Storage Services
A Developer is designing a new application that uses Amazon S3. To satisfy compliance requirements, the Developer must encrypt the data at rest.
How can the Developer accomplish this?
How can the Developer accomplish this?
Use s3:x-amz-acl as a condition in the S3 bucket policy.
Use Amazon RDS with default encryption.
Use aws:SecureTransport as a condition in the S3 bucket policy.
Turn on S3 default encryption for the S3 bucket.
Storage Services
Database Services
Comments