Amazon (DVA-C01) Exam Questions And Answers page 53
An organization is storing large files in Amazon S3, and is writing a web application to display meta-data about the files to end-users. Based on the metadata a user selects an object to download. The organization needs a mechanism to index the files and provide single-digit millisecond latency retrieval for the metadata.
What AWS service should be used to accomplish this?
What AWS service should be used to accomplish this?
Amazon EC2
AWS Lambda
Amazon RDS
Storage Services
Monitoring and Troubleshooting
An organization is storing large files in Amazon S3, and is writing a web application to display meta-data about the files to end-users. Based on the metadata a user selects an object to download. The organization needs a mechanism to index the files and provide single-digit millisecond latency retrieval for the metadata.
What AWS service should be used to accomplish this?
What AWS service should be used to accomplish this?
Amazon DynamoDB
Amazon EC2
AWS Lambda
Amazon RDS
Storage Services
Monitoring and Troubleshooting
An organization is using Amazon API Gateway to provide a public API called Survey for collecting user feedback posts about its products. The survey API has DEV and PROD stages and consists of one resource /feedback which allows users to retrieve/create/update single feedback posts.
A version-controlled Swagger file is used to define a new API that retrieves multiple feedback posts. To add the new API resource /listFeedbackForProduct the developer makes changes to the Swagger file defining an API, uploads the file to the organization s version control system, and uses the API Gateway Import API feature to apply the changes to the Survey API. After successful import, the developer runs the tests against the DEV stage and finds that resource /listFeedbackForProduct is not available.
What is MOST likely the reason for resource not being available?
A version-controlled Swagger file is used to define a new API that retrieves multiple feedback posts. To add the new API resource /listFeedbackForProduct the developer makes changes to the Swagger file defining an API, uploads the file to the organization s version control system, and uses the API Gateway Import API feature to apply the changes to the Survey API. After successful import, the developer runs the tests against the DEV stage and finds that resource /listFeedbackForProduct is not available.
What is MOST likely the reason for resource not being available?
Even though the Swagger import was successful, resource creation failed afterwards.
There is a propagation delay of several minutes in creating API Gateway resources after import.
The developer needs to restart the API Gateway stage after import in order to apply the changes.
The developer needs to create a new deployment after import in order to deploy the changes.
Storage Services
Networking and Content Delivery
An organization is using Amazon CloudFront to ensure that its users experience low-latency access to its web application. The organization has identified a need to encrypt all traffic between users and CloudFront, and all traffic between CloudFront and the web application.
How can these requirements be met? (Choose two.)
How can these requirements be met? (Choose two.)
Use AWS KMS to encrypt traffic between CloudFront and the web application.
Set the Origin Protocol Policy to HTTPS Only .
Set the Origin s HTTP Port to 443.
Set the Viewer Protocol Policy to HTTPS Only or Redirect HTTP to HTTPS .
Enable the CloudFront option Restrict Viewer Access.
Storage Services
Security and Identity Services
An organization must store thousands of sensitive audio and video files in an Amazon S3 bucket. Organizational security policies require that all data written to this bucket be encrypted.
How can compliance with this policy be ensured?
How can compliance with this policy be ensured?
Use AWS Lambda to send notifications to the security team if unencrypted objects are pun in the bucket.
Configure an Amazon S3 bucket policy to prevent the upload of objects that do not contain the x-amz-server-side-encryption header.
Create an Amazon CloudWatch event rule to verify that all objects stored in the Amazon S3 bucket are encrypted.
Configure an Amazon S3 bucket policy to prevent the upload of objects that contain the x-amz-server-side-encryption header.
Storage Services
Security and Identity Services
An organization must store thousands of sensitive audio and video files in an Amazon S3 bucket. Organizational security policies require that all data written to this bucket be encrypted.
How can compliance with this policy be ensured?
How can compliance with this policy be ensured?
Use AWS Lambda to send notifications to the security team if unencrypted objects are pun in the bucket.
Configure an Amazon S3 bucket policy to prevent the upload of objects that do not contain the x-amz-server-side-encryption header.
Create an Amazon CloudWatch event rule to verify that all objects stored in the Amazon S3 bucket are encrypted.
Configure an Amazon S3 bucket policy to prevent the upload of objects that contain the x-amz-server-side-encryption header.
Storage Services
Security and Identity Services
A physician s office management application requires that all data in transit between an EC2 instance and an Amazon EBS volume be encrypted.
Which of the following techniques fulfills this requirement? (Choose two.)
Which of the following techniques fulfills this requirement? (Choose two.)
Leverage OS-level encryption.
Create encrypted snapshots into Amazon S3.
Use Amazon RDS with encryption.
Use IAM roles to limit access to the Amazon EBS volume.
Enable EBS encryption.
Networking and Content Delivery
Security and Identity Services
A serverless application uses an API Gateway and AWS Lambda.
Where should the Lambda function store its session information across function calls?
Where should the Lambda function store its session information across function calls?
In an Amazon DynamoDB table
In an Amazon SQS queue
In the local filesystem
In an SQLite session table using DSQLITE_ENABLE_SESSION
Security and Identity Services
A serverless application uses an API Gateway and AWS Lambda.
Where should the Lambda function store its session information across function calls?
Where should the Lambda function store its session information across function calls?
In an Amazon DynamoDB table
In an Amazon SQS queue
In the local filesystem
In an SQLite session table using DSQLITE_ENABLE_SESSION
Security and Identity Services
A set of APIs are exposed to customers using the Amazon API Gateway. These APIs have caching enabled on the API Gateway. Customers have asked for an option to invalidate this cache for each of the APIs.
What action can be taken to allow API customers to invalidate the API Cache?
What action can be taken to allow API customers to invalidate the API Cache?
Ask customers to use AWS credentials to call the InvalidateCache API.
Ask customers to invoke an AWS API endpoint which invalidates the cache.
Ask customers to pass an HTTP header called Cache-Control:max-age=0.
Ask customers to add a query string parameter called INVALIDATE_CACHE when making an API call.
Networking and Content Delivery
Monitoring and Troubleshooting
Comments