• Home
  • Articles
  • [2022] Pass Amazon AWS-Certified-Developer-Associate Exam Updated 503 Questions [Q203-Q222]

[2022] Pass Amazon AWS-Certified-Developer-Associate Exam Updated 503 Questions [Q203-Q222]

Share

[2022] Pass Amazon AWS-Certified-Developer-Associate Exam Updated 503 Questions

Get 2022 Updated Free Amazon AWS-Certified-Developer-Associate Exam Questions and Answer

NEW QUESTION 203
A company is using AWS CloudFormation templates to deploy AWS resources. The company needs to update one of its AWS CloudFormation stacks.
What can the company do to find out how the changes will impact the resources that are running?

  • A. Investigate the stack policies.
  • B. Investigate the Metadata section.
  • C. Investigate the change sets.
  • D. Investigate the Resources section.

Answer: D

Explanation:
Expalantion:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating- stacks.html

 

NEW QUESTION 204
A company needs a new REST API that can return information about the contents of an Amazon S3 bucket, such as a count of the objects stored in it. The company has decided that the new API should be written as a microservice using AWS Lambda and Amazon API Gateway.
How should the Developer ensure that the microservice has the necessary access to the Amazon S3 bucket, while adhering to security best practices?

  • A. Create an Amazon S3 bucket policy that specifies the Lambda service as its principal and assign it to the Amazon S3 bucket.
  • B. Create an IAM role, attach the AmazonS3FullAccess managed policy to it, and assign the role to the Lambda function as its execution role.
  • C. Create an IAM role that has permissions to access the Amazon S3 bucket and assign it to the Lambda function as its execution role.
  • D. Create an IAM user that has permissions to access the Amazon S3 bucket, and store the IAM user credentials in the Lambda function source code.

Answer: A

 

NEW QUESTION 205
A user has created an EBS volume with 1000 IOPS. What is the average IOPS that the user will get for most of the year as per EC2 SLA if the instance is attached to the EBS optimized instance?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

Explanation:
As per AWS SLA if the instance is attached to an EBS-Optimized instance, then the Provisioned IOPS volumes are designed to deliver within 10% of the provisioned IOPS performance 99.9% of the time in a given year. Thus, if the user has created a volume of 1000 IOPS, the user will get a minimum 900 IOPS 99.9% time of the year.
http://aws.amazon.com/ec2/faqs/

 

NEW QUESTION 206
An application runs on multiple EC2 instances behind an ELB.
Where is the session data best written so that it can be served reliably across multiple requests?

  • A. Write data to Amazon ElastiCache
  • B. Write data to Amazon Elastic Block Store.
  • C. Write data to the root filesystem.
  • D. Write data to Amazon EC2 Instance Store.

Answer: D

Explanation:
Reference:https://docs.aws.amazon.com/aws-technical-content/latest/microservices-on-aws/microservices-on-aw

 

NEW QUESTION 207
Does Amazon DynamoDB support both increment and decrement atomic operations?

  • A. No, neither increment nor decrement operations.
  • B. Yes, both increment and decrement operations.
  • C. Only decrement, since increment are inherently impossible with DynamoDB's data model.
  • D. Only increment, since decrement are inherently impossible with DynamoDB's data model.

Answer: B

Explanation:
Amazon DynamoDB supports increment and decrement atomic operations.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/APISummary.html

 

NEW QUESTION 208
A developer wants the ability to roll back to a previous version of an AWS Lambda function in the event of errors caused by a new deployment.
How can the developer achieve this with MINIMAL impact on users?

  • A. Change the application to use an alias that points to the current version Deploy the new version of the code Update the alias to use the newly deployed version If too many errors are encountered, point the alias back to the previous version
  • B. Change the application to use an alias that points to the current version Deploy the new version of the code. Update the alias to direct 10% of users to the newly deployed version. If too many errors are encountered, send 100% of traffic to the previous version
  • C. Do not make any changes to the application Deploy the new version of the code. If too many errors are encountered, point the application back to the previous version using the version number in the Amazon Resource Name (ARN)
  • D. Create three aliases: new, existing, and router Point the existing alias to the current version Have the router alias direct 100% of users to the existing alias Update the application to use the router alias Deploy the new version of the code Point the new alias to this version Update the router alias to direct
    10% of users to the new alias If too many errors are encountered, send 100% of traffic to the existing alias

Answer: A

 

NEW QUESTION 209
A root AWS account owner has created three IAM users: Bob, John and Michael. Michael is the IAM
administrator. Bob and John are not the superpower users, but users with some pre-defined policies.
John does not have access to modify his password. Thus, he asks Bob to change his password. How can
Bob change John's password?

  • A. Provided Bob is the manager of John
  • B. It is not possible that John cannot modify his password
  • C. This statement is false. It should be Michael who changes the password for John
  • D. Provided Michael has added Bob to a group, which has permissions to modify the IAM passwords

Answer: D

Explanation:
Generally with IAM users, the password can be modified in two ways. The first option is to define the IAM
level policy which allows each user to modify their own passwords. The other option is to create a group
and create a policy for the group which can change the passwords of various IAM users.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html

 

NEW QUESTION 210
A company has a web application that uses an Amazon Cognito user pool for authentication. The company wants to create a login page with the company logo. What should a developer do to meet these requirements?

  • A. Upload the logo to the Amazon Cognito app settings and point to the logo on a custom login page
  • B. Create a login page with the company logo and upload it to Amazon Cognito
  • C. Create a hosted user interface in Amazon Cognito and customize it with the company logo
  • D. Create a login page in Amazon API Gateway with the logo and save the link in Amazon Cognito.

Answer: B

 

NEW QUESTION 211
A user is having access to objects of an S3 bucket which is not owned by him. If he is trying to set the objects of that bucket public, which of the below mentioned options may be a right fit for this action?

  • A. Provide ACL on the object
  • B. Define the policy for the bucket
  • C. Create an IAM user with permission
  • D. Make the bucket public with full access

Answer: A

Explanation:
An S3 object ACL is the only way to manage access to objects which are not owned by the bucket owner. An AWS account that owns the bucket can grant another AWS account permission to upload objects. The bucket owner does not own these objects. The AWS account that created the object must grant permissions using object ACLs.
http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-alternatives-guidelines.html

 

NEW QUESTION 212
Does Amazon RDS allow direct host access via Telnet, Secure Shell (SSH), or Windows Remote Desktop Connection?

  • A. No
  • B. Yes
  • C. Depends on if it is in VPC or not

Answer: A

 

NEW QUESTION 213
Regarding Amazon SNS, when you want to subscribe to a topic and receive notifications to your email, in the Protocol drop-down box, you should select _______.

  • A. IMAP
  • B. Email
  • C. Message
  • D. SMTP

Answer: B

Explanation:
In Amazon SNS, when you want to subscribe to a topic and receive notifications to your email, select Email in the Protocol drop-down box. Enter an email address you can use to receive the notification in the Endpoint field.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SubscribeTopic.html

 

NEW QUESTION 214
A company has an application where reading objects from Amazon S3 is based on the type of user The user types are registered user and guest user The company has 25.000 users and is growing Information is pulled from an S3 bucket depending on the user type.
Which approaches are recommended to provide access to both user types? (Select TWO.)

  • A. Create a new IAM user for each user and grant read access.
  • B. Use S3 bucket policies to restrict read access to specific IAM users
  • C. Use Amazon Cognito to provide access using authenticated and unauthenticated roles
  • D. Provide a different access key and secret access key in the application code for registered users and guest users to provide read access to the objects
  • E. Use the AWS IAM service and let the application assume the different roles using the AWS Security Token Service (AWS STS) AssumeRole action depending on the type of user and provide read access to Amazon S3 using the assumed role

Answer: B,C

 

NEW QUESTION 215
An application under development is required to store hundreds of video files. The data must be encrypted within the application prior to storage, with a unique key for each video file.
How should the Developer code the application?

  • A. Use the KMS Encrypt API to encrypt the data. Store the encrypted data key and data.
  • B. Use the KMS GenerateDataKey API to get a data key. Encrypt the data with the data key. Store the encrypted data key and data.
  • C. Upload the data to an S3 bucket using server side-encryption with an AWS KMS key.
  • D. Use a cryptography library to generate an encryption key for the application. Use the encryption key to encrypt the data. Store the encrypted data.

Answer: D

 

NEW QUESTION 216
A company is migrating from a monolithic architecture to a microservices-based architecture. The Developers need to refactor the application so that the many microservices can asynchronously communicate with each other without impacting performance.
Use of which managed AWS services will enable asynchronous message passing? (Choose two.)

  • A. Amazon ElastiCache
  • B. Amazon SQS
  • C. Amazon SNS
  • D. Amazon Cognito
  • E. Amazon Kinesis

Answer: B,C

 

NEW QUESTION 217
An AWS Lambda function accesses two Amazon DynamoDB tables. A developer wants to improve the performance of the Lambda function by identifying bottlenecks in the function. How can the developer inspect the timing of the DynamoDB API calls?

  • A. Place an Application Load Balancer (ALB) in front of the two DynamoDB tables. Inspect the ALB logs
  • B. Limit Lambda to no more than five concurrent invocations Monitor from the Lambda console
  • C. Enable AWS X-Ray tracing for the function. View the traces from the X-Ray service.
  • D. Add DynamoDB as an event source to the Lambda function. View the performance with Amazon CloudWatch metrics

Answer: D

 

NEW QUESTION 218
An application takes 40 seconds to process instructions received in an Amazon SQS message.
Assuming the SQS queue is configured with the default VisibilityTimeout value, what is the BEST way, upon receiving a message, to ensure that no other instances can retrieve a message that has already been processed or is currently being processed?

  • A. Use the DeleteMessage API call to delete the message from the queue, then call DeleteQueue API to remove the queue.
  • B. Use the ChangeMessageVisibility API to decrease the timeout value, then use the DeleteMessage API to delete the message.
  • C. Use the DeleteMessageVisibility API to cancel the VisibilityTimeout, then use the DeleteMessage API to delete the message.
  • D. Use the ChangeMessageVisibility API to increase the VisibilityTimeout, then use the DeleteMessage API to delete the message.

Answer: D

Explanation:
Explanation
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html In SQS, messages remain there. It is the consumer's responsibility to delete it, once consumed and processed.

 

NEW QUESTION 219
A Developer must analyze performance issues with production-distributed applications written as AWS Lambda functions. These distributed Lambda applications invoke other components that make up the applications.
How should the Developer identify and troubleshoot the root cause of the performance issues in production?

  • A. Use AWS X-Ray, then examine the segments and errors
  • B. Add logging statements to the Lambda functions, then use Amazon CloudWatch to view the logs.
  • C. Run Amazon Inspector agents and then analyze performance
  • D. Use AWS Cloud Trail and then examine the logs

Answer: A

Explanation:
https://aws.amazon.com/blogs/developer/new-analyze-and-debug-distributed-applications-interactively-using-aws-x-ray-analytics/

 

NEW QUESTION 220
An application is running on a cluster of Amazon EC2 instances. While trying to read objects stored within a single Amazon S3 bucket that are encrypted with server-side encryption with AWS KMS managed keys (SSE-KMS), the application receives the following error:

Which combination of steps should be taken to prevent this failure? (Choose two.)

  • A. Perform error retries with exponential backoff in the application code.
  • B. Import a customer master key (CMK) with a larger key size.
  • C. Contact AWS Support to request a S3 rate limit increase.
  • D. Use more than one customer master key (CMK) to encrypt S3 data.
  • E. Contact AWS Support to request an AWS KMS rate limit increase.

Answer: B,C

 

NEW QUESTION 221
A user has created a mobile application which makes calls to DynamoDB to fetch certain data. The application is using the DynamoDB SDK and root account access/secret access key to connect to DynamoDB from mobile. Which of the below mentioned statements is true with respect to the best practice for security in this scenario?

  • A. User should create an IAM role with DynamoDB and EC2 access. Attach the role with EC2 and route all calls from the mobile through EC2
  • B. User should create a separate IAM user for each mobile application and provide DynamoDB access with it
  • C. The application should use an IAM role with web identity federation which validates calls to DynamoDB with identity providers, such as Google, Amazon, and Facebook
  • D. Create an IAM Role with DynamoDB access and attach it with the mobile application

Answer: C

 

NEW QUESTION 222
......

Verified AWS-Certified-Developer-Associate exam dumps Q&As with Correct 503 Questions and Answers: https://troytec.itpassleader.com/Amazon/AWS-Certified-Developer-Associate-dumps-pass-exam.html

Related Articles

more
Amazon AWS-Certified-Developer-Associate Certification Practice Exam
0
0
0
0