Amazon DVA-C02 Exam Dumps

Amazon DVA-C02 Sample Question Answers

Amazon DVA-C02 Sample Questions

Question # 1

A company has an application that runs across multiple AWS Regions. The application isexperiencing performance issues at irregular intervals. A developer must use AWS X-Ray to implement distributed tracing for the application to troubleshoot the root cause of theperformance issues.What should the developer do to meet this requirement?

A. Use the X-Ray console to add annotations for AWS services and user-defined services
B. Use Region annotation that X-Ray adds automatically for AWS services Add Regionannotation for user-defined services
C. Use the X-Ray daemon to add annotations for AWS services and user-defined services
D. Use Region annotation that X-Ray adds automatically for user-defined servicesConfigure X-Ray to add Region annotation for AWS services

Answer: B

Show Answer

Question # 2

A company is using AWS CloudFormation to deploy a two-tier application. The applicationwill use Amazon RDS as its backend database. The company wants a solution that willrandomly generate the database password during deployment. The solution also mustautomatically rotate the database password without requiring changes to the application.What is the MOST operationally efficient solution that meets these requirements'?

A. Use an AWS Lambda function as a CloudFormation custom resource to generate androtate the password.
B. Use an AWS Systems Manager Parameter Store resource with the SecureString datatype to generate and rotate the password.
C. Use a cron daemon on the application s host to generate and rotate the password.
D. Use an AWS Secrets Manager resource to generate and rotate the password.

Answer: D

Show Answer

Question # 3

A developer is designing a serverless application for a game in which users register andlog in through a web browser The application makes requests on behalf of users to a set ofAWS Lambda functions that run behind an Amazon API Gateway HTTP APIThe developer needs to implement a solution to register and log in users on theapplication's sign-in page. The solution must minimize operational overhead and mustminimize ongoing management of user identities.Which solution will meet these requirements'?

A. Create Amazon Cognito user pools for external social identity providers Configure 1AMroles for the identity pools.
B. Program the sign-in page to create users' 1AM groups with the 1AM roles attached tothe groups
C. Create an Amazon RDS for SQL Server DB instance to store the users and manage thepermissions to the backend resources in AWS
D. Configure the sign-in page to register and store the users and their passwords in anAmazon DynamoDB table with an attached IAM policy.

Answer: A

Show Answer

Question # 4

A developer needs to build an AWS CloudFormation template that self-populates the AWSRegion variable that deploys the CloudFormation templateWhat is the MOST operationally efficient way to determine the Region in which thetemplate is being deployed?

A. Use the AWS:.Region pseudo parameter
B. Require the Region as a CloudFormation parameter
C. Find the Region from the AWS::Stackld pseudo parameter by using the Fn::Split intrinsic function
D. Dynamically import the Region by referencing the relevant parameter in AWS SystemsManager Parameter Store

Answer: A

Show Answer

Question # 5

An Amazon Simple Queue Service (Amazon SQS) queue serves as an event source for anAWS Lambda function In the SQS queue, each item corresponds to a video file that theLambda function must convert to a smaller resolution The Lambda function is timing out onlonger video files, but the Lambda function's timeout is already configured to its maximumvalueWhat should a developer do to avoid the timeouts without additional code changes'?

A. Increase the memory configuration of the Lambda function
B. Increase the visibility timeout on the SQS queue
C. Increase the instance size of the host that runs the Lambda function.
D. Use multi-threading for the conversion.

Answer: A

Show Answer

Question # 6

A company needs to deploy all its cloud resources by using AWS CloudFormationtemplates A developer must create an Amazon Simple Notification Service (Amazon SNS)automatic notification to help enforce this rule. The developer creates an SNS topic andsubscribes the email address of the company's security team to the SNS topic.The security team must receive a notification immediately if an 1AM role is created withoutthe use of CloudFormation.Which solution will meet this requirement?

A. Create an AWS Lambda function to filter events from CloudTrail if a role was createdwithout CloudFormation Configure the Lambda function to publish to the SNS topic. Createan Amazon EventBridge schedule to invoke the Lambda function every 15 minutes
B. Create an AWS Fargate task in Amazon Elastic Container Service (Amazon ECS) tofilter events from CloudTrail if a role was created without CloudFormation Configure theFargate task to publish to the SNS topic Create an Amazon EventBridge schedule to runthe Fargate task every 15 minutes
C. Launch an Amazon EC2 instance that includes a script to filter events from CloudTrail ifa role was created without CloudFormation. Configure the script to publish to the SNStopic. Create a cron job to run the script on the EC2 instance every 15 minutes.
D. Create an Amazon EventBridge rule to filter events from CloudTrail if a role was createdwithout CloudFormation Specify the SNS topic as the target of the EventBridge rule.

Answer: D

Show Answer

Question # 7

A company has an application that is hosted on Amazon EC2 instances The applicationstores objects in an Amazon S3 bucket and allows users to download objects from the S3bucket A developer turns on S3 Block Public Access for the S3 bucket After this change,users report errors when they attempt to download objects The developer needs to implement a solution so that only users who are signed in to the application can accessobjects in the S3 bucket.Which combination of steps will meet these requirements in the MOST secure way? (SelectTWO.)

A. Create an EC2 instance profile and role with an appropriate policy Associate the rolewith the EC2 instances
B. Create an 1AM user with an appropriate policy. Store the access key ID and secretaccess key on the EC2 instances
C. Modify the application to use the S3 GeneratePresignedUrl API call
D. Modify the application to use the S3 GetObject API call and to return the object handleto the user
E. Modify the application to delegate requests to the S3 bucket.

Answer: A,C

Show Answer

Question # 8

A company runs a payment application on Amazon EC2 instances behind an ApplicationLoad Balance The EC2 instances run in an Auto Scaling group across multiple AvailabilityZones The application needs to retrieve application secrets during the application startup and export the secrets as environment variables These secrets must be encrypted at restand need to be rotated every month.Which solution will meet these requirements with the LEAST development effort?

A. Save the secrets in a text file and store the text file in Amazon S3 Provision a customermanaged key Use the key for secret encryption in Amazon S3 Read the contents of thetext file and read the export as environment variables Configure S3 Object Lambda torotate the text file every month
B. Save the secrets as strings in AWS Systems Manager Parameter Store and use thedefault AWS Key Management Service (AWS KMS) key Configure an Amazon EC2 userdata script to retrieve the secrets during the startup and export as environment variablesConfigure an AWS Lambda function to rotate the secrets in Parameter Store every month.
C. Save the secrets as base64 encoded environment variables in the applicationproperties. Retrieve the secrets during the application startup. Reference the secrets in theapplication code. Write a script to rotate the secrets saved as environment variables.
D. Store the secrets in AWS Secrets Manager Provision a new customer master key Usethe key to encrypt the secrets Enable automatic rotation Configure an Amazon EC2 userdata script to programmatically retrieve the secrets during the startup and export asenvironment variables

Answer: D

Show Answer

Question # 9

A developer is creating a simple proof-of-concept demo by using AWS CloudFormation andAWS Lambda functions The demo will use a CloudFormation template to deploy anexisting Lambda function The Lambda function uses deployment packages anddependencies stored in Amazon S3 The developer defined anAWS Lambda Functionresource in a CloudFormation template. The developer needs to add the S3 bucket to theCloudFormation template.What should the developer do to meet these requirements with the LEAST developmenteffort?

A. Add the function code in the CloudFormation template inline as the code property
B. Add the function code in the CloudFormation template as the ZipFile property.
C. Find the S3 key for the Lambda function Add the S3 key as the ZipFile property in theCloudFormation template.
D. Add the relevant key and bucket to the S3Bucket and S3Key properties in theCloudFormation template

Answer: D

Show Answer

Question # 10

A company has a web application that is hosted on Amazon EC2 instances The EC2instances are configured to stream logs to Amazon CloudWatch Logs The company needsto receive an Amazon Simple Notification Service (Amazon SNS) notification when thenumber of application error messages exceeds a defined threshold within a 5-minuteperiodWhich solution will meet these requirements?

A. Rewrite the application code to stream application logs to Amazon SNS Configure anSNS topic to send a notification when the number of errors exceeds the defined thresholdwithin a 5-minute period
B. Configure a subscription filter on the CloudWatch Logs log group. Configure the filter tosend an SNS notification when the number of errors exceeds the defined threshold within a5-minute period.
C. Install and configure the Amazon Inspector agent on the EC2 instances to monitor forerrors Configure Amazon Inspector to send an SNS notification when the number of errorsexceeds the defined threshold within a 5-minute period
D. Create a CloudWatch metric filter to match the application error pattern in the log data. Set up a CloudWatch alarm based on the new custom metric. Configure the alarm to sendan SNS notification when the number of errors exceeds the defined threshold within a 5-minute period.

Answer: D

Show Answer