101-120 Flashcards
101
A company is using an AWS Lambda function to process records from an Amazon Kinesis data stream. The company recently observed slow processing of the records. A developer notices that the iterator age metric for the function is increasing and that the Lambda run duration is constantly above normal.Which actions should the developer take to increase the processing speed? (Choose two.)
A. Increase the number of shards of the Kinesis data stream.
B. Decrease the timeout of the Lambda function.
C. Increase the memory that is allocated to the Lambda function.
D. Decrease the number of shards of the Kinesis data stream.
E. Increase the timeout of the Lambda function.
A. Increase the number of shards of the Kinesis data stream.
C. Increase the memory that is allocated to the Lambda function.
102
A developer is making changes to a custom application that uses AWS Elastic Beanstalk.
Which solutions will update the Elastic Beanstalk environment with the new application version after the developer completes the changes? (Choose two.)
A. Package the application code into a .zip file. Use the AWS Management Console to upload the zip file and deploy the packaged application.
B. Package the application code into a .tar file. Use the AWS Management Console to create a new application version from the .tar file. Update the environment by using the AWS CLI.
C. Package the application code into a .tar file. Use the AWS Management Console to upload the .tar file and deploy the packaged application.
D. Package the application code into a .zip file. Use the AWS CLI to create a new application version from the .zip file and to update the environment.
E. Package the application code into a .zip file. Use the AWS Management Console to create a new application version from the .zip file. Rebuild the environment by using the AWS CLI.
A. Package the application code into a .zip file. Use the AWS Management Console to upload the zip file and deploy the packaged application.
D. Package the application code into a .zip file. Use the AWS CLI to create a new application version from the .zip file and to update the environment.
103.
A company has an application where reading objects from Amazon S3 is based on the type of user. The user types are registered user and guest user. The company has 25,000 users and is growing. Information is pulled from an S3 bucket depending on the user type.
Which approaches are recommended to provide access to both user types? (Choose two.)
A. Provide a different access key and secret access key in the application code for registered users and guest users to provide read access to the objects.
B. Use S3 bucket policies to restrict read access to specific IAM users.
C. Use Amazon Cognito to provide access using authenticated and unauthenticated roles.
D. Create a new IAM user for each user and grant read access.
E. Use the AWS IAM service and let the application assume the different roles using the AWS Security Token Service (AWS STS) AssumeRole action depending on the type of user and provide read access to Amazon S3 using the assumed role.
C. Use Amazon Cognito to provide access using authenticated and unauthenticated roles.
E. Use the AWS IAM service and let the application assume the different roles using the AWS Security Token Service (AWS STS) AssumeRole action depending on the type of user and provide read access to Amazon S3 using the assumed role.
104
A developer is writing an application to analyze the traffic to a fleet of Amazon EC2 instances. The EC2 instances run behind a public Application Load Balancer (ALB). An HTTP server runs on each of the EC2 instances, logging all requests to a log file. The developer wants to capture the client public IP addresses. The developer analyzes the log files and notices only the IP address of the ALB.What must the developer do to capture the client public IP addresses in the log file?
A. Add a Host header to the HTTP server log configuration file.
B. Install the Amazon CloudWatch Logs agent on each EC2 instance. Configure the agent to write to the log file.
C. Install the AWS X-Ray daemon on each EC2 instance. Configure the daemon to write to the log file.
D. Add an X-Forwarded-For header to the HTTP server log configuration file.
D. Add an X-Forwarded-For header to the HTTP server log configuration file.
105.
A developer is writing a new AWS Serverless Application Model (AWS SAM) template with a new AWS Lambda function. The Lambda function runs complex code. The developer wants to test the Lambda function with more CPU power.What should the developer do to meet this requirement?
A. Increase the runtime engine version.
B. Increase the timeout.
C. Increase the number of Lambda layers.
D. Increase the memory.
D. Increase the memory.
106
A developer uses a single AWS CloudFormation template to configure the test environment and the production environment for an application. The developer handles environment-specific requirements in the CloudFormation template. The developer decides to update the Amazon EC2 Auto Scaling launch template with new Amazon Machine Images (AMIs) for each environment. The CloudFormation update for the new AMIs is successful in the test environment, but the update fails in the production environment. What are the possible causes of the CloudFormation update failure in the production environment? (Choose two.)
A. The new AMIs do not fulfill the specified conditions in the CloudFormation template.
B. The service quota for the number of EC2 vCPUs in the AWS Region has been exceeded.
C. The security group that is specified in the CloudFormation template does not exist.
D. CloudFormation does not recognize the template change as an update.
E. CloudFormation does not have sufficient IAM permissions to make the changes.
A. The new AMIs do not fulfill the specified conditions in the CloudFormation template.
B. The service quota for the number of EC2 vCPUs in the AWS Region has been exceeded.
#107
A developer is creating a serverless web application and maintains different branches of code. The developer wants to avoid updating the Amazon API Gateway target endpoint each time a new code push is performed.
What solution would allow the developer to perform a code push efficiently, without the need to update the API Gateway?
A. Associate different AWS Lambda functions to an API Gateway target endpoint.
B. Create different stages in API Gateway. then associate API Gateway with AWS Lambda.
C. Create aliases and versions in AWS Lambda.
D. Tag the AWS Lambda functions with different names.
C. Create aliases and versions in AWS Lambda.
#108
A developer needs to deploy an application running on AWS Fargate using Amazon ECS. The application has environment variables that must be passed to a container for the application to initialize. How should the environment variables be passed to the container?
A. Define an array that includes the environment variables under the environment parameter within the service definition.
B. Define an array that includes the environment variables under the environment parameter within the task definition.
C. Define an array that includes the environment variables under the entryPoint parameter within the task definition.
D. Define an array that includes the environment variables under the entryPoint parameter within the service definition.
B. Define an array that includes the environment variables under the environment parameter within the task definition.
109
A developer must extend an existing application that is based on the AWS Serverless Application Model (AWS SAM). The developer has used the AWS SAM CLI to create the project. The project contains different AWS Lambda functions. Which combination of commands must the developer use to redeploy the AWS SAM application? (Choose two.)
A. sam init
B. sam validate
C. sam build
D. sam deploy
E. sam publish
C. sam build
D. sam deploy
110
A developer manages an application that interacts with Amazon RDS. After observing slow performance with read queries, the developer implements Amazon ElastiCache to update the cache immediately following the primary database update. What will be the result of this approach to caching?
A. Caching will increase the load on the database instance because the cache is updated for every database update.
B. Caching will slow performance of the read queries because the cache is updated when the cache cannot find the requested data.
C. The cache will become large and expensive because the infrequently requested data is also written to the cache.
D. Overhead will be added to the initial response time because the cache is updated only after a cache miss.
C. The cache will become large and expensive because the infrequently requested data is also written to the cache.
111
A developer has a stateful web server on-premises that is being migrated to AWS. The developer must have greater elasticity in the new design. How should the developer re-factor the application to make it more elastic? (Choose two.)
A. Use pessimistic concurrency on Amazon DynamoDB.
B. Use Amazon CloudFront with an Auto Scaling group.
C. Use Amazon CloudFront with an AWS Web Application Firewall.
D. Store session state data in an Amazon DynamoDB table.
E. Use an ELB with an Auto Scaling group.
D. Store session state data in an Amazon DynamoDB table.
E. Use an ELB with an Auto Scaling group.
112
A developer has a legacy application that is hosted on-premises. Other applications hosted on AWS depend on the on-premises application for proper functioning.
In case of any application errors, the developer wants to be able to use Amazon CloudWatch to monitor and troubleshoot all applications from one place.
How can the developer accomplish this?
A. Install an AWS SDK on the on-premises server to automatically send logs to CloudWatch.
B. Download the CloudWatch agent to the on-premises server. Configure the agent to use IAM user credentials with permissions for CloudWatch.
C. Upload log files from the on-premises server to Amazon S3 and have CloudWatch read the files.
D. Upload log files from the on-premises server to an Amazon EC2 instance and have the instance forward the logs to CloudWatch.
B. Download the CloudWatch agent to the on-premises server. Configure the agent to use IAM user credentials with permissions for CloudWatch.
113
A developer is designing a serverless application with two AWS Lambda functions to process photos. One Lambda function stores objects in an Amazon S3 bucket and stores the associated metadata in an Amazon DynamoDB table. The other Lambda function fetches the objects from the S3 bucket by using the metadata from the DynamoDB table. Both Lambda functions use the same Python library to perform complex computations and are approaching the quota for the maximum size of zipped deployment packages. What should the developer do to reduce the size of the Lambda deployment packages with the LEAST operational overhead?
A. Package each Python library in its own .zip file archive. Deploy each Lambda function with its own copy of the library.
B. Create a Lambda layer with the required Python library. Use the Lambda layer in both Lambda functions.
C. Combine the two Lambda functions into one Lambda function. Deploy the Lambda function as a single .zip file archive.
D. Download the Python library to an S3 bucket. Program the Lambda functions to reference the object URLs.
B. Create a Lambda layer with the required Python library. Use the Lambda layer in both Lambda functions.
114
A developer is adding a feature to a client-side application so that users can upload videos to an Amazon S3 bucket. What is the MOST secure way to give the application the ability to write files to the S3 bucket?
A. Update the S3 bucket policy to allow public write access. Allow any user to upload videos by removing the need to handle user authentication within the client- side application.
B. Create a new IAM policy and a corresponding IAM user with permissions to write to the S3 bucket. Store the key and the secret for the user in the application code. Use the key to authenticate the video uploads.
C. Configure the API layer of the application to have a new endpoint that creates signed URLs that allow an object to be put into the S3 bucket. Generate a presigned URL through this API call in the client application. Upload the video by using the signed URL.
D. Generate a new IAM key and a corresponding secret by using the AWS account root user credentials. Store the key and the secret for the user in the application code. Use the key to authenticate the video uploads.
C. Configure the API layer of the application to have a new endpoint that creates signed URLs that allow an object to be put into the S3 bucket. Generate a presigned URL through this API call in the client application. Upload the video by using the signed URL.
115
A company is building an application for stock trading. The application needs sub-millisecond latency for processing trade requests. The company uses Amazon DynamoDB to store all the trading data that is used to process each trading request. A development team performs load testing on the application and finds that the data retrieval time is higher than expected. The development team needs a solution that reduces the data retrieval time with the least possible effort. Which solution meets these requirements?
A. Add local secondary indexes (LSIs) for the trading data.
B. Store the trading data in Amazon S3, and use S3 Transfer Acceleration.
C. Add retries with exponential backoff for DynamoDB queries.
D. Use DynamoDB Accelerator (DAX) to cache the trading data.
D. Use DynamoDB Accelerator (DAX) to cache the trading data.
