Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

DVA > 161-180 > Flashcards

161-180 Flashcards

1
Q

161

A developer wants to use AWS CodeDeploy to deploy an Amazon Elastic Container Service (Amazon ECS) service. What are the MINIMUM properties required in the ‘resources’ section of the AppSpec file for CodeDeploy to deploy the ECS service successfully?

A. name, alias currentversion, and targetversion

B. TaskDefinition, ContainerName, and PlatformVersion

C. TaskDefimtion, ContainerName, and ContainerPort

D. name, currentversion, NetworkConfiguration, and PlatformVersion

A

C. TaskDefimtion, ContainerName, and ContainerPort

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

162

A company has deployed a single-page application on AWS. The application stores assets in an Amazon S3 bucket. The application has an Amazon CloudFront distribution that is configured with the S3 bucket as the origin. Amazon API Gateway APIs access AWS Lambda functions that store information in an Amazon DynamoDB table. The application ingests a payload that includes 20 fields of sensitive data. Which combination of steps should a developer take to protect the sensitive data through its entire lifecycle in AWS? (Choose two.)

A. Create a Lambda@Edge function to encrypt data when CloudFront processes a client request. Configure the distribution to invoke the Lambda@Edge function when the origin request event occurs.

B. Generate an AWS Key Management Service (AWS KMS) customer managed key that Lambda@Edge can use.

C. Create an SSL/TLS certificate in AWS Certificate Manager (ACM). Associate the certificate with the Network Load Balancer.

D. Set up a Network Load Balancer for API Gateway private integrations.

E. Store the data in the S3 bucket by using server-side encryption with Amazon S3 managed encryption keys (SSE-S3). Transfer the encrypted data from the S3 bucket to the DynamoDB table.

A

A. Create a Lambda@Edge function to encrypt data when CloudFront processes a client request. Configure the distribution to invoke the Lambda@Edge function when the origin request event occurs.

B. Generate an AWS Key Management Service (AWS KMS) customer managed key that Lambda@Edge can use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

163

A developer is writing an application that stores data in an Amazon DynamoDB table by using the Putltem API operation. The table has a partition key of streamID and has a sort key of seqID. The developer needs to make sure that the Putltem invocation does not overwrite the existing partition key and sort key. Which condition expression will maintain the uniqueness of the partition key and the sort key?

A

condition = 'attribute_not_exists (streamID)
AND attribute_not_exists (segID)'

B

condition = 'attribute_not_exists (PARTITION)
AND attribute_not_exists (SORT)'

C

condition = 'attribute_exists (streamID)
AND attribute_exists (segID)'

D

condition = 'attribute_exists (PARTITION)
AND attributet_exists (SORT)'
A

A

condition = 'attribute_not_exists (streamID)
AND attribute_not_exists (segID)'
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

164

A developer has created an AWS Lambda function that is written in Python. The Lambda function reads data from objects in Amazon S3 and writes data to an Amazon DynamoDB table. The function is successfully invoked from an S3 event notification when an object is created. However, the function fails when it attempts to write to the DynamoDB table. What is the MOST likely cause of this issue?

A. The Lambda function’s concurrency limit has been exceeded.

B. The DynamoDB table requires a global secondary index (GSI) to support writes.

C. The Lambda function does not have IAM permissions to write to DynamoDB.

D. The DynamoDB table is not running in the same Availability Zone as the Lambda function.

A

C. The Lambda function does not have IAM permissions to write to DynamoDB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

165

A development team wants to build a continuous integration/continuous delivery (CI/CD) pipeline. The team is using AWS CodePipeline to automate the code build and deployment. The team wants to store the program code to prepare for the CI/CD pipeline. Which AWS service should the team use to store the program code?

A. AWS CodeDeploy
B. AWS CodeArtifact
C. AWS CodeCommit
D. Amazon CodeGuru

A

C. AWS CodeCommit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

166

A developer supports an application that accesses data in an Amazon DynamoDB table. One of the item attributes is expiration Date in the timestamp format. The application uses this attribute to find items, archive them, and remove them from the table based on the timestamp value. The application will be decommissioned soon, and the developer must find another way to implement this functionality. The developer needs a solution that will require the least amount of code to write. Which solution will meet these requirements?

A. Enable TTL on the expirationDate attribute in the table. Create a DynamoDB stream. Create an AWS Lambda function to process the deleted items. Create a DynamoDB trigger for the Lambda function.

B. Create two AWS Lambda functions: one to delete the items and one to process the items. Create a DynamoDB stream. Use the DeleteItem API operation to delete the items based on the expirationDate attribute. Use the GetRecords API operation to get the items from the DynamoDB stream and process them.

C. Create two AWS Lambda functions: one to delete the items and one to process the items. Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled rule to invoke the Lambda functions. Use the DeleteItem API operation to delete the items based on the expirationDate attribute. Use the GetRecords API operation to get the items from the DynamoDB table and process them.

D. Enable TTL on the expirationDate attribute in the table. Specify an Amazon Simple Queue Service (Amazon SQS) dead-letter queue as the target to delete the items. Create an AWS Lambda function to process the items.

A

A. Enable TTL on the expirationDate attribute in the table. Create a DynamoDB stream. Create an AWS Lambda function to process the deleted items. Create a DynamoDB trigger for the Lambda function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

167

A company has developed a new serverless application using AWS Lambda functions that will be deployed using the AWS Serverless Application Model (AWS SAM) CLI. Which step should the developer complete prior to deploying the application?

A. Compress the application to a .zip file and upload it into AWS Lambda.

B. Test the new AWS Lambda function by first tracing it in AWS X-Ray.

C. Bundle the serverless application using a SAM package.

D. Create the application environment using the eb create my-env command.

A

C. Bundle the serverless application using a SAM package.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

168

A developer is working on an ecommerce website. The developer wants to review server logs without logging in to each of the application servers individually. The website runs on multiple Amazon EC2 instances, is written in Python, and needs to be highly available. How can the developer update the application to meet these requirements with MINIMUM changes?

A. Rewrite the application to be cloud native and to run on AWS Lambda, where the logs can be reviewed in Amazon CloudWatch.

B. Set up centralized logging by using Amazon OpenSearch Service (Amazon Elasticsearch Service), Logstash, and OpenSearch Dashboards (Kibana).

C. Scale down the application to one larger EC2 instance where only one instance is recording logs.

D. Install the unified Amazon CloudWatch agent on the EC2 instances. Configure the agent to push the application logs to CloudWatch.

A

D. Install the unified Amazon CloudWatch agent on the EC2 instances. Configure the agent to push the application logs to CloudWatch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

169

A company needs an event-management platform to accept registrations for an upcoming event. The platform must perform a single invocation of an existing AWS Lambda function 10 minutes after a user completes a new account registration. Which solution will meet these requirements?

A. Add an item to an Amazon DynamoDB table. Set the item TTL to 10 minutes. Invoke the Lambda function when the TTL expires.

B. Create an ongoing Amazon EventBridge (Amazon CloudWatch Events) rule with a rate expression of 600 seconds. Create a rule/target to invoke the Lambda function.

C. Send a message to an Amazon Simple Queue Service (Amazon SQS) delay queue. Set the queue to 600 seconds. Configure the Lambda function with the queue as an event source.

D. Put a record in Amazon Kinesis Data Streams. Configure the Lambda function to use the data stream as an event source. Define the shard iterator AT_TIMESTAMP setting to 10 minutes.

A

C. Send a message to an Amazon Simple Queue Service (Amazon SQS) delay queue. Set the queue to 600 seconds. Configure the Lambda function with the queue as an event source.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

170

How would a developer notify users when a new item is written to a DynamoDB table without affecting the provisioned throughput?

A. Set up a DynamoDB stream to trigger a Lambda function that sends an SNS notification to users.

B. Schedule an Amazon CloudWatch event to regularly trigger a Lambda function that scans the DynamoDB table.

C. Run a polling application that queries the DynamoDB table at one-second intervals and send SNS notification to users.

D. Embed a Lambda notification function in DynamoDB and configure DynamoDB to trigger the embedded Lambda function when changes are made.

A

A. Set up a DynamoDB stream to trigger a Lambda function that sends an SNS notification to users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

171

A developer is writing a web application that is deployed on Amazon EC2 instances behind an internet-facing Application Load Balancer (ALB). The developer must add an Amazon CloudFront distribution in front of the ALB. The developer also must ensure that customer data from outside the VPC is encrypted in transit. Which combination of CloudFront configuration settings should the developer use to meet these requirements? (Choose two.)

A. Restrict viewer access by using signed URLs.

B. Set the Origin Protocol Policy setting to Match Viewer.

C. Enable field-level encryption.

D. Enable automatic object compression.

E. Set the Viewer Protocol Policy setting to Redirect HTTP to HTTPS.

A

B. Set the Origin Protocol Policy setting to Match Viewer.

E. Set the Viewer Protocol Policy setting to Redirect HTTP to HTTPS.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/data-protection-summary.html

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-cloudfront-to-custom-origin.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

172

A developer is writing a web application that must share secure documents with end users. The documents are stored in a private Amazon S3 bucket. The application must allow only authenticated users to download specific documents when requested, and only for a duration of 15 minutes. How can the developer meet these requirements?

A. Copy the documents to a separate S3 bucket that has a lifecycle policy for deletion after 15 minutes.

B. Create a presigned S3 URL using the AWS SDK with an expiration time of 15 minutes.

C. Use server-side encryption with AWS KMS managed keys (SSE-KMS) and download the documents using HTTPS.

D. Modify the S3 bucket policy to only allow specific users to download the documents. Revert the change after 15 minutes.

A

B. Create a presigned S3 URL using the AWS SDK with an expiration time of 15 minutes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

173

A company wants to migrate an existing web application to AWS. The application consists of two web servers and a MySQL database. The company wants the application to automatically scale in response to demand. The company also wants to reduce its operational overhead for database backups and maintenance. The company needs the ability to deploy multiple versions of the application concurrently. What is the MOST operationally efficient solution that meets these requirements?

A. Deploy the application to AWS Elastic Beanstalk. Migrate the database to an Amazon RDS Multi-AZ DB instance.

B. Create an Amazon Machine Image (AMI) that contains the application code. Create an Auto Scaling group that is based on the AMI. Integrate the Auto Scaling group with an Application Load Balancer for the web servers. Migrate the database to a MySQL instance that runs on an Amazon EC2 instance.

C. Deploy the application to AWS Elastic Beanstalk. Migrate the database to a MySQL instance that runs on an Amazon EC2 instance.

D. Create an Amazon Machine Image (AMI) that contains the application code. Create an Auto Scaling group that is based on the AMI. Integrate the Auto Scaling group with an Application Load Balancer for the web servers. Migrate the database to an Amazon RDS Multi-AZ DB instance.

A

A. Deploy the application to AWS Elastic Beanstalk. Migrate the database to an Amazon RDS Multi-AZ DB instance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

174

A financial company must store original customer records for 10 years for legal reasons. A complete record contains personally identifiable information (PII). According to local regulations. PII is available to only certain people in the company and must not be shared with third parties. The company needs to make the records available to third-party organizations for statistical analysis without sharing the PII. A developer wants to store the original immutable record in Amazon S3. Depending on who accesses the S3 document, the document should be returned as is or with all the PII removed. The developer has written an AWS Lambda function to remove the PII from the document. The function is named removePii. What should the developer do so that the company can meet the PII requirements while maintaining only one copy of the document?

A. Set up an S3 event notification that invokes the removePii function when an S3 GET request is made. Call Amazon S3 by using a GET request to access the object without PII.

B. Set up an S3 event notification that invokes the removePii function when an S3 PUT request is made. Call Amazon S3 by using a PUT request to access the object without PII.

C. Create an S3 Object Lambda access point from the S3 console. Select the removePii function. Use S3 Access Points to access the object without PII.

D. Create an S3 access point from the S3 console. Use the access point name to call the GetObjectLegalHold S3 API function. Pass in the removePii function name to access the object without PII.

A

C. Create an S3 Object Lambda access point from the S3 console. Select the removePii function. Use S3 Access Points to access the object without PII.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

175

A developer is designing an AWS Lambda function that creates temporary files that are less than 10 MB during invocation. The temporary files will be accessed and modified multiple times during invocation. The developer has no need to save or retrieve these files in the future. Where should the temporary files be stored?

A. the /tmp directory

B. Amazon Elastic File System (Amazon EFS)

C. Amazon Elastic Block Store (Amazon EBS)

D. Amazon S3

A

A. the /tmp directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

176

A developer is building a web and mobile application for two types of users: regular users and guest users. Regular users are required to log in, but guest users do not log in. Users should see only their data, regardless of whether they authenticate. Users need AWS credentials before they can access AWS resources. What is the MOST secure solution that the developer can implement to allow access for guest users?

A. Use an Amazon Cognito credentials provider to issue temporary credentials that are linked to an unauthenticated role that has access to the required resources.

B. Set up an IAM user that has permissions to the required resources. Hardcode the IAM credentials in the web and mobile application.

C. Generate temporary keys that are stored in AWS Key Management Service (AWS KMS). Use the temporary keys to access the required resources.

D. Generate temporary credentials. Store the temporary credentials in AWS Secrets Manager. Use the temporary credentials to access the required resources.

A

A. Use an Amazon Cognito credentials provider to issue temporary credentials that are linked to an unauthenticated role that has access to the required resources.

16
Q

177

A developer is using AWS Elastic Beanstalk to create a deployment for a web application that supports ecommerce. According to a company requirement. Amazon EC2 instances that host one version of the application must be retired when the deployment of a new version is complete. Which deployment methods can the developer use to meet this requirement? (Choose two.)

A. All-al-once deployment

B. In-place deployment

C. Rolling deployment without an additional batch

D. Blue/green deployment

E. Immutable deployment

A

D. Blue/green deployment

E. Immutable deployment

17
Q

178

A company caches session information for a web application in an Amazon DynamoDB table. The company wants an automated way to delete old items from the table. What is the simplest way to do this?

A. Write a script that deletes old records; schedule the script as a cron job on an Amazon EC2 instance.

B. Add an attribute with the expiration time; enable the Time To Live feature based on that attribute.

C. Each day, create a new table to hold session data; delete the previous day’s table.

D. Add an attribute with the expiration time; name the attribute ItemExpiration.

A

B. Add an attribute with the expiration time; enable the Time To Live feature based on that attribute.

18
Q

179

A company’s new mobile app uses Amazon API Gateway. As the development team completes a new release of its APIs, a developer must safely and transparently roll out the API change. What is the SIMPLEST solution for the developer to use for rolling out the new API version to a limited number of users through API Gateway?

A. Create a new API in API Gateway. Direct a portion of the traffic to the new API using an Amazon Route 53 weighted routing policy.

B. Validate the new API version and promote it to production during the window of lowest expected utilization.

C. Implement an Amazon CloudWatch alarm to trigger a rollback if the observed HTTP 500 status code rate exceeds a predetermined threshold.

D. Use the canary release deployment option in API Gateway. Direct a percentage of the API traffic using the canarySettings setting.

A

D. Use the canary release deployment option in API Gateway. Direct a percentage of the API traffic using the canarySettings setting.

19
Q

A developer is designing a serverless application that customers use to select seats for a concert venue. Customers send the ticket requests to an Amazon API Gateway API with an AWS Lambda function that acknowledges the order and generates an order ID. The application includes two additional Lambda functions: one for inventory management and one for payment processing. These two Lambda functions run in parallel and write the order to an Amazon Dynamo DB table.

The application must provide seats to customers according to the following requirements. If a seat is accidently sold more than once, the first order that the application received must get the seat. In these cases, the application must process the payment for only the first order. However, if the first order is rejected during payment processing, the second order must get the seat. In these cases, the application must process the payment for the second order. Which solution will meet these requirements?

A. Send the order ID to an Amazon Simple Notification Service (Amazon SNS) FIFO topic that fans out to one Amazon Simple Queue Service (Amazon SQS) FIFO queue for inventory management and another SQS FIFO queue for payment processing.

B. Change the Lambda function that generates the order ID to initiate the Lambda function for inventory management. Then initiate the Lambda function for payment processing.

C. Send the order ID to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the Lambda functions for inventory management and payment processing to the topic.

D. Deliver the order ID to an Amazon Simple Queue Service (Amazon SQS) queue. Configure the Lambda functions for inventory management and payment processing to poll the queue.

A

A. Send the order ID to an Amazon Simple Notification Service (Amazon SNS) FIFO topic that fans out to one Amazon Simple Queue Service (Amazon SQS) FIFO queue for inventory management and another SQS FIFO queue for payment processing.

DVA (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions