AWS DEV-A Practice Exam 6 (training mode)

Question 1

Envelope encryption is the practice of encrypting __________ data with a data key, and then __________ the data key under another key.

Answer 1

Envelope encryption is the practice of encrypting plaintext data with a data key, and then encrypting the data key under another key.

Question 2

With envelope encryption, one key must ____ ____ ________ so you can decrypt the keys and your data.

Answer 2

With envelope encryption, one key must remain in plaintext so you can decrypt the keys and your data.

Question 3

Amazon Cognito Sync ________ user profile data across ________ devices and the ____ without requiring your backend.

Answer 3

Amazon Cognito Sync synchronizes user profile data across mobile devices and the web without requiring your backend.

Question 4

The AWS Serverless Application Model (SAM) provides ______ syntax to express functions, APIs, ________, and _____ ______ mappings.

Answer 4

The AWS Serverless Application Model (SAM) provides shorthand to express functions, APIs, databases and event source mappings

Question 5

During deployment, SAM transforms and expands the ____ syntax into AWS ____________ syntax, enabling you to build serverless applications faster.

Answer 5

During deployment, SAM transforms and expands the SAM syntax into AWS CloudFormation syntax, enabling you to build serverless applications faster.

Question 6

Amazon Kinesis Data Firehose is the easiest way to reliably ____ streaming data into data lakes, data ________ and ________ tools

Answer 6

Amazon Kinesis Data Firehose is the easiest way to reliably load streaming data into data lakes, data stores and analytics tools.

Question 7

Amazon Kinesis Data Firehose can ________, ________, and ____ streaming data into S3, Redshift, ________________, and ________.

Answer 7

Amazon Kinesis Data Firehose can capture, transform, and load streaming data into S3, Redshift, Elasticsearch, and Splunk.

Question 8

Amazon Kinesis Firehose can enables near real-time ________ with existing business intelligence ________ and ________ .

Answer 8

Amazon Kinesis FIrehouse can enables near real-time analytics with existing business intelligence tools and dashboards.

Question 9

With an Application Load Balancer it is possible to route requests based on the _____ _____ specified in the Host header

Answer 9

With an Application Load Balancer it is possible to route requests based on the domain name specified in the Host header.

Question 10

AWS Step Functions is based on the concepts of ____ and state _________.

Answer 10

AWS Step Functions is based on the concepts of tasks and state machines.

Question 11

AWS Step Functions

You define state machines using the JSON-based Amazon ________ Language.

Answer 11

You define state machines using the JSON-based Amazon States Language.

Question 12

AWS ________ makes it easy for developers to analyze the behavior of their production, distributed applications with end-to-end tracing capabilities

Answer 12

AWS X-Ray makes it easy for developers to analyze the behavior of their production, distributed applications with end-to-end tracing capabilities

Question 13

AWS X-Ray

Use ________ to record data you want to store in the trace but don’t need to use for searching traces.

Answer 13

Use metadata to record data you want to store in the trace but don’t need to use for searching traces.

Question 14

AWS X-Ray

Annotations are simple key-value pairs that are indexed for use with ____ ______.

Answer 14

Annotations are simple key-value pairs that are indexed for use with filter expressions

Question 15

The memberOf task placement constraint places tasks on container instances that ________ an expression.

Answer 15

The member Of task placement constraint places tasks on container instances that satisfy an expression.

Question 16

A task placement ______ is a rule that is considered during task placement. Task placement constraints can be specified when either running a task or creating a new service.

Answer 16

A constraint is a rule that is considered during task placement. Task placement constraints can be specified when either running a task or creating a new service.

Question 17

A ________________ is a collection of build commands and related settings, in ____ format, that CodeBuild uses to run a build your application

Answer 17

A buildspec.yml is a collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build using AWS CodeBuild.

Question 18

You can apply task placement strategies and constraints to customize how Amazon ECS ________ and ________ tasks.

Answer 18

You can apply task placement strategies and constraints to customize how Amazon ECS places and terminates tasks.

Question 19

In IAM roles, use the ________ element in the role trust policy to specify who can assume the role.

Answer 19

In IAM roles, use the Principal element in the role trust policy to specify who can assume the role.

Question 20

Amazon ____ ____ ________ requires consumers running on EC2 instances or AWS Lambda for processing the data from the stream.

Answer 20

Amazon Kinesis Data Streams requires consumers running on EC2 instances or AWS Lambda for processing the data from the stream.

Question 21

To encrypt ________ quantities of data with the AWS Key Management Service (KMS), you must use a ____ encryption key rather than a ________ master keys

Answer 21

To encrypt large quantities of data with the AWS Key Management Service (KMS), you must use a data encryption key rather than a ; customer master keys

Question 22

IAM JSON policy required elements

Answer 22

Version
Statement
Effect
Principal: You must use the Principal element in resource-based policies.

Question 23

The ____ policy element is mandatory and tells AWS whether this policy will explicitly Allow or Deny access to the particular resources declared in the statement.

Answer 23

The Effect policy element is mandatory and tells AWS whether this policy will explicitly Allow or Deny access to the particular resources declared in the statement.

{

“Version”: “2012-10-17”,

“Statement”:[

{
“Effect”: “Allow”,
}
]
}

Question 24

IAM JSON policy elements:

The ____ element describes the specific actions that will be allowed or denied. Statements must include either an ____ or ________ element.

Answer 24

The Action element describes the specific action or actions that will be allowed or denied. Statements must include either an Action or NotAction element.

{

“Version”: “2012-10-17”,

“Statement”:[

{

“Effect”: “Allow”,

“Action”: “ec2:StartInstances”,
}
]
}

Question 25

CodeDeploy

The AppSpec.yml file specifies the ____ ____ definition used for the deployment,

Answer 25

The AppSpec.yml file specifies the ECS task definition used for the deployment.

Question 26

CodeDeploy provides two deployment type options: __ ______ and ___/____.

Answer 26

CodeDeploy provides two deployment type options: in-place and blue/green

Question 27

In-place deployment:

The application on each instance in the deployment group is ________ , the latest application revision is ________, and the new version of the application is started and ________.

Answer 27

The application on each instance in the deployment group is stopped, the latest application revision is installed, and the new version of the application is started and validated.

Question 28

Whats the only situation that will allow you to usein-place deployments?

Answer 28

EC2/On-Premises compute platforms

Question 29

The name of the AppSpec file for an EC2/On-Premises deployment must be ________. The name of the AppSpec file for an Amazon ECS or AWS Lambda deployment must be ________ or ________.

Answer 29

The name of the AppSpec file for an EC2/On-Premises deployment must be appspec.yml. The name of the AppSpec file for an Amazon ECS or AWS Lambda deployment can be appspec.yaml or appspec.yml.

Question 30

For Amazon ECS and AWS Lambda there are three ways traffic can be shifted during a deployment:
Canary, Linear, All-At-Once

Answer 30

Canary: Traffic is shifted in two increments. You choose the 1st increment & the interval, in minutes, before the remaining traffic is shifted

Linear: Traffic is shifted in equal increments with an equal number of minutes between each increment.

All-at-once: All traffic is shifted from the original Amazon ECS task set / Lambda function to the updated ECS task set / Lambda function at once

Question 31

EC2 Instance Blue/Green Deployment

During the blue/green deployment, CodeDeploy uses ___ ____ group you specify as a template for the replacement environment, including the same number of running ________ and many other ________ options.

Answer 31

During the blue/green deployment, CodeDeploy uses EC2 ASG you specify as a template for the replacement environment, including the same number of running instances and many other configuration options.

Question 32

EC2 Instance Blue/Green Deployment

You can Choose to deploy instances manually:

You can EC2 instance ____, ___ _______, or both.
If you choose this option, you do not need to specify the instances for the replacement environment until you create a deployment.

Answer 32

You can EC2 instance tags, ASG Names, or both.
If you choose this option, you do not need to specify the instances for the replacement environment until you create a deployment.

Question 33

A Lambda authorizer is an API Gateway feature that uses a Lambda function to _________ _________ to your API.

Answer 33

A Lambda authorizer is an API Gateway feature that uses a Lambda function to control access to your API.

There are two types of Lambda authorizers: A token-based request or request parameter-based

Question 34

Lambda authorizer

When a client makes a request to one of your API’s methods, API Gateway calls your Lambda authorizer, which takes the caller’s ________ as input and returns an ___ ________ as output.

Answer 34

When a client makes a request to one of your API’s methods, API Gateway calls your Lambda authorizer, which takes the caller’s identity as input and returns an IAM policy as output.

Question 35

A request parameter-based Lambda authorizer receives the caller’s identity in a combination of _______ , ______ ______ parameters, stageVariables, and $_________ variables.

(also called a REQUEST authorizer)

Answer 35

A request parameter-based Lambda authorizer receives the caller’s identity in a combination of headers, query string parameters, stageVariables, and $context variables.

Question 36

To encrypt large quantities of data with the AWS Key Management Service (KMS), you must use a ____ encryption key rather than a _____ _________ keys

Answer 36

To encrypt large quantities of data with the AWS Key Management Service (KMS), you must use a data encryption key rather than a customer master keys

This is because a CMK can only encrypt up to 4KB in a single operation

Question 37

** CloudFront edge caches**

To invalidate files, you can specify either the ____ for individual files or a path that ends with the _______

Answer 37

To invalidate files, you can specify either the path for individual files or a path that ends with the * wildcard, which might apply to one file or to many, as shown in the following examples:

/images/image1.jpg
/images/image*
/images/*

Question 38

Amazon Cognito identity pools provide ______________ AWS credentials for users who are ______________ ________ or a ________ for users who have been authenticated.

Answer 38

Amazon Cognito identity pools provide temporary AWS credentials for users who are unauthenticated guests or a token for users who have been authenticated.

Question 39

Port mappings allow containers to access ports on the host container instance to ____ or ____ traffic.

Docker & ECS

Answer 39

Port mappings allow containers to access ports on the host container instance to send or receive traffic.

Port mappings are specified as part of the container definition.

Question 40

The ________ definition settings are specified within the ____ definition.

Docker & ECS

Answer 40

The container definition settings are specified within the task definition.

Question 41

CodeDeploy

What are the steps to a Blue/green depoyment on EC2?
7 Steps

1. New Instances Provisioned
2. New Version Installed
3. Testing Performed
   4.
   5.
   6.
   7.

Answer 41

1. New Instances Provisioned
2. New Version Installed
3. Testing Performed
4. ELB Registration
5. Traffice Re-Route
6. Original Instances De-Registered
7. Terminated

Question 42

In container definition section within the task definition you specify the settings for _______________ and ____________

Answer 42

In container definition section within the task definition you specify the settings for containerPort and hostPort.

Question 43

Container Definition

containerPort is the port number on the container that is ________ to the user-specified or automatically assigned ____ port.

Answer 43

containerPort is the port number on the container that is bound to the user-specified or automatically assigned host port.

Question 44

When you invoke a function, two types of error can occur:

Answer 44

Invocation errors
Function errors

Question 45

When you invoke a function, two types of error can occur. ________ errors occur when the ________ request is rejected before your function receives it. ____ errors occur when your ________ code or runtime returns an error.

Answer 45

When you invoke a function, two types of error can occur. Invocation errors occur when the invocation request is rejected before your function receives it. Function errors occur when your function’s code or runtime returns an error.

Question 46

An Invocation error occurs when the invocation request is ________ before your function ________ it.

Answer 46

An Invocation error occurs when the invocation request is rejected before your function receives it.

Question 47

Function errors occur when your function’s ____ or ________ returns an error.

Answer 47

Function errors occur when your function’s code or runtime returns an error.

Question 48

Kinesis Data Streams enables you to build custom ________ that ________ or ____________ streaming data for specialized needs.

Answer 48

Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs.

Question 49

Kinesis Data Streams Common use cases include:

Real-time metrics and ________.
Real-time data ________.
Complex stream ____________.

Answer 49

Real-time metrics and reporting.
Real-time data analytics.
Complex stream processing.

Question 50

What are the two caching strategies available when using ElastiCache

Answer 50

Lazy Loading and Write-Through

Question 51

ElastiCache: Lazy loading only loads data into the cache when _______ like if a cache ______ occurs

ElastiCache

Answer 51

Lazy loading only loads data into the cache when necessary like if a cache miss occurs

Question 52

Lazy loading avoids _____________ ___ the cache with data that won’t be ___________

Answer 52

Lazy loading avoids filling up the cache with data that won’t be requested.

Question 53

When using Lazy Loading what happens if the data is not in the cache or has expired? ElastiCache returns a _____.

The application then fetches the data from the __________ and writes the data received into the _______ so that it is available for next time.

Answer 53

ElastiCache returns a null.

The application then fetches the data from the database and writes the data received into the cache so that it is available for next time.

Question 54

When using a write-through strategy, the cache is updated whenever a new ____ or ________ is made to the underlying database.

ElastiCache

Answer 54

When using a write-through strategy, the cache is updated whenever a new write or update is made to the underlying database.

Allows cache data to remain up-to-date.

Question 55

What is a downside of using the write-through strategy with ElastiCache?

Answer 55

Can add wait time to write operations in your application

Question 56

Sequencing with FIFO queues:

To ensure strict ordering between messages, specify a ____________.

Answer 56

To ensure strict ordering between messages, specify a MessageGroupId.

Question 57

To determine the number of WCUs required ________ the item size by the number of ____ ______.

Answer 57

To determine the number of WCUs required multiply the item size by the number of writes required.

Question 58

Within Amazon CloudWatch you can view statistical ____ of your published ________ with the AWS Management Console.

Answer 58

Within Amazon CloudWatch you can view statistical graphs of your published metrics with the AWS Management Console.

Question 59

Custom Metrics

You can publish your own metrics to CloudWatch using the AWS ____ or an ____.

Answer 59

You can publish your own metrics to CloudWatch using the AWS CLI or an API.

Question 60

A namespace is a container for CloudWatch metrics. Metrics in different namespaces are ________ from each other, so that metrics from different applications are not mistakenly ________ into the ____ statistics.

Answer 60

A namespace is a container for CloudWatch metrics. Metrics in different namespaces are isolated from each other, so that metrics from different applications are not mistakenly aggregated into the same statistics.

Question 61

In custom metrics, the dimensions parameter further clarifies the metrics ________ and the type of data it ______.

Answer 61

In custom metrics, the dimensions parameter further clarifies the metric functionalityand the type of data it stores

Question 62

CloudWatch Alarms

You can use an alarm to ________ initiate ________ on your behalf.

Answer 62

You can use an alarm to automatically initiate actions on your behalf.

Question 63

CodeDeploy

What are the steps to a Blue/green depoyment on EC2?
7 Steps

4. ELB Registration
5. Traffice Re-Route
6. Original Instances De-Registered
7. Terminated

Answer 63

1. New Instances Provisioned
2. New Version Installed
3. Testing Performed
4. ELB Registration
5. Traffice Re-Route
6. Original Instances De-Registered
7. Terminated

Question 64

To calculate the concurrency requirements for the Lambda function multiply the number of ________ per second by the ________ it takes to complete the execution

Answer 64

To calculate the concurrency requirements for the Lambda function multiply the number of executions per second by the time it takes to complete the execution

Question 65

Amazon SQS only supports messages up to ________ in size. Therefore, the SQS ______ ______ Library for Java must be used.

Answer 65

Amazon SQS only supports messages up to 256KB in size. Therefore, the SQS Extended Client Library for Java must be used.

Question 66

To restrict access to content that you serve from Amazon S3 buckets, you create CloudFront signed ________ or signed ________ to limit access to files in your Amazon S3 bucket. Then you create a special CloudFront user called an origin _______ _______ and associate it with your distribution

Answer 66

To restrict access to content that you serve from Amazon S3 buckets, you create CloudFront signed URLs or signed cookies to limit access to files in your Amazon S3 bucket. Then you create a special CloudFront user called an origin access identity (OAI) and associate it with your distribution

Question 67

When you use an CloudFront OAI the ________ must be changed on the S3 bucket to _____ _________ to the OAI only.

Answer 67

When you use an CloudFront OAI the permissions must be changed on the S3 bucket to restrict access to the OAI only.

Question 68

ElastiCache is a fully ________, low ________, ____________ data store that supports either Memcached or Redis.

Answer 68

ElastiCache is a fully managed, low latency, in-memory data store that supports either Memcached or Redis.

Question 69

FIFO (First-In-First-Out) queues are designed to ________ messaging between applications when the order of operations and events is critical, or where ________ can’t be tolerated.

Answer 69

FIFO (First-In-First-Out) queues are designed to enhance messaging between applications when the order of operations and events is critical, or where duplicates can’t be tolerated.

Question 70

CloudWatch: Custom Metrics

Each metric is one of the following:

Standard resolution: data granularity of one ________
High resolution: data granularity of one ________

Answer 70

Standard resolution: data granularity of one minute
High resolution: data granularity of one second

Question 71

Sequencing with FIFO queues:

Messages with a different Group ID may be received ____ __ _____

Answer 71

Messages with a different Group ID may be received out of order