From Tests Flashcards

1
Q

You are using CodePipeline automatically deploy code to your environments every time a developer pushes new code to CodeCommit, however your newly built code fails one of the automated tests you have configured as part of your pipeline. How does CodePipeline deal with this failure?

The code is still deployed however CodePipeline sends an SNS notification that one or more tests have failed

CodePipeline deploys only the code changes that passed the automated tests

The pipeline stops immediately because one stage has failed

CodePipeline automatically retries the failed stage of the pipeline

A

The pipeline stops immediately because one stage has failed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
You have a motion sensor that reads 300 items of data every 30 seconds. Each item consists of 5kb. Your application uses eventually consistent reads. In order for your application to keep up, what should you set the read throughput to?
​
5
​
10
​
30
​
20
A

10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
Which of the following can optimise the performance of a large a scan in DynamoDB?
​
Run a single scan rather than multiple smaller scans
​
Run smaller scans in parallel
​
Increase the page size
​
Increase your read capacity units
A

Run smaller scans in parallel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following are ways of remediating a ProvisionedThroughputExceeded error from DynamoDB? [Select 2]

Reduce the frequency of requests to the DynamoDB table

Increase the frequency of requests to the DynamoDB table

Move your application to a larger instance type

Exponential Backoff

A

Reduce the frequency of requests to the DynamoDB table

Exponential Backoff

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the difference between a Global Secondary Index and a Local Secondary Index [Select 2]

You can create a Local Secondary Index at any time but you can only create a Global Secondary Index at table creation time

You can delete a Global Secondary Index at any time

You can delete a Local Secondary Index at any time

You can create a Global Secondary Index at any time but you can only create a Local Secondary Index at table creation time

A

You can create a Global Secondary Index at any time but you can only create a Local Secondary Index at table creation time

You can delete a Global Secondary Index at any time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can you prevent CloudFormation from deleting your entire stack on failure? [Select 2]

Use the –disable-rollback flag with the AWS CLI

Set Termination Protection to Enabled in the CloudFormation console

Use the –disable-rollback flag with the AWS CLI

Use the –enable-termination-protection flag with the AWS CLI

A

Use the –disable-rollback flag with the AWS CLI

Use the –disable-rollback flag with the AWS CLI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following are recommended ways to optimise a query or scan in DynamoDB? [Select 2]

Reduce the page size to return fewer items per results page

Filter your results based on the Primary Key and Sort Key

Set your queries to be eventually consistent

Run parallel scans

A

A smaller page size means uses fewer read operations and creates a “pause” between each request which reduces the impact of a query or scan operation. A larger number of smaller operations can allow other critical requests to succeed without throttling. For large tables, a parallel scan can complete much faster than a sequential one, if the table’s provisioned read throughput is not already being fully used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A Developer requires a multi-threaded in-memory cache to place in front of an Amazon RDS database. Which caching solution should the Developer choose?

​
Amazon RedShift
​
Amazon DynamoDB DAX
​
Amazon ElastiCache Redis
​
Amazon ElastiCache Memcached
A

Amazon ElastiCache Memcached

INCORRECT: “Amazon ElastiCache Redis” is incorrect as Redis it not multi-threaded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

To reduce the cost of API actions performed on an Amazon SQS queue, a Developer has decided to implement long polling. Which of the following modifications should the Developer make to the API actions?


Set the ReceiveMessage API with a WaitTimeSeconds of 20

​Set the SetQueueAttributes API with a DelaySeconds of 20

Set the ReceiveMessage API with a VisibilityTimeout of 30

​Set the SetQueueAttributes with a MessageRetentionPeriod of 60

A

Set the ReceiveMessage API with a WaitTimeSeconds of 20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A Development team would use a GitHub repository and would like to migrate their application code to AWS CodeCommit.
What needs to be created before they can migrate a cloned repository to CodeCommit over HTTPS?


A GitHub secure authentication token

A set of Git credentials generated with IAM

An Amazon EC2 IAM role with CodeCommit permissions

A public and private SSH key file

A

A set of Git credentials generated with IAM

In this scenario the Development team need to connect to CodeCommit using HTTPS so they need either AWS access keys to use the AWS CLI or Git credentials generated by IAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company is deploying an on-premise application server that will connect to several AWS services. What is the BEST way to provide the application server with permissions to authenticate to AWS services?


Create an IAM user and generate access keys. Create a credentials file on the application server

(Correct)

Create an IAM user and generate a key pair. Use the key pair in API calls to AWS services


Create an IAM role with the necessary permissions and assign it to the application server

(Incorrect)

Create an IAM group with the necessary permissions and add the on-premise application server to the group

A

Create an IAM user and generate access keys. Create a credentials file on the application server

INCORRECT: “Create an IAM role with the necessary permissions and assign it to the application server” is incorrect. This is an on-premises server so it is not possible to use an IAM role. If it was an EC2 instance, this would be the preferred (best practice) option.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An application uses AWS Lambda which makes remote to several downstream services. A developer wishes to add data to custom subsegments in AWS X-Ray that can be used with filter expressions. Which type of data should be used?


Annotations

Daemon

​Trace ID

Metadata

A

Annotations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A company has a large Amazon DynamoDB table which they scan periodically so they can analyze several attributes. The scans are consuming a lot of provisioned throughput. What technique can a Developer use to minimize the impact of the scan on the table’s provisioned throughput?

​
Define a range key on the table
​
Set a smaller page size for the scan
​
Prewarm the table by updating all items
​
Use parallel scans
A


Set a smaller page size for the scan

INCORRECT: “Use parallel scans” is incorrect as this will return results faster but place more burden on the table’s provisioned throughput.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A company has created a set of APIs using Amazon API Gateway and exposed them to partner companies. The APIs have caching enabled for all stages. The partners require a method of invalidating the cache that they can build into their applications.

What can the partners use to invalidate the API cache?


They can pass the HTTP header Cache-Control: max-age=0

They can invoke an AWS API endpoint which invalidates the cache

They can use the query string parameter INVALIDATE_CACHE

They must wait for the TTL to expire

A

They can pass the HTTP header Cache-Control: max-age=0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A company is deploying an Amazon Kinesis Data Streams application that will collect streaming data from a gaming application. Consumers will run on Amazon EC2 instances.

In this architecture, what can be deployed on consumers to act as an intermediary between the record processing logic and Kinesis Data Streams and instantiate a record processor for each shard?

​
Amazon Kinesis Client Library (KCL)
Amazon Kinesis CLI​
Amazon Kinesis API​
AWS CLI
A

Amazon Kinesis Client Library (KCL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A Developer needs to scan a full DynamoDB 50GB table within non-peak hours. About half of the strongly consistent RCUs are typically used during non-peak hours and the scan duration must be minimized.

How can the Developer optimize the scan execution time without impacting production workloads?


Use sequential scans

Use parallel scans while limiting the rate

Change to eventually consistent RCUs during the scan operation

Increase the RCUs during the scan operation

A

Use parallel scans while limiting the rate

17
Q

A company has implemented AWS CodePipeline to automate its release pipelines. The Development team is writing an AWS Lambda function that will send notifications for state changes of each of the actions in the stages.

Which steps must be taken to associate the Lambda function with the event source?


Create an Amazon CloudWatch Events rule that uses CodePipeline as an event source

Create a trigger that invokes the Lambda function from the Lambda console by selecting CodePipeline as the event source

Create an event trigger and specify the Lambda function from the CodePipeline console

Create an Amazon CloudWatch alarm that monitors status changes in CodePipeline and triggers the Lambda function

A

Create an Amazon CloudWatch Events rule that uses CodePipeline as an event source

INCORRECT: “Create an event trigger and specify the Lambda function from the CodePipeline console” is incorrect as CodePipeline cannot be configured as a trigger for Lambda.

18
Q

A Developer is deploying an application in a microservices architecture on Amazon ECS. The Developer needs to choose the best task placement strategy to MINIMIZE the number of instances that are used. Which task placement strategy should be used?

​
spread​
random
binpack
weighted
A

binpack

binpack - Place tasks based on the least available amount of CPU or memory. This minimizes the number of instances in use.

19
Q

An X-Ray daemon is being used on an Amazon ECS cluster to assist with debugging stability issues. A developer requires more detailed timing information and data related to downstream calls to AWS services.

What should the developer use to obtain this extra detail?

​
Metadata​
Filter expressions​
Subsegments​
Annotations
A

A segment can break down the data about the work done into subsegments. Subsegments provide more granular timing information and details about downstream calls that your application made to fulfill the original request.

A subsegment can contain additional details about a call to an AWS service, an external HTTP API, or an SQL database. You can even define arbitrary subsegments to instrument specific functions or lines of code in your application.

20
Q

An organization developed an application that uses a set of APIs that are being served through Amazon API Gateway. The API calls must be authenticated based on OpenID identity providers such as Amazon, Google, or Facebook. The APIs should allow access based on a custom authorization model.
Which is the simplest and MOST secure design to use to build an authentication and authorization model for the APIs?


Use Amazon DynamoDB to store user credentials and have the application retrieve temporary credentials from AWS STS. Make API calls by passing user credentials to the APIs for authentication and authorization

Use Amazon ElastiCache to store user credentials and pass them to the APIs for authentication and authorization

Build an OpenID token broker with Amazon and Facebook. Users will authenticate with these identify providers and pass the JSON Web Token to the API to authenticate each API call

Use Amazon Cognito user pools and a custom authorizer to authenticate and authorize users based on JSON Web Tokens

A

With Amazon Cognito User Pools your app users can sign in either directly through a user pool or federate through a third-party identity provider (IdP). The user pool manages the overhead of handling the tokens that are returned from social sign-in through Facebook, Google, Amazon, and Apple, and from OpenID Connect (OIDC) and SAML IdPs.

After successful authentication, Amazon Cognito returns user pool tokens to your app. You can use the tokens to grant your users access to your own server-side resources, or to the Amazon API Gateway. Or, you can exchange them for AWS credentials to access other AWS services.

The ID token is a JSON Web Token (JWT) that contains claims about the identity of the authenticated user such as name, email, and phone_number. You can use this identity information inside your application. The ID token can also be used to authenticate users against your resource servers or server applications.

21
Q

A developer is planning to use a Lambda function to process incoming requests from an Application Load Balancer (ALB). How can this be achieved?


Create an Auto Scaling Group (ASG) and register the Lambda function in the launch configuration

Create a target group and register the Lambda function using the AWS CLI

Setup an API in front of the ALB using API Gateway and use an integration request to map the request to the Lambda function

Configure an event-source mapping between the ALB and the Lambda function

A

Create a target group and register the Lambda function using the AWS CLI

You can register your Lambda functions as targets and configure a listener rule to forward requests to the target group for your Lambda function. When the load balancer forwards the request to a target group with a Lambda function as a target, it invokes your Lambda function and passes the content of the request to the Lambda function, in JSON format.

You need to create a target group, which is used in request routing, and register a Lambda function to the target group. If the request content matches a listener rule with an action to forward it to this target group, the load balancer invokes the registered Lambda function.

22
Q

A Developer will be launching several Docker containers on a new Amazon ECS cluster using the EC2 Launch Type. The containers will all run a web service on port 80.

What is the EASIEST way the Developer can configure the task definition to ensure the web services run correctly and there are no port conflicts on the host instances?


Specify a unique port number for the container port and port 80 for the host port

Specify port 80 for the container port and a unique port number for the host port

Specify port 80 for the container port and port 0 for the host port

Leave both the container port and host port configuration blank

A

Specify port 80 for the container port and port 0 for the host port

The easiest way to do this is to set the host port number to 0 and ECS will automatically assign an available port. We also need to assign port 80 to the container port so that the web service is able to run.

23
Q

A Developer is setting up a code update to Amazon ECS using AWS CodeDeploy. The Developer needs to complete the code update quickly. Which of the following deployment types should the Developer use?

In-place
Canary​
Linear​
Blue/green

A

Blue/green

INCORRECT: “In-place” is incorrect as AWS Lambda and Amazon ECS deployments cannot use an in-place deployment type.

24
Q

A Developer is deploying an AWS Lambda update using AWS CodeDeploy. In the appspec.yaml file, which of the following is a valid structure for the order of hooks that should be specified?


BeforeAllowTraffic > AfterAllowTraffic

BeforeBlockTraffic > AfterBlockTraffic > BeforeAllowTraffic > AfterAllowTraffic

BeforeInstall > AfterInstall > AfterAllowTestTraffic > BeforeAllowTraffic > AfterAllowTraffic

BeforeInstall > AfterInstall > ApplicationStart > ValidateService

A

BeforeAllowTraffic > AfterAllowTraffic

25
Q

A decoupled application is using an Amazon SQS queue. The processing layer that is retrieving messages from the queue is not able to keep up with the number of messages being placed in the queue.

What is the FIRST step the developer should take to increase the number of messages the application receives?


Use the API to update the WaitTimeSeconds parameter to a value other than 0

Use the ReceiveMessage API to retrieve up to 10 messages at a time

Configure the queue to use short polling

Add additional Amazon SQS queues and have the application poll those queues

A

Use the ReceiveMessage API to retrieve up to 10 messages at a time