AWS Cloud Developer
What are three ways to interact with AWS service application programming interfaces (APIs)? (Select the THREE best options.) - AWS CloudTrail - AWS Management Console - AWS software development kits (SDKs) - AWS X-Ray - AWS Identity and Access Management (IAM) - AWS Command Line Interface (AWS CLI)
- AWS Management Console - AWS software development kits (SDKs) - AWS Command Line Interface (AWS CLI)
Which option is the Amazon Web Services (AWS) customer responsible for under the AWS shared responsibility model? (Select TWO.) - Security group configuration - Physical servers - Client-side data - Edge location infrastructure - Availability Zone security
- Security group configuration - Client-side data
Which statements describe AWS resource application programming interfaces (APIs)? (Select TWO.) - They provide a lower-level abstraction than the higher-level calls made by service client APIs. - They have objects for request and result data. - They provide a higher-level abstraction than the low-level calls made by service client APIs. - They provide access to resources through objects and collections. - They have at least one class per conceptual resource.
- They provide a higher-level abstraction than the low-level calls made by service client APIs. - They provide access to resources through objects and collections.
Which tools enable users to control their AWS services from the command line and automate service management with scripts? (Select THREE.) - AWS Cloud9 - AWS Serverless Application Model (AWS SAM) - AWS Tools for PowerShell - AWS Amplify - AWS CodeCommit - AWS X-Ray
AWS Serverless Application Model (AWS SAM) - AWS Tools for PowerShell - AWS Amplify
Which actions require permissions that are defined in the AWS Lambda execution role? (Select TWO.) a. A Lambda function writes to an Amazon DynamoDB table. b. An object that is written to an Amazon Simple Storage Service (Amazon S3) bucket initiates invocation of a Lambda function. c. Lambda polls an Amazon Simple Queue Service (Amazon SQS) queue for messages that initiate invocation of a Lambda function. d. An Amazon API Gateway GET route initiates invocation of a Lambda function. e. A message that is posted to an Amazon Simple Notification Service (Amazon SNS) topic initiates invocation of a Lambda function.
a. A Lambda function writes to an Amazon DynamoDB table. c. Lambda polls an Amazon Simple Queue Service (Amazon SQS) queue for messages that initiate invocation of a Lambda function.
Which statement about Docker containers is true? a. A container is a runnable instance of an image. b. A container registry is a template to launch containers. c. A container image is a writeable template. d. A container layer is a thin read-only layer that is associated with a running container.
a. A container is a runnable instance of an image.
Which statement about AWS Step Functions is true? a. A developer can use Amazon API Gateway to associate their Step Functions APIs with methods in an API Gateway API. b. Step Functions has quotas at the account level regarding the number of registered state machines, but no quotas are related to individual Step Functions runs. c. Step Functions must be created in the visual editor on the Step Functions console but can be edited with the AWS SDKs. d. A developer can use the Describe API action to get a summary of all state machines and the number of times that each has been run.
a. A developer can use Amazon API Gateway to associate their Step Functions APIs with methods in an API Gateway API.
Which use case suggests the use of Amazon CloudFront Functions? a. A function that redirects the viewer to an different URL and adds a custom response header b. A function that uses a third-party library c. A function that requires network access to use external services for processing d. A function that requires access to the body of HTP requests
a. A function that redirects the viewer to an different URL and adds a custom response header
Which option describes how Amazon API Gateway invokes AWS Lambda? a. API Gateway directly invokes a function with a synchronous invocation. b. Lambda processes API Gateway requests asynchronously and retries each request up to two times. c. Lambda uses an event source mapping and polls API Gateway for requests. d. API Gateway directly invokes a function and retries the request until it succeeds or expires.
a. API Gateway directly invokes a function with a synchronous invocation.
Which statement about IAM authentication are true? (Select TWO.) a. AWS credentials to authenticate with any supported services must be provided. b. A user name and password to authenticate to the console must be provided. c. A .pem or .ppk file is used to authenticate programmatically to the AWS application programming interface (API). d. It is a best practice to use the account root user credentials to authenticate programmatically by using the AWS Command Line Interface (AWS CLI). e. Each AWS account can have only one administrator who manages other IAM users.
a. AWS credentials to authenticate with any supported services must be provided. b. A user name and password to authenticate to the console must be provided.
Which statement about the Amazon Elastic Container Service (Amazon EC2) is true? a. Amazon ECS is a highly scalable container orchestration service that supports Docker containers. b. Amazon EC2 requires the use of the Amazon Elastic Container Registry (Amazon ECR) for container images. c. Amazon ECS supports launching containers in Amazon EC2 or AWS Lambda. d. With Amazon ECS, you can deploy applications to containers even if they have not been architected specifically to run on containers.
a. Amazon ECS is a highly scalable container orchestration service that supports Docker containers.
Which statement about Amazon Simple Notification Service (Amazon SNS) is true? a. An SNS topic is a logical access point, which acts as a communication channel. b. A publisher can only send messages to topics that they have created. c. By default, different subscribers to a topic receive different messages. d. Amazon SNS defines a single delivery policy, which is applied to all delivery protocols.
a. An SNS topic is a logical access point, which acts as a communication channel.
Which use case suggests using Amazon API Gateway HTTP APIs? a. An application needs an API proxy in front of an AWS Lambda function. b. An application must transform a response from an AWS Lambda function before returning the response to the client. c. A developer wants to use mock endpoints to test their API. d. A developer wants to assign different API quotas by client.
a. An application needs an API proxy in front of an AWS Lambda function.
A developer uses an Amazon S3 bucket. They want to allow a certain AWS IAM user to perform any S3 operations on the bucket and its objects. They also want to follow AWS recommendations for granting permissions. Which mechanism should the developer apply to the bucket? a. Bucket policy b. Cross-Origin resource Sharing (CORS) c. Bucker access control list (ACL) d. IAM policy
a. Bucket policy
Which statement describes Amazon DynamoDB application programming interface (API) control operations that can be invoked by an application? a. Create and manage DynamoDB tables. b. Create, read, update, and delete data in a table. c. Get and write batches of items in a DynamoDB table. d. Make coordinated, all-or-nothing changes to multiple items both within and across tables.
a. Create and manage DynamoDB tables.
What is the effect of the following policy statement? {"Effect": "Deny","Action":["dynamodb:", "s#:" ],"NotResource": [ "arn:aws:dynamodb:region:account-number:table/pollynotes","arn:aws:s3:::polly-notes-web","arn:aws:s3:::polly-notes-mp3/*" ]} a. Denies actions on DynamoDB or Amazon S3 resources except for the resources that are listed in the NotResource element b. Denies the ability to write to the pollynotes DynamoDB table c. Denies that ability to read from the polly-notes-web S3 bucket d. Denies actions on the DynamoDB table of S3 buckets that are listed in the NotResources element
a. Denies actions on DynamoDB or Amazon S3 resources except for the resources that are listed in the NotResource element
A developer want to migrate a monolithic shopping website to microservice-based application. Which option reflects a reason to choose containers? a. Each container can use the language and technology that are best suited for the service. b. Containerized components are not isolated, so the application will evolve as a singular system. c. Containers are well-suited to designs that avoid the use of temporary resources. d. Containers separate your dependencies and libraries into their own objects.
a. Each container can use the language and technology that are best suited for the service.
An administrator created an AWS Identity and Access Management (IAM) groups called managers within an AWS account. A ____ policy is attached to the managers group. It allows managers to read from and write to an Amazon Simple Storage Service (Amazon S3) bucket in the same AWS account. What is this type of policy? a. Identity-based b. Resource-based c. Cross-account access d. AdministratorAccess managed
a. Identity-based
A developer has been asked to increase the cache hit radio for their Amazon CloudFront distribution. Which. option should they try? a. Include only the minimum necessary values in the cache key. b. Decrease the maximum time to live (TTL) setting in a cache policy. c. Decrease the max-age setting in a file's Cache-Control header. d. Increase the cache hit setting in a cache policy.
a. Include only the minimum necessary values in the cache key.
A tester reports that Amazon Simple Queue Service (Amazon SQS) messages are being processed more than once. The developer finds that processing servers are not completing as quickly as expected, and messages are made available to other consumers before the prior consumer deletes them. Which option might reduce occurrences of this issue? a. Increase the visibility timeout. b. Increase maxReceiveCount. c. Increase MaxNumberOfMessages. d. Increase the number of producers on the queue.
a. Increase the visibility timeout.
Which statement describes a characteristic of AWS Lambda? a. Lambda runs code only when it is activated by an event and uses only the compute resources that are needed. b. A developer's methods and configuration options for ensuring high availability with Lambda are similar to their approach with Amazon Elastic Compute Cloud (Amazon EC2). c. Lambda functions run in on-demand, temporary environments, and the developer controls when new environments are created or shut down. d. A developer must write Lambda functions that use one of the runtimes that the Lambda service provides.
a. Lambda runs code only when it is activated by an event and uses only the compute resources that are needed.
Which statement reflects a benefit of lazy loading as a caching strategy? a. Lazy loading avoids filling up the cache with data that is not requested. b. With lazy loading, data in the cache never becomes stale. c. With lazy loading, every write involves two trips a write to the cache and write to the database which adds latency to the process. d. Lazy loading might result in cache churn. The cache might be updated often if certain records are updated repeatedly.
a. Lazy loading avoids filling up the cache with data that is not requested.
An application that processes order returns must run two independent audit checks. When both checks are successfully completed, the return authorization step is run. Which AWS Step Functions state could a developer use to implement this logic? a. Parallel b. Task c. Choice d. Wait
a. Parallel
Which elements are part of the base URI that AWS generates for an Amazon APIGateway API? a. Region and stage name b. API identifier and version c. Account ID and stage name d. Region and version
a. Region and stage name
Which statement is true for both Succeed states and Fail states? a. Succeed states and Fail states do not include the Next field. b. The End field is not required because Succeed states and Fail states are not terminal states. c. The Type field is optional for Succeed states and Fail states. d. The End field is required because Succeed states and Fail states are terminal states.
a. Succeed states and Fail states do not include the Next field.
Which statement about the function handler in an AWS Lambda function is true? a. The function handler is the entry point that Lambda calls to start running the Lambda function. b. The function handler method might take an event object or context object. c. The event object provides information about the event that invoked the Lambda function. It must be predefined object that an AWS services generates. d. The context object provides runtime information, and the developer must create a context object that matches the runtime that was selected for the function.
a. The function handler is the entry point that Lambda calls to start running the Lambda function.
A developer recently built a proof-of-concept application using containers, and the business owner wants to roll it out to production. Which option reflects a primary reason that the developer might use a container orchestration service? a. To schedule container starts and stops and determine where to place containers. b. To base their containers on third-party images c. To remove the requirement to use a container registry d. To receive automated recommendations about how to improve their application code to run on containers
a. To schedule container starts and stops and determine where to place containers.
The service client application programming interfaces (APIs) provide a lower level of abstraction than the higher-level calls that are made by resource APIs. a. True b. False
a. True
Which Docker CLI command creates a container named my_app_1 from the image named node_app? a. docker run --name my_app_1 node_app b. docker build --tag my_app_1 c. docker exec -it my_app_1 sh d. docker images my_app_1 from node_app
a. docker run --name my_app_1 node_app
Given this snippet: aws apigatewayv2 create-route \ --apt-id 03z50l670a \ --<?> --target arn:aws:lambda:us-east-2:AcctID:function:readFn Which option could replace the <?> to create an API route that returns an individual product value from an online catalog? a. route-key 'GET /products/{product_id}' \ b. route-key 'PUT /products' c. route-selection-expression '$GET/product' d. route-selection-expression 'PUT /products/{proxy+}'\
a. route-key 'GET /products/{product_id}' \
Which statement about API Gateway integrations is true? a. A first-class integration connects an API Gateway HTTP API route to an external third-party service API route to an external third-party service API. b. A developer can use HTTP proxy integrations to direct a route to a resource on the internet. c. API Gateway cannot access resources within a virtual private cloud (VPC). d. An API integration request encapsulates an HTTP request that the backend receives and is always different from the method request that the client submits.
b. A developer can use HTTP proxy integrations to direct a route to a resource on the internet.
Which scenario suggests the need for a task coordination service as AWS Step Functions? a. A website that serves static content is expanding its reach to a global audience. b. A serverless application must run a series of AWS Lambda functions that a dependent on each other. c. A monolithic application that is written in JAVA is updating its technology stack. d. A reporting application must update its calculation logic to provide more analytical data to business users.
b. A serverless application must run a series of AWS Lambda functions that a dependent on each other.
A developer is setting up their development environment. They need an integrated development environment (IDE) that enables them to code with other people in real time. Which AWS service should they use? a. AWS CloudShell b. AWS Cloud9 c. Amazon CloudWatch d. Amazon CloudFront
b. AWS Cloud9
For an order-processing application that uses an Amazon Simple QueueService (Amazon SQS) queue, a developer finds that an older version of the client generates order records that fail the backend process. The failures cause a bottleneck on the queue. How might the developer reduce the impact of the failed records? a. Increase the visibility timeout and set a high value for MaxNumberOfMessages. b. Add a dead-letter queue and set a low maxReceiveCount. c. Use long polling and set a high wait time. d. Change the queue type from standard to First-In-First-Out (FIFO) and set a high throughput rate.
b. Add a dead-letter queue and set a low maxReceiveCount.
Which statement about Amazon CloudFront cached file expiration is true? a. Each file in the cache automatically expires after 24 hours, and you cannot modify this setting. b. After a file expires, the next time the edge location gets a user request for the file, CloudFront forwards the request to the origin server. c. When the origin receives a request, the origin sends the latest version of the file regardless of whether it is the same as the expired version in the cache. d. You can control cache file duration with CloudFront cache policy settings through Cache-Control settings in the origin file headers. However, you cannot combine these options.
b. After a file expires, the next time the edge location gets a user request for the file, CloudFront forwards the request to the origin server.
A developer has determined that an in-memory key-value store would improve performance of their application's queries. They want to keep the solution as simple as possible and need to support read replicas. Which option should they choose? a. Amazon ElastiCache for Memcached b. Amazon ElastiCache for Redis c. Amazon CloudFront Functions d. Lambda@Edge
b. Amazon ElastiCache for Redis
Which issue might be addressed by adding provisioned concurrency to an AWS Lambda function? a. Another Lambda function runs in the same account and Region. It sometimes spikes and consumes all available concurrency, causing the function to fail. b. An application that uses the Lambda function responds slowly for the first few users who sign in each day. Lambda metrics show higher latency for those initial requests. c. A legacy backend system fails intermittently when the developer connects to it. To avoid extra costs, they want to reduce the function's wait time when the backend fails. d. The developer wants more visibility into transactions that use the Lambda function to identify bottlenecks.
b. An application that uses the Lambda function responds slowly for the first few users who sign in each day. Lambda metrics show higher latency for those initial requests.
What is the correct term for the process of verifying a user's identity as a developer? a. Endorsement b. Authentication c. Confirmation d. Authorization
b. Authentication
A developer wants to store image files in a bucket that is called images-bucket, but receives the error BucketAlreadyExists. Which action must the developer take to resolve this error? a. Bucket names are unique to the Region that they are created in. If the requested bucket name is not available, the developer must create the images-bucket in a different Region. b. Bucket names are globally unique. If the requested bucket name is not available, the developer must rename the bucket. c. The developer must contact AWS Support to request approval to use the same bucket name. d. Bucket names go to the highest bidder. The developer must outbid the current backer owner.
b. Bucket names are globally unique. If the requested bucket name is not available, the developer must rename the bucket.
A developer is using the AWS software development kit (SDK) for Python (Boto3) and must specify the Region. Which method enables the developer specify the Region? a. By setting the AWS_PROFILE environment variable b. By setting the Region when they instantiate the service client c. Users cannot specify the AWS Region in the service client d. By associating a default Region with their profile in the credentials file in the .aws folder within their "home" folder
b. By setting the Region when they instantiate the service client
Which option describes how a message queue processes messages? a. The queue polls producers for new messages. b. Consumers poll the queue for messages. c. The queue broadcasts messages to consumers. d. Consumers notify the queue when a message has been successfully processed. The queue configuration determines whether the message be available to other consumers.
b. Consumers poll the queue for messages.
The systems development lifecycle (SDLC) has six phases. The first three phases are plan, define, and design. What are the last three phases of the SDLC? a. Code, build, and maintain b. Develop, deploy, and maintain c. Code, build, and test d. Test, deploy, and maintain
b. Develop, deploy, and maintain
Which statement about a Dockerfile is true? a. A Dockerfile is a YAML file that provides instructions to create a container image. b. Each instruction in a Dockerfile creates a read-only layer in the image. c. If a developer changes the Dockerfile and rebuilds the image, all layers of the image, all layers the image must be rebuilt. d. Developers cannot use the Dockerfile to run scripts that would run after the container is instantiated.
b. Each instruction in a Dockerfile creates a read-only layer in the image.
After versioning is enabled on an Amazon Simple Storage Service (Amazon S3) bucker, it can be disabled. a. True b. False
b. False
Which statement about Amazon DynamoDB partitions is true? a. DynamoDB stores data in partitions and chooses the partition based on the range attribute. b. If a table has a simple primary key (partition key only), DynamoDB stores and retrieves each item based on its hash attribute. c. If a table has a composite primary key, DynamoDB will sort the items based on the sort key before selecting the partition for the item. d. A developer writes a hash function to tell DynamiDB how to partition the items.
b. If a table has a simple primary key (partition key only), DynamoDB stores and retrieves each item based on its hash attribute.
Which options are components of a container? (Select TWO.) a. Hot server b. Runtime engine c. Operating system d. Application code e. Virtual machine
b. Runtime engine d. Application code
Which method can be used to encrypt Amazon Simple Storage Service (Amazon S3) objects in transit? a. Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS) b. Secure Sockets Layer/Transport Layer Security (SSL/TLS) c. Server-Side Encryption with Customer-Provided Keys (SSE-C) d. Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)
b. Secure Sockets Layer/Transport Layer Security (SSL/TLS)
A developer has been asked to address complaints from customers in the London area about the performance of a web-based application that is hosted in New York. Which option might the developer implement? a. Use Amazon CloudFront to replicate the application code on Amazon Elastic Compute Cloud (Amazon EC2) instances in the London Region. b. Set up a CloudFront distribution that can serve static content from edge locations that are closer to UK users. c. Set up a CloudFront regional edge location in the London Region. d. Set up one CloudFront edge location in New York and one in London.
b. Set up a CloudFront distribution that can serve static content from edge locations that are closer to UK users.
Suppose that a developer has a restaurants database table that can be queried by name (the sort key). What should the developer do if they also want to query by type of cuisine and average customer rating? a. Set up a local secondary index on cuisine and customer rating. b. Set up a global secondary index on cuisine and customer rating. c. Change the primary key on the restaurant table to be a complex primary key based on cuisine and customer rating. d. Perform a query that uses the cuisine and average customer rating attributes.
b. Set up a global secondary index on cuisine and customer rating.
What is the role of the Task state type in AWS Step Functions? a. Task states are used to stop a failed workflow. b. Task states perform a unit of work. c. Task states provide branching logic. d. Task states tell the state machine the order to perform the steps in.
b. Task states perform a unit of work.
Which option describes a benefit that led the shipping industry and the software industry to use containers? a. Infrastructure providers can create strong dependencies between their platform and the types of containers that they choose to work with. b. The abstraction of details of what's being "shipped" increases the agility of a system. c. Increased visibility into the details of what's being "shipped" helps each point in the system to provide the right type of support. d. The ability to use nonstandard types of containers gives producers flexibility.
b. The abstraction of details of what's being "shipped" increases the agility of a system.
Which statement about Amazon Kinesis Data Streams is true? a. When a record is added to the stream, the record is available until a consumer deletes it. b. The data records in a data stream are distributed into shards. c. A standard data stream can have one consumer. With the enhanced fanout option, you can add multiple consumers. d. A stream consumer must delete the records that it processes successfully.
b. The data records in a data stream are distributed into shards.
A function's Amazon Resource Name (ARN) is as follows:arn:aws:lambda:aws-region:acct-id:function:helloworld:PRODWhich statement about this function is correct, based on its ARN? a. This ARN will invoke the immutable PROD version of the function. b. This ARN will invoke the version of the function that is currently associated with the PROD alias. c. This ARN will invoke the function and include the AWS Lambda layer that is named PROD d. This ARN will deploy the helloworld function into the PROD account.
b. This ARN will invoke the version of the function that is currently associated with the PROD alias.
An application that uses Amazon API Gateway must capture contact information from a third-party client application. The client application sends given name, surname, business phone, and cell phone. The backend application database has only two fields: name and mobile phone. Which option requires the fewest application changes? a. Export the API definition and use it to update the client. b. Use a mapping template to transform the request before it is sent to the database. c. Create a usage plan that describes the fields and applies only to this client. d. Use a first-class integration to connect the client to the database.
b. Use a mapping template to transform the request before it is sent to the database.
A developer needs to build a custom application to put customer application log records onto an Amazon Kinesis data stream. What. should they use to build the application? a. Use the Kinesis API. b. Use the Kinesis Producer Library (KPL). c. Use the Kinesis Client Library (KCL). d. Use Amazon kinesis Data Analytics.
b. Use the Kinesis Producer Library (KPL).
A developer wants to add an Amazon Simple Queue Service (Amazon SQS) queue to decouple incoming order requests from a backend database. Which Amazon SQS operations might be part of this update? a. Use the SendMessage operation with the QueueURL mapped to the database endpoint to put messages on the queue. b. Use the ReceiveMessage operation with MaxNumberOfMessages set to 5 to retrieve up to 5 messages off the queue at one time. c. Use the DeleteMessage operation to change the visibility of the message as soon as the ReceiptHandle is received. d. Use the ReceiveMessage operation with the WaitTimeSeconds parameter set to 0 to reduce the number of empty requests.
b. Use the ReceiveMessage operation with MaxNumberOfMessages set to 5 to retrieve up to 5 messages off the queue at one time.
Which statement about Amazon ElastiCache is true? a. A node is a variable-size chunk of secure, network-attached RAM. b. Your application connects to an ElastiCache node by node by using a unique address called an endpoint. c. With the Memcached engine, data is partitioned across shards in a cluster. d. Every node within a cluster must run the same cache engine, but the nodes can run on different instance types.
b. Your application connects to an ElastiCache node by node by using a unique address called an endpoint.
A developer wants to allow a user to download private objects directly from an S3 bucket without needing AWS security credentials or permissions. What can the developer share with the user to grant them time-limited access to the objects? a. The bucker endpoint URL b. Their AWS account root user credentials c. A presigned URL d. A temporary token
c. A presigned URL
Which option suggests the use of WebSocket APIs? a. An order processing application returns an order number to each customer when they submit an order. b. A batch process bundles orders and sends them to a fulfillment center application. c. A real-time chat application lets customers talk to customer support about their orders. d. A reporting application gives the sales team access to static daily reports from their phones.
c. A real-time chat application lets customers talk to customer support about their orders.
How is a taskToken used in an AWS Step Functions use case that includes a manual approval step? a. A taskToken is generated when the workflow hits a Wait state. The taskToken tracks how long the workflow has been waiting for a task to finish. b. A taskToken is used to transition between each state in the workflow and is defined in the Next field. c. A taskToken is returned as part of a call to the GetActivityTask action and is used when calling the SendTaskSuccess action to associate a result with a task. d. A taskToken is an output of the Success state in a synchronous Step Functions Express workflow. A taskToken is used to confirm success of all tasks.
c. A taskToken is returned as part of a call to the GetActivityTask action and is used when calling the SendTaskSuccess action to associate a result with a task.
A systems administrator must grant a new developer permissions that are associated with the developer role. This role is associated with the developer group. Which AWS service should the administrator use to assign the new developer to the developer group? a. Amazon Elastic Compute Cloud (Amazon EC2) b. AWS Resource Access Manager (AWS RAM) c. AWS Identity and Access Management (IAM) d. Amazon Simple Storage Service (Amazon S3)
c. AWS Identity and Access Management (IAM)
Which phrase best describes a RESTful API? a. An API uses HTTP to communicate between client and sever b. A proxy that exists between client and server to handle common problems that occur with API-driven applications c. An API that follows the principles of the Representational State Transfer style d. An API that resides on the web server
c. An API that follows the principles of the Representational State Transfer style
Which scenarios are example use cases for Amazon Dynamo Streams? (Select TWO.) a. An application that requires the fastest possible response time for reads to support real-time bidding b. An application that requires repeated reads against a large set of regional wether data to perform a long-running analysis c. An application that automatically sends notifications to the mobile devices of all friends in a group when one friend upload a new picture d. An application that must monitor changes to a DynamoDB table and take action on specific changes when a value reaches a certain threshold e. An application that requires an in-memory data store
c. An application that automatically sends notifications to the mobile devices of all friends in a group when one friend upload a new picture d. An application that must monitor changes to a DynamoDB table and take action on specific changes when a value reaches a certain threshold
Which statement are true about evaluation logic for AWS and Access Management (IAM) policies? (Select TWO.) a. You cannot have deny and allow statements in the same policy. b. An explicit allow overrides an explicit deny. c. An explicit deny overrides an explicit allow. d. By default, all requests are denied. e. By default, all requests allowed.
c. An explicit deny overrides an explicit allow. d. By default, all requests are denied
What is the name for a logical collection of AWS Elastic Beanstalk components, which is conceptually similar to a folder? a. Environment b. Platform c. Application d. Environment tier
c. Application
Which component is part of an Amazon DynamoDB table? a. Predefined schema b. SQL-based queries c. Attributes d. Columns
c. Attributes
A ______ organizes the Amazon Simple Storage Service (Amazon S3) namespace at the highest level. a. Group b. Container c. Bucket d. Region
c. Bucket
Which constraint cannot be modified? a. Function timeout b. Reserved concurrency c. Burst quota d. Regional quota
c. Burst quota
A application that processes order returns must complete different steps depending on whether the return is within 30 days of purchase. Which AWS Step Functions state could a developer use to implement this logic? a. Parallel b. Task c. Choice d. Wait
c. Choice
An architect suggests that the developers implement caching on an existing application to address performance issues. Which option describes factors that the developers should consider when they decide where to add caching? a. Avoid caching for data queries that are slow and expensive to run. b. Review the data and its access patterns. Data that changes rapidly but is infrequently accessed should be cached. c. Consider the tolerance for stale data in each context where the data is used. d. Add as much caching in as many places as you can as early in development as possible.
c. Consider the tolerance for stale data in each context where the data is used.
Which suggestion is an Amazon Web Services (AWS) recommendation for securing AWS credentials for applications that run on Amazon Elastic Compute Cloud Amazon EC2) instances? a. Embed AWS credentials in the software development kit (SDK) client code. b. Store credentials in local AWS configuration files. c. Create an AWS Identity and Access Management (IAM) role and attach it to the EC2 instance. d. Create an AWS Identity and Access Management (IAM) user and attach it to the EC2 instance.
c. Create an AWS Identity and Access Management (IAM) role and attach it to the EC2 instance.
Which statement reflects best practices when granting permissions to users, groups, roles, and resources? a. Create policies that allow broad access and then limit permissions as needed, based on usage. b. Use the account root user for routine tasks that the administrator performs. c. Create policies that follow the principle of least privilege. d. Do not set policies for individual resources.
c. Create policies that follow the principle of least privilege.
A developer hosts a static website in an Amazon S3 bucket. The website references image objects in another s3 bucket. However, these images do not display on the website. What could be the problem? a. The security group of the S3 bucket does not include an inbound rule to allow HTTP traffic on port 80. b. Amazon S3 does not support object sharing between buckets. c. Cross-Origin Resource Sharing (CORS) has not been enabled on the bucket where the assets are stored. d. Cross-Region Replication (CRR) has not been enabled on the bucker where the assets are stored.
c. Cross-Origin Resource Sharing (CORS) has not been enabled on the bucket where the assets are stored.
A student is learning about Amazon Simple Storage Service (Amazon S3). During an interview, a potential employer asks the student to explain how Amazon S3 can be used as a storage solution. Which option is a use case for Amazon S3? a. Block-level storage b. Shared file systems c. Data lake d. Hosting active databases
c. Data lake
Which AWS Lambda configuration setting might be a developer use to manage function errors when configuring an Amazon Simple Notification Service (Amazon SNS) topic as the event source for a Lambda function? (SELECT TWO) a. State machines b. File Systems c. Destinations d. Virtual private cloud e. Asynchronous invocations
c. Destinations e. Asynchronous invocations
Which statement about Amazon API Gateway stages is true? a. Stage names are sequentially assigned based on the API version. b. Any stage on any API type can be set to autodeploy. c. Developers can use stage variables to connect different stages to different backends. d. Developers should avoid creating different stages for each development environment.
c. Developers can use stage variables to connect different stages to different backends
A application that processes order returns must run the same AWS Lambda function for each item in an order. Which AWS Step Functions state could a developer use to implement this logic? a. Parallel b. Pass c. Map d. Task
c. Map
Which task is performed during the develop stage of the systems development lifecycle (SDLC)? a. Deficiencies are identified. b. The system is put into us. c. New components are obtained and installed. d. New system requirements are defined.
c. New components are obtained and installed.
What does the Amazon API Gateway integration Latency metric tell the user? a. Frequency of server-side errors that affect latency b. Speed of the API response back to the client c. Responsiveness of the backend d. How often requests are throttled
c. Responsiveness of the backend
An Amazon Simple Notification Service (Amazon SNS) topic receives messages about orders. An AWS Lambda function that processes canceled orders is subscribed to the topic. How might the developer reduce costs by only invoking the Lambda function for canceled orders? a. Put an Amazon Simple Queue Service (Amazon SQS) queue in front of the Lambda function. b. Separate the new order and cancel order messages to be sent by two different publishers. c. Set up a filter policy so that the Lambda function Subscription only receives cancel order messages. d. Use the ConfirmSubscription operation to limit which messages the Lambda function receives.
c. Set up a filter policy so that the Lambda function Subscription only receives cancel order messages.
How far back in a days can an Amazon DynamoDB table be restored by using point-in-time recovery? a. The last week b. The last 10 days c. The last 35 days d. The last calendar month
c. The last 35 days
A developer wants to do canary testing on a new deployment. Which AWS Elastic Beanstalk deployment policy option should the developer use? a. Immutable b. Rolling with batch c. Traffic Splitting d. Blue/Green
c. Traffic Splitting
A zipped deployment package including code and custom libraries is 75MB in size. Which AWS Lambda deployment option should be used? a. Copy the code into the Lambda console editor to create and deploy the function. b. Upload a .zip file from an integrated development environment (IDE) to load the deployment package directly into the Lambda console. c. Upload the deployment package to an Amazon Simple Storage Service (Amazon S3) bucket, and specify the bucket name and object key on the Lambda console. d. Upload the deployment package to an Amazon Elastic Block Store (Amazon EBS) volume, and us the File Systems configuration to reference it.
c. Upload the deployment package to an Amazon Simple Storage Service (Amazon S3) bucket, and specify the bucket name and object key on the Lambda console.
A developer has been asked whether caching might improve the performance of their online bidding application. How should they answer this question? a. Caching probably will not yield much performance improvement for this type of application. b. Caching might improve performance by reducing the number of hits to the backend database. However, caching cannot improve performance issues that occur between the client and the web server. c. Using different types of caching at each application later might improve both the frontend and backend performance. d. Caching might greatly improve performance if the application is compute heavy, but if the application is read heavy, a cache will not provide much benefit.
c. Using different types of caching at each application later might improve both the frontend and backend performance.
Which statement about global tables is true? a. Global tables provide a managed solution for replicating tables within a single AWS Region. b. Global tables use Amazon Simple Storage Service (Amazon S3) to propagate changes between replicas. c. When a global table is created, Amazon DymanoDB performs all necessary tasks to create identical tables and propagate ongoing data changes to specified Regions. d. With a global table, Amazon DynamoDN supports partial replication of some of the items in a table.
c. When a global table is created, Amazon DymanoDB performs all necessary tasks to create identical tables and propagate ongoing data changes to specified Regions.
Amazon ElastiCache is being added to an application to improve response times and alleviate database pressure. The backend database for the application is an Amazon Relational Database Service (Amazon RDS) database. Which task would be the responsibility of the application developer? a. Applying software patches to the cache instances b. Writing code to check the health of the cluster before writing to the cache c. Writing code that looks for the requested data in the cache and, if the data is not found, requests it from the origin d. Write code to integrate the cache with the Amazon RDS instances that it will be reading from
c. Writing code that looks for the requested data in the cache and, if the data is not found, requests it from the origin
A developer makes an API call to access an Amazon S3 bucket that doesn't exist. Which HTTP response code does the developer receive from AWS service? a. 500 series b. 200 series c. 300 series d. 400 series
d. 400 series
What is the largest size of an object that a user can upload to Amazon Simple Storage Service (Amazon S3) in a single PUT operation? a. 5 TB b. 100 MB c. 1 GB d. 5 GB
d. 5 GB
Which statement best describes Amazon DynamoDB? a. An in-memory data store that can boost the performance of databases b. A graph database engine that is optimized for storing billions of relationships c. A relational database that is built for the cloud and is compatible with MySQL and PostgreSQL d. A key-value and document database that scales horizontally and works well for internet-scale applications
d. A key-value and document database that scales horizontally and works well for internet-scale applications
Which option describes how publish/subscribe (pub/sub) messaging works? a. Producers send messages to subscribers. b. Subscribers poll topics for new messages. c. When a topic receives a new message, the topic sends the message to first subscriber who responds to a notification. d. A new topic message is pushed out to all topic subscribers.
d. A new topic message is pushed out to all topic subscribers.
Which statement describes a benefit of using AWS Step Functions for an application? a. Step Functions integrates with state machines so that developers can transition between their Step Functions workflow and their state machine workflow. b. Step Functions can be configured with Amazon EC2 Auto Scaling to scale and down. c. Step Functions can be defined by using either Python or Node.js. d. Developers can use Step Functions to build visual workflows.
d. Developers can use Step Functions to build visual workflows.
Which AWS Identity and Access Management (IAM) resource explicitly grants or denies permissions to a user or group of users? a. IAM roles b. IAM users c. IAM groups d. IAM policies
d. IAM policies
An Amazon DynamoDB table called SensorReadings captures sensor readings. These readings include a sensor ID attribute that acts as the partition key, and a timestamp attribute that is the sort key. Which statement is true? a. The sensor ID together with the timestamp represent a simple primary key. b. It is impossible for two items in the SensorReadings table to have the same partition key. c. It is impossible for two items in the SensorReadings table to have the same sort key. d. It is impossible for two items in the SensorReadings table to have the same primary key.
d. It is impossible for two items in the SensorReadings table to have the same primary key.
What is the format of AWS Identity and Access Management (IAM) policies that define the allowable API calls an entity can invoke? a. YAML Ain't Markup Language (YAML) b. Security Assertion Markup Language (SAML) c. Comma-seperated values (CSV) d. JavaScript Object Notation (JSON)
d. JavaScript Object Notation (JSON)
Which use case is a good fit for AWS Step Functions Express workflows? a. All workflows in the application must be auditable up to 90 days after a completed run. b. The workflow requires a step that will run an application that is hosted on an Amazon Elastic Compute Cloud (Amazon EC2) instance. c. The workflow takes between 30 minutes and 1 hour to run. d. The workflow must support a very high rate of events that come from Internet of Things (IoT) devices.
d. The workflow must support a very high rate of events that come from Internet of Things (IoT) devices.
A security team wants to know how to protect APIs in their internet application from common web exploits, like SQL injection or cross-scripting. Which solution most directly addresses their specific concern? a. Set throttling limits on their API methods in Amazon API Gateway. b. Set all of their APIs to use private endpoints. c. Configure a JSON Web Token (JWT)-based authorizer for Amazon API Gateway. d. Use AWS WAF with Amazon API Gateway.
d. Use AWS WAF with Amazon API Gateway.
A video game developer who uses Amazon DynamoDB wants to ensure that players' profiles are updated correctly when they make in-game purchases. This process requires multiple updates as part of a single user action. What is the best choice to write this developer's application to manage these complex, all-or-nothing changes? a. Add an Amazon DynamoDB Accelerator (DAX) cluster. b. Implement global tables. c. Create application code to check that all parts of the transaction were written successfully, and then roll back the update if any part failed. d. Use DynamoDB transactions.
d. Use DynamoDB transactions.
Users of a serverless application have reported errors that occur when they try to retrieve order information. Assuming that AWS X-Ray is enabled, what is the first step the developer might take in X-Ray to start troubleshooting the reported issues quickly? a. Drill down into the most recent traces to look for errors. b. Search for metadata that is related to the users who are reporting issues. c. Add annotations that the developer can use to start grouping and filtering traces. d. Use the service map to visually locate errors across the application.
d. Use the service map to visually locate errors across the application.
Which statement about Amazon Simple Queue Service (Amazon SQS) polling options is true? a. By default, when you make a ReceiveMessage API call, Amazon SQS performs long polling. b. When long polling is configured, WaitTimeSeconds is set to 0. c. When short polling is configured, Amazon SQS queries all of its servers. d. When short polling is configured, Amazon SQS samples a subset of its servers.
d. When short polling is configured, Amazon SQS samples a subset of its servers.
A developer is using Amazon Simple Storage Service (Amazon S3) to host a static website in a bucker that is called frank-martha-cafe. This bucket is in the us-east-1 Region. Which URL is the virtual-hosted-style URL for the website? a. https://frank-martha-cafe.s3-us-east-1.amazonaws.com b. https://www.frank-martha-cafe.s3-website-us-east-1.amazonaws.com c. https://www.frank-martha-cafe.s3-website-us-east-1.amazonaws.com d. https://frank-martha-cafe.s3-website-us-east-1.amazonaws.com
d. https://frank-martha-cafe.s3-website-us-east-1.amazonaws.com
