PRC391
AWS Lambda bills for running functions in what increments? A. 100 ms B. 10 ms C. 10 sec D. 1 sec
A
Which of the following is a good use case for using the Provisioned Concurrency feature of Lambda? A. The application is made up of latency-sensitive microservices. B. The application needs to run once per hour. C. The application is a batch processing tool. D. The application needs access to a relational database.
A
Which of the following service integration pattern is supported by an AWS Step Function Express workflow? A. Request Response B. Activity task C. Run a job D. Wait for Callback
A
Which of the following statement is FALSE concerning secondary indexes in DynamoDB? A. Local and Global Secondary Indexes are synchronously updated when the main table is updated. B. A Global Secondary Index can have a different Partition Key than the main table. C. A Local Secondary Index can only be created at the time of creation of a table. D. A table can have more Global Secondary Index than Local Secondary Index.
A
Which of the following statement is TRUE concerning Amazon DynamoDB Accelerator (DAX)? A. DAX should be used for an application reading from the same partition key very often. B. DAX should be used to speed up an application doing a lot of writes to DynamoDB. C. DAX should be used for single digit millisecond latency reads. D. DAX requires an entire rewrite of the application so that reads go to DAX and writes go to DynamoDB.
A
Which of the following use case would benefit from using an edge-optimized endpoint type for a REST API in API Gateway? A. The clients are mobile phones that are geographically distributed. B. The clients are EC2 instances running in the same region as the API. C. The communication between the client and the API needs to stay within a VPC. D. The clients are browsers on laptops all from the same office.
A
Which of the following ELB load balancer types should be used for an application requiring to choose target groups with a rule based on the domain of a website? A. Application Load Balancer B. Network Load Balancer C. Classic Load Balancer D. Target Load Balancer
A (Application Load Balancer is a layer 7 load balancer that routes HTTP and HTTPs traffic, with support for rules. Due to this, Application Load Balancer is the correct choice for this application.)
True or False: Unhandled resource leaks can lead to memory exhaustion and cause systems to run slowly or crash. A. True B. False
A (Resources can use memory when they are not acquired and released correctly. This situation can lead to memory issues within a system, which can then lead to slowdowns—or, in a worst-case scenario—a system crash.)
Which of the following best describes the relationship between Regions, Availability Zones and data centers? A. Regions are clusters of Availability Zones. Availability Zones are clusters of data centers. B. Availability Zones are clusters of Regions. Regions are clusters of data centers. C. Data centers are clusters of Regions. Regions are clusters of Availability Zones. D. Data centers are cluster of Availability Zones. Regions are clusters of Availability Zones.
A (The AWS Global Infrastructure is nested for high availability and redundancy. AWS Regions are clusters of Availability Zones that are connected through highly availably and redundant high-speed links and Availability Zones are clusters of data centers that are also connected through highly available and redundant high-speed links)
When using Amazon Relational Database Service you are responsible for what task of running and operating the database? A. Optimizing the database B. Provisioning and managing the underlying infrastructure C. Installing patches to the OS for the DB instance D. Installing the RDBMS onto the DB instance
A (When using Amazon RDS, you are no longer responsible for the underlying environment the database runs on, instead you can focus on optimizing the database. This is because Amazon RDS has components that are managed by AWS.)
Consider this scenario: You have created a REST API using Amazon API Gateway, and the data that is returned from your API is relatively static. You want to reduce the latency of your API, what feature can you use to enhance performance? Choose 2 answers. A. Edge Optimized Endpoints B. API Gateway Response Caching C. API Gateway Stage Caching D. Private VPC Endpoints
A, B
What are the two types of read/write capacity modes for processing reads and writes on your tables? Select 2. A. Provisioned B. Reserved C. Dynamic D. On-demand E. Auto-Scale
A, D
Which of the following are part of the mandatory parameters when creating a DynamoDB table via the SDK with the on-demand read/write capacity mode? Select two. A. Partition Key name B. Sort Key name C. Read Capacity Unit and Write Capacity Unit D. Table name E. Attribute Definitions
A, D
A Model is written in VTL and used for Request Validation. A. True B. False
B
What is the difference between AWS Fargate and Amazon ECS on EC2? A. With AWS Fargate, AWS manages and provisions the underlying infrastructure for hosting your containers. B. With AWS Fargate, you have to manage cluster capacity and scaling. C. With Amazon ECS on EC2, you only have to upload your source code and ECS takes care of the rest. D. With Amazon ECS on EC2, AWS manages and provisions the underlying EC2 instance for your containers.
B
True or false: Amazon EBS volumes are considered ephemeral storage. A. True B. False
B (Amazon EC2 Instance Store is considered ephemeral storage. EBS is considered persistent storage)
True or false: Amazon EC2 is best suited for applications where you need more convenience and less control. A. True B. False
B (Amazon EC2 provides you with a great deal of control over the environment your application runs in, serverless services like AWS Lambda exist to provide convenience whereas services like Amazon EC2 provide control.)
True or False: Amazon CodeGuru Reviewer keeps a copy of the code it reviews to train the machine learning model that power its recommendations. A. True B. False
B (CodeGuru Reviewer does not keep a copy of customer code, or use customer code to train machine learning models.)
Which of the following is a type of NoSQL Database? Select two. A. Graphical store B. Key-value store C. Document database D. Short-column database E. Relational database
B, C
A state machine in AWS Step Function makes use of the AWS Batch service to run a batch job on many EC2 instances. The state machine doesn't need to see the output of the batch job, but only that it started. Which of the following service integration pattern should be used? A. Activity task B. Wait for Callback C. Request Response D. Run a Job
C
AWS Cloud9 operates as what kind of cloud-based environment? A. Independent Deployment Environment B. Irreplaceable Development Environment C. Integrated Development Environment D. Infrastructure Deployment Environment
C
At which point of the flow in a method execution in Amazon API Gateway can you add a Cognito User Pool, Lambda or IAM authorizer? A. Integration Request B. Method Response C. Method Request D. Integration Response
C
How can DynamoDB be accessed from within a VPC without going through an Internet Gateway? A. Use a NAT Gateway instead. B. Use a Virtual Private Gateway. C. Use a VPC Gateway Endpoint. D. Use the Private IP of DynamoDB.
C
How can the data at rest that was encrypted by DynamoDB be decrypted? A. Use the Amazon DynamoDB Encryption Client to decrypt the data on the client side. B. In the query to DynamoDB, send the key to use to decrypt it and let DynamoDB handle the decryption. C. Send a query to DynamoDB as normal and let it transparently decrypt the data. D. Send a query to DynamoDB and use the AWS Key Management Service to decrypt the data on the client side.
C
How can the data of a DynamoDB Table be encrypted at rest with the least amount of work? A. Use AWS Key Management Service to encrypt the data before storing it in DynamoDB. B. Use a library to encrypt the data before storing it in DynamoDB. C. Do nothing, it's encrypted by default. D. Use the Amazon DynamoDB Encryption Client to encrypt the data before storing it in DynamoDB.
C
What command can you use to have more information about the S3 list bucket CLI command? A. help aws ls B. help aws s3 ls C. aws s3 ls help D. aws ls help
C
What state type can be used to execute a set of steps for each element of an input array in parallel? A. Choice B. Parallel C. Map D. Array
C
Where can a backup from a DynamoDB Table be restored? A. In the same table in the same AWS Region. B. In the same table in a different AWS Region. C. A new table in the same AWS Region. D. A new table in a different AWS Region.
C
Which of the following API calls will be captured in CloudTrail? A. Scan B. GetItem C. UpdateTable D. PutItem
C
Which of the following AWS service will help determine latency issues per query in DynamoDB? A. Amazon CloudWatch Logs B. AWS CloudTrail C. AWS X-Ray D. AWS Config
C
What is a benefit of using Amazon CodeGuru Reviewer? A. Improve operations for continuous integration and continuous delivery (CI/CD) B. Provide visibility into the performance of applications C. Increase the consistency of code reviews D. Automatically resolve defects in the code
C (CodeGuru Reviewer performs code reviews automatically by using machine learning models that are pre-trained. Because CodeGuru Reviewer uses pre-trained models, code reviews are done consistently across reviews. The service performs the code review in the same way each time. In contrast, manual code reviews can vary, depending on who reviews the code.)
What types of APIs can Amazon API Gateway NOT be used to create? A. REST B. HTTP C. WebSocket D. BPM
D
When querying a DynamoDB Local Secondary Index that doesn't have a required attribute specified in the query, what is the most optimal way to get the data if that attribute is rarely needed? A. Modify the Projected attributes field to All. B. Modify the Projected attributes field to Include and specify that specific attribute. C. After retrieving the data from the index, query the main table for the missing attribute. D. DynamoDB will return the attribute from the main table if it can't find it in the index.
D
Which of the following is true about serverless? A. You must provision and manage servers. B. You must manage availability and fault tolerance. C. You must manually scale serverless resources. D. You never pay for idle resources.
D (With serverless on AWS you do not have to pay for idling resources, instead you only pay for what you use and each serverless service will charge differently based on usage.)
Which of the following is a best practice when securing the AWS root user? A. Enable MFA for the root user B. Using the root user for routine administrative tasks C. Disabling or deleting the access keys associated with the root user D. A and B E. A and C
E
Elastic Load Balancing includes which of these features? A. Automatic scaling B. AI for categorizing employee photos C. Integration with Auto Scaling D. A and B E. A and C
E (ELB automatically scales depending on the traffic. It handles the incoming traffic and sends it to your backend application. ELB also integrates seamlessly with EC2 Auto Scaling. As soon as a new EC2 instance is added to or removed from the EC2 Auto Scaling group, ELB is notified and can begin to direct traffic to the new instance.)
How can the permissions of a user be restricted only query specific attributes with the least amount of work? A. Configure an Identity and Access Management Policy and apply it to the User. B. Use the Amazon DynamoDB Encryption Client to encrypt the data and don't allow that user to access the key to decrypt it. C. Create a Global Secondary Index (GSI) with only those specific attributes projected and only allow the GSI to be queried by the user. D. It's not possible.
A
In AWS X-Ray, what represents the compute resources running the application logic? A. Segments B. Parts C. Instances D. Rays
A
Lambda@Edge is a feature of Amazon CloudFront that lets code run closer to the users of distributed applications, helping to improve performance and reduce latency. A. True B. False
A
There are many more AWS Edge locations than AWS Regions. A. True B. False
A
True or false: A Multi-AZ deployment is beneficial when you want to increase the availability of your database. A. True B. False
A
True or false: Bucket names have to be unique across all AWS accounts. A. True B. False
A
True or false: Every action you take in AWS is an API call. A. True B. False
A
True or false: In the cloud, instead of physically managing hardware, you use services. A. True B. False
A
Users in your company are authenticated in your corporate network and want to be able to use AWS without having to sign in again. Which AWS authentication option should you use? A. IAM Role B. IAM Group C. AWS Root User D. IAM User
A
Using Optimistic Locking, the user is responsible for managing the version of an item using an attribute. A. True B. False
A
Using a username and password, as well as a one-time passcode, to log in to an account is an example of multi-factor authentication. A. True B. False
A
What are the three common ways you can interact with the APIs of AWS? A. AWS Management Console, CLI and SDK B. Access Key and Secret Key, HTTP and Cloud9 C. HTTPS, IAM Role, Telnet D. DNS, HTTP, Username and Password
A
What is considered a best practice for providing AWS credentials to your code using the AWS SDK running? A. Using IAM Roles B. Using environment variables C. Hard-coding credentials D. Storing the credentials in a file
A
What is the proper flow for sending logs to Amazon CloudWatch Logs? A. Create a Log Group, then create a Log Stream and send Log Events from the application to the Log Stream. B. Create a Log Group, then create a Log Stream and send Log Events from the application to the Log Group. C. Create a Log Stream, add the Log Stream to the Log Group and send Log Events from the application to the Log Stream. D. Create a Log Stream, add the Log Stream to the Log Group and send Log Events from the application to the Log Group.
A
What is the type of runtime that would need to be used to use PHP for the code running in Lambda? A. Custom runtime B. PHP 7.x runtime C. You can't run PHP in Lambda D. Lambda layers
A
What is used to manage and configure API deployments in Amazon API Gateway? A. Stage B. Cliff C. Ledge D. Platform
A
What type of datasets stored in DynamoDB should be spread across more than one table? A. Datasets with Time-Series Data. B. Datasets with similar access patterns. C. Datasets with Many-to-One Relationships. D. Datasets with Many-to-Many Relationships.
A
When the application code in a Lambda function needs to communicate with a relational database, which feature of the AWS Lambda service would minimize the amount of connections to that relational database? A. Execution context reuse B. Provisioned Concurrency C. Automatic scaling D. Synchronous invocation
A
Where should large attribute values should be stored in relation to DynamoDB? A. Amazon Simple Storage Service B. Amazon Elasticsearch Service C. In DynamoDB as there is no limit to the storage D. Amazon DynamoDB Streams
A
Which of the following authorizer mechanism will require you to develop it using code in a REST API in API Gateway? A. Lambda authorizer B. Cognito Identity Pool C. Identity and Access Management D. Cognito User Pool
A
Which setting of a Step Function activity task type definition is used to make sure that the worker is still working on activity task it was asked to do? A. HeartbeatSeconds B. RetrySeconds C. CallbackSeconds D. TimeoutSeconds
A
Which type of database should be used to query normalized highly structured data? A. Relational database B. Key-value store C. Document store D. Graph store
A
You can create key-value pairs as configuration attributes associated with a deployment stage of a REST API. They act like environment variables and can be used in your API setup and mapping templates. You can access these variables through the use of: A. $stageVariables B. $context C. $util D. $environmentVariables
A
Which of the following services is recommended if you need a storage layer for a high-transaction relational database on an EC2 instance? A. Amazon EBS B. Amazon S3 C. Amazon EFS D. Amazon EC2 Instance Store
A (Amazon EBS would be ideal for a high-transaction database storage layer. Amazon S3 is not ideal, as it's considered WORM (write once, read many) storage. EC2 Instance Store is ephemeral, and persistence is needed for databases. EFS is for ideal when you have multiple servers that need access to the same set of files)
Which of the following is a typical use case for Amazon S3? A. Object storage for media hosting B. File storage for multiple EC2 instances C. Block storage for an EC2 instance D. Object storage for a boot drive
A (Amazon S3 is an object storage service designed for large objects like media files. Because you can store unlimited objects, and each individual object can be up to 5 TBs, S3 is an ideal location to host video, photo, or music uploads)
What are the three components of EC2 Auto Scaling? A. Launch template, scaling policies, EC2 Auto Scaling group B. AMI ID, instance type, storage C. Security group, instance type, Key pair D. Scaling policies, security group, EC2 Auto Scaling group
A (EC2 Auto Scaling requires you to specify three main components: a launch template or a launch configuration as a configuration template for the EC2 instances, an EC2 Auto Scaling group that allows you to specify your minimum, maximum, and desired capacity of your instances, and scaling policies that allow you to configure a group to scale based on the occurrence of specified conditions or on a schedule.)
True or false: When you use Elastic Load Balancing with your Auto Scaling group, it's not necessary to register individual EC2 instances with the load balancer. A. True B. False
A (Instances that are launched by your Auto Scaling group are automatically registered with the load balancer. Likewise, instances that are terminated by your Auto Scaling group are automatically deregistered from the load balancer.)
True or false: EC2 instances reside at the Availability Zone level, so it's best practice to architect for high availability. A. True B. False
A (When you launch an Amazon EC2 instance, you must choose the subnet to place the instance into. Subnets reside in one singular AZ and cannot span AZs, therefore EC2 instances also reside in one Availability Zone. You should architecture for high availability in case one AZ is unreachable for any reason or is experiencing outages. To do so, you should deploy AWS resources, like Amazon EC2, should be deployed redundantly across at least two AZs.)
What are some of the recommendation categories that Amazon CodeGuru Reviewer can make recommendations on? (Select THREE.) A. AWS best practices B. Common coding best practices C. Compilation errors D. Resource leaks
ABD
AWS Lambda has two main different types of triggers. Triggers that push events to Lambda, like other AWS services or applications you develop, and triggers that are a resource that Lambda reads items from, like a stream or queue, and invokes a function based on a configuration that you create. What is the second type of trigger called? A. Pull Resource Configuration B. Event Source Mapping C. Push Trigger D. Lambda Source Mapping
B
Consider a scenario where you have created a REST API, and the client using this API is submitting a POST request to an endpoint being hosted by Amazon API Gateway. The client wants to send the payload of the request in a format that is different than the format of the payload the backend code needs. What Amazon API Gateway REST API feature can you use to transform the payload of the request from the clients format to the format the backend code needs? A. Method Response B. A Mapping C. Integration Request D. A Model
B
Consider this scenario: You are designing an API using Amazon API Gateway that will simply proxy backend resources. There is no need to validate or transform incoming HTTP requests at the Amazon API Gateway level. Which type of API should you use? A. REST API B. HTTP API C. WebSocket API D. Private REST API
B
How does DynamoDB know when to expire the items from a table using the Time To Live feature? A. When using the PutItem API call, a TTL parameter is specified in seconds at which to expire this particular item. B. An attribute in the item contains the time at which to expire the item. C. When enabling the TTL feature, an amount of time in seconds is specified as the amount of time each item can stay in the table. D. DynamoDB looks for an attribute named ExpirationTime as part of the item to know when to expire the item.
B
How many Scan queries need to be sent to DynamoDB to get all the items from the table if the table contains 10 items each with 200KB of data? A. 1 B. 2 C. 5 D. 10
B
In order to optimize your Amazon API Gateway API, you should turn on caching for all resources and HTTP methods, including GET, POST, and DELETE. A. True B. False
B
In order to turn on distributed tracing with AWS Lambda and capture a segment for the lambda function execution, you must include the AWS SDK for X-Ray in your deployment package. A. True B. False
B
In which of the following locations is Amazon CloudFront hosted? A. Region B. Edge location C. Availability zone D. Local zone
B
In which of the following use case a Lambda layer should NOT be used? A. I would like to share code across many different Lambda functions in different AWS accounts. B. I would like to separate all my small libraries individually to share across Lambda functions. C. I would like to keep my Lambda deployment package small. D. I would like to share my custom runtime with others.
B
The metric of ConsumedReadCapacityUnits is currently much lower than the Read Capacity Unit provisioned on a DynamoDB table. However, users are saying that they are receiving an error message of ProvisionedThroughputExceededException. What could be the issue? A. The amount of Write Capacity Unit consumed is higher than normal and uses Read Capacity Units instead. B. The queries aren't uniformly distributed across all logical partition keys in the table. C. The BatchGetItem operation exceeds the maximum request of 100 items. D. The throughput exceeds the current throughput limit of the account.
B
True or false: IAM policies can restrict the actions of the AWS root user. A. True B. False
B
True or false: On-demand backups should only be taken when there is a lower amount of reads sent to the DynamoDB table as taking a backup can affect the latency of those reads. A. True B. False
B
What actions within AWS are done as an API call? A. A few actions B. Almost all of the actions C. Some actions D. About half of the actions
B
What are the four main factors you should take into consideration when choosing a Region? A. Latency, taxes, speed, and compliance B. Latency, price, service availability, and compliance C. Latency, security, high availability, and resiliency D. Latency, high availability, taxes, and compliance
B
What are the steps to make a Lambda layer available to use? A. Create a Lambda function with an IAM Role for permissions and publish it as a Lambda layer. B. Create the Lambda layer and add permissions using a resource policy. C. Create a Lambda function, publish it as a Lambda layer and add permissions using a resource policy. D. Create the Lambda layer and attach an IAM Role to the Lambda layer for permissions.
B
What does an Amazon EC2 instance type indicate? A. Instance placement and instance size B. Instance family and instance size C. Instance AMI and networking speed D. Instance tenancy and instance billing
B
What does the AWS Serverless Application Model template specification provide to help deploy your serverless application on AWS? A. A drag-and-drop console for developing serverless applications B. Shorthand syntax to express functions, APIs, databases, and more in a declarative way C. An Amazon EC2 instance to deploy your application code D. A prebuilt application template for all application types
B
What is NOT a best practice for AWS Lambda Functions? A. Cache static assets in the locally available storage for your function in the /tmp directory B. Run background processes to shorten execution time C. Minimize the complexity of function dependencies D. Avoid recursive code
B
What protocol can be used to send events to Amazon CloudWatch Logs? A. RELP B. HTTPS C. syslog D. UDP
B
When defining a Step Function state machine, what language can be used? A. NodeJS B. JSON C. Java D. Python
B
When using the AWS X-Ray SDK in code that will be run on top of AWS Lambda, you must also create and manage the X-Ray Daemon on your own by including it as a dependency in your deployment package. A. True B. False
B
Which access control mechanism can be used to throttle the amount of request being sent from a client to a REST API in API Gateway? A. Key Management Service B. API Key C. Access Key D. Secret Key
B
Which of the following can be added or changed after the creation of a DynamoDB table? A. Sort Key B. Global Secondary Index C. Partition Key D. Local Secondary Index
B
Which of the following is a benefit of cloud computing? A. Run and maintain your own data centers. B. Go global in minutes. C. Increase time-to-market. D. Overprovision for scale.
B
Which of the following is true for the default settings of a security group? A. Allows all inbound traffic and blocks all outbound traffic. B. Blocks all inbound traffic and allows all outbound traffic. C. Allows all inbound and outbound traffic. D. Blocks all inbound and outbound traffic.
B
Which of the following list three ways to add access controls or authorizers for a REST API in Amazon API Gateway? A. IAM, Client-side SSL certificate and Key Management Service B. Lambda authorizer, VPC endpoint policy, Cognito User Pool C. Resource policy, cross-origin resource sharing and Secrets Manager D. Usage plan, AWS WAF and Security Group
B
Which of the following matches the definition of an Amazon CloudWatch Log Group? A. A group of events coming from the application instance or resource being monitored. B. A group of log streams that share the same retention, monitoring, and access control settings. C. A group of settings determining how long log events are kept in CloudWatch Logs. D. A group of records of some activity recorded by the application or resource being monitored.
B
Which type of database should be used to store user session data with the highest scalability and effective way? A. Relational database B. Key-value store C. Wide-column store D. Graph store
B
True or false: A network ACL filters traffic at the EC2 instance level. A. True B. False
B (A network ACL secures subnets, while a security group is responsible for securing EC2 instances.)
True or false: AWS Lambda is always the best solution when running applications on AWS. A. True B. False
B (AWS Lambda is a great solution for many use cases, but it does not fit all use cases. For long running processes, Lambda is not the best choice since it has a 15 minute runtime limit. Read about use cases for AWS Lambda here: https://docs.aws.amazon.com/lambda/latest/dg/applications-usecases.html)
Consider this scenario: You are an AWS Architect choosing a database for a dataset that has variation within the data, as in not every piece of data share all the same attributes. What database should you choose for this solution? A. Amazon Neptune B. Amazon DynamoDB C. Amazon QLDB D. Amazon Relational Database Service
B (Amazon DynamoDB allows for a flexible schema, so each item can have variation in the attributes outside of the primary and secondary key.)
You are an employee at a healthcare facility tasked with storing 7 years of patient information that is rarely accessed. Your boss wants you to consider one of the Amazon S3 storage tiers to store this information. Which storage tier should you suggest? A. S3 Standard B. S3 Glacier Deep Archive C. S3 Standard-Infrequent Access D. S3 Intelligent-Tiering
B (Amazon Glacier Deep Archive is Amazon S3's lowest-cost storage class and supports long-term retention and digital preservation for data that may be accessed once or twice in a year. It is designed for customers—particularly those in highly regulated industries, such as the Financial Services, Healthcare, and Public Sectors—that retain data sets for 7 to 10 years or longer to meet regulatory compliance requirements)
True or False: After a pull request is opened, you must manually add Amazon CodeGuru Reviewer as a reviewer so that it can leave comments on the pull request. A. True B. False
B (CodeGuru Reviewer is associated with a repository, it will automatically be added as a reviewer on any pull request that is opened. CodeGuru Reviewer will then analyze the code in the pull request, and leave comments on it.)
When AWS Lambda executes your Lambda function, it provisions and manages the resources needed to run your Lambda function. This is called the execution context, and it is a temporary runtime environment. After a Lambda function is executed, AWS Lambda maintains the execution context for some time in anticipation of another Lambda function invocation. What can you do in your code to take advantage of execution context re-use for performance optimization? Select two. A. Write code that pings your lambda function once an hour to keep the execution context alive B. Write data to the /tmp directory to be used as a transient cache C. Declare objects outside of the handler method D. Store data in environment variables as a cache
B, C
What are the two ways that a Lambda function can be invoked? Select two. A. Provisioned concurrency B. Asynchronously C. Reduced-latency D. Synchronously E. Automatically
B, D
In which scenario would Cognito User Pool be the right choice to use over a Cognito Identity Pool? A. API Gateway, Simple Storage Service, DynamoDB and other AWS services will be used directly by the application. B. The authorizer of the API method is set to AWS_IAM in API Gateway. C. The application behind API Gateway (backend) needs to have information about the user. D. My application requires unauthenticated users to access parts of my application.
C
What do you need to define on a Lambda function to send logs to CloudWatch Logs? A. The Log Stream to send logs to and an IAM Role B. An IAM Role C. The Log Group to send logs to and an IAM Role D. The Log Group and Log Stream to send logs to
C
What does the CAP Theorem stands for? A. Conformity, Availability and Persistence B. Conformity, Atomicity and Partition Tolerance C. Consistency, Availability and Partition Tolerance D. Consistency, Atomicity and Persistence
C
What feature can be used to know if a Lambda function, that was asynchronously invoked, executed successfully? A. Dead-letter queue B. Looking at the response code C. Destinations D. Retries
C
What is the easiest way to send logs to Amazon CloudWatch Logs from code in a Lambda function? A. Make an HTTPS call to Amazon CloudWatch logs B. Use the syslog library to send logs directly to CloudWatch logs C. Write to stdout or stderr and logs will be sent automatically D. Use the Amazon CloudWatch SDK to send logs
C
Which of the following can a route table be attached to? A. AWS Accounts B. Availability Zone C. Subnets D. Regions
C
Which of the following is NOT one of the steps to use an IAM Role instead of using the AWS managed temporary credentials in Cloud9? A. Create an IAM Role with an IAM Policy B. Disable AWS managed temporary credentials C. Add access key and secret key to credentials file D. Attach IAM Role to the Cloud9 EC2 instance
C
Which of the following is a way to do access control for an HTTP API in Amazon API Gateway? A. Cognito Federated Identities B. IAM C. JSON Web Token D. Lambda authorizer
C
Which of the following is the fastest way to get an item from DynamoDB? A. Scan B. Filter C. Query D. ItemQuery
C
Which of the following statement is true when using AWS Lambda layers? A. A Lambda function can only use one layer at a time. B. Layers are shared automatically with every AWS customer. C. The maximum size of the Lambda deployment package including layers is 250 MB. D. Lambda functions can only use Lambda layers created in the same AWS account.
C
A metric alarm have what following possible states? A. OK, ALARM, NOT_AVAILABLE B. OK, ALERT, INSUFFICIENT_DATA C. OK, ALARM, INSUFFICIENT_DATA D. OK, ALERT, NOT_AVAILABLE
C (A metric alarm has the following possible states: OK - The metric or expression is within the defined threshold. ALARM - The metric or expression is outside of the defined threshold. INSUFFICIENT_DATA - The alarm has just started, the metric is not available, or not enough data is available for the metric to determine the alarm state)
What are the two ways that an application can be scaled? A. Diagonally and vertically B. Horizontally and diagonally C. Vertically and horizontally D. Independently and vertically
C (An application can be scaled vertically by adding more power to an existing machine or it can be scaled horizontally by adding more machines to your pool of resources.)
Which of the following pieces of information do you need to create a Virtual Private Cloud (VPC)? A. The subnet it will reside in. B. The Availability Zone it will reside in. C. The AWS Region it will reside in. D. The group of subnets it will reside in.
C (When you create a VPC, you have to specify the AWS region it will reside in, the IP range for the VPC, as well as the name of the VPC.)
A DynamoDB table is made up of a Partition Key of UserID, a Sort Key with the date and time and an attribute of Score providing the list of all the scores for a game. A dashboard needs to display the 5 highest scores from the table. What is the most efficient way to keep this dashboard in real time? A. Scan the table and use a FilterExpression for any score that is higher than the last 5 high scores every minute. B. Use DynamoDB Stream and AWS Lambda to update the dashboard each time a higher score is added. C. Query the table and issue a sort on the Score attribute with a limit of 5 every minute. D. Scan the table to read all the entries and sort the data in the code to find the highest score.
D
A state machine in AWS Step Function is used for doing continuous deployment as part of a pipeline. One of the steps is to use Lambda to send an email asking for a manager to approve or not the deployment in production. Which of the following service integration pattern should be used? A. Request Response B. Activity task C. Run a Job D. Wait for Callback
D
Existing EC2 instances are used to do batch processing on data hosted in an S3 bucket. A state machine in AWS Step Functions must be used to send the location where that data is to that group of instances. Which of the following would be appropriate steps in the right order for this scenario to work? A. Change the code in the EC2 instances to pull from the state machine for work to do using the Wait for Callback integration pattern of a Task type state. B. Use the Run a Job integration pattern of a Task type state that will call the EC2 instances to do the work. C. Create an activity, add the activity to the state machine, and Step Function will now call the code in the EC2 instance to do the work. D. Create an activity, add the activity to the state machine, and change the code in the EC2 instances to pull from the activity for work to do.
D
For orchestrating a few Lambda functions that run for a very short duration at volumes as high as 5,000 concurrent execution, which type of workflow should be used? A. Concurrent workflow B. Standard workflow C. Dedicated workflow D. Express workflow
D
Given a table that has a Partition Key of UserID, an attribute named AccountLocked and many other attributes. The AccountLocked attribute is set to TRUE when the UserID is has its account locked and isn't set when it's not locked. Not many accounts are typically locked at a time compared to the hundreds of thousands of users in that table. What would be the most optimal way to get a list of all UserID that have their account locked (AccountLocked set to TRUE)? A. Send a scan to the table with the attribute_exists filter expression. B. Send a query to the table with the attribute_exists filter expression. C. Create an index with UserID as the Primary Key and AccountLocked as the Sort Key. Send a Query to the index to find the list of account locked. D. Create an index with UserID as the Primary Key and AccountLocked as the Sort Key. Send a Scan to the index to find the list of account locked.
D
How can a user be authenticated with the DynamoDB service via the SDK? A. Using a Username and a Password. B. Using a Certificate. C. Using a API Keys. D. Using an Access Key and a Secret Access Key.
D
If retry attempts is configured with the default setting on a Lambda function, what do you need to make sure you do in your code? A. Make sure that any transactions on the database are committed. B. Make sure that there are no global variables in the code. C. Make sure that the code can be executed concurrently. D. Make sure that your code is idempotent.
D
In AWS Lambda, what are you responsible for managing? A. Backend Infrastructure B. Operating System Patches C. Operating System Updates D. Function Code
D
In Cloud9, how often are the AWS managed temporary credentials automatically rotated? A. Every 5 seconds B. Every 5 days C. Every 5 hours D. Every 5 minutes
D
Per the AWS shared responsibility model, who is responsible for the protection of customers' data? A. Third-party security auditor B. AWS C. SFD D. The customer
D
What do you need to provide to Step Functions so it can be allowed to send logs to CloudWatch Logs? A. IAM User B. IAM Group C. IAM Policy D. IAM Role
D
What feature of DynamoDB is necessary to make use of Optimistic Locking? A. Versioning of items B. Locking of items C. Transaction support D. Conditional writes
D
What is the maximum timeout or maximum amount of time for the execution of a Lambda function? A. 5 hours B. 15 hours C. 5 minutes D. 15 minutes
D
When using the AWS SDK for X-Ray, to measure granular performance of a singular API call or specific line(s) of code, you can create a new: A. Annotation B. Trace C. Sampling Document D. Subsegment
D
When you access AWS programmatically, you use an access key to verify your identity and the identity of your applications. When programming using the AWS SDK locally on your personal computer, which method should you use for supplying AWS credentials? A. Use Temporary Role Based Access using IAM Roles B. Configure the AWS Credentials file to contain a username and password associated with an IAM User C. Hard coding the credentials into the code D. Configure the AWS Credentials file to contain an access key id and secret access associated with an IAM User
D
Which file contains your credentials that the CLI uses to make calls AWS on Cloud9 or from your laptop? A. .aws/config B. .aws/keys C. .aws/creds D. .aws/credentials
D
Which mechanism allows you to control who has access your AWS Lambda function and what actions they are allowed to perform? A. IAM Groups B. Execution Permissions C. IAM Policies D. Resource Based Policies
D
Which of the following can be found in an IAM policy? A. Effect B. Action C. Object D. A and B E. B and C
D
Which of the following has the right associations between the service and its function? A. Step Function orchestrates and SQS is a service bus B. EventBridge is a service bus and Step Function is a pub/sub C. SQS is a queue service and SNS is a service bus D. SNS is a pub/sub and EventBridge is a service bus
D
Which of the following service will help determine if the amount of Read Capacity Units and Write Capacity Units on a table is set appropriately? A. AWS Trusted Advisor B. Amazon CloudWatch Logs C. AWS CloudTrail D. Amazon CloudWatch Metrics
D
Which statement is FALSE about DynamoDB Global Tables? A. The tables must have the same write capacity management settings. B. ll DynamoDB tables that are part of the DynamoDB Global Table can be written to. C. DynamoDB Streams is used to replicate the data between tables. D. The data is synchronous replicated between tables.
D
You can directly integrate other AWS Services with your State Machine using Tasks. Which of the following actions is not supported by Service Integrations in AWS Step Functions without using an Activity state? A. Send a message in Amazon Simple Queue Service B. Run an Amazon Elastic Container Service task C. Invoking a Lambda Function D. Execute a program running on an external server
D
Dashboards contain different elements that allow you to view/analyze metrics called: A. Graphs B. Components C. Icons D. Widgets
D (AWS calls the elements you can add to a Dashboard widgets)
What is not a supported repository for Amazon CodeGuru Reviewer? A. BitBucket B. GitHub Enterprise C. AWS CodeCommit D. SourceForge
D (CodeGuru Reviewer supports associations with repositories from the following source providers: AWS CodeCommit, BitBucket, GitHub, GitHub Enterprise Cloud, and GitHub Enterprise Server.)
What must you do to allow resources in a public subnet to communicate with the internet? A. Create a route to a private subnet. B. Attach an internet gateway to your VPC. C. Create a route in a route table to the internet gateway. D. A and B E. B and C
E (To allow your resources to communicate with the internet, you'll need to attach an internet gateway to your VPC, and create a route in a route table to the internet gateway and attach it to your subnet with your internet-facing resources. You'll also need to make sure your internet-facing resources have a public IP address.)