AWS CERTFIED DEVELOPER COURSE QUIZLET!
A developer writes an aws lambda function in java that calls a third party api by using an api key. the developer must keep the api key encrypted and secure from casual observation. the api key can change overtime. how can the developer meet these requirements in the most operationally efficient manner.
A) Store the api key directly in the lambda function's code. B) Store the api key in a file on an amazon elastic block store volume. include code to read the file when the lambda function starts. C) Store the api key in a property file that is deployed with the java archive. include to read the property file when the lambda function starts. Store the API key as a secure string in the aws systems manager parameter store. include code to read the parameter when the lambda function starts. Answer ( D)
A developer is testing an application locally and has deployed the application to an aws lambda function. to avoid exceeding the deployment package size quota, the developer did not include the dependencies in the deployment file. when the developer tests the application remotely, the lambda function does not run because of missing dependencies. which solution should resolve this issue.
A) Use the lambda console editor to update the code and include the missing dependencies. B) Create an additional zip file that contains the missing dependencies. include the Zip file in the original lambda deployment package. C) Add references to the missing dependecies in the lambda function's environment variables. D) Create a layer that contains the missing dependencies. attach the layer to the lambda function Answer( D)
has a series of lambda functions that perform a complex series of activities. the functions need to run in a specific order. the entire workflow typically finishes in a few seconds, the workflow always finishes in less than 20 seconds. a single api gateway rest API call handles the processing requests. the REST API requires a response when the request is finished. it is possible to process multiple request at the same time. its considering step functions. which solution meets requirements?
A) create a step functions standard workflow state machine. invoke the state machine by using asynchronous execution. B.) create a step functions express workflow state machine. invoke the state machine by using an asynchronus execution. C.) Create a step function standard workflow state machine. invoke the state machine by using synchonous execution D) Create a step function express workflow state machine. invoke the state machine by using synchronous execution. ans (D)
An application running on amazon ec2 instances processes sensitive information stored on amazon s3. the information is accessed over the internet. the security team is concerned that the amazon ec2 instance connectivity to the amazon s3 bucket is a security risk. which solution will resolve the security concern?
A. Configure the ec2 instance to access the data thorugh an internet gateway. b. Configure the ec2 instance to access the date thorugh the vpn connection. c. Configure the ec2 insance to access the data though a nat gateway d. configure the ec2 insance to access the data though a vpc endpoint for amazon s3. answer (D)
A company operates an ecommerce application on Amazon EC2 insances behind an application load balancer. after a order is successfully processed. the application immediately posts order data to a third pary affliates external tracking system that pays sales commissions for order referrals. during a successful marketing promotion. the number of ec2 instances goes from 2-20 and works properly. however the third part app is overwhelmed and fails. what two changes can fix that.
A) move the code that calls the affiliate to a new aws lambda function. modify the application to invoke the lambda function asynchronously. B.) move the code that calls the affiliate to a new lambda function. modify the application to place the order data in an amazon sqs queue. invoke the lambda function from the queue. C) increase the timeout of the new aws lambda function. D) decrease the reserved concurrency of the new aws lambda function. answer ( B and D)
Which of the following pricing methods are available to pay for aurora (SELECT THREE)
A) on demand B) provisioned C) reserved D) serverless E) SPOT ans (a, c, d)
A Company has an inventory system that receives sporadic inventory updates from a fulfillment system in the form of large json files. while many files can be sent can be sent in a short time period, days can pass when no files are sent. The company wants to process these files as soon as they arrive. Which Solution will meet these requirements?
A) send the json files to amazon EFS. configure an amazon lambda function with an EFS event source to process the files. b) send the JSON files to EFS. schedule a lambda function to process the files once each hour. C.) send the json files to an amazon s3 bucket. configure a lambda function with an s3 event source to process the s3 objects. D.) Send the json files to an amazon s3 bucket, Schedule an aws lambda funciton to process the s3 object once an hour. answer( C)
an ecommerce company deploys more than 20 services behind the amazon api gateway. the interaction between services is complex. each service can potentially call several others, making performance issues and errors difficult to identify. Some individual api calls have experienced slow response times. the development team needs to quickly identify the underlying causes of the slowdowns. which approach would most quickly identify the underlying cause of performance issues?
A) use amazon cloudwatch metrics to find the service invocations with slow response times. configure and use aws x ray to examine these services to discover their performance issues. B) Use cloudwatch logs to find the service invocations with slow response times. use aws cloudtrail to examine these services to discover performance issues. C) Configure and use aws x ray to find the service invocations with slow response times. use amazon cloudwatch metrics and logs to examine these services. to discover their performance issues. D) Use aws cloudtrail to find the service invocations with slow response times. configure and use aws x ray to examine these services to discover their performance issues. ans( C)
Which of the following can you use to create and modify an amazon RDS insatance? (Select Three)
A)Amazon RDS API B)AWS CLI C) AWS Management Console. D) connect using the hostname and endpoint E) Remote desktop Protocol. ans (A,B,C)
A developer is building a web application that uses amazon api gateway. the developer wants to maintain different environments for development and production workloads. the API will be backed by an aws lambda function with two aliases. one for dev and prod. how can the developer maintain these environments with the least amount of configuration?
A.) Create a rest api for each environment. integrate the apis with the corresponding dev and prod alias of the lambda function. deploy the apis to their respective stages. access the apis by using the stage URLS B) Create one rest API. integrate the api with the lambda function by using the stage variable in place of an alias. Deploy the API to two different stages: dev and prod. create a stage variable in each stage with different aliases as the values. access the API by using the different stage URLS. C) Create one rest api. integrate the api with the dev alias of the lambda function. deploy the api to the dev env. configure a canary release deployment for the prod env. where the canary will integrate with the lambda prod alias. D.)Create one rest api. integrate the api with the prod alias of the lambda function. deploy the api to the prod env. configure a canary release deployment for the dev env. where the canary will integrate with the lambda dev alias answer (B)
A Developer is designing a web application that allows the users to post comments and receive near real time feedback. Which architectures meet these requirements? (SELECT TWO)
A.) Create an AWS AppSync Schema and corresponding APIs. Use an Amazon DynamoDB table as the data store. B.) Create a Web-socket API in the Amazon API Gateway. Use an AWS Lambda function as the backend and an Amazon DynamoDB table as the data store. C.) Create an AWS Elastic Beanstalk Application backend by an amazon rds database. configure the application to allow long lived tcp/ip sockets. D) create a graphql endpoint in amazon api gateway. Use an amazon dynamoDB table as the datastore. E) enable websocket on amazon cloudfront. use an aws lambda function as the origin and an amazon aurora db cluster as the data store. answer ( A and B)
You are tasked with minimizing the latency of your amazon api gateway restful api calls. these api calls are received from around the globe. which of the following is not a good option to help minimize latency.
A.) Modify the burst capacity of your APIS B) choose HTTP as the api type. C) enable caching for your API gateway apis D) use edge optimized api endpoints answer( a)
A Company is migrating a legacy application to Amazon ec2 instances. The application uses a username and password that are stored in the source code in to connect to the MYSQL database. the Company will migrate the database to an Amazon Rds for MYSQL DB instance. As part of the migration, the company needs to implement a secure way to store and automatically rotate the database credentials. Which solution will meet these requirements?
A.) Store the database credentials in environment variables in an amazon machine image (ami) rotate the credentials by replacing the ami. B.) Store the database credentials in aws systems manager parameter store. configure parameter store to automatically rotate the credentials C) Store the database credentials in enviroment variables on the ec2 instanves. rotate the credentials by relaunching ec2 D.) store the database credentials in aws secrets manager. configure the secrets manger to automatically rotate the credentials. answer.(D)
A developer is adding sign up and sign in functionality to an application. The application must make an API call to a custom analytics solution to log user sign in events. Which combination of actions should the developer perform to meet these requirements. (Select TWO)
A.) Use Amazon Cognito to provide the sign up and sign in functionality. B.) Use AWS Identity and Access Management to provide the sign up and sign in functionality. C.) Configure an AWS Config rule to make the API call when a user is authenticated. D) Invoke an amazon api gateway method to make the api call when a user is authenticated. E) Invoke an aws lambda function to make the api call when a user is authenticated. Answer (a and e)
As a developer, you are building a serverless web application. the web application is general purpose, event driven, web application back end that uses aws lambda with amaszon API gateway for its business lofic. It also uses amazon DynamoDB as its database and amazon cognito for user management. you need to identify a solution to support local development testing, host the app static content, and a way to manage the deployment.
A.) Use aws SAM (server-less application model) for local deployment. B.) Use amazon elastic container service to manage and deploy the server-less backend. C) use amazon athena for the local development testing. D) Use aplify hosting to host the applications static content and corresponding user interface. E.) Use AWS server-less application model to manage and deploy the server-less backend Answer( A, D, E)
Which of the following statements are true of DynamoDB indexes? (Select THREE)
A.) You can have a table without an index B) You can have more than one global secondary index on the table. C) you can have more than one local secondary index on a table. D) you can have more than one non clustered index on the table. E.) You can have only one clustered index per table. ans( A,B,C)
A developer has just developed a new single page web application written in react. this application currently leverages a combination of cognito to provide the user sign up & sign in functionality. api gateway & lambda to support the business logic, dynamo db as the persistent data store. Developer would like to host the SPA and introduce ab testing experiments and feature management in the application code. which combination of actions should the developer perform to meet these requirements.
A.) configure Amazon Cloudwatch Evidently for ab testing and experiments within application code B.) Use amazon code commit to host the single page web application written in react. C.)Configure Amazon Serverless application model for AB testing and experiements within app code. D.) Use amplify hosting to host the single page web application. E.) Use amazon cloudtrail to host the single page web application written in react. answer( A and D)
AWS CloudTrail
Enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.
___ Queues preserve the exact order in which messages are sent and received
FIFO ( first in first out.)
AWS systems manager parameter store
Feature that offers the ability to store, retrieve, and manage a secret or plain-text configuration
AMAZON SNS (simple notfication service)
Fully managed pub/sub messaging, SMS, email, and mobile push notifications
AWS beanstalk
Makes it easy for web applications to be quickly deployed and managed in aws
A developer is asked to verify security group rules set up by security engineer for a three tier application: Presentation tier: Accessed by users over the web, protected by the security group, Presentation group. Logic tier: RESTful API accessed from the presentation tier via htps, protected by the security group, logic-sg. Data-tier - SQL server database accessed over port 1433 from the logic tier, protected by the security group, data-sg.
What combination of the following security group rules will allow the application to be secure and functional. A) presentation-sg allow ports 80 and 443 from 0.0.0.0/ B) data-sg: allow port 1433 from presentation group. C) data-sg allow por 1433 from logic sg. D)presentation-sg allow port 1433 from data-sg E) logic-sg: allow port 443 from presentation-sg F) logic-sg; allow port 443 from 0.0.0.0/0 answer(ACE)
Amazon SQS (Simple Queue Service)
a Fully managed queue for microservices, distributed systems, and serverless applications.
Dynamo DB
a fully managed, SERVERLESS, key-value NOSQL database. It is designed to run high performance applications at any scale. Dynamo DB consist of tables, each table has a collection of items, and each item has attributes. ex. (a table of people, each person is an item, each item/person has attributes (name, address, hometown ect..)
AWS Lambda
a service to run code without managing compute resources in response to events and triggers. A function is a resource that you can invoke to run your code in lambda. A trigger is a resource or configuration that invokes a lambda function. Events are json formatted document that contains fata for a lambda function to process. Deployment Packages allow you to deploy code to your lambda function by uploading a zip file archive, or by creating and uploading a container image. Layers allow you to add a .zip file archive that can contain additional code or other content. a layer can contain libraries, custom runtimes, data. configuration files.
AMAZON EKS
elastic Kubernetes service is managed container service to run and scale Kubernetes applications in the cloud or on premises.
The____ scenario when a message published to an sns topic is replicated and pushed to multiple endpoints, such as kinsesis data firehose delivery systems, amazon sqs queues, HTTP(S) endpoints, and Lambda Functions.
fanout
AWS X-Ray
for any traced request to your application, you can see detailed information not only about the request and response. but also about calls that your application makes to downstream AWS resources, microservices, databases, and web APIs
AWS PRIVATELINK
highly available, scalable technology that enables you to privately connect your VPC to services as if they were in your VPC
Amazon ECS
highly scalable and fast container management service.
AWS SAM (serverless application model)
is an open source framework that you can use to build serverless applications on AWS
Amazon Kinesis Data Streams supports ____, Which lets you adjust the number of _____ in your stream to adapt to changes in the rate of data flow through the stream.
resharding, shards
What is the difference between synchronous and asynchronous lambda functions.
synchronous: you wait for the function to process the event and return a response. Asynchronous: Lambda queues the event for processing and returns a response immediately. For asynchronous invocation, Lambda handles retires and can send invocation records to a destination.
AWS CDK cloud development kit
the aws cdk lets you build reliable, scalable, cost effective applications in the cloud with the considerable expressive power of a programming language.
Which of these are best practices for serverless applications? (select Three)
A) Dont reinvent the wheel. B) Assume the limits of all of the services involved will scale to your needs? C) Send Events to services outside AWS as soon as possible. D) Prefer idempotent. stateless functions. E) Port your code for easy serverless integration F) Stay Current ans (A,D,F)
Which of the following are valid keys in DynamoDB tables? (Select TWO)
A) Foreign Key B) Partition Key C) Primary Key D) Surrogate Key ans (B, C)
Which of the following statements are true of security in DynamoDB? (select TWO)
A) IAM is used to manage credentials for DynamoDB B) IAM policies are not applicable to users for DynamoDB C) Encryption at rest replaces encryption with aws KMS D) fully managed encryption at rest is supported. ans ( A and D)
Which of the following database engines are compatible with Amazon Aurora? (Select two)
A) Microsoft SQL Server B) MySQL C) Oracle D) PostgreSQL E) SparkSQL
Which of the following are valid capacity modes for DynamoDB (SELECT TWO)
A) On-Demand B) Provisioned C) Reserved D) Spot Ans (a,b)
Which of the following instance types are available to pay for Amazon RDS? (Select TWO)
A) On-Demand B) Provisioned C) Reserved D) Spot ans ( a, c)
CI/CD aws code commit, code build, and code deploy.
A pipeline helps you automate steps in your software delivery process, such as initiating automatic builds and then deploying to amazon ec2 instances
A company notices performance degradation in one of its production web applications. the application is running on aws services and uses a microservices architecture. the company suspects that one of these microservices is causing the performance issues. Which aws solution should the company use to identify the service that is contributing to higher application latency?
A) AWS x-ray service map B) AWS cloudtrail event history C) AWS secrets manager D) AWS trusted advisor answer ( A)
Which of the following are instance classes or features that aurora supports? Select TWO.
A) Accelerated computing B) Burstable performance C) Cluster networking D) fixed performance E) memory optimized ans (B, E)
Which of the following are database engines that Amazon RDS can run? Select three.
A) Amazon Aurora B) IBM DB2 C) Oracle D) PostgresSQL E) SparkSQL ans (A, C, D)
Which of the following statements are true of security in Amazon RDS? (Select THREE.)
A) Amazon Cognito is used to control who can access the database instance. B) Amazon VPC is used to isolate your database from internet traffic. C) Connections to the database are secured using SSL. D) Data is encrypted at rest using 256-bit RC6 algorithms. E) Security groups are used to control access to the database instance. ans ( B, C, E)
Which of the following security groups can control access to an amazon RDS database instance? Select THREE?)
A) Amazon Cognito security groups B) amazon ec2 security groups C) amazon rds security groups D) amazon vpc security groups E) database security groups. ans (B,D,E)
Which of the following are components of DynamoDB? (Select Three)
A) Attribute B) File C) Item D) Record E) Table ans( A, B , E)
Which of the following statements are true of Aurora databases? (Select three)
A) Aurora can have up to 15 read replicas. B) Aurora charges for data transferred in from and out to the internet. C) Aurora is managed by Amazon RDS D) Aurora requires primary keys to create uniqueness E) Aurora serverless manages database instances for you. ans ( A C E)
Which of the following statements are true of security in Aurora (Select THREE)
A) Aurora requires both authentication and permissions for users to access tables. B) IAM policies can be used to assign permissions to users C) Security groups are used to control access to the database instance. D) Data is encrypted at rest using 256-bit RC6 algorithms E) Amazon Cognito is used to control who can access the database instance. Ans ( A,B,C)
A developer is building a new application that transforms text files to pdf files. a separate application writes the text files to a source amazon s3 bucket. The new application must read the files as they arrive in amazon s3 and must convert the files to pdf files using lambda. the developer has written the iam policy to allow access to amazon s3 and amazon cloudwatch logs. What should the developer do to ensure the lambda function has correct permissions?
A) Create a lambda execution role by using AWS IAM. attach the IAM plocy to the role. Assign the lambda execution role to the lambda function. B.) Create a lambda execution user by using IAM, attach the IAM policy to the USER. assign the lambda execution user to the lambda function. C). Create a lambda execution by using IAM. Atach the policy to the role. STORE the iam role as an enviroment variable in the lambda function. D.) Create a lambda execution user by using aws IAM. attach the plocy to the user. store the iam user credentials as environment variables in the lambda function. answer( A)
Youve been asked to imrpove the performance of a lambda function. Which options might you try?
A) Decrease the reserved concurrency for the function B) Increase the memory associated with the aws lambda function C) Increase the /TMP space configuration for the function D) Add provisioned concurrency answer (B and D)
As a developer you are tasked with creating an application so that your customers can leverage your microservices by making http api calls. your goal is to create an event-driven architecture to support this application. What combination of AWS services can you use so that your customers can make the HTTP API calls, SERVERLESS compute containing the business logic processes the incoming api calls, and the corresponding microservices data can be persistently stores. (SELECT THREE)
A. Amazon Cloudwatch B. Amazon api gateway C. AWS secrets manager. D. Dynamo DB E. AWS Lambda answer( B, D, E)
A developer built an application that stores data in an amazon rds multi-az db instance. the database performs reads and writes constantly and is responding slowly. the intensive read requests are received unpredictably several times each hour. the application cannot tolerate reading stale data. the developer must increase the retrieval speed for the intensive read requests. Which strategy will meet these requirements?
A. Use amazon elasticache cluster with a write-through strategy. Configure the application to the direct the intensive read operations to elasticache. B. Use an Amazon DynamoDB accelrator cluster with a write-through strategy. Configure the application to direct the intensive read operations to the dax cluster C. Configure the application to the direct the intensive read operations to the multi az standby replica in the second availability zone. D. Add an RDS read replica. configure the application to the direct the intensive read operations to the read replica. answer (A)
A developer has written several custom applications that read and write to the same amazon dynamodb table. each time the data in the dynamo db table is modified, this change should be sent an external API. which two combinations of steps should the developer perform to accomplish this task (SELECT TWO)
A.) Configure an aws lambda function to poll the stream and call the external api. B.) Configure an even in the amazon event bridge that publish the change to an amazon managed streaming for apache Kafka data stream. C.) Create a trigger in the dynamoDB table to publish the change to an amazon kinesis data stream. D.) Deliver the stream to an amazon simple notification service(amazon sns) topic and subscribe the api to the topic. E.) enable dynamodb steams on the table Answer ( A and E)
Amazon Elasticache
Amazon Elasticache is a fully managed, in-memory caching service
Amazon EventBridge
Amazon EventBridge works with other AWS services to process events or invoke an aws resource as the target of a rule.
Amazon Kinesis
Amazon Kinesis is a you can ingest real-time data such as video, audio, application logs, website clickstreams, and IoT telemetry data for machine learning, analytics, and other applications.
___ is a continous delivery service you can use to model, visualize, and automate the teps required to release your software. you can quickly model and configure the different stages of a software release process.
AWS CodePipeline
AWS WAF
AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor Web request based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection and cross-site scripting.
Security administrators responsible for meeting regulatory and compliance requirements can use ___ to monitor secrets and rotate secrets without a risk of impacting applications
AWS secrets manager
AWS Step-Functions
AWS step functions is a fully managed service that makes it easier to coordinate the components of distributed applications and microservices using visual workflows.
Amazon API Gateway
Amazon API gateway is an AWS service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale.
you should use ____ if you want to run interactive ad hoc sql queries against data on Amazon S3 without having to manage any infrastructure or clusters.
Amazon Athena
AWS Cognito
Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. User Pools: let you add registration and sign in to your apps. Identity pools: you can prodvide AWS credentials for access to your cloud resources.
___ is a managed AWS docker registry service, it is also a fully managed container registry that makes it simpler and faster for developers to store, manage, and deploy container images.
Amazon ECR ( elastic container registry)
Amazon Athena
Athena is an interactive analytics service that makes it easier to analyze data in amazon simple storage service using python or SQL
when you use CloudFormation, you manage related resources as a single unit called a stack. if you need to make changes to the running resources in a stack, you need to update the stack. Before making changes to your resources, you can generate a ___, which is a summary of your proposed changes.
Change set.
___ templates are JSON or YAML- formatted text files comprised of five types of elements.
Cloud formation
Amazon CloudWatch
CloudWatch collects monitoring and operational data in the form of logs, metrics, and events
which of the following statements is true regarding an Amazon RDS solution?
Read replicas can be created to improve performance.
AWS secrets manager
Security adminstrators responsible for meeting regulartory and compliance requirements can use secrets manager to monitory secrets and ROTATE SECRETS without a risk of impacting applications. developers who want to replace hardcoded secrets in their applications can retriece secrets programmatically from secrets manager.
Cloud Formation
Service that enables customers to provision and manage alomst any aws resource using a custom teplate language expressed in yaml or json. cloud formation uses these templates as blueprints for building aws resources.
Which of these migrations patterns helps an organization incrementally and systematically decomposes monolithic applications by creating APIs and building event-driven components that gradually replace components of the legacy application?
Strangler
With the Amazon Ec2 database solution, you are responsible for the administration and maintenance of your database server true/false
True
To prevent other consumers from processing the message again, Amazon SQS sets ____, a period of time during which amazon SQS prevents all consumers from receiving and processing the message.
Visibility Timeout.
