AWS Database - SkillCertTest3
A Database Specialist needs to secure an Amazon RDS for MySQL database that will be used by a web application. Instead of an alphanumeric password, the database must only be accessed via a short-lived authentication token for greater security.Which of the following will satisfy this requirement?
Configure the RDS database to use IAM DB Authentication. Generate the access token using the aws rds generate-db-auth-token AWS CLI command.
A database administrator is managing a newly-built Amazon RDS Oracle db.m5.large instance in a single Availability Zone. Lately, the increase in the volume of read requests has negatively impacted the database performance. Furthermore, the Application Manager is worried that the system is not built for high availability. If the database fails, the system should be able to serve its users within an hour. Data loss is acceptable.What is the most cost-effective solution to meet these requirements?
Create a Read Replica and configure the application to connect to the replica for read requests.
A Database Specialist manages an Amazon RDS for PostgreSQL DB instance in a single-AZ deployment currently residing in the default Amazon VPC with access to the Internet. The company wants to secure the database and associate it with a different VPC. The Application Manager reminded the Database Specialist that the application server resides in the default VPC and should successfully connect to the database once the change is completed.What is the FASTEST method to meet this requirement?
Create a new DB subnet group associated with the new VPC. Modify the RDS PostgreSQL instance and associate it with the new DB Subnet Group. Use VPC Peering to allow the connection between the default VPC and the new VPC.
A Database Specialist migrated an on-premises MySQL database to an Amazon RDS for MySQL DB instance using AWS DMS. The RDS database needed to be encrypted at rest using a CMK in AWS KMS. Due to time constraints, the database encryption must be done immediately for the project to proceed.What approach must the Database Specialist implement to meet this requirement?
Create a snapshot of the unencrypted Amazon RDS MySQL DB instance and then create an encrypted copy of that snapshot. Launch a new RDS instance by restoring the encrypted snapshot copy then terminate the unencrypted RDS DB instance.
A Database Specialist was assigned to migrate an Amazon RDS DB Instance for MySQL to Amazon Aurora. Unfortunately, the records system using the 500-GB database can only afford near-zero downtime to migrate all data to the target database. The manager confirmed that the application has a proper connection pooling mechanism.What is the most cost-effective solution to meet this requirement?
Create an Aurora MySQL Read Replica of the RDS DB instance and promote it once the replication lag drops to 0.
A Database Specialist is managing an Amazon RDS for PostgreSQL database configured in Multi-AZ Deployments configuration. The PostgreSQL logs are published to CloudWatch Logs. Several web applications across the company heavily utilize the database to produce reports. The generated database logs affect the available storage space of the database.What should the Database Specialist do to rectify this issue?
Edit the value of the rds.log_retention_period parameter to 1440 in the parameter group of the RDS database.
A retail company has an application that uses Amazon DocumentDB as its data store. A Database Specialist has been tasked to set up monitoring to ensure that all data definition language (DDL) statements performed, such as CREATE or ALTER commands, are visible to the Systems Administrator. The audit_logs parameter has been enabled in the cluster parameter group in order to comply with the company's audit policies.What additional action must the Database Specialist do to automatically collect the database logs and share the data with the Administrator?
Enable Amazon DocumentDB Events to export logs to CloudWatch Logs. Instruct the Administrator to view the audit logs in CloudWatch.
A Database Specialist manages an Amazon DynamoDB table for a mobile application. Given the Security Team's new requirements, the Specialist needed to capture the activity of the table and create an audit trail of the modifications made to the items. These records should be securely stored for at least 6 months.Which action should the Database Specialist take to meet these requirements?
Enable DynamoDB Streams on the table. Write a Lambda function that copies each stream record to an Amazon S3 bucket
An application hosted in an Auto Scaling group of EC2 instances is using Amazon RDS for SQL Server as its database and Amazon ElastiCache for caching. The Database Specialist needs to view the metrics of the underlying operating system (OS) that the DB instance runs on in real-time to analyze how the processes or threads use the CPU.What should the Database Specialist do to view the required metrics?
Enable Enhanced Monitoring
A financial services company that is running a web application on an Amazon RDS for MariaDB DB instance in a Multi-AZ deployment wants to achieve regulatory compliance. Currently, the RDS DB instance is associated with a DB subnet group with private subnets and without an Internet gateway. It is configured with security groups to allow traffic to and from the application servers only. The master key used to encrypt the database at rest is managed using AWS KMS.Which step will provide new and additional security?
Enable SSL in the RDS DB instance and encrypt data in transit.
A Database Specialist is planning to migrate the on-premises data warehouse to an Amazon Redshift cluster. A Reporting Manager wants to ensure that the group's critical queries, especially the short-running ones, get prioritized over less critical and more complex queries. However, the Database Specialist wants to minimize query management and avoid any additional costs.Which steps should the Database Specialist take to meet the requirements?
Enable automatic workload management in the Redshift cluster and assign the group's queries to a queue with the HIGHEST priority. Enable short query acceleratio
Database Specialist manages an Amazon DocumentDB. An Application Manager escalated a performance issue and has requested to identify the slowest queries performed on the cluster as well as log the execution times and details of the operations.What should the Database Specialist do to meet this requirement?
Enable the profiler feature of DocumentDB and publish the logs to Amazon CloudWatch.
The audit team required users to connect to a running Amazon Elasticache for Redis with cluster mode using AUTH before allowing them to execute commands. The engine version is 5.0.5. A Database Specialist tries to attempt to configure the new setting using the AWS console but fails.Which among the options most likely caused this issue?
In-transit encryption is disabled for the Elasticache cluster.
A Database Specialist manages an EBS-Optimized Amazon RDS for MariaDB instance with General Purpose SSD storage. The users recently raised a latency issue with the database performance, specifically during their new nightly batch job package that runs for three hours. The Specialist discovered that the database consistently utilizes the maximum available IOPS configured for the EBS volumes in the middle of the job. Furthermore, the Specialist confirms that both the IO throughput and free available storage space are at optimal levels.Which of these actions can the Database Specialist do to increase the maximum IOPS?
Increase the size allocated to the RDS DB instance storage.
A Database Specialist needs to integrate an on-premises corporate Active Directory (AD) to an Amazon RDS for SQL Server DB instance. Employees must use their existing AD credentials to connect to the RDS SQL Server database.What should the Database Specialist implement to satisfy this requirement?
Launch an AWS Managed Microsoft AD and set up Windows Authentication by establishing a trust relationship with the on-premises Active Directory via a forest trust. Configure the security group of the domain controllers to restrict unauthorized access.
A startup is developing a ride-hailing mobile app that stores GPS coordinates of all the rides made by its users. Real-time statistics must also be provided with microsecond latency for reporting purposes. A Database Specialist needs to deploy a highly scalable and fault-tolerant database that can meet the app workload with minimal development effort.Which solution can satisfy the above requirements?
Launch an Amazon DynamoDB table with DAX to provide microsecond latency.
An online tax registration system uses an Amazon Aurora PostgreSQL database to store financial data and generate tax return reports. The system has a write-intensive workload that processes and saves hundreds of user information every hour. The taxpayers who are lodging their data are complaining about the slow performance of the system. As per initial checking, there is a spike in the IO:Xactsync metric of the PostgreSQL database.What should the Database Specialist do to resolve this issue?
Refactor the online tax registration system to commit transactions in batches.
The Database team is managing an Amazon Aurora DB cluster with MySQL compatibility for an online learning platform. An application manager asked for a full copy of the cluster in a new environment, where they plan to develop and test new monthly features for the next two years. Probing further, the application team will only use it sparingly during office hours and does not expect to execute batch jobs that run overnight.What is the most cost-effective solution that meets this requirement?
Restore a snapshot of the Aurora Cluster to configure an Aurora Serverless DB Cluster.
A financial services company is running an online banking portal that uses an Amazon Aurora PostgreSQL DB cluster. The DB cluster has several tables that contain sensitive customer data. The Database Specialist has been instructed to manage access privileges at the table level.Which of the following actions must be implemented to meet the above requirements?
Restrict access to the tables containing sensitive customer data using Data Control Language (DCL) commands such as GRANT and REVOKE.
A developer accidentally deleted an Amazon RDS MySQL database in the production environment that resulted in two hours of downtime. The database has been successfully restored using Point-in-Time Recovery. To prevent this error from happening again, the Database Specialist must implement a more stringent policy to safeguard the production resources.Which of the following should be done in this scenario?
Review the IAM policies associated with the IAM Users. Grant the least privilege to the developers and enable multi-factor authentication for sensitive operations.
A gaming company has successfully launched a mobile application that uses an Amazon DynamoDB and is becoming increasingly popular for the past year. The product owner plans to release a character change feature and asks the Database Specialist to prepare for the read/write activity surge and tune the database capacity.What can the Database Specialist do to meet this requirement with the lowest cost?
Set the selected DynamoDB table to provisioned capacity mode with auto-scaling enabled.
A startup plans to deploy a mobile dating application in multiple AWS Regions. The app needs to save the user profiles and local matches in Amazon DynamoDB tables in each Region. A Database Specialist has been tasked to automate the deployment of the new tables with identical configurations for the additional Regions, or even AWS accounts, where the app will soon be launched. The solution must seamlessly automate the configuration changes across all Regions to lessen the configuration management overhead.Which of the following is the most suitable option to implement to meet the above requirements?
Set up a CloudFormation template and use a stack set to deploy the required resources to all the AWS Regions or accounts.
A game development startup is building a mobile game app with Amazon DynamoDB as its data store. The Database Specialist must design the DynamoDB table to support various game features such as updating the player's score in real-time, storing the game session history, and fetching a player's score details for a particular game session. Each player has a unique player_id and there is also a unique game_session_id for each game.Which of the following is the most suitable design for the DynamoDB table?
Set up a composite primary key where the partition key is player_id and the sort key is: game_session_id.
A financial services company based in Australia uses Amazon Redshift for its data-warehousing solutions. They have expanded recently in Singapore and is designing a solution that would integrate queries between data from an Amazon RDS for PostgreSQL database in Singapore with data from the Redshift cluster in Sydney.Which solution will best simplify the integration between these data sources?
Set up connectivity from your Amazon Redshift cluster to your Amazon RDS PostgreSQL cluster. Create an external schema from the PostgreSQL database and use federated queries to access both sources.
A company has a suite of applications that consist of Amazon Aurora database, Lambda functions, DynamoDB tables, and CloudWatch Alarms that are deployed to various environments. The Application team needs an automated deployment and configuration method that will standardize its core components and minimize rework due to manual configuration errors. The team should be able to manage the environment-specific settings separately.What is the MOST suitable and secure solution that the Database Specialist should implement to meet these requirements?
Store the environment-specific parameters in the AWS Systems Manager Parameter Store. Design the AWS CloudFormation template to reference the values from the Parameter Store dynamically. Use the environment name as a parameter when deploying the CloudFormation stack to populate its related parameters.
A user escalated an error to the Database Administrator when running a table update statement against an Amazon Aurora for MySQL DB cluster with two Aurora Replicas:Error Code: 1290. The MySQL server is running with the --read-only option so it cannot execute this statementThe administrator confirmed that the test connection could write to the Aurora cluster, and no instance failover event occurred for the past month.Which is the most likely reason for this issue?
The user was connected to the Aurora cluster's reader endpoint when the error occurred.
The Database Manager wants to keep track of DB instance-level operations in the Amazon RDS for Oracle infrastructure in the US-East region and get notified via a text message whenever the DB instances failover or restart.Which solution will meet these requirements with minimal effort?
Use Amazon RDS Event Notifications and create proper event subscriptions that send notifications to the manager using the RDS Console.
A company has been running a critical system using Amazon Aurora with PostgreSQL. The development team needs at least eight new development environments and intends to perform both read and write transactions. The manager asked whether it is possible to refresh the new development databases with the latest copy of the production environment upon request.What is the most cost-effective solution to deploy their requirements in the shortest amount of time?
Use the Amazon Aurora cloning feature to make multiple clones from the same DB cluster.
As part of compliance, a Database Specialist needs to conduct fault testing to an Amazon RDS for MySQL running in Multi-AZ deployments configuration. The test will assess the resiliency of the database in the event of DB instance failure and availability zone disruption.Which of the following actions should the Database Specialist do to simulate a failure event?
Use the Reboot with failover option.
A Database Specialist needs to migrate an on-premises Microsoft SQL Server database to AWS. Various applications in the production environment use the database so the migration must not cause any downtime. The Database Specialist must perform a full data load to the target database while also capturing the recent changes from the source via change data capture (CDC).In this setup, how does AWS DMS reads the ongoing changes from the source database?
AWS DMS uses the fn_dblog() or fn_dump_dblog() function in SQL Server to read the changes in the transaction log based on the log sequence number (LSN).
A popular multiplayer online game is using an Amazon DynamoDB table named GameScore to track users' scores. The table is configured with a partition key UserId and a sort key GameTitle as shown in the diagram below:Larger imageA Database Specialist has been tasked to work with a developer to add a leaderboard feature to display the top scores for each game as well as the top scorers. The feature will query data over the entire table and across all partitions.What must be done to meet this requirement?
Add a Global Secondary Index (GSI) for the new feature.
A gaming company is planning to add a gaming leaderboard feature that would list down the top players for a popular mobile application in the Philippines. They predict it would introduce a huge volume of Query operations on the Amazon DynamoDB, and they don't want it to cause slow performance. The Database Team is working on a low-cost solution that will not require a lot of implementation and coding effort.What should the Database team do to achieve these requirements?
Configure a DynamoDB Accelerator to cache data.
A Database Specialist is managing a CRM application that uses an Amazon Aurora for PostgreSQL DB cluster with a primary DB instance that was configured to have a higher instance class than its four Aurora Replicas. Unexpectedly, a failover event occurs and the application team manager raised concerns that the performance was poor for several minutes. The manager also mentioned that the application servers in all Availability Zones are healthy.What should the Database Specialist do to eliminate the performance issue raised by the manager?
Configure all Aurora Replicas to have the same instance class as the primary DB instance. Implement Aurora PostgreSQL DB cluster cache management. Set the failover priority to tier-0 for the primary DB instance and one replica with the same instance class. Set the failover priority to tier-1 for the other Aurora Replicas.
A database specialist was assigned to migrate a learning management system from an on-premises Oracle database to an Amazon RDS MySQL database using the AWS Database Migration Service (DMS). Given a 10-hour maintenance window for the full load migration activity, the specialist discovered that half of the tables inside the database contained columns of LOB data types. The largest LOB column size found in a table is 300MB, while the rest had at most, LOB column sizes of 10MB. These tables do not have referential integrity constraints against each other, and all tables have primary keys.How should the database specialist configure the AWS DMS task to improve the speed of LOB data migration?
Configure an AWS DMS task to migrate the tables without LOBs. Configure another AWS DMS task using limited LOB mode with a LobMaxSize setting of 300MB to migrate LOB data to the target RDS instance.
A startup is developing a mobile app that will use a DynamoDB table named SessionData for user session management. The table has UserName, SessionId, CreationTime, and ExpirationTime attributes for tracking the session information. Each item only needs to be stored for 2 days and must be deleted afterward. The SessionId attribute is set to be the partition key in alphanumeric format.How should the Database Specialist configure the table?
Configure the ExpirationTime attribute to be a Number data type containing time in Unix epoch format. Enable time to live (TTL) on the table and track the ExpirationTime attribute. Ensure that the app sets the expiration time 2 days ahead for each new item.
An application uses GetItem and PutItem operations respectively to read and write data to its DynamoDB table. It processes thousands of requests per hour that stores multiple related items in the table, where each item is processed individually. The network overhead of the workload affects the application's performance. A Database Specialist needs to work with a developer to refactor the application without implementing concurrency management. Failed operations are acceptable as long as the requests get reprocessed.Which of the following will improve the application performance in the most cost-effective way?
Refactor the application to use the BatchGetItem and BatchWriteItem operations in processing related items. If a partial result is returned, use the UnprocessedKeys map from the response to reprocess the failed items
A Database Specialist needs to deploy a new CloudFormation stack for an application that uses an Amazon RDS database. For data compliance purposes, the template should be designed in a way that prevents accidental deletion or data loss in the database. If the stack is deleted, AWS CloudFormation must keep the database resource without any changes.Which of the following should be implemented to meet this requirement? (Select THREE.)
1. Configure the DeletionPolicy attribute to Retain. 2. Ensure that the DeleteAutomatedBackups property of the AWS::RDS::DBInstance resource is set to false. 3..Set the DeletionProtection attribute of the AWS CloudFormation template to true.
An application has a global sales leaderboard that provides the list of agents filtered by department and sales volume. A Sorted Set data type in Amazon ElastiCache for Redis is used for the leaderboard to show and arrange the updated data in real-time. The Database Specialist needs to implement a fault-tolerant caching layer that enhances the data durability of the ElastiCache cluster. The data loss should not exceed 1 hour to comply with the RPO.Which of the following are valid solutions that can be implemented to meet the above requirement? (Select TWO.)
1. Schedule manual backups using Redis append-only file (AOF). 2. Set up ElactiCache Multi-AZ with Automatic Failover.
A Database Specialist is planning to create a database for a critical enterprise application using Amazon RDS DB for MariaDB. The application owner wants to reduce the impact of maintenance events in the application and ensure that the database does not turn completely offline during operating system updates.Which steps should the Database Specialist take to minimize downtime due to maintenance? (SELECT TWO.)
1. Set the RDS maintenance window to perform maintenance items during a low activity period. 2. Create the RDS DB instance with Multi-AZ deployment.
A Database Specialist is planning to migrate an on-premises 200-GB Oracle database to an AWS RDS DB instance. The application requires a database environment that can accommodate OLTP workload requirements with high volumes of read operations. The specialist wants to ensure that the instance used will always have enough bandwidth to support the IO throughput requirement.What is the most cost-effective configuration that meets these requirements? (SELECT THREE)
1. Use an EBS-Optimized instance for the Amazon RDS DB instance. 2. Configure an Amazon RDS Read replica. 3. Configure the Amazon RDS DB instance to use gp2 SSD.
A Database Specialist is creating an AWS CloudFormation template that will deploy various Amazon DynamoDB tables to the AWS environment. The template is expected to be updated regularly based on the testing results. Each table must be independently configurable so that the deployment system can dynamically assign its respective provisioned read capacity units (RCU) and write capacity units (WCU).Which of the following should be implemented to satisfy the above requirement?
Add a Mappings section in the CloudFormation template and include the RCU and WCU count values of the DynamoDB tables. In the ProvisionedThroughput property, configure the ReadCapacityUnits and WriteCapacityUnits to use the Ref intrinsic function to retrieve RCU and WCU count values from the mapping.
An online auction system has hundreds of users that concurrently update the bid price of an item stored in a DynamoDB table. There are incidents where another user overrode a particular change made by one user. The Database Specialist must ensure that all UpdateItem operation will only succeed if the item attributes meet one or more expected conditions. If a user modifies a specific item in the table, the solution must guarantee that the operation will not affect another user's attempt to change the same item.What should the Specialist do to meet this requirement?
Add condition expressions in the existing UpdateItem operation.
A product owner consults with a database specialist about creating a new mobile application, which he wants to build inside the cloud. They intend to store the data inside JSON documents without the inconvenience of managing the scalability or security of the database. They also expect this database to handle a high volume of both read and write requests per minute from an application that will have users in Manila, Australia, and London.Which database service is the most cost-effective solution that can achieve these requirements?
Amazon DynamoDB Global Table
A company is developing an application that will be used to visualize complex hybrid network architectures, process highly connected datasets, and detect security issues. It requires a database that quickly finds specific connection paths between the hosts and traces a malicious file to the original host that downloaded it. The database will also be used to determine the fastest route of sending data from one host to another. A bulk loader API must also be provided for loading data from external files directly to the DB instance.Which of the following is the MOST suitable database engine that needs to be used in this scenario?
Amazon Neptune
A financial services company is planning to build a new fraud detection system. The Database Specialist was assigned to create a fully-managed data storage solution in AWS that can execute fast queries to show relationships among financial transactions and detect whenever a person is using the same identity-related information as past fraud cases.Which database service would best meet these requirements?
Amazon Neptune
A Database Specialist manages an Amazon DocumentDB. An Application Manager requested to audit all events when an index or a collection was either created or dropped. The Manager wanted to push these records into a central dashboard. Hence, the existing custom parameter group was modified to enable the audit_logs parameter.What else should the Database Specialist do to meet this requirement?
Modify the DocumentDB cluster to export the audit logs to Amazon CloudWatch.
A Database Specialist manages an unencrypted Amazon RDS for PostgreSQL DB instance in a Multi-AZ deployment. Due to the increase in user base, the Security team defined a new requirement that privileged IAM users should use their IAM credentials to access the DB instance and avoid other authentication methods that require database passwords. The Database Specialist noticed that the PostgreSQL DB instance is using a default parameter group with ssl set to 1.What is the FASTEST method to meet this requirement?
Modify the existing RDS PostgreSQL DB instance and choose Enable IAM Database Authentication. Assign appropriate IAM policies and database privileges for IAM users.
Category: AWS Database Speciality A serverless application uses an Amazon DynamoDB table to store the collected user data. The table needs to be configured with DynamoDB Streams to monitor any table changes. Kinesis Firehose will be used to load the stream data, which contains the original value of the overwritten item in the table into an Amazon S3 bucket. When an item is updated, DynamoDB should only send a copy of the item's previous value to S3 and then maintain the new value in the table.What Stream View type should be used to meet the above requirements?
OLD_IMAGE
A large eCommerce company is developing an enterprise application that uses Amazon Aurora as the database. The application must be deployed to the production, staging, and development environments. A Database Specialist has been instructed to specify different MasterUsername and MasterUserPassword properties for each environment in the AWS CloudFormation templates as part of the automated deployment. All the AWS CloudFormation templates are stored and version-controlled in the company's AWS CodeCommit repository. The database master password in the production environment must be regularly rotated to comply with the internal IT security policies.What is the MOST suitable and secure solution that the Database Specialist must implement?
Store the master passwords for all environments in AWS Secrets Manager. Configure the CloudFormation template to use the secretsmanager dynamic reference to retrieve the master password stored in AWS Secrets Manager per environment. Enable automatic rotation.
A Database Specialist is managing an Amazon DynamoDB table called tutorialsdojo-users. To maintain the size and capacity utilization, the specialist enabled the table's Time to Live (TTL) attribute. A user complained that queries, at certain times, still capture items that they expected to expire 24 hours ago. They confirmed that no updates were made on the expired items. The Database Specialist checked the TTL settings to find the root cause. The 24-hour backup streams setting is disabled. The CloudWatch metric "TTL deleted items" shows non-zero values in the graph.What is most likely causing this issue?
The TTL process has not deleted the expired item yet.
