IT – Engineering – Cloud – Finance

Download QR-Code

‎Djamgatech

Developer: DjamgaTech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 

• Get 20% off Google Workspace (Google Meet)  Business Plan (AMERICAS): L9LDMKMAVG3WGYK (Email us for more)
• Get 20% off Google Google Workspace (Google Meet) Standard Plan with  the following codes:  96GVXKJJNHC97EG (Contact us for more)

Download QR-Code

‎Djamgatech

Developer: DjamgaTech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 

Welcome to AWS Certified Developer Associate Exam Preparation: Definition and Objectives, Top 65 Questions and Answers dump, White papers, Courses, Labs and Training Materials, Exam info and details, References, Jobs, Others AWS Certificates

What is the AWS Certified Developer Associate Exam?

This AWS Certified Developer-Associate Examination is intended for individuals who perform a
Developer role. It validates an examinee’s ability to:

• Demonstrate an understanding of core AWS services, uses, and basic AWS architecture best practices.
• Demonstrate proficiency in developing, deploying, and debugging cloud-based applications using AWS.

There are no prerequisites for taking the Developer-Associate examination, but here are the recommended AWS Knowledge:

• One or more years of hands-on experience developing and maintaining an AWS based application
• In-depth knowledge of at least one high-level programming language
• Understanding of core AWS services, uses, and basic AWS architecture best practices
• Proficiency in developing, deploying, and debugging cloud-based applications using AWS
• Ability to use the AWS service APIs, AWS CLI, and SDKs to write applications
• Ability to identify key features of AWS services
• Understanding of the AWS shared responsibility model
• Understanding of application lifecycle management
• Ability to use a CI/CD pipeline to deploy applications on AWS
• Ability to use or interact with AWS services
• Ability to apply a basic understanding of cloud-native applications to write code
• Ability to write code using AWS security best practices (e.g., not using secret and access keys in the code, instead using IAM roles)
• Ability to author, maintain, and debug code modules on AWS
• Proficiency writing code for serverless applications
• Understanding of the use of containers in the development process

Top

Download QR-Code

Djamgatech - AWS Azure GCP

Developer: Djamgatech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

AWS Certified Developer – Associate Practice Questions And Answers Dump

Q0: Your application reads commands from an SQS queue and sends them to web services hosted by your
partners. When a partner’s endpoint goes down, your application continually returns their commands to the queue. The repeated attempts to deliver these commands use up resources. Commands that can’t be delivered must not be lost.
How can you accommodate the partners’ broken web services without wasting your resources?

• A. Create a delay queue and set DelaySeconds to 30 seconds
• B. Requeue the message with a VisibilityTimeout of 30 seconds.
• C. Create a dead letter queue and set the Maximum Receives to 3.
• D. Requeue the message with a DelaySeconds of 30 seconds.

Show Answer

C. After a message is taken from the queue and returned for the maximum number of retries, it is
automatically sent to a dead letter queue, if one has been configured. It stays there until you retrieve it for forensic purposes.

Reference: Amazon SQS Dead-Letter Queues

Top

Q1: A developer is writing an application that will store data in a DynamoDB table. The ratio of reads operations to write operations will be 1000 to 1, with the same data being accessed frequently.
What should the Developer enable on the DynamoDB table to optimize performance and minimize costs?

• A. Amazon DynamoDB auto scaling
• B. Amazon DynamoDB cross-region replication
• C. Amazon DynamoDB Streams
• D. Amazon DynamoDB Accelerator

Show Answer

D. The AWS Documentation mentions the following:

Download QR-Code

Djamgatech - AWS Azure GCP

Developer: Djamgatech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

DAX is a DynamoDB-compatible caching service that enables you to benefit from fast in-memory performance for demanding applications. DAX addresses three core scenarios

1. As an in-memory cache, DAX reduces the response times of eventually-consistent read workloads by an order of magnitude, from single-digit milliseconds to microseconds.
2. DAX reduces operational and application complexity by providing a managed service that is API-compatible with Amazon DynamoDB, and thus requires only minimal functional changes to use with an existing application.
3. For read-heavy or bursty workloads, DAX provides increased throughput and potential operational cost savings by reducing the need to over-provision read capacity units. This is especially beneficial for applications that require repeated reads for individual keys.

Reference: AWS DAX

Top

Q2: You are creating a DynamoDB table with the following attributes:

• PurchaseOrderNumber (partition key)
• CustomerID
• PurchaseDate
• TotalPurchaseValue

One of your applications must retrieve items from the table to calculate the total value of purchases for a
particular customer over a date range. What secondary index do you need to add to the table?

• A. Local secondary index with a partition key of CustomerID and sort key of PurchaseDate; project the
  TotalPurchaseValue attribute
• B. Local secondary index with a partition key of PurchaseDate and sort key of CustomerID; project the
  TotalPurchaseValue attribute
• C. Global secondary index with a partition key of CustomerID and sort key of PurchaseDate; project the
  TotalPurchaseValue attribute
• D. Global secondary index with a partition key of PurchaseDate and sort key of CustomerID; project the
  TotalPurchaseValue attribute

Show Answer

C. The query is for a particular CustomerID, so a Global Secondary Index is needed for a different partition
key. To retrieve only the desired date range, the PurchaseDate must be the sort key. Projecting the
TotalPurchaseValue into the index provides all the data needed to satisfy the use case.

Download QR-Code

Djamgatech - AWS Azure GCP

Developer: Djamgatech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

Reference: AWS DynamoDB Global Secondary Indexes

Download QR-Code

Djamgatech - AWS Azure GCP

Developer: Djamgatech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

Difference between local and global indexes in DynamoDB

• Global secondary index — an index with a hash and range key that can be different from those on the table. A global secondary index is considered “global” because queries on the index can span all of the data in a table, across all partitions.
• Local secondary index — an index that has the same hash key as the table, but a different range key. A local secondary index is “local” in the sense that every partition of a local secondary index is scoped to a table partition that has the same hash key.
• Local Secondary Indexes still rely on the original Hash Key. When you supply a table with hash+range, think about the LSI as hash+range1, hash+range2.. hash+range6. You get 5 more range attributes to query on. Also, there is only one provisioned throughput.
• Global Secondary Indexes defines a new paradigm – different hash/range keys per index.
  This breaks the original usage of one hash key per table. This is also why when defining GSI you are required to add a provisioned throughput per index and pay for it.
• Local Secondary Indexes can only be created when you are creating the table, there is no way to add Local Secondary Index to an existing table, also once you create the index you cannot delete it.
• Global Secondary Indexes can be created when you create the table and added to an existing table, deleting an existing Global Secondary Index is also allowed.

Throughput :

• Local Secondary Indexes consume throughput from the table. When you query records via the local index, the operation consumes read capacity units from the table. When you perform a write operation (create, update, delete) in a table that has a local index, there will be two write operations, one for the table another for the index. Both operations will consume write capacity units from the table.
• Global Secondary Indexes have their own provisioned throughput, when you query the index the operation will consume read capacity from the index, when you perform a write operation (create, update, delete) in a table that has a global index, there will be two write operations, one for the table another for the index*.

Top

Q3: When referencing the remaining time left for a Lambda function to run within the function’s code you would use:

• A. The event object
• B. The timeLeft object
• C. The remains object
• D. The context object

Show Answer

D. The context object.

Reference: AWS Lambda

Top

Q4: What two arguments does a Python Lambda handler function require?

• A. invocation, zone
• B. event, zone
• C. invocation, context
• D. event, context

Show Answer

D. event, context
def handler_name(event, context):
…
return some_value

Reference: AWS Lambda Function Handler in Python

Top

Q5: Lambda allows you to upload code and dependencies for function packages:

• A. Only from a directly uploaded zip file
• B. Only via SFTP
• C. Only from a zip file in AWS S3
• D. From a zip file in AWS S3 or uploaded directly from elsewhere

Show Answer

D. From a zip file in AWS S3 or uploaded directly from elsewhere

Reference: AWS Lambda Deployment Package

Top

Q6: A Lambda deployment package contains:

• A. Function code, libraries, and runtime binaries
• B. Only function code
• C. Function code and libraries not included within the runtime
• D. Only libraries not included within the runtime

Show Answer

C. Function code and libraries not included within the runtime

Reference: AWS Lambda Deployment Package in PowerShell

Top

Q7: You are attempting to SSH into an EC2 instance that is located in a public subnet. However, you are currently receiving a timeout error trying to connect. What could be a possible cause of this connection issue?

• A. The security group associated with the EC2 instance has an inbound rule that allows SSH traffic, but does not have an outbound rule that allows SSH traffic.
• B. The security group associated with the EC2 instance has an inbound rule that allows SSH traffic AND has an outbound rule that explicitly denies SSH traffic.
• C. The security group associated with the EC2 instance has an inbound rule that allows SSH traffic AND the associated NACL has both an inbound and outbound rule that allows SSH traffic.
• D. The security group associated with the EC2 instance does not have an inbound rule that allows SSH traffic AND the associated NACL does not have an outbound rule that allows SSH traffic.

Show Answer

D. Security groups are stateful, so you do NOT have to have an explicit outbound rule for return requests. However, NACLs are stateless so you MUST have an explicit outbound rule configured for return request.

Reference: Comparison of Security Groups and Network ACLs

Q8: You have instances inside private subnets and a properly configured bastion host instance in a public subnet. None of the instances in the private subnets have a public or Elastic IP address. How can you connect an instance in the private subnet to the open internet to download system updates?

• A. Create and assign EIP to each instance
• B. Create and attach a second IGW to the VPC.
• C. Create and utilize a NAT Gateway
• D. Connect to a VPN

Show Answer

C. You can use a network address translation (NAT) gateway in a public subnet in your VPC to enable instances in the private subnet to initiate outbound traffic to the Internet, but prevent the instances from receiving inbound traffic initiated by someone on the Internet.

Download QR-Code

Djamgatech - AWS Azure GCP

Developer: Djamgatech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

Reference: AWS Network Address Translation Gateway

Q9: What feature of VPC networking should you utilize if you want to create “elasticity” in your application’s architecture?

• A. Security Groups
• B. Route Tables
• C. Elastic Load Balancer
• D. Auto Scaling

Show Answer

Q10: Lambda allows you to upload code and dependencies for function packages:

• A. Only from a directly uploaded zip file
• B. Only from a directly uploaded zip file
• C. Only from a zip file in AWS S3
• D. From a zip file in AWS S3 or uploaded directly from elsewhere

Top

Q11: You’re writing a script with an AWS SDK that uses the AWS API Actions and want to create AMIs for non-EBS backed AMIs for you. Which API call should occurs in the final process of creating an AMI?

• A. RegisterImage
• B. CreateImage
• C. ami-register-image
• D. ami-create-image

Top

Q12: When dealing with session state in EC2-based applications using Elastic load balancers which option is generally thought of as the best practice for managing user sessions?

• A. Having the ELB distribute traffic to all EC2 instances and then having the instance check a caching solution like ElastiCache running Redis or Memcached for session information
• B. Permenantly assigning users to specific instances and always routing their traffic to those instances
• C. Using Application-generated cookies to tie a user session to a particular instance for the cookie duration
• D. Using Elastic Load Balancer generated cookies to tie a user session to a particular instance

A.

Download QR-Code

Djamgatech - AWS Azure GCP

Developer: Djamgatech Corp

Price: Free⁺

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

Reference: https://aws.amazon.com/caching/session-management/

Top

Q13: Which API call would best be used to describe an Amazon Machine Image?

• A. ami-describe-image
• B. ami-describe-images
• C. DescribeImage
• D. DescribeImages

Top

Q14: What is one key difference between an Amazon EBS-backed and an instance-store backed instance?

• A. Autoscaling requires using Amazon EBS-backed instances
• B. Virtual Private Cloud requires EBS backed instances
• C. Amazon EBS-backed instances can be stopped and restarted without losing data
• D. Instance-store backed instances can be stopped and restarted without losing data

Top

Q15: After having created a new Linux instance on Amazon EC2, and downloaded the .pem file (called Toto.pem) you try and SSH into your IP address (54.1.132.33) using the following command.
ssh -i my_key.pem ec2-user@52.2.222.22
However you receive the following error.
@@@@@@@@ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@
What is the most probable reason for this and how can you fix it?

• A. You do not have root access on your terminal and need to use the sudo option for this to work.
• B. You do not have enough permissions to perform the operation.
• C. Your key file is encrypted. You need to use the -u option for unencrypted not the -i option.
• D. Your key file must not be publicly viewable for SSH to work. You need to modify your .pem file to limit permissions.

Top

Q16: You have an EBS root device on /dev/sda1 on one of your EC2 instances. You are having trouble with this particular instance and you need to either Stop/Start, Reboot or Terminate the instance but you do NOT want to lose any data that you have stored on /dev/sda1. However, you are unsure if changing the instance state in any of the aforementioned ways will cause you to lose data stored on the EBS volume. Which of the below statements best describes the effect each change of instance state would have on the data you have stored on /dev/sda1?

• A. Whether you stop/start, reboot or terminate the instance it does not matter because data on an EBS volume is not ephemeral and the data will not be lost regardless of what method is used.
• B. If you stop/start the instance the data will not be lost. However if you either terminate or reboot the instance the data will be lost.
• C. Whether you stop/start, reboot or terminate the instance it does not matter because data on an EBS volume is ephemeral and it will be lost no matter what method is used.
• D. The data will be lost if you terminate the instance, however the data will remain on /dev/sda1 if you reboot or stop/start the instance because data on an EBS volume is not ephemeral.

Top

Q17: EC2 instances are launched from Amazon Machine Images (AMIs). A given public AMI:

• A. Can only be used to launch EC2 instances in the same AWS availability zone as the AMI is stored
• B. Can only be used to launch EC2 instances in the same country as the AMI is stored
• C. Can only be used to launch EC2 instances in the same AWS region as the AMI is stored
• D. Can be used to launch EC2 instances in any AWS region

Top

Q18: Which of the following statements is true about the Elastic File System (EFS)?

• A. EFS can scale out to meet capacity requirements and scale back down when no longer needed
• B. EFS can be used by multiple EC2 instances simultaneously
• C. EFS cannot be used by an instance using EBS
• D. EFS can be configured on an instance before launch just like an IAM role or EBS volumes

Top

Q19: IAM Policies, at a minimum, contain what elements?

• A. ID
• B. Effects
• C. Resources
• D. Sid
• E. Principle
• F. Actions

Top

Q20: What are the main benefits of IAM groups?

• A. The ability to create custom permission policies.
• B. Assigning IAM permission policies to more than one user at a time.
• C. Easier user/policy management.
• D. Allowing EC2 instances to gain access to S3.

Top

Q21: What are benefits of using AWS STS?

• A. Grant access to AWS resources without having to create an IAM identity for them
• B. Since credentials are temporary, you don’t have to rotate or revoke them
• C. Temporary security credentials can be extended indefinitely
• D. Temporary security credentials can be restricted to a specific region

Top

Q22: What should the Developer enable on the DynamoDB table to optimize performance and minimize costs?

• A. Amazon DynamoDB auto scaling
• B. Amazon DynamoDB cross-region replication
• C. Amazon DynamoDB Streams
• D. Amazon DynamoDB Accelerator

Show Answer

Q23: A Developer has been asked to create an AWS Elastic Beanstalk environment for a production web application which needs to handle thousands of requests. Currently the dev environment is running on a t1 micro instance. How can the Developer change the EC2 instance type to m4.large?

• A. Use CloudFormation to migrate the Amazon EC2 instance type of the environment from t1 micro to m4.large.
• B. Create a saved configuration file in Amazon S3 with the instance type as m4.large and use the same during environment creation.
• C. Change the instance type to m4.large in the configuration details page of the Create New Environment page.
• D. Change the instance type value for the environment to m4.large by using update autoscaling group CLI command.

Q24: What statements are true about Availability Zones (AZs) and Regions?

• A. There is only one AZ in each AWS Region
• B. AZs are geographically separated inside a region to help protect against natural disasters affecting more than one at a time.
• C. AZs can be moved between AWS Regions based on your needs
• D. There are (almost always) two or more AZs in each AWS Region

Top

Q25: An AWS Region contains:

• A. Edge Locations
• B. Data Centers
• C. AWS Services
• D. Availability Zones

Show Answer

Q26: Which read request in DynamoDB returns a response with the most up-to-date data, reflecting the updates from all prior write operations that were successful?

• A. Eventual Consistent Reads
• B. Conditional reads for Consistency
• C. Strongly Consistent Reads
• D. Not possible

Show Answer

Q27: You’ve been asked to move an existing development environment on the AWS Cloud. This environment consists mainly of Docker based containers. You need to ensure that minimum effort is taken during the migration process. Which of the following step would you consider for this requirement?

• A. Create an Opswork stack and deploy the Docker containers
• B. Create an application and Environment for the Docker containers in the Elastic Beanstalk service
• C. Create an EC2 Instance. Install Docker and deploy the necessary containers.
• D. Create an EC2 Instance. Install Docker and deploy the necessary containers. Add an Autoscaling Group for scalability of the containers.

Show Answer

Q28: You’ve written an application that uploads objects onto an S3 bucket. The size of the object varies between 200 – 500 MB. You’ve seen that the application sometimes takes a longer than expected time to upload the object. You want to improve the performance of the application. Which of the following would you consider?

• A. Create multiple threads and upload the objects in the multiple threads
• B. Write the items in batches for better performance
• C. Use the Multipart upload API
• D. Enable versioning on the Bucket

Show Answer

Q29: A security system monitors 600 cameras, saving image metadata every 1 minute to an Amazon DynamoDb table. Each sample involves 1kb of data, and the data writes are evenly distributed over time. How much write throughput is required for the target table?

• A. 6000
• B. 10
• C. 3600
• D. 600

Q30: What two arguments does a Python Lambda handler function require?

• A. invocation, zone
• B. event, zone
• C. invocation, context
• D. event, context

Show Answer

Q31: Lambda allows you to upload code and dependencies for function packages:

• A. Only from a directly uploaded zip file
• B. Only via SFTP
• C. Only from a zip file in AWS S3
• D. From a zip file in AWS S3 or uploaded directly from elsewhere

Show Answer

Q32: A Lambda deployment package contains:

• A. Function code, libraries, and runtime binaries
• B. Only function code
• C. Function code and libraries not included within the runtime
• D. Only libraries not included within the runtime

Show Answer

Q33: You have instances inside private subnets and a properly configured bastion host instance in a public subnet. None of the instances in the private subnets have a public or Elastic IP address. How can you connect an instance in the private subnet to the open internet to download system updates?

• A. Create and assign EIP to each instance
• B. Create and attach a second IGW to the VPC.
• C. Create and utilize a NAT Gateway
• D. Connect to a VPN

Show Answer

Q34: What feature of VPC networking should you utilize if you want to create “elasticity” in your application’s architecture?

• A. Security Groups
• B. Route Tables
• C. Elastic Load Balancer
• D. Auto Scaling

Show Answer

Q30: Lambda allows you to upload code and dependencies for function packages:

• A. Only from a directly uploaded zip file
• B. Only from a directly uploaded zip file
• C. Only from a zip file in AWS S3
• D. From a zip file in AWS S3 or uploaded directly from elsewhere

Answer:

Show Answer

Q31: An organization is using an Amazon ElastiCache cluster in front of their Amazon RDS instance. The organization would like the Developer to implement logic into the code so that the cluster only retrieves data from RDS when there is a cache miss. What strategy can the Developer implement to achieve this?

• A. Lazy loading
• B. Write-through
• C. Error retries
• D. Exponential backoff

Answer:

Show Answer

Q32: A developer is writing an application that will run on Ec2 instances and read messages from SQS queue. The messages will arrive every 15-60 seconds. How should the Developer efficiently query the queue for new messages?

• A. Use long polling
• B. Set a custom visibility timeout
• C. Use short polling
• D. Implement exponential backoff

Show Answer

Q33: You are using AWS SAM to define a Lambda function and configure CodeDeploy to manage deployment patterns. With new Lambda function working as per expectation which of the following will shift traffic from original Lambda function to new Lambda function in the shortest time frame?

• A. Canary10Percent5Minutes
• B. Linear10PercentEvery10Minutes
• C. Canary10Percent15Minutes
• D. Linear10PercentEvery1Minute

Show Answer

Q34: You are using AWS SAM templates to deploy a serverless application. Which of the following resource will embed application from Amazon S3 buckets?

• A. AWS::Serverless::Api
• B. AWS::Serverless::Application
• C. AWS::Serverless::Layerversion
• D. AWS::Serverless::Function

Show Answer

Q35: You are using AWS Envelope Encryption for encrypting all sensitive data. Which of the followings is True with regards to Envelope Encryption?

• A. Data is encrypted be encrypting Data key which is further encrypted using encrypted Master Key.
• B. Data is encrypted by plaintext Data key which is further encrypted using encrypted Master Key.
• C. Data is encrypted by encrypted Data key which is further encrypted using plaintext Master Key.
• D. Data is encrypted by plaintext Data key which is further encrypted using plaintext Master Key.

Show Answer

Q36: You are developing an application that will be comprised of the following architecture –

1. A set of Ec2 instances to process the videos.
2. These (Ec2 instances) will be spun up by an autoscaling group.
3. SQS Queues to maintain the processing messages.
4. There will be 2 pricing tiers.

How will you ensure that the premium customers videos are given more preference?

• A. Create 2 Autoscaling Groups, one for normal and one for premium customers
• B. Create 2 set of Ec2 Instances, one for normal and one for premium customers
• C. Create 2 SQS queus, one for normal and one for premium customers
• D. Create 2 Elastic Load Balancers, one for normal and one for premium customers.

Show Answer

Q37: You are developing an application that will interact with a DynamoDB table. The table is going to take in a lot of read and write operations. Which of the following would be the ideal partition key for the DynamoDB table to ensure ideal performance?

• A. CustomerID
• B. CustomerName
• C. Location
• D. Age

Show Answer

Q38: A developer is making use of AWS services to develop an application. He has been asked to develop the application in a manner to compensate any network delays. Which of the following two mechanisms should he implement in the application?

• A. Multiple SQS queues
• B. Exponential backoff algorithm
• C. Retries in your application code
• D. Consider using the Java sdk.

Show Answer

Q39: An application is being developed that is going to write data to a DynamoDB table. You have to setup the read and write throughput for the table. Data is going to be read at the rate of 300 items every 30 seconds. Each item is of size 6KB. The reads can be eventual consistent reads. What should be the read capacity that needs to be set on the table?

• A. 10
• B. 20
• C. 6
• D. 30

Show Answer

Q40: You are in charge of deploying an application that will be hosted on an EC2 Instance and sit behind an Elastic Load balancer. You have been requested to monitor the incoming connections to the Elastic Load Balancer. Which of the below options can suffice this requirement?

• A. Use AWS CloudTrail with your load balancer
• B. Enable access logs on the load balancer
• C. Use a CloudWatch Logs Agent
• D. Create a custom metric CloudWatch lter on your load balancer

Show Answer

Q41: A static web site has been hosted on a bucket and is now being accessed by users. One of the web pages javascript section has been changed to access data which is hosted in another S3 bucket. Now that same web page is no longer loading in the browser. Which of the following can help alleviate the error?

• A. Enable versioning for the underlying S3 bucket.
• B. Enable Replication so that the objects get replicated to the other bucket
• C. Enable CORS for the bucket
• D. Change the Bucket policy for the bucket to allow access from the other bucket

Show Answer

Q42: Your mobile application includes a photo-sharing service that is expecting tens of thousands of users at launch. You will leverage Amazon Simple Storage Service (S3) for storage of the user Images, and you must decide how to authenticate and authorize your users for access to these images. You also need to manage the storage of these images. Which two of the following approaches should you use? Choose two answers from the options below

• A. Create an Amazon S3 bucket per user, and use your application to generate the S3 URL for the appropriate content.
• B. Use AWS Identity and Access Management (IAM) user accounts as your application-level user database, and offload the burden of authentication from your application code.
• C. Authenticate your users at the application level, and use AWS Security Token Service (STS)to grant token-based authorization to S3 objects.
• D. Authenticate your users at the application level, and send an SMS token message to the user. Create an Amazon S3 bucket with the same name as the SMS message token, and move the user’s objects to that bucket.

Show Answer

Q43: Your current log analysis application takes more than four hours to generate a report of the top 10 users of your web application. You have been asked to implement a system that can report this information in real time, ensure that the report is always up to date, and handle increases in the number of requests to your web application. Choose the option that is cost-effective and can fulfill the requirements.

• A. Publish your data to CloudWatch Logs, and congure your application to Autoscale to handle the load on demand.
• B. Publish your log data to an Amazon S3 bucket.  Use AWS CloudFormation to create an Auto Scaling group to scale your post-processing application which is congured to pull down your log les stored an Amazon S3
• C. Post your log data to an Amazon Kinesis data stream, and subscribe your log-processing application so that is congured to process your logging data.
• D. Create a multi-AZ Amazon RDS MySQL cluster, post the logging data to MySQL, and run a map reduce job to retrieve the required information on user counts.

Answer:

Show Answer

Q44: You’ve been instructed to develop a mobile application that will make use of AWS services. You need to decide on a data store to store the user sessions. Which of the following would be an ideal data store for session management?

• A. AWS Simple Storage Service
• B. AWS DynamoDB
• C. AWS RDS
• D. AWS Redshift

Answer:

Show Answer

Q45: Your application currently interacts with a DynamoDB table. Records are inserted into the table via the application. There is now a requirement to ensure that whenever items are updated in the DynamoDB primary table , another record is inserted into a secondary table. Which of the below feature should be used when developing such a solution?

• A. AWS DynamoDB Encryption
• B. AWS DynamoDB Streams
• C. AWS DynamoDB Accelerator
• D. AWSTable Accelerator

Show Answer

Q46: An application has been making use of AWS DynamoDB for its back-end data store. The size of the table has now grown to 20 GB , and the scans on the table are causing throttling errors. Which of the following should now be implemented to avoid such errors?

• A. Large Page size
• B. Reduced page size
• C. Parallel Scans
• D. Sequential scans

Show Answer

Q47: Which of the following is correct way of passing a stage variable to an HTTP URL ? (Select TWO.)

• A. http://example.com/${}/prod
• B. http://example.com/${stageVariables.}/prod
• C. http://${stageVariables.}.example.com/dev/operation
• D. http://${stageVariables}.example.com/dev/operation
• E. http://${}.example.com/dev/operation
• F. http://example.com/${stageVariables}/prod

Show Answer

Q48: Your company is planning on creating new development environments in AWS. They want to make use of their existing Chef recipes which they use for their on-premise configuration for servers in AWS. Which of the following service would be ideal to use in this regard?

• A. AWS Elastic Beanstalk
• B. AWS OpsWork
• C. AWS Cloudformation
• D. AWS SQS

Show Answer

Q49: Your company has developed a web application and is hosting it in an Amazon S3 bucket configured for static website hosting. The users can log in to this app using their Google/Facebook login accounts. The application is using the AWS SDK for JavaScript in the browser to access data stored in an Amazon DynamoDB table. How can you ensure that API keys for access to your data in DynamoDB are kept secure?

• A. Create an Amazon S3 role in IAM with access to the specific DynamoDB tables, and assign it to the bucket hosting your website
• B. Configure S3 bucket tags with your AWS access keys for your bucket hosing your website so that the application can query them for access.
• C. Configure a web identity federation role within IAM to enable access to the correct DynamoDB resources and retrieve temporary credentials
• D. Store AWS keys in global variables within your application and configure the application to use these credentials when making requests.

Show Answer

Q50: Your application currently makes use of AWS Cognito for managing user identities. You want to analyze the information that is stored in AWS Cognito for your application. Which of the following features of AWS Cognito should you use for this purpose?

• A. Cognito Data
• B. Cognito Events
• C. Cognito Streams
• D. Cognito Callbacks

Show Answer

Q51: You’ve developed a set of scripts using AWS Lambda. These scripts need to access EC2 Instances in a VPC. Which of the following needs to be done to ensure that the AWS Lambda function can access the resources in the VPC. Choose 2 answers from the options given below

• A. Ensure that the subnet ID’s are mentioned when configuring the Lambda function
• B. Ensure that the NACL ID’s are mentioned when configuring the Lambda function
• C. Ensure that the Security Group ID’s are mentioned when configuring the Lambda function
• D. Ensure that the VPC Flow Log ID’s are mentioned when configuring the Lambda function

Show Answer

Q52: You’ve currently been tasked to migrate an existing on-premise environment into Elastic Beanstalk. The application does not make use of Docker containers. You also can’t see any relevant environments in the beanstalk service that would be suitable to host your application. What should you consider doing in this case?

• A. Migrate your application to using Docker containers and then migrate the app to the Elastic Beanstalk environment.
• B. Consider using Cloudformation to deploy your environment to Elastic Beanstalk
• C. Consider using Packer to create a custom platform
• D. Consider deploying your application using the Elastic Container Service

Show Answer

Q53: Company B is writing 10 items to the Dynamo DB table every second. Each item is 15.5Kb in size. What would be the required provisioned write throughput for best performance? Choose the correct answer from the options below.

• A. 10
• B. 160
• C. 155
• D. 16

Show Answer

Top

Q54: Which AWS Service can be used to automatically install your application code onto EC2, on premises systems and Lambda?

• A. CodeCommit
• B. X-Ray
• C. CodeBuild
• D. CodeDeploy

Show Answer

Q55: Which AWS service can be used to compile source code, run tests and package code?

• A. CodePipeline
• B. CodeCommit
• C. CodeBuild
• D. CodeDeploy

Show Answer

Q56: How can your prevent CloudFormation from deleting your entire stack on failure? (Choose 2)

• A. Set the Rollback on failure radio button to No in the CloudFormation console
• B. Set Termination Protection to Enabled in the CloudFormation console
• C. Use the –disable-rollback flag with the AWS CLI
• D. Use the –enable-termination-protection protection flag with the AWS CLI

Top

Q57: Which of the following practices allows multiple developers working on the same application to merge code changes frequently, without impacting each other and enables the identification of bugs early on in the release process?

• A. Continuous Integration
• B. Continuous Deployment
• C. Continuous Delivery
• D. Continuous Development

Top

Q58: When deploying application code to EC2, the AppSpec file can be written in which language?

• A. JSON
• B. JSON or YAML
• C. XML
• D. YAML

Top

Q59: Part of your CloudFormation deployment fails due to a mis-configuration, by defaukt what will happen?

• A. CloudFormation will rollback only the failed components
• B. CloudFormation will rollback the entire stack
• C. Failed component will remain available for debugging purposes
• D. CloudFormation will ask you if you want to continue with the deployment

Top

Q60: You want to receive an email whenever a user pushes code to CodeCommit repository, how can you configure this?

• A. Create a new SNS topic and configure it to poll for CodeCommit eveents. Ask all users to subscribe to the topic to receive notifications
• B. Configure a CloudWatch Events rule to send a message to SES which will trigger an email to be sent whenever a user pushes code to the repository.
• C. Configure Notifications in the console, this will create a CloudWatch events rule to send a notification to a SNS topic which will trigger an email to be sent to the user.
• D. Configure a CloudWatch Events rule to send a message to SQS which will trigger an email to be sent whenever a user pushes code to the repository.

Top

Q61: Which AWS service can be used to centrally store and version control your application source code, binaries and libraries

• A. CodeCommit
• B. CodeBuild
• C. CodePipeline
• D. ElasticFileSystem

Top

Q62: You are using CloudFormation to create a new S3 bucket,
which of the following sections would you use to define the properties of your bucket?

• A. Conditions
• B. Parameters
• C. Outputs
• D. Resources

Top

Q63: You are deploying a number of EC2 and RDS instances using CloudFormation. Which section of the CloudFormation template
would you use to define these?

• A. Transforms
• B. Outputs
• C. Resources
• D. Instances

Top

Q64: Which AWS service can be used to fully automate your entire release process?

• A. CodeDeploy
• B. CodePipeline
• C. CodeCommit
• D. CodeBuild

Top

Q65: You want to use the output of your CloudFormation stack as input to another CloudFormation stack. Which sections of the CloudFormation template would you use to help you configure this?

• A. Outputs
• B. Transforms
• C. Resources
• D. Exports

Show Answer

Q66: You have some code located in an S3 bucket that you want to reference in your CloudFormation template. Which section of the template can you use to define this?

• A. Inputs
• B. Resources
• C. Transforms
• D. Files

Top

Q67: You are deploying an application to a number of Ec2 instances using CodeDeploy. What is the name of the file
used to specify source files and lifecycle hooks?

• A. buildspec.yml
• B. appspec.json
• C. appspec.yml
• D. buildspec.json

Top

Q68: Which of the following approaches allows you to re-use pieces of CloudFormation code in multiple templates, for common use cases like provisioning a load balancer or web server?

• A. Share the code using an EBS volume
• B. Copy and paste the code into the template each time you need to use it
• C. Use a cloudformation nested stack
• D. Store the code you want to re-use in an AMI and reference the AMI from within your CloudFormation template.

Top

Q69: In the CodeDeploy AppSpec file, what are hooks used for?

• A. To reference AWS resources that will be used during the deployment
• B. Hooks are reserved for future use
• C. To specify files you want to copy during the deployment.
• D. To specify, scripts or function that you want to run at set points in the deployment lifecycle

Top

Q70: Which command can you use to encrypt a plain text file using CMK?

• A. aws kms-encrypt
• B. aws iam encrypt
• C. aws kms encrypt
• D. aws encrypt

Top

Q72: Which of the following is an encrypted key used by KMS to encrypt your data

• A. Custmoer Mamaged Key
• B. Encryption Key
• C. Envelope Key
• D. Customer Master Key

Top

Q73: Which of the following statements are correct? (Choose 2)

• A. The Customer Master Key is used to encrypt and decrypt the Envelope Key or Data Key
• B. The Envelope Key or Data Key is used to encrypt and decrypt plain text files.
• C. The envelope Key or Data Key is used to encrypt and decrypt the Customer Master Key.
• D. The Customer MasterKey is used to encrypt and decrypt plain text files.

Top

Q74: Which of the following statements is correct in relation to kMS/ (Choose 2)

• A. KMS Encryption keys are regional
• B. You cannot export your customer master key
• C. You can export your customer master key.
• D. KMS encryption Keys are global

Top

AWS Certified Developer Associate exam: Whitepapers

AWS has provided whitepapers to help you understand the technical concepts. Below are the recommended whitepapers for the AWS Certified Developer – Associate Exam.

• Overview of Amazon Web Services
• Architecting for the Cloud: AWS Best Practices
• AWS Security Best Practices whitepaper, August 2016
• AWS Well-Architected Framework whitepaper, November 2017 Version 1.3 DVA-C01 Page |2
• Architecting for the Cloud AWS Best Practices whitepaper, February, 2016
• Practicing Continuous Integration and Continuous Delivery on AWS Accelerating Software Delivery with DevOps whitepaper, June 2017
• Microservices on AWS whitepaper, September 2017
• Serverless Architectures with AWS Lambda whitepaper, November 2017
• Optimizing Enterprise Economics with Serverless Architectures whitepaper, October 2017
• Running Containerized Microservices on AWS whitepaper, November 2017
• Blue/Green Deployments on AWS whitepaper, August 2016

Top

Online Training and Labs for AWS Certified Developer Associates Exam

• A Cloud Guru
• Linux Academy
• Udemy

Top

• AWS Certified Cloud Practitioner
• AWS Certified Solutions Architect – Associate
• AAWS Certified Developer – Associate
• AWS Certified SysOps Administrator – Associate
• AWS Certified Solutions Architect – Professional
• AWS Certified DevOps Engineer – Professional
• AWS Certified Big Data Specialty
• AWS Certified Advanced Networking.
• AWS Certified Security – Specialty

Top