CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS Certified Developer - Associate DVA-C02

Free AWS Certified Developer - Associate DVA-C02 Exam Braindumps (page: 15)

Page 15 of 116
PDF with 458 Questions

A company needs to harden its container images before the images are in a running state. The company's application uses Amazon Elastic Container Registry (Amazon ECR)
as an image registry. Amazon Elastic Kubernetes Service (Amazon EKS) for compute,
and an AWS CodePipeline pipeline that orchestrates a continuous integration and continuous delivery (CI/CD)
workflow.
Dynamic application security testing occurs in the final stage of the pipeline after a new image is deployed to a development namespace in the EKS cluster. A developer needs to place an analysis stage before this deployment to analyze the container image earlier in the CI/CD pipeline.
Which solution will meet these requirements with the MOST operational efficiency?

  1. Build the container image and run the docker scan command locally. Mitigate any findings before pushing changes to the source code repository. Write a pre-commit hook that enforces the use of this workflow before commit.
  2. Create a new CodePipeline stage that occurs after the container image is built. Configure ECR basic image scanning to scan on image push. Use an AWS
    Lambda function as the action provider. Configure the Lambda function to check the scan results and to fail the pipeline if there are findings.
  3. Create a new CodePipeline stage that occurs after source code has been retrieved from its repository. Run a security scanner on the latest revision of the source code. Fail the pipeline if there are findings.
  4. Add an action to the deployment stage of the pipeline so that the action occurs before the deployment to the EKS cluster. Configure ECR basic image scanning to scan on image push. Use an AWS Lambda function as the action provider. Configure the Lambda function to check the scan results and to fail the pipeline if there are findings.

Answer(s): B



A developer is testing a new file storage application that uses an Amazon CloudFront distribution to serve content from an Amazon S3 bucket. The distribution accesses the S3 bucket by using an origin access identity (OAI). The S3 bucket's permissions explicitly deny access to all other users.
The application prompts users to authenticate on a login page and then uses signed cookies to allow users to access their personal storage directories. The developer has configured the distribution to use its default cache behavior with restricted viewer access and has set the origin to point to the S3 bucket. However, when the developer tries to navigate to the login page, the developer receives a 403 Forbidden error.
The developer needs to implement a solution to allow unauthenticated access to the login page. The solution also must keep all private content secure.
Which solution will meet these requirements?

  1. Add a second cache behavior to the distribution with the same origin as the default cache behavior. Set the path pattern for the second cache behavior to the path of the login page, and make viewer access unrestricted. Keep the default cache behavior's settings unchanged.
  2. Add a second cache behavior to the distribution with the same origin as the default cache behavior. Set the path pattern for the second cache behavior to *, and make viewer access restricted. Change the default cache behavior's path pattern to the path of the login page, and make viewer access unrestricted.
  3. Add a second origin as a failover origin to the default cache behavior.
    Point the failover origin to the S3 bucket. Set the path pattern for the primary origin to *, and make viewer access restricted. Set the path pattern for the failover origin to the path of the login page, and make viewer access unrestricted.
  4. Add a bucket policy to the S3 bucket to allow read access. Set the resource on the policy to the Amazon Resource Name (ARN) of the login page object in the S3 bucket. Add a CloudFront function to the default cache behavior to redirect unauthorized requests to the login page's S3 URL.

Answer(s): A



A developer is using AWS Amplify Hosting to build and deploy an application. The developer is receiving an increased number of bug reports from users. The developer wants to add end-to-end testing to the application to eliminate as many bugs as possible before the bugs reach production.
Which solution should the developer implement to meet these requirements?

  1. Run the amplify add test command in the Amplify CLI.
  2. Create unit tests in the application. Deploy the unit tests by using the amplify push command in the Amplify CLI.
  3. Add a test phase to the amplify.yml build settings for the application.
  4. Add a test phase to the aws-exports.js file for the application.

Answer(s): C



An ecommerce company is using an AWS Lambda function behind Amazon API Gateway as its application tier. To process orders during checkout, the application calls a
POST API from the frontend. The POST API invokes the Lambda function asynchronously.
In rare situations, the application has not processed orders. The Lambda application logs show no errors or failures.
What should a developer do to solve this problem?

  1. Inspect the frontend logs for API failures. Call the POST API manually by using the requests from the log file.
  2. Create and inspect the Lambda dead-letter queue. Troubleshoot the failed functions. Reprocess the events.
  3. Inspect the Lambda logs in Amazon CloudWatch for possible errors. Fix the errors.
  4. Make sure that caching is disabled for the POST API in API Gateway.

Answer(s): B



Page 15 of 116



Post your Comments and Discuss Amazon AWS Certified Developer - Associate DVA-C02 exam with other Community members:

Ernesto commented on August 26, 2024
Prepared and passed this exam. Valid question and very tough exam. So good luck.
Spain
upvote