CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS Certified Developer - Associate DVA-C02

Free AWS Certified Developer - Associate DVA-C02 Exam Braindumps (page: 42)

Page 42 of 116
PDF with 458 Questions

An application that runs on AWS Lambda requires access to specific highly confidential objects in an Amazon S3 bucket. In accordance with the principle of least privilege, a company grants access to the S3 bucket by using only temporary credentials.
How can a developer configure access to the S3 bucket in the MOST secure way?

  1. Hardcode the credentials that are required to access the S3 objects in the application code. Use the credentials to access the required S3 objects.
  2. Create a secret access key and access key ID with permission to access the
    S3 bucket. Store the key and key ID in AWS Secrets Manager. Configure the application to retrieve the Secrets Manager secret and use the credentials to access the S3 objects.
  3. Create a Lambda function execution role. Attach a policy to the role that grants access to specific objects in the S3 bucket.
  4. Create a secret access key and access key ID with permission to access the
    S3 bucket. Store the key and key ID as environment variables in Lambda. Use the environment variables to access the required S3 objects.

Answer(s): C



A developer has code that is stored in an Amazon S3 bucket. The code must be deployed as an AWS Lambda function across multiple accounts in the same AWS Region as the S3 bucket. An AWS CloudFormation template that runs for each account will deploy the Lambda function.
What is the MOST secure way to allow CloudFormation to access the Lambda code in the S3 bucket?

  1. Grant the CloudFormation service role the S3 ListBucket and GetObject permissions. Add a bucket policy to Amazon S3 with the principal of “AWS”:
    [account numbers].
  2. Grant the CloudFormation service role the S3 GetObject permission. Add a bucket policy to Amazon S3 with the principal of “*”.
  3. Use a service-based link to grant the Lambda function the S3 ListBucket and
    GetObject permissions by explicitly adding the S3 bucket’s account number in the resource.
  4. Use a service-based link to grant the Lambda function the S3 GetObject permission. Add a resource of “*” to allow access to the S3 bucket.

Answer(s): A



A developer at a company needs to create a small application that makes the same API
call once each day at a designated time. The company does not have infrastructure in the AWS Cloud yet, but the company wants to implement this functionality on
AWS.
Which solution meets these requirements in the MOST operationally efficient manner?

  1. Use a Kubernetes cron job that runs on Amazon Elastic Kubernetes Service
    (Amazon EKS).
  2. Use an Amazon Linux crontab scheduled job that runs on Amazon EC2.
  3. Use an AWS Lambda function that is invoked by an Amazon EventBridge scheduled event.
  4. Use an AWS Batch job that is submitted to an AWS Batch job queue.

Answer(s): C



A developer is building a serverless application that is based on AWS Lambda. The developer initializes the AWS software development kit (SDK) outside of the Lambda handler function.
What is the PRIMARY benefit of this action?

  1. Improves legibility and stylistic convention
  2. Takes advantage of runtime environment reuse
  3. Provides better error handling
  4. Creates a new SDK instance for each invocation

Answer(s): B



Page 42 of 116



Post your Comments and Discuss Amazon AWS Certified Developer - Associate DVA-C02 exam with other Community members:

Ernesto commented on August 26, 2024
Prepared and passed this exam. Valid question and very tough exam. So good luck.
Spain
upvote