Free AWS Certified Developer - Associate DVA-C02 Exam Braindumps (page: 63)

Page 63 of 116

A developer needs to use Amazon DynamoDB to store customer orders. The developer’s company requires all customer data to be encrypted at rest with a key that the company generates.
What should the developer do to meet these requirements?

  1. Create the DynamoDB table with encryption set to None. Code the application to use the key to decrypt the data when the application reads from the table. Code the application to use the key to encrypt the data when the application writes to the table.
  2. Store the key by using AWS Key Management Service (AWS KMS). Choose an AWS
    KMS customer managed key during creation of the DynamoDB table. Provide the
    Amazon Resource Name (ARN) of the AWS KMS key.
  3. Store the key by using AWS Key Management Service (AWS KMS). Create the
    DynamoDB table with default encryption. Include the kms:Encrypt parameter with the Amazon Resource Name (ARN) of the AWS KMS key when using the
    DynamoDB software development kit (SDK).
  4. Store the key by using AWS Key Management Service (AWS KMS). Choose an AWS
    KMS AWS managed key during creation of the DynamoDB table. Provide the
    Amazon Resource Name (ARN) of the AWS KMS key.

Answer(s): B



A company uses AWS CloudFormation to deploy an application that uses an Amazon API
Gateway REST API with AWS Lambda function integration. The application uses Amazon
DynamoDB for data persistence. The application has three stages: development,
testing, and production. Each stage uses its own DynamoDB
table.
The company has encountered unexpected issues when promoting changes to the production stage. The changes were successful in the development and testing stages. A developer needs to route 20% of the traffic to the new production stage API with the next production release. The developer needs to route the remaining 80% of the traffic to the existing production stage. The solution must minimize the number of errors that any single customer experiences.
Which approach should the developer take to meet these requirements?

  1. Update 20% of the planned changes to the production stage. Deploy the new production stage. Monitor the results. Repeat this process five times to test all planned changes.
  2. Update the Amazon Route 53 DNS record entry for the production stage API to use a weighted routing policy. Set the weight to a value of 80. Add a second record for the production domain name. Change the second routing policy to a weighted routing policy. Set the weight of the second policy to a value of
    20. Change the alias of the second policy to use the testing stage API.
  3. Deploy an Application Load Balancer (ALB) in front of the REST API. Change the production API Amazon Route 53 record to point traffic to the ALB.
    Register the production and testing stages as targets of the ALB with weights of 80% and 20%, respectively.
  4. Configure canary settings for the production stage API. Change the percentage of traffic directed to canary deployment to 20%. Make the planned updates to the production stage. Deploy the changes

Answer(s): D



A developer has created a data collection application that uses Amazon API Gateway,
AWS Lambda, and Amazon S3. The application’s users periodically upload data files and wait for the validation status to be reflected on a processing dashboard. The validation process is complex and time-consuming for large files.
Some users are uploading dozens of large files and have to wait and refresh the processing dashboard to see if the files have been validated. The developer must refactor the application to immediately update the validation result on the user’s dashboard without reloading the full dashboard.
What is the MOST operationally efficient solution that meets these requirements?

  1. Integrate the client with an API Gateway WebSocket API. Save the user-uploaded files with the WebSocket connection ID. Push the validation status to the connection ID when the processing is complete to initiate an update of the user interface.
  2. Launch an Amazon EC2 micro instance, and set up a WebSocket server. Send the user-uploaded file and user detail to the EC2 instance after the user uploads the file. Use the WebSocket server to send updates to the user interface when the uploaded file is processed.
  3. Save the user’s email address along with the user-uploaded file.
    When the validation process is complete, send an email notification through Amazon
    Simple Notification Service (Amazon SNS) to the user who uploaded the file.
  4. Save the user-uploaded file and user detail to Amazon DynamoDB. Use Amazon
    DynamoDB Streams with Amazon Simple Notification Service (Amazon SNS) push notifications to send updates to the browser to update the user interface.

Answer(s): A



A company’s developer is creating an application that uses Amazon API Gateway. The company wants to ensure that only users in the Sales department can use the application. The users authenticate to the application by using federated credentials from a third-party identity provider (IdP) through Amazon Cognito. The developer has set up an attribute mapping to map an attribute that is named
Department and to pass the attribute to a custom AWS Lambda authorizer.
To test the access limitation, the developer sets their department to Engineering in the IdP and attempts to log in to the application. The developer is denied access. The developer then updates their department to Sales in the IdP and attempts to log in. Again, the developer is denied access. The developer checks the logs and discovers that access is being denied because the developer’s access token has a department value of Engineering.
Which of the following is a possible reason that the developer’s department is still being reported as Engineering instead of Sales?

  1. Authorization caching is enabled in the custom Lambda authorizer.
  2. Authorization caching is enabled on the Amazon Cognito user pool.
  3. The IAM role for the custom Lambda authorizer does not have a Department tag.
  4. The IAM role for the Amazon Cognito user pool does not have a Department tag.

Answer(s): A



Page 63 of 116



Post your Comments and Discuss Amazon AWS Certified Developer - Associate DVA-C02 exam with other Community members:

Ernesto commented on August 26, 2024
Prepared and passed this exam. Valid question and very tough exam. So good luck.
Spain
upvote