Free Amazon AWS-DEA-C01 Exam Questions

Question 1

A company stores its processed data in an S3 bucket. The company has a strict data access policy. Thecompany uses IAM roles to grant teams within the company different levels of access to the S3 bucket.The company wants to receive notifications when a user violates the data access policy. Each notificationmust include the username of the user who violated the policy.Which solution will meet these requirements?

A : Use AWS Config rules to detect violations of the data access policy. Set up compliance alarms.

B : Use Amazon CloudWatch metrics to gather object-level metrics. Set up CloudWatch alarms.

C : Use AWS CloudTrail to track object-level events for the S3 bucket. Forward events to Amazon CloudWatch to set up CloudWatch alarms.

D : Use Amazon S3 server access logs to monitor access to the bucket. Forward the access logs to an Amazon CloudWatch log group. Use metric filters on the log group to set up CloudWatch alarms.

Answer: C

Question 2

A company wants to migrate an application and an on-premises Apache Kafka server to AWS. Theapplication processes incremental updates that an on-premises Oracle database sends to the Kafka server. Thecompany wants to use the replatform migration strategy instead of the refactor strategy.Which solution will meet these requirements with the LEAST management overhead?

A : Amazon Kinesis Data Streams

B : Amazon Managed Streaming for Apache Kafka (Amazon MSK) provisioned cluster

C : Amazon Data Firehose

D : Amazon Managed Streaming for Apache Kafka (Amazon MSK) Serverless

Answer: D

Question 3

A retail company's Data Engineering Team is tasked with refining their Amazon Redshift cluster to facilitate analysis in a separate testing environment, utilizing the primary cluster's data. The new testing process will engage the secondary cluster for a duration of 3 hours biweekly. The team is evaluating the most cost-effective solution to meet this requirement.

Which method would be the most economical for the company to implement?

A : Export data biweekly from the primary Redshift cluster to Amazon S3. Access this data from the Redshift test cluster via Amazon Redshift Spectrum.

B : Establish a data share between the primary Redshift cluster and the test Redshift cluster, utilizing Amazon Redshift Serverless for the latter.

C : Generate a manual snapshot of the primary Redshift cluster every two weeks and restore this to the test cluster, which should mirror the main cluster's node configuration.

D : Program an operation to transfer data from the primary Redshift cluster to Amazon S3 every two weeks, followed by configuring an AWS Glue job to import the data into the Redshift test cluster.

Answer: B

Question 4

A company has as JSON file that contains personally identifiable information (PIT) data and non-PII data. The company needs to make the data available for querying and analysis. The non-PII data must be available to everyone in the company. The PII data must be available only to a limited group of employees. Which solution will meet these requirements with the LEAST operational overhead?

A : Store the JSON file in an Amazon S3 bucket. Configure AWS Glue to split the file into one file that contains the PII data and one file that contains the non-PII data. Store the output files in separate S3 buckets. Grant the required access to the buckets based on the type of user.

B : Store the JSON file in an Amazon S3 bucket. Use Amazon Macie to identify PII data and to grant access based on the type of user.

C : Store the JSON file in an Amazon S3 bucket. Catalog the file schema in AWS Lake Formation. Use Lake Formation permissions to provide access to the required data based on the type of user.

D : Create two Amazon RDS PostgreSQL databases. Load the PII data and the non-PII data into the separate databases. Grant access to the databases based on the type of user.