Free Amazon DVA-C02 Exam Questions

Question 1

A developer is troubleshooting an application mat uses Amazon DynamoDB in the uswest-2 Region. Theapplication is deployed to an Amazon EC2 instance. The application requires read-only permissions to a tablethat is named Cars The EC2 instance has an attached IAM role that contains the following IAM policy.When the application tries to read from the Cars table, an Access Denied error occurs.How can the developer resolve this error?

A : Modify the IAM policy resource to be " arn aws dynamo* us-west-2 account-id table/* "

B : Modify the IAM policy to include the dynamodb * action

C : Create a trust policy that specifies the EC2 service principal. Associate the role with the policy.

D : Create a trust relationship between the role and dynamodb Amazonas com.

Answer: C

Question 2

A developer is deploying an application on Amazon EC2 instances that run in Account A. The applicationneeds to read data from an existing Amazon Kinesis data stream in Account B.Which actions should the developer take to provide the application with access to the stream? (Select TWO.)

A : Update the instance profile role in Account A with stream read permissions.

B : Create an IAM role with stream read permissions in Account B.

C : Add a trust policy to the instance profile role and IAM role in Account B to allow the instance profilerole to assume the IAM role.

D : Add a trust policy to the instance profile role and IAM role in Account B to allow reads from the stream.

E : Add a resource-based policy in Account B to allow read access from the instance profile role.

Answer: B,C

Question 3

A company stores data in an Amazon S3 bucket that is updated multiple times each day. S3 Versioning isenabled, and multiple versions of objects accumulate.The company needs the bucket to retain only the current version and the immediately previous version ofeach object.Which solution will meet these requirements?

A : Configure an S3 bucket policy to retain one newer noncurrent version.

B : Configure an S3 Lifecycle rule to retain one newer noncurrent version.

C : Enable S3 Object Lock with a retention policy.

D : Suspend S3 Versioning and modify application logic.

Answer: B

Question 4

An application stores user data in Amazon S3 buckets in multiple AWS Regions. A developer needs toimplement a solution that analyzes the user data in the S3 buckets to find sensitive information. The analysisfindings from all the S3 buckets must be available in the eu-west-2 Region.Which solution will meet these requirements with the LEAST development effort?

A : Create an AWS Lambda function to generate findings. Program the Lambda function to send thefindings to another S3 bucket in eu-west-2.

B : Configure Amazon Made to generate findings. Use Amazon EventBridge to create rules that copy thefindings to eu-west-2.

C : Configure Amazon Inspector to generate findings. Use Amazon EventBridge to create rules that copythe findings to eu-west-2.

D : Configure Amazon Macie to generate findings and to publish the findings to AWS CloudTrail. Use aCloudTrail trail to copy the results to eu-west-2.

Answer: B

Question 5

A company has an analytics application that uses an AWS Lambda function to process transaction data asynchronously. A developer notices that asynchronous invocations of the Lambda function sometimes fail. When failed Lambda function invocations occur, the developer wants to invoke a second Lambda function to handle errors and log details.

Which solution will meet these requirements?

A : Configure a Lambda function destination with a failure condition. Specify Lambda function as the destination type. Specify the error-handling Lambda function's Amazon Resource Name (ARN) as the resource.

B : Enable AWS X-Ray active tracing on the initial Lambda function. Configure X-Ray to capture stack traces of the failed invocations. Invoke the error-handling Lambda function by including the stack traces in the event object.

C : Configure a Lambda function trigger with a failure condition. Specify Lambda function as the destination type. Specify the error-handling Lambda function's Amazon Resource Name (ARN) as the resource.

D : Create a status check alarm on the initial Lambda function. Configure the alarm to invoke the error-handling Lambda function when the alarm is initiated. Ensure that the alarm passes the stack trace in the event object.

Answer: D