Free Amazon DVA-C02 Exam Questions

Question 1

An application must be refactored for the cloud. The application data is stored in an Amazon DynamoDB table and is processed by a Lambda function which prepares the data for analytics. The data processing currently takes place once a day, but the data analysts require it to be performed in near-real time.

Which architecture pattern could be used to enable the data to be processed as it is received?

A : a microservices architecture.

B : a fan-out architecture.

C : an event-driven architecture.

D : a scheduled architecture.

Answer: C

Question 2

A developer is building a new application that will be deployed on AWS. The developer has created an AWS CodeCommit repository for the application. The developer has initialized a new project for the application by invoking the AWS Cloud Development Kit (AWS CDK) cdk init command.

The developer must write unit tests for the infrastructure as code (IaC) templates that the AWS CDK generates. The developer also must run a validation tool across all constructs in the CDK application to ensure that critical security configurations are activated.

Which combination of actions will meet these requirements with the LEAST development overhead? (Choose two.)

A : Use a unit testing framework to write custom unit tests against the cdk.out file that the AWS CDK generates. Run the unit tests in a continuous integration and continuous delivery (CI/CD) pipeline that is invoked after any commit to the repository.

B : Use the CDK assertions module to integrate unit tests with the application. Run the unit tests in a continuous integration and continuous delivery (CI/CD) pipeline that is invoked after any commit to the repository.

C : Use the CDK runtime context to set key-value pairs that must be present in the cdk.out file that the AWS CDK generates. Fail the stack synthesis if any violations are present.

D : Write a script that searches the application for specific key configuration strings. Configure the script to produce a report of any security violations.

E : se the CDK Aspects class to create custom rules to apply to the CDK application. Fall the stack synthesis if any violations are present.

Answer: B,E

Question 3

A developer needs to give a new application the ability to retrieve configuration data. The application must be able to retrieve new configuration data values without the need to redeploy the application code. If the application becomes unhealthy because of a bad configuration change, the developer must be able to automatically revert the configuration change to the previous value.

A : Use AWS Secrets Manager to manage and store the configuration data. Integrate Secrets Manager with a custom AWS Config rule that has remediation actions to track changes in the application and to roll back any bad configuration changes.

B : Use AWS Secrets Manager to manage and store the configuration data. Integrate Secrets Manager with a custom AWS Config rule. Attach a custom AWS Systems Manager document to the rule that automatically rolls back any bad configuration changes.

C : Use AWS AppConfig to manage and store the configuration data. Integrate AWS AppConfig with Amazon CloudWatch to monitor changes to the application. Set up an alarm to automatically roll back any bad configuration changes.

D : Use AWS AppConfig to manage and store the configuration data. Integrate AWS AppConfig with Amazon CloudWatch to monitor changes to the application. Set up CloudWatch Application Signals to roll back any bad configuration changes.

Answer: D

Question 4

An application running on Amazon EC2 generates a large number of small files (1KB each) containing personally identifiable information that must be converted to ciphertext. The data will be stored on a proprietary network-attached file system. What is the SAFEST way to encrypt the data using AWS KMS?

A : eate a data encryption key from a customer master key and encrypt the data with the customer master key

B : crypt the data directly with an AWS managed customer master key

C : crypt the data directly with a customer managed customer master key

D : eate a data encryption key from a customer master key and encrypt the data with the data encryption key

Answer: C

Question 5

A company recently deployed an AWS Lambda function. A developer notices an increase in the function throttle metrics in Amazon CloudWatch.

What are the MOST operationally efficient solutions to reduce the function throttling? (Choose two.)

A : Migrate the function to Amazon Elastic Kubernetes Service (Amazon EKS).

B : Increase the maximum age of events in Lambda.

C : Increase the function’s reserved concurrency.

D : Add the lambda:GetFunctionConcurrency action to the execution role.

E : Request a service quota change for increased concurrency.

Answer: C,E