Free Amazon DVA-C02 Exam Questions

Question 1

A developer is working on a web application that requires selective activation of features . Features mustremain hidden from end users until they are ready for release.Which solution will meet these requirements?

A : Create a feature flag configuration profile in AWS AppSync.

B : Store prerelease data in DynamoDB and toggle visibility by using DynamoDB Streams.

C : Create a feature flag configuration profile in AWS AppConfig . Activate and deactivate feature flags asneeded.

D : Store prerelease data in AWS Amplify DataStore and toggle visibility through synchronization.

Answer: C

Question 2

A company operates a web-based loan processing application. The application ' s UI is implemented inJavaScript. The frontend transmits application data securely by using HTTPS to Amazon API Gateway, whichinvokes an AWS Lambda function in private subnets. The Lambda function interacts with third-party creditcheck APIs that require persistent API keys. The company enforces strict policies to ensure that personallyidentifiable information (PII) and sensitive credentials are never exposed in client code, request paths,headers, or logs. The company needs a solution to manage the API keys that the Lambda function must use.Which solution will meet this requirement in the MOST secure way?

A : Store the API keys as encrypted environment variables by using an AWS KMS key. Configure theexecution role of the Lambda function to have permissions to securely decrypt the environmentvariables at runtime.

B : Pass the API keys to the Lambda function by including the keys as URL query parameters in eachHTTPS request. Rely on TLS for encryption of the payload and response. Use API Gateway loggingcontrols to manage what query parameters are logged.

C : Bundle the API keys inside the minified client-side JavaScript. Configure the web application to callthe Lambda function by using an API Gateway HTTP API, cross-origin resource sharing (CORS)restrictions, domain allowlists, and frequent rotation.

D : Store the API keys as resource metadata tags on the Lambda function. Configure the Lambda functionto read its own tags at startup by using the AWS SDK. Use IAM conditions to control access to thekeys when the function retrieves the tags.

Answer: A

Question 3

A developer needs to give a new application the ability to retrieve configuration data. The application must be able to retrieve new configuration data values without the need to redeploy the application code. If the application becomes unhealthy because of a bad configuration change, the developer must be able to automatically revert the configuration change to the previous value.

A : Use AWS Secrets Manager to manage and store the configuration data. Integrate Secrets Manager with a custom AWS Config rule that has remediation actions to track changes in the application and to roll back any bad configuration changes.

B : Use AWS Secrets Manager to manage and store the configuration data. Integrate Secrets Manager with a custom AWS Config rule. Attach a custom AWS Systems Manager document to the rule that automatically rolls back any bad configuration changes.

C : Use AWS AppConfig to manage and store the configuration data. Integrate AWS AppConfig with Amazon CloudWatch to monitor changes to the application. Set up an alarm to automatically roll back any bad configuration changes.

D : Use AWS AppConfig to manage and store the configuration data. Integrate AWS AppConfig with Amazon CloudWatch to monitor changes to the application. Set up CloudWatch Application Signals to roll back any bad configuration changes.

Answer: D

Question 4

When using the AWS Encryption SDK how does the developer keep track of the data encryption keys used to encrypt data?

A : The developer must manually keep track of the data encryption keys used for each data object.

B : The SDK encrypts the data encryption key and stores it (encrypted) as part of the returned ciphertext.

C : The SDK stores the data encryption keys automatically in Amazon S3.

D : The data encryption key is stored in the Userdata for the EC2 instance.

Answer: B

Question 5

A company has an analytics application that uses an AWS Lambda function to process transaction dataasynchronously A developer notices that asynchronous invocations of the Lambda function sometimes failWhen failed Lambda function invocations occur, the developer wants to invoke a second Lambda function tohandle errors and log details.Which solution will meet these requirements?

A : Configure a Lambda function destination with a failure condition Specify Lambda function as thedestination type Specify the error-handling Lambda function ' s Amazon Resource Name (ARN) as theresource

B : Enable AWS X-Ray active tracing on the initial Lambda function. Configure X-Ray to capture stacktraces of the failed invocations. Invoke the error-handling Lambda function by including the stacktraces in the event object.

C : Configure a Lambda function trigger with a failure condition Specify Lambda function as thedestination type Specify the error-handling Lambda function ' s Amazon Resource Name (ARN) as theresource

D : Create a status check alarm on the initial Lambda function. Configure the alarm to invoke the errorhandling Lambda function when the alarm is initiated. Ensure that the alarm passes the stack trace inthe event object.

Answer: A