Free Amazon DVA-C02 Exam Questions

Question 1

A company needs to package and deploy an application that uses AWS Lambda to compress and decompress video clips. The application uses a video codec library that is larger than 250 MB. The application uses the library to compress the videos before storage and to decompress the videos upon retrieval.

A : Create one Lambda function. Upload one zip file that contains code to handle video compression and decompression to the function. Include the codec library in the zip file

B : Create two Lambda functions. Upload one zip file that contains code to handle video compression to one function. Upload a second zip file that contains code for video decompression to the second function. Include the codec library in both zip files.

C : Create two Lambda functions. Upload one zip file that contains code to handle video compression to one function. Upload a second zip file that contains code for video decompression to the second function. Create one Lambda layer for the codec library. Add the layer to both functions.

D : Create two Lambda functions. Build one container image that contains code to handle video compression and a second image that contains video decompression code. Add the codec library to both images. Upload the images to Amazon ECR. Use the containers to create the Lambda functions.

Answer: D

Question 2

A Developer is deploying an Amazon EC2 update using AWS CodeDeploy. In the appspec.yml file, which of the following is a valid structure for the order of hooks that should be specified?

A : foreInstall > AfterInstall > AfterAllowTestTraffic > BeforeAllowTraffic > AfterAllowTraffic

B : foreInstall > AfterInstall > ApplicationStart > ValidateService

C : foreBlockTraffic > AfterBlockTraffic > BeforeAllowTraffic > AfterAllowTraffic

D : foreAllowTraffic > AfterAllowTraffic

Answer: B

Question 3

A company runs multiple microservices that each use their own Amazon DynamoDB table. The “customers” microservice needs data that originates in the “orders” microservice.

What approach represents the SIMPLEST method for the “customers” table to get near real-time updates from the “orders” table?

A : Enable DynamoDB streams for the “customers” table, trigger an AWS Lambda function to read records from the stream and write them to the “orders” table

B : able Amazon DynamoDB streams on the “orders” table, configure the “customers” microservice to read records from the stream

C : Amazon CloudWatch Events to send notifications every time an item is added or modified in the “orders” table

D : Amazon Kinesis Firehose to deliver all changes in the “orders” table to the “customers” table

Answer: B

Question 4

A company is concerned that a malicious user could deploy unauthorized changes to the code for an AWS Lambda function. What can a developer do to ensure that only trusted code is deployed to Lambda?

A : Turn on the trusted code option in AWS CodeDeploy. Add the CodeDeploy digital certificate to the Lambda package before deploying the package to Lambda.

B : Define the code signing configuration in the Lambda console. Use AWS Signer to digitally sign the Lambda package before deploying the package to Lambda.

C : Link Lambda to AWS KMS in the Lambda console. Use AWS KMS to digitally sign the Lambda package before deploying the package to Lambda.

D : Set the KmsKeyArn property of the Lambda function to the Amazon Resource Name (ARN) of a trusted key before deploying the package to Lambda.

Answer: B

Question 5

A healthcare company is developing a multi-tier web application to manage patient records that are in an Amazon Aurora PostgreSQL database cluster. The company stores the application code in a Git repository and deploys the code to Amazon EC2 instances. The application must comply with security policies and follow the principle of least privilege. The company must securely manage database credentials and API keys within the application code. The company must have the ability to rotate encryption keys on demand. Which solution will meet these requirements?

A : Store database credentials and API keys in AWS Secrets Manager. Use AWS managed AWS KMS keys. Set up automatic key rotation. Use the AWS SDK to retrieve secrets.

B : Store the database credentials and API keys in AWS Secrets Manager. Use customer managed AWS KMS keys. Set up automatic key rotation. Create a key policy in the application to retrieve secrets by using the AWS SDK.

C : Store the database credentials in the application code. Separate credentials by using environmentspecific branches that have restricted access to the code repositories.

D : Store the database credentials and API keys as parameters in AWS Systems Manager Parameter Store. Encrypt the credentials and API keys with AWS managed AWS KMS keys. Use the AWS SDK to retrieve secrets.

Answer: A