Home » Exam Preparation » Certification » AWS Certified Developer Associate Exam Dumps » Page 21

AWS Certified Developer Associate Exam Dumps

Question #201

A Developer must encrypt a 100-GB object using AWS KMS.
What is the BEST approach?

  • A. Make an Encrypt API call to encrypt the plaintext data as ciphertext using a customer master key (CMK)
  • B. Make an Encrypt API call to encrypt the plaintext data as ciphertext using a customer master key (CMK) with imported key material
  • C. Make an GenerateDataKey API call that returns a plaintext key and an encrypted copy of a data key. Use a plaintext key to encrypt the data
  • D. Make an GenerateDataKeyWithoutPlaintext API call that returns an encrypted copy of a data key. Use an encrypted key to encrypt the data D

Correct Answer: Explanation

Question #202

A Development team would like to migrate their existing application code from a GitHub repository to AWS CodeCommit.
What needs to be created before they can migrate a cloned repository to CodeCommit over HTTPS?

  • A. A GitHub secure authentication token
  • B. A public and private SSH key file
  • C. A set of Git credentials generated from IAM
  • D. An Amazon EC2 IAM role with CodeCommit permissions

Correct Answer: C
Reference:
https://docs.aws.amazon.com/codecommit/latest/userguide/how-to-migrate-repository-existing.html

Question #203

A Developer is writing a REST service that will add items to a shopping list. The service is built on Amazon API Gateway with AWS Lambda integrations. The shopping list items are send as query string parameters in the method request.
How should the Developer convert the query string parameters to arguments for the Lambda function?

  • A. Enable request validation
  • B. Include the Amazon Resource Name (ARN) of the Lambda function
  • C. Change the integration type
  • D. Create a mapping template C

Correct Answer: Explanation
Reference:
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-api-step-by-step.html

Question #204

When developing an AWS Lambda function that processes Amazon Kinesis Data Streams, Administrators within the company must receive a notice that includes the processed data.
How should the Developer write the function to send processed data to the Administrators?

  • A. Separate the Lambda handler from the core logic
  • B. Use Amazon CloudWatch Events to send the processed data
  • C. Publish the processed data to an Amazon SNS topic
  • D. Push the processed data to Amazon SQS

Correct Answer: B

Question #205

A Developer is storing documents in Amazon S3 that will require encryption at rest. The encryption keys must be rotated annually, at least.
What is the easiest way to achieve this?

  • A. Encrypt the data before sending it to Amazon S3
  • B. Import a custom key into AWS KMS with annual rotation enabled
  • C. Use AWS KMS with automatic key rotation
  • D. Export a key from AWS KMS to encrypt the data

Correct Answer: B

Question #206

A company is creating a REST service using an Amazon API Gateway with AWS Lambda integration. The service run different versions for testing purposes.
What would be the BEST way to accomplish this?

  • A. Use an x-Version header to denote which version is being called and pass that header to the Lambda function(s)
  • B. Create an API Gateway Lambda authorizer to route API clients to the correct API version
  • C. Create an API Gateway resource policy to isolate versions and provide context to the Lambda function(s)
  • D. Deploy the API versions as unique stages with unique endpoints and use stage variables to provide further context

Correct Answer: C

Question #207

A company wants to implement authentication for its new REST service using Amazon API Gateway. To authenticate the calls, each request must include HTTP headers with a client ID and user ID. These credentials must be compared to authentication data in an Amazon DynamoDB table.
What MUST the company do to implement this authentication in API Gateway?

  • A. Implement an AWS Lambda authorizer that references the DynamoDB authentication table
  • B. Create a model that requires the credentials, then grant API Gateway access to the authentication table
  • C. Modify the integration requests to require the credentials, then grant API Gateway access to the authentication table
  • D. Implement an Amazon Cognito authorizer that references the DynamoDB authentication table

Correct Answer: D

Question #208

An Amazon RDS database instance is used by many applications to look up historical data. The query rate is relatively constant. When the historical data is updated each day, the resulting write traffic slows the read query performance and affects all application users.
What can be done to eliminate the performance impact on application users?

  • A. Make sure Amazon RDS is Multi-AZ so it can better absorb increased traffic.
  • B. Create an RDS Read Replica and direct all read traffic to the replica.
  • C. Implement Amazon ElastiCache in front of Amazon RDS to buffer the write traffic.
  • D. Use Amazon DynamoDB instead of Amazon RDS to buffer the read traffic. B

Correct Answer: Explanation

Question #209

Company C is currently hosting their corporate site in an Amazon S3 bucket with Static Website Hosting enabled. Currently, when visitors go to http://www.companyc.com the index.html page is returned. Company C now would like a new page welcome.html to be returned when a visitor enters http://www.companyc.com in the browser.
Which of the following steps will allow Company C to meet this requirement? (Choose two.)

  • A. Upload an html page named welcome.html to their S3 bucket
  • B. Create a welcome subfolder in their S3 bucket
  • C. Set the Index Document property to welcome.html
  • D. Move the index.html page to a welcome subfolder
  • E. Set the Error Document property to welcome.html

Correct Answer: AC

Question #210

What type of block cipher does Amazon S3 offer for server side encryption?

  • A. Triple DES
  • B. Advanced Encryption Standard
  • C. Blowfish
  • D. RC5

Correct Answer: B

Leave a Comment