Select the correct answers for each question, including multiple-choice options when applicable, and click Submit to view your results. The quiz calculates your score and percentage, highlighting any incorrect questions to help you identify areas for improvement.

Click on the Answer button for the correct answer and its explanation.

If this practice exam has been helpful to you please share it with others and react to this below.

Practice Exam 1

  1. Which of the following are good use cases for how Amazon ElastiCache can help an application? (Select TWO)

    • A. Improve the performance of S3 PUT operations.
    • B. Improve the latency of deployments performed by AWS CodeDeploy.
    • C. Improve latency and throughput for read-heavy application workloads.
    • D. Reduce the time required to merge AWS CodeCommit branches.
    • E. Improve performance of compute-intensive applications.
    Answer

    Correct Answer: CE

  2. Which of the following services are key/value stores? (Choose 3 answers)

    • A. Amazon ElastiCache.
    • B. Simple Notification Service.
    • C. DynamoDB.
    • D. Simple Workflow Service.
    • E. Simple Storage Service.
    Answer

    Correct Answer: ACE

  3. A developer wants to send multi-value headers to an AWS Lambda function that is registered as a target with an Application Load Balancer (ALB). What should the developer do to achieve this?

    • A. Place the Lambda function and target group in the same account.
    • B. Send the request body to the Lambda function with a size less than 1 MB 0.
    • C. Include the Base64 encoding status status code, status description, and headers in the Lambda function.
    • D. Enable the multi-value headers on the ALB.
    Answer

    Correct Answer: D

  4. A company’s ecommerce website is experiencing massive traffic spikes, which are causing performance problems in the company database. Users are reporting that accessing the website takes a long time. A developer wants to implement a caching layer using Amazon ElastiCache. The website is required to be responsive no matter which product a user views, and the updates to product information and prices must be strongly consistent. Which cache writing policy will satisfy these requirements?

    • A. Write to the cache directly and sync the backend at a later time.
    • B. Write to the backend first and wait for the cache to expire.
    • C. Write to the cache and the backend at the same time.
    • D. Write to the backend first and invalidate the cache.
    Answer

    Correct Answer: D

  5. A Developer wants to upload data to Amazon S3 and must encrypt the data in transit. Which of the following solutions will accomplish this task? (Choose TWO)

    • A. Set up hardware VPN tunnels to a VPC and access S3 through a VPC endpoint.
    • B. Set up Client-Side Encryption with an AWS KMS-Managed Customer Master Key.
    • C. Set up Server-Side Encryption with AWS KMS-Managed Keys.
    • D. Transfer the data over an SSL connection.
    • E. Set up Server-Side Encryption with S3-Managed Keys.
    Answer

    Correct Answer: BD

  6. A Developer wants to encrypt new objects that are being uploaded to an Amazon S3 bucket by an application. There must be an audit trail of who has used the key during this process. There should be no change to the performance of the application. Which type of encryption meets these requirements?

    • A. Server-side encryption using S3-managed keys.
    • B. Server-side encryption with AWS KMS-managed keys.
    • C. Client-side encryption with a client-side symmetric master key.
    • D. Client-side encryption with AWS KMS-managed keys.
    Answer

    Correct Answer: B

  7. An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C. What is the MOST secure way to allow the application to call AWS services in each audited account?

    • A. Configure cross-account roles in each audited account. Write code in Account A that assumes those roles.
    • B. Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions.
    • C. Deploy an application in each audited account with its own role. Have Account A authenticate with the application.
    • D. Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys.
    Answer

    Correct Answer: A

  8. A company uses a third-party tool to build, bundle, and package rts applications on-premises and store them locally. The company uses Amazon EC2 instances to run its front-end applications. How can an application be deployed from the source control system onto the EC2 instances?

    • A. Use AWS CodeDeploy and point it to the local storage to directly deploy a bundle m a zip. tar. or tar.gz format.
    • B. Upload the bundle to an Amazon S3 bucket and specify the S3 location when doing a deployment using AWS CodeDeploy.
    • C. Create a repository using AWS CodeCommit to automatically trigger a deployment to the EC2 instances.
    • D. Use AWS CodeBuild to automatically deploy the latest build to the latest EC2 instances.
    Answer

    Correct Answer: B

  9. A company is building a compute-intensive application that will run on a fleet of Amazon EC2 instances. The application uses attached Amazon EBS disks for storing data. The application will process sensitive information and all the data must be encrypted. What should a developer do to ensure the data is encrypted on disk without impacting performance?

    • A. Configure the Amazon EC2 instance fleet to use encrypted EBS volumes for storing data.
    • B. Add logic to write all data to an encrypted Amazon S3 bucket.
    • C. Add a custom encryption algorithm to the application that will encrypt and decrypt all data.
    • D. Create a new Amazon Machine Image (AMI) with an encrypted root volume and store the data to ephemeral disks.
    Answer

    Correct Answer: A

  10. A global company has an application running on Amazon EC2 instances that serves image files from Amazon S3. User requests from the browser are causing high traffic, which results in degraded performance. Which optimization solution should a Developer implement to increase application performance?

    • A. Create multiple prefix in the S3 bucket to increase the request rate.
    • B. Create an Amazon ElastiCache cluster to cache and serve frequently accessed items.
    • C. Use Amazon CloudFront to serve the content of images stored in Amazon S3.
    • D. Submit a ticket to AWS support to request a rate limit increase for the S3 bucket.
    Answer

    Correct Answer: C

  11. An AWS Lambda function generates a 3MB JSON file and then uploads it to an Amazon S3 bucket daily. The file contains sensitive information, so the Developer must ensure that it is encrypted before uploading to the bucket. Which of the following modifications should the Developer make to ensure that the data is encrypted before uploading it to the bucket?

    • A. Use the default AWS KMS customer master key for S3 in the Lambda function code.
    • B. Use the S3 managed key and call the GenerateDataKey API to encrypt the file.
    • C. Use the GenerateDataKey API, then use that data key to encrypt the file in the Lambda function code.
    • D. Use a custom KMS customer master key created for S3 in the Lambda function code.
    Answer

    Correct Answer: C

  12. Company D is running their corporate website on Amazon S3 accessed from http://www.companyd.com. Their marketing team has published new web fonts to a separate S3 bucket accessed by the S3 endpoint https://s3-us-west-1.amazonaws.com/cdfonts. While testing the new web fonts, Company D recognized the web fonts are being blocked by the browser. What should Company D do to prevent the web fonts from being blocked by the browser?

    • A. Enable versioning on the cdfonts bucket for each web font.
    • B. Create a policy on the cdfonts bucket to enable access to everyone.
    • C. Add the Content-MD5 header to the request for webfonts in the cdfonts bucket from the website.
    • D. Configure the cdfonts bucket to allow cross-origin requests by creating a CORS configuration.
    Answer

    Correct Answer: D

  13. A developer must extend an existing application that is based on the AWS Serverless Application Model (AWS SAM). The developer has used the AWS SAM CLI to create the project. The project contains different AWS Lambda functions. Which combination of commands must the developer use to redeploy the AWS SAM application? (Select TWO)

    • A. sam init.
    • B. sam validate.
    • C. sam build.
    • D. sam deploy.
    • E. sam publish.
    Answer

    Correct Answer: CD

  14. An application deployed on AWS Elastic Beanstalk experiences increased error rates during deployments of new application versions, resulting in service degradation for users. The Development team believes that this is because of the reduction in capacity during the deployment steps. The team would like to change the deployment policy configuration of the environment to an option that maintains full capacity during deployment while using the existing instances. Which deployment policy will meet these requirements while using the existing instances?

    • A. All at once.
    • B. Rolling.
    • C. Rolling with additional batch.
    • D. Immutable.
    Answer

    Correct Answer: C

  15. A Developer is creating an application that needs to locate the public IPv4 address of the Amazon EC2 instance on which it runs. How can the application locate this information?

    • A. Get the instance metadata by retrieving http://169.254.169.254/latest/metadata/.
    • B. Get the instance user data by retrieving http://169.254.169.254/latest/userdata/.
    • C. Get the application to run IFCONFIG to get the public IP address.
    • D. Get the application to run IPCONFIG to get the public IP address.
    Answer

    Correct Answer: A

  16. The development team is working on an API that will be served from Amazon API gateway. The API will be served from three environments: development, test, and production. The API Gateway is configured to use 237 GB of cache in all three stages. Which is the MOST cost-efficient deployment strategy?

    • A. Create a single API Gateway with all three stages.
    • B. Create three API Gateways, one for each stage in a single AWS account.
    • C. Create an API Gateway in three separate AWS accounts.
    • D. Enable the cache for development and test environments only when needed.
    Answer

    Correct Answer: D

  17. A company is migrating its on-premises database to Amazon RDS for MySQL. The company has read-heavy workloads, and wants to make sure it re-factors its code to achieve optimum read performance for its queries. How can this objective be met?

    • A. Add database retries to effectively use RDS with vertical scaling.
    • B. Use RDS with multi-AZ deployment.
    • C. Add a connection string to use an RDS read replica for read queries.
    • D. Add a connection string to use a read replica on an EC2 instance.
    Answer

    Correct Answer: C

  18. A developer needs to modify an application architecture to meet new functional requirements. Application data is stored in Amazon DynamoDB and processed for analysis in a nightly batch. The system analysts do not want to wait unit the next day to view the processed data and have asked to have it available in near-real time. Which application architect pattern would enables the data to be processed as it is received?

    • A. Event driven.
    • B. Client served driven.
    • C. Fan-out driven.
    • D. Schedule driven.
    Answer

    Correct Answer: A

  19. A developer has built an application that inserts data into an Amazon DynamoDB table. The table is configured to use provisioned capacity. The application is deployed on a burstable nano Amazon EC2 Instance. The application logs show that the application has been failing because of a ProvisionedThroughputExceedException error. Which actions should the developer take to resolve this issue? (Choose two.)

    • A. Move the application to a larger EC instance.
    • B. Increase the number or read capacity units (RCUs) that are provisioned for the DynamoDB table.
    • C. Reduce the frequency of requests to DynamoDB by implement ng exponential backoff.
    • D. Increase the frequency of requests to DynamoDB by decreasing the retry delay.
    • E. Change the capacity mode of the DynamoDB table from provisioned to on-demand.
    Answer

    Correct Answer: CE

  20. A software company needs to make sure user-uploaded documents are securely stored in Amazon S3. The documents must be encrypted at rest in Amazon S3. The company does not want to manage the security infrastructure in-house, but the company still needs extra protection to ensure it has control over its encryption keys due to industry regulations. Which encryption strategy should a developer use to meet these requirements?

    • A. Server-side encryption with Amazon S3 managed keys (SSE-S3).
    • B. Server-side encryption with customer-provided encryption keys (SSE-C).
    • C. Server-side encryption with AWS KMS managed keys (SSE-KMS).
    • D. Client-side encryption.
    Answer

    Correct Answer: C

  21. An application uses Amazon Kinesis Data Streams to ingest and process large streams of data records in real time. Amazon EC2 instances consume and process the data from the shards of the Kinesis data stream by using Amazon Kinesis Client Library (KCL). The application handles the failure scenarios and does not require standby workers. The application reports that a specific shard is receiving more data than expected. To adapt to the changes in the rate of data flow, the hot shard is resharded. Assuming that the initial number of shards in the Kinesis data stream is 4, and after resharding the number of shards increased to 6, what is the maximum number of EC2 instances that can be deployed to process data from all the shards?

    • A. 12.
    • B. 6.
    • C. 4.
    • D. 1.
    Answer

    Correct Answer: B

  22. A gaming company is developing a mobile game application for iOS® and Android® platforms. This mobile game securely stores user data locally on the device. The company wants to allow users to use multiple device for the game, which requires user data synchronization across device.Which service should be used to synchronize user data across devices without the need to create a backend application?

    • A. AWS Lambda.
    • B. Amazon S3.
    • C. Amazon DynamoDB.
    • D. Amazon Cognito.
    Answer

    Correct Answer: D

  23. A Developer is making changes to a custom application that is currently using AWS Elastic Beanstalk. After the Developer completes the changes, what solutions will update the Elastic Beanstalk environment with the new application version? (Choose TWO)

    • A. Package the application code into a .zip file, and upload, then deploy the packaged application from the AWS Management Console.
    • B. Package the application code into a .tar file, create a new application version from the AWS Management Console, then update the environment by using AWS CLI.
    • C. Package the application code into a .tar file, and upload and deploy the packaged application from the AWS Management Console.
    • D. Package the application code into a .zip file, create a new application version from the packaged application by using AWS CLI, then update the environment by using AWS CLI.
    • E. Package the application code into a .zip file, create a new application version from the AWS Management Console, then rebuild the environment by using AWS CLI.
    Answer

    Correct Answer: AD

  24. A company is running an application built on AWS Lambda functions. One Lambda function has performance issues when it has to download a 50MB file from the Internet in every execution. This function is called multiple times a second. What solution would give the BEST performance increase?

    • A. Cache the file in the /tmp directory.
    • B. Increase the Lambda maximum execution time.
    • C. Put an Elastic Load Balancer in front of the Lambda function.
    • D. Cache the file in Amazon S3.
    Answer

    Correct Answer: A

  25. Queries to an Amazon DynamoDB table are consuming a large amount of read capacity. The table has a significant number of large attributes. The application does not need all of the attribute data. How can DynamoDB costs be minimized while maximizing application performance?

    • A. Batch all the writes, and perform the write operations when no or few reads are being performed.
    • B. Create a global secondary index with a minimum set of projected attributes.
    • C. Implement exponential backoffs in the application.
    • D. Load balance the reads to the table using an Application Load Balancer.
    Answer

    Correct Answer: B

  26. A Developer is writing a REST service that will add items to a shopping list. The service is built on Amazon API Gateway with AWS Lambda integrations. The shopping list items are send as query string parameters in the method request. How should the Developer convert the query string parameters to arguments for the Lambda function?

    • A. Enable request validation.
    • B. Include the Amazon Resource Name (ARN) of the Lambda function.
    • C. Change the integration type.
    • D. Create a mapping template.
    Answer

    Correct Answer: D

  27. A development team is creating a new application designed to run on AWS. While the test and production environments will run on Amazon EC2 instances, developers will each run their own environment on their laptops. Which of the following is the simplest and MOST secure way to access AWS services from the local development machines?

    • A. Use an IAM role to assume a role and execute API calls using the role.
    • B. Create an IAM user to be shared with the entire development team, provide the development team with the access key.
    • C. Create an IAM user for each developer on the team: provide each developer with a unique access key.
    • D. Set up a federation through an Amazon Cognito user pool.
    Answer

    Correct Answer: C

  28. How is provisioned throughput affected by the chosen consistency model when reading data from a DynamoDB table?

    • A. Strongly consistent reads use the same amount of throughput as eventually consistent reads.
    • B. Strongly consistent reads use more throughput than eventually consistent reads.
    • C. Strongly consistent reads use less throughput than eventually consistent reads.
    • D. Strongly consistent reads use variable throughput depending on read activity.
    Answer

    Correct Answer: B

  29. A developer needs to deploy a new version to an AWS Elastic Beanstalk application. How can the developer accomplish this task?

    • A. Upload and deploy the new application version in the Elastic Beanstalk console.
    • B. Use the eb init CLI command to deploy a new version.
    • C. Terminate the current Elastic Beanstalk environment and create a new one.
    • D. Modify the ebextensions folder to add a source option to services.
    Answer

    Correct Answer: A

  30. A gaming application stores scores for players in an Amazon DynamoDB table that has four attributes: user_id, user_name, user_score, and user_rank. The users are allowed to update their names only if a user is authenticated by web identity federation. Which set of conditions should be added in the policy attached to the role for the dynamodb:PutItem API call?

    • A. Option A. Question 30 option A
    • B. Option B. Question 30 option B
    • C. Option C. Question 30 option C
    • D. Option D. Question 30 option D
    Answer

    Correct Answer: A

  31. A developer wants the ability to roll back to a previous version of an AWS Lambda function in the event of errors caused by a new deployment. How can the developer achieve this with MINIMAL impact on users?

    • A. Change the application to use an alias that points to the current version. Deploy the new version of the code. Update the alias to use the newly deployed version. If too many errors are encountered, point the alias back to the previous version.
    • B. Change the application to use an alias that points to the current version. Deploy the new version of the code. Update the alias to direct 10% of users to the newly deployed version. If too many errors are encountered, send 100% of traffic to the previous version.
    • C. Do not make any changes to the application Deploy the new version of the code. If too many errors are encountered, point the application back to the previous version using the version number in the Amazon Resource Name (ARN).
    • D. Create three aliases: new, existing, and router. Point the existing alias to the current version. Have the router alias direct 100% of users to the existing alias. Update the application to use the router alias. Deploy the new version of the code. Point the new alias to this version. Update the router alias to direct 10% of users to the new alias. If too many errors are encountered, send 100% of traffic to the existing alias.
    Answer

    Correct Answer: B

  32. An application contains two components: one component to handle HTTP requests, and another component to handle background processing tasks. Each component must scale independently. The developer wants to deploy this application using AWS Elastic Beanstalk. How should this application be deployed, based on these requirements?

    • A. Deploy the application in a single Elastic Beanstalk environment.
    • B. Deploy each component in a separate Elastic Beanstalk environment.
    • C. Use multiple Elastic Beanstalk environments for the HTTP component but one environment for the background task component.
    • D. Use multiple Elastic Beanstalk environments for the background task component but one environment for the HTTP component.
    Answer

    Correct Answer: B

  33. A company is using AWS CloudFormation templates to deploy AWS resources. The company needs to update one of its AWS CloudFormation stacks. What can the company do to find out how the changes will impact the resources that are running?

    • A. Investigate the change sets.
    • B. Investigate the stack policies.
    • C. Investigate the Metadata section.
    • D. Investigate the Resources section.
    Answer

    Correct Answer: A

  34. A developer is creating a serverless web application and maintains different branches of code. The developer wants to avoid updating the Amazon API Gateway target endpoint each time a new code push is performed. What solution would allow the developer to perform a code push efficiently, without the need to update the API Gateway?

    • A. Associate different AWS Lambda functions to an API Gateway target endpoint.
    • B. Create different stages in API Gateway, then associate API Gateway with AWS Lambda.
    • C. Create aliases and versions in AWS Lambda.
    • D. Tag the AWS Lambda functions with different names.
    Answer

    Correct Answer: C

  35. An application running on EC2 instances is storing data in an S3 bucket. Security policy mandates that all data must be encrypted in transit. How can the Developer ensure that all traffic to the S3 bucket is encrypted?

    • A. Install certificates on the EC2 instances.
    • B. Create a bucket policy that allows traffic where SecureTransport is true.
    • C. Create an HTTPS redirect on the EC2 instances.
    • D. Create a bucket policy that denies traffic where SecureTransport is false.
    Answer

    Correct Answer: D

  36. A supplier is writing a new RESTful API for customers to query the status of orders. The customers requested the following API endpoint http://www.supplierdomain.com/status/customerID. Which of the following application designs meet the requirements? (Select TWO)

    • A. Amazon SQS; Amazon SNS.
    • B. Elastic Load Balancing; Amazon EC2.
    • C. Amazon ElastiCache; Amazon Elacticsearch Service.
    • D. Amazon API Gateway; AWS Lambda.
    • E. Amazon S3; Amazon CloudFront.
    Answer

    Correct Answer: BD

  37. A developer Is designing an AWS Lambda function that create temporary files that are less than 10 MB during execution. The temporary files will be accessed and modified multiple times during execution. The developer has no need to save or retrieve these files in the future. Where should the temporary file be stored?

    • A. the /tmp directory.
    • B. Amazon EFS.
    • C. Amazon EBS.
    • D. Amazon S3.
    Answer

    Correct Answer: A

  38. A website’s page load times are gradually increasing as more users access the system at the same time. Analysis indicates that a user profile is being loaded from a database in all the web pages being visited by each user and this is increasing the database load and the page load latency. To address this issue the Developer decides to cache the user profile data. Which caching strategy will address this situation MOST efficiently?

    • A. Create a new Amazon EC2 Instance and run a NoSQL database on it. Cache the profile data within this database using the write-through caching strategy.
    • B. Create an Amazon ElastiCache cluster to cache the user profile data. Use a cache-aside caching strategy.
    • C. Use a dedicated Amazon RDS instance for caching profile data. Use a write-through caching strategy.
    • D. Create an ElastiCache cluster to cache the user profile data. Use a write-through caching strategy.
    Answer

    Correct Answer: B

  39. An advertising company has a dynamic website with heavy traffic. The company wants to migrate the website infrastructure to AWS to handle everything except website development. Which solution BEST meets these requirements?

    • A. Use AWS VM Import to migrate a web server image to AWS Launch the image on a compute-optimized Amazon EC2 instance.
    • B. Launch multiple Amazon Lightsail instance behind a load balancer. Set up the website on those instances.
    • C. Deploy the website code in an AWS Elastic Beanstalk environment. Use Auto Scaling to scale the numbers of instance.
    • D. Use Amazon S3 to host the website. Use Amazon CloudFornt to deliver the content at scale.
    Answer

    Correct Answer: C

  40. A developer is writing an AWS Lambda function. The developer wants to log key events that occur during the Lambda function and include a unique identifier to associate the events with a specific function invocation. Which of the following will help the developer accomplish this objective?

    • A. Obtain the request identifier from the Lambda context object. Architect the application to write logs to the console.
    • B. Obtain the request identifier from the Lambda event object. Architect the application to write logs to a file.
    • C. Obtain the request identifier from the Lambda event object. Architect the application to write logs to the console.
    • D. Obtain the request identifier from the Lambda context object. Architect the application to write logs to a file.
    Answer

    Correct Answer: A

  41. A company stores all personally identifiable information (PII) in an Amazon DynamoDB table named PII in Account A. An application running on Amazon EC2 instances in Account B requires access to the PII table. An administrators in Account A created an IAM role named AccessPII with privileges to access the PII table, and made account B a trusted entity. Which combination of actional steps should Developers take to access the table? (Select TWO)

    • A. Allow the EC2 IAM role the permission to assume the AccessPII role.
    • B. Allow the EC2 IAM role the permission to access the PII table.
    • C. Include the AWS API in the application code logic to obtain temporary credentials from the EC2 IAM role to access the PII table.
    • D. Include the AssumeRole API operation in the application code logic to obtain temporary credentials to access the PII table.
    • E. Include the GetSessionToken API operation in the application code logic to obtain temporary credentials to access the PII table.
    Answer

    Correct Answer: AD

  42. An AWS Lambda function accesses two Amazon DynamoDB tables. A developer wants to improve the performance of the Lambda function by identifying bottlenecks in the function. How can the developer inspect the timing of the DynamoDB API calls?

    • A. Add DynamoDB as an event source to the Lambda function. View the performance with Amazon CloudWatch metrics.
    • B. Place an Application Load Balancer (ALB) in front of the two DynamoDB tables. Inspect the ALB logs.
    • C. Limit Lambda to no more than five concurrent invocations Monitor from the Lambda console.
    • D. Enable AWS X-Ray tracing for the function. View the traces from the X-Ray service.
    Answer

    Correct Answer: D

  43. An Amazon RDS database instance is used by many applications to look up historical data. The query rate is relatively constant. When the historical data is updated each day, the resulting write traffic slows the read query performance and affects all application users. What can be done to eliminate the performance impact on application users?

    • A. Make sure Amazon RDS is Multi-AZ so it can better absorb increased traffic.
    • B. Create an RDS Read Replica and direct all read traffic to the replica.
    • C. Implement Amazon ElastiCache in front of Amazon RDS to buffer the write traffic.
    • D. Use Amazon DynamoDB instead of Amazon RDS to buffer the read traffic.
    Answer

    Correct Answer: B

  44. A company is developing a serverless ecommerce web application. The application needs to make coordinated, all-or-nothing changes to multiple items in the company’s inventory table in Amazon DynamoDB. Which solution will meet these requirements?

    • A. Enable transactions for the DynamoDB table. Use the BatchWriteItem operation to update the items.
    • B. Use the TransactWriteitems operation to group the changes. Update the items in the table.
    • C. Set up a FIFO queue using Amazon SQS. Group the changes in the queue. Update the table based on the grouped changes.
    • D. Create a transaction table in an Amazon Aurora DB cluster to manage the transactions. Write a backend process to sync the Aurora DB table and the DynamoDB table.
    Answer

    Correct Answer: B

  45. An application is running on an EC2 instance. The Developer wants to store an application metric in Amazon CloudWatch. What is the best practice for implementing this requirement?

    • A. Use the PUT Object API call to send data to an S3 bucket. Use an event notification to invoke a Lambda function to publish data to CloudWatch.
    • B. Publish the metric data to an Amazon Kinesis Stream using a PutRecord API call. Subscribe a Lambda function that publishes data to CloudWatch.
    • C. Use the CloudWatch PutMetricData API call to submit a custom metric to CloudWatch. Provide the required credentials to enable the API call.
    • D. Use the CloudWatch PutMetricData API call to submit a custom metric to CloudWatch. Launch the EC2 instance with the required IAM role to enable the API call.
    Answer

    Correct Answer: D

  46. A Developer needs to design an application running on AWS that will be used to consume Amazon SQS messages that range from 1 KB up to 1GB in size. How should the Amazon SQS messages be managed?

    • A. Use Amazon S3 and the Amazon SQS CLI.
    • B. Use Amazon S3 and the Amazon SQS Extended Client Library for Java.
    • C. Use Amazon EBS and the Amazon SQS CLI.
    • D. Use Amazon EFS and the Amazon SQS CLI.
    Answer

    Correct Answer: B

  47. A developer has written a multi-threaded application that is running on a fleet of Amazon EC2 instances. The operations team has requested a graphical method to monitor the number of running threads over time. What is the MOST efficient way to fulfill this request?

    • A. Periodically send the thread count to AWS X-Ray segments, then generate a service graph on demand.
    • B. Create a custom Amazon CloudWatch metric and periodically perform a PutMetricData call with the current thread count.
    • C. Periodically log thread count data to Amazon S3. Use Amazon Kinesis to process the data into a graph.
    • D. Periodically write the current thread count to a table using Amazon DynarnoDB and use Amazon CloudFront to create a graph.
    Answer

    Correct Answer: B

  48. The Lambda function below is being called through an API using Amazon API Gateway. The average execution time for the Lambda function is about 1 second. The pseudocode for the Lambda function is as shown in the exhibit. What two actions can be taken to improve the performance of this Lambda function without increasing the cost of the solution? (Select TWO) Question 48

    • A. Package only the modules the Lambda function requires.
    • B. Use Amazon DynamoDB instead of Amazon RDS.
    • C. Move the initialization of the variable Amazon RDS connection outside of the handler function.
    • D. Implement custom database connection pooling with the Lambda function. - E. Implement local caching of Amazon RDS data so Lambda can re-use the cache.
    Answer

    Correct Answer: AC

  49. An application on AWS is using third-party APIs. The Developer needs to monitor API errors in the code, and wants to receive notifications if failures go above a set threshold value. How can the Developer achieve these requirements?

    • A. Publish a custom metric on Amazon CloudWatch and use Amazon Simple Email Service (SES) for notification.
    • B. Use an Amazon CloudWatch API-error metric and use Amazon Simple Notification Service (SNS) for notification.
    • C. Use an Amazon CloudWatch API-error metric and use Amazon SES for notification.
    • D. Publish a custom metric on Amazon CloudWatch and use Amazon SNS for notification.
    Answer

    Correct Answer: D

  50. The release process workflow of an application requires a manual approval before the code is deployed into the production environment. What is the BEST way to achieve this using AWS CodePipeline?

    • A. Use multiple pipelines to allow approval.
    • B. Use an approval action in a stage.
    • C. Disable the stage transition to allow manual approval.
    • D. Disable a stage just prior the deployment stage.
    Answer

    Correct Answer: B

  51. A Developer is asked to implement a caching layer in front of Amazon RDS. Cached content is expensive to regenerate in case of service failure. Which implementation below would work while maintaining maximum uptime?

    • A. Implement Amazon ElastiCache Redis in Cluster Mode.
    • B. Install Redis on an Amazon EC2 instance.
    • C. Implement Amazon ElastiCache Memcached.
    • D. Migrate the database to Amazon Redshift.
    Answer

    Correct Answer: A

  52. A company has written a Java AWS Lambda function to be triggered whenever a user uploads an image to an Amazon S3 bucket. The function converts the original image to several different formats and then copies the resulting images to another Amazon S3 bucket. The Developers find that no images are being copied to the second Amazon S3 bucket. They have tested the code on an Amazon EC2 instance with 1GB of RAM, and it takes an average of 500 seconds to complete. What is the MOST likely cause of the problem?

    • A. The Lambda function has insufficient memory and needs to be increased to 1 GB to match the Amazon EC2 instance.
    • B. Files need to be copied to the same Amazon S3 bucket for processing, so the second bucket needs to be deleted.
    • C. Lambda functions have a maximum execution limit of 15 minutes, therefore the function is not completing.
    • D. There is a problem with the Java runtime for Lambda, and the function needs to be converted to node.js.
    Answer

    Correct Answer: A

  53. A web application is using Amazon Kinesis Streams for clickstream data that may not be consumed for up to 12 hours. How can the Developer implement encryption at rest for data within the Kinesis Streams?

    • A. Enable SSL connections to Kinesis.
    • B. Use Amazon Kinesis Consumer Library.
    • C. Encrypt the data once it is at rest with a Lambda function.
    • D. Enable server-side encryption in Kinesis Streams.
    Answer

    Correct Answer: D

  54. A Developer is creating a mobile application with a limited budget. The solution requires a scalable service that will enable customers to sign up and authenticate into the mobile application while using the organization’s current SAML 2.0 identity provider. Which AWS service should be used to meet these requirements?

    • A. AWS Lambda.
    • B. Amazon Cognito.
    • C. AWS IAM.
    • D. Amazon EC2.
    Answer

    Correct Answer: B

  55. A company wants to migrate its web application to AWS and leverage Auto Scaling to handle peak workloads. The Solutions Architect determined that the best metric for an Auto Scaling event is the number of concurrent users. Based on this information, what should the Developer use to autoscale based on concurrent users?

    • A. An Amazon SNS topic to be triggered when a concurrent user threshold is met.
    • B. An Amazon Cloudwatch NetworkIn metric.
    • C. Amazon CloudFront to leverage AWS Edge Locations.
    • D. A Custom Amazon CloudWatch metric for concurrent users.
    Answer

    Correct Answer: D

  56. A Developer has written a serverless application using multiple AWS services. The business logic is written as a Lambda function which has dependencies on third-party libraries. The Lambda function endpoints will be exposed using Amazon API Gateway. The Lambda function will write the information to Amazon DynamoDB. The Developer is ready to deploy the application but must have the ability to rollback. How can this deployment be automated, based on these requirements?

    • A. Deploy using Amazon Lambda API operations to create the Lambda function by providing a deployment package.
    • B. Use an AWS CloudFormation template and use CloudFormation syntax to define the Lambda function resource in the template.
    • C. Use syntax conforming to the Serverless Application Model in the AWS CloudFormation template to define the Lambda function resource.
    • D. Create a bash script which uses AWS CLI to package and deploy the application.
    Answer

    Correct Answer: C

  57. A game stores user game data in an Amazon DynamoDB table. Individual users should not have access to other users’ game data. How can this be accomplished?

    • A. Encrypt the game data with individual user keys.
    • B. Restrict access to specific items based on certain primary key values.
    • C. Stage data in SQS queues to inject metadata before accessing DynamoDB.
    • D. Read records from DynamoDB and discard irrelevant data client-side.
    Answer

    Correct Answer: B

  58. A Developer is creating a web application that requires authentication, but also needs to support guest access to provide users limited access without having to authenticate. What service can provide support for the application to allow guest access?

    • A. IAM temporary credentials using AWS STS.
    • B. Amazon Directory Service.
    • C. Amazon Cognito with unauthenticated access enabled.
    • D. IAM with SAML integration
    Answer

    Correct Answer: C

  59. Given the source code for an AWS Lambda function in the local store.py containing a handler function called get_store and the following AWS CloudFormation template. What should be done to prepare the template so that it can be deployed using the AWS CLI command aws cloudformation deploy? Question 59

    • A. Use AWS CloudFormation compile to base64 encode and embed the source file into a modified CloudFormation template.
    • B. Use AWS CloudFormation package to upload the source code to an Amazon S3 bucket and produce a modified CloudFormation template.
    • C. Use AWS Lambda zip to package the source file together with the CloudFormation template and deploy the resulting zip archive.
    • D. Use AWS Serverless create-package to embed the source file directly into the existing CloudFormation template.
    Answer

    Correct Answer: B

  60. A Developer has created a large Lambda function, and deployment is failing with the following error: ClientError: An error occurred (InvalidParameterValueException) when calling the CreateFunction operation: Unzipped size must be smaller than XXXXXXXXX bytes., where XXXXXXXXX is the current Lambda limit. What can the Developer do to fix this problem?

    • A. Submit a limit increase request to AWS Support to increase the function to the size needed.
    • B. Use a compression algorithm that is more efficient than ZIP.
    • C. Break the function into multiple smaller Lambda functions.
    • D. ZIP the ZIP file twice to compress it further.
    Answer

    Correct Answer: C

  61. A serverless application uses an API Gateway and AWS Lambda. Where should the Lambda function store its session information across function calls?

    • A. In an Amazon DynamoDB table.
    • B. In an Amazon SQS queue.
    • C. In the local filesystem.
    • D. In an SQLite session table using CDSQLITE_ENABLE_SESSION.
    Answer

    Correct Answer: A

  62. An application reads data from an Amazon DynamoDB table. Several times a day, for a period of 15 seconds, the application receives multiple ProvisionedThroughputExceeded errors. How should this exception be handled?

    • A. Create a new global secondary index for the table to help with the additional requests.
    • B. Retry the failed read requests with exponential backoff.
    • C. Immediately retry the failed read requests.
    • D. Use the DynamoDB UpdateItem API to increase the provisioned throughput capacity of the table.
    Answer

    Correct Answer: B

  63. A Developer is writing a Linux-based application to run on AWS Elastic Beanstalk. Application requirements state that the application must maintain full capacity during updates while minimizing cost. Which type of Elastic Beanstalk deployment policy should the Developer specify for the environment?

    • A. Immutable.
    • B. Rolling.
    • C. All at Once.
    • D. Rolling with additional batch.
    Answer

    Correct Answer: D

  64. When writing a Lambda function, what is the benefit of instantiating AWS clients outside the scope of the handler?

    • A. Legibility and stylistic convention.
    • B. Taking advantage of connection re-use.
    • C. Better error handling.
    • D. Creating a new instance per invocation.
    Answer

    Correct Answer: B

  65. A current architecture uses many Lambda functions invoking one another as large state machine. The coordination of this state machine is legacy custom code that breaks easily. Which AWS Service can help refactor and manage the state machine?

    • A. AWS Data Pipeline.
    • B. AWS SNS with AWS SQS.
    • C. Amazon Elastic MapReduce.
    • D. AWS Step Functions.
    Answer

    Correct Answer: D