AWS Certified Developer – Associate 2020-SET 4 Welcome to AWS Certified Developer - Associate QUIZ - SET 4. Please enter your email details to get QUIZ Details on your email id. Click on Next Button to proceed. Enter your email ID details to get QUIZ Result 1. An application is hosted by a 3rd party and exposed at yourapp.3rdparty.com. You would like to have your users access your application using www.mydomain.com, which you own and manage under Route 53. What record should you create? Create an A record Create a CNAME record2. Your company has a workflow in AWS consisting of CodePipeline and CodeBuild. In the process, CodeBuild attempts to pull Docker images from Amazon ECR and fails with an authorization error. Which of the following actions should you take? Open an AWS support ticket Double check your IAM permissions for CodeBuild service3. Which of the following services can you use to monitor all API activity in your AWS account? CloudFormation CloudWatch CloudTrail IAM4. ######QUESTION#########Bob is a DynamoDB expert, companies in his area rely on Bob's expertise to train their developers. Bob have been hired to consult with a company that uses the NoSQL database for mobile applications. The developers are using DynamoDB to perform operations such as GetItem but are limited in knowledge. They would like to be more efficient with retrieving some attributes rather than all. Which of the following recommendations would he provide? Use a FilterExpression Specify a ProjectionExpression5. You are the administrator for the company's AWS account that manages new users. Five new employees have been hired to a new department who will be performing the same tasks and you will need to create new IAM users for these employees. Which approach follows best practices? Create a group, assign the policy to the group and the users to the group Use only one account shared by your users6. A company that specializes in cloud communications platform as a service allows software developers to programmatically use their services to send and receive text messages. The initial platform did not have a scalable architecture as all components were hosted on one server and should be redesigned for high availability and scalability. Which of the following options can be used to implement the REST API? ALB + ECS;API Gateway + Lambda CloudWatch + CloudFront;SES + S37. Which of the following services can you use to monitor and report on performance metrics for your AWS Infrastructure? CloudWatch X-Ray CloudFormation CloudTrail8. A company is undergoing a compliance audit by the government. The company has hundreds of IAM users that make API calls but specifically it needs to be determined who is making KMS API calls. Which of the following services should the audit team use? CloudWatch Metrics CloudTrail9. A Developer is designing a system where only a single server can be used to run an application. The single server will have multiple containers of a service running. Which services can be used to meet this requirement? Application Load Balancer + Beanstalk Application Load Balancer + ECS10. ######QUESTION#########John is a developer at a university, he is encrypting a large XML payload transferred over the network using AWS KMS and wants to test the application before going to production. What is the maximum data size supported by AWS KMS? 16KB 4KB11. You have created a target group that has marked all your EC2 instances as unhealthy. Surprisingly, when you enter the IP address of the EC2 instances in your web browser, you can access your website. What could be the reason your instances are being marked as unhealthy? (Select two) The security group of the EC2 instance does not allow for traffic from the security group of the Application Load Balancer The route for the health check is misconfigured The EBS volumes have been improperly mounted12. ######QUESTION#########A team lead has asked Jacob to create an AWS CloudFormation template that creates EC2 instances and RDS databases. The template should be reusable by allowing the user to input a parameter value for an Amazon EC2 AMI ID. Which of the following intrinsic function should Jacob choose to reference the parameter? !GetAtt !Ref13. You have launched EC2 instances hosting the same application version. Instances are launched based on traffic using an auto scaling group. Each EC2 instance is assigned an instance-id and plan on capturing this data within the application. How can this be accomplished? Use EC2 meta data service Use EC2 User Data14. ######QUESTION#########John is working in a mnc company, the company has embraced cloud-native microservices architectures. New applications must be dockerized and stored in a registry service offered by AWS. The architecture should support dynamic port mapping and support multiple tasks from a single service on the same container instance. All services should run on the same EC2 instance. Which technology will best fit John's company requirements? Application Load Balancer + ECS Classic Load Balancer + Beanstalk15. Your team lead has decided to make changes to a current application written in Node.js and running on a Linux server. The team lead would like to deploy the application to a Docker container, then decouple the application into microservices. Which AWS service is best suited for this change? ECS ECR Lambda16. ######QUESTION#########Bob is the owner of a small company running workloads on AWS and recently lost all developers. He need to provision more resources for a client and while going through existing AWS CloudFormation templates he decide that he need to change several major sections to fulfill a request. Which of the following sections in an AWS CloudFormation template is not valid? Groups Parameters17. Your company has stored all application secrets in SSM Parameter Store. The audit team has requested to get a report to better understand when and who has issued API calls against SSM Parameter Store. Which AWS service can you use to produce your report? CloudTrail SSM Parameter Store List feature18. You are configuring your CloudFront distribution to tell CloudFront where you want content to be delivered from. When configuring settings, which protocol is not supported? HTTP UDP HTTPS19. You have been hired as a new Developer with no experience using CloudFormation. To learn how it works you quickly create a template and upload it through the management console. You find that the template is missing a section that is required. Which section of the template is required? Resources Mappings20. Which of the following tools can you use to monitor CPU utilization metrics for your EC2 instances? X-Ray CloudTrail CloudWatch It can only be assigned to a single user, group or role in your account CloudFormation21. A company would like to deploy new application versions with Elastic Beanstalk to EC2 instances. When a deployment is executed some instances should serve requests with the old version of the application, while other instances serve new requests until the deployment is completed. Which deployment does not meet this requirement without incurring costs? rolling immutable22. Your departments have distinct AWS accounts and would like to debug and trace data across accounts and visualize it in a centralized account. What would you use to achieve that? CloudTrail X-Ray CloudWatch Events23. You run a SAAS company for the healthcare industry that is used worldwide where users pay a monthly subscription. There have been requests by mobile developers to expose public API's created with API Gateway. You decide to make the API's available to mobile developers as product offerings. Which feature will allow you to do that? CloudTrail AWS Billing Usage Plans and API Keys24. ######QUESTION#########Which of the following option is correct? ECS_ENABLE_TASK_IAM_ROLE=true Enables IAM roles for tasks for containers with the bridge and default network modes. "ECS_AVAILABLE_LOGGING_DRIVERS" - Applies if you are not using the Amazon ECS-optimized AMI (with at least version 1.9.0-1 of the ecs-init package) for your container instances "ECS_ENGINE_AUTH_DATA" - Required for private registry authentication. "ECS_CLUSTER" - These are environment variables that can be passed to the container instance at launch through Amazon EC2 user data all of them25. ######QUESTION#########George is a developer working on a web application written in Java and would like to use AWS Elastic Beanstalk for deployment because it would handle deployment, capacity provisioning, load balancing, auto-scaling, and application health monitoring. In the past, he connected to his provisioned instances through SSH to issue configuration commands but instead would like a configuration file that automatically applies settings for him. Which of the following options would help do this? Use SSM parameter store as an input to your Elastic Beanstalk Configurations Include config files in .ebextensions/ at the root of your source code26. Your company hired an outside consultant to help with redesigning internal systems. The company wants to allow consuming applications to process nearly limitless streams of data in flight. Which solution should the outside consultant recommend? Kinesis Stream Lambda SNS27. You are a Developer for a company that uses Amazon ECS container instances. You are revising agent configuration variables for tasks that were written by junior architects. You find that a setting was missed and will need to include an option in the configuration to authorize IAM roles. Which of the following options must you set? ECS_AVAILABLE_LOGGING_DRIVERS ECS_ENABLE_TASK_IAM_ROLE28. A company has AWS Lambda functions where each is invoked by other AWS services such as Amazon Kinesis Data Firehose, Amazon API Gateway, Amazon Simple Storage Service or Amazon CloudWatch Events. What all functions have in common is that they all process heavy workloads such as big data analysis, large file processing, and statistical computations. What should you do to improve the performance of your AWS Lambda functions without changing your code? Increase the RAM assigned to your function Increase the instance type for your functions29. You are running workloads on AWS and have embedded database connection strings within each web server hosting your applications. After failing a security audit you are encouraged to take a different approach where you store your secrets. Which AWS service can you use to manage your database connection strings? EFS SSM Parameter Store30. Thomas is a developer in a MNC working on an AWS CloudFormation template that will provision resources for a company's cloud infrastructure. His template is composed of three stacks which are Stack-A, Stack-B, and Stack-C. Stack-A will provision a VPC, a security group and subnets for public web applications that will be referenced in Stack-B and Stack-C. After running the stacks he decide to delete them, in which order should he should do it? Stack B, then Stack C, then Stack A Stack A, then Stack B, then Stack C31. You are developing a highly available web application using DynamoDB for its data access. What is the maximum number of attributes that can be combined in a primary key when you create the database? 2 132. A Developer at cloudvikas company is working on a CloudFormation template to set up resources. Resources will be defined using code and provisioned based on conditions. Which section of a CloudFormation template does not allow for conditions? Outputs Parameters33. Your client is migrating an application to the cloud that will handle thousands of requests. The application will need a load balancer and an auto scaling group and must be stateless. Which AWS service will provide an in-memory data store for your application's session state? ElastiCache DynamoDB34. ######QUESTION#########John is a Developer for cloudVikas, that has multiple AWS accounts managed with AWS Organizations. John is in the process of creating an Amazon Simple Storage Service (S3) bucket named 'prod' in one account that will contain log files from EC2 instances in production. When creating the bucket an error message displays 'Bucket name already exists'. He check his current account for a duplicate name and none exists. What is the most likely reason for this? Someone else in the world already created a bucket named 'prod' You have the wrong IAM permissions35. When using Web Identity Federation to allow a user to access an AWS service, which of the following is the correct order of steps? A user logs in to the AWS platform using their Facebook credentials. AWS authenticate with Facebook to check the credentials. Temporary Security Access is granted to AWS. A user makes the AssumeRoleWithWebIdentity API Call. The user is then redirected to Facebook to authenticate. Once authenticated, the user is given an ID token. The user is then granted temporary access to the AWS platform. Users cannot use Facebook credentials to access the AWS platform. A user authenticates with Facebook first. They are then given an ID token by Facebook, which they can then trade for temporary security credentials.36. Which of the following tools can be used to determine who provisioned an EC2 instance and what time they made the API call? CloudFormation CloudWatch CloudTrail IAM37. ######QUESTION#########You are a Developer handling a deployment service that automates application deployments to Amazon EC2 instances. Most of the deployments consist of code, but sometimes web and configuration files. One of your deployments failed and was rolled back by AWS CodeDeploy to the last known good application revision. During rollback which of the following instances did AWS CodeDeploy deploy first to? To the failed instances To the non-failed instances38. You want to provision your own Docker images that can be used as input sources for CodeBuild. These images will contain cached dependencies as well as special tooling for your builds that are proprietary to your company. Which of the following services will you use to send your Docker images to? S3 ECR EFS39. Jacob is a Developer working for the food channel. Currently, there are 3 EC2 instances running behind an Application Load Balancer and have been asked to create a web application where web visitors enter ingredients and recipes will be generated. No complex joins would be required and IAM policies should be created for each table. Which of the following database technologies meets these requirements? DynamoDB RDS MySQL40. Your security team is concerned that proper training on encryption was not given to the development team. They have requested your help in determining which KMS API requests are being made, including both management requests such as create/disable keys to cryptographic requests such as encrypt/decrypt. What AWS service should you use to get this information? VPC Flow Logs CloudTrail41 out of Please fill in the comment box below.