Propel your academic aspirations skyward, backed by the formidable arsenal of the DVA-C02 dumps. Sculpted with care to reflect the diverse nuances of the syllabus, the DVA-C02 dumps extend a myriad of practice questions, reinforcing a comprehensive command. Whether the streamlined clarity of PDFs captivates or the vibrant interactivity of the VCE format intrigues, the DVA-C02 dumps stand ready. An integrated study guide, a hallmark of the DVA-C02 dumps, aids in deciphering complex paradigms, ensuring thoroughness. Rooted deeply in the efficacy of these tools, we vehemently endorse our 100% Pass Guarantee.
Delve into our trusted study guide, packed with free DVA-C02 braindumps in both PDF and VCE formats
Question 1:
A company has hundreds of AWS Lambda functions that the company\’s QA team needs to test by using the Lambda function URLs. A developer needs to configure the authentication of the Lambda functions to allow access so that the QA IAM group can invoke the Lambda functions by using the public URLs.
Which solution will meet these requirements?
A. Create a CLI script that loops on the Lambda functions to add a Lambda function URL with the AWS_IAM auth type. Run another script to create an IAM identity-based policy that allows the lambda:InvokeFunctionUrl action to all the Lambda function Amazon Resource Names (ARNs). Attach the policy to the QA IAM group.
B. Create a CLI script that loops on the Lambda functions to add a Lambda function URL with the NONE auth type. Run another script to create an IAM resource-based policy that allows the lambda:InvokeFunctionUrl action to all the Lambda function Amazon Resource Names (ARNs). Attach the policy to the QA IAM group.
C. Create a CLI script that loops on the Lambda functions to add a Lambda function URL with the AWS_IAM auth type. Run another script to loop on the Lambda functions to create an IAM identity-based policy that allows the lambda:InvokeFunctionUrl action from the QA IAM group\’s Amazon Resource Name (ARN).
D. Create a CLI script that loops on the Lambda functions to add a Lambda function URL with the NONE auth type. Run another script to loop on the Lambda functions to create an IAM resource-based policy that allows the lambda:InvokeFunctionUrl action from the QA IAM group\’s Amazon Resource Name (ARN).
Correct Answer: A
https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html
Question 2:
A developer is creating an AWS Lambda function that needs credentials to connect to an Amazon RDS for MySQL database. An Amazon S3 bucket currently stores the credentials. The developer needs to improve the existing solution by implementing credential rotation and secure storage. The developer also needs to provide integration with the Lambda function.
Which solution should the developer use to store and retrieve the credentials with the LEAST management overhead?
A. Store the credentials in AWS Systems Manager Parameter Store. Select the database that the parameter will access. Use the default AWS Key Management Service (AWS KMS) key to encrypt the parameter. Enable automatic rotation for the parameter. Use the parameter from Parameter Store on the Lambda function to connect to the database.
B. Encrypt the credentials with the default AWS Key Management Service (AWS KMS) key. Store the credentials as environment variables for the Lambda function. Create a second Lambda function to generate new credentials and to rotate the credentials by updating the environment variables of the first Lambda function. Invoke the second Lambda function by using an Amazon EventBridge rule that runs on a schedule. Update the database to use the new credentials. On the first Lambda function, retrieve the credentials from the environment variables. Decrypt the credentials by using AWS KMS, Connect to the database.
C. Store the credentials in AWS Secrets Manager. Set the secret type to Credentials for Amazon RDS database. Select the database that the secret will access. Use the default AWS Key Management Service (AWS KMS) key to encrypt the secret. Enable automatic rotation for the secret. Use the secret from Secrets Manager on the Lambda function to connect to the database.
D. Encrypt the credentials by using AWS Key Management Service (AWS KMS). Store the credentials in an Amazon DynamoDB table. Create a second Lambda function to rotate the credentials. Invoke the second Lambda function by using an Amazon EventBridge rule that runs on a schedule. Update the DynamoDB table. Update the database to use the generated credentials. Retrieve the credentials from DynamoDB with the first Lambda function. Connect to the database.
Correct Answer: C
https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html https://docs.aws.amazon.com/secretsmanager/latest/userguide/create_database_secret.html https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_lambda.html
Question 3:
A developer is creating an AWS Lambda function that will connect to an Amazon RDS for MySQL instance. The developer wants to store the database credentials. The database credentials need to be encrypted and the database password needs to be automatically rotated.
Which solution will meet these requirements?
A. Store the database credentials as environment variables for the Lambda function. Set the environment variables to rotate automatically.
B. Store the database credentials in AWS Secrets Manager. Set up managed rotation on the database credentials.
C. Store the database credentials in AWS Systems Manager Parameter Store as secure string parameters. Set up managed rotation on the parameters.
D. Store the database credentials in the X-Amz-Security-Token parameter. Set up managed rotation on the parameter.
Correct Answer: B
Question 4:
An online sales company is developing a serverless application that runs on AWS. The application uses an AWS Lambda function that calculates order success rates and stores the data in an Amazon DynamoDB table. A developer wants an efficient way to invoke the Lambda function every 15 minutes.
Which solution will meet this requirement with the LEAST development effort?
A. Create an Amazon EventBridge rule that has a rate expression that will run the rule every 15 minutes. Add the Lambda function as the target of the EventBridge rule.
B. Create an AWS Systems Manager document that has a script that will invoke the Lambda function on Amazon EC2. Use a Systems Manager Run Command task to run the shell script every 15 minutes.
C. Create an AWS Step Functions state machine. Configure the state machine to invoke the Lambda function execution role at a specified interval by using a Wait state. Set the interval to 15 minutes.
D. Provision a small Amazon EC2 instance. Set up a cron job that invokes the Lambda function every 15 minutes.
Correct Answer: B
Question 5:
A developer is creating a Ruby application and needs to automate the deployment, scaling, and management of an environment without requiring knowledge of the underlying infrastructure. Which service would best accomplish this task?
A. AWS CodeDeploy
B. AWS CloudFormation
C. AWS OpsWorks
D. AWS Elastic Beanstalk
Correct Answer: D
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_Ruby.html
Question 6:
A developer wants to add request validation to a production environment Amazon API Gateway API. The developer needs to test the changes before the API is deployed to the production environment. For the test, the developer will send test requests to the API through a testing tool.
Which solution will meet these requirements with the LEAST operational overhead?
A. Export the existing API to an OpenAPI file. Create a new API. Import the OpenAPI file. Modify the new API to add request validation. Perform the tests. Modify the existing API to add request validation. Deploy the existing API to production.
B. Modify the existing API to add request validation. Deploy the updated API to a new API Gateway stage. Perform the tests. Deploy the updated API to the API Gateway production stage.
C. Create a new API. Add the necessary resources and methods, including new request validation. Perform the tests. Modify the existing API to add request validation. Deploy the existing API to production
D. Clone the existing API. Modify the new API to add request validation. Perform the tests. Modify the existing API to add request validation. Deploy the existing API to production.
Correct Answer: B
Question 7:
An Amazon Kinesis Data Firehose delivery stream is receiving customer data that contains personally identifiable information. A developer needs to remove pattern-based customer identifiers from the data and store the modified data in an Amazon S3 bucket.
What should the developer do to meet these requirements?
A. Implement Kinesis Data Firehose data transformation as an AWS Lambda function. Configure the function to remove the customer identifiers. Set an Amazon S3 bucket as the destination of the delivery stream.
B. Launch an Amazon EC2 instance. Set the EC2 instance as the destination of the delivery stream. Run an application on the EC2 instance to remove the customer identifiers. Store the transformed data in an Amazon S3 bucket.
C. Create an Amazon OpenSearch Service instance. Set the OpenSearch Service instance as the destination of the delivery stream. Use search and replace to remove the customer identifiers. Export the data to an Amazon S3 bucket.
D. Create an AWS Step Functions workflow to remove the customer identifiers. As the last step in the workflow, store the transformed data in an Amazon S3 bucket. Set the workflow as the destination of the delivery stream.
Correct Answer: A
https://docs.aws.amazon.com/firehose/latest/dev/data-transformation.html
Question 8:
An application is real-time processing millions of events that are received through an API.
What service could be used to allow multiple consumers to process the data concurrently and MOST cost-effectively?
A. Amazon SNS with fanout to an SQS queue for each application
B. Amazon SNS with fanout to an SQS FIFO (first-in, first-out) queue for each application
C. Amazon Kinesis Firehose
D. Amazon Kinesis Data Streams
Correct Answer: D
Question 9:
A developer has built an application that inserts data into an Amazon DynamoDB table. The table is configured to use provisioned capacity. The application is deployed on a burstable nano Amazon EC2 instance. The application logs show that the application has been failing because of a ProvisionedThroughputExceededException error.
Which actions should the developer take to resolve this issue? (Choose two.)
A. Move the application to a larger EC2 instance.
B. Increase the number of read capacity units (RCUs) that are provisioned for the DynamoDB table.
C. Reduce the frequency of requests to DynamoDB by implementing exponential backoff.
D. Increase the frequency of requests to DynamoDB by decreasing the retry delay.
E. Change the capacity mode of the DynamoDB table from provisioned to on-demand.
Correct Answer: CE
Question 10:
A company has an application that runs as a series of AWS Lambda functions. Each Lambda function receives data from an Amazon Simple Notification Service (Amazon SNS) topic and writes the data to an Amazon Aurora DB instance.
To comply with an information security policy, the company must ensure that the Lambda functions all use a single securely encrypted database connection string to access Aurora.
Which solution will meet these requirements?
A. Use IAM database authentication for Aurora to enable secure database connections for all the Lambda functions.
B. Store the credentials and read the credentials from an encrypted Amazon RDS DB instance.
C. Store the credentials in AWS Systems Manager Parameter Store as a secure string parameter.
D. Use Lambda environment variables with a shared AWS Key Management Service (AWS KMS) key for encryption.
Correct Answer: D
Question 11:
A developer is working on an existing application that uses Amazon DynamoDB as its data store. The DynamoDB table has the following attributes: partNumber (partition key), vendor (sort key), description, productFamily, and productType.
When the developer analyzes the usage patterns, the developer notices that there are application modules that frequently look for a list of products based on the productFamily and productType attributes.
The developer wants to make changes to the application to improve performance of the query operations.
Which solution will meet these requirements?
A. Create a global secondary index (GSI) with productFamily as the partition key and productType as the sort key.
B. Create a local secondary index (LSI) with productFamily as the partition key and productType as the sort key.
C. Recreate the table. Add partNumber as the partition key and vendor as the sort key. During table creation, add a local secondary index (LSI) with productFamily as the partition key and productType as the sort key.
D. Update the queries to use Scan operations with productFamily as the partition key and productType as the sort key.
Correct Answer: A
Question 12:
A developer is creating an AWS CloudFormation stack. The stack contains IAM resources with custom names. When the developer tries to deploy the stack, they receive an InsufficientCapabilities error. What should the developer do to resolve this issue?
A. Specify the CAPABILITY_AUTO_EXPAND capability in the CloudFormation stack.
B. Use an administrators role to deploy IAM resources with CloudFormation.
C. Specify the CAPABILITY_IAM capability in the CloudFormation stack.
D. Specify the CAPABILITY_NAMED_IAM capability in the CloudFormation stack.
Correct Answer: B
Question 13:
A developer is creating an AWS Lambda function. The Lambda function needs an external library to connect to a third-party solution. The external library is a collection of files with a total size of 100 MB. The developer needs to make the external library available to the Lambda execution environment and reduce the Lambda package space.
Which solution will meet these requirements with the LEAST operational overhead?
A. Create a Lambda layer to store the external library. Configure the Lambda function to use the layer.
B. Create an Amazon S3 bucket. Upload the external library into the S3 bucket. Mount the S3 bucket folder in the Lambda function. Import the library by using the proper folder in the mount point.
C. Load the external library to the Lambda function\’s /tmp directory during deployment of the Lambda package. Import the library from the /tmp directory.
D. Create an Amazon Elastic File System (Amazon EFS) volume. Upload the external library to the EFS volume. Mount the EFS volume in the Lambda function. Import the library by using the proper folder in the mount point.
Correct Answer: A
Create a Lambda layer to store the external library. Configure the Lambda function to use the layer. This will allow the developer to make the external library available to the Lambda execution environment without having to include it in the Lambda package, which will reduce the Lambda package space. Using a Lambda layer is a simple and straightforward solution that requires minimal operational overhead.
Question 14:
A developer is leveraging a Border Gateway Protocol (BGP)-based AWS VPN connection to connect from on-premises to Amazon EC2 instances in the developer\’s account. The developer is able to access an EC2 instance in subnet A, but is unable to access an EC2 instance in subnet B in the same VPC.
Which logs can the developer use to verify whether the traffic is reaching subnet B?
A. VPN logs
B. BGP logs
C. VPC Flow Logs
D. AWS CloudTrail logs
Correct Answer: C
https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html
Question 15:
A company has a critical application on AWS. The application exposes an HTTP API by using Amazon API Gateway. The API is integrated with an AWS Lambda function. The application stores data in an Amazon RDS for MySQL DB instance with 2 virtual CPUs (vCPUs) and 64 GB of RAM.
Customers have reported that some of the API calls return HTTP 500 Internal Server Error responses. Amazon CloudWatch Logs shows errors for “too many connections.” The errors occur during peak usage times that are unpredictable.
The company needs to make the application resilient. The database cannot be down outside of scheduled maintenance hours.
Which solution will meet these requirements?
A. Decrease the number of vCPUs for the DB instance. Increase the max_connections setting.
B. Use Amazon RDS Proxy to create a proxy that connects to the DB instance. Update the Lambda function to connect to the proxy.
C. Add a CloudWatch alarm that changes the DB instance class when the number of connections increases to more than 1,000.
D. Add an Amazon EventBridge rule that increases the max_connections setting of the DB instance when CPU utilization is above 75%.
Correct Answer: B