Login / Register   My Cart (0)
  • Home
  • Articles
  • Get New 2022 Valid Practice AWS Certified Developer AWS-Developer Q&A - Testing Engine [Q12-Q34]

Get New 2022 Valid Practice AWS Certified Developer AWS-Developer Q&A - Testing Engine [Q12-Q34]

Share

Get New 2022 Valid Practice AWS Certified Developer AWS-Developer Q&A - Testing Engine

AWS-Developer Dumps PDF - 100% Passing Guarantee

NEW QUESTION 12
A developer wants to secure sensitive configuration date such as passwords, database strings, and application license codes. Access to this sensitive information must be tracked for future audit purposes.

  • A. In the Amazon EC2 Systems Manager Parameter Store; grant the application access with IAM
  • B. As on object in on Amazon S3 bucket, grant on Amazon EC2 instance access with on IAM rob.
  • C. On an Amazon EBS encrypted volume attach the volume to an Amazon EC2 instance to access the data
  • D. In an encrypted file on the source code bundle; grant the application access with Amazon IAM

Answer: A

 

NEW QUESTION 13
Does AWS CloudFormation support Amazon EC2 tagging?

  • A. Yes, AWS CloudFormation supports Amazon EC2 tagging
  • B. No, it doesn't support Amazon EC2 tagging.
  • C. No, CloudFormation doesn't support any tagging
  • D. It depends if the Amazon EC2 tagging has been defined in the template.

Answer: A

Explanation:
In AWS CloudFormation, Amazon EC2 resources that support the tagging feature can also be tagged in an AWS template. The tag values can refer to template parameters, other resource names, resource attribute values (e.g. addresses), or values computed by simple functions (e.g., a concatenated list of strings).
http://aws.amazon.com/cloudformation/faqs/

 

NEW QUESTION 14
A company is hosting critical business data in an Amazon Redshift cluster. Due to the sensitive nature of the data, the cluster is encrypted at rest using AWS KMS. As a part of disaster recovery requirements, the company needs to copy the Amazon Redshift snapshots to another Region.
Which steps should be taken in the AWS Management Console to meet the disaster recovery requirements?

  • A. Create a new KMS customer master key in the destination Region and create a new IAM role with access to the new KMS key. Enable Amazon Redshift cross-Region replication in the source Region and use the KMS key of the destination Region.
  • B. Enable Amazon Redshift cross-Region snapshots in the source Region, and create a snapshot copy grant and use a KMS key in the destination Region.
  • C. Create a new IAM role with access to the KMS key. Enable Amazon Redshift cross-Region replication using the new IAM role, and use the KMS key of the source Region.
  • D. Create a new KMS customer master key in the source Region. Switch to the destination Region, enable Amazon Redshift cross-Region snapshots, and use the KMS key of the source Region.

Answer: D

Explanation:
Explanation/Reference: https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-snapshots.html

 

NEW QUESTION 15
An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C.
What is the MOST secure way to allow the application to call AWS services in each audited account?

  • A. Deploy an application in each audited account with its own role. Have Account A authenticate with the application
  • B. Configure cross-account roles in each audited account. Write code in Account A that assumes those roles
  • C. Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys
  • D. Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions

Answer: C

 

NEW QUESTION 16
The release process workflow of an application requires a manual approval before the code is deployed into the production environment.
What is the BEST way to achieve this using AWS CodePipeline?

  • A. Disable the stage transition to allow manual approval
  • B. Use an approval action in a stage
  • C. Disable a stage just prior the deployment stage
  • D. Use multiple pipelines to allow approval

Answer: B

Explanation:
Explanation
Refer AWS documentation - CodePipeline Approvals
In AWS CodePipeline, you can add an approval action to a stage in a pipeline at the point where you want the pipeline execution to stop so that someone with the required AWS Identity and Access Management permissions can approve or reject the action.
If the action is approved, the pipeline execution resumes. If the action is rejected-or if no one approves or rejects the action within seven days of the pipeline reaching the action and stopping-the result is the same as an action failing, and the pipeline execution does not continue.
You might use manual approvals for these reasons:
* You want someone to perform a code review or change management review before a revision is allowed into the next stage of a pipeline.
* You want someone to perform manual quality assurance testing on the latest version of an application, or to confirm the integrity of a build artifact, before it is released.
* You want someone to review new or updated text before it is published to a company website.

 

NEW QUESTION 17
Company C is currently hosting their corporate site in an Amazon S3 bucket with Static Website Hosting enabled. Currently, when visitors go to http://www.companyc.com the index.html page is returned. Company C now would like a new page welcome.html to be returned when a visitor enters http://www.companyc.com in the browser.
Which of the following steps will allow Company C to meet this requirement? Choose 2 answers

  • A. Set the Error Document property to welcome.html
  • B. Upload an html page named welcome.html to their S3 bucket
  • C. Move the index.html page to a welcome subfolder
  • D. Set the Index Document property to welcome.html
  • E. Create a welcome subfolder in their S3 bucket

Answer: B,D

 

NEW QUESTION 18
A Developer is designing an AWS Lambda function that create temporary files that are less than
10 MB during execution. The temporary files will be accessed and modified multiple times during execution. The Developer has no need to save or retrieve these files in the future.
Where should the temporary file be stored?

  • A. Amazon S3
  • B. the /tmp directory
  • C. Amazon EBS
  • D. Amazon EFS

Answer: B

Explanation:
https://docs.aws.amazon.com/lambda/latest/dg/lambda-dg.pdf (23)

 

NEW QUESTION 19
A user has created a snapshot of an EBS volume. Which of the below mentioned usage cases is not possible with respect to a snapshot?

  • A. Increase the size of the volume
  • B. Launch an instance
  • C. Decrease the volume size
  • D. Mirroring the volume from one AZ to another AZ

Answer: C

Explanation:
The EBS snapshots are a point in time backup of the volume. It is helpful to move the volume from one AZ to another or launch a new instance. The user can increase the size of the volume but cannot decrease it less than the original snapshot size.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html

 

NEW QUESTION 20
When writing a Lambda function, what is the benefit of instantiating AWS clients outside the scope of the handler?

  • A. Creating a new instance per invocation
  • B. Taking advantage of connection re-use
  • C. Legibility and stylistic convention
  • D. Better error handling

Answer: B

 

NEW QUESTION 21
A company recently experienced some unexpected downtime. After investigating, the company determines that a developer mistakenly terminated several production Amazon EC2 instances.
What should the company do to BEST protect against accidental terminations in the future.

  • A. Enable EC2 termination protection on production instances. Deny the developer group's permissions policy access to terminate instance. Create a new role that developer can assume when termination is necessary.
  • B. Enable EC2 termination protection on all production instances unless approval has been given through AWS Resource Access Manager.
  • C. Modify the developer group's permission policy to require multi-factor authentication (MFA) only production instances are being delete Enable EC2 termination protection on production instances.
  • D. Modify the developer group's permissions policy to deny them access to delete production instances unless approved has been given through AWS Resource Access Manager.

Answer: B

 

NEW QUESTION 22
How can you secure data at rest on an EBS volume?

  • A. Attach the volume to an instance using EC2's SSL interface.
  • B. Use an encrypted file system on top of the BBS volume.
  • C. Write the data randomly instead of sequentially.
  • D. Encrypt the volume using the S3 server-side encryption service.
  • E. Create an IAM policy that restricts read and write access to the volume.

Answer: B

 

NEW QUESTION 23
A static website is hosted in an Amazon S3 bucket. Several HTML pages on the site use JavaScript to download images from another Amazon S3 bucket. These images are not displayed when users browse the site.
What is the possible cause for the issue?

  • A. The images must be stored in the same Amazon S3 bucket.
  • B. Port 80 must be opened on the security group in which the Amazon S3 bucket is located.
  • C. The referenced Amazon S3 bucket is in another region.
  • D. Cross Origin Resource Sharing must be enabled on the Amazon S3 bucket.

Answer: D

 

NEW QUESTION 24
A developer is migrating code to an AWS Lambda function that will access an Amazon Aurora MySQL database.
What is the MOST secure way to authenticate the function to the database?

  • A. Store the database credentials as encrypted parameters in AWS Systems Manager Parameter Store Obtain the credentials from Systems Manager when the Lambda function needs to connect to the database
  • B. Store the database credentials in an Amazon S3 bucket that has a restrictive bucket policy for the Lambda role only when accessing the credentials Use AWS KMS to encrypt the data
  • C. Store the database credentials in AWS Secrets Manager Let Secrets Manager handle the rotation of the credentials, as required
  • D. Create a policy with rds-db connect access to the database and attach it to the role assigned to the Lambda function

Answer: C

 

NEW QUESTION 25
An application under development is required to store hundreds of video files. The data must be encrypted within the application prior to storage, with a unique key for each video file.
How should the Developer code the application?

  • A. Upload the data to an S3 bucket using server side-encryption with an AWS KMS key.
  • B. Use the KMS Encrypt API to encrypt the data. Store the encrypted data key and data.
  • C. Use the KMS GenerateDataKey API to get a data key. Encrypt the data with the data key. Store the encrypted data key and data.
  • D. Use a cryptography library to generate an encryption key for the application. Use the encryption key to encrypt the data. Store the encrypted data.

Answer: C

Explanation:
Explanation
Refer AWS documentation - KMS GenerateDataKey
Returns a data encryption key that you can use in your application to encrypt data locally.
You must specify the customer master key (CMK) under which to generate the data key. You must also specify the length of the data key using either the field. You must specify one field or the other, but not both. For common key lengths (128-bit and 256-bit symmetric keys), we recommend that you use KeySpec. To perform this operation on a CMK in a different AWS account, specify the key ARN or alias ARN in the value of the KeyId parameter.
This operation returns a plaintext copy of the data key in the field of the response, and an encrypted copy of the data key in the CiphertextBlob field. The data key is encrypted under the CMK specified in the KeyId field of the request.

 

NEW QUESTION 26
A Developer must encrypt a 100-GB object using AWS KMS.
What is the BEST approach?

  • A. Make a GenerateDataKeyWithoutPlaintext API call that returns an encrypted copy of a data key.
    Use an encrypted key to encrypt the data
  • B. Make an Encrypt API call to encrypt the plaintext data as ciphertext using a customer master key (CMK) with imported key material
  • C. Make a GenerateDataKey API call that returns a plaintext key and an encrypted copy of a data key.
    Use a plaintext key to encrypt the data
  • D. Make an Encrypt API call to encrypt the plaintext data as ciphertext using a customer master key (CMK)

Answer: A

 

NEW QUESTION 27
A user is creating a snapshot of an EBS volume. Which of the below statements is incorrect in relation to the creation of an EBS snapshot?

  • A. It is stored in the same AZ as the volume
  • B. It is a point in time backup of the EBS volume
  • C. It can be used to launch a new instance
  • D. Its incremental

Answer: A

Explanation:
The EBS snapshots are a point in time backup of the EBS volume. It is an incremental snapshot, but is always specific to the region and never specific to a single AZ.
Hence the statement "It is stored in the same AZ as the volume" is incorrect.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html

 

NEW QUESTION 28
When a Developer tries to run an AWS CodeBuild project, it raises an error because the length of all environment variables exceeds the limit for the combined maximum of characters.
What is the recommended solution?

  • A. Update the settings for the build project to use an Amazon S3 bucket for large numbers of environment variables.
  • B. Use Amazon Cognito to store key-value pairs for large numbers of environment variables.
  • C. Add the export LC_ALL="en_US.utf8"command to the pre_buildsection to ensure POSIX localization.
  • D. Use AWS Systems Manager Parameter Store to store large numbers of environment variables.

Answer: D

Explanation:
Explanation/Reference:
Reference: https://docs.aws.amazon.com/codebuild/latest/userguide/troubleshooting.html

 

NEW QUESTION 29
In regard to AWS CloudFormation, what is a stack?

  • A. The set of AWS templates that are created and managed as a template
  • B. The set of AWS resources that are created and managed as a single unit
  • C. The set of AWS resources that are created and managed as a template
  • D. The set of AWS templates that are created and managed as a single unit

Answer: B

Explanation:
A stack is the set of AWS resources that are created and managed as a single unit when AWS CloudFormation initiates a template.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/concept-stack.html

 

NEW QUESTION 30
A company needs to ingest terabytes of data each hour from thousands of sources that are delivered almost continually throughout the day. The volume of messages generated varies over the course of the day.
Messages must be delivered in real time for fraud detection and live operational dashboards.
Which approach will meet these requirements?

  • A. Send the messages to an Amazon SQS queue, then process the messages by using a fleet of Amazon EC2 instances
  • B. Use Amazon Kinesis Data Streams with Kinesis Client Library to ingest and deliver messages
  • C. Use the Amazon S3 API to write messages to an S3 bucket, then process the messages by using Amazon Redshift
  • D. Use AWS Data Pipeline to automate the movement and transformation of data

Answer: B

Explanation:
Explanation
https://aws.amazon.com/streaming-data/

 

NEW QUESTION 31
A developer is creating an AWS Lambda function that generates a new file each time it runs. Each new file must be checked into an AWS CodeCommit repository hosted in the same AWS account.
How should the developer accomplish this?

  • A. Upload the new to an Amazon S3 bucket. Create an AWS Step Function to accept S3 events. In the Step Function, add the new file to the repository.
  • B. Use an AWS SDK to instantiate a CodeCommit client. Invoke the put_file method to add the file to the repository.
  • C. When the Lambda function starts, use the Git CLI to clone the repository. Check the new file into the cloned repository and push the change.
  • D. After the new file is created in Lambda, use cURL to invoke the CodeCommit API. Send the file to the repository.

Answer: C

 

NEW QUESTION 32
An application that runs on an Amazon EC2 instance needs to access and make API calls to multiple AWS services.
What is the MOST secure way to provide access to the AWS services with MINIMAL management overhead?

  • A. Use AWS root user to make requests to the application.
  • B. Store and retrieve credentials from AWS CodeCommit.
  • C. Use EC2 instance profiles.
  • D. Use AWS KMS to store and retrieve credentials.

Answer: A

 

NEW QUESTION 33
A developer needs temporary access to resources in a second account
What is the MOST secure way to achieve this?

  • A. Establish trust, and add an SSH key for the second account to the IAM user
  • B. Create a dedicated IAM access key for the second account, and send it by mail.
  • C. Create a cross-account access role, and use sts:AssumeRcie API to get short-lived credentials
  • D. Use the Amazon Cognito user pools to get short-lived credentials for the second account

Answer: C

Explanation:
Reference:
https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html

 

NEW QUESTION 34
......

AWS-Developer Braindumps Real Exam Updated on Nov 06, 2022 with 503 Questions: https://www.testpassed.com/AWS-Developer-still-valid-exam.html

Latest AWS-Developer PDF Dumps & Real Tests Free Updated Today: https://drive.google.com/open?id=1OM0TG1_hqbBVdwEpqekTOke5rC09bNiB

Related Articles

more
Amazon AWS-Developer Certification Practice Exam

TestPassed provides test passed dumps & test questions of all IT certifications examinations. Our advantage is that our pass rate of test passed dumps is leading.

Latest Test Passed

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TestPassed NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy