没有合适的资源?快使用搜索试试~ 我知道了~
AWS Certified Developer Associate (DVA-C02)- 认证考试题库-英文-系列一.pdf
需积分: 0 2 下载量 13 浏览量
2023-10-11
09:41:06
上传
评论
收藏 53KB PDF 举报
温馨提示
试读
35页
最新更新,引领你走向成功! 题库系列说明 系列1为50道免费题库 系列2为高频题库 系列3为完整题库 尊敬的考生们,您是否在寻找一款优质的学习资料来备战AWS认证考试?我们为您带来了最新的AWS证考试题库!它将帮助您更好地理解AWS架构,提升考试通过率。 全面的内容:本题库覆盖了AWS认证考试的所有知识点,从云计算基础到高级架构设计,一应俱全。每道题目都附有详细的答案解析,让您深入理解每一个知识点。 实战模拟:本题库不仅提供了大量的理论知识题目,还提供了大量的实战模拟题。这些模拟题将帮助您熟悉考试形式,提前适应考试节奏,从而在真正的考试中更加自信。 语言优势:本题库采用中英文编写,让您在备考过程中更加轻松。无论是理论题目还是实战模拟题,我们都为您提供了清晰易懂的中文字幕解释,让您更快地掌握AWS架构知识。 高通过率:据统计,使用我们题库的考生在AWS认证考试中的通过率高达90%以上。这充分证明了我们的题库价值和权威属性
资源推荐
资源详情
资源评论
此资料版权为csdn博主rongyili88所有请勿转载,更多题库请在微信小程序中搜索“最全刷题”或访问https://www.examtopics.cn
Question1 : A company is planning to securely manage one-time fixed license keys in AWS. The
company's development team needs to access the license keys in automaton scripts that run in
Amazon EC2 instances and in AWS CloudFormation stacks.
Which solution will meet these requirements MOST cost-effectively?
A: Amazon S3 with encrypted files prefixed with “config”
B: AWS Secrets Manager secrets with a tag that is named SecretString
C: AWS Systems Manager Parameter Store SecureString parameters
D: CloudFormation NoEcho parameters
Explanation : Explanation :AWS Systems Manager Parameter Store SecureString parameters is
the most cost-effective way to securely manage and store configuration data and secrets. This
feature provides the ability to obtain the latest AMI ID, password, license key, a connection string,
and other sensitive information that are needed for managing systems and running scripts.
Answer: C
Question2 : A developer is creating an application that includes an Amazon API Gateway REST
API in the us-east-2 Region. The developer wants to use Amazon CloudFront and a custom
domain name for the API. The developer has acquired an SSL/TLS certificate for the domain from
a third-party provider.
How should the developer configure the custom domain for the application?
A: Import the SSL/TLS certificate into AWS Certificate Manager (ACM) in the same Region as the
API. Create a DNS A record for the custom domain.
B: Import the SSL/TLS certificate into CloudFront. Create a DNS CNAME record for the custom
domain.
C: Import the SSL/TLS certificate into AWS Certificate Manager (ACM) in the same Region as the
API. Create a DNS CNAME record for the custom domain.
D: Import the SSL/TLS certificate into AWS Certificate Manager (ACM) in the us-east-1 Region.
Create a DNS CNAME record for the custom domain.
此资料版权为csdn博主rongyili88所有请勿转载,更多题库请在微信小程序中搜索“最全刷题”或访问https://www.examtopics.cn
Explanation : Explanation :Amazon API Gateway requires that certificates be imported into AWS
Certificate Manager (ACM) in the same Region as the API. Therefore, in this case, the us-east-2
Region. It does not support certificates that were imported into CloudFront, and ACM certificates
for use with Amazon CloudFront distributions must be imported in the us-east-1 Region.
Accordingly, you should import the SSL/TLS certificate into ACM in the same region as the API
and then create a DNS A record for the custom domain.
Answer: A
Question3 : A developer has written an AWS Lambda function. The function is CPU-bound. The
developer wants to ensure that the function returns responses quickly.
How can the developer improve the function's performance?
A: Increase the function's CPU core count.
B: Increase the function's memory.
C: Increase the function's reserved concurrency.
D: Increase the function's timeout.
Explanation : Explanation :AWS Lambda's CPU power is proportionally tied to the amount of
memory, so by increasing the function's memory, the AWS Lambda function's CPU power will also
increase. This makes it more powerful and capable of returning responses more quickly.
Answer: B
Question4 : A developer is incorporating AWS X-Ray into an application that handles personal
identifiable information (PII). The application is hosted on Amazon EC2 instances. The application
trace messages include encrypted PII and go to Amazon CloudWatch. The developer needs to
ensure that no PII goes outside of the EC2 instances.
Which solution will meet these requirements?
A: Manually instrument the X-Ray SDK in the application code.
B: Use the X-Ray auto-instrumentation agent.
此资料版权为csdn博主rongyili88所有请勿转载,更多题库请在微信小程序中搜索“最全刷题”或访问https://www.examtopics.cn
C: Use Amazon Macie to detect and hide PII. Call the X-Ray API from AWS Lambda.
D: Use AWS Distro for Open Telemetry.
Explanation : Explanation :Manually instrumenting the X-Ray SDK allows the developer to have
granular control over what trace data is collected and sent to X-Ray and hence, they can ensure
that no Personal Identifiable Information goes outside of the EC2 instances.
Answer: A
Question5 : A developer is building a highly secure healthcare application using serverless
components. This application requires writing temporary data to /tmp storage on an AWS Lambda
function. How should the developer encrypt this data?
A: Enable Amazon EBS volume encryption with an AWS KMS key in the Lambda function
configuration so that all storage attached to the Lambda function is encrypted.
B: Set up the Lambda function with a role and key policy to access an AWS KMS key. Use the key
to generate a data key used to encrypt all data prior to writing to /tmp storage.
C: Use OpenSSL to generate a symmetric encryption key on Lambda startup. Use this key to
encrypt the data prior to writing to /tmp.
D: Use an on-premises hardware security module (HSM) to generate keys, where the Lambda
function requests a data key from the HSM and uses that to encrypt data on all requests to the
function.
Explanation : Explanation :Option B is the most suitable method for a developer to ensure the
encryption of temporary data written to /tmp storage on an AWS Lambda function. This method
focuses on creating a secure access key that is used to encrypt all data before it is written to /tmp
storage.
Answer: B
Question6 : A company is planning to deploy an application on AWS behind an Elastic Load
Balancer. The application uses an HTTP/HTTPS listener and must access the client IP addresses.
Which load-balancing solution meets these requirements?
此资料版权为csdn博主rongyili88所有请勿转载,更多题库请在微信小程序中搜索“最全刷题”或访问https://www.examtopics.cn
A: Use an Application Load Balancer and the X-Forwarded-For headers.
B: Use a Network Load Balancer (NLB). Enable proxy protocol support on the NLB and the target
application.
C: Use an Application Load Balancer. Register the targets by the instance ID.
D: Use a Network Load Balancer and the X-Forwarded-For headers.
Explanation : Explanation :To capture the client IP address with HTTP or HTTPS requests, an
Application Load Balancer should be used with X-Forwarded-For headers. This allows the IP
address of the client to be forwarded on to the application. As such, Option A is the correct
answer. Network Load Balancers (Options B and D) don't natively support HTTP/HTTPS listeners
and while they can be configured with proxy protocol, it's much simpler to use the Application Load
Balancer solution. For Option C, registering targets by instance ID does not address capturing
client IP information.
Answer: A
Question7 : An application under development is required to store hundreds of video files. The
data must be encrypted within the application prior to storage, with a unique key for each video
file. How should the developer code the application?
A: Use the KMS Encrypt API to encrypt the data. Store the encrypted data key and data.
B: Use a cryptography library to generate an encryption key for the application. Use the encryption
key to encrypt the data. Store the encrypted data.
C: Use the KMS GenerateDataKey API to get a data key. Encrypt the data with the data key. Store
the encrypted data key and data.
D: Upload the data to an S3 bucket using server side-encryption with an AWS KMS key.
Explanation : Explanation :The KMS GenerateDataKey API will provide a unique key for each
video file which satisfies the requirement. The data key is then used to encrypt the data. The
encrypted data key and the encrypted data is then stored.
此资料版权为csdn博主rongyili88所有请勿转载,更多题库请在微信小程序中搜索“最全刷题”或访问https://www.examtopics.cn
Answer: C
Question8 : A developer created an AWS Lambda function that accesses resources in a VPC.
The Lambda function polls an Amazon Simple Queue Service (Amazon SQS) queue for new
messages through a VPC endpoint. Then the function calculates a rolling average of the numeric
values that are contained in the messages. After initial tests of the Lambda function, the developer
found that the value of the rolling average that the function returned was not accurate. How can
the developer ensure that the function calculates an accurate rolling average?
A: Set the function's reserved concurrency to 1. Calculate the rolling average in the function. Store
the calculated rolling average in Amazon ElastiCache.
B: Modify the function to store the values in Amazon ElastiCache. When the function initializes,
use the previous values from the cache to calculate the rolling average.
C: Set the function's provisioned concurrency to 1. Calculate the rolling average in the function.
Store the calculated rolling average in Amazon ElastiCache.
D: Modify the function to store the values in the function's layers. When the function initializes,
use the previously stored values to calculate the rolling average.
Explanation : Explanation :Storing the raw values in ElastiCache is a good way for the lambda
function to retrieve previous values and correctly compute the rolling average. Also, it allows to
processe multiple records and calculate correct aggregations.
Answer: B
Question9 : A developer creates a VPC named VPC-A that has public and private subnets. The
developer also creates an Amazon RDS database inside the private subnet of VPC-A. To perform
some queries, the developer creates an AWS Lambda function in the default VPC. The Lambda
function has code to access the RDS database. When the Lambda function runs, an error
message indicates that the function cannot connect to the RDS database. How can the developer
solve this problem?
A: Modify the RDS security group. Add a rule to allow traffic from all the ports from the VPC CIDR
block.
剩余34页未读,继续阅读
资源评论
rongyili88
- 粉丝: 39
- 资源: 28
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功