A developer added a new feature to an application running on an Amazon EC2 instance that uses Amazon SQS After deployment, the developer noticed a significant increase in Amazon SQS costs. When monitoring the Amazon SQS metrics on Amazon CloudWatch. the developer found that on average one message per minute is posted on this queue.
What can be done to reduce Amazon SQS costs for this application?
An application is running on a cluster of Amazon EC2 instance. While trying to read objects stored within a single Amazon S3 bucket that are encrypted with server-side encryption with AWS KMS managed keys (SSE-KMS), the application receives the following error:
Service : AWSKMS: Status Code: 400: Code : ThrottlingException
Which combination of steps should be taken to prevent this failure? (Select TWO.)
A company is adding stored value for gift card) capability to its highly popular casual gaming website. Users need to be able to trade this value for other users' items on the platform. This would require both users' records be updated as a single transaction, or both users' records to be completely rolled back.
Which AWS database options can provide the transactional capability required for this new feature? (Select TWO )
A developer needs to create an application that supports Security Assertion Markup Language (SAML) and Facebook authentication It must also allow access to AWS services, such as Amazon DynamoDB.
Which AWS service or feature will meet these requirements with the LEAST amount of additional coding?
An organization is using Amazon CloudFront to ensure that its users experience low-latency access to its web application. The organization has identified a need to encrypt all traffic between users and CloudFront, and all traffic between CloudFront and the web application.
How can these requirements be met? (Choose two.)
Queries to an Amazon DynamoDB table are consuming a large amount of read capacity. The table has a significant number of large attributes. The application does not need all of the attribute data.
How can DynamoDB costs be minimized while maximizing application performance?
A front-end web application is using Amazon Cognito user pools to handle the user authentication flow. A developer is integrating Amazon DynamoDB into the application using the AWS SDK for JavaScript
How would the developer securely call the API without exposing the access or secret keys?
A global company has an application running on Amazon EC2 instances that serves image files from Amazon S3. User requests from the browser are causing high traffic, which results in degraded performance.
Which optimization solution should a Developer implement to increase application performance?
A company is developing a report executed by AWS Step Functions Amazon CloudWatch shows errors in the Step Functions task state machine To troubleshoot each task, the state input needs to be included along with the error message in the state output.
Which coding practice can preserve both the original input and the error for the state?
A company has an AWS CloudFormation template that is stored as a single file. The template is able to launch and create a full infrastructure stack.
Which best practice would increase the maintainability of the template?
A gaming company is developing a mobile game application for iOS® and Android® platforms. This mobile game securely stores user data locally on the device. The company wants to allow users to use multiple device for the game, which requires user data synchronization across device.
Which service should be used to synchronize user data across devices without the need to create a backend application?
A company runs continuous integration/continuous delivery (CI/CD) pipeline for its application on AWS CodePipeline. A developer must write unit tests and run them as part of the pipelines before staging the artifacts for testing.
How should the Developer incorporate unit tests as part of CI/CD pipeline?
A company caches session information for a web application in an Amazon DynamoDB table. The company wants an automated way to delete old items from the table.
What is the simplest way to do this?
A company is running a Docker application on Amazon ECS. The application must scale based on user load in the last 15 seconds.
How should a Developer instrument the code so that the requirement can be met?
A developer is designing a serverless application for an ecommerce website. An Amazon API Gateway API exposes.....
user operations. The website features shopping carts for the users. The shopping carts must be stored for extended..... the front-end application.
The load on the application will vary significantly based on the time of day and the promotional sales that are offered..... scale automatically to meet these changing demands.
Which solution will meet these requirements?
A Developer created a new AWS account and must create a scalable AWS Lambda function that meets the following requirements for concurrent execution:
Which step must be taken prior to deployment to prevent errors?
A company is building an application for stock trading. The application needs sub-millisecond latency for processing trade requests. The company uses Amazon DynamoDB to store all the trading data that is used to process each trading request
A development team performs load testing on the application and finds that the data retrieval time is higher than expected. The development team needs a solution that reduces the data retrieval time with the least possible effort.
Which solution meets these requirements?
A company manages a financial services application that stores a large volume of data in an Amazon DynamoDB table. A developer needs to improve the performance of the DynamoDB read queries without increasing the cost.
Which solution meets these requirements?
A developer runs an application that uses an Amazon API Gateway REST API. The developer needs to implement a solution to proactively monitor the health of both API responses and latencies in case a deployment causes a service disruption despite passing deployment pipeline tests. The solution also must check for endpoint vulnerability and unauthorized changes to APIs. URLs, and website content.
Which solution will meet these requirements?
A development team set up a pipeline to launch a test environment. The developers want to automate tests for their application. The team created an AWS CodePipeline stage to deploy the application to a test environment in batches using AWS Elastic Beanstalk. A later CodePipeline stage contains a single action that uses AWS CodeBuild to run numerous automated Selenium-based tests on the deployed application. The team must speed up the pipeline without removing any of the individual tests.
Which set of actions will MOST effectively speed up application deployment and testing?
A company requires objects that are stored in Amazon S3 to be encrypted The company is currently using server-side encryption with AWS KMS managed encryption keys (SSE-KMS) A developer needs to optimize the cost-effectiveness of the encryption mechanism without negatively affecting performance
What should the developer do to meet these requirements?
An application that is running on Amazon EC2 instances stores data in an Amazon S3 bucket. All the data must be encrypted in transit. How can a developer ensure that all traffic to the S3 bucket is encrypted?
A developer needs to deploy an application to AWS Elastic Beanstalk for a company. The application consists of a single Docker image. The company's automated continuous integration and continuous delivery (CI/CD) process builds the Docker image and pushes the image to a public Docker registry.
How should the developer deploy the application to Elastic Beanstalk?
A developer is migrating to Amazon Cognito from a custom user management solution that stores user information in a database. The developer has created a…… Amazon Cognito user pool. The developer needs to migrate the existing user information to the user pool without forcing users to change their passwords.
Which solution will meet these requirements?
A company is expanding the compatibility of its photo-sharing mobile app to hundreds of additional devices with unique screen dimensions and resolutions. Ph are stored in Amazon S3 in their original format and resolution. The company uses an Amazon CloudFront distribution to serve the photos. The app includes th dimension and resolution of the display as GET parameters with every request.
A developer needs to implement a solution that optimizes the photos that are served to each device to reduce load time and increase photo quality.
Which solution will meet these requirements MOST cost-effectively?
A media company wants to test its web application more frequently. The company deploys the application by using a separate AWS CloudFormation stack for each environment. The same CloudFormation template is deployed to each stack as the application progresses through the development lifecycle.
A developer needs to build an automated alert for the quality assurance (QA) team. The developer wants the alert to occur for new deployments in the final pre-production environment.
Which solution will moot these requirements?
A company is migrating a legacy application to a serverless application on AWS. The legacy application consists of a set of web services that are exposed by a Amazon API Gateway API. A developer needs to replace the existing implementation of web services with AWS Lambda functions. The developer needs to test new version of the" API that uses the functions in production. The developer must minimize the impact of the testing on the application's users.
Which solution will meet these requirements?
A company has an application that runs on AWS Elastic Beanstalk in a load-balanced environment. The company needs to update the instance types in the environment to a more recent generation of instance types. The company must minimize downtime during the deployment of this configuration change.
Which deployment options will meet these requirements? (Choose two.)
A developer notices timeouts from the AWS CLI when the developer runs list commands. What should the developer do to avoid these timeouts?
A company is using an AWS Lambda function to process records from an Amazon Kinesis data stream The company recently observed slow processing of the records. A developer notices that the iterator age metric for the function is Increasing and that the Lambda run duration is constantly above normal.
Which actions should the developer take to increase the processing speed? (Select TWO.)
An IAM role is attached to an Amazon EC2 instance that explicitly denies access to all Amazon S3 API actions. The EC2 instance credentials file specifies the IAM access key and secret access key, which allow full administrative access.
Given that multiple modes of IAM access are present for this EC2 instance, which of the following is correct?
A gaming application stores scores for players in an Amazon DynamoDB table that has four attributes user_id, user_name, user_score, and user_rank. The users are allowed to update their names only A user is authenticated by web identity federation.
Which set of conditions should be added in the policy attached to the role for the dynamodb Putltem API call?
A)
B)
C)
D)
A developer is trying to get data from an Amazon DynamoDB table called demoman-table The developer configured the AWS CLI to use a specific 1AM user's credentials and executed the following command:
aws dynamodb get-item table-name demoman-table --key '("id": <"N''; ''1993''}} '
The command returned errors and no rows were returned
What is the MOST likely cause of these issues?
A company is providing read access to objects in an Amazon S3 bucket for different customers The company uses 1AM permissions to restnd access to the S3 bucket The customers can access only their own files
Due to a regulation requirement the company needs to enforce encryption in transit for interactions with Amazon S3
Which solution will meet these requirements'?
A developer is building a static, client-side rendered website that is powered by ReactJS The code has no server-side generated components and does not need to run any programming languages on the server However the code serves static HTML, CSS, and JavaScript to the client on each request The developer's solution to host the website must maximize performance and cost-effectiveness
Which combination of AWS services or resources should the developer use to meet these requirements?
A developer is building a WebSocket API using Amazon API Gateway. The payload sent to this API is JSON that includes an action key This key can have three different values create, update, and remove The developer must integrate with different routes based on the value of the action key of the incoming JSON payload.
How can the developer accomplish this task with the LEAST amount of configuration?
A data-processing application includes an AWS Lambda function that processes data in several steps. Recently, the function has been reaching the Lambda tii A developer wants to use AWS X-Ray to find out how long each step is taking so that the developer can determine which step is causing the timeout.
Which combination of actions should the developer take to accomplish this goal? (Select TWO.)
A developer is writing a new serverless application for a company. Several other developers must collaborate on the code for this application, and the company expects frequent changes to the code. The developer needs to deploy the code from source control to AWS Lambda with the fewest number of manual steps.
Which strategy for the build and deployment should the developer use to meet these requirements?
A developer is creating an AWS CloudFormation template to deploy Amazon EC2 instances across multiple AWS accounts. The developer must choose the EC2 instances from a list of approved instance types.
How can the developer incorporate the list of approved instance types in the CloudFormation template?
A company must encrypt sensitive data that the company will store in Amazon S3. A developer must retain total control over the company's AWS Key Management Service (AWS KMS) key and the company’s data keys. The company currently uses an on-premises hardware security module (HSM) solution. The company wants to move its key management onto AWS.
Which solution will meet these requirements?
A developer needs to secure the static assets in a company's Amazon S3 bucket that is named DOC-EXAMPLE-BUCKET. The company has an Amazon CtoudFront distribution that serves the S3 bucket's assets to the public. The developer has already created the origin access identity (OAI) and has associated the OAI with the distribution. The developer must write a bucket policy that allows only the CloudFront distribution to access the S3 bucket
Which policy will meet this requirement MOST securely?
A)
B)
C)
D)
A developer wants to implement authentication using Amazon Cognito user pools for an existing API in Amazon API Gateway. After creating the Amazon Cognito user pool, the developer tests the GET request to the API. Unauthenticated requests to the API return a 200 OK status response.
Which combination of additional steps are required to complete the authentication implementation? (Select TWO.)
A developer is creating a web application that collects highly regulated and confidential user data through a POST request. The web application is served through Amazon CloudFront. User names and phone numbers must be encrypted at the edge and must remain encrypted throughout the entire application stack.
What is the MOST secure way to meet these requirements?
A developer at a company recently created a serverless application to process and show data from business reports. The application's user interface (Ul) allow users to select and start processing the files. The Ul displays a message when the result is available to view. The application uses AWS Step Functions with A Lambda functions "to process the files. The developer used Amazon API Gateway and Lambda functions to create an API to support the Ul.
The company's Ul team reports that the request to process a file is often returning timeout errors because of the size or complexity of the files. The Ul team w< API to provide an immediate response so that the Ul can display a message while the files are being processed. The backend process that is invoked by the A needs to send an email message when the report processing is complete.
What should the developer do to configure the API to meet these requirements?
A developer deploys an ecommerce application on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances run in an Amazon EC2 Auto Scaling group. The EC2 instances are based on an Amazon Machine Image (AMI) that uses an Amazon Elastic Block Store (Amazon EBS) root volume. After deployment, the developer notices that a third of the instances seem to be idle. These instances are not receiving requests from the load balancer. The developer verifies that all the instances are registered with the load balancer. The developer must implement a solution to allow the EC2 instances to receive requests from the load balancer.
Which action will meet this requirement?
A developer is planning to use an Amazon API Gateway and AWS Lambda to provide a REST API The developer will have three distinct environments to manage development, test, and production. How should the application be deployed while minimizing the number of resources to manage?
A developer is creating AWS CloudFormation templates to manage an application's deployment in Amazon Elastic Container Service (Amazon ECS) through AWS CodeDeploy. The developer wants to automatically deploy new versions of the application to a percentage of users before the new version becomes available for all users.
How should the developer manage the deployment of the new version?
A Developer must analyze performance issues with production-distributed applications written as AWS Lambda functions. These distributed Lambda applications invoke other components that make up the applications.
How should the Developer identify and troubleshoot the root cause of the performance issues in production?
A company is using Amazon API Gateway to manage its public-facing API. The CISO requires that the APIs be used by test account users only. What is the MOST secure way to restrict API access to users of this particular AWS account?
A three-tier application hosted on AWS uses Amazon RDS for MYSQL as its database. A developer must ensure the database credentials are stored and accessed securely.
What is the MOST secure way for the developer to achieve this?
A Developer is migrating an on-premises application to AWS. The application currently takes user uploads and saves them to a local directory on the server. All uploads must be saved and made immediately available to all instances in an Auto scaling group.
Which approach will meet these requirements?
A developer Is designing an AWS Lambda function that create temporary files that are less than 10 MB during execution. The temporary files will be accessed and modified multiple times during execution. The developer has no need to save or retrieve these files in the future.
Where should the temporary file be stored?
A Developer is going to deploy an AWS Lambda function that requires significant CPU utilization. Which approach will MINIMIZE the average runtime of the function?
To include objects defined by the AWS Serverless Application Model (SAM) in an AWS CloudFormation template, in addition to Resources, what section MUST be included in the document root?
An application writes items to an Amazon DynamoDB table. As the application scales to thousands of instances, calls to the DynamoDB API generate occasional ThrottlingException errors. The application is coded in a language incompatible with the AWS SDK.
How should the error be handled?
An application uses Amazon Kinesis Data Streams to ingest and process large streams of data records in real time. Amazon EC2 instances consume and process the data from the shards of the Kinesis data stream by using Amazon Kinesis Client Library (KCL). The application handles the failure scenarios and does not require standby workers. The application reports that a specific shard is receiving more data than expected. To adapt to the chnages in the rate of data flow, the “hot” shard is resharded.
Assuming that the initial number of shards in the Kinesis data stream is 4, and after resharding the number of shards increased to 6, what is the maximum number of EC2 instances that can be deployed to process data from all the shards?
A developer has created an AWS Lambda function that is written in Python The Lambda function reads data from objects in Amazon S3 and writes data to an Amazon DynamoDB table
The function is successfully invoked from an S3 event notification when an object is created However, the function fails when if attempts to write to the DynamoDB table
What is the MOST likely cause of this issue?
A developer wants to insert a record into an Amazon DynamoDB table as soon as a new file is added to an Amazon S3 bucket.
Which set of steps would be necessary to achieve this?
An application running on multiple Amazon EC2 instances pulls messages ...SQS queue. A requirement for the application is that all messages must be encrypted at rest.
Developers are instructed to use methods that allow for centralized .. possible support requirements whenever possible.
Which of the following solution supports these requirements?
A developer is leveraging a Border Gateway Protocol (BGP)-based AWS VPN connection to connect from on-premises to Amazon EC2 instances in the developer's account The developer is able to access an EC2 instance in subnet A, but is unable to access an EC2 instance in subnet B in the same VPC
Which logs can the developer use to verify whether the traffic is reaching subnet B?
A developer from AnyCompany's AWS account needs access to the Example Corp AWS account AnyCompany uses an identity provider that is compatible with OpenID Connect.
What is the MOST secure way for Example Corp to allow developer access?
A company process incoming documents from an Amazon S3 bucket. Users upload documents to an S3 bucket using a web user interface. Upon receiving files in S3, and AWS Lambda function is invoked to process the files, but the Lambda function times out intermittently.
If the Lambda function is configured with the default settings, what will happen to the S3 event when there is a timeout exception?
An application runs on multiple EC2 instances behind an ELB.
Where is the session data best written so that it can be served reliably across multiple requests?
A developer is working on an ecommerce website. The developer wants to review server logs without logging in to each of the application servers individually. The website runs on multiple Amazon EC2 instances, is written in Python, and needs to be highly available.
How can the developer update the application to meet these requirements with MINIMUM changes?
A company has a multi-tiered web application on AWS. During a recent spike in traffic, one of the primary relational databases on Amazon RDS could not serve all the traffic. Some read queries for repeatedly accessed items failed, so users received error messages.
What can be done to minimize the impact on database read queries MOST efficiently during future traffic spikes?
A Developer wants to find a list of items in a global secondary index from an Amazon DynamoDB table.
Which DynamoDB API call can the Developer use in order to consume the LEAST number of read capacity units?
Which of the following are valid SNS delivery transports? Choose 2 answers
A Developer is developing an application that manages financial transactions. To improve security, multi-factor authentication (MFA) will be required as part of the login protocol.
What services can the Developer use to meet these requirements?
A company wants to implement a continuous integration for its workloads on AWS. The company wants to trigger unit test in its pipeline for commits-on its code repository, and wants to be notified of failure events in the pipeline.
How can these requirements be met?
A company needs to encrypt data at rest, but it wants to leverage an AWS managed service using its own master key.
Which of the following AWS service can be used to meet these requirements?
If an application is storing hourly log files from thousands of instances from a high traffic web site, which naming scheme would give optimal performance on S3?
A Developer wants to use AWS X-Ray to trace a user request end-to-end throughput the software stack. The Developer made the necessary changes in the application tested it, and found that the application is able to send the traces to AWS X-Ray. However, when the application is deployed to an EC2 instance, the traces are not available.
Which of the following could create this situation? (Select two.)
An application running on Amazon EC2 instances must access objects within an Amaon S3 busket that are encrypted using server-side encryption using AWS KMS encryption keys (SSE-KMS). The application must have access to the customer master key (CMK) to decrypt the objects.
Which combination of steps will grant the application access? (Select TWO.)
A Developer is designing a fault-tolerant environment where client sessions will be saved.
How can the Developer ensure that no sessions are lost if an Amazon EC2 instance fails?
Amazon S3 has the following structure: S3://BUCKET/FOLDERNAME/FILENAME.zip
Which S3 best practice would optimize performance with thousands of PUT request each second to a single bucket?
Given the source code for an AWS Lambda function in the local store.py containing a handler function called get_store and the following AWS CloudFormation template:
What should be done to prepare the template so that it can be deployed using the AWS CLI command aws
cloudformation deploy?
Company C has recently launched an online commerce site for bicycles on AWS. They have a "Product" DynamoDB table that stores details for each bicycle, such as, manufacturer, color, price, quantity and size to display in the online store. Due to customer demand, they want to include an image for each bicycle along with the existing details.
Which approach below provides the least impact to provisioned throughput on the "Product" table?
An application has hundreds of users. Each user may use multiple devices to access the application. The Developer wants to assign unique identifiers to these users regardless of the device they use.
Which of the following methods should be used to obtain unique identifiers?
What AWS products and features can be deployed by Elastic Beanstalk? Choose 3 answers
Which of the following is chosen as the default region when making an API call with an AWS SDK?
A Developer is asked to implement a caching layer in front of Amazon RDS. Cached content is expensive to regenerate in case of service failure. Which implementation below would work while maintaining maximum uptime?
Which of the following services are included at no additional cost with the use of the AWS platform? Choose 2 answers
Company B provides an online image recognition service and utilizes SQS to decouple system components for scalability The SQS consumers poll the imaging queue as often as possible to keep end-to-end throughput as high as possible. However, Company B is realizing that polling in tight loops is burning CPU cycles and increasing costs with empty responses.
How can Company B reduce the number of empty responses?
You have written an application that uses the Elastic Load Balancing service to spread traffic to several web servers. Your users complain that they are sometimes forced to login again in the middle of using your application, after they have already logged in. This is not behavior you have designed.
What is a possible solution to prevent this happening?
A Developer is writing an imaging micro service on AWS Lambda. The service is dependent on several libraries that are not available in the Lambda runtime environment.
Which strategy should the Developer follow to create the Lambda deployment package?
A company maintains an application responsible for processing several thousand external callbacks each day. The company’s System administrators want to know how many callbacks are being received on a rolling basis, and they want this data available for 10 days. The company also wants the ability to issue automated alerts if the number of callbacks exceeds the defined thresholds.
What is the MOST cost-effective way to address the need to track and alert on these statistics?