• Home
  • Articles
  • Get 2025 Most Reliable Amazon DVA-C02 Training Materials [Q111-Q127]

Get 2025 Most Reliable Amazon DVA-C02 Training Materials [Q111-Q127]

Share

Get 2025 Most Reliable Amazon DVA-C02 Training Materials

The Realest Study Materials DVA-C02 Dumps

NEW QUESTION # 111
A company is migrating an on-premises database to Amazon RDS for MySQL. The company has read-heavy workloads. The company wants to refactor the code to achieve optimum read performance for queries.
Which solution will meet this requirement with LEAST current and future effort?

  • A. Use a multi-AZ Amazon RDS deployment. Increase the number of connections that the code makes to the database or increase the connection pool size if a connection pool is in use.
  • B. Deploy Amazon RDS with one or more read replicas. Modify the application code so that queries use the URL for the read replicas.
  • C. Use open source replication software to create a copy of the MySQL database on an Amazon EC2 instance. Modify the application code so that queries use the IP address of the EC2 instance.
  • D. Use a multi-AZ Amazon RDS deployment. Modify the code so that queries access the secondary RDS instance.

Answer: B

Explanation:
Explanation
Amazon RDS for MySQL supports read replicas, which are copies of the primary database instance that can handle read-only queries. Read replicas can improve the read performance of the database by offloading the read workload from the primary instance and distributing it across multiple replicas. To use read replicas, the application code needs to be modified to direct read queries to the URL of the read replicas, while write queries still go to the URL of the primary instance. This solution requires less current and future effort than using a multi-AZ deployment, which does not provide read scaling benefits, or using open source replication software, which requires additional configuration and maintenance. Reference: Working with read replicas


NEW QUESTION # 112
A company generates SSL certificates from a third-party provider. The company imports the certificates into AWS Certificate Manager (ACM) to use with public web applications.
A developer must implement a solution to notify the company's security team 90 days before an imported certificate expires. The company already has configured an Amazon Simple Queue Service (Amazon SQS) queue. The company also has configured an Amazon Simple Notification Service (Amazon SNS) topic that has the security team's email address as a subscriber.
Which solution will provide the security team with the required notification about certificates?

  • A. Create an AWS Lambda function to search for all certificates that are expiring within 90 days.
    Program the Lambda function to send each identified certificate's Amazon Resource Name (ARN) in a message to the SQS queue.
  • B. Create an Amazon EventBridge rule that specifies the ACM Certificate Approaching Expiration event type. Set the SNS topic as the EventBridge rule's target.
  • C. Create an AWS Step Functions workflow that is invoked by each certificate's expiration notification from AWS CloudTrail. Create an AWS Lambda function to send each certificate's Amazon Resource Name (ARN) in a message to the SQS queue.
  • D. Configure AWS Config with the acm-certificate-expiration-check managed rule to run every 24 hours. Create an Amazon EventBridge rule that includes an event pattern that specifies the Config Rules Compliance Change detail type and the configured rule. Set the SNS topic as the EventBridge rule's target.

Answer: D


NEW QUESTION # 113
A company is implementing an application on Amazon EC2 instances. The application needs to process incoming transactions. When the application detects a transaction that is not valid, the application must send a chat message to the company's support team. To send the message, the application needs to retrieve the access token to authenticate by using the chat API.
A developer needs to implement a solution to store the access token. The access token must be encrypted at rest and in transit. The access token must also be accessible from other AWS accounts.
Which solution will meet these requirements with the LEAST management overhead?

  • A. Encrypt the access token by using an AWS Key Management Service (AWS KMS) AWS managed key.
    Store the access token in an Amazon S3 bucket. Add a bucket policy to the S3 bucket to allow access from other accounts. Update the IAM role of the EC2 instances with permissions to access Amazon S3 and AWS KMS. Retrieve the token from the S3 bucket. Decrypt the token by using AWS KMS on the EC2 instances. Use the decrypted access token to send the massage to the chat.
  • B. Use AWS Secrets Manager with an AWS Key Management Service (AWS KMS) customer managed key to store the access token. Add a resource-based policy to the secret to allow access from other accounts. Update the IAM role of the EC2 instances with permissions to access Secrets Manager.
    Retrieve the token from Secrets Manager. Use the decrypted access token to send the message to the chat.
  • C. Encrypt the access token by using an AWS Key Management Service (AWS KMS) customer managed key. Store the access token in an Amazon DynamoDB table. Update the IAM role of the EC2 instances with permissions to access DynamoDB and AWS KMS. Retrieve the token from DynamoDB. Decrypt the token by using AWS KMS on the EC2 instances. Use the decrypted access token to send the message to the chat.
  • D. Use an AWS Systems Manager Parameter Store SecureString parameter that uses an AWS Key Management Service (AWS KMS) AWS managed key to store the access token. Add a resource-based policy to the parameter to allow access from other accounts. Update the IAM role of the EC2 instances with permissions to access Parameter Store. Retrieve the token from Parameter Store with the decrypt flag enabled. Use the decrypted access token to send the message to the chat.

Answer: B

Explanation:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/secrets-manager-share-between-accounts/
https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples_cross.html


NEW QUESTION # 114
A company is using an AWS Lambda function to process records from an Amazon Kinesis data stream. The company recently observed slow processing of the records. A developer notices that the iterator age metric for the function is increasing and that the Lambda run duration is constantly above normal.
Which actions should the developer take to increase the processing speed? (Choose two.)

  • A. Increase the timeout of the Lambda function.
  • B. Increase the memory that is allocated to the Lambda function.
  • C. Decrease the number of shards of the Kinesis data stream.
  • D. Decrease the timeout of the Lambda function.
  • E. Increase the number of shards of the Kinesis data stream.

Answer: B,E

Explanation:
Increasing the number of shards of the Kinesis data stream will increase the throughput and parallelism of the data processing. Increasing the memory that is allocated to the Lambda function will also increase the CPU and network performance of the function, which will reduce the run duration and improve the processing speed. Option B is not correct because decreasing the timeout of the Lambda function will not affect the processing speed, but may cause some records to fail if they exceed the timeout limit. Option D is not correct because decreasing the number of shards of the Kinesis data stream will decrease the throughput and parallelism of the data processing, which will slow down the processing speed. Option E is not correct because increasing the timeout of the Lambda function will not affect the processing speed, but may increase the cost of running the function.


NEW QUESTION # 115
A developer is using AWS CodeDeploy to automate a company's application deployments to Amazon EC2.
Which application specification file properties are required to ensure the software deployments do not fail? (Select TWO.)

  • A. The file must be placed in the root of the directory structure of the application's source code.
  • B. The file must be a JSON-formatted file named appspec.json.
  • C. The file must be a YAML-formatted file named appspec.yml.
  • D. The file must be stored in AWS CodeBuild and referenced from the application's source code.
  • E. The file must be stored in Amazon S3 and referenced from the application's source code.

Answer: A,C

Explanation:
Comprehensive and Detailed Step-by-Step Explanation:To ensure successful software deployments using AWS CodeDeploy, the application specification file (appspec.yml or appspec.json) must adhere to specific requirements:
* File Format Requirement (Option B):
* The appspec.yml file is a YAML-formatted file required for defining deployment actions and file locations. This is the modern and recommended format for application specification files.
* It can also be a JSON-formatted file named appspec.json, but YAML is most commonly used and accepted.
* File Placement Requirement (Option D):
* The application specification file must reside in the root directory of the application's source code. This is necessary so that AWS CodeDeploy can detect and use the file during deployment.
* Incorrect Options:
* Option A: While a JSON-formatted file (appspec.json) is valid, this is not a mandatory requirement. YAML is also acceptable, and this option does not account for it.
* Option C: The application specification file is not required to be stored in AWS CodeBuild; it must be included in the source code's directory structure.
* Option E: The application specification file does not need to be stored in Amazon S3. S3 is commonly used for application artifacts, but the appspec.yml or appspec.json file must exist within the deployment package or source code root.
References:
* AWS CodeDeploy User Guide: Application Specification File


NEW QUESTION # 116
A developer needs to modify an application architecture to meet new functional requirements. Application data is stored in Amazon DynamoDB and processed tor analysis in a nightly batch. The system analysts do not want to wait until the next day to view the processed data and have asked to have it available in near-real time.
Which application architecture pattern would enable the data to be processed as it is received?

  • A. Event driven
  • B. Client-server d riven
  • C. Schedule driven
  • D. Fan-out driven

Answer: A


NEW QUESTION # 117
A developer is creating an application on Amazon Elastic Container Service (Amazon ECS). The developer needs to configure the application parameters. The developer must configure limits for the application's maximum number of simultaneous connections and maximum number of transactions per second.
The maximum number of connections and transactions can change in the future. The developer needs a solution that can automatically deploy these changes to the application, as needed, without causing downtime.
Which solution will meet these requirements?

  • A. Create an AWS Lambda function to make the configuration changes. Create an Amazon CloudWatch alarm that monitors the Lambda function every 5 minutes to check if the Lambda function has been updated. When the Lambda function is updated, deploy the changes by using AWS CodeDeploy.
  • B. Install the AWS AppConfig agent on Amazon ECS. Configure an IAM role with access to AWS AppConfig. Make the deployment changes by using AWS AppConfig. Specify Canary10Percent20Minutes as the deployment strategy.
  • C. Make the configuration changes for the application. Use AWS CodeDeploy to create a deployment configuration. Specify an in-place deployment to deploy the changes.
  • D. Bootstrap the application to use the AWS Cloud Development Kit (AWS CDK) and make the configuration changes. Specify the ECSCanary10Percent15Minutes launch type in the properties section of the ECS resource. Deploy the application by using the AWS CDK to implement the changes.

Answer: B

Explanation:
The AWS AppConfig Agent is the recommended method for retrieving AWS AppConfig feature flags or free form configuration data. The agent automatically implements best practices and may lower your cost of using AWS AppConfig as a result of fewer API calls to retrieve configurations.
https://docs.aws.amazon.com/appconfig/latest/userguide/appconfig-agent-how-to-use.html


NEW QUESTION # 118
A company has an application that uses an Amazon S3 bucket for object storage. A developer needs to configure in-transit encryption for the S3 bucket. All the S3 objects containing personal data needs to be encrypted at rest with AWS Key Management Service (AWS KMS) keys, which can be rotated on demand.
Which combination of steps will meet these requirements? (Choose two.)

  • A. Write an S3 bucket policy to allow only encrypted connections over HTTPS by using the aws:SecureTransport condition.
  • B. Configure S3 Block Public Access settings for the S3 bucket to allow only encrypted connections over HTTPS.
  • C. Configure an S3 bucket policy to enable client-side encryption for the objects containing personal data by using an AWS KMS customer managed key.
  • D. Configure the application to encrypt the objects by using an AWS KMS customer managed key before uploading the objects containing personal data to Amazon S3.
  • E. Write an S3 bucket policy to allow only encrypted connections over HTTPS by using permissions boundary.

Answer: A,D


NEW QUESTION # 119
An Amazon Simple Queue Service (Amazon SQS) queue serves as an event source for an AWS Lambda function In the SQS queue, each item corresponds to a video file that the Lambda function must convert to a smaller resolution The Lambda function is timing out on longer video files, but the Lambda function's timeout is already configured to its maximum value What should a developer do to avoid the timeouts without additional code changes'?

  • A. Use multi-threading for the conversion.
  • B. Increase the visibility timeout on the SQS queue
  • C. Increase the instance size of the host that runs the Lambda function.
  • D. Increase the memory configuration of the Lambda function

Answer: B

Explanation:
Visibility Timeout: When an SQS message is processed by a consumer (here, the Lambda function), it's temporarily hidden from other consumers. Visibility timeout controls this duration.
How It Helps:
Increase the visibility timeout beyond the maximum processing time your Lambda might typically take for long videos.
This prevents the message from reappearing in the queue while Lambda is still working, avoiding premature timeouts.
Reference:
SQS Visibility Timeout: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html


NEW QUESTION # 120
A developer creates a static website for their department The developer deploys the static assets for the website to an Amazon S3 bucket and serves the assets with Amazon CloudFront The developer uses origin access control (OAC) on the CloudFront distribution to access the S3 bucket The developer notices users can access the root URL and specific pages but cannot access directories without specifying a file name. For example, /products/index.html works, but /products returns an error The developer needs to enable accessing directories without specifying a file name without exposing the S3 bucket publicly.
Which solution will meet these requirements'?

  • A. Create a CloudFront function that examines the request URL and appends index.html when directories are being accessed Add the function as a viewer request CloudFront function to the CloudFront distribution's behavior.
  • B. Update the CloudFront distribution's settings to index.html as the default root object is set
  • C. Create a custom error response on the CloudFront distribution with the HTTP error code set to the HTTP 404 Not Found response code and the response page path to /index html Set the HTTP response code to the HTTP 200 OK response code
  • D. Update the Amazon S3 bucket settings and enable static website hosting. Specify index html as the Index document Update the S3 bucket policy to enable access. Update the CloudFront distribution's origin to use the S3 website endpoint

Answer: D

Explanation:
Problem: Directory access without file names fails.
S3 Static Website Hosting:
Configuring S3 as a static website enables automatic serving of index.html for directory requests.
Bucket policies ensure correct access permissions.
Updating the CloudFront origin simplifies routing.
Avoiding Public Exposure: The S3 website endpoint allows CloudFront to access content without making the bucket public.
Reference:
S3 Static Website Hosting: https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html


NEW QUESTION # 121
A company hosts a client-side web application for one of its subsidiaries on Amazon S3. The web application can be accessed through Amazon CloudFront from https://www.example.com. After a successful rollout, the company wants to host three more client-side web applications for its remaining subsidiaries on three separate S3 buckets. To achieve this goal, a developer moves all the common JavaScript files and web fonts to a central S3 bucket that serves the web applications. However, during testing, the developer notices that the browser blocks the JavaScript files and web fonts.
What should the developer do to prevent the browser from blocking the JavaScript files and web fonts?

  • A. Create a Content-MD5 header that provides a message integrity check for the central S3 bucket.Insert the Content-MD5 header for each web application request.
  • B. Create a bucket policy that allows access to the central S3 bucket. Attach the bucket policy to the central S3 bucket.
  • C. Create four access points that allow access to the central S3 bucket. Assign an access point to each web application bucket.
  • D. Create a cross-origin resource sharing (CORS) configuration that allows access to the central S3 bucket. Add the CORS configuration to the central S3 bucket.

Answer: D

Explanation:
This is a frequent trouble. Web applications cannot access the resources in other domains by default, except some exceptions. You must configure CORS on the resources to be accessed.
https://docs.aws.amazon.com/AmazonS3/latest/userguide/cors.html


NEW QUESTION # 122
A developer wants to use an AWS AppSync API to invoke AWS Lambda functions to return data. Some of the Lambda functions perform long-running processes. The AWS AppSync API needs to return responses immediately.
Which solution will meet these requirements with the LEAST operational overhead?

  • A. Increase the timeout setting for the Lambda functions to accommodate longer processing times.
  • B. Set up an Amazon SQS queue. Configure AWS AppSync to send messages to the SQS queue.
    Configure a Lambda function event source mapping to poll the queue.
  • C. Configure the Lambda functions to be AWS AppSync data sources. Use Event mode for asynchronous Lambda invocation.
  • D. Enable caching, and increase the duration of the AWS AppSync cache TTL.

Answer: C

Explanation:
Step-by-Step Breakdown:
Requirement Summary:
* AWS AppSync API needs toinvoke Lambda functions
* Some Lambda functions arelong-running
* AppSync shouldreturn immediately, minimizingoperational overhead
**Option A: AppSync + Lambda as data source usingEvent Mode
* #Correct: AWS AppSync supportsasynchronous (event) invocationof Lambda data sources using Event Mode.
* Event Mode means:
* AppSync invokes Lambdaasynchronously
* Immediately returns aresponseto the client (typically a predefined payload or null)
* Ideal forfire-and-forgetworkloads or when the response is not immediately needed Option B: Increase Lambda timeout
* #Incorrect: This keeps AppSync waiting.
* Even with increased timeout, synchronous invocations wouldblock AppSync responses.
Option C: SQS queue + polling Lambda
* #Possible but too complex for this use case.
* Requires additional infrastructure: queue + mapping + custom logic.
* Higheroperational overheadcompared to built-in AppSync Event Mode.
Option D: Enable caching in AppSync
* #Irrelevant: AppSync cache is for optimizing repeated read queries,not for async workflows.
* Asynchronous Lambda with AppSync:https://docs.aws.amazon.com/appsync/latest/devguide/resolver- mapping-template-reference-lambda.html#async-lambda-invocation
* Lambda as AppSync Data Source:https://docs.aws.amazon.com/appsync/latest/devguide/tutorial- lambda-resolvers.html
* Event Mode Docs:https://docs.aws.amazon.com/appsync/latest/devguide/lambda-resolvers.html#event- invocation-mode


NEW QUESTION # 123
A company hosts a client-side web application for one of its subsidiaries on Amazon S3. The web application can be accessed through Amazon CloudFront from https://www.example.com. After a successful rollout, the company wants to host three more client-side web applications for its remaining subsidiaries on three separate S3 buckets.
To achieve this goal, a developer moves all the common JavaScript files and web fonts to a central S3 bucket that serves the web applications. However, during testing, the developer notices that the browser blocks the JavaScript files and web fonts.
What should the developer do to prevent the browser from blocking the JavaScript files and web fonts?

  • A. Create a cross-origin resource sharing (CORS) configuration that allows access to the central S3 bucket.
    Add the CORS configuration to the central S3 bucket.
  • B. Create a bucket policy that allows access to the central S3 bucket. Attach the bucket policy to the central S3 bucket.
  • C. Create four access points that allow access to the central S3 bucket. Assign an access point to each web application bucket.
  • D. Create a Content-MD5 header that provides a message integrity check for the central S3 bucket. Insert the Content-MD5 header for each web application request.

Answer: A

Explanation:
This is a frequent trouble. Web applications cannot access the resources in other domains by default, except some exceptions. You must configure CORS on the resources to be accessed. https://docs.aws.amazon.com
/AmazonS3/latest/userguide/cors.html


NEW QUESTION # 124
A developer needs to freeze changes to an AWS CodeCommit repository before a production release. The developer will work on new features while a quality assurance (QA) team tests the release.
The QA testing and all bug fixes must take place in isolation from the main branch. After the release, the developer must integrate all bug fixes into the main branch.
Which solution will meet these requirements?

  • A. Create a release branch from the latest Git commit that will be in the release. Apply fixes to the release branch. Continue developing new features, and merge the features into the main branch.
    Merge the release branch into the main branch after the release.
  • B. Create a Git tag on the latest Git commit that will be in the release. Continue developing new features, and merge the features into the main branch. Apply the Git commits for fixes to the Git tag for the release.
  • C. Create a release branch from the latest Git commit that will be in the release. Apply fixes to the release branch. Continue developing new features, and merge the features into the main branch.
    Rebase the main branch onto the release branch after the release.
  • D. Create a Git tag on the latest Git commit that will be in the release. Continue developing new features, and merge the features into the main branch. Apply fixes to the main branch. Update the Git tag for the release to be on the latest commit on the main branch.

Answer: A

Explanation:
Create a release branch from the latest Git commit that will be in the release. Apply fixes to the release branch. Continue developing new features, and merge the features into the main branch.
Merge the release branch into the main branch after the release.


NEW QUESTION # 125
A developer must analyze performance issues with production-distributed applications written as AWS Lambda functions. These distributed Lambda applications invoke other components that make up me applications. How should the developer identify and troubleshoot the root cause of the performance issues in production?

  • A. Use AWS X-Ray. then examine the segments and errors.
  • B. Run Amazon inspector agents and then analyze performance.
  • C. Use AWS CloudTrail and then examine the logs.
  • D. Add logging statements to the Lambda functions. then use Amazon CloudWatch to view the logs.

Answer: A

Explanation:
This solution will meet the requirements by using AWS X-Ray to analyze and debug the performance issues with the distributed Lambda applications. AWS X-Ray is a service that collects data about requests that the applications serve, and provides tools to view, filter, and gain insights into that data. The developer can use AWS X-Ray to identify the root cause of the performance issues by examining the segments and errors that show the details of each request and the components that make up the applications. Option A is not optimal because it will use logging statements and Amazon CloudWatch, which may not provide enough information or visibility into the distributed applications. Option B is not optimal because it will use AWS CloudTrail, which is a service that records API calls and events for AWS services, not application performance data. Option D is not optimal because it will use Amazon Inspector, which is a service that helps improve the security and compliance of applications on Amazon EC2 instances, not Lambda functions.


NEW QUESTION # 126
A developer has a legacy application that is hosted on-premises. Other applications hosted on AWS depend on the on-premises application for proper functioning. In case of any application errors, the developer wants to be able to use Amazon CloudWatch to monitor and troubleshoot all applications from one place.
How can the developer accomplish this?

  • A. Install an AWS SDK on the on-premises server to automatically send logs to CloudWatch.
  • B. Upload log files from the on-premises server to Amazon S3 and have CloudWatch read the files.
  • C. Upload log files from the on-premises server to an Amazon EC2 instance and have the instance forward the logs to CloudWatch.
  • D. Download the CloudWatch agent to the on-premises server. Configure the agent to use IAM user credentials with permissions for CloudWatch.

Answer: D


NEW QUESTION # 127
......

LATEST DVA-C02 Exam Practice Material: https://pass4sure.updatedumps.com/Amazon/DVA-C02-updated-exam-dumps.html

Related Articles

more
Amazon DVA-C02 Certification Practice Exam