• Home
  • Articles
  • AWS Certified Developer Real Exam Questions and Answers FREE AWS-Developer Updated on Oct 19, 2021 [Q197-Q220]

AWS Certified Developer Real Exam Questions and Answers FREE AWS-Developer Updated on Oct 19, 2021 [Q197-Q220]

Share

AWS Certified Developer AWS-Developer Real Exam Questions and Answers FREE Updated on Oct 19, 2021

AWS-Developer Ultimate Study Guide -  Prep4pass

NEW QUESTION 197
A Developer is working on an application that handles 10MB documents that contain highly-sensitive data.
The application will use AWS KMS to perform client-side encryption.
What steps must be followed?

  • A. Invoke the GenerateDataKey API to retrieve the encrypted version of the data encryption key to encrypt the data
  • B. Invoke the GenerateRandom API to get a data encryption key, then use the data encryption key to encrypt the data
  • C. Invoke the Encrypt API passing the plaintext data that must be encrypted, then reference the customer managed key ARN in the KeyId parameter
  • D. Invoke the GenerateDataKey API to retrieve the plaintext version of the data encryption key to encrypt the data

Answer: D

Explanation:
Explanation
https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html GenerateDataKey API: Generates a unique data key. This operation returns a plaintext copy of the data key and a copy that is encrypted under a customer master key (CMK) that you specify. You can use the plaintext key to encrypt your data outside of KMS and store the encrypted data key with the encrypted data.

 

NEW QUESTION 198
When working with AWS CloudFormation Templates what is the maximum number of stacks that you can
create?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D

Explanation:
CloudFormation Limits
Maximum number of AWS CloudFormation stacks that you can create is 20 stacks.
Reference:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html

 

NEW QUESTION 199
A company is running a custom application on a set of on-premises Linux servers that are accessed using Amazon API Gateway AWS X-Ray tracing has been enabled on the API test stage.
How can a developer enable X-Ray tracing on the on-premises servers with the LEAST amount of configuration?

  • A. Install and run the X-Ray daemon on the on-premises servers to capture and relay the data to the X-Ray service.
  • B. Capture incoming requests on-premises and configure an AWS Lambda function to pull, process, and relay relevant data to X-Ray using the PutTraceSegments API call.
  • C. Install and run the X-Ray SDK on the on-premises servers to capture and relay the data to the X-Ray service.
  • D. Capture incoming requests on-premises and configure an AWS Lambda function to pull, process, and relay relevant data to X-Ray using the PutTelemetryRecords API call.

Answer: C

 

NEW QUESTION 200
Can one instance be registered with two ELBs in the same region?

  • A. No
  • B. Yes, provided both ELBs are in the same AZ
  • C. Yes, always
  • D. Yes, provided both ELBs have the same health check configuration

Answer: C

Explanation:
Yes, it is possible to have one instance part of two separate ELBs, though both ELBs have different
configurations. ELBs are never launched in specific zones.
Reference:
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-disable-az.html

 

NEW QUESTION 201
A Developer must build an application that uses Amazon DynamoDB. The requirements state that items being stored in the DynamoDB table will be 7KB in size and that reads must be strongly consistent. The maximum read rate is 3 items per second, and the maximum write rate is 10 items per second.
How should the Developer size the DynamoDB table to meet these requirements?

  • A. Read: 6 read capacity units
    Write: 10 write capacity units
  • B. Read: 3 read capacity units
    Write: 10 write capacity units
  • C. Read: 6 read capacity units
    Write: 70 write capacity units
  • D. Read: 3 read capacity units
    Write: 70 write capacity units

Answer: D

 

NEW QUESTION 202
In a move toward using microservices, a company's Management team has asked all Development teams to build their services so that API requests depend only on that service's data store. One team is building a Payments service which has its own database; the service needs data that originates in the Accounts database. Both are using Amazon DynamoDB.
What approach will result in the simplest, decoupled, and reliable method to get near-real time updates from the Accounts database?

  • A. Use Amazon Glue to perform frequent ETL updates from the Accounts database to the Payments database.
  • B. Use Amazon Kinesis Data Firehose to deliver all changes from the Accounts database to the Payments database.
  • C. Use Amazon DynamoDB Streams to deliver all changes from the Accounts database to the Payments database.
  • D. Use Amazon ElastiCache in Payments, with the cache updated by triggers in the Accounts database.

Answer: C

Explanation:
Explanation/Reference: https://aws.amazon.com/blogs/database/how-to-perform-ordered-data-replication-between- applications-by-using-amazon-dynamodb-streams/

 

NEW QUESTION 203
You cannot access your AWS console, so you revert to using the CLI that you are not familiar with. Which of the following commands is not a valid CLI command for EC2 instances?

  • A. ec2-allocate-interface
  • B. ec2-associate-route-table
  • C. ec2-attach-internet-gateway
  • D. ec2-allocate-address

Answer: A

Explanation:
You can use the CLI tools to manage your Amazon EC2 resources (such as instances, security groups, and volumes) and your Amazon VPC resources (such as VPCs, subnets, route tables, and Internet gateways). Before you can start using the tools, you must download and configure them.
The following are valid CLI commands for EC2 instances:
ec2-accept-vpc-peering-connection
ec2-allocate-address
ec2-assign-private-ip-addresses
ec2-associate-address
ec2-associate-dhcp-options
ec2-associate-route-table
ec2-attach-internet-gateway
ec2-attach-network-interface (not ec2-allocate-interface)
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/command-reference.html

 

NEW QUESTION 204
A Developer has been asked to make changes to the source code of an AWS Lambda function. The function is managed using an AWS CloudFormation template. The template is configured to load the source code from an Amazon S3 bucket. The Developer manually created a .ZIP file deployment package containing the changes and put the file into the correct location on Amazon S3. When the function is invoked, the code changes have not been applied.
What step is required to update the function with the changes?

  • A. Delete the .ZIP file on S3, and re-upload by using a different object key name.
  • B. Modify the execution role of the Lambda function to allow S3 access permission to the deployment package .ZIP file.
  • C. Ensure that the function source code is base64-encoded before uploading the deployment package to S3.
  • D. Update the CloudFormation stack with the correct values for the function code properties S3Bucket, S3Key, or S3ObjectVersion.

Answer: D

Explanation:
Explanation
Changes to a deployment package in Amazon S3 are not detected automatically during stack updates. To update the function code, change the object key or version in the template.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html

 

NEW QUESTION 205
A stock market monitoring application uses Amazon Kinesis for data ingestion. During simulated tests of peak data rates, the Kinesis stream cannot keep up with the incoming data.
What step will allow Kinesis to accommodate the traffic during peak hours?

  • A. Ingest multiple records into the stream in a single call using PutRecords.
  • B. Increase the shard count of the stream using UpdateShardCount.
  • C. Reduce the data retention period to allow for more data ingestion using
    DecreaseStreamRetentionPeriod.
  • D. Install the Kinesis Producer Library (KPL) for ingesting data into the stream.

Answer: B

Explanation:
https://docs.aws.amazon.com/streams/latest/dev/developing-producers-with-kpl.html

 

NEW QUESTION 206
A developer has created a REST API using Amazon API Gateway. The developer wants to log who and how each caller accesses the API. The developer also wants to control how long the logs are kept What should the developer do to meet these requirements?

  • A. Enable API Gateway execution logging Delete old logs using API Gateway retention settings
  • B. Enable detailed Amazon CloudWatch metrics Delete old logs with a recurring AWS Lambda function
  • C. Create and use API Gateway usage plans. Delete old logs with a recurring AWS Lambda function.
  • D. Enable API Gateway access logs Use Amazon CloudWatch retention settings to delete old logs

Answer: A

 

NEW QUESTION 207
A current architecture uses many Lambda functions invoking one another as a large state machine. The coordination of this state machine is legacy custom code that breaks easily.
Which AWS Service can help refactor and manage the state machine?

  • A. AWS SNS with AWS SQS
  • B. AWS Data Pipeline
  • C. Amazon Elastic MapReduce
  • D. AWS Step Functions

Answer: D

Explanation:
Explanation/Reference: https://docs.aws.amazon.com/step-functions/latest/dg/tutorial-creating-lambda-state-machine.html

 

NEW QUESTION 208
A Developer is writing a serverless application that requires that an AWS Lambda function be invoked every
10 minutes.
What is an automated and serverless way to trigger the function?

  • A. Create an Amazon CloudWatch Events rule that triggers on a regular schedule to invoke the Lambda function.
  • B. Deploy an Amazon EC2 instance based on Linux, and edit its /etc/crontab file by adding a command to periodically invoke the Lambda function.
  • C. Create an Amazon SNS topic that has a subscription to the Lambda function with a 600-second timer.
  • D. Configure an environment variable named PERIOD for the Lambda function. Set the value to 600.

Answer: A

 

NEW QUESTION 209
A company wants to implement authentication for its new REST service using Amazon API Gateway. To authenticate the calls, each request must include HTTP headers with a client ID and user ID. These credentials must be compared to authentication data in an Amazon DynamoDB table.
What MUST the company do to implement this authentication in API Gateway?

  • A. Modify the integration requests to require the credentials, then grant API Gateway access to the authentication table
  • B. Create a model that requires the credentials, then grant API Gateway access to the authentication table
  • C. Implement an Amazon Cognito authorizer that references the DynamoDB authentication table
  • D. Implement an AWS Lambda authorizer that references the DynamoDB authentication table

Answer: D

Explanation:
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html

 

NEW QUESTION 210
In DynamoDB, the default table size is:

  • A. 1 GB
  • B. There is no table size
  • C. 10 GB
  • D. 5 GB

Answer: B

Explanation:
DynamoDB has seamless scalability with no table size limits and unlimited storage, so you shouldn't be worried about managing storage on the host or to provisioning more drive, as your data requirement changes.
http://aws.amazon.com/dynamodb/

 

NEW QUESTION 211
A Developer created a Lambda function for a web application backend. When testing the Lambda function from the AWS Lambda console, the Developer can see that the function is being executed, but there is no log data being generated in Amazon CloudWatch Logs, even after several minutes.
What could cause this situation?

  • A. The Lambda function is missing CloudWatch Logs as a source trigger to send log data.
  • B. The Lambda function does not have any explicit log statements for the log data to send it to CloudWatch Logs.
  • C. The Lambda function is missing a target CloudWatch Log group.
  • D. The execution role for the Lambda function is missing permissions to write log data to the CloudWatch Logs.

Answer: D

Explanation:
https://docs.aws.amazon.com/lambda/latest/dg/monitoring-functions.html (see note)

 

NEW QUESTION 212
A Developer created configuration specifications for an AWS Elastic Beanstalk application in a file named healthcheckurl.yaml in the .ebextensions/directory of their application source bundle. The file contains the following:

After the application launches, the health check is not being run on the correct path, event though it is valid.
What can be done to correct this configuration file?

  • A. Change the configuration section from options_settings to resources.
  • B. Convert the file to JSON format.
  • C. Rename the file to a .config extension.
  • D. Change the namespace of the option settings to a cusom namespace.

Answer: A

 

NEW QUESTION 213
A user wants to access RDS from an EC2 instance using IP addresses. Both RDS and EC2 are in the
same region, but different AZs. Which of the below mentioned options help configure that the instance is
accessed faster?

  • A. Configure the Private IP of the Instance in RDS security group
  • B. Security group of EC2 allowed in the RDS security group
  • C. Configure the Public IP of the instance in RDS security group
  • D. Configuring the elastic IP of the instance in RDS security group

Answer: A

Explanation:
If the user is going to specify an IP range in RDS security group, AWS recommends using the private IP
address of the Amazon EC2 instance. This provides a more direct network route from the Amazon EC2
instance to the Amazon RDS DB instance, and does not incur network charges for the data sent outside
of the Amazon network.
Reference:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html

 

NEW QUESTION 214
A Developer is investigating an application's performance issues. The application consists of hundreds of microservices, and a single API call can potentially have a deep call stack. The Developer must isolate the component that is causing the issue.
Which AWS service or feature should the Developer use to gather information about what is happening and isolate the fault?

  • A. VPC Flow Logs
  • B. Amazon GuardDuty
  • C. Amazon Macie
  • D. AWS X-Ray

Answer: D

Explanation:
Explanation/Reference: https://docs.aws.amazon.com/xray/latest/devguide/xray-concepts.html

 

NEW QUESTION 215
In relation to Amazon Simple Workflow Service (Amazon SWF),what is an "Activity Worker"?

  • A. A piece of software that implements tasks
  • B. An individual task undertaken by a workflow
  • C. All answers listed are correct
  • D. The automation of a business process

Answer: A

Explanation:
In relation to Amazon Simple Workflow Service (Amazon SWF), an activity worker is a program that
receives activity tasks, performs them, and provides results back. Which translates to a piece of software
that implements tasks.
Reference: http://docs.aws.amazon.com/amazonswf/latest/developerguide/swf-dg-develop-activity.html

 

NEW QUESTION 216
An application needs to use the IP address of the client in its processing. The application has been moved into AWS and has been placed behind an Application Load Balancer (ALB). However, all the client IP addresses now appear to be the same. The application must maintain the ability to scale horizontally.
Based on this scenario, what is the MOST cost-effective solution to this problem?

  • A. Alter the application code to inspect a custom header. Alter the client code to pass the IP address in the custom header.
  • B. Remove the application from the ALB. Create a Classic Load Balancer in its place. Direct traffic to the application using the HTTP protocol.
  • C. Alter the application code to inspect the X-Forwarded-Forheader. Ensure that the code can work properly if a list of IP addresses is passed in the header.
  • D. Remove the application from the ALB. Delete the ALB and change Amazon Route 53 to direct traffic to the instance running the application.

Answer: C

Explanation:
Explanation/Reference:

 

NEW QUESTION 217
A Developer is writing an application in AWS Lambda. To simplify testing and deployments, the Developer needs the database connection string to be easily changed without modifying the Lambda code.
How can this requirement be met?

  • A. Store the connection string in AWS KMS.
  • B. Store the connection string as a Lambda layer.
  • C. Store the connection string in an IAM user account.
  • D. Store the connection string as a secret in AWS Secrets Manager.

Answer: A

Explanation:
Explanation/Reference: https://aws.amazon.com/blogs/developer/net-core-configuration-provider-for-aws-systems- manager/

 

NEW QUESTION 218
You are writing to a DynamoDB table and receive the following exception:" ProvisionedThroughputExceededException". though according to your Cloudwatch metrics for the table, you are not exceeding your provisioned throughput.
What could be an explanation for this?

  • A. You're exceeding your capacity on a particular Sort Key
  • B. You haven't provisioned enough DynamoDB storage instances
  • C. You haven't configured DynamoDB Auto Scaling triggers
  • D. You're exceeding your capacity on a particular Hash Key
  • E. You're exceeding your capacity on a particular Range Key

Answer: D

Explanation:
Explanation
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.CoreComponents.html#How
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.Partitions.html
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html

 

NEW QUESTION 219
Your organization uses a VPN to connect to your VPC but must upgrade to a 1-G AWS Direct Connect
connection for stability and performance. Your telecommunications provider has provisioned the circuit
from your data center to an AWS Direct Connect facility and needs information on how to cross-connect
(e.g., which rack/port to connect).
What is the AWS-recommended procedure for providing this information?

  • A. Create a support ticket. Provide your AWS account number and telecommunications company's name
    and where you need the Direct Connect connection to terminate.
  • B. Create a new connection through your AWS Management Console and wait for an email from AWS
    with information.
  • C. Contact an AWS Account Manager and provide your AWS account number, telecommunications
    company's name, and where you need the Direct Connect connection to terminate.
  • D. Ask your telecommunications provider to contact AWS through an AWS Partner Channel. Provide your
    AWS account number.

Answer: A

 

NEW QUESTION 220
......

Ultimate Guide to Prepare AWS-Developer Certification Exam for AWS Certified Developer: https://www.prep4pass.com/AWS-Developer_exam-braindumps.html

Use Real AWS-Developer Dumps - Amazon Correct Answers: https://drive.google.com/open?id=1swt-3kyod9r4uuKA4sJovaEsahKolV4i

Related Articles

more
Amazon AWS-Developer Certification Practice Exam

Prep4pass is experienced IT certification exam prep provider with high passing rate, our accurate and valid exam preparation help candidates pass exam 100%.

Latest Exam Prep

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Prep4pass NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy