[March-2021]High Quality Braindump2go DVA-C01 Dumps PDF and DVA-C01 Dumps VCE DVA-C01 679 Free Share[Q658-Q679] March 1, 2021 greatexam 2021/March Latest Braindump2go AWS-Developer-Associate Exam Dumps with PDF and VCE Free Updated Today! Following are some new AWS-Developer-Associate Real Exam Questions! QUESTION 658A developer is building an application that runs behind an application Load Balancer (ALB). The application is configured as the origin for an Amazon CloudFront distribution. Users will log in to the application using their social media accounts.How can the developer authenticate and authorize users? A. Validate the user by inspecting the tokens using AWS Lambda authorizers on the ALBB. Configure the ALB to use Amazon Cognito as one of the authentication providersC. Configure Cloudfron to use Amazon Cognito as one of the authentication providersD. Authorize the users by calling the Amazon Cognito API in the AWS Lambda authorizer on the ALB Answer: C QUESTION 659An application development team decides to use AWS X Ray to monitor application code to analyze performance and performer cause analysis.What does the team need to do to begin using X Ray? (Select TWO ) A. Log instrumentation output into an Amazon SQS queueB. Use a visualization tool to view application tracesC. Instrument application code using the AWS SDKD. Install the X-Ray agent on the application serversE. Create an Amazon DynamoDB table to store the trace logs Answer: CE QUESTION 660A developer must increase read performance from an unencrypted Amazon S3 bucket. The application requires 100.000 read requests each second Cost-effectiveness is a priority. What would be the SIMPLEST approach to implement these requirements? A. Create 20 or more prefixes in Amazon S3 Place files by prefixes Read in parallel by prefixesB. Create 20 of more AWS accounts Create a bucket in each account Read in parallel by bucketC. Deploy Memcached on Amazon EC2 Cache the files in memory Retrieve from the Memcached cacheD. Copy all files to Amazon DynamoDB Index the files with S3 metadata Retrieve from DynamoDB Answer: A QUESTION 661A company runs its APIs using Amazon API Gateway in front of AWS Lambda functions. The company wants to add logging at the API level Each API must have production and development environments. The developer wants to enable different logging levels in both environments.How can these requirements be met? A. Set up a stage for each environment In each stage, point to different Lambda functions that implement the logging logic m the code Access the logs in Amazon CloudWatch LogsB. Set up a stage for each environment In each stage, define a different logging level according to the logging requirements Access the logs in Amazon CloudWatch LogsC. Set up a stage and use the same Lambda functions In Amazon CloudWatch Logs set up a filter based on the log level according to the logging requirementsD. Set up a stage for each environment In each stage, define a variable for the log level Set the value according to the logging requirements. Answer: A QUESTION 662A developer is building a highly secure healthcare application using .. application requires writing temporary data to /tmp storage on an AWS Lambda function.How should the developer encrypt this data? A. Enable Amazon EBS volume encryption with an AWS KMS .. configuration so that all storage attached to the Lambda function is encrypted.B. Set up the Lambda function with a role and key policy to access an AWS KMS CMK Use the CMK to generate a data key used to encrypt all data prior to writing to /tmp sto ageC. Use OpenSSL to generate a symmetric encryption key on Lambda startup Use this key to encrypt the data prior to writing to /tmpD. Use an on-premises hardware security module (HSM) to generate keys where the Lambda function requests a data key from the HSM and use that to encrypt data on all requests to the function Answer: D QUESTION 663A developer needs to modify an application architecture to meet new functional requirements.Application data is stored in Amazon DynamoDB and processed for analysis in a rightly batch. The system analysts do not want to wait unit the next day to view the processed data and have asked to have it available in near-real time.Which application architect pattern would enables the data to be processed as it is received? A. Evert drivenB. Client served drivenC. Fan-out drivenD. Schedule driven Answer: A QUESTION 664A three-tier application hosted on AWS uses Amazon RDS for MYSQL as its database.A developer must ensure the database credentials are stored and accessed securely.What is the MOST secure way for the developer to achieve this? A. Store he credentials in a configuration file and commit it to the GIT repository.B. Store the credentials in AWS Secrets Manager and enable automatic secret rotation.C. Store the credentials using Amazon RDS and enable automatic rotationD. Store the credentials in code and handle credentials rotation within the application. Answer: A QUESTION 665A company is launching a poling application. The application will store the results of each pool an Amazon DynamoDB table. Management wants to remove pool data after a few data and store an archive of those records in Amazon S3.Which approach would allow the application to archive each poll’s data while keeping complexity to a MINIMUM? A. Enable Time to Live (TTL) on the DynamoDB table.Enable DynamoDB Streams on the table and store the records removed from the stream in Amazon S3.B. Schedule an AWS Lambda function to periodically scan the DynamoDB table.Use the BatchWritten operation to delete the results of a scanEnable DynamoDB Stream on the table and store the records removed from the stream in Amazon S3.C. Enable DynamoDB Streams on the table.Configure the steam as trigger for AWS Lambda.Save records to Amazon S3 when records on the stream are modified.D. Enable cross-Region replication on the S3 bucket to achieve the poll data. Answer: C QUESTION 666A developer is designing a distributed application built using a microservices architect spanning multiple AWS accounts. The company’s operations team wants to analyze and debug application issues from a centralized account.How can the developer meet these requirements? A. Use an Amazon X-Ray agent with role assumption on to publish data into the centralized account.B. Use Amazon X-Ray and create a new IAM user to publish the access keys into the centralized account.C. Use VPC Flow Logs to collect application logs across different accounts.D. Enable AWS CloudTrail to publish the trails in an Amazon S3 bucket in the centralized account. Answer: A QUESTION 667A developer must modify an Alexa skill backed by an AWS Lambda function to access an Amazon DynamoDB table in a second account.A role in the second account has been created with permissions to access the table.How should the table be accessed? A. Modify the Lambda function execution role’s permits ions to include the new roleB. Change the Lambda function execution role to be the new roleC. Assume the new role in the Lambda function when accessing the tableD. Store the access key and the secret key for the new role and use them when accessing the table Answer: C QUESTION 668A video-hosting website has two types of members: those who pay a fee, and those who do not Each video upload places a message in Amazon SQS.A fleet of Amazon EC2 instances polls Amazon SQS and processes each video.The developer needs to ensure that the videos uploaded by the paying members are processed first.How can the developer meet this requirement? A. Create two SQS queues: one for paying members, and one for non-paying members Poll the paying member queue first and then poll the non-paying member queueB. Use SQS to set priorities on individual items within a single queue: give the paying members’ videos the highest priority.C. Use SQS to set priorities on individual items within a single queue and use Amazon SNS to encode the videosD. Create two Amazon SNS topics: one for paying members and one for non-paying members Use SNS topic subscription priorities to differentiate between the two types of members. Answer: A QUESTION 669A company has a web application In an Amazon Elastic Container Service (Amazon ECS) cluster running hundreds of secure services in AWS Fargate containers.The services are in target groups routed by an Application Load Balancer (ALB) Application users log in to the website anonymously, but they must be authenticated using any OpenID Connect protocol-compatible identity provider (IdP) to access the secure servicesWhich authentication approach would meet hese requirements with the LEAST amount of effort? A. Configure the services to use Amazon Cognito.B. Configure the ALB to use Amazon CognitoC. Configure the services to use AWS Security Token Service (AWS STS) with the OpenID Connect IdP.D. Configure the Amazon ECS cluster to use AWS Security Token Service (AWS STS) with the OpenID Connect IdP Answer: A QUESTION 670A developer from AnyCompany’s AWS account needs access to the Example Corp AWS account AnyCompany uses an identity provider that is compatible with OpenID Connect.What is the MOST secure way for Example Corp to allow developer access? A. Create a cross-account role and call the AssumeRole API operationB. Create a user in the Example Corp account and provide the access keysC. Create a user in the Example Corp account and provide the credentialsD. Create a cross-account role and call the AssumeRoleWithWebldentity API operation Answer: B QUESTION 671A developer is building an application on Amazon EC2. The developer encountered an “Access Denied” error on some of the API calls to AWS services while testing. The developer needs to modify permissions that have been already given to the instance.How can these requirements be met with minimal changes and minimum downtime? A. Make a new IAM role with the needed permissionsStop the instance. Attach the new IAM role to the instance Start the instanceB. Delete the existing IAM role Attach a new IAM role with the needed permissionsC. Stop the instanceUpdate the attached IAM role adding the needed permissionsStart the instanceD. Update the attached IAM role adding the needed permissions Answer: D QUESTION 672A developer is building an AWS Lambda function that will dynamically generate and send a weekly newsletter to 100.000 users. This newsletter contains both static text and images. The developer needs a fast and highly scalable place to store the images that will be hyperlinked in the newsletter. Where should the developer store these images? A. Use an Amazon DynamoDB table with DynamoDB Streams and read capacity auto scaling enabledB. Use an Amazon S3 bucket and S3 Transfer Acceleration to speed up the image downloadC. Use an Amazon Aurora database with a public DNS endpoint and auto scaling enabledD. Use an Amazon S3 backed Amazon CloudFront distribution with a high Time-to-Live (TTL) to maximize caching Answer: D QUESTION 673A developer Is working with a Docker application that needs to be quickly deployed using AWS without changing the infrastructure or configuring health checks. The application should be configured so that changes and updates can be made automatically without any downtime.Which solution will meet these requirements? A. Use AWS Elastic Beanstalk for application deployment and select an all-at-once update policy.B. Use AWS Elastic Beanstalk for application deployment and select a rolling deployment policy.C. Deploy the Docker container on an Amazon EC2 instance in an Auto Scaling group and configure a health check on the EC2 instanceD. Deploy the Docker container using AWS Lambda and enable Amazon CloudWatch monitoring Answer: A QUESTION 674A developer must build a mobile application that allows users to read and write data from an Amazon DynamoDB table to store user state for each unique user.The solution needs to limit data access to allow users access only to heir own dataWhich solution below is the most secure? A. Embed AWS access credentials into the application and create DynamoDB queries that limit user access.B. Use Amazon Cognito identity pools to assign unique identifiers and provide user accessC. Modify th DynamoDB table to allow public read and writes, then add client-side filteringD. Create a web portal for users to create an account on AWS Directory Service Answer: B QUESTION 675A developer is trying to get data from an Amazon DynamoDB table called demoman-table The developer configured the AWS CLI to use a specific IAM user’s credentials and executed the following command:aws dynamodb get-item table-name demoman-table –key ‘(“id”: <“N”; ”1993”}}’The command returned errors and no rows were returned What is the MOST likely cause of these issues? A. The command is incorrect; it should be rewritten to use : ut-i team with a string argument.B. The developer needs to log a ticket with AWS Support to enable access to the demoman-table.C. Amazon DynamoDB cannot be accessed from the AWS CLI and needs to be called via the REST APID. The IAM user needs an associated policy with read access to demoman-table. Answer: D QUESTION 676A photo sharing website gets millions of new images every week. The images are stored in Amazon S3 under a formatted date prefix. A developer wants to move images to a few S3 buckets for analysis and further processing Images are not required to be moved in real time. What is the MOST efficient method for performing this task? A. Use S3 PutObject events to Invoke AWS LambdaThen Lambda will copy the files to the other objectsB. Create an AWS Lambda function that will pull a day of Images from the origin bucket and copy them to the other buckets.C. Use S3 Batch Operations to create jobs for images to be copied to each Individual bucket.D. Use Amazon EC2 to batch pull images from multiple days and copy them to the other buckets Answer: D QUESTION 677Which of the following are good use cases for how Amazon ElastiCache can help an application? (Select TWO.) A. Improve the performance of S3 PUT operationsB. Improve the latency of deployments performed by AWS CodeDeployC. Improve latency and throughput for read-heavy application workloads.D. Reduce the time required to merge AWS CodeCommit branchesE. Improve performance of compute-intensive applications. Answer: CE QUESTION 678A developer has code stored in an Amazon S3 bucket. The code must be deployed as an AWS Lambda function across multiple accounts in the same Region as the S3 bucket. The Lambda function will be deployed using a AWS CloudFormation template that is run for each account.What is the MOST secure approach to allow access to the Lambda code in the S3 bucket? A. Grant the CloudFormation execution role S3 list and get permissionsAdd a bucket policy to Amazon S3 with the Principal of “AWS”: [account numbers].B. Grant the CloudFormation execution role S3 get permissionsAdd a bucket policy to Amazon S3 with the Principal of “”.C. Use a service-based link to grant the Lambda function S3 list and get permissions by explicitly adding the S3 bucket’s account number in the resourceD. Use a service-based link to grant the Lambda function S3 get permissions and add a Resource of “*” to allow access to the S3 bucket. Answer: A QUESTION 679A developer is building an application that reads 90 Items of data each second from an Amazon DynamoDB table. Each item Is 3 KB m size. The table is configured to use eventually consistent reads.How many read capacity units should the developer provision for the table? A. 25B. 35C. 45D. 85 Answer: C Resources From: 1.2021 Latest Braindump2go AWS-Developer-Associate Exam Dumps (PDF & VCE) Free Share:https://www.braindump2go.com/aws-developer-associate.html 2.2021 Latest Braindump2go AWS-Developer-Associate PDF and VCE Dumps Free Share:https://drive.google.com/drive/folders/1dvoSqn8UfssZYMvGJJdAPW320Fvfpph3?usp=sharing 3.2021 Free Braindump2go AWS-Developer-Associate Exam Questions Download:https://www.braindump2go.com/free-online-pdf/AWS-Developer-Associate-PDF-Dumps(658-679).pdf Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!