2021/March Latest Braindump2go AWS-Developer-Associate Exam Dumps with PDF and VCE Free Updated Today! Following are some new AWS-Developer-Associate Real Exam Questions!

QUESTION 658
A developer is building an application that runs behind an application Load Balancer (ALB).
The application is configured as the origin for an Amazon CloudFront distribution.
Users will log in to the application using their social media accounts.
How can the developer authenticate and authorize users?

A. Validate the user by inspecting the tokens using AWS Lambda authorizers on the ALB
B. Configure the ALB to use Amazon Cognito as one of the authentication providers
C. Configure Cloudfron to use Amazon Cognito as one of the authentication providers
D. Authorize the users by calling the Amazon Cognito API in the AWS Lambda authorizer on the ALB

Answer: C

QUESTION 659
An application development team decides to use AWS X Ray to monitor application code to analyze performance and performer cause analysis.
What does the team need to do to begin using X Ray? (Select TWO )

A. Log instrumentation output into an Amazon SQS queue
B. Use a visualization tool to view application traces
C. Instrument application code using the AWS SDK
D. Install the X-Ray agent on the application servers
E. Create an Amazon DynamoDB table to store the trace logs

Answer: CE

QUESTION 660
A developer must increase read performance from an unencrypted Amazon S3 bucket. The application requires 100.000 read requests each second Cost-effectiveness is a priority. What would be the SIMPLEST approach to implement these requirements?

A. Create 20 or more prefixes in Amazon S3
Place files by prefixes
Read in parallel by prefixes
B. Create 20 of more AWS accounts
Create a bucket in each account
Read in parallel by bucket
C. Deploy Memcached on Amazon EC2
Cache the files in memory
Retrieve from the Memcached cache
D. Copy all files to Amazon DynamoDB
Index the files with S3 metadata
Retrieve from DynamoDB

Answer: A

QUESTION 661
A company runs its APIs using Amazon API Gateway in front of AWS Lambda functions.
The company wants to add logging at the API level Each API must have production and development environments.
The developer wants to enable different logging levels in both environments.
How can these requirements be met?

A. Set up a stage for each environment In each stage, point to different Lambda functions that implement the logging logic m the code Access the logs in Amazon CloudWatch Logs
B. Set up a stage for each environment In each stage, define a different logging level according to the logging requirements Access the logs in Amazon CloudWatch Logs
C. Set up a stage and use the same Lambda functions In Amazon CloudWatch Logs set up a filter based on the log level according to the logging requirements
D. Set up a stage for each environment In each stage, define a variable for the log level Set the value according to the logging requirements.

Answer: A

QUESTION 662
A developer is building a highly secure healthcare application using .. application requires writing temporary data to /tmp storage on an AWS Lambda function.
How should the developer encrypt this data?

A. Enable Amazon EBS volume encryption with an AWS KMS .. configuration so that all storage attached to the Lambda function is encrypted.
B. Set up the Lambda function with a role and key policy to access an AWS KMS CMK
Use the CMK to generate a data key used to encrypt all data prior to writing to /tmp sto age
C. Use OpenSSL to generate a symmetric encryption key on Lambda startup
Use this key to encrypt the data prior to writing to /tmp
D. Use an on-premises hardware security module (HSM) to generate keys where the Lambda function requests a data key from the HSM and use that to encrypt data on all requests to the function

Answer: D

QUESTION 663
A developer needs to modify an application architecture to meet new functional requirements.
Application data is stored in Amazon DynamoDB and processed for analysis in a rightly batch.
The system analysts do not want to wait unit the next day to view the processed data and have asked to have it available in near-real time.
Which application architect pattern would enables the data to be processed as it is received?

A. Evert driven
B. Client served driven
C. Fan-out driven
D. Schedule driven

Answer: A

QUESTION 664
A three-tier application hosted on AWS uses Amazon RDS for MYSQL as its database.
A developer must ensure the database credentials are stored and accessed securely.
What is the MOST secure way for the developer to achieve this?

A. Store he credentials in a configuration file and commit it to the GIT repository.
B. Store the credentials in AWS Secrets Manager and enable automatic secret rotation.
C. Store the credentials using Amazon RDS and enable automatic rotation
D. Store the credentials in code and handle credentials rotation within the application.

Answer: A

QUESTION 665
A company is launching a poling application. The application will store the results of each pool an Amazon DynamoDB table.
Management wants to remove pool data after a few data and store an archive of those records in Amazon S3.
Which approach would allow the application to archive each poll’s data while keeping complexity to a MINIMUM?

A. Enable Time to Live (TTL) on the DynamoDB table.
Enable DynamoDB Streams on the table and store the records removed from the stream in Amazon S3.
B. Schedule an AWS Lambda function to periodically scan the DynamoDB table.
Use the BatchWritten operation to delete the results of a scan
Enable DynamoDB Stream on the table and store the records removed from the stream in Amazon S3.
C. Enable DynamoDB Streams on the table.
Configure the steam as trigger for AWS Lambda.
Save records to Amazon S3 when records on the stream are modified.
D. Enable cross-Region replication on the S3 bucket to achieve the poll data.

Answer: C

QUESTION 666
A developer is designing a distributed application built using a microservices architect spanning multiple AWS accounts.
The company’s operations team wants to analyze and debug application issues from a centralized account.
How can the developer meet these requirements?

A. Use an Amazon X-Ray agent with role assumption on to publish data into the centralized account.
B. Use Amazon X-Ray and create a new IAM user to publish the access keys into the centralized account.
C. Use VPC Flow Logs to collect application logs across different accounts.
D. Enable AWS CloudTrail to publish the trails in an Amazon S3 bucket in the centralized account.

Answer: A

QUESTION 667
A developer must modify an Alexa skill backed by an AWS Lambda function to access an Amazon DynamoDB table in a second account.
A role in the second account has been created with permissions to access the table.
How should the table be accessed?

A. Modify the Lambda function execution role’s permits ions to include the new role
B. Change the Lambda function execution role to be the new role
C. Assume the new role in the Lambda function when accessing the table
D. Store the access key and the secret key for the new role and use them when accessing the table

Answer: C

QUESTION 668
A video-hosting website has two types of members: those who pay a fee, and those who do not Each video upload places a message in Amazon SQS.
A fleet of Amazon EC2 instances polls Amazon SQS and processes each video.
The developer needs to ensure that the videos uploaded by the paying members are processed first.
How can the developer meet this requirement?

A. Create two SQS queues: one for paying members, and one for non-paying members
Poll the paying member queue first and then poll the non-paying member queue
B. Use SQS to set priorities on individual items within a single queue: give the paying members’ videos the highest priority.
C. Use SQS to set priorities on individual items within a single queue and use Amazon SNS to encode the videos
D. Create two Amazon SNS topics: one for paying members and one for non-paying members
Use SNS topic subscription priorities to differentiate between the two types of members.

Answer: A

QUESTION 669
A company has a web application In an Amazon Elastic Container Service (Amazon ECS) cluster running hundreds of secure services in AWS Fargate containers.
The services are in target groups routed by an Application Load Balancer (ALB) Application users log in to the website anonymously, but they must be authenticated using any OpenID Connect protocol-compatible identity provider (IdP) to access the secure services
Which authentication approach would meet hese requirements with the LEAST amount of effort?

A. Configure the services to use Amazon Cognito.
B. Configure the ALB to use Amazon Cognito
C. Configure the services to use AWS Security Token Service (AWS STS) with the OpenID Connect IdP.
D. Configure the Amazon ECS cluster to use AWS Security Token Service (AWS STS) with the OpenID Connect IdP

Answer: A

QUESTION 670
A developer from AnyCompany’s AWS account needs access to the Example Corp AWS account AnyCompany uses an identity provider that is compatible with OpenID Connect.
What is the MOST secure way for Example Corp to allow developer access?

A. Create a cross-account role and call the AssumeRole API operation
B. Create a user in the Example Corp account and provide the access keys
C. Create a user in the Example Corp account and provide the credentials
D. Create a cross-account role and call the AssumeRoleWithWebldentity API operation

Answer: B

QUESTION 671
A developer is building an application on Amazon EC2. The developer encountered an “Access Denied” error on some of the API calls to AWS services while testing. The developer needs to modify permissions that have been already given to the instance.
How can these requirements be met with minimal changes and minimum downtime?

A. Make a new IAM role with the needed permissions
Stop the instance. Attach the new IAM role to the instance
Start the instance
B. Delete the existing IAM role Attach a new IAM role with the needed permissions
C. Stop the instance
Update the attached IAM role adding the needed permissions
Start the instance
D. Update the attached IAM role adding the needed permissions

Answer: D

QUESTION 672
A developer is building an AWS Lambda function that will dynamically generate and send a weekly newsletter to 100.000 users.
This newsletter contains both static text and images.
The developer needs a fast and highly scalable place to store the images that will be hyperlinked in the newsletter.
Where should the developer store these images?

A. Use an Amazon DynamoDB table with DynamoDB Streams and read capacity auto scaling enabled
B. Use an Amazon S3 bucket and S3 Transfer Acceleration to speed up the image download
C. Use an Amazon Aurora database with a public DNS endpoint and auto scaling enabled
D. Use an Amazon S3 backed Amazon CloudFront distribution with a high Time-to-Live (TTL) to maximize caching

Answer: D

QUESTION 673
A developer Is working with a Docker application that needs to be quickly deployed using AWS without changing the infrastructure or configuring health checks. The application should be configured so that changes and updates can be made automatically without any downtime.
Which solution will meet these requirements?

A. Use AWS Elastic Beanstalk for application deployment and select an all-at-once update policy.
B. Use AWS Elastic Beanstalk for application deployment and select a rolling deployment policy.
C. Deploy the Docker container on an Amazon EC2 instance in an Auto Scaling group and configure a health check on the EC2 instance
D. Deploy the Docker container using AWS Lambda and enable Amazon CloudWatch monitoring

Answer: A

QUESTION 674
A developer must build a mobile application that allows users to read and write data from an Amazon DynamoDB table to store user state for each unique user.
The solution needs to limit data access to allow users access only to heir own data
Which solution below is the most secure?

A. Embed AWS access credentials into the application and create DynamoDB queries that limit user access.
B. Use Amazon Cognito identity pools to assign unique identifiers and provide user access
C. Modify th DynamoDB table to allow public read and writes, then add client-side filtering
D. Create a web portal for users to create an account on AWS Directory Service

Answer: B

QUESTION 675
A developer is trying to get data from an Amazon DynamoDB table called demoman-table The developer configured the AWS CLI to use a specific IAM user’s credentials and executed the following command:
aws dynamodb get-item table-name demoman-table –key ‘(“id”: <“N”; ”1993”}}’
The command returned errors and no rows were returned What is the MOST likely cause of these issues?

A. The command is incorrect; it should be rewritten to use : ut-i team with a string argument.
B. The developer needs to log a ticket with AWS Support to enable access to the demoman-table.
C. Amazon DynamoDB cannot be accessed from the AWS CLI and needs to be called via the REST API
D. The IAM user needs an associated policy with read access to demoman-table.

Answer: D

QUESTION 676
A photo sharing website gets millions of new images every week. The images are stored in Amazon S3 under a formatted date prefix.
A developer wants to move images to a few S3 buckets for analysis and further processing Images are not required to be moved in real time. What is the MOST efficient method for performing this task?

A. Use S3 PutObject events to Invoke AWS Lambda
Then Lambda will copy the files to the other objects
B. Create an AWS Lambda function that will pull a day of Images from the origin bucket and copy them to the other buckets.
C. Use S3 Batch Operations to create jobs for images to be copied to each Individual bucket.
D. Use Amazon EC2 to batch pull images from multiple days and copy them to the other buckets

Answer: D

QUESTION 677
Which of the following are good use cases for how Amazon ElastiCache can help an application? (Select TWO.)

A. Improve the performance of S3 PUT operations
B. Improve the latency of deployments performed by AWS CodeDeploy
C. Improve latency and throughput for read-heavy application workloads.
D. Reduce the time required to merge AWS CodeCommit branches
E. Improve performance of compute-intensive applications.

Answer: CE

QUESTION 678
A developer has code stored in an Amazon S3 bucket. The code must be deployed as an AWS Lambda function across multiple accounts in the same Region as the S3 bucket. The Lambda function will be deployed using a AWS CloudFormation template that is run for each account.
What is the MOST secure approach to allow access to the Lambda code in the S3 bucket?

A. Grant the CloudFormation execution role S3 list and get permissions
Add a bucket policy to Amazon S3 with the Principal of “AWS”: [account numbers].
B. Grant the CloudFormation execution role S3 get permissions
Add a bucket policy to Amazon S3 with the Principal of “”.
C. Use a service-based link to grant the Lambda function S3 list and get permissions by explicitly adding the S3 bucket’s account number in the resource
D. Use a service-based link to grant the Lambda function S3 get permissions and add a Resource of “*” to allow access to the S3 bucket.

Answer: A

QUESTION 679
A developer is building an application that reads 90 Items of data each second from an Amazon DynamoDB table.
Each item Is 3 KB m size.
The table is configured to use eventually consistent reads.
How many read capacity units should the developer provision for the table?

A. 25
B. 35
C. 45
D. 85

Answer: C


Resources From:

1.2021 Latest Braindump2go AWS-Developer-Associate Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/aws-developer-associate.html

2.2021 Latest Braindump2go AWS-Developer-Associate PDF and VCE Dumps Free Share:
https://drive.google.com/drive/folders/1dvoSqn8UfssZYMvGJJdAPW320Fvfpph3?usp=sharing

3.2021 Free Braindump2go AWS-Developer-Associate Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/AWS-Developer-Associate-PDF-Dumps(658-679).pdf

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!