DVA-C01 | A Review Of Virtual DVA-C01 Training Materials

NEW QUESTION 1
An orgAMzation has created an application which is hosted on the AWS EC2 instance. The application stores images to S3 when the end user uploads to it. The orgAMzation does not want to store the AWS secure credentials required to access the S3 inside the instance. Which of the below mentioned options is a possible solution to avoid any security threat?

• A. Use the IAM role and assign it to the instance.
• B. Since the application is hosted on EC2, it does not need credentials to access S3.
• C. Use the X.509 certificates instead of the access and the secret access keys.
• D. Use the IAM based single sign between the AWS resources and the orgAMzation applicatio

Answer: A

Explanation:
The AWS IAM role uses temporary security credentials to access AWS services. Once the role is assigned to an instance, it will not need any security credentials to be stored on the instance. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

NEW QUESTION 2
A user has hosted a website on AWS and uses ELB to load balance the multiple instances. The user application does not have any cookie management. How can the user bind the session of the requestor with a particular instance?

• A. Bind the IP address with a sticky cookie
• B. Create a cookie at the application level to set at ELB
• C. Use session synchronization with ELB
• D. Let ELB generate a cookie for a specified duration

Answer: D

Explanation:
The key to manage the sticky session is determining how long the load balancer should route the user's request to the same application instance. If the application has its own session cookie, then the user can set the Elastic Load Balancing to create the session cookie to follow the duration specified by the appIication's session cookie. If the user’s application does not have its own session cookie, then he can set the Elastic Load Balancing to create a session cookie by specifying his own stickiness duration. Reference: http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/DeveIoperGuide/US_StickySessions.html

NEW QUESTION 3
In regard to DynamoDB, can I modify the index once it is created?

• A. Yes, if it is a primary hash key index
• B. Yes, if it is a Global secondary index
• C. No
• D. Yes, if it is a local secondary index

Answer: C

Explanation:
Currently, in DynamoDB, an index cannot be modified once it is created. Reference: http://aws.amazon.com/dynamodb/faqs/#security_anchor

NEW QUESTION 4
AWS Elastic Beanstalk will change the health status of a web server environment tier to gray color when:

• A. AWS Elastic Beanstalk detects other problems with the environment that are known to make the application unavailable
• B. Your application hasn't responded to the application health check URL within the last one hour.
• C. Your application hasn't responded to the application health check URL within the last five minutes.
• D. Your appIication's health status is unknown because status is reported when the application is not in the ready state.

Answer: D

Explanation:
AWS Elastic Beanstalk will change the health status of a web server environment tier to gray color when your appIication's health status is unknown (because status is reported when the application is not in the ready state).
Reference: http://docs.aws.amazon.com/elasticbeanstaIk/latest/dg/using-features.heaIthstatus.htmI

NEW QUESTION 5
Which statements about DynamoDB are true? Choose 2 answers

• A. DynamoDB uses a pessimistic locking model
• B. DynamoDB uses optimistic concurrency control
• C. DynamoDB uses conditional writes for consistency
• D. DynamoDB restricts item access during reads
• E. DynamoDB restricts item access during writes

Answer: BC

NEW QUESTION 6
A user has attached one RDS security group with 5 RDS instances. The user has changed the ingress rule for the security group. What will be the initial status of the ingress rule?

• A. Approving
• B. Implementing
• C. Authorizing
• D. It is not possible to assign a single group to multiple DB instances

Answer: C

Explanation:
When the user makes any changes to the RDS security group the rule status will be authorizing for some time until the changes are applied to all instances that the group is connected with. Once the changes are propagated the rule status will change to authorized.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html

NEW QUESTION 7
When a Simple Queue Service message triggers a task that takes 5 minutes to complete, which process below will result in successful processing of the message and remove it from the queue while minimizing the chances of duplicate processing?

• A. Retrieve the message with an increased visibility timeout, process the message, delete the message from the queue
• B. Retrieve the message with an increased visibility timeout, delete the message from the queue, process the message
• C. Retrieve the message with increased DeIaySeconds, process the message, delete the message from the queue
• D. Retrieve the message with increased DeIaySeconds, delete the message from the queue, process the message

Answer: A

NEW QUESTION 8
You want to have multiple versions of your application running at the same time, with all versions launched via AWS Elastic Beanstalk. Is this possible?

• A. N
• B. However if you have 2 AWS accounts this can be done
• C. N
• D. AWS Elastic Beanstalk is not designed to support multiple running environments
• E. Ye
• F. AWS Elastic Beanstalk is designed to support a number of multiple running environments
• G. Ye
• H. However AWS Elastic Beanstalk is designed to support only 2 multiple running environments

Answer: C

Explanation:
AWS Elastic Beanstalk is designed to support multiple running environments. As an example you could have one for integration testing, one for pre-production, and one for production, with each environment independently configured and running on its own separate AWS resources.
Reference: https://aws.amazon.com/elasticbeansta|k/faqs/

NEW QUESTION 9
A user has created an application which sends data to a log file. The server hosting the log files can be unavailable due to any reason. The user wants to make it so that whenever the log server is up it should be receMng the messages. Which of the below mentioned AWS services helps achieve this functionality?

• A. AWS Simple Workflow
• B. AWS Simple Task Service
• C. AWS Simple Notification Service
• D. AWS Simple Queue Service

Answer: D

Explanation:
Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, and fully managed message queuing service. SQS provides a simple and cost-effective way to decouple the components of an application. The user can use SQS to transmit any volume of data without losing messages or requiring other services to always be available. Using SQS, the application has to just send the data to SQS and SQS transmits it to the log file whenever it is available.
Reference: http://aws.amazon.com/sqs/

NEW QUESTION 10
What is the maximum time messages can be stored in SQS?

• A. 14 days
• B. one month
• C. 4 days
• D. 7 days

Answer: A

Explanation:
A message can be stored in the Simple Queue Service (SQS) from 1 minute up to a maximum of 14 days. Reference: http://aws.amazon.com/sqs/faqs/#How_Iong_can_I_keep_my_messages_in_Amazon_SQS_queues

NEW QUESTION 11
is a task coordination and state management service for cloud applications.

• A. Amazon SES
• B. Amazon SWF
• C. Amazon FPS
• D. Amazon SNS

Answer: B

Explanation:
Amazon Simple Workflow (Amazon SWF) is a task coordination and state management service for cloud applications. With Amazon SWF, you can stop writing complex glue-code and state machinery and invest more in the business logic that makes your applications unique.
Reference: http://aws.amazon.com/swf/

NEW QUESTION 12
A user has created a new EBS volume from an existing snapshot. The user mounts the volume on the instance to which it is attached. Which of the below mentioned options is a required step before the user can mount the volume?

• A. Run a cyclic check on the device for data consistency
• B. Create the file system of the volume
• C. Resize the volume as per the original snapshot size
• D. No step is require
• E. The user can directly mount the device

Answer: D

Explanation:
When a user is trying to mount a blank EBS volume, it is required that the user first creates a file system within the volume. If the volume is created from an existing snapshot then the user needs not to create a file system on the volume as it will wipe out the existing data.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.htmI

NEW QUESTION 13
A user has configured a website and launched it using the Apache web server on port 80. The user is using ELB with the EC2 instances for Load Balancing. What should the user do to ensure that the EC2 instances accept requests only from ELB?

• A. Open the port for an ELB static IP in the EC2 security group
• B. Configure the security group of EC2, which allows access to the ELB source security group
• C. Configure the EC2 instance so that it only listens on the ELB port
• D. Configure the security group of EC2, which allows access only to the ELB listener

Answer: B

Explanation:
When a user is configuring ELB and registering the EC2 instances with it, ELB will create a source security group. If the user wants to allow traffic only from ELB, he should remove all the rules set for the other requests and open the port only for the ELB source security group.
Reference:
http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/DeveIoperGuide/using-elb-security-groups.htmI

NEW QUESTION 14
An orgAMzation is having an application which can start and stop an EC2 instance as per schedule. The orgAMzation needs the MAC address of the instance to be registered with its software. The instance is launched in EC2-CLASSIC. How can the orgAMzation update the MAC registration every time an instance is booted?

• A. The instance MAC address never change
• B. Thus, it is not required to register the MAC address every time.
• C. The orgAMzation should write a boot strapping script which will get the MAC address from the instance metadata and use that script to register with the application.
• D. AWS never provides a MAC address to an instance; instead the instance ID is used for identifying the instance for any software registration.
• E. The orgAMzation should provide a MAC address as a part of the user dat
• F. Thus, whenever the instance is booted the script assigns the fixed MAC address to that instance.

Answer: B

Explanation:
AWS provides an on demand, scalable infrastructure. AWS EC2 allows the user to launch On-Demand instances. AWS does not provide a fixed MAC address to the instances launched in EC2-CLASSIC. If the instance is launched as a part of EC2-VPC, it can have an ENI which can have a fixed MAC. However, with EC2-CLASSIC, every time the instance is started or stopped it will have a new MAC address.
To get this MAC, the orgAMzation can run a script on boot which can fetch the instance metadata and get the MAC address from that instance metadata. Once the MAC is received, the orgAMzation can register that MAC with the software.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html

NEW QUESTION 15
A user has launched an RDS instance. The user has created 3 databases on the same server. What can the maximum size be for each database?

• A. The size of each DB cannot be more than 3 TB
• B. It is not possible to have more than one DB on a single instance
• C. The total instance storage size cannot be more than 3 TB
• D. The size of each DB cannot be more than 1 TB

Answer: C

Explanation:
The AWS RDS DB instance is an isolated DB environment provided by AWS in which the user can create more than 1 database. The maximum size ofthe instance should be between 5 GB and 3 TB. The size of each DB can be anything in this range.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html

NEW QUESTION 16
Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table.
What is the most secure approach for signing requests to the DynamoDB API?

• A. Create an IAM user with access credentials that are distributed with the mobile app to sign the requests
• B. Distribute the AWS root account access credentials with the mobile app to sign the requests
• C. Request temporary security credentials using web identity federation to sign the requests
• D. Establish cross account access between the mobile app and the DynamoDB table to sign the requests

Answer: C

NEW QUESTION 17
You need to develop and run some new applications on AWS and you know that Elastic Beanstalk and CIoudFormation can both help as a deployment mechAMsm for a broad range of AWS resources. Which of the following statements best describes the differences between Elastic Beanstalk and C|oudFormation?

• A. Elastic Beanstalk uses Elastic load balancing and CIoudFormation doesn't.
• B. CIoudFormation is faster in deploying applications than Elastic Beanstalk.
• C. CIoudFormation is much more powerful than Elastic Beanstalk, because you can actually design and script custom resources
• D. Elastic Beanstalk is faster in deploying applications than C|oudFormatio

Answer: C

Explanation:
These services are designed to complement each other. AWS Elastic Beanstalk provides an environment to easily develop and run applications in the cloud. It is integrated with developer tools and provides a one-stop experience for you to manage the lifecycle of your applications. AWS CIoudFormation is a convenient deployment mechAMsm for a broad range of AWS resources. It supports the infrastructure needs of many different types of applications such as existing enterprise applications, legacy applications, applications built using a variety of AWS resources and container-based solutions (including those built using AWS Elastic Beanstalk).
AWS CIoudFormation introduces two new concepts: The template, a JSON-format, text-based file that describes all the AWS resources you need to deploy to run your application and the stack, the set of AWS resources that are created and managed as a single unit when AWS CIoudFormation instantiates a template.
Reference: http://aws.amazon.com/c|oudformation/faqs/

NEW QUESTION 18
......