EMT Practice Test

1. Question Content...


Question List

Question1: A company uses a third-party tool to build, bundle, and package rts applications on-premises. and store them locally The company uses Amazon EC2 instances to run its front-end applications How can an application be deployed from the source control system onto the EC2 instances?

Question2: A company is migrating its on-premises database to Amazon RDS for MySQL. The company has read-heavy workloads, and wants to make sure it re-factors its code to achieve optimum read performance for its queries.
How can this objective be met?

Question3: A company has an internet-facing application that uses Web Identity Federation to obtain a temporary credential from AWS Security Token Service (AWS STS). The app then uses the token to access AWS services.
Review the following response:

Based on the response displayed what permissions are associated with the call from the application?

Question4: A developer is using Amazon S3 as the event source that invokes a Lambda function when new objects are created in the bucket The event source mapping Information Is stored in the bucket notification configuration The developer is working with different versions of the Lambda function, and has a constant need to update notification configuration so that Amazon S3 invokes the correct version What is the MOST efficient and effective way to achieve mapping Between the S3 event and Lambda?

Question5: A company recently experienced some unexpected downtime. After investigating, the company determines that a developer mistakenly terminated several production Amazon EC2 instances.
What should the company do to BEST protect against accidental terminations in the future.

Question6: A physician's office management application requires that all data in transit between an EC2 instance and an Amazon EBS volume be encrypted Which of the following techniques fulfills this requirement? (Select TWO )

Question7: A developer is building an application that needs to store date in Amazon S3. Management requires that the data be encrypted before is it sent to Amazon S3 for storage. The encryption keys need to be managed by the security team.
Which approach should the developer take to meet these requirements?

Question8: A developer is leveraging a Border Gateway Protocol (BGP)-based AWS VPN connection to connect from on-premises to Amazon EC2 instances in the developer's account The developer is able to access an EC2 instance in subnet A, but is unable to access an EC2 instance in subnet B in the same VPC Which logs can the developer use to verify whether the traffic is reaching subnet B?

Question9: Multiple development teams are working on a project to migrate a monolithic application to a microservices-based application running on AWS Lambda The teams need a way to centrally manage code that is shared across multiple functions Which approach requires the LEAST maintenance?

Question10: A Developer is writing a mobile application that allows users to view images from an S3 bucket. The users must be able to log in with their Amazon login, as well as Facebook® and/or Google® accounts.
How can the Developer provide this authentication functionality?

Question11: An application writes items to an Amazon DynamoDB table. As the application scales to thousands of instances, calls to the DynamoDB API generate occasional ThrottlingException errors. The application is coded in a language incompatible with the AWS SDK.
How should the error be handled?

Question12: A developer has written an application that runs on Amazon EC2 instances. The developer is adding functionality for the application to write objects to an Amazon S3 bucket Which policy must the developer modify to allow the instances to write these objects?

Question13: A developer is using AWS CodeDeploy to deploy an application running on Amazon EC2. The developer wants to change the file permissions for a specific deployment file. Which lifecycle event should a developer use to meet this requirement?

Question14: A Developer is writing an application that runs on Amazon EC2 instances in an Auto scaling group. The application data is stored in an Amazon DynamoDB table and records are constantly updated by all instances.
An instance sometimes retrieves old data. The Developer wants to correct this by making sure the reads are strongly consistent.
How can the developer accomplish this?

Question15: A company has an AWS Lambda function that runs hourly, reads log files that are stored in Amazon S3, and forwards alerts to Amazon Simple Notification Service (Amazon SNS) topics based on content A developer wants to add a custom metric to the Lambda function to track the number of alerts of each type for each run The developer needs to log this information in Amazon CloudWatch in a metric that is named Lambda/AlertCounts How should the developer modify the Lambda function to meet this requirement with the LEAST operational overhead''

Question16: A Developer is writing a REST service that will add items to a shopping list. The service is built on Amazon API Gateway with AWS Lambda integrations. The shopping list items are send as query string parameters in the method request.
How should the Developer convert the query string parameters to arguments for the Lambda function?

Question17: A company's security policies require all database passwords to be rotated every 30 days The company uses different database platforms, including Amazon Aurora databases and proprietary NoSQL document databases, for different applications A developer needs to implement a solution for password rotation Which solution will meet these requirements?

Question18: A Developer wants to upload data to Amazon S3 and must encrypt the data in transit.
Which of the following solutions will accomplish this task? (Choose two.)

Question19: A company has a REST application comprised of an Amazon API Gateway and several AWS Lambda functions. A developer is responding to an alert that the API Gateway's HTTP response error rate has unexpectedly increased. The developer must determine must which Lambda function is malfunctioning.
Which method would help the developer make this determination while minimizing delays?

Question20: A Developer wants to debug an application by searching and filtering log data. The application logs are stored in Amazon CloudWatch Logs. The Developer creates a new metric filter to count exceptions in the application logs. However, no results are returned from the logs.
What is the reason that no filtered results are being returned?

Question21: A Developer has developed a web application and wants to deploy it quickly on a Tomcat server on AWS. The Developer wants to avoid having to manage the underlying infrastructure.
What is the easiest way to deploy the application, based on these requirements?

Question22: A developer must allow guest users without logins to access an Amazon Cognito-enabled site to view files stored within an Amazon S3 bucket How should the developer meet these requirements'?

Question23: You run an ad-supported photo sharing website using S3 to serve photos to visitors of your site. At some point you find out that other sites have been linking to the photos on your site, causing loss to your business.
What is an effective method to mitigate this?

Question24: A developer is attempting to use the Amazon S3 PutObject API operation to upload an object to an S3 bucket that has default encryption enabled. The developer receives a 400 Bad Request error.
What is the MOST likely cause of this error?

Question25: An application running on Amazon EC2 instances must access objects within an Amaon S3 busket that are encrypted using server-side encryption using AWS KMS encryption keys (SSE-KMS). The application must have access to the customer master key (CMK) to decrypt the objects.
Which combination of steps will grant the application access? (Select TWO.)

Question26: Your application is trying to upload a 6 GB file to Simple Storage Service and receive a "Your proposed upload exceeds the maximum allowed object size." error message.
What is a possible solution for this?

Question27: A developer is writing an application that will process data delivered into an Amazon S3 bucket. The data is delivered approximately 10 times a day, and the developer expects the data will be processed in less than 1 minute, on average.
How can the developer deploy and invoke the application with the lowest cost and lowest latency?

Question28: While developing an application that runs on Amazon EC2 in an Amazon VPC, a Developer identifies the need for centralized storage of application-level logs.
Which AWS service can be used to securely store these logs?

Question29: An application running on multiple Amazon EC2 instances pulls messages ...SQS queue. A requirement for the application is that all messages must be encrypted at rest.
Developers are instructed to use methods that allow for centralized .. possible support requirements whenever possible.
Which of the following solution supports these requirements?

Question30: A development team is migrating a monolithic application to Amazon API Gateway with AWS Lambda integrations using the AWS CD The zip deployment package exceeds the Lambda direct upload deployment package size limit. How should the Lambda function be deployed?

Question31: An AWS Elastic Beanstalk application needs to be deployed in multiple regions and requires a different Amazon Machine Image (AMI) in each region.
Which AWS CloudFormation template key can be used to specify the correct AMI for each region?

Question32: A company stores all personally identifiable information (PII) in an Amazon DynamoDB table named PII in Account A.
An application running on Amazon EC2 instances in Account B requires access to the PII table.
An administrators in Account A created an IAM role named AccessPII with privileges to access the PII table, and made account B a trusted entity.
Which combination of actional steps should Developers take to access the table? (Select TWO )

Question33: When uploading an object, what request header can be explicitly specified in a request to Amazon S3 to encrypt object data when saved on the server side?

Question34: A company is developing a new web application in Python A developer must deploy the application using AWS Elastic Beanstalk from the AWS Management Console The developer creates an Elastic Beanstalk source bundle to upload using the console Which of the following are requirements when creating the source bundle? (Select TWO.)

Question35: Given the following AWS CloudFormation template:
What is the MOST efficient way to reference the new Amazon S3 bucket from another AWS CloudFormation template?

Question36: n application running on an Amazon Linux EC2 instance needs to manage the AWS infrastructure.
How can the EC2 instance be configured to make AWS API calls securely?

Question37: An advertising company has a dynamic website with heavy traffic. The company wants to migrate the website infrastructure to AWS to handle everything except website development.
Which solution BEST meets these requirements?

Question38: A stock market monitoring application uses Amazon Kinesis for data ingestion. During simulated tests of peak data rates, the Kinesis stream cannot keep up with the incoming data.
What step will allow Kinesis to accommodate the traffic during peak hours?

Question39: A developer is writing a new AWS Serverless Application Model (AWS SAM) template with a new AWS Lambda function The Lambda function runs complex code. The developer wants to test the Lambda function with more CPU power.
What should the developer do to meet this requirement?

Question40: An application that runs on an Amazon EC2 instance needs to access and make API calls to multiple AWS services.
What is the MOST secure way to provide access to the AWS services with MINIMAL management overhead?

Question41: A developer is creating a new application that will be accessed by users through an API created using Amazon API Gateway The users need to be authenticated by a third-party Security Assertion Markup Language (SAML) identity provider Once authenticated, users will need access to other AWS services such as Amazon S3 and Amazon DynamoDB How can these requirements be met?

Question42: A developer is creating a role to access Amazon S3 buckets To create the role, the developer uses the AWS CLI create-role command. Which policy should be added to allow the Amazon EC2 service to assume the role?

Question43: A company wants to migrate an existing web application to AWS. The application consists of two web servers and a MySQL database The company wants the application to automatically scale in response to demand The company also wants to reduce its operational overhead for database backups and maintenance The company needs the ability to deploy multiple versions of the application concurrently What is the MOST operationally efficient solution that meets these requirements'?

Question44: An application running on EC2 instances is storing data in an S3 bucket. Security policy mandates that all data must be encrypted in transit.
How can the Developer ensure that all traffic to the S3 bucket is encrypted?

Question45: A company wants to make sure that only one user from its Admin group has the permanent right to delete an Amazon EC2 resource There should be no changes in the existing policy under the Admin group What should a developer use to meet these requirements?

Question46: A developer is implementing authentication and authorization for an application. The developer needs to ensure that the user credentials are never exposed. Which approach should the developer take to meet this requirement?

Question47: A company is using Amazon API Gateway to manage access to a set of microservices implemented as AWS Lambda functions. Following a bug report, the company makes a minor breaking change to one of the APIs.
In order to avoid impacting existing clients when the new API is deployed, the company wants to allow clients six months to migrate from v1 to v2.
Which approach should the Developer use to handle this change?

Question48: A company is running a custom application on a set of on-premises Linux servers that are accessed using Amazon API Gateway. AWS X-Ray tracing has been enabled on the API test stage How can a developer enable X-Ray tracing on the on-premises servers with the LEAST amount of configuration''

Question49: A Developer is designing a new application that uses Amazon S3. To satisfy compliance requirements, the Developer must encrypt the data at rest.
How can the Developer accomplish this?

Question50: A large company has its application components distributed across.. company needs to collect and visualize trace data across these accounts.
What should be used to meet these requirements?

Question51: A Developer is building a mobile application and needs any update to user profile data to be pushed to all devices accessing the specific identity. The Developer does not want to manage a back end to maintain the user profile data.
What is the MOST efficient way for the Developer to achieve these requirements using Amazon Cognito?

Question52: A front-end web application is using Amazon Cognito user pools to handle the user authentication flow. A developer is integrating Amazon DynamoDB into the application using the AWS SDK for JavaScript How would the developer securely call the API without exposing the access or secret keys?

Question53: An organization is using Amazon API Gateway to provide a public API called "Survey" for collecting user feedback posts about its products The survey API has "DEV" and "PROD" stages and consists of one resource
"/feedback" which allows users to retrieve/create/update single feedback posts.
Aversion-controlled Swagger file is used to define a new API that retrieves multiple feedback posts To add the new API resource "/listFeedbackForProduct" the developer makes changes to the Swagger file defining an API uploads the fie to the organization's version control system, and uses the API Gateway Import API feature to apply the changes to the Survey API After successful import the developer runs the tests against the DEV stage and finds that resource VlistFeedbackForProduct" is not available.
What is MOST likely the reason for resource not being available?

Question54: A global company has an application running on Amazon EC2 instances that serves image files from Amazon S3. User requests from the browser are causing high traffic, which results in degraded performance.
Which optimization solution should a Developer implement to increase application performance?

Question55: Which statements about DynamoDB are true? Choose 2 answers

Question56: A developer has written an application that runs on Amazon EC2 instances and generates a value every minute. The Developer wants to monitor and graph the values generated over time without logging in to the instance each time.
Which approach should the Developer use to achieve this goal?

Question57: A developer must ensure that the IAM credentials used by an application in Amazon EC2 are not misused or compromised What should the developer use to keep user credentials secure?

Question58: A company requires objects that are stored in Amazon S3 to be encrypted. The company is currently using server-side encryption with AWS KMS managed encryption keys (SSE-KMS) A developer needs to optimize the cost-effectiveness of the encryption mechanism without negatively affecting performance What should the developed to meet these requirements'?

Question59: A company is building an application to track athlete performance using an Amazon DynamoDB table. Each item in the table is identified by a partition key (user_id) and a sort key (sport_name). The table design is shown below:
(Note: Not all table attributes are shown)
A Developer is asked to write a leaderboard application to display the top performers (user_id) based on the score for each sport_name.
What process will allow the Developer to extract results MOST efficiently from the DynamoDB table?

Question60: An application is designed to use Amazon SQS to manage messages from many independent senders. Each sender's messages must be processed in the order they are received.
Which SQS feature should be implemented by the Developer?

Question61: A developer has built an application running on AWS Lambda using AWS Serverless Application Model (AWS SAM). What is the correct order of execution to successfully deploy the application?

Question62: An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket. Which service would BEST accomplish this task?

Question63: A developer is creating an event handling system. To handle messages asynchronously, the developer created a standard Amazon SQS queue Quality assurance testing reveals that some events were processed multiple times.
What is the recommended way to ensure the events are not processed more than once?

Question64: A Developer is testing a Docker-based application that uses the AWS SDK to interact with Amazon DynamoDB. In the local development environment, the application has used IAM access keys. The application is now ready for deployment onto an ECS cluster.
How should the application authenticate with AWS services in production?

Question65: An application is using a custom library to make HTTP calls directly to AWS service endpoints. The application is experiencing transient errors that are causing processes to stop when each error is first encountered A request has been made to make the application more resilient by adding error retries and exponential backoff.
How should a developer implement the changes with MINIMAL custom code?

Question66: A Developer must repeatedly and consistently deploy a serverless RESTful API on AWS.
Which techniques will work? (Choose two.)

Question67: A Developer has created an S3 bucket s3://mycoolapp and has enabled server across logging that points to the folder s3://mycoolapp/logs. The Developer moved 100 KB of Cascading Style Sheets (CSS) documents to the folder s3://mycoolapp/css, and then stopped work. When the developer came back a few days later, the bucket was 50 GB.
What is the MOST likely cause of this situation?

Question68: A Developer is going to deploy an AWS Lambda function that requires significant CPU utilization. Which approach will MINIMIZE the average runtime of the function?

Question69: A developer creates an Amazon S3 bucket to store project status files that are uploaded hourly The developer also creates an AWS Lambda function'that will be used to process the project status files What should the developer do to invoke the function with the LEAST amount of AWS infrastructure?

Question70: When developing an AWS Lambda function that processes Amazon Kinesis Data Streams, Administrators within the company must receive a notice that includes the processed data.
How should the Developer write the function to send processed data to the Administrators?

Question71: A static website is hosted in an Amazon S3 bucket. Several HTML pages on the site use JavaScript to download images from another Amazon S3 bucket. These images are not displayed when users browse the site.
What is the possible cause for the issue?

Question72: A Developer has an application that can upload tens of thousands of objects per second to Amazon S3 in parallel within a single AWS account. As part of new requirements, data stored in S3 must use server side encryption with AWS KMS (SSE-KMS). After creating this change, performance of the application is slower.
Which of the following is MOST likely the cause of the application latency?

Question73: EC2 instances are launched from Amazon Machine images (AMIs). A given public AMI can:

Question74: In DynamoDB, what type of HTTP response codes indicate that a problem was found with the client request sent to the service?

Question75: A company has an application that logs all information to Amazon S3. Whenever there is a new log file, an AWS Lambda function is invoked to process the log files. The code works, gathering all of the necessary information. However, when checking the Lambda function logs, duplicate entries with the same request ID are found.
What is causing the duplicate entries?

Question76: A developer has written an application that writes data to Amazon DynamoDB- The DynamoDB table has been configured to use conditional writes During peak usage times, writes are failing due to a CondittonatCheckFailedException error How can the developer increase the application's reliability when multiple clients are attempting to write to the same record?

Question77: A company is adding items to an Amazon DynamoDB table from an AWS Lambda function that is written in Python A developer needs to implement a solution that inserts records in the DynamoDB table and performs automatic retry when the insert fails Which solution meets these requirements with MINIMUM code changes?

Question78: A developer is planning to use an Amazon API Gateway and AWS Lambda to provide a REST API The developer will have three distinct environments to manage development, test, and production. How should the application be deployed while minimizing the number of resources to manage?

Question79: A developer registered an AWS Lambda function as a target for an Application Load Balancer (ALB) using a CLI command. However, the Lambda function is not being invoked when the client sends requests through the ALB.
Why is the Lambda function not being invoked?

Question80: Company B provides an online image recognition service and utilizes SQS to decouple system components for scalability The SQS consumers poll the imaging queue as often as possible to keep end-to-end throughput as high as possible. However, Company B is realizing that polling in tight loops is burning CPU cycles and increasing costs with empty responses.
How can Company B reduce the number of empty responses?

Question81: A Developer wants to find a list of items in a global secondary index from an Amazon DynamoDB table.
Which DynamoDB API call can the Developer use in order to consume the LEAST number of read capacity units?

Question82: A developer is building an application integrating an Amazon API Gateway with an AWS Lambda function.
When calling the API, the developer receives the following error. Wed Nov 03 01:13:00 UTC 2017 : Method completed with status: 502 What should the developer do to resolve the error?

Question83: A Developer created a new AWS account and must create a scalable AWS Lambda function that meets the following requirements for concurrent execution:
* Average execution time of 100 seconds
* 50 requests per second
Which step must be taken prior to deployment to prevent errors?

Question84: A developer is testing an application that invokes an AWS Lambda function asynchronously During the testing phase, the Lambda function fails to process after two retries How can the developer troubleshoot the failure?

Question85: A large e-commerce site is being designed to deliver static objects from Amazon S3. The Amazon S3 bucket wills server more than 300 GET requests per second. What should be done to optimize performance? (Select TWO.)

Question86: A Developer needs to design an application running on AWS that will be used to consume Amazon SQS messages that range from 1 KB up to 1GB in size.
How should the Amazon SQS messages be managed?

Question87: An ecommerce startup is preparing for an annual sales event As the traffic to the company's application increases, the development team wants to be notified when the Amazon EC2 instance's CPU utilization exceeds 80%.
Which solution will meet this requirement?

Question88: A developer is migrating a legacy monolithic application to AWS and wants to convert the application's internal processes to microservices The application's internal processes communicate through internal asynchronous messaging Occasionally, messages need to be reprocessed by multiple microservices How should the developer migrate the application's internal messaging to AWS to meet these requirements?

Question89: A company is migrating the content delivery network for its dynamic PHP website to AWS An Amazon CloudFront web distribution is part of the new infrastructure The distribution has the following cache behavior settings
* Allowed HTTP Methods is set to GET HEAD
* Viewer Protocol Policy is set to HTTP and HTTPS
Developers test the solution and can reach the company's website over HTTP and HTTPS However the developers are unable to log in to the previously working administration panel of the website Which action will resolve this login issue?

Question90: An application needs to use the IP address of the client in its processing. The application has been moved into AWS and has been placed behind an Application Load Balancer (ALB). However, all the client IP addresses now appear to be the same. The application must maintain the ability to scale horizontally.
Based on this scenario, what is the MOST cost-effective solution to this problem?

Question91: A company has three AWS Lambda functions that are written in Node js The Lambda functions include a mix of custom code and open-source modules When bugs are occasionally detected in the open-source modules, all three Lambda functions must be patched.
What is the MOST operationally efficient solution to deploy a patched open-source library for all three Lambda functions?

Question92: You are providing AWS consulting services for a company developing a new mobile application that will be leveraging Amazon SNS Mobile Push for push notifications. In order to send direct notification messages to individual devices each device registration identifier or token needs to be registered with SNS; however the developers are not sure of the best way to do this.
You advise them to:

Question93: The Developer for a retail company must integrate a fraud detection solution into the order processing solution. The fraud detection solution takes between ten and thirty minutes to verify an order. At peak, the web site can receive one hundred orders per minute.
What is the most scalable method to add the fraud detection solution to the order processing pipeline?

Question94: A Developer is working on an application that tracks hundreds of millions of product reviews in an Amazon DynamoDB table. The records include the data elements shown in the table:

Which field, when used as the partition key, would result in the MOST consistent performance using DynamoDB?

Question95: A developer wants the ability to roll back to a previous version of an AWS Lambda function in the event of errors caused by a new deployment.
How can the developer achieve this with MINIMAL impact on users?

Question96: An application running on Amazon EC2 opens connections to an Amazon RDS SQL Server database The developer does not want to store the user name and password for the database in the code. The developer would also like to automatically rotate the credentials.
What is the MOST secure way to store and access the database credentials?

Question97: A company caches session information for a web application in an Amazon DynamoDB table. The company wants an automated way to delete old items from the table.
What is the simplest way to do this?

Question98: A developer is testing a Docker-based application that uses the AWS SDK to interact with Amazon DynamoDB In the local development environment, the application has used IAM access keys The application is now ready for deployment onto an ECS duster.
How should the application authenticate with AWS services in production?

Question99: A developer has written an application that uses Amazon API Gateway and AWS Lambda. The developer needs to configure the application so that the developer can visualize the application's components and identify performance bottlenecks What should the developer do to meet these requirements?

Question100: A company needs to encrypt data at rest, but it wants to leverage an AWS managed service using its own master key.
Which of the following AWS service can be used to meet these requirements?

Question101: A development team decides to adopt a continuous integration/continuous delivery (CI/CD) process using AWS CodePipehne and AWS CodeCommit for a new application. However, management wants a person to review and approve the code before it is deployed to production How can the development team add a manual approver to the CI/CD pipeline?

Question102: An organization is storing large files in Amazon S3, and is writing a web application to display meta-data about the files to end-users. Based on the metadata a user selects an object to download. The organization needs a mechanism to index the files and provide single-digit millisecond latency retrieval for the metadata.
What AWS service should be used to accomplish this?

Question103: A development team is working on a mobile app that allows users to upload pictures to Amazon S3 The team expects the app will be used by hundreds of thousands of users during a single event simultaneously Once the pictures are uploaded, the backend service will scan and parse the pictures for inappropriate content.
Which approach is the MOST resilient way to achieve this goal which also smooths out temporary volume spikes for the backend service?

Question104: A company has a web application In an Amazon Elastic Container Service (Amazon ECS) cluster running hundreds of secure services in AWS Fargate containers. The services are in target groups routed by an Application Load Balancer (ALB) Application users log in to the website anonymously, but they must be authenticated using any OpenID Connect protocol-compatible identity provider (IdP) to access the secure services Which authentication approach would meet these requirements with the LEAST amount of effort?

Question105: A Developer has a stateful web server on-premises that is being migrated to AWS. The Developer must have greater elasticity in the new design.
How should the Developer re-factor the application to make it more elastic? (Choose two.)

Question106: A Development team would like to migrate their existing application code from a GitHub repository to AWS CodeCommit.
What needs to be created before they can migrate a cloned repository to CodeCommit over HTTPS?

Question107: A developer is provided with an HTTPS clone URL for an AWS CodeCommit repository.
What needs to be configured before cloning this repository?

Question108: A company is providing services to many downstream consumers. Each consumer may connect to one or more services. This has resulted in a complex architecture that is difficult to manage and does not scale well. The company needs a single interface to manage these services to consumers.
Which AWS service should be used to refactor this architecture?

Question109: Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table.
What is the most secure approach for signing requests to the DynamoDB API?

Question110: A company is using AWS CloudFormation templates to deploy AWS resources. The company needs to update one of its AWS CloudFormation stacks What can the company do to find out how the changes will impact the resources that are running?

Question111: You are writing to a DynamoDB table and receive the following exception:" ProvisionedThroughputExceededException". though according to your Cloudwatch metrics for the table, you are not exceeding your provisioned throughput.
What could be an explanation for this?

Question112: An application uploads photos to an Amazon S3 bucket. Each photo that is uploaded to the S3 bucket must be resized to a thumbnail image by the application Each thumbnail image is uploaded with a new name in the same S3 bucket Which AWS service can a developer configure to directly process each single S3 event for each S3 object upload?

Question113: A Developer has created a large Lambda function, and deployment is failing with the following error:
ClientError: An error occurred (InvalidParameterValueException) when calling the CreateFunction operation: Unzipped size must be smaller than XXXXXXXXX bytes', where XXXXXXXXX is the current Lambda limit What can the Developer do to fix this problem?

Question114: A developer uses Amazon S3 buckets for static website hosting. The developer creates one S3 bucket for the code and another S3 bucket for the assets, such as image and video files. Access is denied when a user attempts to access the assets bucket from the code bucket, with the website application showing a 403 error How should the developer solve this issue?

Question115: A developer is building an AWS Lambda function that will dynamically generate and send a weekly newsletter to 100.000 users This newsletter contains both static text and images The developer needs a fast and highly scalable place to store the images that will be hyperlinked in the newsletter Where should the developer store these images?

Question116: A company is developing a serverless ecommerce web application The application needs to make coordinated, all-or-nothing changes to multiple items in the company's inventory table in Amazon DynamoDB.
Which solution will meet these requirements?

Question117: When a Simple Queue Service message triggers a task that takes 5 minutes to complete, which process below will result in successful processing of the message and remove it from the queue while minimizing the chances of duplicate processing?

Question118: A developer has written the following IAM policy to provide access to an Amazon S3 bucket.

Which access does the policy allow regarding the s3:GetObject and s3 PutObject actions'?

Question119: A company is developing a report executed by AWS Step Functions Amazon CloudWatch shows errors in the Step Functions task state machine To troubleshoot each task, the state input needs to be included along with the error message in the state output.
Which coding practice can preserve both the original input and the error for the state?

Question120: Given the source code for an AWS Lambda function in the local store.py containing a handler function called get_store and the following AWS CloudFormation template:

What should be done to prepare the template so that it can be deployed using the AWS CLI command aws cloudformation deploy?

Question121: A Developer has been asked to build a real-time dashboard web application to visualize the key prefixes and storage size of objects in Amazon S3 buckets. Amazon DynamoDB will be used to store the Amazon S3 metadata.
What is the optimal and MOST cost-effective design to ensure that the real-time dashboard is kept up to date with the state of the objects in the Amazon S3 buckets?

Question122: An application ingests a large number of small messages and stores them in a database. The application uses AWS Lambda. A development team is making changes to the application's processing logic. In testing, it is taking more than 15 minutes to process each message. The team is concerned the current backend may time out.
Which changes should be made to the backend system to ensure each message is processed in the MOST scalable way1?

Question123: A company needs to secure its existing website running behind an Elastic Load Balancer. The website's Amazon EC2 instances are CPU-constrained.
What should be done to secure the website while not increasing the CPU load on the EC2 web servers? (Select TWO.)

Question124: How does Envelope Encryption work in AWS KMS?

Question125: A Developer is creating a serverless website with content that includes HTML files, images, videos, and JavaScript (client-side scripts).
Which combination of services should the Developer use to create the website?

Question126: A development team uses AWS Elastic Beanstalk for application deployment. The team has configured the application version lifecycle policy to limit the number of application versions to 25 However even with the lifecycle policy the source bundle is deleted from the Amazon S3 source bucket What should a developer do in the Elastic Beanstalk application version lifecycle settings to retain the source code in the S3 bucket?

Question127: A gaming application stores scores for players in an Amazon DynamoDB table that has four attributes user_id, user_name, user_score, and user_rank. The users are allowed to update their names only A user is authenticated by web identity federation.
Which set of conditions should be added in the policy attached to the role for the dynamodb Putltem API call?
A)
B)

C)

D)

Question128: An application is processing clickslream data using Amazon Kinesis. The clickstream data feed into Kinesis experiences periodic spikes. The PutRecords API call occasionally fails and the logs show that the failed call returns the response shown below.

Which techniques will help mitigate this exception? (Select TWO.)

Question129: Which of the following services are key/value stores? Choose 3 answers

Question130: A company has multiple Developers located across the globe who are updating code incrementally for a development project. When Developers upload code concurrently, internet connectivity is slow, and it is taking a long time to upload code for deployment in AWS Elastic Beanstalk.
Which step will result in minimized upload and deployment time with the LEAST amount of administrative effort?

Question131: An existing serverless application processes uploaded image files. The process currently uses a single Lambda function that takes an image file, performs the processing, and stores the file in Amazon S3. Users of the application now require thumbnail generation of the images. Users want to avoid any impact to the time it takes to perform the image uploads.
How can thumbnail generation be added to the application, meeting user requirements while minimizing changes to existing code?

Question132: A company has a large number of documents that are stored securely in Amazon S3 The company is creating an application that occasionally will read these documents The application will be deployed on Amazon EC2 instances.
The company's security requirements mandate that no long-term credentials can be stored on the EC2 instances and that only the needed documents can be accessed Only authorized users and applications can access the documents, access must be logged by Amazon S3 and each document must follow S3 Lifecycle policies for archival and destruction What should a developer do to meet these requirements?

Question133: Company D is running their corporate website on Amazon S3 accessed from http//www.companyd.com. Their marketing team has published new web fonts to a separate S3 bucket accessed by the S3 endpoint
https://s3-us-west-1.amazonaws.com/cdfonts. While testing the new web fonts, Company D recognized the web fonts are being blocked by the browser.
What should Company D do to prevent the web fonts from being blocked by the browser?

Question134: What is the maximum number of S3 Buckets available per AWS account?

Question135: A company is developing an application that will be accessed through the Amazon API Gateway REST API Registered users should be the only ones who can access certain resources of this API. The token being used should expire automatically and needs to be refreshed periodically.
How can a developer meet these requirements'?

Question136: What are the steps to using the AWS CLI to launch a templatized serverless application?

Question137: A developer supports an application that accesses data in an Amazon DynamoDB table One of the item attributes is expirationDate In the timestamp format The application uses this attribute to find items archive them and remove them from the table based on the timestamp value The application will be decommissioned soon, and the developer must find another way to implement this functionality The developer needs a solution that will require the least amount of code to write.
Which solution will meet these requirements?

Question138: When writing a Lambda function, what is the benefit of instantiating AWS clients outside the scope of the handler?

Question139: A Developer will be using the AWS CLI on a local development server to manage AWS services.
What can be done to ensure that the CLI uses the Developer's IAM permissions when making commands?

Question140: A Developer needs to deploy an application running on AWS Fargate using Amazon ECS. The application has environment variables that must be passed to a container tor the application to initialize How should the environment variables be passed to the container?

Question141: A development team is building a new application that will run on Amazon EC2 and use Amazon DynamoDB as a storage layer The developers all have assigned IAM user accounts in the same IAM group The developers currently can launch EC2 instances and they need to be able to launch EC2 instances with an instance role allowing access to Amazon DynamoDB.
Which AWS I AM changes are needed when creating an instance role to provide this functionality^

Question142: Where can PortMapping be defined when launching containers in Amazon ECS?

Question143: A development team consists of 10 team members. Similar to a home directory for each team member the manager wants to grant access to user-specific folders in an Amazon S3 bucket. For the team member with the username "TeamMemberX", the snippet of the IAM policy looks like this:

Instead of creating distinct policies for each team member, what approach can be used to make this policy snippet generic for all team members?

Question144: A company is using Amazon API Gateway to manage its public-facing API. The CISO requires that the APIs be used by test account users only. What is the MOST secure way to restrict API access to users of this particular AWS account?

Question145: A Developer is publishing critical log data to a log group in Amazon CloudWatch Lops, which was created 2 months ago. The Developer must encrypt the log data using an AWS KMS customer master key (CMK) so future data can be encrypted to comply with me company's security policy How can the Developer meet this requirement?

Question146: A developer is migrating code to an AWS Lambda function that will access an Amazon Aurora MySQL database.
What is the MOST secure way to authenticate the function to the database?

Question147: A developer needs to deploy a new version to an AWS Elastic Beanstalk application How can the developer accomplish this task?

Question148: You attempt to store an object in the US-STANDARD region in Amazon S3, and receive a confirmation that it has been successfully stored. You then immediately make another API call and attempt to read this object. S3 tells you that the object does not exist What could explain this behavior?

Question149: A Developer is building a web application that uses Amazon API Gateway to expose an AWS Lambda function to process requests from clients. During testing, the Developer notices that the API Gateway times out even though the Lambda function finishes under the set time limit.
Which of the following API Gateway metrics in Amazon CloudWatch can help the Developer troubleshoot the issue? (Choose two.)

Question150: A legacy service has an XML-based SOAP interface. The Developer wants to expose the functionality of the service to external clients with the Amazon API Gateway. Which technique will accomplish this?

Question151: When a Developer tries to run an AWS CodeBuild project, it raises an error because the length of all environment variables exceeds the limit for the combined maximum of characters.
What is the recommended solution?

Question152: A Developer is creating a mobile application with a limited budget. The solution requires a scalable service that will enable customers to sign up and authenticate into the mobile application while using the organization's current SAML 2.0 identity provider.
Which AWS service should be used to meet these requirements?

Question153: A web application is designed to allow new users to create accounts using their email addresses. The application will store attributes for each user, and is expecting millions of user to sign up.
What should the Developer implement to achieve the design goals?

Question154: A developer is building a static, client-side rendered website that is powered by ReactJS The code has no server-side generated components and does not need to run any programming languages on the server However the code serves static HTML, CSS, and JavaScript to the client on each request The developer's solution to host the website must maximize performance and cost-effectiveness Which combination of AWS services or resources should the developer use to meet these requirements?

Question155: A company has deployed an application on AWS Elastic Beanstalk. The company has configured the Auto Scaling group that is associated with the Elastic Beanstalk environment to have five Amazon EC2 instances If the capacity is fewer than four EC2 instances during the deployment, application performance degrades. The company is using the all-at-once deployment policy What is the MOST cost-effective way to solve the deployment issue?

Question156: A developer wants to secure sensitive configuration date such as passwords, database strings, and application license codes. Access to this sensitive information must be tracked for future audit purposes.

Question157: A nightly batch job loads 1 million new records into a DynamoDB table. The records are only needed for one hour, and the table needs to be empty by the next night's batch job.
Which is the MOST efficient and cost-effective method to provide an empty table?

Question158: A company hosts a microservices application that uses Amazon API Gateway, AWS Lambda, Amazon Simple Queue Service (Amazon SOS), and Amazon DynamoDB, One of the Lambda functions adds messages to an SOS FIFO queue.
When a developer checks the application logs, the developer finds a few duplicated items in a DynamoDB table. The items were inserted by another polling function that processes messages from the queue.
What is the MOST likely cause of this issue?

Question159: A developer wants to modify the following AWS Cloud Formation template to embed another CloudFormation stack:

Which syntax should the developer add to the blank line of the CloudFormation template to meet this requirement?

Question160: An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C.
What is the MOST secure way to allow the application to call AWS services in each audited account?

Question161: An application is real-time processing millions of events that are received through an API.
What service could be used to allow multiple consumers to process the data concurrently and MOST cost-effectively?

Question162: A company is launching an ecommerce website and will host the static data in Amazon S3. The company expects approximately 1 000 transactions per second (TPS) for GET and PUT requests in total. Logging must be enabled to track all requests and must be retained for auditing purposes.
What is the MOST cost-effective solution?

Question163: An on-premises application is implemented using a Linux, Apache, MySQL and PHP (LAMP) stack. The Developer wants to run this application in AWS.
Which of the following sets of AWS services can be used to run this stack?

Question164: A company has written a Java AWS Lambda function to be triggered whenever a user uploads an image to an Amazon S3 bucket. The function converts the original image to several different formats and then copies the resulting images to another Amazon S3 bucket.
The Developers find that no images are being copied to the second Amazon S3 bucket. They have tested the code on an Amazon EC2 instance with 1GB of RAM, and it takes an average of 500 seconds to complete.
What is the MOST likely cause of the problem?

Question165: Which of the following platforms are supported by Elastic Beanstalk? Choose 2 answers

Question166: A Developer is creating an Auto Scaling group whose instances need to publish a custom metric to Amazon CloudWatch.
Which method would be the MOST secure way to authenticate a CloudWatch PUT request?

Question167: An application uses Amazon Kinesis Data Streams to ingest and process large streams of data records in real time. Amazon EC2 instances consume and process the data from the shards of the Kinesis data stream by using Amazon Kinesis Client Library (KCL). The application handles the failure scenarios and does not require standby workers. The application reports that a specific shard is receiving more data than expected. To adapt to the chnages in the rate of data flow, the "hot" shard is resharded.
Assuming that the initial number of shards in the Kinesis data stream is 4, and after resharding the number of shards increased to 6, what is the maximum number of EC2 instances that can be deployed to process data from all the shards?

Question168: A Lambda function is packaged for deployment to multiple environments, including development, test, production, etc. Each environment has unique set of resources such as databases, etc.
How can the Lambda function use the resources for the current environment?

Question169: A developer works in an environment with multiple AWS accounts that have AWS Lambda functions processing the same 100 KB payloads. The developer wants to centralize the point of origin of the payloads to one account and have all the Lambda functions be invoked whenever the initiating event occurs in the parent account.
How can the developer design the workflow in the MOST efficient way, so all the multi-account Lambda functions get invoked when the event occurs?

Question170: An application reads data from an Amazon DynamoDB table. Several times a day, for a period of 15 seconds, the application receives multiple ProvisionedThroughputExceeded errors.
How should this exception be handled?

Question171: How can you secure data at rest on an EBS volume?

Question172: A gaming company is developing a mobile game application for iOS® and Android® platforms. This mobile game securely stores user data locally on the device. The company wants to allow users to use multiple device for the game, which requires user data synchronization across device.
Which service should be used to synchronize user data across devices without the need to create a backend application?

Question173: A developer is building an application that runs behind an application Load Balancer (ALB). The application is configured as the origin for an Amazon CloudFront distribution. Users will log in to the application using their social media accounts.
How can the developer authenticate and authorize users?

Question174: A photo sharing website gets millions of new images every week The images are stored in Amazon S3 under a formatted date prefix A developer wants to move images to a few S3 buckets for analysis and further processing Images are not required to be moved in real time What is the MOST efficient method for performing this task?