EMT Practice Test

1. Question Content...


Question List

Question1: A developer is building an application that needs to store date in Amazon S3. Management requires that the data be encrypted before is it sent to Amazon S3 for storage. The encryption keys need to be managed by the security team.
Which approach should the developer take to meet these requirements?

Question2: A Developer is developing an application that manages financial transactions. To improve security, multi-factor authentication (MFA) will be required as part of the login protocol.
What services can the Developer use to meet these requirements?

Question3: You run an ad-supported photo sharing website using S3 to serve photos to visitors of your site. At some point you find out that other sites have been linking to the photos on your site, causing loss to your business.
What is an effective method to mitigate this?

Question4: A company needs to ingest terabytes of data each hour from thousands of sources that are delivered almost continually throughout the day. The volume of messages generated varies over the course of the day.
Messages must be delivered in real time for fraud detection and live operational dashboards.
Which approach will meet these requirements?

Question5: Which of the following programming languages have an officially supported AWS SDK? Choose 2 answers

Question6: Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table.
What is the most secure approach for signing requests to the DynamoDB API?

Question7: A Development team has pushed out 10 applications running on several Amazon EC2 instances. The Operations team is asking for a graphical representation of one key performance metric for each application.
These metrics should be available on one screen for easy monitoring.
Which steps should the Developer take to accomplish this using Amazon CloudWatch?

Question8: A Developer wants to encrypt new objects that are being uploaded to an Amazon S3 bucket by an application.
There must be an audit trail of who has used the key during this process. There should be no change to the performance of the application.
Which type of encryption meets these requirements?

Question9: An application is processing clickslream data using Amazon Kinesis. The clickstream data feed into Kinesis experiences periodic spikes. The PutRecords API call occasionally fails and the logs show that the failed call returns the response shown below.

Which techniques will help mitigate this exception? (Select TWO.)

Question10: An AWS Elastic Beanstalk application needs to be deployed in multiple regions and requires a different Amazon Machine Image (AMI) in each region.
Which AWS CloudFormation template key can be used to specify the correct AMI for each region?

Question11: A Developer has created a large Lambda function, and deployment is failing with the following error:
ClientError: An error occurred (InvalidParameterValueException) when calling the CreateFunction operation: Unzipped size must be smaller than XXXXXXXXX bytes', where XXXXXXXXX is the current Lambda limit What can the Developer do to fix this problem?

Question12: A developer is planning to use an Amazon API Gateway and AWS Lambda to provide a REST API The developer will have three distinct environments to manage development, test, and production. How should the application be deployed while minimizing the number of resources to manage?

Question13: A legacy service has an XML-based SOAP interface. The Developer wants to expose the functionality of the service to external clients with the Amazon API Gateway. Which technique will accomplish this?

Question14: A company runs continuous integration/continuous delivery (CI/CD) pipeline for its application on AWS CodePipeline. A developer must write unit tests and run them as part of the pipelines before staging the artifacts for testing.
How should the Developer incorporate unit tests as part of CI/CD pipeline?

Question15: Developer is creating an AWS Lambda function to process a stream of data from an Amazon Kinesis Data Stream. When the Lambda function parses the data and encounters a missing field, it exits the function with an error. The function is generating duplicate records from the Kinesis stream. When the Developer looks at the stream output without the Lambda function, there are no duplicate records.
What is the reason for the duplicates?

Question16: A Developer has created a software package to be deployed on multiple EC2 instances using IAM roles.
What actions could be performed to verify IAM access to get records from Amazon Kinesis Streams? (Select TWO.)

Question17: A company has developed a new serverless application using AWS Lambda functions that will be deployed using the AWS Serverless Application Model (AWS SAM) CLI Which step should the developer complete prior to deploying the application?

Question18: A developer has designed a customer, facing application that is running on an Amazon EC2 instance. The application logs every request made to it. The application usually runs seamlessly, but a spike in traffic generates several logs that cause the disk to fill up and eventually run out of memory Company policy requires old to be centralized for analysis.
Which long-term solution should the developer employ to prevent the issue from reoccurring?

Question19: A Developer must encrypt a 100-GB object using AWS KMS.
What is the BEST approach?

Question20: An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C.
What is the MOST secure way to allow the application to call AWS services in each audited account?

Question21: A front-end web application is using Amazon Cognito user pools to handle the user authentication flow. A developer is integrating Amazon DynamoDB into the application using the AWS SDK for JavaScript How would the developer securely call the API without exposing the access or secret keys?

Question22: When a Simple Queue Service message triggers a task that takes 5 minutes to complete, which process below will result in successful processing of the message and remove it from the queue while minimizing the chances of duplicate processing?

Question23: A developer is building a highly secure healthcare application using .. application requires writing temporary data to /tmp storage on an AWS Lambda function.
How should the developer encrypt this data?

Question24: A Developer must re-implement the business logic for an order fulfilment system. The business logic has to make requests to multiple vendors to decide where to purchase an item. The whole process can take up to a week to complete.
What is the MOST efficient and SIMPLEST way to implement a system that meets these requirements?

Question25: A developer must ensure that the IAM credentials used by an application in Amazon EC2 are not misused or compromised What should the developer use to keep user credentials secure?

Question26: A company is launching an ecommerce website and will host the static data in Amazon S3. The company expects approximately 1 000 transactions per second (TPS) for GET and PUT requests in total. Logging must be enabled to track all requests and must be retained for auditing purposes.
What is the MOST cost-effective solution?

Question27: An application uses Amazon Kinesis Data Streams to ingest and process large streams of data records in real time. Amazon EC2 instances consume and process the data from the shards of the Kinesis data stream by using Amazon Kinesis Client Library (KCL). The application handles the failure scenarios and does not require standby workers. The application reports that a specific shard is receiving more data than expected. To adapt to the chnages in the rate of data flow, the "hot" shard is resharded.
Assuming that the initial number of shards in the Kinesis data stream is 4, and after resharding the number of shards increased to 6, what is the maximum number of EC2 instances that can be deployed to process data from all the shards?

Question28: Company D is running their corporate website on Amazon S3 accessed from http//www.companyd.com. Their marketing team has published new web fonts to a separate S3 bucket accessed by the S3 endpoint
https://s3-us-west-1.amazonaws.com/cdfonts. While testing the new web fonts, Company D recognized the web fonts are being blocked by the browser.
What should Company D do to prevent the web fonts from being blocked by the browser?

Question29: An on-premises legacy application is caching data files locally and writing shared images to local disks.
What is necessary to allow for horizontal scaling when migrating the application to AWS?

Question30: A company process incoming documents from an Amazon S3 bucket. Users upload documents to an S3 bucket using a web user interface. Upon receiving files in S3, and AWS Lambda function is invoked to process the files, but the Lambda function times out intermittently.
If the Lambda function is configured with the default settings, what will happen to the S3 event when there is a timeout exception?

Question31: A company has a web application In an Amazon Elastic Container Service (Amazon ECS) cluster running hundreds of secure services in AWS Fargate containers. The services are in target groups routed by an Application Load Balancer (ALB) Application users log in to the website anonymously, but they must be authenticated using any OpenID Connect protocol-compatible identity provider (IdP) to access the secure services Which authentication approach would meet these requirements with the LEAST amount of effort?

Question32: A gaming application stores scores for players in an Amazon DynamoDB table that has four attributes user_id, user_name, user_score, and user_rank. The users are allowed to update their names only A user is authenticated by web identity federation.
Which set of conditions should be added in the policy attached to the role for the dynamodb Putltem API call?
A)
B)

C)

D)

Question33: According to best practice, how should access keys be managed in AWS? (Choose two.)

Question34: A photo sharing website gets millions of new images every week The images are stored in Amazon S3 under a formatted date prefix A developer wants to move images to a few S3 buckets for analysis and further processing Images are not required to be moved in real time What is the MOST efficient method for performing this task?

Question35: A company is running an application built on AWS Lambda functions. One Lambda function has performance issues when it has to download a 50MB file from the Internet in every execution. This function is called multiple times a second.
What solution would give the BEST performance increase?

Question36: A developer has created a REST API using Amazon API Gateway. The developer wants to log who and how each caller accesses the API. The developer also wants to control how long the logs are kept What should the developer do to meet these requirements?

Question37: How does Envelope Encryption work in AWS KMS?

Question38: An application running on EC2 instances is storing data in an S3 bucket. Security policy mandates that all data must be encrypted in transit.
How can the Developer ensure that all traffic to the S3 bucket is encrypted?

Question39: Which of the following are correct statements with policy evaluation logic in AWS Identity and Access Management? Choose 2 answers

Question40: A company needs a version control system for collaborative software development. Features of the system must include the following:
* Support for batches of changes across multiple files
* Parallel branching
* Version tracking
Which AWS service will meet these requirements?

Question41: An e-commerce site allows returning users to log in to display customized web pages. The workflow is shown in the image below:

An application is running on EC2 instances. Amazon RDS is used for the database that stores user accounts and preferences. The website freezes or is slow to load while waiting for the login step to complete. The remaining components of the site are well-optimized.
Which of the following techniques will resolve this issue? (Select Two.)

Question42: An application writes items to an Amazon DynamoDB table. As the application scales to thousands of instances, calls to the DynamoDB API generate occasional ThrottlingException errors. The application is coded in a language incompatible with the AWS SDK.
How should the error be handled?

Question43: The release process workflow of an application requires a manual approval before the code is deployed into the production environment.
What is the BEST way to achieve this using AWS CodePipeline?

Question44: A Developer is designing a new application that uses Amazon S3. To satisfy compliance requirements, the Developer must encrypt the data at rest.
How can the Developer accomplish this?

Question45: A developer has code stored in an Amazon S3 bucket The code must be deployed as an AWS Lambda function across multiple accounts in the same Region as the S3 bucket The Lambda function will be deployed using an AWS CloudFormation template that is run for each account What is the MOST secure approach to allow access to the Lambda code in the S3 bucket?

Question46: An application overwrites an object in Amazon S3, and then immediately reads the same object. Why would the application sometimes retrieve the old version of the object?

Question47: A Developer created a dashboard for an application using Amazon API Gateway, Amazon S3, AWS Lambda, and Amazon RDS. The Developer needs an authentication mechanism allowing a user to sign in and view the dashboard. It must be accessible from mobile applications, desktops, and tablets, and must remember user preferences across platforms.
Which AWS service should the Developer use to support this authentication scenario?

Question48: A large company has its application components distributed across.. company needs to collect and visualize trace data across these accounts.
What should be used to meet these requirements?

Question49: An application is using Amazon DynamoDB as its data store, and should be able to read 100 items per second as strongly consistent reads. Each item is 5 KB in size.
To what value should the table's provisioned read throughput be set?

Question50: A company wants to containerize an existing three-tier web application and deploy it to Amazon ECS Fargate.
The application is using session data to keep track of user activities.
Which approach would provide the BEST user experience?

Question51: A company is running a custom application on a set of on-premises Linux servers that are accessed using Amazon API Gateway. AWS X-Ray tracing has been enabled on the API test stage How can a developer enable X-Ray tracing on the on-premises servers with the LEAST amount of configuration''

Question52: An application runs on multiple EC2 instances behind an ELB.
Where is the session data best written so that it can be served reliably across multiple requests?

Question53: You are writing to a DynamoDB table and receive the following exception:" ProvisionedThroughputExceededException". though according to your Cloudwatch metrics for the table, you are not exceeding your provisioned throughput.
What could be an explanation for this?

Question54: A Developer is asked to implement a caching layer in front of Amazon RDS. Cached content is expensive to regenerate in case of service failure. Which implementation below would work while maintaining maximum uptime?

Question55: A development team is using AWS Elastic Beanstalk to deploy a two-tier application that consists of a load-balanced web tier and an Amazon RDS database tier in production. The team would like to separate the RDS instance from the Elastic Beanstalk.
How can this be accomplished?

Question56: A developer is writing an application in AWS Lambda To simplify testing and deployments, the developer needs the database connection string to be easily changed without modifying the Lambda code.
How can this requirement be met?

Question57: A Development team is working on a case management solution that allows medical claims to be processed and reviewed. Users log in to provide information related to their medical and financial situations.
As part of the application, sensitive documents such as medical records, medical imaging, bank statements, and receipts are uploaded to Amazon S3. All documents must be securely transmitted and stored. All access to the documents must be recorded for auditing.
What is the MOST secure approach?

Question58: A Developer is creating a serverless website with content that includes HTML files, images, videos, and JavaScript (client-side scripts).
Which combination of services should the Developer use to create the website?

Question59: A developer is using Amazon DynamoDB to store application data . The developer wants to further improve application performance by reducing response limes for read and write operations.
Which DynamoDB feature should be used to meet these requirement?

Question60: A developer is writing an AWS Lambda function. The developer wants to log key events that occur during the Lambda function and include a unique identifier to associate the events with a specific function invocation Which of the following will help the developer accomplish this objective?

Question61: Which of the following statements about SQS is true?

Question62: A static website is hosted in an Amazon S3 bucket. Several HTML pages on the site use JavaScript to download images from another Amazon S3 bucket. These images are not displayed when users browse the site.
What is the possible cause for the issue?

Question63: A developer works in an environment with multiple AWS accounts that have AWS Lambda functions processing the same 100 KB payloads. The developer wants to centralize the point of origin of the payloads to one account and have all the Lambda functions be invoked whenever the initiating event occurs in the parent account.
How can the developer design the workflow in the MOST efficient way, so all the multi-account Lambda functions get invoked when the event occurs?

Question64: A Developer wants to debug an application by searching and filtering log data. The application logs are stored in Amazon CloudWatch Logs. The Developer creates a new metric filter to count exceptions in the application logs. However, no results are returned from the logs.
What is the reason that no filtered results are being returned?

Question65: EC2 instances are launched from Amazon Machine images (AMIs). A given public AMI can:

Question66: A developer converted an existing program to an AWS Lambda function in the console. The program runs properly on a local laptop, but shows an "Unable to import module" error when tested in the Lambda console Which of the following can fix the error?

Question67: A developer must build a mobile application that allows users to read and write data from an Amazon DynamoDB table to store user state for each unique user. The solution needs to limit data access to allow users access only to their own data Which solution below is the most secure?

Question68: A Developer has written a serverless application using multiple AWS services. The business logic is written as a Lambda function which has dependencies on third-party libraries. The Lambda function endpoints will be exposed using Amazon API Gateway. The Lambda function will write the information to Amazon DynamoDB.
The Developer is ready to deploy the application but must have the ability to rollback. How can this deployment be automated, based on these requirements?

Question69: An application running on Amazon EC2 opens connections to an Amazon RDS SQL Server database The developer does not want to store the user name and password for the database in the code. The developer would also like to automatically rotate the credentials.
What is the MOST secure way to store and access the database credentials?

Question70: How is provisioned throughput affected by the chosen consistency model when reading data from a DynamoDB table?

Question71: An organization is using Amazon CloudFront to ensure that its users experience low-latency access to its web application. The organization has identified a need to encrypt all traffic between users and CloudFront, and all traffic between CloudFront and the web application.
How can these requirements be met? (Choose two.)

Question72: An application contains two components one component to handle HI IP requests, and another component to handle background processing tasks Bach component must scale independently The developer wants to deploy this application using AWS Elastic Beanstalk.
How should this application be deployed, based on these requirements?

Question73: Company B provides an online image recognition service and utilizes SQS to decouple system components for scalability The SQS consumers poll the imaging queue as often as possible to keep end-to-end throughput as high as possible. However, Company B is realizing that polling in tight loops is burning CPU cycles and increasing costs with empty responses.
How can Company B reduce the number of empty responses?

Question74: A large e-commerce site is being designed to deliver static objects from Amazon S3. The Amazon S3 bucket wills server more than 300 GET requests per second. What should be done to optimize performance? (Select TWO.)

Question75: An application takes 40 seconds to process instructions received in an Amazon SQS message.
Assuming the SQS queue is configured with the default VisibilityTimeout value, what is the BEST way, upon receiving a message, to ensure that no other instances can retrieve a message that has already been processed or is currently being processed?

Question76: A Developer is writing an application that runs on Amazon EC2 instances in an Auto scaling group. The application data is stored in an Amazon DynamoDB table and records are constantly updated by all instances.
An instance sometimes retrieves old data. The Developer wants to correct this by making sure the reads are strongly consistent.
How can the developer accomplish this?

Question77: An e-commerce web application that shares session state on-premises is being migrated to AWS. The application must be fault tolerant, natively highly scalable, and any service interruption should not affect the user experience.
What is the best option to store the session state?

Question78: A Developer has created a Lambda function and is finding that the function is taking longer to complete than expected. After some debugging, the Developer has discovered that increasing compute capacity would improve performance.
How can the Developer increase the Lambda compute resources?

Question79: An AWS Lambda function generates a 3MB JSON file and then uploads it to an Amazon S3 bucket daily. The file contains sensitive information, so the Developer must ensure that it is encrypted before uploading to the bucket.
Which of the following modifications should the Developer make to ensure that the data is encrypted before uploading it to the bucket?

Question80: A developer is leveraging a Border Gateway Protocol (BGP)-based AWS VPN connection to connect from on-premises to Amazon EC2 instances in the developer's account The developer is able to access an EC2 instance in subnet A, but is unable to access an EC2 instance in subnet B in the same VPC Which logs can the developer use to verify whether the traffic is reaching subnet B?

Question81: A developer is building an application on Amazon EC2 The developer encountered an "Access Denied" error on some of the API calls to AWS services while testing The developer needs to modify permissions that have been already given to the instance How can these requirements be met with minimal changes and minimum downtime?

Question82: A developer implemented a static website hosted in Amazon S3 that makes web service requests hosted in Amazon API Gateway AWS Lambda. The site is showing an error that reads
"No ' Access-Control-Allow Origin' header is present on the requested resource Origin 'null' is therefore not allowed access " What should the developer do to resolve this issue?

Question83: A company wants to implement a continuous integration for its workloads on AWS. The company wants to trigger unit test in its pipeline for commits-on its code repository, and wants to be notified of failure events in the pipeline.
How can these requirements be met?

Question84: A company is using AWS CodeBuild to compile a website from source code stored in AWS CodeCommit. A recent change to the source code has resulted in the CodeBuild project being unable to successfully compile the website.
How should the Developer identify the cause of the failures?

Question85: How should custom libraries be utilized in AWS Lambda?

Question86: A developer is creating a new application that will be accessed by users through an API created using Amazon API Gateway The users need to be authenticated by a third-party Security Assertion Markup Language (SAML) identity provider Once authenticated, users will need access to other AWS services such as Amazon S3 and Amazon DynamoDB How can these requirements be met?

Question87: A development team is working on a mobile app that allows users to upload pictures to Amazon S3 The team expects the app will be used by hundreds of thousands of users during a single event simultaneously Once the pictures are uploaded, the backend service will scan and parse the pictures for inappropriate content.
Which approach is the MOST resilient way to achieve this goal which also smooths out temporary volume spikes for the backend service?

Question88: A company runs its APIs using Amazon API Gateway in front of AWS Lambda functions The company wants to add logging at the API level Each API must have production and development environments The developer wants to enable different logging levels in both environments How can these requirements be met?

Question89: A developer is building an application that reads 90 Items of data each second from an Amazon DynamoDB table. Each item Is 3 KB m size. The table is configured to use eventually consistent reads How many read capacity units should the developer provision for the table?

Question90: A Developer created configuration specifications for an AWS Elastic Beanstalk application in a file named healthcheckurl.yaml in the .ebextensions/directory of their application source bundle. The file contains the following:

After the application launches, the health check is not being run on the correct path, event though it is valid.
What can be done to correct this configuration file?

Question91: A customer wants to deploy its source code on an AWS Elastic Beanstalk environment. The customer needs to perform deployment with minimal outage and should only use existing instances to retain application access log.
What deployment policy would satisfy these requirements?

Question92: A developer registered an AWS Lambda function as a target for an Application Load Balancer (ALB) using a CLI command. However, the Lambda function is not being invoked when the client sends requests through the ALB.
Why is the Lambda function not being invoked?

Question93: A Developer is creating a Lambda function that will generate and export a file. The function requires 100 MB of temporary storage for temporary files while executing. These files will not be needed after the function is complete.
How can the Developer MOST efficiently handle the temporary files?

Question94: A developer is creating a script to automate the deployment process for a serverless application. The developer wants to use an existing AWS Serverless Application Model (AWS SAM) template for the application What should the developer use for the project? (Select TWO)

Question95: A developer is testing a Docker-based application that uses the AWS SDK to interact with Amazon DynamoDB In the local development environment, the application has used IAM access keys The application is now ready for deployment onto an ECS duster.
How should the application authenticate with AWS services in production?

Question96: A developer wants to send multi-value headers to an AWS Lambda function that is registered as a target with an Application Load Balancer (ALB).
What should the developer do to achieve this?

Question97: An application is designed to use Amazon SQS to manage messages from many independent senders. Each sender's messages must be processed in the order they are received.
Which SQS feature should be implemented by the Developer?

Question98: A company recently migrated its web, application and NoSQL database tiers to AWS. The company is using Auto Scaling to scale the web and application tiers. More than 95 percent of the Amazon DynamoDB requests are repeated read-requests.
How can the DynamoDB NoSQL tier be scaled up to cache these repeated requests?

Question99: What is one key difference between an Amazon EBS-backed and an instance-store backed instance?

Question100: In a multi-container Docker environment in AWS Elastic Beanstalk, what is required to configure container instances in the environment?

Question101: A developer has created a new AWS IAM user that has s3 putobject permission to write to a specific Amazon bucket. This S3 bucket uses server-side encryption with AWS KMS managed keys (SEE-KMS) as the encryption. Using the access key and secret key of the IAM user, the application received an access denied error when calling the PutObject API.
How can this issue be resolved?

Question102: An Amazon RDS database instance is used by many applications to look up historical data. The query rate is relatively constant. When the historical data is updated each day, the resulting write traffic slows the read query performance and affects all application users.
What can be done to eliminate the performance impact on application users?

Question103: A web application is using Amazon Kinesis Streams for clickstream data that may not be consumed for up to
12 hours.
How can the Developer implement encryption at rest for data within the Kinesis Streams?

Question104: A developer is preparing a deployment package using AWS Cloud Formation. The package consists of two separate templates: one for the infrastructure and one for the application. The application has to be inside the VPC that is created from the infrastructure template How can the application stack refer to the VPC created from the infrastructure template?

Question105: A company is using Amazon API Gateway to manage its public-facing API. The CISO requires that the APIs be used by test account users only. What is the MOST secure way to restrict API access to users of this particular AWS account?

Question106: A Developer is publishing critical log data to a log group in Amazon CloudWatch Lops, which was created 2 months ago. The Developer must encrypt the log data using an AWS KMS customer master key (CMK) so future data can be encrypted to comply with me company's security policy How can the Developer meet this requirement?

Question107: What item operation allows the retrieval of multiple items from a DynamoDB table in a single API call?

Question108: A developer wants the ability to roll back to a previous version of an AWS Lambda function in the event of errors caused by a new deployment.
How can the developer achieve this with MINIMAL impact on users?

Question109: An Amazon DynamoDB table uses a Global Secondary Index (GSI) to support read queries. The primary table is write-heavy, whereas the GSI is used for read operations. Looking at Amazon CloudWatch metrics, the Developer notices that write operations to the primary table are throttled frequently under heavy write activity.
However, write capacity units to the primary table are available and not fully consumed.
Why is the table being throttled?

Question110: An application deployed on AWS Elastic Beanstalk experiences increased error rates during deployments of new application versions, resulting in service degradation for users. The Development team believes that this is because of the reduction in capacity during the deployment steps. The team would like to change the deployment policy configuration of the environment to an option that maintains full capacity during deployment while using the existing instances.
Which deployment policy will meet these requirements while using the existing instances?

Question111: A Developer is building a web application that uses Amazon API Gateway to expose an AWS Lambda function to process requests from clients. During testing, the Developer notices that the API Gateway times out even though the Lambda function finishes under the set time limit.
Which of the following API Gateway metrics in Amazon CloudWatch can help the Developer troubleshoot the issue? (Choose two.)

Question112: A company is adding stored value for gift card) capability to its highly popular casual gaming website. Users need to be able to trade this value for other users' items on the platform. This would require both users' records be updated as a single transaction, or both users' records to be completely rolled back.
Which AWS database options can provide the transactional capability required for this new feature? (Select TWO )

Question113: A developer is designing a distributed application built using a microservices architect spanning multiple AWS accounts. The company's operations team wants to analyze and debug application issues from a centralized account.
How can the developer meet these requirements?

Question114: Company C has recently launched an online commerce site for bicycles on AWS. They have a "Product" DynamoDB table that stores details for each bicycle, such as, manufacturer, color, price, quantity and size to display in the online store. Due to customer demand, they want to include an image for each bicycle along with the existing details.
Which approach below provides the least impact to provisioned throughput on the "Product" table?

Question115: A company is developing an application that will run on several Amazon EC2 instances in an Auto Scaling group and can access a database running on Amazon EC2. The application needs to store secrets required to connect to the database. The application must allow for periodic secret rotation, and there should be no changes to the application when a secret changes.
What is the SAFEST way to meet these requirements?

Question116: A Developer created a new AWS account and must create a scalable AWS Lambda function that meets the following requirements for concurrent execution:
* Average execution time of 100 seconds
* 50 requests per second
Which step must be taken prior to deployment to prevent errors?

Question117: A developer uses Amazon S3 buckets for static website hosting. The developer creates one S3 bucket for the code and another S3 bucket for the assets, such as image and video files. Access is denied when a user attempts to access the assets bucket from the code bucket, with the website application showing a 403 error How should the developer solve this issue?

Question118: A developer is provided with an HTTPS clone URL for an AWS CodeCommit repository.
What needs to be configured before cloning this repository?

Question119: A developer is migrating code to an AWS Lambda function that will access an Amazon Aurora MySQL database.
What is the MOST secure way to authenticate the function to the database?

Question120: A Developer created a Lambda function for a web application backend. When testing the Lambda function from the AWS Lambda console, the Developer can see that the function is being executed, but there is no log data being generated in Amazon CloudWatch Logs, even after several minutes.
What could cause this situation?

Question121: A Developer accesses AWS CodeCommit over SSH. The SSH keys configured to access AWS CodeCommit are tied to a user with the following permissions:

The Developer needs to create/delete branches.
Which specific IAM permissions need to be added, based on the principle of least privilege?

Question122: A developer has written an Amazon kinesis Data streams application. As usage grows and traffic over time, the application is regularly receiving provisionedThroughputExceededException error messages.
Which steps should the Developer take to resolve the error? (Select Two.)

Question123: An IAM role is attached to an Amazon EC2 instance that explicitly denies access to all Amazon S3 API actions. The EC2 instance credentials file specifies the IAM access key and secret access key, which allow full administrative access.
Given that multiple modes of IAM access are present for this EC2 instance, which of the following is correct?

Question124: A company has three different environments: Development, QA, and Production. The company wants to deploy its code first in the Development environment, then QA, and then Production.
Which AWS service can be used to meet this requirement?

Question125: A company has a web application that uses an Amazon Cognito user pool for authentication. The company wants to create a login page with the company logo. What should a developer do to meet these requirements?

Question126: A company wants to implement authentication for its new REST service using Amazon API Gateway. To authenticate the calls, each request must include HTTP headers with a client ID and user ID. These credentials must be compared to authentication data in an Amazon DynamoDB table.
What MUST the company do to implement this authentication in API Gateway?

Question127: A developer must modify an Alexa skill backed by an AWS Lambda function to access an Amazon DynamoDB table in a second account A role in the second account has been created with permissions to access the table How should the table be accessed?

Question128: A Developer decides lo store highly secure data in Amazon S3 and wants to implement server-side encryption (SSF) with granular control of who can access the master key Company policy requires that the master key be created, rotated, and disabled easily when needed, all for security reasons.
Which solution should be used to moot these requirements?

Question129: Amazon S3 has the following structure: S3://BUCKET/FOLDERNAME/FILENAME.zip Which S3 best practice would optimize performance with thousands of PUT request each second to a single bucket?

Question130: A company runs an e-commerce website that uses Amazon DynamoDB where pricing for items is dynamically updated in real time. At any given time, multiple updates may occur simultaneously for pricing information on a particular product. This is causing the original editor's changes to be overwritten without a proper review process.
Which DynamoDB write option should be selected to prevent this overwriting?

Question131: A company is launching a poling application. The application will store the results of each pool an Amazon DynamoDB table. Management wants to remove pool data after a few data and store an archive of those records in Amazon S3.
Which approach would allow the application to archive each poll's data while keeping complexity to a MINIMUM?

Question132: An on-premises application is implemented using a Linux, Apache, MySQL and PHP (LAMP) stack. The Developer wants to run this application in AWS.
Which of the following sets of AWS services can be used to run this stack?

Question133: An application stores images in an S3 bucket. Amazon S3 event notifications are used to trigger a Lambda function that resizes the images. Processing each image takes less than a second.
How will AWS Lambda handle the additional traffic?

Question134: An application has hundreds of users. Each user may use multiple devices to access the application. The Developer wants to assign unique identifiers to these users regardless of the device they use.
Which of the following methods should be used to obtain unique identifiers?

Question135: A company is developing an application that will be accessed through the Amazon API Gateway REST API Registered users should be the only ones who can access certain resources of this API. The token being used should expire automatically and needs to be refreshed periodically.
How can a developer meet these requirements'?

Question136: A Developer has been asked to make changes to the source code of an AWS Lambda function. The function is managed using an AWS CloudFormation template. The template is configured to load the source code from an Amazon S3 bucket. The Developer manually created a .ZIP file deployment package containing the changes and put the file into the correct location on Amazon S3. When the function is invoked, the code changes have not been applied.
What step is required to update the function with the changes?

Question137: An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket. Which service would BEST accomplish this task?

Question138: A software engineer developed an AWS Lambda function in Node.js to do some CPU-intensive data processing. With the default settings, the Lambda function takes about 5 minutes to complete.
Which approach should a developer take to increase the speed of completion''

Question139: A Developer is making changes to a custom application that is currently using AWS Elastic Beanstalk.
After the Developer completes the changes, what solutions will update the Elastic Beanstalk environment with the new application version? (Choose two.)

Question140: A developer is building an application integrating an Amazon API Gateway with an AWS Lambda function.
When calling the API, the developer receives the following error. Wed Nov 03 01:13:00 UTC 2017 : Method completed with status: 502 What should the developer do to resolve the error?

Question141: A company is building a compute-intensive application that will run on a fleet of Amazon EC2 instances. The application uses attached Amazon EBS disks for storing data. The application will process sensitive information and all the data must be encrypted.
What should a developer do to ensure the data is encrypted on disk without impacting performance?

Question142: A meteorological system monitors 600 temperature gauges, obtaining temperature samples every minute and saving each sample to a DynamoDB table. Each sample involves writing 1K of data and the writes are evenly distributed over time.
How much write throughput is required for the target table?

Question143: After installing the AWS CLI, a Developer tries to run the command aws configure but receives the following error:
Error: aws: command not found
What is the most likely cause of this error?

Question144: An application on AWS is using third-party APIs. The Developer needs to monitor API errors in the code, and wants to receive notifications if failures go above a set threshold value.
How can the Developer achieve these requirements?

Question145: A company developed a set of APIs that are being served through the Amazon API Gateway. The API calls need to be authenticated based on OpenID identity providers such as Amazon or Facebook. The APIs should allow access based on a custom authorization model.
Which is the simplest and MOST secure design to use to build an authentication and authorization model for the APIs?

Question146: A company has a website that is developed in PHP and WordPress and is launched using AWS Elastic Beanstalk. There is a new version of the website that needs to be deployed in the Elastic Beanstalk environment. The company cannot tolerate having the website offline if an update fails. Deployments must have minimal impact and rollback as soon as possible.
What deployment method should be used?