AWS Certified Developer Exam practice questions and answers

Question 1

A company uses an Amazon Aurora RDS database to support its entire AWS-based online storefront. The system must generate extensive sales reports every hour, beginning at 15 minutes past each hour. This report generation is negatively affecting the performance of the online store. What are the best two steps to take to lessen the reporting load’s effect on the main e-commerce database?

(Choose 2)

⬜ A) Direct the reporting tool to use a read-only replica.

⬜ B) Transfer the data into multiple fault-tolerant EC2 servers.

⬜ C) Implement queue-based buffering for data extraction via Amazon SQS.

⬜ D) Deploy a read replica for the Aurora RDS instance.

⬜ E) Establish an SQS queue and use it for SQS Buffering.

Question 2

Your organization wants to utilize AWS CodePipeline for automating CI/CD workflows. For enhanced security, the deployment resources are hosted in a separate AWS account. Which two steps must be taken to allow deployments from CodePipeline to target resources in the other account?

(Choose 2)

⬜ A) Establish a cross-account role that the pipeline can assume in the target account.

⬜ B) Generate an AWS KMS key and configure necessary policies for enabling cross-account access.

⬜ C) Deploy another instance of CodePipeline in the target account for referencing purposes.

⬜ D) Include the access keys and secrets directly within the pipeline’s configuration code.

Question 3

You are using AWS CodeDeploy for deploying your application. Which file is utilized to define the instructions for how CodeDeploy should deploy your application onto the target compute resources?

(Choose 1)

⬜ A) appConfig.json

⬜ B) DeploymentGroup

⬜ C) appConfig.YAML

⬜ D) appspec.yml

Question 4

As a developer, you’ve turned on server access logging for an S3 bucket hosting a static website with CSS and HTML files, totaling just 1 MB. After two weeks, you notice your bucket’s size has ballooned to 50 MB. What could best explain this unexpected increase?

(Choose 1)

⬜ A) You have set up monitoring for the bucket, causing usage growth.

⬜ B) Cross-Region Replication (CRR) is active on the bucket, which is using additional storage.

⬜ C) The bucket is storing its own access log files, leading to extra space usage.

⬜ D) Bucket-level encryption has been enabled, explaining the higher storage consumption.

Question 5

Suppose you have set up an AWS Lambda function and it is triggered through API Gateway. You want to monitor this Lambda function to determine if errors occurred during invocations and to evaluate its overall performance. Which AWS service can provide you with the detailed performance metrics and error data for your Lambda function?

(Choose 1)

⬜ A) CloudWatch

⬜ B) AWS Trusted Advisor

⬜ C) CloudTrail

⬜ D) VPC Flow Logs

Question 6

Your organization currently handles application deployments with AWS CodeDeploy. They now need to automate the creation and setup of the CodeDeploy environment itself. Which AWS service is best suited for automating these infrastructure deployments?

(Choose 1)

⬜ A) AWS CloudFormation

⬜ B) AWS Elastic Beanstalk

⬜ C) AWS Config

⬜ D) AWS CloudWatch

Question 7

Your organization is building an application that interfaces with a DynamoDB table. Due to new security policies, all stored data must now be encrypted while at rest. Which approaches allow you to meet this encryption requirement?

(Choose 2)

⬜ A) Utilize encryption managed by AWS (such as an Amazon-owned encryption key).

⬜ B) Implement encryption using an AWS Key Management Service (KMS) managed key.

⬜ C) Apply encryption with your own (client-side) keys before storing the data.

⬜ D) Modify your application to call the AWS SDK for decryption on read operations.

Question 8

Your organization intends to store confidential files in an Amazon S3 bucket. To enhance security, it is mandatory that users access the files only after providing Multi-Factor Authentication (MFA). What steps should you implement to guarantee this requirement is enforced?

(Choose 1)

⬜ A) Implement bucket encryption utilizing AWS Key Management Service (KMS) keys.

⬜ B) Create a bucket policy that denies access if the “aws:MultiFactorAuthPresent” condition evaluates to false.

⬜ C) Activate server-side encryption provided by AWS for the bucket.

⬜ D) Set up a bucket policy that restricts access when the “aws:MultiFactorAuthPresent” condition is true.

Question 9

A web application is utilizing Amazon SQS to queue messages, which are then consumed by a group of Amazon EC2 instances. After processing, the EC2 instances confirm back to the end-users. However, under heavy workload on the EC2 instances, processing is delayed and some users are receiving duplicate confirmations. Which Amazon SQS configuration adjustment would ensure that each user receives only one confirmation message?

(Choose 1)

⬜ A) Change the visibility timeout to 5 minutes by using the UpdateMessageVisibility action.

⬜ B) Adjust the visibility timeout to 2 minutes using the ChangeMessageVisibility API operation.

⬜ C) Increase the visibility timeout to 5 minutes via the ChangeMessageVisibility operation.

⬜ D) Reduce the visibility timeout to 2 minutes with the UpdateMessageVisibility action.

Question 10

You are collaborating with three other team members to develop an AWS Lambda function designed to trigger email notifications through AWS SES when a user successfully completes registration in your app. While attempting to publish a new version of this Lambda function, you encounter a 412 PreconditionFailedException. What steps should you take to effectively troubleshoot and resolve this error?

(Choose 1)

⬜ A) Minimize your Lambda function’s deployment package and attempt to publish again.

⬜ B) Invoke the GetPolicy API to retrieve the revisionId, then use it when publishing the version.

⬜ C) Make use of the GetAlias API to obtain the revisionId and try publishing with that.

⬜ D) Execute the UpdateAlias API to publish a new version by modifying a Lambda alias.