AWS-Certified-Developer-Associate Free Practice Test

- (Exam Topic 1)
When a Simple Queue Service message triggers a task that takes 5 minutes to complete, which process below will result in successful processing of the message and remove it from the queue while minimizing the chances of duplicate processing?

1. A. Retrieve the message with an increased visibility timeout, process the message, delete the message from the queue
2. B. Retrieve the message with an increased visibility timeout, delete the message from the queue, process the message
3. C. Retrieve the message with increased DelaySeconds, process the message, delete the message from the queue
4. D. Retrieve the message with increased DelaySeconds, delete the message from the queue, process the message

Correct Answer: A
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html

- (Exam Topic 1)
You run an ad-supported photo sharing website using S3 to serve photos to visitors of your site. At some point you find out that other sites have been linking to the photos on your site, causing loss to your business.
What is an effective method to mitigate this?

1. A. Store photos on an EBS volume of the web server
2. B. Remove public read access and use signed URLs with expiry dates.
3. C. Use CloudFront distributions for static content.
4. D. Block the IPs of the offending websites in Security Groups.

Correct Answer: B
https://aws.amazon.com/getting-started/projects/building-fast-session-caching-with-amazon-elasticache-for-redi

- (Exam Topic 3)
A company has a web application In an Amazon Elastic Container Service (Amazon ECS) cluster running hundreds of secure services in AWS Fargate containers. The services are in target groups routed by an Application Load Balancer (ALB) Application users log in to the website anonymously, but they must be authenticated using any OpenID Connect protocol-compatible identity provider (IdP) to access the secure services
Which authentication approach would meet these requirements with the LEAST amount of effort?

1. A. Configure the services to use Amazon Cognito.
2. B. Configure the ALB to use Amazon Cognito
3. C. Configure the services to use AWS Security Token Service (AWS STS) with the OpenID Connect IdP.
4. D. Configure the Amazon ECS cluster to use AWS Security Token Service (AWS STS) with the OpenID Connect IdP

Correct Answer: A

- (Exam Topic 3)
A company has a web application that uses an Amazon Cogmto user pool for authentication. The company wants to create a login page that includes the-company logo
What should a developer do to meet these requirements?

1. A. Create a hosted user interface (Ul) in Amazon Cognito Customize the hosted Ui with the company logo
2. B. Create a login page that includes the company log
3. C. Upload the login page to Amazon Cognito
4. D. Create a login page that includes the company logo in Amazon API Gateway Save the link in Amazon Cognito
5. E. Upload the company logo to an Amazon S3 bucket Specify the S3 object path in app client settings in Amazon Cognito

Correct Answer: B

- (Exam Topic 4)
A company is migrating a web application from on premises to AWS. The company needs to move session storage from the application code to a shared service as part of the migration. The session storage data must be encrypted at rest.
Which AWS services meet these requirements? (Choose two.)

1. A. Amazon ElastiCache for Redis
2. B. Amazon ElastiCache for Memcached
3. C. Amazon CloudWatch
4. D. AWS CloudTrail
5. E. Amazon DynamoDB

Correct Answer: AE
https://aws.amazon.com/blogs/security/amazon-elasticache-now-supports-encryption-for-elasticache-for-redis/
A) ElastiCache for Redis is always a good option as a distributed cache for session management - https://aws.amazon.com/getting-started/hands-on/building-fast-session-caching-with-amazon-elasticache-for-red
It also supports encrypt at rest - https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/at-rest-encryption.html
E) DynamoDB is also common to store session state with TTL support. And all user data stored in Amazon DynamoDB is fully encrypted at rest - https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html