AWS-Certified-Developer-Associate Free Practice Test

- (Exam Topic 2)
An organization is using Amazon CloudFront to ensure that its users experience low-latency access to its web application. The organization has identified a need to encrypt all traffic between users and CloudFront, and all traffic between CloudFront and the web application.
How can these requirements be met? (Choose two.)

1. A. Use AWS KMS to encrypt traffic between CloudFront and the web application.
2. B. Set the Origin Protocol Policy to “HTTPS Only”.
3. C. Set the Origin’s HTTP Port to 443.
4. D. Set the Viewer Protocol Policy to “HTTPS Only” or “Redirect HTTP to HTTPS”.
5. E. Enable the CloudFront option Restrict Viewer Access.

Correct Answer: AB
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.htm https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-cloudfront-to-custom-origi

- (Exam Topic 3)
A developer from AnyCompany's AWS account needs access to the Example Corp AWS account AnyCompany uses an identity provider that is compatible with OpenID Connect.
What is the MOST secure way for Example Corp to allow developer access?

1. A. Create a cross-account role and call the AssumeRole API operation
2. B. Create a user in the Example Corp account and provide the access keys
3. C. Create a user in the Example Corp account and provide the credentials
4. D. Create a cross-account role and call the AssumeRoleWithWebldentity API operation

Correct Answer: B

- (Exam Topic 4)
A company has a front-end application that runs on four Amazon EC2 instances behind an Elastic Load Balancer (ELB) in a production environment that is provisioned by AWS Elastic Beanstalk. A developer needs to deploy and test new application code while updating the Elastic Beanstalk platform from the current version to a newer version of Node.js. The solution must result in zero downtime for the application.
Which solution meets these requirements?

1. A. Clone the production environment to a different platform versio
2. B. Deploy the new application code, and test i
3. C. Swap the environment URLs upon verification.
4. D. Deploy the new application code in an all-at-once deployment to the existing EC2 instance
5. E. Test the cod
6. F. Redeploy the previous code if verification fails.
7. G. Perform an immutable update to deploy the new application code to new EC2 instance
8. H. Serve traffic to the new instances after they pass health checks
9. I. Use a rolling deployment for the new application cod
10. J. Apply the code to a subset of EC2 instances until the tests pas
11. K. Redeploy the previous code if the tests fail.

Correct Answer: D

- (Exam Topic 3)
A developer is writing an AWS Lambda function. The developer wants to log key events that occur during the Lambda function and include a unique identifier to associate the events with a specific function invocation.
Which of the following will help the developer accomplish this objective?

1. A. Obtain the request identifier from the Lambda context object Architect the application to write logs to the console.
2. B. Obtain the request identifier from the Lambda event object Architect the application to write logs to a file
3. C. Obtain the request identifier from the Lambda event object Architect the application to write logs to the console
4. D. Obtain the request identifier from the Lambda context object Architect the application to write logs to a file.

Correct Answer: A

- (Exam Topic 4)
A developer designed an application on an Amazon EC2 instance. The application makes API requests to objects in an Amazon S3 bucket. Which combination of steps will ensure that the application makes the API requests in the MOST secure manner? (Select TWO.)

1. A. Create an IAM user that has permissions to the S3 bucke
2. B. Add the user to an 1AM group.
3. C. Create an IAM role that has permissions to the S3 bucket.
4. D. Add the IAM role to an instance profil
5. E. Attach the instance profile to the EC2 instance.
6. F. Create an IAM role that has permissions to the S3 bucke
7. G. Assign the role to an 1AM group.
8. H. Store the credentials of the 1AM user in the environment variables on the EC2 instance.

Correct Answer: BC