AWS-Certified-Developer-Associate Free Practice Test

- (Exam Topic 2)
A Developer is storing sensitive documents in Amazon S3 that will require encryption at rest. The encryption keys must be rotated annually, at least.
What is the easiest way to achieve this?

1. A. Encrypt the data before sending it to Amazon S3
2. B. Import a custom key into AWS KMS with annual rotation enabled
3. C. Use AWS KMS with automatic key rotation
4. D. Export a key from AWS KMS to encrypt the data

Correct Answer: C
https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
You can use the same techniques to view and manage the CMKs in your custom key store that you use for CMKs in the AWS KMS key store. You can control access with IAM and key policies, create tags and aliases, enable and disable the CMKs, and schedule key deletion. You can use the CMKs for cryptographic operations and use them with AWS services that integrate with AWS KMS. However, you cannot enable automatic key rotation and you cannot import key material into a CMK in a custom key store.
Q: Can I rotate my keys? Yes. You can choose to have AWS KMS automatically rotate CMKs every year, provided that those keys were generated within AWS KMS HSMs. Automatic key rotation is not supported for imported keys, asymmetric keys, or keys generated in an AWS CloudHSM cluster using the AWS KMS custom key store feature. If you choose to import keys to AWS KMS or asymmetric keys or use a custom key store, you can manually rotate them by creating a new CMK and mapping an existing key alias from the old CMK to the new CMK. https://aws.amazon.com/kms/faqs/

- (Exam Topic 1)
Which code snippet below returns the URL of a load balanced web site created in CloudFormation with an AWS::ElasticLoadBalancing::LoadBalancer resource name "ElasticLoad Balancer"?

1. A. "Fn::Join" : ["". [ "http://", {"Fn::GetAtr” : [ "ElasticLoadBalancer","DNSName"]}]]
2. B. "Fn::Join" : ["". [ "http://", {"Fn::GetAtr” : [ "ElasticLoadBalancer","Url"]}]]
3. C. "Fn::Join" : ["". [ "http://", {"Ref" : "ElasticLoadBalancerUrl"}]]
4. D. "Fn::Join" : [".", [ "http://", {"Ref" : "ElasticLoadBalancerDNSName"}]]

Correct Answer: A
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html

- (Exam Topic 3)
When using the AWS Encryption SDK now does the developer keep track of the data encryption keys used to encrypt data?

1. A. The developer must manually Keep track of the data encryption keys used for each data object
2. B. The SDK encrypts the data encryption key and stores it (encrypted) as part of the returned ciphertext
3. C. The SDK stores the data encryption keys automatically m Amazon S3
4. D. The data encryption key is stored in the userdata for the EC2 instance

Correct Answer: B

- (Exam Topic 1)
A Developer is building a mobile application and needs any update to user profile data to be pushed to all devices accessing the specific identity. The Developer does not want to manage a back end to maintain the user profile data.
What is the MOST efficient way for the Developer to achieve these requirements using Amazon Cognito?

1. A. Use Cognito federated identities.
2. B. Use a Cognito user pool.
3. C. Use Cognito Sync.
4. D. Use Cognito events.

Correct Answer: C
Amazon Cognito Sync is an AWS service and client library that enables cross-device syncing of application-related user data. You can use it to synchronize user profile data across mobile devices and the web without requiring your own backend. https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-sync.html

- (Exam Topic 4)
What are the MINIMUM properties required in the resources section of the AppSpace file for CodeDeploy to deploy the ECS service successfully?

1. A. name, alias, currentversion, and targetversion
2. B. TaskDefinition, ContainerName, and PlartformVersion
3. C. TaskDefinitionContainerName, ContainerPort
4. D. name, Currentversion, NetworkConfiguration, and Platform Version

Correct Answer: A