amazon aws certified developer - associate dva-c02 practice test
Last exam update: Nov 07 ,2025
Page 1 out of 42. Viewing questions 1-10 out of 414
Question 1
A developer migrated a legacy application to an AWS Lambda function. The function uses a third-party service to pull data with a series of API calls at the end of each month. The function then processes the data to generate the monthly reports. The function has been working with no issues so far.
The third-party service recently issued a restriction to allow a fixed number of API calls each minute and each day. If the API calls exceed the limit for each minute or each day, then the service will produce errors. The API also provides the minute limit and daily limit in the response header. This restriction might extend the overall process to multiple days because the process is consuming more API calls than the available limit.
What is the MOST operationally efficient way to refactor the serverless application to accommodate this change?
A.
Use an AWS Step Functions state machine to monitor API failures. Use the Wait state to delay calling the Lambda function.
B.
Use an Amazon Simple Queue Service (Amazon SQS) queue to hold the API calls. Configure the Lambda function to poll the queue within the API threshold limits.
C.
Use an Amazon CloudWatch Logs metric to count the number of API calls. Configure an Amazon CloudWatch alarm that stops the currently running instance of the Lambda function when the metric exceeds the API threshold limits.
D.
Use Amazon Kinesis Data Firehose to batch the API calls and deliver them to an Amazon S3 bucket with an event notification to invoke the Lambda function.
Answer:
b
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
A company is hosting a workshop for external users and wants to share the reference documents with the external users for 7 days. The company stores the reference documents in an Amazon S3 bucket that the company owns.
What is the MOST secure way to share the documents with the external users?
A.
Use S3 presigned URLs to share the documents with the external users. Set an expiration time of 7 days.
B.
Move the documents to an Amazon WorkDocs folder. Share the links of the WorkDocs folder with the external users.
C.
Create temporary IAM users that have read-only access to the S3 bucket. Share the access keys with the external users. Expire the credentials after 7 days.
D.
Create a role that has read-only access to the S3 bucket. Share the Amazon Resource Name (ARN) of this role with the external users.
Answer:
a
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
A company is building a microservices application that consists of many AWS Lambda functions. The development team wants to use AWS Serverless Application Model (AWS SAM) templates to automatically test the Lambda functions. The development team plans to test a small percentage of traffic that is directed to new updates before the team commits to a full deployment of the application.
Which combination of steps will meet these requirements in the MOST operationally efficient way? (Choose two.)
A.
Use AWS SAM CLI commands in AWS CodeDeploy to invoke the Lambda functions to test the deployment.
B.
Declare the EventInvokeConfig on the Lambda functions in the AWS SAM templates with OnSuccess and OnFailure configurations.
C.
Enable gradual deployments through AWS SAM templates.
D.
Set the deployment preference type to Canary10Percent30Minutes. Use hooks to test the deployment.
E.
Set the deployment preference type to Linear10PercentEvery10Minutes. Use hooks to test the deployment.
Answer:
bd
User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
0/ 1000
Question 4
A developer has an application that uses an Amazon DynamoDB table with a configured local secondary index (LSI). During application testing, the DynamoDB table metrics report a ProvisionedThroughputExceededException error message. The number of requests made by the test suite did not exceed the table's provisioned capacity limits.
What is the cause of this issue?
A.
The data in the table's partition key column is not evenly distributed.
B.
The LSI's capacity is different from the table's capacity.
C.
The application is not implementing exponential backoff retry logic while interacting with the DynamoDB API.
D.
The application has the IAM permission to query the DynamoDB table but not to query the LSI.
Answer:
b
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
A company hosts its application on AWS. The application runs on an Amazon Elastic Container Service (Amazon ECS) cluster that uses AWS Fargate. The cluster runs behind an Application Load Balancer. The application stores data in an Amazon Aurora database. A developer encrypts and manages database credentials inside the application.
The company wants to use a more secure credential storage method and implement periodic credential rotation.
Which solution will meet these requirements with the LEAST operational overhead?
A.
Migrate the secret credentials to Amazon RDS parameter groups. Encrypt the parameter by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant AWS KMS permissions to access Amazon RDS.
B.
Migrate the credentials to AWS Systems Manager Parameter Store. Encrypt the parameter by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant Amazon ECS Fargate permissions to access to AWS Secrets Manager.
C.
Migrate the credentials to ECS Fargate environment variables. Encrypt the credentials by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant Amazon ECS Fargate permissions to access to AWS Secrets Manager.
D.
Migrate the credentials to AWS Secrets Manager. Encrypt the credentials by using an AWS Key Management Service (AWS KMS) key. Turn on secret rotation. Use IAM policies and roles to grant Amazon ECS Fargate permissions to access to AWS Secrets Manager by using keys.
Answer:
c
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
A developer is migrating an application to Amazon Elastic Kubernetes Service (Amazon EKS). The developer migrates the application to Amazon Elastic Container Registry (Amazon ECR) with an EKS cluster. As part of the application migration to a new backend, the developer creates a new AWS account. The developer makes configuration changes to the application to point the application to the new AWS account and to use new backend resources. The developer successfully tests the changes within the application by deploying the pipeline.
The Docker image build and the pipeline deployment are successful, but the application is still connecting to the old backend. The developer finds that the application's configuration is still referencing the original EKS cluster and not referencing the new backend resources.
Which reason can explain why the application is not connecting to the new resources?
A.
The developer did not successfully create the new AWS account.
B.
The developer added a new tag to the Docker image.
C.
The developer did not update the Docker image tag to a new version.
D.
The developer pushed the changes to a new Docker image tag.
Answer:
c
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
A company receives food orders from multiple partners. The company has a microservices application that uses Amazon API Gateway APIs with AWS Lambda integration. Each partner sends orders by calling a customized API that is exposed through API Gateway. The API call invokes a shared Lambda function to process the orders. Partners need to be notified after the Lambda function processes the orders. Each partner must receive updates for only the partner's own orders. The company wants to add new partners in the future with the fewest code changes possible. Which solution will meet these requirements in the MOST scalable way?
A.
Create a different Amazon Simple Notification Service (Amazon SNS) topic for each partner. Configure the Lambda function to publish messages for each partner to the partner's SNS topic.
B.
Create a different Lambda function for each partner. Configure the Lambda function to notify each partner's service endpoint directly.
C.
Create an Amazon Simple Notification Service (Amazon SNS) topic. Configure the Lambda function to publish messages with specific attributes to the SNS topic. Subscribe each partner to the SNS topic. Apply the appropriate filter policy to the topic subscriptions.
D.
Create one Amazon Simple Notification Service (Amazon SNS) topic. Subscribe all partners to the SNS topic.
Answer:
c
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
When a developer tries to run an AWS CodeBuild project, it raises an error because the length of all environment variables exceeds the limit for the combined maximum of characters.
What is the recommended solution?
A.
Add the export LC_ALL="en_US.utf8" command to the pre_build section to ensure POSIX localization.
B.
Use Amazon Cognito to store key-value pairs for large numbers of environment variables.
C.
Update the settings for the build project to use an Amazon S3 bucket for large numbers of environment variables.
D.
Use AWS Systems Manager Parameter Store to store large numbers of environment variables.
Answer:
d
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
A developer is creating an AWS Lambda function. The Lambda function will consume messages from an Amazon Simple Queue Service (Amazon SQS) queue. The developer wants to integrate unit testing as part of the function's continuous integration and continuous delivery (CI/CD) process.
How can the developer unit test the function?
A.
Create an AWS CloudFormation template that creates an SQS queue and deploys the Lambda function. Create a stack from the template during the CI/CD process. Invoke the deployed function. Verify the output.
B.
Create an SQS event for tests. Use a test that consumes messages from the SQS queue during the function's Cl/CD process.
C.
Create an SQS queue for tests. Use this SQS queue in the application's unit test. Run the unit tests during the CI/CD process.
D.
Use the aws lambda invoke command with a test event during the CIICD process.
Answer:
d
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 10
A company wants to migrate applications from its on-premises servers to AWS. As a first step, the company is modifying and migrating a non-critical application to a single Amazon EC2 instance. The application will store information in an Amazon S3 bucket. The company needs to follow security best practices when deploying the application on AWS.
Which approach should the company take to allow the application to interact with Amazon S3?
A.
Create an IAM role that has administrative access to AWS. Attach the role to the EC2 instance.
B.
Create an IAM user. Attach the AdministratorAccess policy. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.
C.
Create an IAM role that has the necessary access to Amazon S3. Attach the role to the EC2 instance.
D.
Create an IAM user. Attach a policy that provides the necessary access to Amazon S3. Copy the generated access key and secret key. Within the application code, use the access key and secret key along with the AWS SDK to communicate with Amazon S3.