| Question.6 A developer is creating an AWS CloudFormation template to deploy Amazon EC2 instances across multiple AWS accounts. The developer must choose the EC2 instances from a list of approved instance types. How can the developer incorporate the list of approved instance types in the CloudFormation template? (A) Create a separate CloudFormation template for each EC2 instance type in the list. (B) In the Resources section of the CloudFormation template, create resources for each EC2 instance type in the list. (C) In the CloudFormation template, create a separate parameter for each EC2 instance type in the list. (D) In the CloudFormation template, create a parameter with the list of EC2 instance types as AllowedValues. |
6. Click here to View Answer
Correct Answer: D
| Question.7 A developer has an application that makes batch requests directly to Amazon DynamoDB by using the BatchGetItem low-level API operation. The responses frequently return values in the UnprocessedKeys element. Which actions should the developer take to increase the resiliency of the application when the batch response includes values in UnprocessedKeys? (Choose two.) (A) Retry the batch operation immediately. (B) Retry the batch operation with exponential backoff and randomized delay. (C) Update the application to use an AWS software development kit (AWS SDK) to make the requests. (D) Increase the provisioned read capacity of the DynamoDB tables that the operation accesses. (E) Increase the provisioned write capacity of the DynamoDB tables that the operation accesses. |
7. Click here to View Answer
Correct Answer: BD
| Question.8 A company is running a custom application on a set of on-premises Linux servers that are accessed using Amazon API Gateway. AWS X-Ray tracing has been enabled on the API test stage. How can a developer enable X-Ray tracing on the on-premises servers with the LEAST amount of configuration? (A) Install and run the X-Ray SDK on the on-premises servers to capture and relay the data to the X-Ray service. (B) Install and run the X-Ray daemon on the on-premises servers to capture and relay the data to the X-Ray service. (C) Capture incoming requests on-premises and configure an AWS Lambda function to pull, process, and relay relevant data to X-Ray using the PutTraceSegments API call. (D) Capture incoming requests on-premises and configure an AWS Lambda function to pull, process, and relay relevant data to X-Ray using the PutTelemetryRecords API call. |
8. Click here to View Answer
Correct Answer: B
| Question.9 A company wants to share information with a third party. The third party has an HTTP API endpoint that the company can use to share the information. The company has the required API key to access the HTTP API. The company needs a way to manage the API key by using code. The integration of the API key with the application code cannot affect application performance. Which solution will meet these requirements MOST securely? (A) Store the API credentials in AWS Secrets Manager. Retrieve the API credentials at runtime by using the AWS SDK. Use the credentials to make the API call. (B) Store the API credentials in a local code variable. Push the code to a secure Git repository. Use the local code variable at runtime to make the API call. (C) Store the API credentials as an object in a private Amazon S3 bucket. Restrict access to the S3 object by using IAM policies. Retrieve the API credentials at runtime by using the AWS SDK. Use the credentials to make the API call. (D) Store the API credentials in an Amazon DynamoDB table. Restrict access to the table by using resource-based policies. Retrieve the API credentials at runtime by using the AWS SDK. Use the credentials to make the API call. |
9. Click here to View Answer
Correct Answer: A
| Question.10 A developer is deploying a new application to Amazon Elastic Container Service (Amazon ECS). The developer needs to securely store and retrieve different types of variables. These variables include authentication information for a remote API, the URL for the API, and credentials. The authentication information and API URL must be available to all current and future deployed versions of the application across development, testing, and production environments. How should the developer retrieve the variables with the FEWEST application changes? (A) Update the application to retrieve the variables from AWS Systems Manager Parameter Store. Use unique paths in Parameter Store for each variable in each environment. Store the credentials in AWS Secrets Manager in each environment. (B) Update the application to retrieve the variables from AWS Key Management Service (AWS KMS). Store the API URL and credentials as unique keys for each environment. (C) Update the application to retrieve the variables from an encrypted file that is stored with the application. Store the API URL and credentials in unique files for each environment. (D) Update the application to retrieve the variables from each of the deployed environments. Define the authentication information and API URL in the ECS task definition as unique names during the deployment process. |
10. Click here to View Answer
Correct Answer: A