Amazon AWS

AWS Certified Data Engineer – Associate

DEA-C01

The AWS Certified Data Engineer – Associate (DEA-C01) exam validates your skills in data engineering on AWS. It is suitable for those who want to demonstrate their ability to design and implement data solutions.

498 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 131–140 of 498

Q131

You are configuring an Amazon RDS instance. Which feature allows you to automatically store backups?

  • A DMS
  • B Multi-AZ
  • C Automated Backups
  • D Read Replicas
Explanation Automated Backups enable automatic backup for RDS instances, while other options serve different purposes. DMS is for migration, Multi-AZ for availability, and Read Replicas for scaling reads.
Q132

A company needs to manage permissions for 100 AWS IAM users efficiently. What should they use?

  • A IAM Roles
  • B IAM Policies
  • C IAM Groups
  • D IAM Virtual MFA
Explanation IAM Groups allow efficient permissions management for multiple users at once, while IAM Roles assign permissions to AWS services, Policies define access, and Virtual MFA adds security. Options A, B, and D do not address user management directly.
Q133

Which service allows you to run Docker containers?

  • A Amazon ECS
  • B Amazon RDS
  • C Amazon Lambda
  • D AWS S3
Explanation Amazon ECS is a container orchestration service, whereas RDS is for databases, Lambda for serverless functions, and S3 for object storage.
Q134

A company needs to store sensitive data securely. Which AWS service should they use for encryption?

  • A AWS IAM
  • B AWS KMS
  • C AWS SNS
  • D AWS SQS
Explanation AWS KMS is specifically designed for managing encryption keys, while IAM manages access, and SNS and SQS are messaging services.
Q135

You are configuring a VPC peering connection. What happens if the CIDR blocks overlap?

  • A Connection succeeds without issues
  • B Connection fails due to overlap
  • C Logs will capture the overlap
  • D Traffic is forwarded to the first VPC
Explanation Overlapping CIDR blocks cause the VPC peering to fail, while the other options do not accurately describe the behavior of AWS networking.
Q136

A company needs to process streaming data in real time. Which AWS service should they use?

  • A Amazon Kinesis
  • B AWS Lambda
  • C Amazon S3
  • D Amazon RDS
Explanation Amazon Kinesis is specifically designed for real-time data processing, while the others are not tailored for that purpose.
Q137

What happens when you attach an IAM policy directly to a user rather than a group?

  • A User inherits all group permissions
  • B Policy applies only to that user
  • C User gains admin privileges
  • D Policy is ignored in IAM
Explanation The policy applies only to that user and not inherited from any group they belong to.
Q138

You are configuring an EC2 instance with a security group that allows HTTP traffic. What happens if you later remove this permission?

  • A Access to web traffic blocked
  • B EC2 instance becomes unreachable
  • C No change to SSH access
  • D Instance restarts automatically
Explanation Removing HTTP permissions blocks web traffic, but other configurations remain unaffected.
Q139

Which service would you use for real-time data streaming?

  • A Amazon Kinesis
  • B Amazon S3
  • C Amazon RDS
  • D AWS Lambda
Explanation Amazon Kinesis is specifically designed for real-time data streaming, while the others serve different purposes.
Q140

A company needs to securely access its EC2 instances from an on-premises network. Which solution is most appropriate?

  • A VPN connection
  • B Public IP address
  • C Direct Connect only
  • D SSH key in plain text
Explanation A VPN connection secures communication between on-premises and AWS, unlike public IPs or SSH keys.