Amazon AWS

AWS Certified Data Engineer – Associate

DEA-C01

The AWS Certified Data Engineer – Associate (DEA-C01) exam validates your skills in data engineering on AWS. It is suitable for those who want to demonstrate their ability to design and implement data solutions.

498 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 171–180 of 498

Q171

What happens when an IAM user is assigned a policy with "deny" effects?

  • A Access is granted by default
  • B Access is denied
  • C Access is conditional
  • D Policy has no effect
Explanation In AWS IAM, explicit deny overrides any allows, enforcing a stricter access control.
Q172

Which service provides a managed relational database?

  • A Amazon RDS
  • B Amazon S3
  • C Amazon DynamoDB
  • D Amazon EC2
Explanation Amazon RDS is specifically designed for managed relational databases, while the others serve different purposes.
Q173

A company needs to analyze data in real time. Which AWS service should they use?

  • A Amazon S3
  • B AWS Glue
  • C Amazon Kinesis
  • D Amazon Athena
Explanation Amazon Kinesis is built for real-time data processing, unlike the others which focus on storage or batch processing.
Q174

You are configuring an IAM policy and want to allow S3 actions only from a specific IP range. What should you use?

  • A Conditions with ipAddress
  • B Resource-based policies
  • C Security groups
  • D Service control policies
Explanation The conditions element with ipAddress allows for specifying IP ranges in IAM policies, while the others do not apply here.
Q175

Which service is best for real-time data processing in AWS?

  • A Amazon Kinesis
  • B Amazon RDS
  • C Amazon S3
  • D Amazon ECS
Explanation Amazon Kinesis is specifically designed for real-time data processing, whereas RDS, S3, and ECS serve different purposes.
Q176

A company needs high durability for its storage solution. Which AWS storage service should they choose?

  • A Amazon S3
  • B Amazon EBS
  • C Amazon EFS
  • D AWS Snowball
Explanation Amazon S3 offers 99.999999999% durability, making it ideal for high durability needs; the others have different durability and use cases.
Q177

What happens when you set a security group rule with a conflicting CIDR block?

  • A Access will be allowed from both
  • B Access will be denied
  • C Access will depend on priority
  • D Only the last rule will take effect
Explanation Conflicting rules within a security group do not allow access; security groups are inclusive by default.
Q178

Which service is used for managing Docker containers?

  • A Amazon ECS
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon S3
Explanation Amazon ECS (Elastic Container Service) is specifically designed for managing Docker containers; the others serve different purposes.
Q179

A company needs to securely share data between its AWS environment and an on-premise data center. What service should they use?

  • A AWS VPN
  • B Amazon CloudFront
  • C Amazon Kinesis
  • D AWS Snowball
Explanation AWS VPN establishes a secure connection; the others do not address the secure connection between AWS and on-premises directly.
Q180

You are configuring an S3 bucket lifecycle policy to archive objects to Glacier. What will happen if you configure a transition rule to Glacier for objects older than 30 days?

  • A Objects will be deleted immediately
  • B Objects remain in S3 Standard
  • C Objects transition to Glacier after 30 days
  • D Policy won't take effect
Explanation Objects will transition to Glacier after 30 days as per the lifecycle rule; the other options misrepresent lifecycle management behavior.