Amazon AWS

AWS Certified Data Engineer – Associate

DEA-C01

The AWS Certified Data Engineer – Associate (DEA-C01) exam validates your skills in data engineering on AWS. It is suitable for those who want to demonstrate their ability to design and implement data solutions.

498 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 231–240 of 498

Q231

You are configuring a security group to restrict access. What happens if you add a rule allowing all outbound traffic?

  • A Only incoming traffic is allowed
  • B Both inbound and outbound are allowed
  • C No traffic is allowed
Explanation Allowing outbound traffic permits all outbound connections while the inbound rules still apply.
Q232

A company needs to deploy a web application with auto-scaling. Which service should they choose?

  • A Elastic Beanstalk
  • B CloudFront
  • C S3
  • D IAM
Explanation Elastic Beanstalk supports auto-scaling for web apps; CloudFront is for CDN, S3 is for storage, and IAM manages identities.
Q233

What happens when you set an IAM policy to allow access to a resource but have a deny policy on a parent role?

  • A Allow access is enforced.
  • B Access is denied.
  • C Policy actions are ignored.
  • D Deny policy overrides allow policy.
Explanation Deny policies always override allow policies, ensuring access is denied.
Q234

You are configuring a Lambda function, but it keeps timing out. What should you check first?

  • A Increase Lambda memory.
  • B Review VPC configurations.
  • C Examine code for inefficiencies.
  • D Check IAM permissions.
Explanation Inefficient code often leads to timeouts; while VPC configurations can affect performance, the code is usually the initial culprit.
Q235

Which AWS service is best for real-time data analytics on streaming data?

  • A Amazon Kinesis
  • B Amazon S3
  • C Amazon Redshift
  • D AWS Lambda
Explanation Amazon Kinesis provides real-time data processing, while S3 is for storage, Redshift is for data warehousing, and Lambda for serverless computing.
Q236

A company needs to securely store its encryption keys. Which AWS service should it use?

  • A AWS Secrets Manager
  • B AWS Key Management Service
  • C AWS Systems Manager
  • D Amazon RDS
Explanation AWS Key Management Service is designed specifically for key management, whereas the others serve different security purposes.
Q237

You are configuring AWS Identity and Access Management (IAM) policies. What happens when a user has conflicting policies that grant and deny the same action?

  • A Deny takes precedence
  • B Grant takes precedence
  • C No impact on permissions
  • D Error occurs during policy evaluation
Explanation In IAM, deny overrides any allow, while granting contradictory access doesn't provide permissions.
Q238

Which service provides a managed Apache Spark environment?

  • A Amazon EMR
  • B Amazon EC2
  • C AWS Lambda
  • D Amazon RDS
Explanation Amazon EMR is specifically designed for big data processing using Spark, while the others serve different purposes.
Q239

A company needs to process and analyze large datasets frequently updated. Which service should they use?

  • A Amazon S3
  • B Amazon Redshift
  • C Amazon Athena
  • D AWS Glue
Explanation Amazon Redshift is optimized for querying and analyzing structured data, unlike S3 and others which serve different data retrieval purposes.
Q240

What happens when two IAM policies are applied to a single role?

  • A Roles get overridden
  • B Only the last one applies
  • C Both policies are evaluated
  • D An error is generated
Explanation Both policies are evaluated together; permissions are cumulative unless explicitly denied.