Amazon AWS

AWS Certified Developer – Associate

DVA-C02
Popular

The AWS Certified Developer – Associate (DVA-C02) exam tests your proficiency in developing applications on AWS. It is designed for developers looking to validate their skills in AWS development.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 171–180 of 492

Q171

What happens when an IAM policy denies access to a specific action but allows access to a broader resource?

  • A Access is granted to the resource
  • B Access is denied to the action
  • C Access is granted to the action
  • D The policy becomes ineffective
Explanation IAM uses a deny-over-allow principle, which prevails in case of conflicts, denying access to the action regardless of broader permissions.
Q172

Which service can automatically scale your application based on load?

  • A AWS Auto Scaling
  • B Amazon S3
  • C AWS Lambda
  • D Amazon RDS
Explanation AWS Auto Scaling manages scaling of resources; others do not directly manage scaling.
Q173

A company needs to securely transmit messages between applications without exposing their data. Which AWS service should they use?

  • A AWS SNS
  • B AWS SQS
  • C AWS Kinesis
  • D AWS CloudFormation
Explanation AWS SQS allows secure message queuing; others don’t focus primarily on secure messaging.
Q174

You are configuring IAM policies. What happens when a user has multiple policies that contradict each other?

  • A Grant access based on least privilege
  • B Deny access based on highest policy
  • C User has no access at all
  • D Deny access based on least restrictive policy
Explanation Access is determined by the least privileged, denying contradictory permissions; other options are incorrect interpretations of IAM policy evaluation logic.
Q175

Which service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C AWS Fargate
  • D Amazon RDS
Explanation AWS Lambda executes code without server management; EC2 requires server provisioning, Fargate is for container orchestration, and RDS is a managed database service.
Q176

You are configuring an IAM policy to allow access to S3 buckets. How should the 'Effect' be defined?

  • A Always
  • B Allow or Deny
  • C Grant
  • D Enable
Explanation The Effect should be 'Allow' or 'Deny' to control access; 'Always', 'Grant', and 'Enable' are not valid IAM Effect values.
Q177

What happens when you exceed the provisioned throughput for a DynamoDB table?

  • A Requests are throttled
  • B Service automatically scales up
  • C Data is lost
  • D Writes are queued indefinitely
Explanation Exceeding throughput limits results in throttled requests; autoscaling doesn't happen automatically, no data loss occurs, and writes aren't queued indefinitely.
Q178

Which AWS service is best for deploying containerized applications?

  • A Amazon ECS
  • B AWS Lambda
  • C Amazon EC2
  • D Amazon S3
Explanation Amazon ECS is specifically designed for container orchestration, while EC2 and S3 serve different purposes.
Q179

A company needs secure API access to DynamoDB from its users. What is the best practice?

  • A Use API Gateway with IAM roles
  • B Direct access to DynamoDB
  • C Store API keys in code
  • D Use EC2 instance for access
Explanation Using API Gateway with IAM roles securely manages access, while direct access and hardcoded keys compromise security.
Q180

You are configuring a Lambda function with a VPC. What must you ensure for successful execution?

  • A Assign a public IP address
  • B Configure a subnet and security group
  • C Increase the function timeout
  • D Deploy in multiple regions
Explanation Configuring a subnet and security group allows the Lambda function to access AWS resources within the VPC, while other options are irrelevant or incorrect.