Amazon AWS

AWS Certified Developer – Associate

DVA-C02
Popular

The AWS Certified Developer – Associate (DVA-C02) exam tests your proficiency in developing applications on AWS. It is designed for developers looking to validate their skills in AWS development.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 401–410 of 492

Q401

A company needs to store sensitive user data securely in AWS. What is the best first step?

  • A Use IAM roles for permissions
  • B Encrypt the data at rest
  • C Enable AWS CloudTrail
  • D Create VPC for isolation
Explanation Encrypting data at rest protects it from unauthorized access; IAM and VPC help with access control and networking but not data protection directly.
Q402

What happens when an EC2 instance runs out of EBS volume space?

  • A Instance shuts down immediately
  • B Applications may crash or malfunction
  • C AWS automatically increases volume size
  • D No impact on performance
Explanation Running out of EBS space can lead to application failures while AWS does not automatically adjust the volume size or shut down the instance.
Q403

Which AWS service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B EC2
  • C Elastic Beanstalk
  • D S3
Explanation AWS Lambda executes code in response to events without server management, unlike the others that require server setup.
Q404

A company needs to store large amounts of unstructured data. Which AWS service should they use?

  • A Amazon RDS
  • B Amazon DynamoDB
  • C Amazon S3
  • D Amazon Redshift
Explanation Amazon S3 is designed for scalable storage of unstructured data whereas the others are for structured data storage.
Q405

What happens when an IAM user tries to access a resource without necessary permissions?

  • A Access is granted
  • B Access is denied
  • C User is signed out
  • D IAM policy is automatically updated
Explanation Without necessary permissions, IAM enforces access denial; the other options incorrectly describe user behavior or admin response.
Q406

Which service provides a fully managed NoSQL database?

  • A DynamoDB
  • B RDS
  • C S3
  • D CloudFormation
Explanation DynamoDB is the fully managed NoSQL service; RDS is for relational databases, S3 is object storage, and CloudFormation is for infrastructure management.
Q407

A company needs to securely access AWS services from on-premises. What AWS service should they use?

  • A AWS Direct Connect
  • B AWS Transit Gateway
  • C AWS VPN
  • D AWS Auto Scaling
Explanation AWS VPN provides secure connections; Direct Connect establishes dedicated connections, Transit Gateway connects VPCs, while Auto Scaling manages instance scaling.
Q408

You are configuring an EC2 instance to launch in a private subnet. What do you need to ensure it has Internet access?

  • A Public IP address
  • B NAT Gateway
  • C Internet Gateway
  • D Elastic Load Balancer
Explanation NAT Gateway allows private subnet instances to access the internet; public IPs and internet gateways won’t work for them directly, while ELB is for traffic distribution.
Q409

Which service is best for automating deployments?

  • A AWS CodeDeploy
  • B AWS Glue
  • C AWS CloudFormation
  • D AWS Lambda
Explanation AWS CodeDeploy automates deployments; the others serve different purposes.
Q410

You are configuring an IAM policy for a developer. What is the most secure practice?

  • A Grant full admin access
  • B Use least privilege principle
  • C Allow all S3 actions
  • D Create multiple roles for the user
Explanation Using least privilege minimizes security risks; other options over-permit access.