AWS-Developer資格専門知識 & AWS-Developer日本語練習問題我々CertJukenは一番信頼できるIT試験資料販売サイトになれるために、弊社はお客様に最完備かつ最新版のAWS-Developer問題集を提供して努力します。我々の問題集によって、ほとんどの受験生は大方の人から見る大変なAmazon AWS-Developer試験にうまく合格しました。この成功データはAWS-Developer試験に準備する皆様にCertJukenのAWS-Developer問題集を勧める根拠とします。もしあなたは残念的にAWS-Developer試験に失敗したら、全額で返金することを承諾します。すべてのことはあなたの安心的に試験に準備できるのためのです。 Amazon AWS Certified Developer Associate Exam (DVA-C02) 認定 AWS-Developer 試験問題 (Q38-Q43):質問 # 38
After launching an instance that you intend to serve as a NAT (Network Address Translation) device in a public subnet you modify your route tables to have the NAT device be the target of internet bound traffic of your private subnet. When you try and make an outbound connection to the Internet from an instance in the private subnet, you are not successful.
Which of the following steps could resolve the issue?
A. Attaching a second Elastic Network Interface (ENI) to the instance in the private subnet, and placing it in the public subnet
B. Disabling the Source/Destination Check attribute on the NAT instance
C. Attaching a second Elastic Network interface (ENI) to the NAT instance, and placing it in the private subnet
D. Attaching an Elastic IP address to the instance in the private subnet
正解:B
質問 # 39
A deployment package uses the AWS CLI to copy files into any S3 bucket in the account, using access keys stored in environment variables. The package is running on EC2 instances, and the instances have been modified to run with an assumed IAM role and a more restrictive policy that allows access to only one bucket.
After the change, the Developer logs into the host and still has the ability to write into all of the S3 buckets in that account.
What is the MOST likely cause of this situation?
A. The AWS CLI is corrupt and needs to be reinstalled
B. The AWS credential provider looks for instance profile credentials last
C. An IAM inline policy is being used on the IAM role
D. An IAM managed policy is being used on the IAM role
質問 # 40
A company operates a media streaming platform that delivers on-demand video content to users from around the world. User requests flow through an Amazon CloudFront distribution, an Amazon API Gateway REST API, AWS Lambda functions, and Amazon DynamoDB tables.
Some users have reported intermittent buffering issues and delays when users try to start a video stream. The company needs to investigate the issues to discover the underlying cause.
Which solution will meet this requirement?
A. Enable AWS X-Ray tracing for the REST API, Lambda functions, and DynamoDB tables. Analyze the service map to identify any performance bottlenecks or errors.
B. Use AWS CloudTrail to track AWS resources in all AWS Regions. Stream CloudTrail data to an Amazon CloudWatch Logs log group. Enable CloudTrail Insights. Set up Amazon SN5 notifications if unusual API activity is detected.
C. Enable logging in API Gateway. Ensure that each Lambda function is configured to send logs to Amazon CloudWatch. Use CloudWatch Logs Insights to query the log data.
D. Use AWS Config to review details of any recent configuration changes to AWS resources in the application that could result in increased latency for users.
正解:A
解説:
Requirement Summary:
* Users experience buffering/delay when starting video stream
* Architecture:
* CloudFront # API Gateway # Lambda # DynamoDB
* Need to identify root cause of performance issues
Evaluate Options:
# A: Enable AWS X-Ray tracing
* # Ideal for end-to-end tracing
* Visualizes latency across services (API Gateway, Lambda, DynamoDB)
* Creates a service map for easy identification of bottlenecks or errors
* Designed specifically for distributed tracing and performance monitoring B: CloudWatch Logs Insights
* ## Helpful for querying logs
* But lacks the visual trace linkage across services like X-Ray
* Does not identify where latency accumulates
C: AWS Config
* # Tracks configuration changes, not runtime performance
D: CloudTrail + CloudWatch Logs
* # More useful for audit/logging, not tracing performance or latency issues
* X-Ray overview: https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html
* Service map: https://docs.aws.amazon.com/xray ... le-service-map.html
* Tracing API Gateway: https://docs.aws.amazon.com/apig ... de/apigateway-xray.
html
質問 # 41
An organization has created an application which is hosted on the AWS EC2 instance. The application stores images to S3 when the end user uploads to it. The organization does not want to store the AWS secure credentials required to access the S3 inside the instance. Which of the below mentioned options is a possible solution to avoid any security threat?
A. Use the IAM based single sign between the AWS resources and the organization application.
B. Use the X.509 certificates instead of the access and the secret access keys.
C. Use the IAM role and assign it to the instance.
D. Since the application is hosted on EC2, it does not need credentials to access S3.
正解:C
解説:
The AWS IAM role uses temporary security credentials to access AWS services. Once the role is assigned to an instance, it will not need any security credentials to be stored on the instance.
Reference: http://docs.aws.amazon.com/AWSEC ... for-amazon-ec2.html
質問 # 42
A developer is creating an AWS Lambda function that will connect to an Amazon RDS for MySQL instance.
The developer wants to store the database credentials. The database credentials need to be encrypted and the database password needs to be automatically rotated.
Which solution will meet these requirements?
A. Store the database credentials in AWS Systems Manager Parameter Store as secure string parameters.
Set up managed rotation on the parameters.
B. Store the database credentials in the X-Amz-Security-Token parameter. Set up managed rotation on the parameter.
C. Store the database credentials as environment variables for the Lambda function. Set the environment variables to rotate automatically.
D. Store the database credentials in AWS Secrets Manager. Set up managed rotation on the database credentials.