144. A Developer writes an AWS Lambda function and uploads the code in a .ZIP file to Amazon S3. The Developer makes changes to the code and uploads a new .ZIP file to Amazon S3. However, Lambda executes the earlier code.
How can the Developer fix this in the LEAST disruptive way? Create another Lambda function and specify the new .ZIP file. Call the update-function-code API. Remove the earlier .ZIP file first, then add the new .ZIP file. Call the create-alias API. 140. An AWS Elastic Beanstalk application needs to be deployed in multiple regions and requires a different Amazon Machine Image (AMI) in each region.
Which AWS CloudFormation template key can be used to specify the correct AMI for each region? Parameters Outputs Mappings Resources. 138. A Developer wants to enable AWS X-Ray for a secure application that runs in an Amazon ECS environment.
What combination of steps will enable X-Ray? (Select THREE.) Create a Docker image that runs the X-Ray daemon. Add instrumentation to the application code for X-Ray. Install the X-Ray daemon on the underlying EC2 instance. Configure and use an IAM EC2 instance role. Register the application with X-Ray. Configure and use an IAM role for tasks. 137. A Developer must deploy a new AWS Lambda function using an AWS CloudFormation template.
Which procedures will deploy a Lambda function? (Select TWO.) Upload the code to an AWS CodeCommit repository, then add a reference to it in an AWS::Lambda::Function resource in the template. Create an AWS::Lambda::Function resource in the template, then write the code directly inside the CloudFormation template. Upload a .ZIP file containing the function code to Amazon S3, then add a reference to it in an AWS::Lambda::Function resource in the template. Upload a .ZIP file to AWS CloudFormation containing the function code, then add a reference to it in an AWS::Lambda::Function resource in the template. Upload the function code to a private Git repository, then add a reference to it in an AWS::Lambda::Function resource in the template. 131. In a move toward using microservices, a company's Management team has asked all Development teams to build their services so that API requests depend only on that service's data store. One team is building a Payments service which has its own database; the service needs data that originates in the Accounts database. Both are using Amazon DynamoDB.
What approach will result in the simplest, decoupled, and reliable method to get near-real time updates from the Accounts database? Use Amazon Glue to perform frequent ETL updates from the Accounts database to the Payments database. Use Amazon ElastiCache in Payments, with the cache updated by triggers in the Accounts database. Use Amazon Kinesis Data Firehouse to deliver all changes from the Accounts database to the Payments database. Use Amazon DynamoDB Streams to deliver all changes from the Accounts database to the Payments database. 129. A Developer is writing an imaging micro service on AWS Lambda. The service is dependent on several libraries that are not available in the Lambda runtime environment.
Which strategy should the Developer follow to create the Lambda deployment package? Create a ZIP file with the source code and all dependent libraries. Create a ZIP file with the source code and a script that installs the dependent libraries at runtime. Create a ZIP file with the source code. Stage the dependent libraries on an Amazon S3 bucket indicated by the Lambda environment variable LD_LIBRARY_PATH Create a ZIP file with the source code and a buildspec.yaml file that installs the dependent libraries on AWS Lambda. 127. A company needs a fully-managed source control service that will work in AWS. The service must ensure that revision control synchronizes multiple distributed repositories by exchanging sets of changes peer-to-peer. All users need to work productively even when not connected to a network.
Which source control service should be used? Subversion AWS CodeBuild AWS CodeCommit AWS CodeStar. 126. An application running on Amazon EC2 instances must access objects within an Amazon S3 bucket that are encrypted using server-side encryption using AWS KMS encryption keys (SSE-KMS). The application must have access to the customer master key (CMK) to decrypt the objects.
Which combination of steps will grant the application access? (Select TWO.) Write an S3 bucket policy that grants the bucket access to the key. Grant access to the key in the IAM EC2 role attached to the application's EC2 instances. Write a key policy that enables IAM policies to grant access to the key. Grant access to the key in the S3 bucket's ACL Create a Systems Manager parameter that exposes the KMS key to the EC2 instances. 124. A company is building an application to track athlete performance using an Amazon DynamoDB table. Each item in the table is identified by a partition key (user_id) and a sort key (sport_name). The table design is shown below: Use a DynamoDB query operation with the key attributes of user_id and sport_name and order the results based on the score attribute. Create a global secondary index with a partition key of sport_name and a sort key of score, and get the results Use a DynamoDB scan operation to retrieve scores and user_id based on sport_name, and order the results based on the score attribute. Create a local secondary index with a primary key of sport_name and a sort key of score and get the results based on the score attribute. 118. A Development team is working on a case management solution that allows medical claims to be processed and reviewed. Users log in to provide information related to their medical and financial situations.
As part of the application, sensitive documents such as medical records, medical imaging, bank statements, and receipts are uploaded to Amazon S3. All documents must be securely transmitted and stored. All access to the documents must be recorded for auditing.
What is the MOST secure approach? Use S3 default encryption using Advanced Encryption Standard-256 (AES-256) on the destination bucket. Use Amazon Cognito for authorization and authentication to ensure the security of the application and documents. Use AWS Lambda to encrypt and decrypt objects as they are placed into the S3 bucket. Use client-side encryption/decryption with Amazon S3 and AWS KMS. 114. While developing an application that runs on Amazon EC2 in an Amazon VPC, a Developer identifies the need for centralized storage of application-level logs.
Which AWS service can be used to securely store these logs? Amazon EC2 VPC Flow Logs Amazon CloudWatch Logs Amazon CloudSearch AWS CloudTrail. 111. A Developer wants to encrypt new objects that are being uploaded to an Amazon S3 bucket by an application. There must be an audit trail of who has used the key during this process. There should be no change to the performance of the application.
Which type of encryption meets these requirements? Server-side encryption using S3-managed keys Server-side encryption with AWS KMS-managed keys Client-side encryption with a client-side symmetric master key Client-side encryption with AWS KMS-managed keys. 101. An application is using Amazon DynamoDB as its data store, and should be able to read 100 items per second as strongly consistent reads. Each item is 5 KB in size.
To what value should the table's provisioned read throughput be set? 50 read capacity units 100 read capacity units 200 read capacity units 500 read capacity units. 88. A social media company is using Amazon Cognito in order to synchronize profiles across different mobile devices, to enable end users to have a seamless experience.
Which of the following configurations can be used to silently notify users whenever an update is available on all other devices? Modify the user pool to include all the devices which keep them in sync. Use the SyncCallback interface to receive notifications on the application. Use an Amazon Cognito stream to analyze the data and push the notifications. Use the push synchronization feature with the appropriate IAM role. 87. A company is using AWS CodePipeline to deliver one of its applications. The delivery pipeline is triggered by changes to the master branch of an AWS CodeCommit repository and uses AWS CodeBuild to implement the test and build stages of the process and AWS CodeDeploy to deploy the application.
The pipeline has been operating successfully for several months and there have been no modifications. Following a recent change to the application's source code, AWS CodeDeploy has not deployed the updates application as expected.
What are the possible causes? (Choose two.) The change was not made in the master branch of the AWS CodeCommit repository. One of the earlier stages in the pipeline failed and the pipeline has terminated. One of the Amazon EC2 instances in the company's AWS CodePipeline cluster is inactive. The AWS CodePipeline is incorrectly configured and is not executing AWS CodeDeploy. AWS CodePipeline does not have permissions to access AWS CodeCommit. 86. An application displays a status dashboard. The status is updated by 1 KB messages from an SQS queue. Although the status changes infrequently, the Developer must minimize the time between the message arrival in the queue and the dashboard update.
What technique provides the shortest delay in updating the dashboard? Retrieve the messages from the queue using long polling every 20 seconds. Reduce the size of the messages by compressing them before sending. Retrieve the messages from the queue using short polling every 10 seconds. Reduce the size of each message payload by sending it in two parts. 83. A Developer must trigger an AWS Lambda function based on the item lifecycle activity in an Amazon DynamoDB table.
How can the Developer create the solution? Enable a DynamoDB stream that publishes an Amazon SNS message. Trigger the Lambda function synchronously from the SNS message. Enable a DynamoDB stream that publishes an SNS message. Trigger the Lambda function asynchronously from the SNS message. Enable a DynamoDB stream, and trigger the Lambda function synchronously from the stream. Enable a DynamoDB stream, and trigger the Lambda function asynchronously from the stream. 82. An on-premises legacy application is caching data files locally and writing shared images to local disks.
What is necessary to allow for horizontal scaling when migrating the application to AWS? Modify the application to have both shared images and caching data written to Amazon EBS. Modify the application to read and write cache data on Amazon S3, and also store shared images on S3. Modify the application to use Amazon S3 for serving shared images; cache data can then be written to local disks. Modify the application to read and write cache data on Amazon S3, while continuing to write shared images to local disks. 76. The Developer for a retail company must integrate a fraud detection solution into the order processing solution. The fraud detection solution takes between ten and thirty minutes to verify an order. At peak, the web site can receive one hundred orders per minute.
What is the most scalable method to add the fraud detection solution to the order processing pipeline? Add all new orders to an Amazon SQS queue. Configure a fleet of 10 EC2 instances spanning multiple AZs with the fraud detection solution installed on them to pull orders from this queue. Update the order with a pass or fails status. Add all new orders to an SQS queue. Configure an Auto Scaling group that uses the queue depth metric as its unit of scale to launch a dynamically-sized fleet of EC2 instances spanning multiple AZs with the fraud detection solution installed on them to pull orders from this queue. Update the order with a pass or fails status. Add all new orders to an Amazon Kinesis Stream. Subscribe a Lambda function to automatically read batches of records from the Kinesis Stream. The Lambda function includes the fraud detection software and will update the order with a pass or fail status. Write all new orders to Amazon DynamoDB. Configure DynamoDB Streams to include all new orders. Subscribe a Lambda function to automatically read batches of records from the Kinesis Stream. The Lambda function includes the fraud detection software and will update the order with a pass or fail status. 75. A Lambda function is packaged for deployment to multiple environments, including development, test, production, etc. Each environment has unique set of resources such as databases, etc.
How can the Lambda function use the resources for the current environment? Apply tags to the Lambda functions. Hardcore resources in the source code. Use environment variables for the Lambda functions. Use separate function for development and production.