[
  {
    "id": "1411",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer has developed an application that runs on Amazon EC2 instances and produces a value on a minutely basis. The developer want to monitor and graph the data produced over time without periodically login into the instance. Which strategy should the developer use to accomplish this objective?",
      "answers": [
        "Use the Amazon CloudWatch metrics reported by default for all EC2 instances. View each value from the CloudWatch console.",
        "Develop the application to store each value in a file on Amazon S3 every minute with the timestamp as the name.",
        "Publish each generated value as a custom metric to Amazon CloudWatch using available AWS SDKs.",
        "Store each value as a variable and add the variable to the list of EC2 metrics that should be reported to the Amazon CloudWatch console."
      ],
      "correctAnswer": ["Publish each generated value as a custom metric to Amazon CloudWatch using available AWS SDKs."]
    }
  },
  {
    "id": "1412",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer is developing an AWS Lambda function that creates a new file upon execution. Each new file must be checked into the same AWS CodeCommit repository. How should the developer go about doing this?",
      "answers": [
        "When the Lambda function starts, use the Git CLI to clone the repository. Check the new file into the cloned repository and push the change.",
        "After the new file is created in Lambda, use cURL to invoke the CodeCommit API. Send the file to the repository.",
        "Use an AWS SDK to instantiate a CodeCommit client. Invoke the put_file method to add the file to the repository.",
        "Upload the new to an Amazon S3 bucket. Create an AWS Step Function to accept S3 events. In the Step Function, add the new file to the repository."
      ],
      "correctAnswer": ["Use an AWS SDK to instantiate a CodeCommit client. Invoke the put_file method to add the file to the repository."]
    }
  },
  {
    "id": "1413",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer is publishing vital log data to a log group formed two months ago in Amazon CloudWatch Logs. The developer must encrypt the log data using an AWS KMS customer master key (CMK) in order to ensure that future data is encrypted in accordance with the companys security policy. How is the Developer going to fulfill this requirement?",
      "answers": [
        "Use the CloudWatch Logs console and enable the encrypt feature on the log group",
        "Use the AWS CLI create-log-group command and specify the key Amazon Resource Name (ARN)",
        "Use the KMS console and associate the CMK with the log group",
        "Use the AWS CLI associate-kms-key command and specify the key Amazon Resource Name (ARN)"
      ],
      "correctAnswer": ["Use the AWS CLI associate-kms-key command and specify the key Amazon Resource Name (ARN)"]
    }
  },
  {
    "id": "1414",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer must create a mobile application that enables users to read and write data from an Amazon DynamoDB database used to store each users status. The solution must restrict data access so that users may only access their own data. Which of the following solutions is the most secure?",
      "answers": [
        "Embed AWS access credentials into the application and create DynamoDB queries that limit user access.",
        "Use Amazon Cognito identity pools to assign unique identifiers and provide user access.",
        "Modify the DynamoDB table to allow public read and writes, then add client-side filtering.",
        "Create a web portal for users to create an account on AWS Directory Service."
      ],
      "correctAnswer": ["Use Amazon Cognito identity pools to assign unique identifiers and provide user access."]
    }
  },
  {
    "id": "1415",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer has an application that must receive and handle a huge number of incoming data streams before distributing them to several downstream users. Which serverless solution should the developer use in order to achieve these requirements?",
      "answers": [
        "Amazon RDS MySQL stored procedure with AWS Lambda",
        "AWS Direct Connect with AWS Lambda",
        "Amazon Kinesis Data Streams with AWS Lambda",
        "Amazon EC2 bash script with AWS Lambda"
      ],
      "correctAnswer": ["Amazon Kinesis Data Streams with AWS Lambda"]
    }
  },
  {
    "id": "1416",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 2",
      "question": "A developer is developing an application that will operate on Amazon EC2 instances that are members of an Auto Scaling group. The developer want to externalize session state in order to facilitate the applications operation. Which services will address these requirements? (Select two.)",
      "answers": [
        "Amazon DynamoDB",
        "Amazon Cognito",
        "Amazon ElastiCache",
        "Amazon EBS",
        "Amazon SQS"
      ],
      "correctAnswer": ["Amazon DynamoDB", "Amazon ElastiCache"]
    }
  },
  {
    "id": "1417",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer must invoke an AWS Lambda function depending on the lifecycle activity of an item in an Amazon DynamoDB database. How does the developer go about developing the solution?",
      "answers": [
        "Enable a DynamoDB stream that publishes an Amazon SNS message. Trigger the Lambda function synchronously from the SNS message.",
        "Enable a DynamoDB stream that publishes an SNS message. Trigger the Lambda function asynchronously from the SNS message.",
        "Enable a DynamoDB stream, and trigger the Lambda function synchronously from the stream.",
        "Enable a DynamoDB stream, and trigger the Lambda function asynchronously from the stream."
      ],
      "correctAnswer": ["Enable a DynamoDB stream, and trigger the Lambda function synchronously from the stream."]
    }
  },
  {
    "id": "1418",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer need temporary access to resources located in a different account. What is the MOST SECURE method of doing this?",
      "answers": [
        "Use the Amazon Cognito user pools to get short-lived credentials for the second account.",
        "Create a dedicated IAM access key for the second account, and send it by mail.",
        "Create a cross-account access role, and use sts:AssumeRole API to get short-lived credentials.",
        "Establish trust, and add an SSH key for the second account to the IAM user."
      ],
      "correctAnswer": ["Create a cross-account access role, and use sts:AssumeRole API to get short-lived credentials."]
    }
  },
  {
    "id": "1419",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer want to verify that the Amazon EC2 instances running in AWS Elastic Beanstalk execute a certain set of commands prior to the application being available for usage. Which feature of Elastic Beanstalk enables the developer to achieve this?",
      "answers": [
        "Rolling update",
        "Immutable update",
        "User data",
        ".ebextensions"
      ],
      "correctAnswer": [".ebextensions"]
    }
  },
  {
    "id": "1420",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A team of developers is responsible for migrating an application running on AWS Elastic Beanstalk from a Classic Load Balancer to an Application Load Balancer. How should the job be completed using the AWS Management Console?",
      "answers": [
        "1. Update the application code in the existing deployment. 2. Select a new load balancer type before running the deployment. 3. Deploy the new version of the application code to the environment.",
        "1. Create a new environment with the same configurations except for the load balancer type. 2. Deploy the same application version as used in the original environment. 3. Run the swap-environment-cnames action.",
        "1. Clone the existing environment, changing the associated load balancer type. 2. Deploy the same application version as used in the original environment. 3. Run the swap-environment-cnames action.",
        "1. Edit the environment definitions in the existing deployment. 2. Change the associated load balancer type according to the requirements. 3. Rebuild the environment with the new load balancer type."
      ],
      "correctAnswer": ["1. Create a new environment with the same configurations except for the load balancer type. 2. Deploy the same application version as used in the original environment. 3. Run the swap-environment-cnames action."]
    }
  },
  {
    "id": "1421",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 2",
      "question": "AWS Lambda functions must read data from an Amazon RDS MySQL database contained inside a VPC and also connect to a public endpoint on the internet to get extra data. Which actions must be made to provide access to both the RDS resource and the public endpoint by the function? (Select two.)",
      "answers": [
        "Modify the default configuration for the Lambda function to associate it with an Amazon VPC private subnet.",
        "Modify the default network access control list to allow outbound traffic.",
        "Add a NAT Gateway to the VPC.",
        "Modify the default configuration of the Lambda function to associate it with a VPC public subnet.",
        "Add an environmental variable to the Lambda function to allow outbound internet access."
      ],
      "correctAnswer": ["Modify the default configuration for the Lambda function to associate it with an Amazon VPC private subnet.", "Add a NAT Gateway to the VPC."]
    }
  },
  {
    "id": "1422",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "An application uses Amazon DynamoDB as its data storage and requires the ability to read 100 items per second in highly consistent reads. Each item is around 5 KB in size. What should the provisioned read throughput of the table be set to?",
      "answers": [
        "50 read capacity units",
        "100 read capacity units",
        "200 read capacity units",
        "500 read capacity units"
      ],
      "correctAnswer": ["200 read capacity units"]
    }
  },
  {
    "id": "1423",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer has registered a new AWS account and is required to design a scalable AWS Lambda function that satisfies the following concurrent execution requirements: -Average execution time of 100 seconds -50 requests per secondWhich procedure must be followed prior to deployment in order to avoid errors?",
      "answers": [
        "Implement dead-letter queues to capture invocation errors",
        "Add an event source from Amazon API Gateway to the Lambda function",
        "Implement error handling within the application code",
        "Contact AWS Support to increase the concurrent execution limits"
      ],
      "correctAnswer": ["Contact AWS Support to increase the concurrent execution limits"]
    }
  },
  {
    "id": "1424",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A Developer has created code for an application and want to share it with other team members in order to get feedback. The shared application code must be kept in a long-term, version-controlled environment with batch change tracking. Which Amazon Web Services (AWS) service should the developer use?",
      "answers": [
        "AWS CodeBuild",
        "Amazon S3",
        "AWS CodeCommit",
        "AWS Cloud9"
      ],
      "correctAnswer": ["AWS CodeCommit"]
    }
  },
  {
    "id": "1425",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer is developing an application that makes use of an Amazon API Gateway REST API and an AWS Lambda function that communicates with an Amazon DynamoDB database. During testing, the developer notices excessive latency while performing API queries. How can the developer determine the total latency and pinpoint performance bottlenecks?",
      "answers": [
        "Enable AWS CloudTrail logging and use the logs to map each latency and bottleneck.",
        "Enable and configure AWS X-Ray tracing on API Gateway and the Lambda function. Use X-Ray to trace and analyze user requests.",
        "Enable Amazon CloudWatch Logs for the Lambda function. Enable execution logs for API Gateway to view and analyze user request logs.",
        "Enable VPC Flow Logs to capture and analyze network traffic within the VPC."
      ],
      "correctAnswer": ["Enable and configure AWS X-Ray tracing on API Gateway and the Lambda function. Use X-Ray to trace and analyze user requests."]
    }
  },
  {
    "id": "1426",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer using AWS CodeDeploy to automate the deployment of an application that connects to a remote MySQL database. The developer wishes to access encrypted secrets such as API keys and database passwords safely. Which of the following alternatives would need the LEAST amount of administrative work?",
      "answers": [
        "Save the secrets in Amazon S3 with AWS KMS server-side encryption, and use a signed URL to access them by using the IAM role from Amazon EC2 instances.",
        "Use the instance metadata to store the secrets and to programmatically access the secrets from EC2 instances.",
        "Use the Amazon DynamoDB client-side encryption library to save the secrets in DynamoDB and to programmatically access the secrets from EC2 instances.",
        "Use AWS SSM Parameter Store to store the secrets and to programmatically access them by using the IAM role from EC2 instances."
      ],
      "correctAnswer": ["Use AWS SSM Parameter Store to store the secrets and to programmatically access them by using the IAM role from EC2 instances."]
    }
  },
  {
    "id": "1427",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer is establishing an Auto Scaling group for instances that must submit a custom metric to Amazon CloudWatch. Which technique is the SECUREST approach for authenticating a CloudWatch PUT request?",
      "answers": [
        "Create an IAM user with PutMetricData permission and put the user credentials in a private repository; have applications pull the credentials as needed.",
        "Create an IAM user with PutMetricData permission, and modify the Auto Scaling launch configuration to inject the user credentials into the instance user data.",
        "Modify the CloudWatch metric policies to allow the PutMetricData permission to instances from the Auto Scaling group.",
        "Create an IAM role with PutMetricData permission and modify the Auto Scaling launching configuration to launch instances using that role."
      ],
      "correctAnswer": ["Create an IAM role with PutMetricData permission and modify the Auto Scaling launching configuration to launch instances using that role."]
    }
  },
  {
    "id": "1428",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "Given the AWS CloudFormation template below: Description: Creates a new Amazon S3 bucket for shared content. Uses a random bucket name to avoid conflicts. Resources: ContentBucket: Type: AWS::S3::Bucket, Outputs: ContentBucketName: Value: !Ref ContentBucket. Which method is the MOST EFFECTIVE for referencing the newly created Amazon S3 bucket from another AWS CloudFormation template?",
      "answers": [
        "Add an Export declaration to the Outputs section of the original template and use ImportValue in other templates.",
        "Add Exported: true to the ContentBucket in the original template and use ImportResource in other templates.",
        "Create a custom AWS CloudFormation resource that gets the bucket name from the ContentBucket resource of the first stack.",
        "Use Fn::Include to include the existing template in other templates and use the ContentBucket resource directly."
      ],
      "correctAnswer": ["Add an Export declaration to the Outputs section of the original template and use ImportValue in other templates."]
    }
  },
  {
    "id": "1429",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer is transferring code to an Amazon Lambda function that will interact with an Amazon Aurora MySQL database. What is the SECUREST method for authenticating the function against the database?",
      "answers": [
        "Store the database credentials as encrypted parameters in AWS Systems Manager Parameters Store. Obtain the credentials from Systems Manager when the Lambda function needs to connect to the database.",
        "Store the database credentials in AWS Secrets Manager. Let Secrets Manager handle the rotation of the credentials, as required.",
        "Store the database credentials in an Amazon S3 bucket that has a restrictive bucket policy for the Lambda role when accessing the credentials. Use AWS KMS to encrypt the data.",
        "Create a policy with rds-db:connect access to the database and attach it to the role assigned to the Lambda function."
      ],
      "correctAnswer": ["Create a policy with rds-db:connect access to the database and attach it to the role assigned to the Lambda function."]
    }
  },
  {
    "id": "1430",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer has an Amazon DynamoDB table that requires provisioning in order to meet user needs. The application must have the following features: -Average item size: 10 KB -Item reads each second: 10 strongly consistent -Item writes each second: 2 transactional. Which read and write capability satisfies these needs most economically?",
      "answers": [
        "Read 10; write 2",
        "Read 30; write 40",
        "Use on-demand scaling",
        "Read 300; write 400"
      ],
      "correctAnswer": ["Read 30; write 40"]
    }
  },
  {
    "id": "1431",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer wishes to deliver multi-value headers to an AWS Lambda function that is registered with an Application Load Balancer as a target (ALB). What actions should the developer take to accomplish this?",
      "answers": [
        "Place the Lambda function and target group in the same account.",
        "Send the request body to the Lambda function with a size less than 1 MB.",
        "Include the Base64 encoding status, status code, status description, and headers in the Lambda function.",
        "Enable the multi-value headers on the ALB."
      ],
      "correctAnswer": ["Enable the multi-value headers on the ALB."]
    }
  },
  {
    "id": "1432",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer is developing a new AWS Serverless Application Model (AWS SAM) template that includes an AWS Lambda function. The Lambda function executes sophisticated code. The developer want to run the Lambda function on a larger CPU. What should the developer do to comply with this stipulation?",
      "answers": [
        "Increase the runtime engine version.",
        "Increase the timeout.",
        "Increase the number of Lambda layers.",
        "Increase the memory."
      ],
      "correctAnswer": ["Increase the memory."]
    }
  },
  {
    "id": "1433",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A web application is being developed to audit several Amazon Web Services accounts. The application will be hosted in Account A and will need access to AWS services hosted in Accounts B and C. What is the SAFEST method for the application to access AWS services in each audited account?",
      "answers": [
        "Configure cross-account roles in each audited account. Write code in Account A that assumes those roles",
        "Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions",
        "Deploy an application in each audited account with its own role. Have Account A authenticate with the application",
        "Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys"
      ],
      "correctAnswer": ["Configure cross-account roles in each audited account. Write code in Account A that assumes those roles"]
    }
  },
  {
    "id": "1434",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "Given the source code for an AWS Lambda function in the local file store.py, which includes the handler function get store, and the accompanying AWS CloudFormation template: Transform: AWS::Serverless-2016-10-31, Resources: StoreFunc: Type: AWS:Serverless:Function, Properties: Handler store.get_store Runtime: python3.6. What should be done to prepare the template for deployment through the AWS Command Line Interface command aws cloudformation deploy?",
      "answers": [
        "Use aws cloudformation compile to base64 encode and embed the source file into a modified CloudFormation template.",
        "Use aws cloudformation package to upload the source code to an Amazon S3 bucket and produce a modified CloudFormation template.",
        "Use aws lambda zip to package the source file together with the CloudFormation template and deploy the resulting zip archive.",
        "Use aws serverless create-package to embed the source file directly into the existing CloudFormation template."
      ],
      "correctAnswer": ["Use aws cloudformation package to upload the source code to an Amazon S3 bucket and produce a modified CloudFormation template."]
    }
  },
  {
    "id": "1435",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "How can a developer debug AWS Lambda code delivered using AWS Serverless Application Model (AWS SAM)?",
      "answers": [
        "Download the Lambda code locally and use the AWS CLI to execute it",
        "Use the Lambda console to connect the debugger",
        "Use AWS SAM to invoke a function locally in debug mode",
        "Connect a third-party-compatible integrated development environment (IDE) to the Lambda debugger endpoint"
      ],
      "correctAnswer": ["Use AWS SAM to invoke a function locally in debug mode"]
    }
  },
  {
    "id": "1436",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "When designing an AWS Lambda function that processes Amazon Kinesis Data Streams, administrators must get a notification including the processed data. How should the developer create the function responsible for sending processed data to the Administrators?",
      "answers": [
        "Separate the Lambda handler from the core logic",
        "Use Amazon CloudWatch Events to send the processed data",
        "Publish the processed data to an Amazon SNS topic",
        "Push the processed data to Amazon SQS"
      ],
      "correctAnswer": ["Publish the processed data to an Amazon SNS topic"]
    }
  },
  {
    "id": "1437",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "AWS CodeBuild generates the source code for an application, develops the Docker image, uploads it to Amazon Elastic Container Registry (Amazon ECR), and tags it with a unique identifier. If developers already have the AWS CLI setup on their workstations, how are the Docker images downloaded to the workstations?",
      "answers": [
        "Run the following: docker pull REPOSITORY URI : TAG",
        "Run the output of the following: aws ecr get-login and then run: docker pull REPOSITORY URI : TAG",
        "Run the following: aws ecr get-login and then run: docker pull REPOSITORY URI : TAG",
        "Run the output of the following: aws ecr get-download-url-for-layer and then run: docker pull REPOSITORY URI : TAG"
      ],
      "correctAnswer": ["Run the output of the following: aws ecr get-login and then run: docker pull REPOSITORY URI : TAG"]
    }
  },
  {
    "id": "1438",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "A developer is developing a Lambda function and want to use external libraries that are not included in the standard Lambda libraries. Which operation would result in the least amount of Lambda compute time being consumed?",
      "answers": [
        "Install the dependencies and external libraries at the beginning of the Lambda function.",
        "Create a Lambda deployment package that includes the external libraries.",
        "Copy the external libraries to Amazon S3, and reference the external libraries to the S3 location.",
        "Install the external libraries in Lambda to be available to all Lambda functions."
      ],
      "correctAnswer": ["Create a Lambda deployment package that includes the external libraries."]
    }
  },
  {
    "id": "1439",
    "category": "Cloud Concepts",
    "info": {
      "subcategory": "Test Example Questions",
      "questionType": "multiple choice 1",
      "question": "The following conditions apply to an application: -Performance efficiency of seconds with up to a minute of latency. -The data storage size may grow up to thousands of terabytes. -Per-message sizes may vary between 100 KB and 100 MB. -Data can be stored as key/value stores supporting eventual consistency. Which AWS service would be the MOST cost-effective to accomplish these requirements?",
      "answers": [
        "Amazon DynamoDB",
        "Amazon S3",
        "Amazon RDS (with a MySQL engine)",
        "Amazon ElastiCache"
      ],
      "correctAnswer": ["Amazon S3"]
    }
  }
]