[May 15, 2026] New Real AWS-Certified-Developer-Associate Exam Dumps Questions [Q33-Q57]

[May 15, 2026] New Real AWS-Certified-Developer-Associate Exam Dumps Questions

Pass Your AWS-Certified-Developer-Associate Exam Easily with Accurate AWS Certified Developer Associate Exam (DVA-C02) PDF Questions

NEW QUESTION # 33
A company has deployed an application on AWS Elastic Beanstalk The company has configured the Auto Scaling group that is associated with the Elastic Beanstalk environment to have five Amazon EC2 instances If the capacity is fewer than four EC2 instances during the deployment, application performance degrades The company is using the all-at-once deployment policy What is the MOST cost-effective way to solve the deployment issue1?

• A. Change the deployment policy to traffic splitting Specify an evaluation time of 1 hour.
• B. Change the deployment policy to rolling with additional batch Specify a batch size of 1
• C. Change the deployment policy to rolling Specify a batch size of 2.
• D. Change the Auto Scaling group to six desired instances

Answer: B

NEW QUESTION # 34
An existing serverless application processes uploaded image files. The process currently uses a single Lambda function that takes an image file, performs the processing, and stores the file in Amazon S3. Users of the application now require thumbnail generation of the images. Users want to avoid any impact to the time it takes to perform the image uploads.
How can thumbnail generation be added to the application, meeting user requirements while minimizing changes to existing code?

• A. Create an S3 event notification with a Lambda function destination. Create a new Lambda function to generate and store thumbnails.
• B. Create an S3 event notification to an SQS Queue. Create a scheduled Lambda function that processes the queue, and generates and stores thumbnails.
• C. Create a second Lambda function that handles thumbnail generation and storage. Change the existing Lambda function to invoke it asynchronously.
• D. Change the existing Lambda function handling the uploads to create thumbnails at the time of upload.
  Have the function store both the image and thumbnail in Amazon S3.

Answer: A

Explanation:
Explanation
https://docs.aws.amazon.com/lambda/latest/dg/with-s3-example.html

NEW QUESTION # 35
A current architecture uses many Lambda functions invoking one another as large state machine.
The coordination of this state machine is legacy custom code that breaks easily.
Which AWS Service can help refactor and manage the state machine?

• A. AWS Step Functions
• B. AWS Data Pipeline
• C. Amazon Elastic MapReduce
• D. AWS SNS with AWS SQS

Answer: A

NEW QUESTION # 36
A Developer is working on an application that handles 10MB documents that contain highly-sensitive data. The application will use AWS KMS to perform client-side encryption.
What steps must be followed?

• A. Invoke the GenerateRandom API to get a data encryption key, then use the data encryption key to encrypt the data
• B. Invoke the Encrypt API passing the plaintext data that must be encrypted, then reference the customer managed key ARN in the KeyId parameter
• C. Invoke the GenerateDataKey API to retrieve the plaintext version of the data encryption key to encrypt the data
• D. Invoke the GenerateDataKey API to retrieve the encrypted version of the data encryption key to encrypt the data

Answer: B

NEW QUESTION # 37
A banking company is building an application for users to create accounts, view balances, and review recent transactions. The company integrated an Amazon API Gateway REST API with AWS Lambda functions. The company wants to deploy a new version of a Lambda function that gives customers the ability to view their balances. The new version of the function displays customer transaction insights.
The company wants to test the new version with a small group of users before deciding whether to make the feature available for all users. Which solution will meet these requirements with the LEAST disruption to users?

• A. Redeploy the REST API stage to use the new version of the function. If issues are detected, update the REST API to point to the previous version of the function.
• B. Create a canary deployment for the REST API. Gradually increase traffic to the new version of the function. Revert traffic to the old version if issues are detected.
• C. Create a new REST API stage for the new version of the function. Create a weighted alias record set in Amazon Route 53 to distribute traffic between the original stage and the new stage.
• D. Deploy the new version of the function to a new stage in the REST API. Route traffic to the new stage.
  If the new version fails, route traffic to the original stage.

Answer: B

Explanation:
API Gateway's canary deployments allow gradual traffic shifting to a new version of a function, minimizing disruption while testing.
* Why Option A is Correct:
* Gradual Rollout: Reduces risk by incrementally increasing traffic.
* Rollback Support: Canary deployments make it easy to revert to the previous version.
* Why Not Other Options:
* Option B: Redeploying the stage disrupts all users.
* Option C & D: Managing new stages and weighted routing introduces unnecessary complexity.
:
Canary Deployments in API Gateway

NEW QUESTION # 38
What is required to trace Lambda-based applications with AWS X-Ray?

• A. Update and add AWS X-ray daemon code to relevant parts of the Lambda function to set up the trace.
• B. Use an IAM execution role to give the Lambda function permissions and enabled tracing.
• C. Send logs from the Lambda application to an S3 bucket trigger a Lambda function from that bucket to send data to AWS X-Ray.
• D. Trigger a Lambda function from the application logs in Amazon CloudWatch to submit tracing data to AWS X-Ray

Answer: A

NEW QUESTION # 39
Can I encrypt connections between my application and my DB Instance using SSL?

• A. No
• B. Yes
• C. Only in VPC
• D. Only in certain regions

Answer: B

NEW QUESTION # 40
A bookstore has an ecommerce website that stores order information in an Amazon DynamoDB table named BookOrders. The DynamoDB table contains approximately one million records.
The table uses OrderID as a partition key. There are no other indexes.
A developer wants to build a new reporting feature to retrieve all records from the table for a specified customer, based on a CustomerID property.

• A. Create a DynamoDB local secondary index (LSI) on the table. Use CustomerID as the sort key. Run a PartiQL query on the table with a SELECT statement where CustomerID equals the specified CustomerID value.
• B. Create a DynamoDB global secondary index (GSI) on the table. Use CustomerID as the partition key.
  Use the specified CustomerID value to run a query on the table.
• C. Create a DynamoDB global secondary index (GSI) on the table. Use CustomerID as the sort key. Use a filter expression to perform a scan operation on the table to match on the specified CustomerID value.
• D. Create a DynamoDB local secondary index (LSI) on the table. Use CustomerID as the partition key.Use the specified CustomerID value to run a query on the table.

Answer: B

Explanation:
Comprehensive and Detailed Step-by-Step Explanation:
The requirement is to query records by CustomerID, which is not the current partition key (OrderID). To achieve this efficiently:
* Option A: Create a GSI with CustomerID as the Partition Key:
* A Global Secondary Index (GSI) allows developers to create a different partition key and optional sort key for querying the data.
* By creating a GSI with CustomerID as the partition key, the developer can query the table efficiently using CustomerID as the primary lookup key.
* This avoids scanning the entire table and matches the requirement.
* Why Other Options Are Incorrect:
* Option B: Using CustomerID as a sort key for the GSI and performing a scan operation is inefficient. Queries are optimized, but scans are not.
* Option C and D: Local Secondary Indexes (LSI) are only valid when the partition key remains the same as the base table. Since OrderID is the base table's partition key, using CustomerID as the partition key or sort key in an LSI is not valid.
References:
Amazon DynamoDB Documentation: GSIs

NEW QUESTION # 41
A user has enabled automated backup for an RDS instance. What is the longest duration for which the user can retain the automated backup?

• A. 35 days
• B. 15 days
• C. 45 days
• D. 25 days

Answer: A

Explanation:
Amazon RDS provides two different methods for backing up and restoring the Amazon DB instances:
automated backups and DB snapshots. Automated backups automatically back up the DB instance during a specific, user-definable backup window, and keep the backups for a limited, user-specified period of time. The maximum period can be 35 days.

NEW QUESTION # 42
A company has applications running on Amazon EC2 instances in a private subnet with no internet connectivity.
The company deployed a new application that uses Amazon DynamoDB, but the application cannot connect to the DynamoDB tables. A developer already checked that all permissions are set correctly.
What should a database specialist do to resolve this issue while minimizing access to external resources?

• A. Add a route to an internet gateway in the subnet's route table.
• B. Add a route to a NAT gateway in the subnet's route table.
• C. Create a VPC endpoint for DynamoDB and add a route to the endpoint in the subnet's route table.
• D. Assign a new security group to the EC2 instances with an outbound rule to ports 80 and 443.

Answer: B

NEW QUESTION # 43
A Developer is writing a REST service that will add items to a shopping list. The service is built on Amazon API Gateway with AWS Lambda integrations. The shopping list items are sent as query string parameters in the method request.
How should the Developer convert the query string parameters to arguments for the Lambda function?

• A. Create a mapping template
• B. Include the Amazon Resource Name (ARN) of the Lambda function
• C. Enable request validation
• D. Change the integration type

Answer: D

Explanation:
Explanation/Reference: https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-api-step-by- step.html

NEW QUESTION # 44
You need to migrate 10 million records in one hour into DynamoDB. All records are 1.5KB in size.
The data is evenly distributed across the partition key. How many write capacity units should you provision during this batch load?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: B

Explanation:
You need 2 units to make a 1.5KB write, since you round up. You need 20 million total units to perform this load. You have 3600 seconds to do so. Divide and round up for 5556.

NEW QUESTION # 45
A developer is creating a serverless orchestrator that performs a series of steps to processes incoming loT data.
The orchestrator transforms the data, performs a series of calculations, and stores the results in Amazon DynamoDB. The entire process is completed in less than a minute.
The orchestrator must process tens of thousands of transactions each second. The orchestrator must not miss a transaction and must process each transaction at least once.
Which solution will meet these requirements MOST cost-effectively?

• A. Use Amazon Simple Notification Service (Amazon SNS) to process the data through an HTTP or HTTPS endpoint.
• B. Use AWS Step Functions to process the data as Synchronous Express Workflows.
• C. Use AWS Step Functions to process the data as Standard Workflows.
• D. Use AWS Step Functions to process the data as Asynchronous Express Workflows.

Answer: D

NEW QUESTION # 46
A company developed a set of APIs that are being served through the Amazon API Gateway. The API calls need to be authenticated based on OpenID identity providers such as Amazon or Facebook. The APIs should allow access based on a custom authorization model.
Which is the simplest and MOST secure design to use to build an authentication and authorization model for the APIs?

• A. Build a OpenID token broker with Amazon and Facebook. Users will authenticate with these identify providers and pass the JSON Web Token to the API to authenticate each API call.
• B. Store user credentials in Amazon DynamoDB and have the application retrieve temporary credentials from AWS STS. Make API calls by passing user credentials to the APIs for authentication and authorization.
• C. Use Amazon RDS to store user credentials and pass them to the APIs for authentications and authorization.
• D. Use Amazon Cognito user pools and a custom authorizer to authenticate and authorize users based on JSON Web Tokens.

Answer: D

NEW QUESTION # 47
A Developer is writing a REST service that will add items to a shopping list. The service is built on Amazon API Gateway with AWS Lambda integrations. The shopping list items are send as query string parameters in the method request.
How should the Developer convert the query string parameters to arguments for the Lambda function?

• A. Create a mapping template
• B. Include the Amazon Resource Name (ARN) of the Lambda function
• C. Enable request validation
• D. Change the integration type

Answer: D

Explanation:
Explanation
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-integration-types.html

NEW QUESTION # 48
An application is using single -node Amazon ElastiCache for Redis instance to improve read performance.
Over time, demand for the application has increased exponentially, which has increased the load on the ElastiCache instance. It is critical that this cache layer handles the load and is resilient in case of node failures.
What can the Developer do to address the load and resiliency requirements?

• A. Migrate to a Memcached cluster.
• B. Migrate to an Amazon ElastiCache service cluster.
• C. Vertically scale the ElastiCache instance.
• D. Add a read replica instance.

Answer: D

NEW QUESTION # 49
A Developer executed a AWS CLI command and received the error shown below:

What action should the Developer perform to make this error human-readable?

• A. Use an open source decoding library to decode the message.
• B. Make a call to AWS KMS to decode the message.
• C. Use the AWS STS decode-authorization-message API to decode the message.
• D. Use the AWS IAM decode-authorization-message API to decode this message.

Answer: A

NEW QUESTION # 50
A Developer created configuration specifications for an AWS Elastic Beanstalk application in a file named healthcheckurl.yaml in the .ebextensions/directory of their application source bundle. The file contains the following:

After the application launches, the health check is not being run on the correct path, event though it is valid.
What can be done to correct this configuration file?

• A. Change the namespace of the option settings to a cusom namespace.
• B. Rename the file to a .config extension.
• C. Convert the file to JSON format.
• D. Change the configuration section from options_settings to resources.

Answer: B

NEW QUESTION # 51
A user is running a MySQL RDS instance. The user will not use the DB for the next 3 months.
How can the user save costs?

• A. Create a snapshot of RDS to launch in the future and terminate the instance now
• B. Pause the RDS activities from CLI until it is required in the future
• C. Change the instance size to micro
• D. Stop the RDS instance

Answer: A

Explanation:
The RDS instances unlike the AWS EBS backed instances cannot be stopped or paused.
The user needs to take the final snapshot, terminate the instance and launch a new instance in the future from that snapshot.

NEW QUESTION # 52
A user is launching an AWS RDS instance with MySQL. The user wants to enable the Multi AZ feature.
Which of the below mentioned parameters will not be allowed to configure by RDS?

• A. DB subnet group
• B. Database port
• C. Region
• D. Availability Zone

Answer: D

Explanation:
If the user is launching RDS with Multi AZ the user cannot provision the Availability Zone. RDS is
launched automatically instead
Reference: https://console.aws.amazon.com/rds/

NEW QUESTION # 53
You run an ad-supported photo sharing website using S3 to serve photos to visitors of your site. At some
point you find out that other sites have been linking to the photos on your site, causing loss to your
business.
What is an effective method to mitigate this?

• A. Use CloudFront distributions for static content.
• B. Store photos on an EBS volume of the web server
• C. Remove public read access and use signed URLs with expiry dates.
• D. Block the IPs of the offending websites in Security Groups.

Answer: C

NEW QUESTION # 54
A company has an online web application that includes a product catalog. The catalog is stored in an Amazon S3 bucket that is named DOC-EXAMPLE-BUCKET. The application must be able to list the objects in the S3 bucket and must be able to download objects through an 1AM policy.
Which policy allows MINIMUM access to meet these requirements?

• A. Option D
• B. Option B
• C. Option A
• D. Option C

Answer: C

NEW QUESTION # 55
A company needs to encrypt data at rest, but it wants to leverage an AWS managed service using its own master key.
Which of the following AWS service can be used to meet these requirements?

• A. AWS IAM roles and policies
• B. SSE with Amazon S3
• C. SSE with AWS KMS
• D. Client-side encryption

Answer: C

NEW QUESTION # 56
A Developer is creating an Auto Scaling group whose instances need to publish a custom metric to Amazon CloudWatch.
Which method would be the MOST secure way to authenticate a CloudWatch PUT request?

• A. Modify the CloudWatch metric policies to allow the PutMetricData permission to instances from the Auto Scaling group.
• B. Create an IAM user with PutMetricData permission and put the user credentials in a private repository; have applications pull the credentials as needed.
• C. Create an IAM role with PutMetricData permission and modify the Auto Scaling launching configuration to launch instances using that role.
• D. Create an IAM user with PutMetricData permission, and modify the Auto Scaling launch configuration to inject the user credentials into the instance user data.

Answer: C

NEW QUESTION # 57
......

Updated AWS-Certified-Developer-Associate Exam Practice Test Questions: https://passleader.briandumpsprep.com/AWS-Certified-Developer-Associate-prep-exam-braindumps.html