How Many Questions Of DVA-C01 Testing Material

NEW QUESTION 1
In Amazon SNS, to send push notifications to mobile devices using Amazon SNS and ADM, you need to obtain the following, except:

• A. Client secret
• B. Client ID
• C. Device token
• D. Registration ID

Answer: C

Explanation:
To send push notifications to mobile devices using Amazon SNS and ADM, you need to obtain the following: Registration ID and Client secret.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SNSMobiIePushPrereq.htmI

NEW QUESTION 2
A user plans to use RDS as a managed DB platform. Which of the below mentioned features is not supported by RDS?

• A. Automated backup
• B. Automated scaling to manage a higher load
• C. Automated failure detection and recovery
• D. Automated software patching

Answer: B

Explanation:
AWS RDS provides a managed DB platform, which offers features, such as automated backup, patch management, automated failure detection and recovery. The scaling is not automated and the user needs to plan it with a few clicks.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html

NEW QUESTION 3
In regard to DynamoDB, can I modify the index once it is created?

• A. Yes, if it is a primary hash key index
• B. Yes, if it is a Global secondary index
• C. No
• D. Yes, if it is a local secondary index

Answer: C

Explanation:
Currently, in DynamoDB, an index cannot be modified once it is created. Reference: http://aws.amazon.com/dynamodb/faqs/#security_anchor

NEW QUESTION 4
An orgAMzation is setting up their website on AWS. The orgAMzation is working on various security measures to be performed on the AWS EC2 instances. Which of the below mentioned security mechAMsms will not help the orgAMzation to avoid future data leaks and identify security weaknesses?

• A. Perform SQL injection for application testing.
• B. Run penetration testing on AWS with prior approval from Amazon.
• C. Perform a hardening test on the AWS instance.
• D. Perform a Code Check for any memory leak

Answer: D

Explanation:
AWS security follows the shared security model where the user is as much responsible as Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an orgAMzation is planning to host their application on AWS EC2, they should perform the below mentioned security checks as a measure to find any security weakness/data leaks:
Perform penetration testing as performed by attackers to find any vulnerability. The orgAMzation must take an approval from AWS before performing penetration testing
Perform hardening testing to find if there are any unnecessary ports open Perform SQL injection to find any DB security issues
The code memory checks are generally useful when the orgAMzation wants to improve the application performance.
Reference: http://aws.amazon.com/security/penetration-testing/

NEW QUESTION 5
A root account owner is trying to setup an additional level of security for all his IAM users. Which of the below mentioned options is a recommended solution for the account owner?

• A. Enable access key and secret access key for all the IAM users
• B. Enable MFA for all IAM users
• C. Enable the password for all the IAM users
• D. Enable MFA for the root account

Answer: B

Explanation:
Multi-Factor Authentication adds an extra level of security for all the users. The user can enable MFA for all IAM users which ensures that each user has to provide an extra six digit code for authentication. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingMFA.htmI

NEW QUESTION 6
When uploading an object, what request header can be explicitly specified in a request to Amazon S3 to encrypt object data when saved on the server side?

• A. x-amz-storage-class
• B. Content-MD5
• C. x-amz-security-token
• D. x-amz-server-side-encryption

Answer: D

NEW QUESTION 7
An orgAMzation has created 10 IAM users. The orgAMzation wants those users to work independently and access AWS. Which of the below mentioned options is not a possible solution?

• A. Create the access key and secret access key for each user and provide access to AWS using the console
• B. Create the X.509 certificate for each user and provide them access to AWS CLI
• C. Enable MFA for each IAM user and assign them the virtual MFA device to access the console
• D. Provide each user with the IAM login and password for the AWS console

Answer: A

Explanation:
If an orgAMzation has created the IAM users, the users can access AWS services either with an IAM specific login/password or console. The orgAMzation can generate the IAM X.509 certificates to access AWS with CLI. The orgAMzation can also enable MFA for each IAM user, which allows an added security for each IAM user. If the orgAMzation has created the access key and secret key than the user cannot access the console using those keys. Access key and secret access key are useful for CLI or
Webservices.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_Introduction.htm|

NEW QUESTION 8
Which features can be used to restrict access to data in S3? Choose 2 answers

• A. Use S3 Virtual Hosting
• B. Set an S3 Bucket policy.
• C. Enable IAM Identity Federation.
• D. Set an S3 ACL on the bucket or the object.
• E. Create a C|oudFront distribution for the bucket

Answer: CD

NEW QUESTION 9
A user is running a webserver on EC2. The user wants to receive the SMS when the EC2 instance utilization is above the threshold limit. Which AWS services should the user configure in this case?

• A. AWS CIoudWatch + AWS SES.
• B. AWS CIoudWatch + AWS SNS.
• C. AWS CIoudWatch + AWS SQS.
• D. AWS EC2 + AWS Cloudwatc

Answer: B

Explanation:
Amazon SNS makes it simple and cost-effective to push to mobile devices, such as iPhone, iPad, Android, Kindle Fire, and internet connected smart devices, as well as pushing to other distributed services. In this case, the user can configure that Cloudwatch sends an alarm on when the threshold is crossed to SNS which will trigger an SMS.
Reference: http://aws.amazon.com/sns/

NEW QUESTION 10
How can a user configure three termination policies for the AutoScaIing group?

• A. Define multiple policies in random order
• B. Define multiple policies in the ordered list
• C. Keep updating the AutoScaIing group with each policy
• D. The user cannot specify more than two policies for AutoScaIing

Answer: B

Explanation:
To configure the Auto Scaling termination policy, the user can either specify any one of the policies as a standalone policy or list multiple policies in an ordered list. The policies are executed in the order that they are listed.
Reference: http://docs.aws.amazon.com/AutoScaIing/latest/DeveIoperGuide/us-termination-policy.html

NEW QUESTION 11
You have written an application that uses the Elastic Load Balancing service to spread traffic to several web servers Your users complain that they are sometimes forced to login again in the middle of using your application, after they have already togged in. This is not behavior you have designed. What is a possible solution to prevent this happening?

• A. Use instance memory to save session state.
• B. Use instance storage to save session state.
• C. Use EBS to save session state
• D. Use EIastiCache to save session state.
• E. Use Glacier to save session slat

Answer: D

NEW QUESTION 12
In DynamoDB, the default table size is:

• A. 5 GB
• B. 1 GB
• C. 10 GB
• D. There is no table size

Answer: D

Explanation:
DynamoDB has seamless scalability with no table size limits and unlimited storage, so you shouIdn't be worried about managing storage on the host or to provisioning more drive, as your data requirement changes.
Reference: http://aws.amazon.com/dynamodb/

NEW QUESTION 13
In DynamoDB, to get a detailed listing of secondary indexes on a table, you can use the action.

• A. DescribeTabIe
• B. BatchGetItem
• C. Getltem
• D. TabIeName

Answer: A

Explanation:
In DynamoDB, DescribeTab|e returns information about the table, including the current status ofthe table, when it was created, the primary key schema, and any indexes on the table.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Secondarylndexes.htmI

NEW QUESTION 14
A meteorological system monitors 600 temperature gauges, obtaining temperature samples every minute and saving each sample to a DynamoDB table. Each sample involves writing 1K of data and the writes are evenly distributed over time.
How much write throughput is required for the target table?

• A. 1 write capacity unit
• B. 10 write capacity units
• C. 60 write capacity units
• D. 600 write capacity units
• E. 3600 write capacity units

Answer: B

NEW QUESTION 15
Can you SSH to your private machines that reside in a VPC from outside without elastic IP?

• A. Yes, but only if you have direct connect or vpn
• B. Only if you are using a non-US region
• C. Only if you are using a US region
• D. No

Answer: A

Explanation:
The instances that reside in the private subnets of your VPC are not reachable from the Internet, meAMng that is not possible to ssh into them. To interact with them you can use a bastion server, located in a public subnet, that will act as a proxy for them.
You can also connect if you have direct connect or vpn.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html

NEW QUESTION 16
......