Testking DVA-C01 Questions are updated and all DVA-C01 answers are verified by experts. Once you have completely prepared with our DVA-C01 exam prep kits you will be ready for the real DVA-C01 exam without a problem. We have Improved Amazon-Web-Services DVA-C01 dumps study guide. PASSED DVA-C01 First attempt! Here What I Did.
Online Amazon-Web-Services DVA-C01 free dumps demo Below:
NEW QUESTION 1
An orgAMzation is setting up their website on AWS. The orgAMzation is working on various security measures to be performed on the AWS EC2 instances. Which of the below mentioned security mechAMsms will not help the orgAMzation to avoid future data leaks and identify security weaknesses?
- A. Perform SQL injection for application testing.
- B. Run penetration testing on AWS with prior approval from Amazon.
- C. Perform a hardening test on the AWS instance.
- D. Perform a Code Check for any memory leak
Answer: D
Explanation:
AWS security follows the shared security model where the user is as much responsible as Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an orgAMzation is planning to host their application on AWS EC2, they should perform the below mentioned security checks as a measure to find any security weakness/data leaks:
Perform penetration testing as performed by attackers to find any vulnerability. The orgAMzation must take an approval from AWS before performing penetration testing
Perform hardening testing to find if there are any unnecessary ports open Perform SQL injection to find any DB security issues
The code memory checks are generally useful when the orgAMzation wants to improve the application performance.
Reference: http://aws.amazon.com/security/penetration-testing/
NEW QUESTION 2
A user wants to access RDS from an EC2 instance using IP addresses. Both RDS and EC2 are in the same region, but different AZs. Which of the below mentioned options help configure that the instance is accessed faster?
- A. Configure the Private IP of the Instance in RDS security group
- B. Security group of EC2 allowed in the RDS security group
- C. Configuring the elastic IP of the instance in RDS security group
- D. Configure the Public IP of the instance in RDS security group
Answer: A
Explanation:
If the user is going to specify an IP range in RDS security group, AWS recommends using the private IP address of the Amazon EC2 instance. This provides a more direct network route from the Amazon EC2 instance to the Amazon RDS DB instance, and does not incur network charges for the data sent outside of the Amazon network.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html
NEW QUESTION 3
When you register an actMty in Amazon SWF, you provide the following information, except:
- A. a name
- B. timeout values
- C. a domain
- D. version
Answer: C
Explanation:
When designing an Amazon SWF workflow, you precisely define each of the required actMties. You then register each actMty with Amazon SWF as an actMty type. When you register the actMty, you provide information such as a name and version, and some timeout values based on how long you expect the actMty to take.
Reference: http://docs.aws.amazon.com/amazonswf/latest/developerguide/swf-dg-intro-to-swf.html
NEW QUESTION 4
ExamKiIIer (with AWS account ID 111122223333) has created 50 IAM users for its orgAMzation’s employees. What will be the AWS console URL for these associates?
- A. https:// 111122223333.signin.aws.amazon.com/conso|e/
- B. https:// signin.aws.amazon.com/consoIe/
- C. https://signin.aws.amazon.com/111122223333/conso|e/
- D. https://signin.aws.amazon.com/console/111122223333/
Answer: A
Explanation:
When an orgAMzation is using AWS IAM for creating various users and manage their access rights, the IAM user cannot use the login URL http://aws.amazon.com/console to access AWS management console. The console login URL for the IAM user will have AWS account ID of that orgAMzation to identify the IAM user belongs to particular account. The AWS console login URL for the IAM user will be https://
<AWS_Account_|D>.signin.aws.amazon.com/consoIe/. In this case it will be https:// 111122223333.signin.aws.amazon.com/consoIe/
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAIias.html
NEW QUESTION 5
Which of the following groups is AWS Elastic Beanstalk best suited for?
- A. Those who want to deploy and manage their applications within minutes in the AWS cloud
- B. Those who want to privately store and manage Git repositories in the AWS cloud.
- C. Those who want to automate the deployment of applications to instances and to update the applications as required
- D. Those who want to model, visualize, and automate the steps required to release software
Answer: A
Explanation:
AWS Elastic Beanstalk is best suited for those groups who want to deploy and manage their applications within minutes in the AWS cloud. As a bonus, you don’t even need experience with cloud computing to get started.
Reference: https://aws.amazon.com/elasticbeansta|k/faqs/
NEW QUESTION 6
Which of the following statements about SWF are true? Choose 3 answers
- A. SWF tasks are assigned once and never duplicated
- B. SWF requires an S3 bucket for workflow storage
- C. SWF workflow executions can last up to a year
- D. SWF triggers SNS notifications on task assignment
- E. SWF uses deciders and workers to complete tasks
- F. SWF requires atleast 1 EC2 instance per domain
Answer: ACE
NEW QUESTION 7
When working with AWS CIoudFormation Templates what is the maximum number of stacks that you can create?
- A. 500
- B. 50
- C. 20
- D. 10
Answer: C
Explanation:
C|oudFormation Limits
Maximum number of AWS CIoudFormation stacks that you can create is 20 stacks. Reference:
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/cloudformation-Iimits.htmI
NEW QUESTION 8
A user has created an EBS instance in the US-East-1a AZ. The user has a volume of 30 GB in the US-East-1 b zone. How can the user attach the volume to an instance?
- A. Since both the volume and the instance are in the same region, the user can attach the volume
- B. Use the volume migrate function to move the volume from one AZ to another and attach to the instance
- C. Take a snapshot of the volum
- D. Create a new volume in the USEast-1a and attach that to the instance
- E. Use the volume replicate function to create a new volume in the US-East-1a and attach that to the volume
Answer: C
Explanation:
If an EBS volume is not in the same AZ of an EC2 instance, it cannot be attached to the instance. The only option is to take a snapshot of the volume and create a new volume in the instance’s AZ. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.htmI
NEW QUESTION 9
A user has attached one RDS security group with 5 RDS instances. The user has changed the ingress rule for the security group. What will be the initial status of the ingress rule?
- A. Approving
- B. Implementing
- C. Authorizing
- D. It is not possible to assign a single group to multiple DB instances
Answer: C
Explanation:
When the user makes any changes to the RDS security group the rule status will be authorizing for some time until the changes are applied to all instances that the group is connected with. Once the changes are propagated the rule status will change to authorized.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html
NEW QUESTION 10
Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table.
What is the most secure approach for signing requests to the DynamoDB API?
- A. Create an IAM user with access credentials that are distributed with the mobile app to sign the requests
- B. Distribute the AWS root account access credentials with the mobile app to sign the requests
- C. Request temporary security credentials using web identity federation to sign the requests
- D. Establish cross account access between the mobile app and the DynamoDB table to sign the requests
Answer: C
NEW QUESTION 11
An orgAMzation has enabled a strict password policy for its IAM users. The orgAMzation is taking help from the IAM console to set the password policy. Which of the below mentioned rules cannot be specified by the user as a part of the policy?
- A. Allow at least one lower case letter
- B. Allow at least one number
- C. Allow at least one non-alphanumeric character
- D. Do not allow the user to use the password from the last three passwords
Answer: D
Explanation:
AWS IAM allows an orgAMzation to create multiple users and provide them access to various AWS services. By default when the user is created, he does not have password enabled and can not login to AWS console. If the orgAMzation wants to allow the users to login to AWS console, they can enable password for each user. It is required that IAM users follow certain guidelines to set their IAM login password. For this IAM provides root account owner to setup passwrod policy. The password policy also lets the specify whether all IAM users can change their own passwords. As part of policy, orgAMzation can specify that passwords for IAM users must be of a certain minimum length, must include certain characters, and a few more criteria such as below.
One upper/ lower or both letters One alpha numeric
One number
Reference: http://docs.aws.amazon.com/|AM/Iatest/UserGuide/Using_ManagingPasswordPoIicies.htm|
NEW QUESTION 12
When you create a table with a hash-and-range key, you must define one or more secondary indexes on that table.
- A. False, hash-range key is another name for secondary index
- B. False, it is optional
- C. True
- D. False, when you have Hash-Range key you cannot define Secondary index
Answer: B
Explanation:
When you create a table with a hash-and-range key in DynamoDB, you can also define one or more secondary indexes on that table.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/LSI.htmI
NEW QUESTION 13
In regard to DynamoDB, which of the following statements is correct?
- A. An Item should have at least two value sets, a primary key and another attribute.
- B. An Item can have more than one attributes.
- C. A primary key should be single-valued.
- D. An attribute can have one or several other attribute
Answer: B
Explanation:
In Amazon DynamoDB, a database is a collection of tables. A table is a collection of items and each item
is a collection of attributes.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModeI.html
NEW QUESTION 14
Which of the below mentioned commands allows the user to share the AMI with his peers using the AWS EC2 CLI?
- A. ec2-share-image-public
- B. ec2-share-image-account
- C. ec2-share-image
- D. ec2-modify-image-attribute
Answer: D
Explanation:
A user can share an AMI with another user / peer using the command: ec2-modify-image-attribute
<AMI-ID> -| -a <AWS Account |D>
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-expIicit.htmI
NEW QUESTION 15
Can you SSH to your private machines that reside in a VPC from outside without elastic IP?
- A. Yes, but only if you have direct connect or vpn
- B. Only if you are using a non-US region
- C. Only if you are using a US region
- D. No
Answer: A
Explanation:
The instances that reside in the private subnets of your VPC are not reachable from the Internet, meAMng that is not possible to ssh into them. To interact with them you can use a bastion server, located in a public subnet, that will act as a proxy for them.
You can also connect if you have direct connect or vpn.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html
NEW QUESTION 16
Can you configure an RDS Read Replica using CIoudFormation templates?
- A. Yes, provided that you have root access.
- B. Yes, when you create a new CIoudFormation template
- C. Yes, but not for all Regions.
- D. No, you can add the ReadRepIica only when the resource is made available by CIoudFormation
Answer: B
Explanation:
AWS CIoudFormation gives developers and systems administrators an easy way to create and manage collections of AWS resources. You can now set Read Replicas for your databases with RDS when you create a new C|oudFormation tempIate.You can start using it with the sample template of C|oudFormation.
Reference:
https://s3.amazonaws.com/cloudformation-templates-us-east-1/RDS_MySQL_With_Read_RepIica.tempI
NEW QUESTION 17
In DynamoDB, if you create a table and request 10 units of write capacity and 200 units of read capacity of provisioned throughput, how much would you be charged in US East (Northern Virginia) Region?
- A. $0.05 per hour
- B. $0.10 per hour
- C. $0.03 per hour
- D. $0.15 per hour
Answer: A
Explanation:
To understand pricing in DynamoDB, consider the following example. If you create a table and request 10 units of write capacity and 200 units of read capacity of provisioned throughput, you would be charged:
$0.01 + (4 x $0.01) = $0.05 per hour
Reference: http://aws.amazon.com/dynamodb/pricing/
NEW QUESTION 18
A user has created a snapshot of an EBS volume. Which of the below mentioned usage cases is not possible with respect to a snapshot?
- A. Nlirroring the volume from one AZ to another AZ
- B. Launch an instance
- C. Decrease the volume size
- D. Increase the size of the volume
Answer: C
Explanation:
The EBS snapshots are a point in time backup ofthe volume. It is helpful to move the volume from one AZ to another or launch a new instance. The user can increase the size of the volume but cannot decrease it less than the original snapshot size.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.htmI
NEW QUESTION 19
A user plans to use RDS as a managed DB platform. Which of the below mentioned features is not supported by RDS?
- A. Automated backup
- B. Automated scaling to manage a higher load
- C. Automated failure detection and recovery
- D. Automated software patching
Answer: B
Explanation:
AWS RDS provides a managed DB platform, which offers features, such as automated backup, patch management, automated failure detection and recovery. The scaling is not automated and the user needs to plan it with a few clicks.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
NEW QUESTION 20
A user is enabling a static website hosting on an S3 bucket. Which of the below mentioned parameters cannot be configured by the user?
- A. Error document
- B. Conditional error on object name
- C. Index document
- D. Conditional redirection on object name
Answer: B
Explanation:
To host a static website, the user needs to configure an Amazon S3 bucket for website hosting and then upload the website contents to the bucket. The user can configure the index, error document as well as configure the conditional routing of on object name.
Reference: http://docs.aws.amazon.com/AmazonS3/Iatest/dev/HowDoIWebsiteConfiguration.htm|
NEW QUESTION 21
Does DynamoDB support in-place atomic updates?
- A. It is not defined
- B. Yes
- C. It does support in-place non-atomic updates
- D. No
Answer: B
Explanation:
DynamoDB supports in-place atomic updates. Reference:
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/\NorkingWithItems.htmI#Working WithItems.AtomicCounters
NEW QUESTION 22
Regarding Amazon SQS, are there restrictions on the names of Amazon SQS queues?
- A. No
- B. Ye
- C. Queue names must be unique within an AWS account and you cannot use hyphens (-) and underscores (_)
- D. Ye
- E. Queue names are limited to 80 characters and queue names must be unique within an AWS account
- F. Ye
- G. Queue names are limited to 80 characters but queue names do not need to be unique within an AWS account
Answer: C
Explanation:
Queue names are limited to 80 characters. Alphanumeric characters plus hyphens (-) and underscores (_) are allowed. Queue names must be unique within an AWS account. After you delete a queue, you can reuse the queue name.
Reference: https://aws.amazon.com/sqs/faqs/
NEW QUESTION 23
A user is creating an ELB with VPC. Which of the following options is available as a part of the "Add EC2 instances" page?
- A. Select Subnet
- B. Select IAM
- C. Select ENI
- D. Select VPC
Answer: A
Explanation:
When a user is launching an ELB with VPC, he/she has to select the options, such as subnet and security group before selecting the instances part of that subnet.
Reference:
http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/Deve|operGuide/elb-getting-started.htmI
NEW QUESTION 24
When AutoScaIing is launching a new instance based on condition, which of the below mentioned policies will it follow?
- A. Based on the criteria defined with cross zone Load balancing
- B. Launch an instance which has the highest load distribution
- C. Launch an instance in the AZ with the fewest instances
- D. Launch an instance in the AZ which has the highest instances
Answer: C
Explanation:
AutoScaIing attempts to distribute instances evenly between the Availability Zones that are enabled for the user’s AutoScaIing group. Auto Scaling does this by attempting to launch new instances in the Availability Zone with the fewest instances.
Reference:http://docs.aws.amazon.com/AutoScaIing/latest/Deve|operGuide/AS_Concepts.htmI
NEW QUESTION 25
A user is creating a new EBS volume from an existing snapshot. The snapshot size shows 10 GB. Can the user create a volume of 30 GB from that snapshot?
- A. Provided the original volume has set the change size attribute to true
- B. Yes
- C. Provided the snapshot has the modify size attribute set as true
- D. No
Answer: B
Explanation:
A user can always create a new EBS volume of a higher size than the original snapshot size. The user cannot create a volume of a lower size. When the new volume is created the size in the instance will be shown as the original size. The user needs to change the size of the device with resize2fs or other OS specific commands.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.htmI
NEW QUESTION 26
A user is trying to create a list of IAM users with the AWS console. When the IAM users are created which of the below mentioned credentials will be enabled by default for the user?
- A. IAM access key and secret access key
- B. IAM X.509 certificates
- C. Nothin
- D. Everything is disabled by default
- E. IAM passwords
Answer: C
Explanation:
Newly created IAM users have no password and no access key (access key ID and secret access key). If the user needs to administer your AWS resources using the AWS Management Console, you can create
a password for the user. If the user needs to interact with AWS programmatically (using the command line interface (CLI), the AWS SDK, or service-specific APIs), you can create an access key for that user. The credentials you create for users are what they use to uniquely identify themselves to AWS.
Reference: http://docs.aws.amazon.com/IAM/|atest/UserGuide/Using_WorkingWithGroupsAndUsers.htmI
NEW QUESTION 27
How can you secure data at rest on an EBS volume?
- A. Attach the volume to an instance using EC2's SSL interface.
- B. Write the data randomly instead of sequentially.
- C. Use an encrypted file system on top of the BBS volume.
- D. Encrypt the volume using the S3 server-side encryption service.
- E. Create an IAM policy that restricts read and write access to the volum
Answer: C
NEW QUESTION 28
A user has launched an EC2 instance. However, due to some reason the instance was terminated. If the user wants to find out the reason for termination, where can he find the details?
- A. The user can get information from the AWS console, by checking the Instance description under the State transition reason label
- B. The user can get information from the AWS console, by checking the Instance description under the Instance Termination reason label
- C. The user can get information from the AWS console, by checking the Instance description under the Instance Status Change reason label
- D. It is not possible to find the details after the instance is terminated
Answer: A
Explanation:
An EC2 instance, once terminated, may be available in the AWS console for a while after termination. The user can find the details about the termination from the description tab under the label State transition reason. If the instance is still running, there will be no reason listed. If the user has explicitly stopped or terminated the instance, the reason will be "User initiated shutdown".
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_|nstanceStraightToTerminated.html
NEW QUESTION 29
In regard to DynamoDB, for which one of the following parameters does Amazon not charge you?
- A. Cost per provisioned write units
- B. Cost per provisioned read units
- C. Storage cost
- D. I/O usage within the same Region
Answer: D
Explanation:
In DynamoDB, you will be charged for the storage and the throughput you use rather than for the I/O which has been used.
Reference: http://aws.amazon.com/dynamodb/pricing/
NEW QUESTION 30
You cannot access your AWS console, so you revert to using the CLI that you are not familiar with. Which of the following commands is not a valid CLI command for EC2 instances?
- A. ec2-allocate-address
- B. ec2-attach-internet-gateway
- C. ec2-associate-route-table
- D. ec2-allocate-interface
Answer: D
Explanation:
You can use the CLI tools to manage your Amazon EC2 resources (such as instances, security groups, and volumes) and your Amazon VPC resources (such as VPCs, subnets, route tables, and Internet gateways). Before you can start using the tools, you must download and configure them.
The following are valid CLI commands for EC2 instances: ec2-accept-vpc-peering-connection
ec2-allocate-address
ec2-assign-private-ip-addresses ec2-associate-address
ec2-associate-dhcp-options ec2-associate-route-table
ec2-attach-internet-gateway
ec2-attach-network-interface (not ec2-allocate-interface) Reference:
http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/command-reference.html
NEW QUESTION 31
......
P.S. Easily pass DVA-C01 Exam with 116 Q&As Certleader Dumps & pdf Version, Welcome to Download the Newest Certleader DVA-C01 Dumps: https://www.certleader.com/DVA-C01-dumps.html (116 New Questions)