We provide real AWS-Certified-Developer-Associate exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Amazon AWS-Certified-Developer-Associate Exam quickly & easily. The AWS-Certified-Developer-Associate PDF type is available for reading and printing. You can print more and practice many times. With the help of our Amazon AWS-Certified-Developer-Associate dumps pdf and vce product and material, you can easily pass the AWS-Certified-Developer-Associate exam.
Q17. An orgAMzation has enabled a strict password policy for its IAM users. The orgAMzation is taking help from the IAM console to set the password policy. Which of the below mentioned rules cannot be specified by the user as a part of the policy?
A. Allow at least one lower case letter
B. Allow at least one number
C. Allow at least one non-alphanumeric character
D. Do not allow the user to use the password from the last three passwords
Answer: D
Explanation:
AWS IAM allows an orgAMzation to create multiple users and provide them access to various AWS services. By default when the user is created, he does not have password enabled and can not login to AWS console. If the orgAMzation wants to allow the users to login to AWS console, they can enable password for each user. It is required that IAM users follow certain guidelines to set their IAM login password. For this IAM provides root account owner to setup passwrod policy. The password policy also lets the specify whether all IAM users can change their own passwords. As part of policy, orgAMzation can specify that passwords for IAM users must be of a certain minimum length, must include certain characters, and a few more criteria such as below.
One upper/ lower or both letters One alpha numeric
One number
Reference: http://docs.aws.amazon.com/|AM/Iatest/UserGuide/Using_ManagingPasswordPoIicies.htm|
Q18. An orgAMzation is hosting an application as part of the free usage tier. The orgAMzation wants to create IAM users for each of its 150 employees and they may access AWS as part of free usage tier. What will you advise the orgAMzation?
A. The IAM is not available as a part of the free usage tier
B. Create IAM roles and give access based on role since it will not cost the user
C. Do not create more than 100 users as it will cost the orgAMzation.
D. Create IAM users for each employee as it does not cost
Answer: D
Explanation:
IAM is a free service. You can create as many IAM users or groups as desired free of cost. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_Introduction.htm|
Q19. You have been doing a lot of testing of your VPC Network by deliberately failing EC2 instances to test whether instances are failing over properly. Your customer who will be paying the AWS bill for all this asks you if he being charged for all these instances. You try to explain to him how the billing works on EC2 instances to the best of your knowledge. What would be an appropriate response to give to the customer
in regards to this?
A. Billing commences when Amazon EC2 AMI instance is completely up and billing ends as soon as the instance starts to shutdown.
B. Billing commences when Amazon EC2 initiates the boot sequence of an AMI instance and billing ends when the instance shuts down.
C. Billing only commences only after 1 hour of uptime and billing ends when the instance terminates.
D. Billing commences when Amazon EC2 initiates the boot sequence of an AMI instance and billing ends as soon as the instance starts to shutdown.
Answer: B
Explanation:
Billing commences when Amazon EC2 initiates the boot sequence of an AMI instance. Billing ends when the instance shuts down, which could occur through a web services command, by running "shutdown -h", or through instance failure.
Reference: http://aws.amazon.com/ec2/faqs/#BiIIing
Q20. A user is planning to host a scalable dynamic web application on AWS. Which of the services may not be required by the user to achieve automated scalability?
A. CIoudWatch
B. S3
C. AutoScaIing
D. AWS EC2 instances
Answer: B
Explanation:
The user can achieve automated scaling by launching different EC2 instances and making them a part of an ELB. Cloudwatch will be used to monitor the resources and based on the scaling need it will trigger policies. AutoScaIing is then used to scale up or down the instances.
Reference: http://docs.aws.amazon.com/AutoScaIing/latest/DeveIoperGuide/\NhatIsAutoScaIing.htmI
Q21. What kind of service is provided by AWS DynamoDB?
A. Relational Database
B. NoSQL Database
C. Dynamic Database
D. Document Database
Answer: B
Explanation:
DynamoDB is a fast, fully managed NoSQL database service. Reference: http://aws.amazon.com/dynamodb/
Q22. A user had defined an IAM policy similar to the one given below on a bucket:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "A||ow",
"PrincipaI": {
"AWS": "arn:aws:iam::12112112:user/test"
}!
"Action": [ "s3:GetBucketLocation", "s3:ListBucket", "s3:GetObject"
]!
"Resource": [ "arn:aws:s3:::examkiI|er"
}
}
What will this do?
A. It will result in an error saying invalid policy statement
B. It will create an IAM policy for the user test
C. Allows the user test of the AWS account ID 12112112 to perform GetBucketLocation, ListBucket and GetObject on the bucket examkiller
D. It will allow all the IAM users of the account ID 12112112 to perform GetBucketLocation, ListBucket and GetObject on bucket examkiller
Answer: C
Explanation:
The IAM policy allows to test a user in the account 12112112 to perform: s3:GetBucketLocation
s3:ListBucket s3:GetObject
Amazon S3 permissions on the examkiller bucket.
Reference: http://docs.aws.amazon.com/AmazonS3/Iatest/dev/access-policy-language-overview.html
Q23. Regarding Amazon SNS, you can send notification messages to mobile devices through any of the following supported push notification services, EXCEPT:
A. Google Cloud Messaging for Android (GCM)
B. Apple Push Notification Service (APNS)
C. Amazon Device Messaging (ADM)
D. Microsoft Windows Mobile Messaging (MWMM)
Answer: D
Explanation:
In Amazon SNS, you have the ability to send notification messages directly to apps on mobile devices. Notification messages sent to a mobile endpoint can appear in the mobile app as message alerts, badge updates, or even sound alerts. Microsoft Windows MobiIe Messaging (MWMM) doesn’t exist and is not supported by Amazon SNS.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SNSMobiIePush.htmI
Q24. An orgAMzation is setting up their website on AWS. The orgAMzation is working on various security measures to be performed on the AWS EC2 instances. Which of the below mentioned security mechAMsms will not help the orgAMzation to avoid future data leaks and identify security weaknesses?
A. Perform SQL injection for application testing.
B. Run penetration testing on AWS with prior approval from Amazon.
C. Perform a hardening test on the AWS instance.
D. Perform a Code Check for any memory leaks.
Answer: D
Explanation:
AWS security follows the shared security model where the user is as much responsible as Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an orgAMzation is planning to host their application on AWS EC2, they should perform the below mentioned security checks as a measure to find any security weakness/data leaks:
Perform penetration testing as performed by attackers to find any vulnerability. The orgAMzation must take an approval from AWS before performing penetration testing
Perform hardening testing to find if there are any unnecessary ports open Perform SQL injection to find any DB security issues
The code memory checks are generally useful when the orgAMzation wants to improve the application performance.
Reference: http://aws.amazon.com/security/penetration-testing/