Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Amazon
  3. AWS Certified Developer - Associate DVA-C02

Amazon AWS Certified Developer - Associate DVA-C02 Exam (page: 8)
Amazon AWS Certified Developer - Associate DVA-C02
Updated on: 24-Mar-2026

Viewing Page 8 of 71
AWS Certified Developer - Associate DVA-C02 PDF 544 Questions

A company needs to harden its container images before the images are in a running state. The company's application uses Amazon Elastic Container Registry (Amazon ECR) as an image registry. Amazon Elastic Kubernetes Service (Amazon EKS) for compute, and an AWS CodePipeline pipeline that orchestrates a continuous integration and continuous delivery (CI/CD) workflow.
Dynamic application security testing occurs in the final stage of the pipeline after a new image is deployed to a development namespace in the EKS cluster. A developer needs to place an analysis stage before this deployment to analyze the container image earlier in the CI/CD pipeline.
Which solution will meet these requirements with the MOST operational efficiency?

  1. Build the container image and run the docker scan command locally. Mitigate any findings before pushing changes to the source code repository. Write a pre-commit hook that enforces the use of this workflow before commit.
  2. Create a new CodePipeline stage that occurs after the container image is built. Configure ECR basic image scanning to scan on image push. Use an AWS Lambda function as the action provider. Configure the Lambda function to check the scan results and to fail the pipeline if there are findings.
  3. Create a new CodePipeline stage that occurs after source code has been retrieved from its repository. Run a security scanner on the latest revision of the source code. Fail the pipeline if there are findings.
  4. Add an action to the deployment stage of the pipeline so that the action occurs before the deployment to the EKS cluster. Configure ECR basic image scanning to scan on image push. Use an AWS Lambda function as the action provider. Configure the Lambda function to check the scan results and to fail the pipeline if there are findings.

Answer(s): B



A developer is testing a new file storage application that uses an Amazon CloudFront distribution to serve content from an Amazon S3 bucket. The distribution accesses the S3 bucket by using an origin access identity (OAI). The S3 bucket's permissions explicitly deny access to all other users.
The application prompts users to authenticate on a login page and then uses signed cookies to allow users to access their personal storage directories. The developer has configured the distribution to use its default cache behavior with restricted viewer access and has set the origin to point to the S3 bucket. However, when the developer tries to navigate to the login page, the developer receives a 403 Forbidden error.
The developer needs to implement a solution to allow unauthenticated access to the login page. The solution also must keep all private content secure.
Which solution will meet these requirements?

  1. Add a second cache behavior to the distribution with the same origin as the default cache behavior. Set the path pattern for the second cache behavior to the path of the login page, and make viewer access unrestricted. Keep the default cache behavior's settings unchanged.
  2. Add a second cache behavior to the distribution with the same origin as the default cache behavior. Set the path pattern for the second cache behavior to *, and make viewer access restricted. Change the default cache behavior's path pattern to the path of the login page, and make viewer access unrestricted.
  3. Add a second origin as a failover origin to the default cache behavior. Point the failover origin to the S3 bucket. Set the path pattern for the primary origin to *, and make viewer access restricted. Set the path pattern for the failover origin to the path of the login page, and make viewer access unrestricted.
  4. Add a bucket policy to the S3 bucket to allow read access. Set the resource on the policy to the Amazon Resource Name (ARN) of the login page object in the S3 bucket. Add a CloudFront function to the default cache behavior to redirect unauthorized requests to the login page's S3 URL.

Answer(s): A



A developer is using AWS Amplify Hosting to build and deploy an application. The developer is receiving an increased number of bug reports from users. The developer wants to add end-to-end testing to the application to eliminate as many bugs as possible before the bugs reach production.
Which solution should the developer implement to meet these requirements?

  1. Run the amplify add test command in the Amplify CLI.
  2. Create unit tests in the application. Deploy the unit tests by using the amplify push command in the Amplify CLI.
  3. Add a test phase to the amplify.yml build settings for the application.
  4. Add a test phase to the aws-exports.js file for the application.

Answer(s): C



An ecommerce company is using an AWS Lambda function behind Amazon API Gateway as its application tier. To process orders during checkout, the application calls a POST API from the frontend. The POST API invokes the Lambda function asynchronously. In rare situations, the application has not processed orders. The Lambda application logs show no errors or failures.
What should a developer do to solve this problem?

  1. Inspect the frontend logs for API failures. Call the POST API manually by using the requests from the log file.
  2. Create and inspect the Lambda dead-letter queue. Troubleshoot the failed functions. Reprocess the events.
  3. Inspect the Lambda logs in Amazon CloudWatch for possible errors. Fix the errors.
  4. Make sure that caching is disabled for the POST API in API Gateway.

Answer(s): B



A company is building a web application on AWS. When a customer sends a request, the application will generate reports and then make the reports available to the customer within one hour. Reports should be accessible to the customer for 8 hours. Some reports are larger than 1 MB. Each report is unique to the customer. The application should delete all reports that are older than 2 days.
Which solution will meet these requirements with the LEAST operational overhead?

  1. Generate the reports and then store the reports as Amazon DynamoDB items that have a specified TTL. Generate a URL that retrieves the reports from DynamoDB. Provide the URL to customers through the web application.
  2. Generate the reports and then store the reports in an Amazon S3 bucket that uses server-side encryption. Attach the reports to an Amazon Simple Notification Service (Amazon SNS) message. Subscribe the customer to email notifications from Amazon SNS.
  3. Generate the reports and then store the reports in an Amazon S3 bucket that uses server-side encryption. Generate a presigned URL that contains an expiration date Provide the URL to customers through the web application. Add S3 Lifecycle configuration rules to the S3 bucket to delete old reports.
  4. Generate the reports and then store the reports in an Amazon RDS database with a date stamp. Generate an URL that retrieves the reports from the RDS database. Provide the URL to customers through the web application. Schedule an hourly AWS Lambda function to delete database records that have expired date stamps.

Answer(s): C



A company has deployed an application on AWS Elastic Beanstalk. The company has configured the Auto Scaling group that is associated with the Elastic Beanstalk environment to have five Amazon EC2 instances. If the capacity is fewer than four EC2 instances during the deployment, application performance degrades. The company is using the all-at-once deployment policy.
What is the MOST cost-effective way to solve the deployment issue?

  1. Change the Auto Scaling group to six desired instances.
  2. Change the deployment policy to traffic splitting. Specify an evaluation time of 1 hour.
  3. Change the deployment policy to rolling with additional batch. Specify a batch size of 1.
  4. Change the deployment policy to rolling. Specify a batch size of 2.

Answer(s): C



A developer is incorporating AWS X-Ray into an application that handles personal identifiable information (PII). The application is hosted on Amazon EC2 instances. The application trace messages include encrypted PII and go to Amazon CloudWatch. The developer needs to ensure that no PII goes outside of the EC2 instances.
Which solution will meet these requirements?

  1. Manually instrument the X-Ray SDK in the application code.
  2. Use the X-Ray auto-instrumentation agent.
  3. Use Amazon Macie to detect and hide PII. Call the X-Ray API from AWS Lambda.
  4. Use AWS Distro for Open Telemetry.

Answer(s): A



A developer is migrating some features from a legacy monolithic application to use AWS Lambda functions instead. The application currently stores data in an Amazon Aurora DB cluster that runs in private subnets in a VPC. The AWS account has one VPC deployed. The Lambda functions and the DB cluster are deployed in the same AWS Region in the same AWS account.
The developer needs to ensure that the Lambda functions can securely access the DB cluster without crossing the public internet.
Which solution will meet these requirements?

  1. Configure the DB cluster's public access setting to Yes.
  2. Configure an Amazon RDS database proxy for he Lambda functions.
  3. Configure a NAT gateway and a security group for the Lambda functions.
  4. Configure the VPC, subnets, and a security group for the Lambda functions.

Answer(s): D



Viewing Page 8 of 71



Share your comments for Amazon AWS Certified Developer - Associate DVA-C02 exam with other users:

Divya 8/2/2023 6:54:00 AM

need more q&a to go ahead
Anonymous


Rakesh 10/6/2023 3:06:00 AM

question 59 - a newly-created role is not assigned to any user, nor granted to any other role. answer is b https://docs.snowflake.com/en/user-guide/security-access-control-overview
Anonymous


Nik 11/10/2023 4:57:00 AM

just passed my exam today. i saw all of these questions in my text today. so i can confirm this is a valid dump.
HONG KONG


Deep 6/12/2023 7:22:00 AM

needed dumps
INDIA


tumz 1/16/2024 10:30:00 AM

very helpful
UNITED STATES


NRI 8/27/2023 10:05:00 AM

will post once the exam is finished
UNITED STATES


kent 11/3/2023 10:45:00 AM

relevant questions
Anonymous


Qasim 6/11/2022 9:43:00 AM

just clear exam on 10/06/2202 dumps is valid all questions are came same in dumps only 2 new questions total 46 questions 1 case study with 5 question no lab/simulation in my exam please check the answers best of luck
Anonymous


Cath 10/10/2023 10:09:00 AM

q.112 - correct answer is c - the event registry is a module that provides event definitions. answer a - not correct as it is the definition of event log
VIET NAM


Shiji 10/15/2023 1:31:00 PM

good and useful.
INDIA


Ade 6/25/2023 1:14:00 PM

good questions
Anonymous


Praveen P 11/8/2023 5:18:00 AM

good content
UNITED STATES


Anastasiia 12/28/2023 9:06:00 AM

totally not correct answers. 21. you have one gcp account running in your default region and zone and another account running in a non-default region and zone. you want to start a new compute engine instance in these two google cloud platform accounts using the command line interface. what should you do? correct: create two configurations using gcloud config configurations create [name]. run gcloud config configurations activate [name] to switch between accounts when running the commands to start the compute engine instances.
Anonymous


Priyanka 7/24/2023 2:26:00 AM

kindly upload the dumps
Anonymous


Nabeel 7/25/2023 4:11:00 PM

still learning
Anonymous


gure 7/26/2023 5:10:00 PM

excellent way to learn
UNITED STATES


ciken 8/24/2023 2:55:00 PM

help so much
Anonymous


Biswa 11/20/2023 9:28:00 AM

understand sql col.
Anonymous


Saint Pierre 10/24/2023 6:21:00 AM

i would give 5 stars to this website as i studied for az-800 exam from here. it has all the relevant material available for preparation. i got 890/1000 on the test.
Anonymous


Rose 7/24/2023 2:16:00 PM

this is nice.
Anonymous


anon 10/15/2023 12:21:00 PM

q55- the ridac workflow can be modified using flow designer, correct answer is d not a
UNITED STATES


NanoTek3 6/13/2022 10:44:00 PM

by far this is the most accurate exam dumps i have ever purchased. all questions are in the exam. i saw almost 90% of the questions word by word.
UNITED STATES


eriy 11/9/2023 5:12:00 AM

i cleared the az-104 exam by scoring 930/1000 on the exam. it was all possible due to this platform as it provides premium quality service. thank you!
UNITED STATES


Muhammad Rawish Siddiqui 12/8/2023 8:12:00 PM

question # 232: accessibility, privacy, and innovation are not data quality dimensions.
SAUDI ARABIA


Venkat 12/27/2023 9:04:00 AM

looks wrong answer for 443 question, please check and update
Anonymous


Varun 10/29/2023 9:11:00 PM

great question
Anonymous


Doc 10/29/2023 9:36:00 PM

question: a user wants to start a recruiting posting job posting. what must occur before the posting process can begin? 3 ans: comment- option e is incorrect reason: as part of enablement steps, sap recommends that to be able to post jobs to a job board, a user need to have the correct permission and secondly, be associated with one posting profile at minimum
UNITED KINGDOM


It‘s not A 9/17/2023 5:31:00 PM

answer to question 72 is d [sys_user_role]
Anonymous


indira m 8/14/2023 12:15:00 PM

please provide the pdf
UNITED STATES


ribrahim 8/1/2023 6:05:00 AM

hey guys, just to let you all know that i cleared my 312-38 today within 1 hr with 100 questions and passed. thank you so much brain-dumps.net all the questions that ive studied in this dump came out exactly the same word for word "verbatim". you rock brain-dumps.net!!! section name total score gained score network perimeter protection 16 11 incident response 10 8 enterprise virtual, cloud, and wireless network protection 12 8 application and data protection 13 10 network défense management 10 9 endpoint protection 15 12 incident d
SINGAPORE


Andrew 8/23/2023 6:02:00 PM

very helpful
Anonymous


latha 9/7/2023 8:14:00 AM

useful questions
GERMANY


ibrahim 11/9/2023 7:57:00 AM

page :20 https://exam-dumps.com/snowflake/free-cof-c02-braindumps.html?p=20#collapse_453 q 74: true or false: pipes can be suspended and resumed. true. desc.: pausing or resuming pipes in addition to the pipe owner, a role that has the following minimum permissions can pause or resume the pipe https://docs.snowflake.com/en/user-guide/data-load-snowpipe-intro
FINLAND


Franklin Allagoa 7/5/2023 5:16:00 AM

i want hcia exam dumps
Anonymous