Actualtests offers free demo for AWS-Certified-Developer-Associate exam. "AWS Certified Developer Associate", also known as AWS-Certified-Developer-Associate exam, is a Amazon Certification. This set of posts, Passing the Amazon AWS-Certified-Developer-Associate exam, will help you answer those questions. The AWS-Certified-Developer-Associate Questions & Answers covers all the knowledge points of the real exam. 100% real Amazon AWS-Certified-Developer-Associate exams and revised by experts!
Q9. A user is trying to create a policy for an IAM user from the AWS console. Which of the below mentioned options is not available to the user while configuring policy?
A. Use policy generator to create policy
B. Use custom policy to create policy
C. Use policy simulator to create policy
D. Assign No permission
Answer: C
Explanation:
When a user is trying to create a policy from the AWS console, it will have options such as create policy from templates or use a policy generator. The user can also define a custom policy or chose the option to have no permission. The policy simulator is not available in the console.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html
Q10. Doug has created a VPC with CIDR 10.201.0.0/16 in his AWS account. In this VPC he has created a public subnet with CIDR block 10.201.31.0/24. While launching a new EC2 from the console, he is not able to assign the private IP address 10.201.31.6 to this instance. Which is the most likely reason for this issue?
A. Private IP address 10.201.31.6 is not part of the associated subnet's IP address range.
B. Private IP address 10.201.31.6 is blocked via ACLs in Amazon infrastructure as a part of platform security.
C. Private address IP 10.201.31.6 is currently assigned to another interface.
D. Private IP address 10.201.31.6 is reserved by Amazon for IP networking purposes.
Answer: C
Explanation:
In Amazon VPC, you can assign any Private IP address to your instance as long as it is: Part of the associated subnet's IP address range
Not reserved by Amazon for IP networking purposes Not currently assigned to another interface Reference: http://aws.amazon.com/vpc/faqs/
Q11. Which of the below mentioned options is a must to have an element as a part of the IAM policy?
A. Condition
B. ID
C. Statement
D. Version
Answer: C
Explanation:
The statement is the main element of the IAM policy and it is a must for a policy. Elements such as condition, version and ID are not required.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/AccessPoIicyLanguage_EIementDescriptions.html
QUESTION: N0: 98
Which of the below mentioned commands allows the user to share the AMI with his peers using the AWS EC2 CLI?
A. ec2-share-image-public
B. ec2-share-image-account
C. ec2-share-image
D. ec2-modify-image-attribute
Answer: D
Explanation:
A user can share an AMI with another user / peer using the command: ec2-modify-image-attribute
<AMI-ID> -| -a <AWS Account |D>
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-expIicit.htmI
Q12. An online gaming site asked you if you can deploy a database that is a fast, highly scalable NoSQL database service in AWS for a new site that he wants to build. Which database should you recommend?
A. Amazon Redshift
B. Amazon SimpIeDB
C. Amazon DynamoDB
D. Amazon RDS
Answer: C
Explanation:
Amazon DynamoDB is ideal for database applications that require very low latency and predictable performance at any scale but don’t need complex querying capabilities like joins or transactions. Amazon DynamoDB is a fully-managed NoSQL database service that offers high performance, predictable throughput and low cost. It is easy to set up, operate, and scale.
With Amazon DynamoDB, you can start small, specify the throughput and storage you need, and easily scale your capacity requirements on the fly. Amazon DynamoDB automatically partitions data over a
number of servers to meet your request capacity. In addition, DynamoDB automatically replicates your data synchronously across multiple Availability Zones within an AWS Region to ensure high-availability and data durability.
Reference: https://aws.amazon.com/running_databases/#dynamodb_anchor
Q13. A user has created a queue named "myqueue" with SQS. There are four messages published to queue which are not received by the consumer yet. If the user tries to delete the queue, what will happen?
A. A user can never delete a queue manually. AWS deletes it after 30 days of inactMty on queue
B. It will initiate the delete but wait for four days before deleting until all messages are deleted automatically.
C. It will ask user to delete the messages first
D. It will delete the queue
Answer: D
Explanation:
SQS allows the user to move data between distributed components of applications so they can perform different tasks without losing messages or requiring each component to be always available. The user can delete a queue at any time, whether it is empty or not. It is important to note that queues retain
messages for a set period of time. By default, a queue retains messages for four days. Reference:
http://docs.aws.amazon.com/AWSSimpIeQueueService/latest/SQSDeveIoperGuide/SQSConcepts.html
Q14. A user has configured ELB with two instances running in separate AZs of the same region? Which of the below mentioned statements is true?
A. Nlulti AZ instances will provide HA with ELB
B. lVIuIti AZ instances are not possible with a single ELB
C. Nlulti AZ instances will provide scalability with ELB
D. The user can achieve both HA and scalability with ELB
Answer: A
Explanation:
If a user is running two instances in separate AZs, it will provide HA with ELB since ELB will automatically stop routing the traffic to unhealthy instances and send it to healthy instances only.
Q15. Can you SSH to your private machines that reside in a VPC from outside without elastic IP?
A. Yes, but only if you have direct connect or vpn
B. Only if you are using a non-US region
C. Only if you are using a US region
D. No
Answer: A
Explanation:
The instances that reside in the private subnets of your VPC are not reachable from the Internet, meAMng that is not possible to ssh into them. To interact with them you can use a bastion server, located in a public subnet, that will act as a proxy for them.
You can also connect if you have direct connect or vpn.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html
Q16. A user is trying to configure access with S3. Which of the following options is not possible to provide access to the S3 bucket / object?
A. Define the policy for the IAM user
B. Define the ACL for the object
C. Define the policy for the object
D. Define the policy for the bucket
Answer: C
Explanation:
Amazon S3 offers access policy options broadly categorized as resource-based policies and user policies.
Access policies, such as ACL and resource policy can be attached to the bucket. With the object the user can only have ACL and not an object policy. The user can also attach access policies to the IAM users in the account. These are called user policies.
Reference: http://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html