Free AWS DVA-C02 Actual Exam Questions
Dumps Box (DumpsBox) offers up-to-date practice exam questions for DVA-C02 certification exam which are developed and validated by Amazon – AWS subject domain experts certified in AWS DVA-C02 . These practice questions are update regularly as we keep an eye on any recent changes in DVA-C02 syllabus, and when there is update our team quickly adjusts the questions. This commitment to providing the best quality exam prep material to certification aspirants is what makes DumpsBox.com the best certification exam prep website. On top of that, our strong, yet strictly moderated, community based feedback keeps the content clean and current. Each question has helpful community discussion that provides it extra perspective and introduces helpful resources for better exam preparation. This also saves students from other outdated practice questions or illicit exam dumps that can have adverse affects on career. Browse through our AWS DVA-C02 exam questions and pass your exam on first try.
a network shared folder as a centralized configuration repository to store configuration files in .xml
format. The company is migrating the application to Amazon EC2 instances. As part of the migration
to AWS, a developer must identify a solution that provides high availability for the repository.
Which solution will meet this requirement MOST cost-effectively?
It’s C because using S3 directly with the AWS SDK gives you built-in durability and availability without the complexity of mounting or managing file systems. Mounting S3 (D) can cause performance issues and isn’t fully native.
Maybe D works best since mounting the S3 bucket keeps the shared folder approach and S3 offers built-in high availability, unlike EBS or instance store which are tied to single instances.
party service to pull data with a series of API calls at the end of each month. The function than
processes the data to generate the monthly reports. The function has Been working with no issues so
far.
The third-party service recently issued a restriction to allow a feed number to API calls each minute
and each day. If the API calls exceed the limit tor each minute or each day, then the service will
produce errors. The API also provides the minute limit and daily limit in the response header. This
restriction might extend the overall process to multiple days because the process is consuming more
API calls than the available limit.
What is the MOST operationally efficient way to refactor the server less application to accommodate
this change?
It’s A because Step Functions can handle complex workflows and built-in wait states without extra infrastructure. Waiting inside Step Functions feels more straightforward than managing queue polling with SQS. Also, Step Functions can handle retries based on API failure responses dynamically, which fits this use case better than SQS or relying on CloudWatch alarms (C) which don’t directly control invocation pacing. Kinesis Data Firehose (D) doesn’t really apply here since you’re not batching for storage or analytics but need to control call rates in real time.
Maybe B works best here since SQS can naturally queue the API requests and Lambda can control the pace of processing to keep within rate limits. Step Functions might add complexity for simple rate throttling.
function.
Users have reported performance issues for the Lambda function. The development team identified
the source of the issues as a cold start of the Lambda function. The development team needs to
reduce the time needed for the Lambda function to initialize.
Which solution will meet this requirement?
Maybe D because provisioned concurrency keeps Lambdas warm, cutting down cold start delays. Increasing memory (C) helps speed but doesn’t fully fix cold start issues like provisioned concurrency does.
B. Step Functions sounds right because it handles sequential workflows and error retries easily.
devices with unique screen dimensions and resolutions. Photos are stored in Amazon S3 in their
original format and resolution. The company uses an Amazon CloudFront distribution to serve the
photos The app includes the dimension and resolution of the display as GET parameters with every
request.
A developer needs to implement a solution that optimizes the photos that are served to each device
to reduce load time and increase photo quality.
Which solution will meet these requirements MOST cost-effective?
I think C could be a solid pick here. Doing real-time optimization via Lambda@Edge means no need to store tons of variants upfront, which saves on storage costs. If you max out the CloudFront cache TTL, most requests hit the cache after the first, reducing repeated Lambda invocations and keeping latency down. It’s cost-effective since you avoid both large S3 storage and batch processing costs. Plus, it handles unpredictable device dimensions well without pre-generating variants. So I’d go with C for balancing flexibility and cost.
Maybe B makes sense too since it pre-generates variants with batch jobs, so processing isn’t done on-demand. Lambda@Edge routing based on headers can keep costs lower than real-time resizing every request.
team uses an Amazon DynamoDB table.
Every record includes the following
• A Review ID a 16-digrt universally unique identifier (UUID)
• A Product ID and User ID 16 digit UUlDs that reference other tables
• A Product Rating on a scale of 1-5
• An optional comment from the user
The table partition key is the Review ID. The most performed query against the table is to find the 10
reviews with the highest rating for a given product.
Which index will provide the FASTEST response for this query"?
A/B? Since we want to filter by Product ID and sort by rating, having Product Rating as the sort key (A) makes more sense than Review ID (B) for fast retrieval of top ratings.
A This will let you quickly find all reviews for a product and sort them by rating, which matches exactly what the query needs. LSIs can’t change the partition key, so they won’t help here.
Amazon S3. Users can upload data encrypted with a public key. The company wants to ensure that
only the company can decrypt the uploaded content using an asymmetric encryption key. The data
must always be encrypted in transit and at rest.
Options:
Not A, since SSE-S3 uses symmetric keys managed by AWS, which doesn’t guarantee only the company can decrypt. They need control over the keys, so server-side with AWS-managed keys won’t meet that requirement.
Maybe D fits best since client-side encryption with a customer-managed key means the company controls the decryption keys, matching the asymmetric requirement better than server-side options.
use server-side encryption with an AWS owned encryption key
How should the developer create the DynamoDB table to meet these requirements?
D imo, server-side encryption with AWS owned keys is the default for DynamoDB tables.
It’s D for sure. AWS owned keys are the default encryption method for DynamoDB, so you don’t have to specify any KMS key ARN or create keys manually when creating the table. Options A, B, and C all mention specifying a key, which is only necessary if you want customer managed or AWS managed keys. Since the question explicitly says AWS owned key, just creating the table with default settings meets the requirement. No extra parameters needed.
copy Amazon Machine Images (AMIs) with the latest changes and create a new application stack in
the destination Region. According to company requirements, all AMIs must be encrypted in all
Regions. However, not all the AMIs that the company uses are encrypted.
How can the developer expand the application to run in the destination Region while meeting the
encryption requirement?
It’s A for sure. You can’t just flip encryption on an existing AMI or snapshot, so creating a new encrypted AMI and then copying is the only way to meet the encryption rule across regions.
Maybe D is out since you can’t just copy unencrypted AMIs and then magically turn on encryption by default in the new region. I think B and C are off too because KMS manages keys but doesn’t directly enable encryption on existing AMIs, and ACM is for certificates, not AMI encryption. So yeah, A feels right—you create new AMIs with encryption enabled first, then copy them over. That way all AMIs are encrypted before they’re used anywhere.
VPC.
Makes sense to exclude B since Lambda can’t just route through a VPN like an EC2 instance. I’d also rule out C because VPC endpoints are mainly for AWS service access, not general private resource connectivity, and routing through a NAT gateway is for outbound internet traffic, not private network access. D seems specific to PrivateLink, which is more for service-to-service communication rather than general Lambda access to VPC resources. So A fits best — placing the Lambda inside the VPC subnets with a security group for access sounds like the straightforward way.
Option A is solid because Lambda functions need to be in the VPC’s subnets to access private resources directly. B is off since Lambda doesn’t natively route through VPNs; that’s more for EC2 or on-prem setups.
show the weather forecast for one of the company's office locations. The application will provide a
REST endpoint that clients can call. Where possible, the application should use caching features
provided by AWS to limit the number of requests to the backend service. The application backend
will receive a small amount of traffic only during testing.
Which approach should the developer take to provide the REST endpoint MOST cost-effectively?
This is definitely a light workload, so spinning up containers with EKS or ECS seems overkill. Lambda plus API Gateway caching (B) keeps things simple and cheap without extra management overhead. B
I think A, C, and D all involve more infrastructure than needed for just a small POC with low traffic. Lambda plus API Gateway caching in B seems the simplest and cheapest way to go here. B
company uses 1AM permissions to restrict access to the S3 bucket. The customers can access only
their own files.
Due to a regulation requirement, the company needs to enforce encryption in transit for interactions
with Amazon S3.
Which solution will meet these requirements?
Maybe A, since it blocks any non-HTTPS requests explicitly.
A imo makes the most sense since it directly enforces encryption in transit by denying requests without secure transport. The other options don’t address encryption in transit explicitly.
There is a new version of the website that needs to be deployed in the Elastic Beanstalk
environment. The company cannot tolerate having the website offline if an update fails.
Deployments must have minimal impact and rollback as soon as possible.
B/D? Rolling could work by updating instances in batches to avoid downtime, but it risks partial failures. Immutable is safer because the whole environment is replaced atomically, ensuring immediate rollback.
This sounds like a classic case for immutable deployments (D) because they create a new set of instances and only switch traffic once those pass health checks. That way, if the update fails, the old environment is still up and running—no downtime. Rolling updates (B) could cause partial outages if something goes wrong mid-deploy, and all at once (A) definitely risks downtime. Snapshots (C) don’t really fit here since they’re about backups, not deployment strategies. Does anyone think rolling updates could still be safe enough with health checks, or is immutable definitely the safest bet?
use an AWS Lambda function to create a thumbnail of each image Each time an image is uploaded
the service needs to send an email notification and create the thumbnail The developer needs to
configure the image processing and email notifications setup.
Which solution will meet these requirements?
A vs B but A is simpler without SQS in the middle for email notifications.
SNS can send emails directly, so option A fits best here.
needs to be encrypted at all times. An encrypted Amazon RDS for MySQL DB instance is storing the
dat
a. The developer wants to increase the performance of the application by caching frequently
accessed data while adding the ability to sort or rank the cached datasets.
Which solution will meet these requirements?
Option A makes the most sense since Redis supports built-in sorted sets that let you rank or sort data easily, which Memcached (Option B) doesn’t handle well. Also, ElastiCache for Redis supports encryption both in transit and at rest, which is essential for PHI. The read replica in Option C won’t really help with caching or ranking, just read scalability. DynamoDB with DAX (Option D) is good for caching but doesn’t have native sorting/ranking features like Redis, so it’s less ideal given the requirements.
A, Redis supports sorting and ranking with encryption options.
is in another AWS account. Which AWS Security Token Service (AWS STS) API operation should the
developer use with the MFA information to meet this requirement?
It’s D because AssumeRole lets you pass MFA tokens directly for cross-account access without needing web identity or SAML setup. The others are more for federated users, so they don’t fit here.
Maybe D here too, since AssumeRole lets you pass MFA tokens when switching roles across accounts. The others seem more tied to web identity or SAML federation, which the question doesn’t mention.