How accurate are the AWS Certified Developer - Associate practice questions?

All AWS Certified Developer - Associate questions are community-created and reviewed by moderators to align with Amazon's published exam objectives. The community continuously reports and fixes issues to keep content accurate and up to date.

How should I study for the AWS Certified Developer - Associate exam?

Start by browsing practice questions to identify weak areas. Use spaced repetition (Learn Mode) to focus study time on topics you struggle with. Combine practice questions with official Amazon documentation and hands-on experience for best results.

AWS Certified Developer - Associate Practice Exam — Free 444+ Questions

444Practice Questions

3Study Modes

FreeTo Get Started

Topic:Sort:

Question 1

Security

Question 2

Deployment

Question 3

Security

Question 4

Development with Services

Question 5

Troubleshooting and Optimization

Question 6

Development with Services

Question 7

Troubleshooting and Optimization

Question 8

Deployment

Question 9

Deployment

Question 10

Troubleshooting and Optimization

Question 11

Deployment

Question 12

Troubleshooting and Optimization

Question 13

Deployment

Question 14

Development with Services

Question 15

Security

Question 16

Deployment

Question 17

Security

Question 18

Troubleshooting and Optimization

Question 19

Troubleshooting and Optimization

Question 20

Deployment

Question 21

Development with Services

Question 22

Troubleshooting and Optimization

Question 23

Development with Services

Question 24

Security

Question 25

Development with Services

Page 1 of 18 • Questions 1-25 of 444

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

A static website is hosted in an Amazon S3 bucket. Several HTML pages on the site use JavaScript to download images from another Amazon S3 bucket. These images are not displayed when users browse the site.
What is the possible cause for the issue?

A The referenced Amazon S3 bucket is in another region.
B The images must be stored in the same Amazon S3 bucket.
C Port 80 must be opened on the security group in which the Amazon S3 bucket is located.
D Cross Origin Resource Sharing must be enabled on the Amazon S3 bucket.

An application uses Amazon Kinesis Data Streams to ingest and process large streams of data records in real time. Amazon EC2 instances consume and process the data from the shards of the Kinesis data stream by using Amazon Kinesis Client Library (KCL). The application handles the failure scenarios and does not require standby workers. The application reports that a specific shard is receiving more data than expected. To adapt to the changes in the rate of data flow, the
hot shard is resharded.
Assuming that the initial number of shards in the Kinesis data stream is 4, and after resharding the number of shards increased to 6, what is the maximum number of EC2 instances that can be deployed to process data from all the shards?

A 12
B 6
C 4
D 1

A developer is creating a mobile application that will not require users to log in.
What is the MOST efficient method to grant users access to AWS resources?

A Use an identity provider to securely authenticate with the application.
B Create an AWS Lambda function to create an IAM user when a user accesses the application.
C Create credentials using AWS KMS and apply these credentials to users when using the application.
D Use Amazon Cognito to associate unauthenticated users with an IAM role that has limited access to resources.

A company is migrating its on-premises database to Amazon RDS for MySQL. The company has read-heavy workloads, and wants to make sure it re-factors its code to achieve optimum read performance for its queries.
How can this objective be met?

A Add database retries to effectively use RDS with vertical scaling.
B Use RDS with multi-AZ deployment.
C Add a connection string to use an RDS read replica for read queries.
D Add a connection string to use a read replica on an EC2 instance.

A Developer has been asked to create an AWS Lambda function that is triggered any time updates are made to items in an Amazon DynamoDB table. The function has been created, and appropriate permissions have been added to the Lambda execution role. Amazon DynamoDB streams have been enabled for the table, but the function is still not being triggered.
Which option would enable DynamoDB table updates to trigger the Lambda function?

A Change the StreamViewType parameter value to NEW_AND_OLD_IMAGES for the DynamoDB table
B Configure event source mapping for the Lambda function
C Map an Amazon SNS topic to the DynamoDB streams
D Increase the maximum execution time (timeout) setting of the Lambda function

A company runs an e-commerce website that uses Amazon DynamoDB where pricing for items is dynamically updated in real time. At any given time, multiple updates may occur simultaneously for pricing information on a particular product. This is causing the original editor's changes to be overwritten without a proper review process.
Which DynamoDB write option should be selected to prevent this overwriting?

A Concurrent writes
B Conditional writes
C Atomic writes
D Batch writes

A developer is receiving HTTP 400: ThrottlingException errors intermittently when calling the Amazon CloudWatch API. When a call fails, no data is retrieved.
What best practice should first be applied to address this issue?

A Contact AWS Support for a limit increase.
B Use the AWS CLI to get the metrics.
C Analyze the applications and remove the API call.
D Retry the call with exponential backoff.

Given the source code for an AWS Lambda function in the local file store.py containing a handler function called get_store and the following AWS
CloudFormation template:

Question Image

What should be done to prepare the template so that it can be deployed using the AWS CLI command aws cloudformation deploy?

A Use aws cloudformation compile to base64 encode and embed the source file into a modified CloudFormation template.
B Use aws cloudformation package to upload the source code to an Amazon S3 bucket and produce a modified CloudFormation template.
C Use aws lambda zip to package the source file together with the CloudFormation template and deploy the resulting zip archive.
D Use aws serverless create-package to embed the source file directly into the existing CloudFormation template.

A developer is testing a Docker-based application that uses the AWS SDK to interact with Amazon DynamoDB. In the local development environment, the application has used IAM access keys. The application is now ready for deployment onto an ECS cluster.
How should the application authenticate with AWS services in production?

A Configure an ECS task IAM role for the application to use.
B Refactor the application to call AWS STS AssumeRole based on an instance role.
C Configure AWS access key/secret access key environment variables with new credentials.
D Configure the credentials file with a new access key/secret access key.

A developer created a Lambda function for a web application backend. When testing the Lambda function from the AWS Lambda console, the developer can see that the function is being run, but there is no log data being generated in Amazon CloudWatch Logs, even after several minutes.
What could cause this situation?

A The Lambda function does not have any explicit log statements for the log data to send it to CloudWatch Logs.
B The Lambda function is missing CloudWatch Logs as a source trigger to send log data.
C The execution role for the Lambda function is missing permissions to write log data to the CloudWatch Logs.
D The Lambda function is missing a target CloudWatch Log group.

For a deployment using AWS CodeDeploy, what is the run order of the hooks for in-place deployments?

A Before Install -> Application Stop -> Application Start -> After Install
B Application Stop -> Before Install -> After Install -> Application Start
C Before Install -> Application Stop -> Validate Service -> Application Start
D Application Stop -> Before Install -> Validate Service -> Application Start

When a Developer tries to run an AWS CodeBuild project, it raises an error because the length of all environment variables exceeds the limit for the combined maximum of characters.
What is the recommended solution?

A Add the export LC_ALL=ג€en_US.utf8ג€ command to the pre_build section to ensure POSIX localization.
B Use Amazon Cognito to store key-value pairs for large numbers of environment variables.
C Update the settings for the build project to use an Amazon S3 bucket for large numbers of environment variables.
D Use AWS Systems Manager Parameter Store to store large numbers of environment variables.

An application needs to use the IP address of the client in its processing. The application has been moved into AWS and has been placed behind an Application
Load Balancer (ALB). However, all the client IP addresses now appear to be the same. The application must maintain the ability to scale horizontally.
Based on this scenario, what is the MOST cost-effective solution to this problem?

A Remove the application from the ALB. Delete the ALB and change Amazon Route 53 to direct traffic to the instance running the application.
B Remove the application from the ALB. Create a Classic Load Balancer in its place. Direct traffic to the application using the HTTP protocol.
C Alter the application code to inspect the X-Forwarded-For header. Ensure that the code can work properly if a list of IP addresses is passed in the header.
D Alter the application code to inspect a custom header. Alter the client code to pass the IP address in the custom header.

An application runs on multiple EC2 instances behind an ELB.
Where is the session data best written so that it can be served reliably across multiple requests?

A Write data to Amazon ElastiCache.
B Write data to Amazon Elastic Block Store.
C Write data to Amazon EC2 Instance Store.
D Write data to the root filesystem.

A company maintains a REST service using Amazon API Gateway and the API Gateway native API key validation. The company recently launched a new registration page, which allows users to sign up for the service. The registration page creates a new API key using CreateApiKey and sends the new key to the user. When the user attempts to call the API using this key, the user receives a 403 Forbidden error. Existing users are unaffected and can still call the API.
What code updates will grant these new users access to the API?

A The createDeployment method must be called so the API can be redeployed to include the newly created API key.
B The updateAuthorizer method must be called to update the API's authorizer to include the newly created API key.
C The importApiKeys method must be called to import all newly created API keys into the current stage of the API.
D The createUsagePlanKey method must be called to associate the newly created API key with the correct usage plan.

A company has a website that is developed in PHP and is launched using AWS Elastic Beanstalk. There is a new version of the website that needs to be deployed in the Elastic Beanstalk environment. The company cannot tolerate having the website offline if an update fails. Deployments must have minimal impact and rollback as soon as possible.
What deployment method should be used?

A All at once
B Rolling
C Snapshots
D Immutable

A Developer is working on an application that handles 10MB documents that contain highly-sensitive data. The application will use AWS KMS to perform client- side encryption.
What steps must be followed?

A Invoke the Encrypt API passing the plaintext data that must be encrypted, then reference the customer managed key ARN in the KeyId parameter
B Invoke the GenerateRandom API to get a data encryption key, then use the data encryption key to encrypt the data
C Invoke the GenerateDataKey API to retrieve the encrypted version of the data encryption key to encrypt the data
D Invoke the GenerateDataKey API to retrieve the plaintext version of the data encryption key to encrypt the data

A Developer must build an application that uses Amazon DynamoDB. The requirements state that the items being stored in the DynamoDB table will be 7KB in size and that reads must be strongly consistent. The maximum read rate is 3 items per second, and the maximum write rate is 10 items per second.
How should the Developer size the DynamoDB table to meet these requirements?

A Read: 3 read capacity units Write: 70 write capacity units
B Read: 6 read capacity units Write: 70 write capacity units
C Read: 6 read capacity units Write: 10 write capacity units
D Read: 3 read capacity units Write: 10 write capacity units

A Developer must analyze performance issues with production-distributed applications written as AWS Lambda functions. These distributed Lambda applications invoke other components that make up the applications.
How should the Developer identify and troubleshoot the root cause of the performance issues in production?

A Add logging statements to the Lambda functions, then use Amazon CloudWatch to view the logs.
B Use AWS CloudTrail and then examine the logs.
C Use AWS X-Ray, then examine the segments and errors.
D Run Amazon Inspector agents and then analyze performance.

A developer has a stateful web server on-premises that is being migrated to AWS. The developer must have greater elasticity in the new design.
How should the developer re-factor the application to make it more elastic? (Choose two.)

A Use pessimistic concurrency on Amazon DynamoDB.
B Use Amazon CloudFront with an Auto Scaling group.
C Use Amazon CloudFront with an AWS Web Application Firewall.
D Store session state data in an Amazon DynamoDB table.
E Use an ELB with an Auto Scaling group.

A company is providing services to many downstream consumers. Each consumer may connect to one or more services. This has resulted in a complex architecture that is difficult to manage and does not scale well. The company needs a single interface to manage these services to consumers.
Which AWS service should be used to refactor this architecture?

A AWS Lambda
B AWS X-Ray
C Amazon SQS
D Amazon API Gateway

A company is running a Docker application on Amazon ECS. The application must scale based on user load in the last 15 seconds.
How should a Developer instrument the code so that the requirement can be met?

A Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds
B Create a high-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds
C Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 30 seconds
D Create a standard-resolution custom Amazon CloudWatch metric for user activity data, then publish data every 5 seconds

A company needs to ingest terabytes of data each hour from thousands of sources that are delivered almost continually throughout the day. The volume of messages generated varies over the course of the day. Messages must be delivered in real time for fraud detection and live operational dashboards.
Which approach will meet these requirements?

A Send the messages to an Amazon SQS queue, then process the messages by using a fleet of Amazon EC2 instances
B Use the Amazon S3 API to write messages to an S3 bucket, then process the messages by using Amazon Redshift
C Use AWS Data Pipeline to automate the movement and transformation of data
D Use Amazon Kinesis Data Streams with Kinesis Client Library to ingest and deliver messages

A Development team is working on a case management solution that allows medical claims to be processed and reviewed. Users log in to provide information related to their medical and financial situations.
As part of the application, sensitive documents such as medical records, medical imaging, bank statements, and receipts are uploaded to Amazon S3. All documents must be securely transmitted and stored. All access to the documents must be recorded for auditing.
What is the MOST secure approach?

A Use S3 default encryption using Advanced Encryption Standard-256 (AES-256) on the destination bucket.
B Use Amazon Cognito for authorization and authentication to ensure the security of the application and documents.
C Use AWS Lambda to encrypt and decrypt objects as they are placed into the S3 bucket.
D Use client-side encryption/decryption with Amazon S3 and AWS KMS.

A developer is creating an AWS Lambda function that generates a new file each time it runs. Each new file must be checked into an AWS CodeCommit repository hosted in the same AWS account.
How should the developer accomplish this?

A When the Lambda function starts, use the Git CLI to clone the repository. Check the new file into the cloned repository and push the change.
B After the new file is created in Lambda, use cURL to invoke the CodeCommit API. Send the file to the repository.
C Use an AWS SDK to instantiate a CodeCommit client. Invoke the putjile method to add the file to the repository.
D Upload the new file to an Amazon S3 bucket. Create an AWS Step Function to accept S3 events. In the Step Function, add the new file to the repository.

AWS Certified Developer - AssociatePreview

About the AWS Certified Developer - Associate Exam

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

AWS Certified Developer - AssociatePreview

About the AWS Certified Developer - Associate Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25