The AWS Certified Developer – Associate (DVA-C02) certification is a key benchmark for developers building and maintaining applications on the AWS platform. To effectively prepare for this exam and demonstrate your coding proficiency with AWS services, incorporating DVA-C02 mock tests into your study regimen is crucial. These practice exams are specifically designed to align with the DVA-C02 exam guide, focusing on core principles of developing, deploying, and debugging cloud-based applications using AWS.
Engaging with AWS Developer Associate practice exams provides a realistic simulation of the actual testing environment. You’ll tackle questions covering essential services like Lambda, API Gateway, DynamoDB, S3, IAM, and developer tools such as CodeCommit, CodeBuild, and CodeDeploy. These mock tests help you assess your understanding of secure application development, serverless architecture, CI/CD pipelines, and interaction with AWS services via SDKs and APIs. Regularly attempting DVA-C02 practice questions sharpens your ability to select the right AWS services for specific development tasks and troubleshoot common issues.
Understanding the AWS Cloud is a valuable asset in today’s tech landscape. For detailed information about the certification, you can always refer to the official AWS Certified Developer – Associate (DVA-C02) page.
Are you ready to solidify your knowledge and take a significant step towards certification success? Click the begin button to start, Good Luck!
This is a timed quiz. You will be given 7800 seconds to answer all questions. Are you ready?
A developer is using the AWS CLI to manage AWS resources. Which command is used to configure the default AWS access key ID, secret access key, region, and output format?
The `aws configure` command is used to set up your AWS CLI with your credentials and default settings. These settings are typically stored in `~/.aws/credentials` and `~/.aws/config`.
A developer is writing an application that needs to perform eventually consistent reads from a DynamoDB table with the lowest possible latency. Which read consistency model should be used?
Eventually consistent reads in DynamoDB offer the lowest latency because they might not reflect the results of a recently completed write operation. Strongly consistent reads reflect all previous writes but have higher latency.
What are Lambda Layers used for?
Lambda Layers allow you to manage your function's dependencies independently and share common code or libraries across multiple Lambda functions. A layer is a .zip file archive that contains libraries or other dependencies.
Which AWS service can be used to build a CI/CD pipeline that automatically builds, tests, and deploys an application whenever code changes are pushed to a repository?
AWS CodePipeline automates the continuous delivery process. It can integrate with source repositories (like CodeCommit or GitHub), build services (like CodeBuild), and deployment services (like CodeDeploy or CloudFormation).
What is the purpose of the `Globals` section in an AWS SAM template?
The `Globals` section in an AWS SAM template allows you to define properties that are common to all your serverless functions and APIs, reducing duplication in the template.
A developer wants to use a managed service to cache frequently accessed data from a database to improve application read performance. Which AWS service is suitable for this?
Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory cache in the cloud. It supports popular cache engines like Redis and Memcached.
Which AWS service provides a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy?
AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy.
A developer needs to troubleshoot an issue where an API Gateway method is returning an unexpected error. Which logs would be MOST helpful for diagnosing the problem?
API Gateway execution logs (which can be sent to CloudWatch Logs) provide detailed information about the request and response flow through API Gateway, including any errors encountered during integration with backend services like Lambda.
Which AWS service provides a fully managed source control service that hosts secure Git-based repositories?
AWS CodeCommit is a fully-managed source control service that hosts secure Git-based repositories. It makes it easy for teams to collaborate on code in a secure and highly scalable ecosystem.
What is the principle of least privilege in the context of AWS IAM?
The principle of least privilege dictates that you grant only the permissions required to perform a specific task. This minimizes the potential impact if credentials are compromised.
Which file in an AWS CodeBuild project defines the build commands and related settings?
The `buildspec.yml` (or `buildspec.json`) file is a collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build.
What is the role of the `appspec.yml` file in AWS CodeDeploy?
The Application Specification File (AppSpec file) is a YAML-formatted or JSON-formatted file used by CodeDeploy to manage a deployment. It specifies deployment lifecycle event hooks and files to be copied.
When deploying a new version of an AWS Lambda function, what feature allows you to gradually shift traffic between the old and new versions for testing?
Lambda aliases with weighted routing allow you to distribute traffic between two different versions of a Lambda function. This is useful for canary deployments or blue/green deployments.
A developer is using AWS CodeDeploy to deploy an application to EC2 instances. If a deployment to an instance fails, what is a common rollback strategy that CodeDeploy supports?
CodeDeploy can automatically roll back a deployment if a specified number of instances report failure. It can redeploy the last known good version of the application.
A developer needs to grant an EC2 instance permission to read objects from an S3 bucket without embedding AWS credentials in the application code. What is the MOST secure way to achieve this?
IAM roles for EC2 instances provide temporary security credentials that applications running on the instance can use to access other AWS services. This is more secure than storing long-term credentials.
When using the AWS SDK for Python (Boto3) to interact with DynamoDB, what is the purpose of a `ConditionExpression` in a `PutItem` operation?
A `ConditionExpression` in DynamoDB operations like `PutItem`, `UpdateItem`, or `DeleteItem` allows you to specify a condition that must be true for the operation to succeed. This is used for conditional writes.
A developer is using an AWS SDK to make calls to an AWS service. What is the recommended way to handle potential service errors or exceptions?
AWS SDKs provide built-in error handling and retry mechanisms. Developers should implement proper try-catch blocks (or equivalent in their language) to handle exceptions gracefully and potentially implement custom retry logic with exponential backoff.
Which data format is commonly used for request and response payloads when interacting with Amazon API Gateway REST APIs?
JSON (JavaScript Object Notation) is a lightweight data-interchange format that is widely used for request and response payloads in REST APIs, including those built with API Gateway.
A developer needs to write an AWS Lambda function that processes images uploaded to an S3 bucket. Which AWS SDK method should be used within the Lambda function to retrieve an object from S3?
The `getObject` method in the AWS SDK for S3 is used to retrieve objects. The Lambda function's IAM role must have `s3:GetObject` permission for the specified bucket and object.
What is the purpose of an S3 bucket policy?
An S3 bucket policy is a resource-based IAM policy that grants permissions to the bucket and the objects in it. It can be used to grant cross-account access or public access, among other things.
A developer wants to automate the deployment of an application to Amazon EC2 instances. Which AWS service is specifically designed for orchestrating these deployments?
AWS CodeDeploy is a deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, serverless Lambda functions, or Amazon ECS services.
Which AWS service can be used to manage user sign-up, sign-in, and access control for web and mobile applications?
Amazon Cognito provides identity management for your apps. You can add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily.
Which AWS CLI command is used to deploy an AWS SAM application?
The `sam deploy` command deploys an AWS SAM application by creating and managing AWS CloudFormation change sets and then executing them. The `--guided` flag helps with initial configuration.
A developer is optimizing an application that makes frequent, small read requests to a DynamoDB table. To reduce costs and improve read performance for this hot data, which service can be integrated with DynamoDB?
Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement – from milliseconds to microseconds – even at millions of requests per second.
Which type of IAM policy is attached directly to a single IAM user, group, or role?
Inline policies are embedded directly into a single user, group, or role. They are useful for applying policies that should strictly apply to only one entity. Managed policies are standalone and can be attached to multiple entities.
A developer notices that an AWS Lambda function is timing out. Which AWS service provides logs that can help identify the cause of the timeout?
Amazon CloudWatch Logs captures logs generated by your Lambda function code (e.g., `console.log` or `print` statements) as well as logs from the Lambda service itself, including timeout errors and out-of-memory errors.
Which AWS service is a fully managed publish/subscribe messaging service that enables decoupling of microservices, distributed systems, and serverless applications?
Amazon Simple Notification Service (SNS) is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications.
Which AWS CodeDeploy deployment strategy gradually shifts traffic from an old version of an application to a new version, allowing for monitoring during the shift?
Canary and Linear deployment strategies in CodeDeploy gradually shift traffic. Canary shifts a small percentage first, then more if healthy. Linear shifts a fixed number or percentage of instances at set intervals.
Which AWS Lambda configuration setting controls the maximum amount of time a function can run before being terminated?
The 'Timeout' setting in AWS Lambda configuration specifies the maximum execution time for a function, after which Lambda will terminate it. The default is 3 seconds, and the maximum is 900 seconds (15 minutes).
Which AWS X-Ray feature allows you to visualize the components of your application, identify bottlenecks, and see relationships between services?
The AWS X-Ray service map provides a visual representation of your application's components and their connections. It helps you understand how requests flow and identify performance issues.
When developing a serverless application using AWS SAM, which file is primarily used to define the application's AWS resources, such as functions, APIs, and databases?
The AWS Serverless Application Model (SAM) uses a `template.yaml` (or `template.json`) file to define the serverless application's resources. This template is an extension of AWS CloudFormation.
A developer needs to ensure that an AWS Lambda function can access resources within a VPC, such as an Amazon RDS database. What configuration is required?
To enable a Lambda function to access resources in your VPC, you must provide the VPC-specific configuration information that includes VPC subnet IDs and security group IDs.
A developer wants to ensure that an IAM user can only perform specific actions if they are authenticated with Multi-Factor Authentication (MFA). How can this be enforced?
You can add a condition to an IAM policy that checks if MFA is enabled for the session. The `aws:MultiFactorAuthPresent` condition key can be used for this purpose.
Which Amazon CloudWatch feature allows you to create custom dashboards to visualize metrics and logs from your AWS resources and applications?
CloudWatch Dashboards are customizable home pages in the CloudWatch console that you can use to monitor your resources in a single view, even resources that are spread across different Regions.
When using AWS SDKs, what is the common way to configure the AWS Region for service calls?
The AWS Region can typically be configured when creating a service client object in the SDK, or through environment variables, or via the AWS CLI configuration file (`~/.aws/config`).
A developer needs to implement pagination for results returned from a DynamoDB `Scan` operation. Which parameters in the response should be used to fetch the next set of results?
If a DynamoDB `Scan` or `Query` operation doesn't return all results in a single response, it includes a `LastEvaluatedKey`. This key should be passed as the `ExclusiveStartKey` in the subsequent request to get the next page of results.
When working with Amazon SQS, what is the purpose of a Dead-Letter Queue (DLQ)?
A DLQ is a queue where other queues (source queues) can send messages that can't be processed successfully. This helps isolate problematic messages for analysis and troubleshooting.
A developer is building an application that needs to store user session data with low latency access. The data is key-value based and doesn't require complex relational joins. Which AWS database service is MOST suitable?
Amazon DynamoDB is a fully managed NoSQL key-value and document database that delivers single-digit millisecond performance at any scale, making it ideal for session management.
A developer wants to ensure that data stored in an Amazon S3 bucket is encrypted at rest using server-side encryption with AWS KMS-managed keys (SSE-KMS). What needs to be configured?
To use SSE-KMS, you specify that S3 should encrypt objects using a key from AWS Key Management Service (KMS). You can use the AWS-managed KMS key for S3 or a customer-managed key (CMK) that you create.
A developer wants to add custom metadata to AWS X-Ray traces to help filter and search for specific requests. What X-Ray feature should be used?
Annotations are key-value pairs that are indexed for use with filter expressions. Use annotations to record data that you want to use to group traces in the console, or when calling the GetTraceSummaries API.
Which AWS service can be used to manage SSL/TLS certificates for your web applications integrated with Elastic Load Balancing or Amazon CloudFront?
AWS Certificate Manager (ACM) lets you easily provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services and your internal connected resources.
A developer is using AWS Lambda and wants to manage environment-specific configurations (e.g., database endpoints for dev vs. prod) without hardcoding them. What Lambda feature is best suited for this?
Lambda environment variables allow you to pass configuration settings to your function code and runtime without changing the code itself. This is ideal for managing environment-specific settings.
When using Amazon Cognito User Pools, what is an Identity Pool (Federated Identities) primarily used for?
Cognito Identity Pools enable you to grant your users access to other AWS services. Users can be authenticated through User Pools or federated identity providers (like Facebook, Google, SAML).
A developer needs to store build artifacts, such as compiled code or Docker images, as part of a CI/CD pipeline. Which AWS service is suitable for storing these artifacts?
Amazon S3 is commonly used to store build artifacts. AWS CodePipeline can also integrate with Amazon ECR (Elastic Container Registry) for Docker images.
A developer wants to package an AWS Lambda function and its dependencies into a deployment package. What is a common way to do this for Node.js or Python runtimes?
For interpreted languages like Node.js and Python, you typically create a .zip file archive containing your function code and any dependencies (e.g., from `node_modules` or a virtual environment).
To optimize the performance of an AWS Lambda function that frequently accesses external APIs, what technique can be used to reduce latency by keeping connections warm?
Keeping connections to external resources (like databases or APIs) warm outside the Lambda handler (in the global scope) can reduce latency on subsequent invocations because the connection doesn't need to be re-established each time.
When using Amazon SQS, what is the 'visibility timeout'?
The visibility timeout is a period during which SQS prevents other consumers from receiving and processing a message. This ensures that if a consumer fails to process a message, it becomes visible again for another consumer to pick up after the timeout expires.
A developer needs to create an API that acts as a front door for an AWS Lambda function. Which AWS service is designed for creating, publishing, maintaining, monitoring, and securing APIs at any scale?
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. It can integrate with Lambda, EC2, and other backends.
When deploying an AWS Lambda function using AWS CloudFormation or AWS SAM, what resource type is used to define the function itself?
In CloudFormation and SAM templates, the `AWS::Lambda::Function` (CloudFormation) or `AWS::Serverless::Function` (SAM) resource type is used to define a Lambda function, its code, runtime, handler, and other configurations.
Which field in an IAM policy document specifies the actions that are allowed or denied?
The `Action` element in an IAM policy specifies the AWS service actions that the policy grants or denies permission to perform (e.g., `s3:GetObject`, `ec2:StartInstances`).
What is the difference between authentication and authorization in the context of application security?
Authentication is the process of verifying who a user is. Authorization is the process of verifying what an authenticated user is allowed to do.
A developer needs to store large binary objects (e.g., images, videos) durably and make them accessible via HTTP. Which AWS service is the MOST appropriate choice?
Amazon S3 (Simple Storage Service) is an object storage service offering industry-leading scalability, data availability, security, and performance. It's ideal for storing and retrieving any amount of data, including large binary files.
A Lambda function needs to write data to a DynamoDB table. According to the principle of least privilege, what permissions should its IAM execution role have?
The Lambda function's IAM role should only have `dynamodb:PutItem` permission (and any other necessary DynamoDB write actions like `UpdateItem` or `BatchWriteItem` if needed) specifically for the target table, and no other permissions.
A DynamoDB table is experiencing read throttling. Which action is LEAST likely to directly help mitigate this issue?
Increasing write capacity primarily helps with write throttling. To mitigate read throttling, you should consider increasing read capacity, using DynamoDB Accelerator (DAX), or optimizing query patterns. Changing the table class might have an indirect effect but isn't the most direct solution for read throttling.
What is the primary purpose of AWS CodePipeline?
AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates.
In a blue/green deployment strategy, what happens during the deployment process?
Blue/green deployment involves creating a new 'green' environment identical to the live 'blue' environment. Traffic is then shifted from blue to green. If issues arise, traffic can be quickly routed back to the blue environment.
Which metric in Amazon CloudWatch for AWS Lambda indicates the percentage of invocations that did not complete successfully?
The `Errors` metric in CloudWatch for Lambda counts the number of invocations that resulted in a function error (e.g., unhandled exceptions in code or resource errors). The error rate can be calculated from this and the `Invocations` metric.
A developer needs to securely store and manage API keys and database credentials that an application uses. Which AWS service is designed for this purpose?
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. It enables easy rotation, management, and retrieval of secrets.
A developer needs to ensure that data uploaded to an S3 bucket is encrypted in transit. How can this be enforced?
You can enforce encryption in transit by using an S3 bucket policy that denies requests that do not use HTTPS (SSL/TLS). This ensures that data is encrypted while being uploaded or downloaded.
What is the purpose of AWS X-Ray in application development?
AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. It provides an end-to-end view of requests as they travel through your application.
Which AWS service can be used to orchestrate a complex workflow involving multiple AWS Lambda functions, AWS Step Functions state machines, and other AWS services?
AWS Step Functions lets you coordinate multiple AWS services into serverless workflows. You can design and run workflows that stitch together services such as AWS Lambda, AWS Fargate, Amazon SNS, and more.
To optimize the cost of a DynamoDB table with unpredictable read/write traffic patterns, which capacity mode is generally recommended?
DynamoDB on-demand capacity mode is a flexible billing option capable of serving thousands of requests per second without capacity planning. It offers pay-per-request pricing for read and write requests so that you only pay for what you use, making it ideal for unpredictable workloads.
Which AWS CloudFormation feature allows you to preview the changes CloudFormation will make to your stack before executing them?
Change sets allow you to preview how proposed changes to a stack might impact your running resources before you implement them. CloudFormation makes the changes to your stack only when you decide to execute the change set.
What is the significance of the `handler` property in an AWS Lambda function configuration?
The Lambda function handler is the method in your function code that processes events. When your function is invoked, Lambda runs the handler method.
When configuring an Amazon API Gateway endpoint, what mechanism can be used to control who can call the API method?
API Gateway supports several authorization mechanisms, including IAM roles and policies, Lambda authorizers (formerly custom authorizers), and Amazon Cognito user pools.
Share your Results:
