Practice questions · IT & Cloud
AWS Developer – Associate (DVA-C02): Practice Questions
Original practice questions for the AWS Certified Developer – Associate (DVA-C02). Each answer is explained, including why the others are wrong. Filter by domain or difficulty. These are concept checks - not real exam questions.
Answered 0 · Correct 0
-
AWS Lambda lets you:
Correct answer: D. Lambda runs code serverlessly, scaling automatically. Relational databases are RDS, object storage is S3, and edge delivery is CloudFront. -
Amazon DynamoDB is a:
Correct answer: C. DynamoDB is a managed NoSQL database. Relational is RDS/Aurora, queues are SQS, and the CDN is CloudFront. -
To call AWS services programmatically from your application, you use:
Correct answer: C. The AWS SDK provides language-specific APIs to call AWS services from code. The Console is for manual point-and-click use, while DNS records and a spreadsheet are not ways to invoke AWS APIs. -
You want a function to run automatically whenever a file is uploaded to S3. What do you configure?
Correct answer: A. An S3 event notification can trigger a Lambda function automatically on object upload. A scheduled VM reboot, creating a new IAM user, and a manual CloudFront invalidation are not triggered by S3 uploads and do not create event-driven processing. -
How should a Lambda function obtain permissions to access other AWS services?
Correct answer: D. A Lambda execution role grants scoped, temporary permissions. Hardcoding keys, public storage and root keys are insecure. -
Which service securely stores and rotates database credentials for your app?
Correct answer: C. Secrets Manager stores and can rotate secrets, retrieved at runtime. CloudFront, SQS and Config serve unrelated purposes. -
Amazon Cognito is used to:
Correct answer: C. Cognito handles application user authentication and identity. Containers are ECS/EKS, backups are AWS Backup, and DNS is Route 53. -
Which lets you define your AWS infrastructure as code with templates?
Correct answer: D. CloudFormation (and SAM for serverless) provision resources from declarative templates. S3 is storage, CloudWatch is monitoring, and IAM is access control. -
A blue/green deployment reduces risk by:
Correct answer: A. Blue/green runs two environments and shifts traffic, enabling fast rollback. Deleting the old version first, disabling health checks, or skipping testing increase risk. -
AWS SAM is:
Correct answer: B. The Serverless Application Model simplifies defining serverless apps (Lambda, API Gateway, DynamoDB). It is not a database, CDN, or identity provider. -
Which AWS service helps orchestrate build, test and deploy stages in a pipeline?
Correct answer: D. CodePipeline automates CI/CD stages. S3 is storage, Route 53 is DNS, and KMS manages keys. -
To trace a request as it travels through multiple AWS services and find bottlenecks, you use:
Correct answer: C. X-Ray provides distributed tracing across services. S3 is storage, IAM is access control, and SNS is notifications. -
Where do you find logs and metrics for your AWS application?
Correct answer: C. CloudWatch collects logs, metrics and alarms. EBS is block storage, Secrets Manager stores secrets, and VPC is networking. -
If a DynamoDB table is being throttled under bursty load, a good first response is to:
Correct answer: B. Throttling is addressed by matching capacity to demand and retrying with backoff. Deleting the table, disabling encryption, or changing an instance size (DynamoDB is serverless) do not solve it. -
Amazon SQS is best used to:
Correct answer: B. SQS buffers messages in a managed queue to decouple components. Managing user identities is Cognito/IAM, serving static files is S3/CloudFront, and running a relational database is RDS. -
Amazon SNS differs from SQS in that SNS:
Correct answer: D. SNS pushes messages to multiple subscribers (pub/sub fan-out), while SQS is a pull queue. SNS is not a relational database, does not run containers, and does not store objects. -
DynamoDB Streams let an application:
Correct answer: D. Streams emit item-level change records that can trigger near-real-time processing (e.g., Lambda). They do not encrypt the account, manage IAM users, or store large video files. -
To improve read performance for repeated queries, a developer can add:
Correct answer: D. A caching layer such as ElastiCache (or DAX for DynamoDB) serves repeated reads from memory, cutting latency and load. More IAM roles, a larger logo, or adding Regions do not speed up reads. -
API Gateway is used to:
Correct answer: A. API Gateway creates, publishes and secures APIs for backend services. Running a database is RDS, storing objects is S3, and sending email is SES. -
To encrypt data at rest in S3 with keys you manage centrally, you use:
Correct answer: B. KMS keys with server-side encryption protect S3 objects at rest using centrally managed keys. Plain-text storage is unencrypted, and an open security group or a public bucket expose data rather than encrypt it. -
A Lambda function should be granted permissions via:
Correct answer: B. Lambda assumes an IAM execution role with least-privilege policies for scoped, temporary access. Root credentials, a public URL, or hard-coded access keys in the code are all insecure. -
Storing API keys or DB passwords in source code is bad because:
Correct answer: A. Hard-coded secrets can leak, so use Secrets Manager or Parameter Store instead. AWS does not require it, it does not make code run faster, and it does not encrypt anything automatically. -
A canary deployment reduces risk by:
Correct answer: A. A canary release sends a small percentage of traffic to the new version first to catch issues early. Deleting the old version immediately, deploying to everyone at once, or skipping testing all increase risk. -
AWS CodeDeploy is used to:
Correct answer: C. CodeDeploy automates application deployments (in-place or blue/green) to compute services. Running SQL queries is a database task, managing DNS is Route 53, and storing objects is S3. -
Infrastructure as code with AWS CloudFormation lets you:
Correct answer: C. CloudFormation templates let you define and version infrastructure for repeatable deployments. It does not store user passwords, does not let you avoid testing, and replaces manual console clicking rather than requiring it. -
AWS CodePipeline is used to:
Correct answer: C. CodePipeline orchestrates build, test and deploy stages into an automated pipeline. Storing objects is S3, managing IAM groups is IAM, and running a relational database is RDS. -
If a Lambda function frequently times out, a reasonable first step is to:
Correct answer: B. Review the code and increase the timeout or memory as appropriate to fix frequent timeouts. Deleting the function, making the bucket public, or disabling logging do not resolve the timeout. -
Amazon CloudWatch Logs and X-Ray together help a developer:
Correct answer: D. CloudWatch Logs surface errors and X-Ray traces requests to find latency bottlenecks across services. Encrypting the account, managing billing, and storing backups are unrelated tasks. -
Exponential backoff with jitter is recommended when:
Correct answer: C. Backoff with jitter spaces out retries of throttled requests so they do not overwhelm the service. Writing documentation, naming a bucket, and first-time deployment are unrelated situations. -
An S3 pre-signed URL lets an application:
Correct answer: D. A pre-signed URL grants temporary, time-limited access to a specific object without exposing credentials or making the bucket public. It does not delete the account, make the whole bucket public, or run a database query.
Practice questions FAQ
- Are these real DVA-C02 exam questions?
- No. These are original study questions written to test understanding. They are not real exam questions, exam dumps, or copied from any provider.
- How should I use these practice questions?
- Answer each one, read the explanation (including why the wrong options are wrong), and use the per-domain score below to focus your revision on weak areas. Revisit before exam day.
- How many questions should I do before the exam?
- Enough to score consistently across every domain, alongside full-length practice from official or reputable providers. Understanding why each answer is right matters more than raw volume.
- What score means I am ready?
- A good signal is consistently scoring around 80% or higher across all domains on questions you have not seen before, and being able to explain why the wrong options are wrong.
- Should I use exam dumps?
- No. Dumps (real or leaked questions) breach provider policy, can void your certification, and do not build the understanding the exam actually tests.