Free Amazon AWS-DEA-C01 Exam Questions

Question 1

A Cloud Data Engineer is tasked with setting up a secure and reliable connection from an AWS-based analytics service to an on-premises Microsoft SQL Server database. The goal is to perform regular data import operations.

Which approach would be most effective and secure for accomplishing this task?

A : Configure an AWS Lambda function within the VPC to use a JDBC connection with the database credentials hard-coded for simplicity and speed.

B : Implement an AWS Direct Connect link between the on-premises network and AWS, and use a JDBC connection with database credentials stored in Amazon RDS.

C : Use AWS DataSync with an ODBC connection to the SQL Server, ensuring the connection over the internet is encrypted with TLS.

D : Establish a VPN connection between the on-premises network and AWS VPC, and then use JDBC with SSL encryption to connect to the SQL Server.

Answer: D

Question 2

A healthcare organization stores patient records from multiple regions in an Amazon S3 bucket, which is used for regional health analysis. A data compliance team needs to ensure that health analysts can only access patient records from their specific region to comply with local privacy regulations.

Which solution will enable this requirement with the minimum amount of operational effort?

A : Import the data into an Amazon Aurora database, set up regional schemas, and create IAM policies that grant access to these schemas based on the analyst's region.

B : Implement AWS Lake Formation, register the S3 bucket as a data lake, and utilize Lake Formation's fine-grained access control to manage region-specific data access.

C : Distribute the data across multiple AWS Regions correlating to the patient locations, and implement IAM policies to grant data access to analysts within the same geographical region.

D : Segment the patient records into different S3 prefixes per region, and use IAM bucket policies to restrict access to analysts based on their regional assignment.

Answer: B

Question 3

A company stores its processed data in an S3 bucket. The company has a strict data access policy. Thecompany uses IAM roles to grant teams within the company different levels of access to the S3 bucket.The company wants to receive notifications when a user violates the data access policy. Each notificationmust include the username of the user who violated the policy.Which solution will meet these requirements?

A : Use AWS Config rules to detect violations of the data access policy. Set up compliance alarms.

B : Use Amazon CloudWatch metrics to gather object-level metrics. Set up CloudWatch alarms.

C : Use AWS CloudTrail to track object-level events for the S3 bucket. Forward events to Amazon CloudWatch to set up CloudWatch alarms.

D : Use Amazon S3 server access logs to monitor access to the bucket. Forward the access logs to an Amazon CloudWatch log group. Use metric filters on the log group to set up CloudWatch alarms.

Answer: C

Question 4

A photography studio stores its high-resolution image files in an Amazon S3 bucket. Recently, they encountered issues with accidental overwrites of important files. The studio requires a solution to prevent the overwriting and accidental deletion of their images while ensuring that the latest version of a file is readily accessible.

Which single feature should the photography studio enable on their S3 bucket to address this issue effectively?

A : Activate S3 Versioning to maintain multiple versions of each file.

B : Enable S3 Object Lock in compliance mode for strict WORM (Write Once, Read Many) protection.

C : Configure S3 Intelligent-Tiering to manage the storage of the files efficiently.

D : Implement S3 Lifecycle policies to archive older versions of files to S3 Glacier.

Answer: A

Question 5

A company receives test results from testing facilities that are located around the world. The company storesthe test results in millions of 1 KB JSON files in an Amazon S3 bucket. A data engineer needs to process thefiles, convert them into Apache Parquet format, and load them into Amazon Redshift tables. The dataengineer uses AWS Glue to process the files, AWS Step Functions to orchestrate the processes, and AmazonEventBridge to schedule jobs.The company recently added more testing facilities. The time required to process files is increasing. The dataengineer must reduce the data processing time.Which solution will MOST reduce the data processing time?

A : Use AWS Lambda to group the raw input files into larger files. Write the larger files back to Amazon S3. Use AWS Glue to process the files. Load the files into the Amazon Redshift tables.

B : Use the AWS Glue dynamic frame file-grouping option to ingest the raw input files. Process the files. Load the files into the Amazon Redshift tables.

C : Use the Amazon Redshift COPY command to move the raw input files from Amazon S3 directly into the Amazon Redshift tables. Process the files in Amazon Redshift.

D : Use Amazon EMR instead of AWS Glue to group the raw input files. Process the files in Amazon EMR. Load the files into the Amazon Redshift tables.

Answer: B