Free Amazon AWS-DEA-C01 Exam Questions

Question 1

A data engineer at a healthcare company needs to implement a solution to ensure that sensitive patient data in an Amazon S3 bucket is encrypted at rest. The company's security policy mandates the use of customer-managed keys for encryption to meet compliance requirements. The data engineer must also ensure that key usage can be audited.

Which of the following would be the MOST suitable solution?

A : Use server-side encryption with AWS KMS managed keys (SSE-KMS), create a customer managed key, and enable logging and auditing via AWS CloudTrail.

B : Encrypt data client-side using a customer-managed encryption library before uploading to S3, and utilize AWS CloudWatch for monitoring access.

C : Implement server-side encryption with AWS KMS managed keys (SSE-KMS), using an AWS managed key (default key), and track key usage through AWS Config.

D : Enable server-side encryption on the S3 bucket with Amazon S3 managed keys (SSE-S3) and use AWS CloudTrail to audit key usage.

Answer: A

Question 2

A company has three subsidiaries. Each subsidiary uses a different data warehousing solution. The firstsubsidiary hosts its data warehouse in Amazon Redshift. The second subsidiary uses Teradata Vantage onAWS. The third subsidiary uses Google BigQuery.The company wants to aggregate all the data into a central Amazon S3 data lake. The company wants to useApache Iceberg as the table format.A data engineer needs to build a new pipeline to connect to all the data sources, run transformations by usingeach source engine, join the data, and write the data to Iceberg.Which solution will meet these requirements with the LEAST operational effort?

A : Use native Amazon Redshift, Teradata, and BigQuery connectors to build the pipeline in AWS Glue. Use native AWS Glue transforms to join the data. Run a Merge operation on the data lake Iceberg table.

B : Use the Amazon Athena federated query connectors for Amazon Redshift, Teradata, and BigQuery to build the pipeline in Athena. Write a SQL query to read from all the data sources, join the data, and run a Merge operation on the data lake Iceberg table

C : Use the native Amazon Redshift connector, the Java Database Connectivity (JDBC) connector for Teradata, and the open source Apache Spark BigQuery connector to build the pipeline in Amazon EMR. Write code in PySpark to join the data. Run a Merge operation on the data lake Iceberg table.

D : Use the native Amazon Redshift, Teradata, and BigQuery connectors in Amazon Appflow to write data to Amazon S3 and AWS Glue Data Catalog. Use Amazon Athena to join the data. Run a Merge operation on the data lake Iceberg table.

Answer: B

Question 3

A company has three subsidiaries. Each subsidiary uses a different data warehousing solution. The firstsubsidiary hosts its data warehouse in Amazon Redshift. The second subsidiary uses Teradata Vantage onAWS. The third subsidiary uses Google BigQuery.The company wants to aggregate all the data into a central Amazon S3 data lake. The company wants to useApache Iceberg as the table format.A data engineer needs to build a new pipeline to connect to all the data sources, run transformations by usingeach source engine, join the data, and write the data to Iceberg.Which solution will meet these requirements with the LEAST operational effort?

A : Use native Amazon Redshift, Teradata, and BigQuery connectors to build the pipeline in AWS Glue. Use native AWS Glue transforms to join the data. Run a Merge operation on the data lake Iceberg table.

B : Use the Amazon Athena federated query connectors for Amazon Redshift, Teradata, and BigQuery to build the pipeline in Athena. Write a SQL query to read from all the data sources, join the data, and run a Merge operation on the data lake Iceberg table

C : Use the native Amazon Redshift connector, the Java Database Connectivity (JDBC) connector for Teradata, and the open source Apache Spark BigQuery connector to build the pipeline in Amazon EMR. Write code in PySpark to join the data. Run a Merge operation on the data lake Iceberg table.

D : Use the native Amazon Redshift, Teradata, and BigQuery connectors in Amazon Appflow to write data to Amazon S3 and AWS Glue Data Catalog. Use Amazon Athena to join the data. Run a Merge operation on the data lake Iceberg table.

Answer: B

Question 4

A company wants to migrate an application and an on-premises Apache Kafka server to AWS. Theapplication processes incremental updates that an on-premises Oracle database sends to the Kafka server. Thecompany wants to use the replatform migration strategy instead of the refactor strategy.Which solution will meet these requirements with the LEAST management overhead?

A : Amazon Kinesis Data Streams

B : Amazon Managed Streaming for Apache Kafka (Amazon MSK) provisioned cluster

C : Amazon Data Firehose

D : Amazon Managed Streaming for Apache Kafka (Amazon MSK) Serverless

Answer: D

Question 5

A company stores its processed data in an S3 bucket. The company has a strict data access policy. Thecompany uses IAM roles to grant teams within the company different levels of access to the S3 bucket.The company wants to receive notifications when a user violates the data access policy. Each notificationmust include the username of the user who violated the policy.Which solution will meet these requirements?

A : Use AWS Config rules to detect violations of the data access policy. Set up compliance alarms.

B : Use Amazon CloudWatch metrics to gather object-level metrics. Set up CloudWatch alarms.

C : Use AWS CloudTrail to track object-level events for the S3 bucket. Forward events to Amazon CloudWatch to set up CloudWatch alarms.

D : Use Amazon S3 server access logs to monitor access to the bucket. Forward the access logs to an Amazon CloudWatch log group. Use metric filters on the log group to set up CloudWatch alarms.

Answer: C