Free Amazon AWS-DEA-C01 Exam Questions

Question 1

A company has as JSON file that contains personally identifiable information (PIT) data and non-PII data. The company needs to make the data available for querying and analysis. The non-PII data must be available to everyone in the company. The PII data must be available only to a limited group of employees. Which solution will meet these requirements with the LEAST operational overhead?

A : Store the JSON file in an Amazon S3 bucket. Configure AWS Glue to split the file into one file that contains the PII data and one file that contains the non-PII data. Store the output files in separate S3 buckets. Grant the required access to the buckets based on the type of user.

B : Store the JSON file in an Amazon S3 bucket. Use Amazon Macie to identify PII data and to grant access based on the type of user.

C : Store the JSON file in an Amazon S3 bucket. Catalog the file schema in AWS Lake Formation. Use Lake Formation permissions to provide access to the required data based on the type of user.

D : Create two Amazon RDS PostgreSQL databases. Load the PII data and the non-PII data into the separate databases. Grant access to the databases based on the type of user.

Answer: C

Question 2

Files from multiple data sources arrive in an Amazon S3 bucket on a regular basis. A data engineer wants to ingest new files into Amazon Redshift in near real time when the new files arrive in the S3 bucket. Which solution will meet these requirements?

A : Use the query editor v2 to schedule a COPY command to load new files into Amazon Redshift.

B : Use the zero-ETL integration between Amazon Aurora and Amazon Redshift to load new files into Amazon Redshift.

C : Use AWS Glue job bookmarks to extract, transform, and load (ETL) load new files into Amazon Redshift.

D : Use S3 Event Notifications to invoke an AWS Lambda function that loads new files into Amazon Redshift.

Answer: D

Question 3

A company has as JSON file that contains personally identifiable information (PIT) data and non-PII data. The company needs to make the data available for querying and analysis. The non-PII data must be available to everyone in the company. The PII data must be available only to a limited group of employees. Which solution will meet these requirements with the LEAST operational overhead?

A : Store the JSON file in an Amazon S3 bucket. Configure AWS Glue to split the file into one file that contains the PII data and one file that contains the non-PII data. Store the output files in separate S3 buckets. Grant the required access to the buckets based on the type of user.

B : Store the JSON file in an Amazon S3 bucket. Use Amazon Macie to identify PII data and to grant access based on the type of user.

C : Store the JSON file in an Amazon S3 bucket. Catalog the file schema in AWS Lake Formation. Use Lake Formation permissions to provide access to the required data based on the type of user.

D : Create two Amazon RDS PostgreSQL databases. Load the PII data and the non-PII data into the separate databases. Grant access to the databases based on the type of user.

Answer: C

Question 4

As a Cloud Data Engineering Consultant, you are assisting a client in setting up a data warehouse using Amazon Redshift. The client's data warehouse stores sensitive financial information and is used by various departments within the organization, each requiring different levels of access. The client emphasizes the need for secure data sharing practices that would allow specific teams to access only the data relevant to their work. They seek your advice on implementing a solution within Amazon Redshift to grant permissions effectively and securely for sharing data across different teams.

To meet the client's need for secure, role-specific data access in their Amazon Redshift data warehouse, which of the following approaches would you recommend?

A : Utilize Redshift Spectrum to create external schemas and tables, granting access to these external tables to specific IAM roles assigned to different teams.

B : Configure Amazon Redshift Security Groups to control which teams can access the data warehouse, assigning specific IP address ranges for each team.

C : Leverage Amazon Redshift's Row-Level Security (RLS) feature to control access to rows of data based on user attributes such as team or role, enabling fine-grained access control within shared tables.

D : Implement Redshift Data Sharing to share live data across different Redshift clusters, using Redshift's ALTER DATASHARE command to add and manage consumer clusters' access to the data.

Answer: C

Question 5

A company plans to move 10 TB of multimedia content from their local servers to AWS, with a portion of the data being updated weekly. These updates must be reflected in the Amazon S3 bucket where the data will be stored. The multimedia content consists of large image and video files.

To automate and schedule these data transfers effectively, which AWS service should the company employ?

A : Use AWS Transfer for SFTP to secure and automate data transfer to S3.

B : Use AWS DataSync to automate and schedule the ongoing transfer of files to Amazon S3.

C : Set up an AWS Snowball job for periodic data transfer to Amazon S3.

D : Deploy an AWS Storage Gateway to synchronize and manage data transfers to S3.

Answer: B