Free Online Amazon Data-Engineer-Associate Practice Test

Prepare Your Amazon Data-Engineer-Associate Exam Questions with Free online Data-Engineer-Associate Practice Test. Get Brilliant AWS Certified Data Engineer Associate (DEA-C01) Exam Results with Valid Data Engineer Associate Exam Dumps.

Page: 1 / 89

Total 441 Questions | Updated On: Apr 23, 2024

Question 1

A financial services company is using Amazon RDS for PostgreSQL to manage sensitive customer data. The database is accessed by various applications deployed in an AWS environment. The company's security policy mandates that the data must be encrypted at rest. The database administrator needs to enable encryption for the existing unencrypted database with minimal downtime.

Which of the following approaches should the administrator take?

A : Enable encryption on the existing RDS instance directly via the AWS Management Console.

B : Take a snapshot of the existing RDS instance, copy the snapshot with encryption enabled, and then restore the database from the encrypted snapshot.

C : Create a new RDS instance with encryption enabled and migrate the data from the existing unencrypted database using AWS Database Migration Service (DMS).

D : Use AWS Key Management Service (KMS) to encrypt the existing database file at the storage level.

Answer: B

Question 2

A company's security team mandates that their Amazon RDS databases should only accept connections from specific, known IP addresses to ensure security. As a data engineer, you are tasked with implementing this requirement for an RDS instance that will be accessed by multiple clients located in different geographical locations, each with a fixed set of IP addresses.

Which of the following would be the most effective and secure way to comply with this security requirement?

A : Implement a network Access Control List (ACL) with rules to allow the known IP addresses and deny all others, applying these to the subnet associated with the RDS instance.

B : Configure AWS WAF with a set of rules to allowlist the specific IP addresses, and associate these rules with the RDS instance.

C : Utilize AWS Identity and Access Management (IAM) policies to restrict database access to the specific IP addresses.

D : Modify the inbound rules of the RDS instance's security group to allow traffic from the known IP addresses and deny all other traffic.

Answer: D

Question 3

A team of data analysts frequently conducts identical queries on large datasets stored in Amazon S3, using Athena for analysis. They've noticed that their query results typically remain relevant and unchanged for about 2 hours after execution. To optimize query efficiency and reduce costs, the team seeks a method to avoid redundant data scans for this 2-hour period.

What approach should they adopt to meet this requirement without the need for significant changes to their query infrastructure?

A : Utilize Amazon S3 lifecycle policies to retain and reuse query results for 2 hours.

B : Configure Athena to automatically reuse query results, relying on the default maximum age setting, which is 120 minutes.

C : Implement a custom AWS Lambda function to store and fetch query results for a period of 2 hours.

D : Enable Athena's query result reuse feature and set the maximum age for reusing query results to 120 minutes.

Answer: D

Question 4

A healthcare application hosted on AWS uses Amazon EC2 instances to manage sensitive patient data that must comply with regulatory security standards. The data is stored on EBS volumes attached to the EC2 instances. The company's security policy mandates that all data at rest be encrypted to protect against unauthorized access.

Which action should the IT department take to secure the EBS volumes in accordance with the company's security policy?

A : Use AWS Certificate Manager to apply SSL/TLS certificates to the EBS volumes.

B : Encrypt the EBS volumes with Amazon S3 server-side encryption.

C : Enable EBS encryption with AWS Key Management Service (KMS) keys.

D : Run a third-party encryption tool to encrypt data on the EBS volumes before storage.

Answer: C

Question 5

A company is migrating a legacy application to an Amazon S3 based data lake. A data engineer reviewed data

that is associated with the legacy application. The data engineer found that the legacy data contained some

duplicate information.

The data engineer must identify and remove duplicate information from the legacy application data.

Which solution will meet these requirements with the LEAST operational overhead?

A :

Write a custom extract, transform, and load (ETL) job in Python. Use the DataFramedrop duplicatesf) function by importingthe Pandas library to perform data deduplication.

B :

Write an AWS Glue extract, transform, and load (ETL) job. Usethe FindMatches machine learning(ML) transform to transform the data to perform data deduplication.

C :

Write a custom extract, transform, and load (ETL) job in Python. Import the Python dedupe library. Use the dedupe library to perform data deduplication.

D :

Write an AWS Glue extract, transform, and load (ETL) job. Import the Python dedupe library. Use the dedupe library to perform data deduplication.

Answer: B

Page: 1 / 89

Total 441 Questions | Updated On: Apr 23, 2024