Security Questions
Practice questions for Security topic in AWS Certified Developer - Associate. 52 questions covering this domain.
A platform team wants developers to have only the minimum permissions required for their workloads and to apply fine-grained access controls to AWS re...
A security engineer needs to create and control cryptographic keys used to encrypt application data. Which AWS service is the best fit?
A compliance reviewer asks whether a team is protecting data when it is stored and also while it moves over the network. Which pair of concepts should...
Application logs are exposing unredacted customer PII. Which action best aligns with the DVA-C02 security guidance?
A web application needs to authenticate users and then authorize API calls using tokens passed by the client. Which AWS service is the best match for ...
A microservices application currently shares long-lived credentials across services to call AWS APIs. What is the best AWS-aligned improvement?
A development team needs a managed AWS service to centrally store database passwords, API keys, and other secrets, with built-in rotation support. Whi...
A security team wants encryption keys to be rotated automatically on an ongoing basis. Which AWS capability should they use?
An audit finds that a Lambda function stores database passwords in environment variables. What is the best remediation?
An application in one AWS account needs temporary access to resources in another AWS account without storing long-term credentials. What is the best A...
A company wants secure sign-in and access control for application users, with support for federation and social identity providers. Which AWS service ...
A SaaS company needs tenant-based identity stores, federation options, and role-based access to AWS services for its customer-facing application. Whic...
A payment application must ensure that plaintext is encrypted before it is sent to an AWS service so the service never receives unencrypted data. Whic...
A developer must allow only specific source IP ranges to invoke an Amazon API Gateway REST API while keeping it public on the internet. Which mechanis...
Which AWS service issues, deploys, and renews public TLS/SSL certificates for use with CloudFront, ALB, and API Gateway at no charge?
A web app must allow JavaScript on https://example.com to call an Amazon API Gateway REST API hosted on a different domain. Which API Gateway capabili...
A REST API needs to validate JSON Web Tokens (JWTs) issued by an OIDC provider before invoking the Lambda backend. Which API Gateway feature should be...
Which AWS Identity and Access Management policy element specifies the actions, resources, and conditions that a permission applies to?
A developer must allow a third-party SaaS to assume an IAM role in the customer's AWS account using a shared identifier supplied by the SaaS to mitiga...
A developer must allow Lambda to write to an S3 bucket without storing access keys in code. Which approach should they use?
Sign in to see all 52 questions
Create a free account to browse all questions — completely free during our launch phase.