Amazon Web Services · Free Practice Questions · Last reviewed May 2026
30real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.
A company is migrating an on-premises PostgreSQL database to Amazon RDS for PostgreSQL. The database has a large table that is frequently accessed by reporting queries. The reporting queries filter on a column that has a high cardinality but low selectivity. To optimize query performance on this table, which design choice should the database specialist recommend?
Partition the table by the filter column
Use a read replica to offload reporting queries
Increase the provisioned read IOPS for the RDS instance
Create a covering index on the filter column
A covering index includes all columns needed, allowing query results to be returned from the index alone.
A company is designing a new e-commerce platform using Amazon DynamoDB. The workload requires single-digit millisecond latency for user session data, which is accessed by session token. The session data is temporary and should be automatically deleted after 24 hours. Which DynamoDB design should the database specialist recommend?
Create an AWS Lambda function that runs every hour and deletes expired session data
Store session data in Amazon S3 with a lifecycle policy to delete objects after 24 hours
Use DynamoDB Accelerator (DAX) to cache session data and set a 24-hour TTL on the cache
Enable DynamoDB Time to Live (TTL) on the session token attribute
TTL automatically deletes items after a specified expiry timestamp, meeting the 24-hour deletion requirement.
A financial services company is migrating its Oracle database to Amazon Aurora PostgreSQL. The database runs a critical batch processing job every night that updates millions of rows. The company needs the migration to minimize downtime and ensure data integrity. Which AWS service should the database specialist use to perform the migration?
AWS Database Migration Service (AWS DMS) with ongoing replication from Oracle to Aurora PostgreSQL
AWS DMS can perform a one-time migration and then use ongoing replication to keep the target in sync with the source, minimizing downtime.
AWS Data Pipeline to export data from Oracle and import into Aurora PostgreSQL
AWS Schema Conversion Tool (AWS SCT) to convert the schema and then use native PostgreSQL tools to migrate data
AWS Glue to extract data from Oracle and load into Aurora PostgreSQL
A social media application uses Amazon DynamoDB as its primary data store. The application stores user posts and allows users to retrieve the most recent 10 posts of users they follow. The access pattern is a followee-based query that needs to be highly scalable and low-latency. Which DynamoDB table design should the database specialist recommend?
Use a partition key of post ID and a local secondary index on the followee ID
Use a single table with a scan operation and filter on the followee attribute
Use a composite primary key with a partition key of follower ID and a sort key of timestamp, and store the followee ID as an attribute
This design allows efficient Query on the follower ID to retrieve recent posts in reverse order by timestamp.
Design the table with a partition key of user ID and a sort key of timestamp, and create a global secondary index (GSI) on followee ID
A company is running a MySQL database on Amazon RDS and needs to store JSON documents that are frequently queried by fields within the JSON. The company wants to reduce development complexity and improve query performance. Which RDS MySQL feature should the database specialist recommend?
Migrate the JSON data to Amazon DynamoDB and use DynamoDB's document model
Use the JSON data type in MySQL 8.0 and utilize JSON path expressions in queries
MySQL's JSON data type allows efficient storage and querying using JSON path expressions and indexes.
Store JSON documents in a VARCHAR(MAX) column and use LIKE operations for queries
Store JSON documents as BLOBs and parse them in application code
A company is designing a multi-tenant SaaS application on Amazon Aurora MySQL. Each tenant has its own database, but some tenants are very large and generate high write traffic. The company wants to isolate tenant workloads to prevent a noisy neighbor from affecting other tenants. Which TWO design strategies should the database specialist recommend?
Use Aurora Serverless for tenants with variable workloads
Aurora Serverless automatically scales compute capacity based on workload, minimizing impact on other tenants.
Use a single Aurora cluster with read replicas for each tenant
Migrate all tenants to Amazon DynamoDB and use DynamoDB Accelerator (DAX) for caching
Use Amazon RDS Proxy to pool connections and limit throughput per tenant
Use separate Aurora clusters for high-traffic tenants
Separate clusters provide complete resource isolation, preventing noisy neighbor issues.
Want more Workload-Specific Database Design practice?
Practice this domainA company is migrating an on-premises PostgreSQL database to Amazon RDS for PostgreSQL. The database is 2 TB in size and has a high write workload. The company needs to minimize downtime during the migration. Which AWS service or feature should the company use to achieve this?
Use pg_dump and pg_restore to export and import the database.
Use AWS Database Migration Service (AWS DMS) with ongoing replication.
AWS DMS supports ongoing replication via change data capture, minimizing downtime.
Use the AWS Schema Conversion Tool (AWS SCT) to convert the schema and migrate data.
Use AWS DataSync to replicate the database files.
A company wants to migrate its on-premises Oracle database to Amazon Aurora PostgreSQL. The company needs to automatically convert the Oracle schema to PostgreSQL-compatible format. Which AWS service should the company use?
AWS Database Migration Service (AWS DMS) with the Oracle native dump and load option
AWS Server Migration Service (AWS SMS)
AWS Database Migration Service (AWS DMS)
AWS Schema Conversion Tool (AWS SCT)
AWS SCT automates schema conversion from Oracle to Amazon Aurora PostgreSQL.
A company is using AWS Database Migration Service (AWS DMS) to migrate a 5 TB MySQL database to Amazon RDS for MySQL. The migration is taking longer than expected. The company notices that the source database has a high volume of write operations. Which configuration change would MOST likely improve the migration performance?
Increase the number of parallel threads in the DMS task settings.
Parallel threads allow concurrent loading of data, improving throughput for high-write workloads.
Enable Multi-AZ on the target RDS instance.
Use a smaller instance class for the replication instance to reduce cost.
Set the LOB mode to 'Full LOB mode'.
A company is migrating an on-premises Microsoft SQL Server database to Amazon RDS for SQL Server. The database uses SQL Server Agent jobs for ETL processes. After migration, the company needs to continue running these jobs. What is the MOST efficient way to manage these jobs in the AWS cloud?
Recreate the jobs as AWS Lambda functions and trigger them with Amazon CloudWatch Events.
AWS Lambda can run ETL jobs and be scheduled via CloudWatch Events, replacing SQL Server Agent.
Install SQL Server Agent on an Amazon EC2 instance and connect to RDS.
Use the AWS Schema Conversion Tool (AWS SCT) to convert the jobs to PostgreSQL functions.
Use AWS Database Migration Service (AWS DMS) tasks to replicate the jobs.
A company needs to migrate a 100 GB MongoDB database to Amazon DocumentDB (with MongoDB compatibility). The migration must have minimal impact on the source database performance. Which approach should the company take?
Use AWS Database Migration Service (AWS DMS) with ongoing replication from the MongoDB source.
AWS DMS supports MongoDB as a source and can perform continuous replication with minimal impact.
Use AWS DataSync to transfer the MongoDB data files.
Set up a MongoDB replica set on Amazon EC2 and promote it to primary, then migrate to DocumentDB.
Use mongodump to export the data and mongorestore to import into DocumentDB.
A company is migrating a 3 TB on-premises Oracle database to Amazon Aurora PostgreSQL using AWS DMS. The migration task is failing with an error indicating insufficient memory. Which TWO actions should the company take to resolve this issue? (Choose TWO.)
Change the target database engine to Amazon RDS for MySQL.
Disable Multi-AZ on the DMS replication instance.
Increase the instance class of the DMS replication instance.
A larger instance class provides more memory to handle the migration.
Reduce the number of tables being migrated in the task.
Migrating fewer tables simultaneously reduces memory consumption.
Use a smaller instance class for the DMS replication instance.
Want more Deployment and Migration practice?
Practice this domainA company is running an Amazon RDS for MySQL Multi-AZ DB instance. The primary instance in us-east-1a experiences an unexpected failure. After the automatic failover, the application team reports that write latency has increased significantly. The new primary instance is in us-east-1b. The DB instance class and storage configuration are identical. What is the MOST likely cause of the increased write latency?
The DB instance class in us-east-1b is a different size than the original.
The application is connecting to the DB instance in a different Availability Zone, increasing network latency.
The new primary is in us-east-1b, and if the application is in us-east-1a, cross-AZ latency increases write latency.
The Multi-AZ configuration uses asynchronous replication, causing higher latency.
The new primary is in the same Availability Zone as the application, but the standby is in a different AZ, causing synchronous replication overhead.
A database administrator is troubleshooting an Amazon RDS for PostgreSQL DB instance that is experiencing high CPU utilization. The administrator runs the following query to find the current running queries:
SELECT pid, now() - pg_stat_activity.query_start AS duration, query, state FROM pg_stat_activity WHERE state = 'active';
The output shows a high number of queries with a state of 'active' and durations exceeding several minutes. What should the administrator do FIRST to reduce CPU utilization?
Modify the max_connections parameter to limit concurrent sessions.
Scale up the DB instance to a larger instance class.
Use pg_terminate_backend to terminate the long-running queries.
Terminating long-running queries immediately reduces CPU usage.
Enable pg_stat_statements to collect query performance data.
A company is using Amazon DynamoDB with on-demand capacity mode. The application experiences occasional throttling during peak hours. The operations team wants to reduce throttling without changing the application code. What should they do?
Increase the read and write capacity units in the on-demand mode.
Switch to provisioned capacity mode and configure auto scaling.
Provisioned capacity with auto scaling ensures adequate capacity for peak traffic.
Enable DynamoDB Accelerator (DAX) to cache reads.
Use DynamoDB global tables to distribute traffic across regions.
A company is migrating an on-premises Microsoft SQL Server database to Amazon RDS for SQL Server. The database uses SQL Server Agent jobs, custom CLR assemblies, and cross-database queries. Which of the following will require modification before migration?
Cross-database queries
Custom CLR assemblies
Stored procedures that use dynamic SQL
SQL Server Agent jobs
SQL Server Agent is not available in RDS; jobs require alternative solutions.
A company is using Amazon RDS for MySQL with a cross-Region read replica to support disaster recovery. The primary DB instance is in us-west-2, and the read replica is in us-east-1. The read replica is used for reporting and also serves as a failover target. The operations team notices that the read replica lag is consistently above 10 seconds during peak hours. What should the team do to reduce replica lag?
Increase the DB instance class of the read replica.
A larger instance class can process replication events faster.
Enable Multi-AZ on the primary DB instance.
Increase the backup retention period for the primary DB instance.
Disable binary logging (binlog) on the primary DB instance.
A company is using an Amazon Aurora MySQL DB cluster. The company wants to implement a backup strategy that supports point-in-time recovery (PITR) with a recovery time objective (RTO) of 15 minutes and a recovery point objective (RPO) of 5 minutes. Which TWO actions should the company take?
Configure automated backups with a retention period of at least 5 minutes beyond the current time.
Automated backups enable PITR.
Create manual snapshots every 5 minutes.
Enable cross-Region replication for the cluster.
Enable parallel query for the cluster.
Enable Aurora Backtrack.
Backtrack allows rewinding the cluster to a specific time, meeting RTO and RPO.
Want more Management and Operations practice?
Practice this domainA company is using Amazon RDS for MySQL and notices that the Read IOPS metric is consistently high during business hours. The application is read-heavy. Which configuration change would most likely reduce Read IOPS?
Add a Multi-AZ standby instance.
Create one or more read replicas and redirect read traffic to them.
Read replicas handle read queries from the primary, reducing read IOPS on the source instance.
Increase the DB instance size to a larger instance type.
Enable storage Auto Scaling on the RDS instance.
A developer reports that an application using Amazon DynamoDB is experiencing high latency during peak hours. The table has a provisioned capacity of 500 read capacity units (RCUs) and 500 write capacity units (WCUs). The application uses eventually consistent reads and the table is about 50 GB. The developer notices throttled write requests in CloudWatch. Which action would most effectively reduce write throttling?
Enable DynamoDB Accelerator (DAX) for the table.
Create a global secondary index on the table.
Increase the provisioned write capacity for the table.
Increasing write capacity units reduces throttling for write requests.
Switch from eventually consistent reads to strongly consistent reads.
A company is migrating an on-premises Oracle database to Amazon RDS for Oracle. During the migration, the database administrator notices that the CPU utilization on the RDS instance is consistently above 90% during peak hours, even though the on-premises server had similar specifications. The application queries are mostly SELECT statements with occasional DML. The RDS instance is db.r5.large with 500 GB of General Purpose SSD (gp2) storage. Which change would most likely reduce CPU utilization?
Create a read replica and redirect all SELECT queries to the replica.
Enable Multi-AZ to offload CPU to the standby instance.
Increase the allocated storage to 1 TB to improve I/O performance.
Upgrade to a larger instance type, such as db.r5.xlarge.
A larger instance provides more CPU cores and better performance, directly addressing high CPU utilization.
A team manages an Amazon Aurora MySQL database. They observe that the 'Deadlocks' metric in CloudWatch is spiking. The application uses a single writer instance and multiple read replicas. Which action is most effective at reducing deadlocks?
Increase the instance size to handle more concurrent connections.
Redirect read traffic to read replicas to reduce load on the writer.
Enable Multi-AZ to distribute the load.
Review application code to ensure transactions are as short as possible and access tables in a consistent order.
Minimizing transaction duration and accessing resources in a fixed order reduces deadlock probability.
An organization is using Amazon DynamoDB with on-demand capacity. They notice that the 'ThrottledRequests' metric is non-zero during a specific hour each day. The table stores session data and has a partition key of 'user_id'. The workload is uniform. What is the most likely cause of throttling?
The table has on-demand capacity and cannot throttle.
The account-level read/write capacity limit is exceeded.
A global secondary index is consuming write capacity.
The partition key is not evenly distributed.
Uneven access pattern can cause a hot partition leading to throttling even on on-demand tables.
A database engineer is troubleshooting slow query performance on an Amazon RDS for PostgreSQL instance. The instance is db.r5.large with 500 GB of General Purpose SSD (gp2) storage. CloudWatch metrics show high Read Latency and high Read IOPS, but low CPU utilization. Which TWO actions should the engineer take to improve performance?
Create a read replica and offload read queries to it.
Read replicas reduce the read IOPS on the primary, which can lower latency on the primary.
Increase the DB instance class to a larger size, such as db.r5.2xlarge.
Enable Multi-AZ to use the standby for read traffic.
Optimize queries by adding appropriate indexes.
Switch from General Purpose SSD (gp2) to Provisioned IOPS SSD (io1) with a higher IOPS rate.
Provisioned IOPS provides consistent low latency for I/O-intensive workloads.
Want more Monitoring and Troubleshooting practice?
Practice this domainA company runs an Amazon RDS for MySQL DB instance in a VPC. Security requirements mandate that only specific EC2 instances in the same VPC can connect to the database. The security group attached to the RDS instance currently allows inbound traffic on port 3306 from 0.0.0.0/0. Which combination of steps should a database specialist take to meet the security requirement without impacting existing application connectivity? (Choose two.)
Modify the network ACL for the DB subnet to allow inbound port 3306 from the EC2 instance's private IP.
Remove the inbound rule for 0.0.0.0/0 on the RDS security group.
Removing the overly permissive rule is necessary to restrict access.
Add an inbound rule to the RDS security group referencing the security group ID of the EC2 instances.
Referencing the EC2 security group allows traffic only from instances using that security group, following best practices.
Modify the DB subnet group to place the RDS instance in a public subnet with a route to the EC2 instance.
Add an inbound rule to the RDS security group allowing traffic from the VPC CIDR on port 3306.
A company uses Amazon DynamoDB with a table that stores sensitive customer data. The security team requires that all data at rest be encrypted using a customer-managed AWS KMS key (CMK). Additionally, the company needs to ensure that only specific IAM roles can access the table. Which solution meets these requirements with the least operational overhead?
Enable encryption at rest using AWS KMS with a CMK and use column-level encryption with AWS KMS to restrict access.
Attach a resource-based policy to the DynamoDB table that grants access only to the specific IAM roles.
Use a DynamoDB Accelerator (DAX) cluster with encryption at rest using a CMK, and attach a resource-based policy to the table.
Configure the DynamoDB table to use AWS KMS encryption with a CMK. Create an IAM role with a policy that grants access to the table and includes a condition that the encryption context matches the CMK.
This ensures encryption with a CMK and restricts access using IAM conditions on the encryption context.
Configure the DynamoDB table to use AWS KMS encryption with a CMK, and attach a key policy to the CMK that allows only the specific IAM roles.
A database specialist is troubleshooting a connectivity issue with an Amazon RDS for PostgreSQL instance. The instance is in a VPC with a public subnet. The security group allows inbound traffic on port 5432 from the application server's IP address. The application server is in the same VPC but in a private subnet. Despite the security group configuration, the application cannot connect. Which action should the specialist take to resolve the issue?
Launch the RDS instance in the default VPC.
Change the DB subnet group to include the application server's subnet.
Add a network ACL rule allowing inbound traffic on port 5432 from the application server's public IP.
Modify the RDS instance to be publicly accessible.
Update the security group inbound rule to allow traffic from the application server's private IP address.
The application connects from its private IP within the VPC, so the security group should allow that private IP.
A company stores financial data in an Amazon Aurora MySQL DB cluster. The security team requires that database audit logs be stored in Amazon CloudWatch Logs and encrypted at rest using a customer-managed KMS key. The database specialist enables audit log publishing to CloudWatch Logs and specifies a KMS key for log encryption. However, the audit logs are not appearing in CloudWatch Logs. What is the most likely cause?
The CloudWatch Logs log group does not exist and RDS cannot create it automatically.
The DB cluster is not configured to export error logs, only audit logs.
The IAM role used for publishing logs does not have the necessary permissions to use the KMS key for CloudWatch Logs.
The IAM role must have kms:Encrypt permission on the KMS key to allow log delivery.
CloudWatch Logs does not support encryption with customer-managed KMS keys for audit logs.
The audit log parameter is static and requires a DB cluster reboot after modification.
A company uses Amazon ElastiCache for Redis to cache session data. The security team requires that all data in transit be encrypted. The Redis cluster currently does not have encryption in transit enabled. The database specialist needs to enable encryption in transit with minimal downtime. Which action should the specialist take?
Create a new Redis cluster with encryption in transit enabled, and migrate the data from the existing cluster.
Encryption in transit can only be enabled at cluster creation time.
Update the Redis parameter group to enable the 'encryption-in-transit' parameter and reboot the cluster.
Use a security group to enforce encrypted connections by allowing only TLS traffic.
Modify the existing Redis cluster to enable encryption in transit using the AWS CLI.
Enable encryption in transit on the existing cluster by using the AWS Management Console.
A company uses Amazon RDS for SQL Server with Multi-AZ deployment. The security team wants to ensure that all database connections use SSL/TLS encryption. Which TWO actions should the database specialist take to enforce SSL connections? (Choose two.)
Use the RDS Console to enable 'Force SSL' on the DB instance.
Modify the DB parameter group to set 'require_secure_transport' to ON.
Create a server-level trigger that requires SSL for all logins.
A trigger can enforce SSL by checking the session's protocol and denying non-SSL connections.
Add an inbound rule to the security group that only allows traffic on port 1433 from IP addresses that use SSL.
Set the 'rds.force_ssl' parameter to 1 in the DB parameter group.
This parameter forces all connections to use SSL for SQL Server RDS.
Want more Database Security practice?
Practice this domainThe DBS-C01 exam has 65 questions and must be completed in 180 minutes. The passing score is 750/1000.
Scenario-based questions covering exam objectives with detailed answer explanations.
The exam covers 5 domains: Workload-Specific Database Design, Deployment and Migration, Management and Operations, Monitoring and Troubleshooting, Database Security. Questions are weighted by domain — higher-weight domains appear more on your actual exam.
No. These are original exam-style practice questions written against the official Amazon Web Services DBS-C01 exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.
Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.