AWS Certified Database Specialty DBS-C01 (DBS-C01) — Questions 9761050

1730 questions total · 24pages · All types, answers revealed

Page 13

Page 14 of 24

Page 15
976
Multi-Selecteasy

Which THREE are factors to consider when choosing between Amazon RDS and Amazon DynamoDB? (Select THREE.)

Select 3 answers
A.Serverless capacity management
B.ACID transaction support across multiple tables
C.Need for complex joins and relationships
D.Encryption at rest requirements
E.Need for in-memory caching
AnswersA, B, C

DynamoDB is serverless; RDS requires provisioning.

Why this answer

Option A is correct because Amazon RDS requires manual or auto-scaling of compute and storage capacity, while DynamoDB offers serverless capacity management with on-demand mode that automatically scales throughput based on traffic. This is a key differentiator when deciding between provisioned capacity (RDS) and fully managed, pay-per-request scaling (DynamoDB).

Exam trap

The trap here is that candidates may think encryption at rest or in-memory caching are exclusive to one service, but AWS offers these features across both RDS and DynamoDB, making them irrelevant for choosing between the two.

977
MCQeasy

A company is designing a database for an e-commerce application that requires high availability and automatic failover. The application performs mainly read-heavy workloads with occasional write spikes during flash sales. Which AWS database service is most suitable for this workload?

A.Amazon DynamoDB with global tables
B.Amazon Aurora MySQL
C.Amazon ElastiCache for Redis
D.Amazon RDS for MySQL with Multi-AZ
AnswerB

High availability and read replicas for read-heavy workloads.

Why this answer

Amazon Aurora MySQL is the most suitable choice because it is designed for high availability with automatic failover (typically under 30 seconds) and provides up to 15 low-latency read replicas that can handle read-heavy workloads. During write spikes like flash sales, Aurora's distributed storage subsystem automatically scales I/O capacity without manual intervention, and its Multi-AZ deployment ensures continuous availability even if the primary instance fails.

Exam trap

The trap here is that candidates often confuse Multi-AZ with high availability and choose RDS MySQL Multi-AZ (Option D), overlooking that Aurora provides the same failover capability with superior read scaling and write performance for bursty workloads.

How to eliminate wrong answers

Option A is wrong because Amazon DynamoDB with global tables is optimized for multi-region active-active workloads and eventual consistency, not for a single-region read-heavy relational workload with occasional write spikes; it lacks the native SQL join capabilities and relational schema that an e-commerce application typically requires. Option C is wrong because Amazon ElastiCache for Redis is an in-memory caching layer, not a primary database; it cannot serve as the durable, ACID-compliant database for transactional data like orders and inventory. Option D is wrong because Amazon RDS for MySQL with Multi-AZ provides automatic failover but only supports up to 5 read replicas (with asynchronous replication) and does not offer the same write throughput scalability or storage auto-scaling as Aurora, making it less suitable for write spikes during flash sales.

978
MCQmedium

A company is using Amazon Redshift for data warehousing. The database administrator needs to identify which queries are consuming the most resources. Which system view should be queried?

A.SVV_TABLES
B.STV_RECENTS
C.STL_LOAD_ERRORS
D.STL_DDLTEXT
AnswerB

STV_RECENTS shows active and recent queries, including their resource usage.

Why this answer

The STV_RECENTS system view in Amazon Redshift provides a list of currently running and recently completed queries, including their process IDs, user names, and execution status. This makes it the correct choice for identifying which queries are consuming the most resources at the moment, as it directly reflects active and recent workload.

Exam trap

The trap here is that candidates confuse system views for metadata (SVV_TABLES) or error logging (STL_LOAD_ERRORS) with those that track query execution and resource usage, leading them to overlook STV_RECENTS as the direct source for active query monitoring.

How to eliminate wrong answers

Option A is wrong because SVV_TABLES is a system view that lists tables and their metadata (like schema, table name, and table type), not query resource consumption. Option C is wrong because STL_LOAD_ERRORS logs errors that occur during COPY or INSERT operations, focusing on data load failures rather than general query resource usage. Option D is wrong because STL_DDLTEXT captures the text of DDL statements (e.g., CREATE, ALTER) that have been executed, not runtime resource consumption of queries.

979
MCQmedium

A company needs to store and query JSON documents that vary in structure. The application requires flexible schema, automatic indexing, and the ability to run complex aggregation pipelines. Which AWS database service should be used?

A.Amazon DynamoDB
B.Amazon DocumentDB (with MongoDB compatibility)
C.Amazon ElastiCache for Redis
D.Amazon RDS for PostgreSQL
AnswerB

DocumentDB supports flexible schema, automatic indexing, and aggregation pipelines.

Why this answer

Amazon DocumentDB (with MongoDB compatibility) is the correct choice because it is purpose-built for storing and querying JSON-like documents with flexible schemas, automatically indexes fields, and supports MongoDB's aggregation pipeline for complex data transformations. This aligns directly with the requirements for varying document structures, automatic indexing, and aggregation capabilities.

Exam trap

The trap here is that candidates often confuse DynamoDB's flexible schema and JSON support with full aggregation pipeline capabilities, overlooking that DynamoDB lacks complex multi-stage aggregations like MongoDB's $lookup or $unwind, which are essential for the stated requirement.

How to eliminate wrong answers

Option A is wrong because Amazon DynamoDB is a key-value and document database that does not support complex aggregation pipelines like MongoDB's $lookup or $group stages; it uses limited query patterns and requires manual secondary index management. Option C is wrong because Amazon ElastiCache for Redis is an in-memory cache, not a persistent document store, and lacks support for aggregation pipelines or automatic indexing of JSON documents. Option D is wrong because Amazon RDS for PostgreSQL requires a predefined schema and does not natively support automatic indexing of varying JSON structures or MongoDB-style aggregation pipelines, though it can store JSON via JSONB, it lacks the flexible schema and pipeline capabilities needed.

980
MCQeasy

A company is migrating an on-premises MongoDB database to AWS. Which AWS database service is most compatible and requires minimal application changes?

A.Amazon DynamoDB.
B.Amazon DocumentDB (with MongoDB compatibility).
C.Amazon Neptune.
D.Amazon RDS for MySQL.
AnswerB

MongoDB-compatible document database.

Why this answer

Amazon DocumentDB (with MongoDB compatibility) is the most compatible AWS database service for migrating an on-premises MongoDB database because it is purpose-built to emulate the MongoDB wire protocol and data model, allowing existing MongoDB drivers and tools to connect with minimal or no application code changes. This makes it the ideal choice for a lift-and-shift migration that preserves the document-oriented structure and query patterns of MongoDB.

Exam trap

The trap here is that candidates may assume DynamoDB is a suitable document database for MongoDB migration because both are NoSQL, overlooking the critical fact that DynamoDB uses a completely different API and data model, which would require a full application rewrite rather than minimal changes.

How to eliminate wrong answers

Option A is wrong because Amazon DynamoDB is a key-value and document database that uses a proprietary API and data model, requiring significant application rewrites to adapt from MongoDB's query language and indexing. Option C is wrong because Amazon Neptune is a graph database designed for highly connected data (e.g., social networks, fraud detection) and does not support MongoDB's document model or wire protocol, making it incompatible for a direct migration. Option D is wrong because Amazon RDS for MySQL is a relational database that enforces a fixed schema and SQL-based access, which would require extensive application changes to map MongoDB's flexible documents to tables and rows.

981
Multi-Selectmedium

A company is migrating a 2 TB Oracle database to Amazon Aurora PostgreSQL. The migration requires ongoing replication for minimal downtime. Which THREE AWS services should be used?

Select 3 answers
A.AWS Database Migration Service (AWS DMS)
B.Amazon S3
C.AWS DataSync
D.AWS Schema Conversion Tool (AWS SCT)
E.AWS Lambda
AnswersA, B, D

DMS is the primary service for data migration and ongoing replication.

Why this answer

Options A, C, and E are correct. AWS DMS performs data migration and ongoing replication, AWS SCT converts the schema, and AWS DMS can use S3 as an intermediate if needed. Option B is wrong because DataSync is for file transfers.

Option D is wrong because Lambda is not a migration service.

982
MCQhard

A company uses Amazon RDS for MySQL with Multi-AZ. During a recent failover test, the database experienced a 5-minute write outage. The application can tolerate up to 1 minute of downtime. Which solution should be used to reduce the failover time?

A.Migrate to Amazon Aurora MySQL.
B.Use Amazon RDS Proxy between the application and the database.
C.Enable automatic failover on the Multi-AZ deployment.
D.Decrease the DNS TTL on the RDS endpoint.
AnswerA

Aurora failover is typically under 30 seconds.

Why this answer

Option D is correct because Amazon Aurora MySQL provides faster failover (typically under 30 seconds) due to its shared storage architecture. Option A is wrong because modifying the DNS TTL may help but does not reduce the failover time significantly. Option B is wrong because RDS Proxy helps with connection pooling, not failover speed.

Option C is wrong because Multi-AZ already provides automatic failover, but failover time is typically 1-2 minutes for RDS.

983
Multi-Selectmedium

Which THREE of the following are best practices for managing Amazon DynamoDB tables with provisioned throughput?

Select 3 answers
A.Create a global secondary index on every attribute to support any query pattern.
B.Split hot partitions manually to distribute write traffic.
C.Use a composite key design with a sort key to enable efficient querying.
D.Use DynamoDB Auto Scaling to adjust read/write capacity based on traffic.
E.Enable DynamoDB Accelerator (DAX) to improve read performance for frequently accessed items.
AnswersC, D, E

Composite keys allow efficient range queries and data organization.

Why this answer

Options B, C, and D are correct. Option A is incorrect because adaptive capacity automatically handles uneven access patterns; manual partition splitting is not possible. Option E is incorrect because DynamoDB does not maintain indexes for all attributes; GSIs must be created explicitly.

984
MCQhard

A company is migrating an on-premises Microsoft SQL Server database to Amazon RDS for SQL Server. The database uses SQL Server Agent jobs, custom CLR assemblies, and cross-database queries. Which of the following will require modification before migration?

A.Cross-database queries
B.Custom CLR assemblies
C.Stored procedures that use dynamic SQL
D.SQL Server Agent jobs
AnswerD

SQL Server Agent is not available in RDS; jobs require alternative solutions.

Why this answer

SQL Server Agent jobs are not supported in Amazon RDS for SQL Server because RDS is a managed service that does not provide access to the underlying operating system or the SQL Server Agent service. To migrate job scheduling, you must use alternatives such as AWS Database Migration Service (DMS) tasks, AWS Lambda, or Amazon RDS for SQL Server native scheduling via stored procedures and Windows Task Scheduler on an EC2 instance.

Exam trap

The trap here is that candidates assume SQL Server Agent jobs are fully supported in RDS because RDS for SQL Server includes the SQL Server engine, but they overlook that Agent is a separate Windows service that RDS does not expose, requiring a workaround for job scheduling.

How to eliminate wrong answers

Option A is wrong because cross-database queries are supported in Amazon RDS for SQL Server as long as the databases are within the same RDS instance; no modification is required for queries that reference tables in other databases on the same instance. Option B is wrong because custom CLR assemblies are supported in Amazon RDS for SQL Server, provided they are signed with a certificate or asymmetric key and the CLR integration is enabled via the rds_custom_clr option group setting. Option C is wrong because stored procedures that use dynamic SQL are fully supported in Amazon RDS for SQL Server, as dynamic SQL execution is a core T-SQL feature that does not require any special configuration or modification.

985
MCQmedium

A company is using Amazon Redshift for data warehousing. They need to ensure that data is encrypted at rest using a customer-managed AWS KMS key. The cluster is currently unencrypted. What is the simplest way to enable encryption?

A.Create a new Redshift cluster with encryption enabled and migrate the data.
B.Enable encryption directly on the existing cluster using AWS CLI.
C.Create a snapshot of the existing cluster and restore it to a new encrypted cluster.
D.Modify the existing cluster and enable encryption using the Redshift console.
AnswerA

This is the simplest method; create a new encrypted cluster and copy the data.

Why this answer

Option C is correct because you cannot enable encryption on an existing Redshift cluster. You must create a new cluster with encryption enabled, then copy data from the old cluster to the new one. Option A is wrong because modifying the cluster does not support encryption.

Option B is wrong because you cannot directly encrypt an existing cluster. Option D is wrong because restoring from a snapshot to an encrypted target is possible, but you must first create an unencrypted snapshot and then restore to an encrypted cluster; however, the simplest method is to create a new encrypted cluster and copy data, as restoring a snapshot to a different cluster still requires creating a new cluster.

986
MCQmedium

A company is using DynamoDB with a VPC endpoint. They want to restrict access to only requests originating from their VPC. Which policy condition should be used?

A.'aws:SourceVpce': 'vpce-12345678'
B.'aws:VpcSourceIp': '10.0.0.0/16'
C.'s3:x-amz-server-side-encryption': 'AES256'
D.'aws:SourceVpc': 'vpc-12345678'
AnswerA

This condition ensures requests come only from the specified VPC endpoint.

Why this answer

Option A is correct because the 'aws:SourceVpce' condition key allows you to restrict access to requests originating from a specific VPC endpoint (interface endpoint) in your VPC. This ensures that only traffic coming through that VPC endpoint can access the DynamoDB table, providing a network-level security boundary. The condition must reference the exact VPC endpoint ID (e.g., 'vpce-12345678') to enforce this restriction.

Exam trap

The trap here is that candidates often confuse 'aws:SourceVpc' (which restricts by VPC ID but is not supported for VPC endpoint policies) with 'aws:SourceVpce' (the correct key for endpoint-level restrictions), leading them to pick Option D instead of A.

How to eliminate wrong answers

Option B is wrong because 'aws:VpcSourceIp' is not a valid AWS condition key; the correct key for restricting by source IP is 'aws:SourceIp', but that would not restrict to VPC-originated traffic specifically. Option C is wrong because 's3:x-amz-server-side-encryption' is an S3-specific condition key for encryption headers, irrelevant to DynamoDB VPC endpoint access control. Option D is wrong because 'aws:SourceVpc' restricts based on the VPC ID, but it does not work for VPC endpoint policies; the correct key for VPC endpoint restrictions is 'aws:SourceVpce' (the endpoint ID), not the VPC ID.

987
MCQhard

Refer to the exhibit. An IAM policy attached to an IAM role used by an AWS Lambda function. The Lambda function is invoked by Amazon API Gateway and reads from a DynamoDB table. The function is experiencing permission errors when calling DynamoDB GetItem. What is the most likely cause?

A.The IAM role trust policy does not allow Lambda to assume the role.
B.The policy does not grant access to DynamoDB indexes if the function uses a query on a Global Secondary Index.
C.The dynamodb:GetItem action is not listed in the policy.
D.The Lambda function ARN in the resource field is incorrect.
AnswerB

Reading from a GSI requires permission on the index ARN.

Why this answer

Option B is correct. The policy grants GetItem and Query on the table ARN, but it does not include the 'dynamodb:GetItem' action? Wait, it does include it. Actually, the correct answer is that the policy is missing the 'dynamodb:GetItem' action? No, it's there.

The issue is that the function is using a conditional write? Hmm. Let's analyze: The policy allows GetItem and Query on the table. That should work.

But perhaps the function is trying to access a specific index? The policy does not include access to indexes. Option B says missing index ARN. That is plausible.

Option A is wrong because the Lambda resource is fine. Option C is wrong because GetItem is included. Option D is wrong because the role trust policy is not shown.

988
MCQeasy

A company wants to deploy a globally distributed application with a DynamoDB table that uses optimistic locking. Which DynamoDB feature should be used to implement this?

A.DynamoDB Conditional Writes
B.DynamoDB Streams
C.DynamoDB Global Tables
D.DynamoDB Transactions
AnswerA

Conditional writes implement optimistic locking.

Why this answer

DynamoDB conditional writes enable optimistic locking by checking a condition before writing. Option A: Transactions provide ACID but not optimistic locking. Option B: DynamoDB Streams is for change capture.

Option D: Global tables provide multi-region replication.

989
MCQmedium

An e-commerce application uses Amazon DynamoDB as its primary database. The table stores order data with a partition key of 'OrderID' and a sort key of 'OrderDate'. The application frequently queries orders by customer ID (which is not a key attribute). What design change would improve query performance?

A.Enable DynamoDB Streams and export to Amazon Elasticsearch Service
B.Use DynamoDB Accelerator (DAX) to cache queries
C.Create a Global Secondary Index on CustomerID
D.Create a Local Secondary Index on CustomerID
AnswerC

GSI allows querying by CustomerID efficiently.

Why this answer

Option C is correct because creating a Global Secondary Index (GSI) on CustomerID allows efficient querying by that attribute without scanning the entire table. A GSI has its own partition and sort keys, enabling fast lookups on non-key attributes. This directly addresses the performance issue of frequent queries by CustomerID, which otherwise would require a full table scan.

Exam trap

The trap here is that candidates often confuse Local Secondary Indexes (LSIs) with Global Secondary Indexes (GSIs), assuming an LSI can be used to query by a non-key attribute without the partition key, but LSIs require the same partition key as the base table and cannot be added after table creation.

How to eliminate wrong answers

Option A is wrong because DynamoDB Streams and exporting to Amazon Elasticsearch Service are designed for search and analytics, not for improving point-query performance on a specific attribute like CustomerID; this adds complexity and latency without solving the core access pattern. Option B is wrong because DynamoDB Accelerator (DAX) is an in-memory cache that speeds up repeated queries on existing keys, but it does not enable querying by a non-key attribute like CustomerID; it cannot create new access patterns. Option D is wrong because a Local Secondary Index (LSI) can only be created at table creation time and must use the same partition key as the base table (OrderID), so it cannot index by CustomerID alone; it would still require the partition key to be specified in queries.

990
MCQeasy

A company is deploying a new application that uses Amazon RDS for PostgreSQL. The database must be highly available and fault-tolerant. Which deployment option meets these requirements?

A.Deploy the RDS instance in a single Availability Zone
B.Deploy the RDS instance across multiple AWS Regions
C.Deploy the RDS instance with Multi-AZ configuration
D.Deploy the RDS instance with multiple read replicas
AnswerC

Multi-AZ provides automatic failover for high availability.

Why this answer

Option A is correct because Multi-AZ deployment provides automatic failover to a standby in a different Availability Zone, ensuring high availability and fault tolerance. Option B is wrong because a single-AZ deployment does not provide fault tolerance. Option C is wrong because read replicas are for read scaling, not automatic failover.

Option D is wrong because cross-Region read replicas are for disaster recovery, not automatic failover within a Region.

991
MCQeasy

A mobile gaming application uses Amazon DynamoDB to store player profiles and game state. The write throughput is high during events, but low otherwise. The company wants to minimize costs while maintaining performance. Which capacity mode should they use?

A.Reserved capacity
B.On-Demand capacity mode
C.Provisioned capacity without auto scaling
D.Provisioned capacity with auto scaling
AnswerB

Automatically handles spikes and charges per request, minimizing cost during low traffic.

Why this answer

On-Demand capacity mode is ideal for this workload because it automatically scales to handle high write throughput during events and scales down to zero when idle, eliminating the need for capacity planning. This minimizes costs by charging only for actual reads and writes, without requiring any provisioning or management of throughput limits.

Exam trap

AWS often tests the misconception that Provisioned capacity with auto scaling is always the most cost-effective option, but for unpredictable, spiky workloads like gaming events, On-Demand avoids the fixed costs of minimum provisioned capacity and the risk of throttling during rapid traffic surges.

How to eliminate wrong answers

Option A is wrong because Reserved capacity is not a DynamoDB capacity mode; it is a pricing model for EC2 and RDS, not applicable to DynamoDB. Option C is wrong because Provisioned capacity without auto scaling would require manual adjustments to handle event-driven spikes, risking throttling or over-provisioning costs. Option D is wrong because Provisioned capacity with auto scaling still requires setting a minimum provisioned capacity, which incurs costs even during low-usage periods, making it less cost-effective than On-Demand for unpredictable, spiky workloads.

992
MCQmedium

A company is designing a database for an IoT application that ingests millions of sensor readings per second. Each reading is a small JSON document (less than 1 KB) and must be stored with low latency. Queries are primarily by device ID and timestamp range. The team expects to rarely update or delete old data. Which AWS database solution is MOST cost-effective and performant?

A.Amazon S3 with a partition prefix of device_id/timestamp/
B.Amazon Redshift with distribution key on device_id
C.Amazon DynamoDB with a composite primary key (device_id, timestamp)
D.Amazon RDS for MySQL with multiple read replicas
AnswerC

DynamoDB provides low-latency, high-throughput ingestion and efficient querying by device and time.

Why this answer

Amazon DynamoDB is a NoSQL key-value and document database that provides single-digit millisecond latency at any scale. It is ideal for high-throughput ingestion of small items with simple access patterns (device ID + timestamp). Option A is wrong because Amazon RDS for MySQL is relational and would require scaling a single master, leading to bottlenecks.

Option C is wrong because Amazon Redshift is a data warehouse optimized for analytics, not real-time ingestion. Option D is wrong because Amazon S3 is an object store with higher latency for individual small writes.

993
Matchingmedium

Match each backup/restore concept to its AWS database feature.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Daily snapshot and transaction log backups enabled by default

User-initiated snapshot stored until explicitly deleted

Restore to any second within the backup retention period

Copy snapshots to another AWS region for disaster recovery

Rewind an Aurora DB cluster to a specific time without restoring

Why these pairings

Backup and recovery options for different RPO/RTO requirements.

994
MCQeasy

A company is running a production Amazon DynamoDB table with on-demand capacity. The application is experiencing increased latency and throttled requests during peak hours. Which monitoring tool should the database specialist use to identify the specific partition keys causing the throttling?

A.Amazon CloudWatch Contributor Insights for DynamoDB
B.Amazon Inspector
C.AWS Config
D.AWS CloudTrail logs
AnswerA

Contributor Insights analyzes access patterns and identifies throttled partition keys.

Why this answer

Amazon CloudWatch Contributor Insights for DynamoDB is the correct tool because it analyzes DynamoDB request logs to identify the most frequently accessed partition keys, including those causing throttling. It provides top-N keys by request count or throttled events, enabling the database specialist to pinpoint hot partitions responsible for increased latency and throttled requests during peak hours.

Exam trap

The trap here is that candidates often confuse CloudTrail (which logs all API calls) with Contributor Insights, assuming CloudTrail can provide per-key throttling data, but CloudTrail lacks the aggregation and top-N analysis needed to identify specific hot partition keys.

How to eliminate wrong answers

Option B (Amazon Inspector) is wrong because it is a vulnerability management service that assesses network and application security, not a tool for analyzing DynamoDB partition key access patterns or throttling. Option C (AWS Config) is wrong because it evaluates resource configurations and compliance rules, not real-time operational metrics like request throttling per partition key. Option D (AWS CloudTrail logs) is wrong because it records API calls for auditing and governance, but does not provide per-partition-key throttling details or aggregated access patterns needed to identify hot partitions.

995
Multi-Selecthard

A company is migrating a 3 TB SQL Server database to Amazon RDS for SQL Server. The migration must have minimal downtime. The current database uses Transparent Data Encryption (TDE). Which TWO steps are necessary to complete the migration? (Choose two.)

Select 2 answers
A.Set the source database recovery model to simple to reduce log size.
B.Export the TDE certificate and private key from the source and import them to the target RDS instance.
C.Use native SQL Server backup and restore to S3.
D.Use AWS SCT to convert the schema to Amazon Aurora.
E.Enable full supplemental logging on the source database for DMS CDC.
AnswersB, E

Required to decrypt data on target.

Why this answer

Options A and C are correct. TDE requires exporting the certificate to decrypt at the target. DMS CDC requires full supplemental logging.

Option B is wrong because SCT is not needed. Option D is wrong because the database must be in full recovery model for CDC. Option E is wrong because using a backup over S3 is possible but does not address TDE or CDC.

996
MCQmedium

A company is using Amazon RDS for PostgreSQL with a read replica. The security team wants to ensure that data in transit between the primary DB instance and the read replica is encrypted. What should be done?

A.Set up a VPN connection between the primary and the replica.
B.Configure the read replica to use a different KMS key.
C.Enable SSL/TLS on the read replica and configure the primary to use it.
D.Enable encryption at rest on the primary DB instance using AWS KMS.
AnswerD

Encrypted replication is automatically enabled when the primary is encrypted.

Why this answer

Option A is correct because enabling encryption at rest on the primary instance automatically encrypts the replication traffic. Option B is wrong because encryption in transit between primary and replica is automatically encrypted if the primary is encrypted. Option C is wrong because SSL/TLS is for client connections, not replication.

Option D is wrong because a VPN is not needed.

997
MCQmedium

A developer is designing a DynamoDB table for an order management system using the above CloudFormation template. The application needs to query orders by CustomerID. The current design has a GSI on CustomerID. However, the developer notices that the GSI has low write throughput and often throttles. What is the most cost-effective way to improve write throughput on the GSI?

A.Change the ProjectionType of the GSI to KEYS_ONLY.
B.Use Amazon SQS to buffer writes to the table.
C.Increase the WriteCapacityUnits of the table.
D.Increase the WriteCapacityUnits of the GSI from 5 to a higher value.
AnswerD

GSI has its own provisioned throughput; increasing it alleviates throttling.

Why this answer

Option A is correct because increasing the GSI's write capacity directly addresses the throttling. Option B is wrong because increasing table write capacity does not affect GSI capacity; GSI has its own. Option C is wrong because changing projection to KEYS_ONLY reduces storage but not write throughput.

Option D is wrong because SQS does not help with DynamoDB write throughput.

998
MCQeasy

Refer to the exhibit. A developer is trying to query the ProductCatalog table using the 'Id' attribute. The query returns no results even though the developer knows data was inserted. What is the MOST likely cause?

A.The table contains no items
B.The provisioned throughput is exceeded
C.The attribute definition is missing the 'Id' attribute
D.The table is not in ACTIVE status
AnswerA

ItemCount is 0, so the table is empty.

Why this answer

Option D is correct because the table has no items (ItemCount: 0). Option A is wrong because the table is active. Option B is wrong because provisioned throughput is not exceeded (ItemCount is 0).

Option C is wrong because the attribute definition exists.

999
Multi-Selectmedium

A company is migrating an on-premises MongoDB database to Amazon DocumentDB. The current MongoDB workload uses aggregation pipelines with the $lookup stage and geospatial queries. The migration tool reports that some aggregation stages are not supported. Which THREE actions should the company take to address the incompatibilities?

Select 3 answers
A.Replace $lookup with $geoWithin for location-based queries.
B.Use $geoNear for geospatial queries as it is supported in DocumentDB.
C.Convert $graphLookup to use recursive queries in DocumentDB.
D.Denormalize the data to avoid $lookup by embedding related documents.
E.Rewrite $lookup stages as application-side joins or use references.
AnswersB, D, E

DocumentDB supports $geoNear.

Why this answer

Option A (rewrite $lookup as application-side joins) is correct because DocumentDB does not support $lookup. Option B (use $geoWithin operator) is correct because DocumentDB supports it. Option C (use $geoNear for geospatial) is correct because DocumentDB supports $geoNear.

Option D is wrong because $graphLookup is not supported. Option E is wrong because storing pre-joined documents can be an alternative for $lookup but is not a direct action for unsupported stages.

1000
MCQeasy

A company wants to ensure that an Amazon RDS for MySQL database is automatically backed up daily and backups are encrypted. What should they do?

A.Take manual snapshots daily and enable encryption on the snapshot copy.
B.Use Amazon CloudWatch Events to trigger a Lambda function that exports the database to S3 with encryption.
C.Enable automated backups and encryption at rest on the RDS instance.
D.Configure AWS Backup to back up the RDS instance to an S3 bucket with default encryption.
AnswerC

Automated backups are encrypted if encryption at rest is enabled.

Why this answer

Automated backups with encryption at rest ensure backups are encrypted. Option A is correct. Option B is wrong because manual snapshots are not automatic.

Option C is wrong because backups are stored in S3 but encryption is controlled by KMS. Option D is wrong because CloudWatch does not manage backups.

1001
Multi-Selecthard

Which THREE steps should be taken to troubleshoot an Amazon DynamoDB table that is experiencing high read latency?

Select 3 answers
A.Review the table's partition distribution using DynamoDB metrics.
B.Increase the write capacity of the table.
C.Monitor the ConsumedReadCapacityUnits metric.
D.Disable auto scaling to prevent unexpected capacity changes.
E.Check the ThrottledReadEvents metric to see if reads are being throttled.
AnswersA, C, E

Uneven partition distribution can cause hot partitions and high latency.

Why this answer

Option A is correct because high read latency in DynamoDB can result from uneven partition distribution, where a 'hot' partition receives more read requests than others, causing throttling or increased latency. By reviewing the table's partition distribution using CloudWatch metrics like `ConsumedReadCapacityUnits` per partition, you can identify skewed access patterns and address them with strategies like partition key redesign or adaptive capacity.

Exam trap

The trap here is that candidates may confuse write capacity adjustments with read performance fixes, or assume disabling auto scaling is a troubleshooting step, when in fact auto scaling is a best practice for maintaining consistent throughput.

1002
MCQmedium

A company has an Amazon RDS for PostgreSQL DB instance that needs to be accessed by an application running on an Amazon EC2 instance. Both resources are in the same VPC. The security team insists that all traffic between the application and the database be encrypted in transit. Which configuration ensures this?

A.Add a security group rule that allows traffic only from the EC2 instance's private IP.
B.Create an AWS Site-to-Site VPN connection between the EC2 instance and the RDS instance.
C.Enable SSL/TLS on the RDS instance and configure the application to connect using SSL.
D.Set up VPC peering between the EC2 instance's VPC and the RDS instance's VPC.
AnswerC

SSL/TLS encrypts the database connection.

Why this answer

Option B is correct because enabling SSL/TLS on the RDS instance and configuring the application to use SSL ensures encryption in transit. Option A is wrong because security group rules control access, not encryption. Option C is wrong because VPC peering is for inter-VPC communication.

Option D is wrong because a VPN is not needed for same-VPC communication.

1003
MCQmedium

A company uses Amazon DynamoDB to store sensor data from IoT devices. The table has a partition key of DeviceID (String) and a sort key of Timestamp (Number). The table is configured with provisioned capacity of 1000 read capacity units (RCUs) and 500 write capacity units (WCUs). Auto Scaling is enabled with target utilization of 70% and is working correctly. Recently, a new batch job was introduced that performs Scan operations on the entire table every hour. The Scan consumes many read capacity units and causes throttling of the sensor write requests. The team wants to minimize the impact on the write-heavy sensor ingestion. Which approach is BEST?

A.Increase the provisioned write capacity to 2000 WCUs to handle bursts.
B.Schedule the Scan to run during off-peak hours when sensor writes are lower.
C.Enable DAX (DynamoDB Accelerator) to cache Scan results and reduce read consumption on the table.
D.Switch the table to on-demand capacity mode to eliminate throttling.
AnswerC

DAX caches Scan results, reducing the number of read capacity units consumed from the table, thus freeing capacity for writes.

Why this answer

Option C is correct because enabling DynamoDB Accelerator (DAX) provides an in-memory cache for reads, which reduces the read load on the table itself. Since the Scan still consumes read capacity, caching can absorb some of the read traffic and free up RCUs for other operations, but more importantly, the team should also consider other measures. However, among the options, DAX is the best to reduce read load on the table.

Option A is incorrect because increasing write capacity does not address the read throttling; it just increases cost. Option B is incorrect because reducing Scan frequency may not be acceptable for the batch job. Option D is incorrect because changing to on-demand may eliminate throttling but will be more expensive for this predictable workload and does not leverage existing provisioned capacity.

1004
MCQhard

A company has an Amazon RDS for PostgreSQL instance that is running out of storage. The database is 2 TB in size and growing at 10 GB per day. They need a solution that allows automatic storage scaling with minimal downtime. What should they do?

A.Enable Storage Auto Scaling
B.Purchase reserved instances for cost savings
C.Create a read replica and promote it
D.Take a manual snapshot and restore to a larger instance
AnswerA

Automatically scales storage with no downtime.

Why this answer

Amazon RDS Storage Auto Scaling automatically increases storage when needed, with no downtime. Option A (manual snapshot) requires downtime. Option B (read replica) doesn't address storage.

Option D (reserved instances) is a billing option.

1005
MCQmedium

A company is running a MongoDB-compatible Amazon DocumentDB cluster. The application team reports that write operations are failing intermittently with a `WriteConcernError` indicating that the write concern could not be satisfied. The cluster has one primary and two replicas. What is the MOST likely cause of this issue?

A.One of the replicas is down or experiencing high replication lag
B.The cluster does not have enough replica instances to satisfy the write concern
C.The application is using an incorrect read preference
D.The primary instance is overloaded with read requests
AnswerA

If a replica is down, the write concern 'majority' cannot be satisfied because only the primary and one replica are available, but majority may require two replicas depending on configuration.

Why this answer

Option D is correct because if the write concern is set to 'majority' and a replica is down or lagging, the write cannot be acknowledged. Option A is wrong because the primary is not overloaded; the issue is write concern. Option B is wrong because read preference does not affect writes.

Option C is wrong because the number of replicas is sufficient for majority if all are healthy.

1006
Multi-Selectmedium

Which TWO of the following are required when migrating an on-premises Oracle database to Amazon RDS for Oracle using AWS DMS with change data capture (CDC)? (Select TWO.)

Select 2 answers
A.Use AWS SCT to assess schema compatibility.
B.Create a full backup of the source database.
C.Enable supplemental logging on the source Oracle database.
D.Set up Oracle Data Guard for replication.
E.Manually create target tables in RDS.
AnswersA, C

Required for schema conversion.

Why this answer

For Oracle CDC, DMS requires supplemental logging to capture changes, and an SCT assessment is needed for schema compatibility. Full backup is not required, and native replication is not used. DMS creates target tables automatically.

1007
MCQmedium

A company runs an analytics platform that queries billions of rows of sales data. Queries are complex and involve aggregations across multiple dimensions. The data is updated in bulk daily. Which service should be used as the primary data store?

A.Amazon Redshift
B.Amazon DynamoDB
C.Amazon Athena
D.Amazon RDS for MySQL
AnswerA

Redshift is purpose-built for large-scale data warehousing and analytical queries.

Why this answer

Amazon Redshift is the correct choice because it is a fully managed, petabyte-scale data warehouse optimized for complex analytical queries involving aggregations across multiple dimensions. Its columnar storage, massively parallel processing (MPP) architecture, and ability to handle bulk daily updates via COPY commands or INSERT operations make it ideal for querying billions of rows of sales data.

Exam trap

The trap here is that candidates often confuse Amazon Athena as a primary data store because it can query data in S3, but it is a serverless query engine, not a data store, and lacks the performance optimizations for complex aggregations on billions of rows that a dedicated data warehouse like Redshift provides.

How to eliminate wrong answers

Option B is wrong because Amazon DynamoDB is a NoSQL key-value and document database designed for high-throughput, low-latency transactional workloads, not for complex analytical queries with multi-dimensional aggregations on billions of rows. Option C is wrong because Amazon Athena is a serverless interactive query service that queries data directly in Amazon S3 using standard SQL, but it is not a primary data store—it is a query engine, and it lacks the performance and optimization for frequent, complex aggregations on large datasets compared to a dedicated data warehouse. Option D is wrong because Amazon RDS for MySQL is a relational database optimized for OLTP workloads with row-based storage, which performs poorly on large-scale analytical queries and aggregations across billions of rows due to its lack of columnar storage and MPP capabilities.

1008
Multi-Selecthard

A company is deploying a new application using Amazon DynamoDB. They need to ensure data durability and availability. Which THREE steps should they take? (Choose three.)

Select 3 answers
A.Configure Auto Scaling for read and write capacity
B.Enable DynamoDB Accelerator (DAX)
C.Encrypt data at rest using AWS KMS
D.Enable point-in-time recovery (PITR)
E.Use DynamoDB Global Tables
AnswersA, D, E

Ensures availability under load.

Why this answer

Option A (DAX) improves performance, not durability. Option B (Point-in-time recovery) provides durability. Option C (Auto Scaling) ensures availability.

Option D (Global Tables) provides multi-region durability and availability. Option E (Encryption) is for security.

1009
MCQeasy

A company needs to store time-series data from IoT sensors. Each sensor sends a reading every minute. The data is rarely accessed after 30 days. The query pattern is to retrieve all readings for a specific sensor within a time range. Which AWS database is most cost-effective?

A.Amazon Timestream
B.Amazon Redshift
C.Amazon DynamoDB with Time-to-Live (TTL)
D.Amazon RDS for PostgreSQL with partitioning
AnswerA

Optimized for time-series data with automatic storage tiering.

Why this answer

Option B is correct because Timestream is purpose-built for time-series data with automatic tiering. Option A is wrong because DynamoDB is more expensive for this pattern. Option C is wrong because RDS is not optimized for time-series.

Option D is wrong because Redshift is for analytics, not real-time ingestion.

1010
Multi-Selecteasy

A company is setting up an Amazon Aurora MySQL-compatible database. The security policy requires that all traffic between the application and database be encrypted in transit. Which TWO steps should be taken?

Select 2 answers
A.Use a Network Load Balancer with a TLS listener in front of the Aurora cluster.
B.Place the Aurora cluster in a private subnet with a VPN connection.
C.Set the 'require_secure_transport' parameter to 'ON' in the DB cluster parameter group.
D.Configure the application connection string to use the SSL-enabled endpoint (port 3306 with SSL).
E.Enable encryption at rest using AWS KMS.
AnswersC, D

This enforces SSL connections from clients.

Why this answer

To encrypt in transit, you need to enforce SSL on the server side (Option A) and have the application use the SSL endpoint (Option B). Option C is not necessary because Aurora uses a cluster endpoint. Option D is about network-level encryption, which is not required if SSL is used.

Option E is about data at rest, not in transit.

1011
MCQhard

A company is planning to migrate a 3 TB PostgreSQL database from an on-premises data center to Amazon Aurora PostgreSQL. The migration must have near-zero downtime. The on-premises database is using a custom pg_hba.conf that restricts access to specific IP ranges. Which combination of steps will meet the requirements?

A.Create an Aurora Replica of the on-premises database using cross-Region replication.
B.Use pg_dump and pg_restore to export and import the database during a maintenance window.
C.Use AWS DMS with ongoing replication to an Aurora DB cluster. Configure the source endpoint with the appropriate connection settings.
D.Use AWS SCT to convert the schema and then perform a full data load using AWS DMS.
AnswerC

DMS supports ongoing replication, and the source endpoint can be configured to connect to the on-premises database.

Why this answer

Using AWS DMS with ongoing replication from an on-premises source to Aurora is the standard approach for near-zero downtime migrations. The other options either require downtime or are not feasible (e.g., Aurora standby cluster cannot be created from on-premises).

1012
Multi-Selecthard

A company is migrating an on-premises SQL Server database to Amazon RDS for SQL Server. During the migration, the DBA notices that the network latency between the source and target is high. Which THREE actions can the DBA take to reduce the impact of network latency on migration performance?

Select 3 answers
A.Increase the size of the RDS instance
B.Use multiple parallel tasks in AWS DMS
C.Use AWS Direct Connect for a dedicated network connection
D.Enable data compression for the migration task
E.Use AWS Site-to-Site VPN
AnswersB, C, D

Parallel tasks improve throughput, mitigating latency effects.

Why this answer

Options A, C, and D are correct. Using AWS Direct Connect provides a dedicated network connection, reducing latency. Compressing data reduces the amount of data transferred, mitigating latency impact.

Using multiple threads parallelizes the data transfer, improving throughput. B is wrong because increasing the instance size does not reduce network latency. E is wrong because using a VPN may introduce additional overhead.

1013
MCQmedium

A company runs an online gaming platform that uses Amazon DynamoDB to store player profiles and game state. The platform experiences sudden spikes in write traffic when popular events occur. During these spikes, some write requests fail with ProvisionedThroughputExceededException. The operations team has configured DynamoDB Auto Scaling with a maximum write capacity of 10000 WCU, but during spikes, the write rate exceeds 10000 WCU for short bursts. The team needs to handle these bursts without losing data or sacrificing performance. What is the MOST effective solution?

A.Enable DynamoDB Accelerator (DAX) to cache write requests and reduce the load on the table.
B.Shard the DynamoDB table manually by adding a random suffix to the partition key to distribute writes more evenly.
C.Increase the maximum write capacity for Auto Scaling to a higher value, such as 20000 WCU.
D.Implement an Amazon SQS queue to buffer write requests and process them in batches, with a Lambda function writing to DynamoDB.
AnswerD

SQS decouples the write path, absorbing spikes and allowing throttled writes to DynamoDB.

Why this answer

DynamoDB Auto Scaling can increase capacity, but it reacts to CloudWatch alarms and takes time (minutes). For sudden spikes, the best solution is to use DynamoDB Accelerator (DAX) for reads, not writes. For writes, you can implement exponential backoff and retries in the application, but that may increase latency.

Another option is to use a queue (Amazon SQS) to buffer writes and process them at a controlled rate. This decouples the application from the database, allowing spikes to be absorbed. Option A (increase max WCU) helps but may not be enough if spikes are very high and unpredictable.

Option B (DAX) does not help with writes. Option C (SQS buffer) is a common pattern. Option D (sharding) requires application changes and may not be necessary.

So the best is to use SQS to buffer writes.

1014
MCQmedium

A financial services company needs a database to store transaction records with strict ACID compliance and the ability to run complex JOIN queries for reporting. The workload is read-heavy with occasional batch inserts. Which AWS database service should they choose?

A.Amazon RDS for PostgreSQL
B.Amazon DynamoDB
C.Amazon Aurora Serverless
D.Amazon Timestream
AnswerA

PostgreSQL is fully ACID-compliant and supports complex queries.

Why this answer

Option A is correct because Amazon RDS for PostgreSQL is a relational database that provides ACID compliance and supports complex joins. Option B is wrong because DynamoDB is NoSQL and does not support complex joins. Option C is wrong because Aurora Serverless is good but may not be the best for complex joins; however, it is still relational.

Option D is wrong because Timestream is for time-series.

1015
Multi-Selecthard

A company is designing a database for a social media analytics platform that requires: 1) storing relationships between users, posts, and interests; 2) running complex graph queries like 'find all friends of friends who like topic X'; 3) high availability with multi-region replication. Which TWO AWS services should they consider? (Choose TWO.)

Select 2 answers
A.Amazon Neptune
B.Amazon Redshift
C.Amazon Aurora Global Database
D.Amazon DynamoDB with Global Tables
E.Amazon ElastiCache for Redis
AnswersA, C

Neptune is purpose-built for graph queries.

Why this answer

Option B (Neptune) is correct for graph queries. Option D (Global Database for Aurora) provides multi-region replication for relational data, but for graph queries Neptune is primary. Since Neptune does not natively support multi-region replication, the platform might use Aurora for metadata and Neptune for graph, but the question expects two services.

Alternatively, DynamoDB Global Tables for key-value and Neptune for graph. However, given options, B and D are the best combined for graph and replication. Option A (DynamoDB) is not graph.

Option C (Redshift) is analytics. Option E (ElastiCache) is caching.

1016
Multi-Selecthard

A company is deploying an Amazon DynamoDB table with server-side encryption using a customer-managed AWS KMS key. The security team requires that the key be automatically rotated every year and that access to the key be logged. Which THREE steps should be taken?

Select 3 answers
A.Enable automatic key rotation for the KMS key.
B.Use AWS CloudHSM to store the key and manage rotation.
C.Enable AWS CloudTrail to log KMS API calls.
D.Create a KMS key policy that allows only specific IAM roles to use the key.
E.Configure the DynamoDB table to use client-side encryption.
AnswersA, C, D

KMS supports automatic rotation yearly.

Why this answer

To meet the requirements, enable automatic key rotation (Option A), enable CloudTrail logging (Option B), and create a KMS key policy that restricts usage (Option C). Option D is wrong because CloudHSM is not used here. Option E is wrong because DynamoDB encryption is managed by KMS, not by the application.

1017
MCQhard

A company is using Amazon DynamoDB with global tables to support a multi-region application. They notice that writes to the table in us-east-1 are not replicating to the table in eu-west-1. The replication lag metric shows increasing values. What is the most likely cause?

A.The table in eu-west-1 has a lower write capacity and is throttling incoming writes.
B.DynamoDB Streams is disabled on the table in us-east-1.
C.The DynamoDB table in us-east-1 is not accessible from eu-west-1 due to VPC restrictions.
D.The table in eu-west-1 has been removed as a replica region from the global table configuration.
AnswerD

If the replica region is removed, replication stops.

Why this answer

Option C is correct because DynamoDB global tables replicate writes asynchronously; if the replica table in eu-west-1 is not properly configured as a global table replica, replication will fail. Option A is incorrect because global tables do not require VPC endpoints. Option B is incorrect because auto scaling does not affect replication.

Option D is incorrect because DynamoDB Streams are used for global tables replication, but disabling them would stop replication, not cause lag.

1018
Multi-Selecthard

A database specialist is troubleshooting a performance issue on an Amazon Aurora MySQL DB cluster. The cluster has a primary instance and two Aurora Replicas. The application is experiencing high read latency. Which THREE actions should the specialist take to identify the cause?

Select 3 answers
A.Check the Write Latency metric on the primary instance.
B.Increase the instance size of the Aurora Replicas.
C.Check the Performance Insights for the Aurora Replicas to identify long-running queries.
D.Monitor the Aurora ReplicaLag metric in Amazon CloudWatch.
E.Evaluate the DB Connection Count metric to see if the replicas are overloaded.
AnswersC, D, E

Long-running queries can cause read latency.

Why this answer

Options A, B, and D are correct. Monitoring ReplicaLag (A), checking for long-running queries on replicas (B), and evaluating Connection Count metrics (D) help identify read latency causes. Option C is wrong because write latency is not the issue.

Option E is wrong because increasing instance size is a remedy, not a diagnostic step.

1019
MCQhard

A company uses Amazon DynamoDB with fine-grained access control using IAM policies. A developer reports that an application role can read and write to the 'orders' table but cannot perform a Scan operation on a Global Secondary Index (GSI). The IAM policy attached to the role includes 'dynamodb:Scan' and the resource ARN for the table. What is the likely reason for this failure?

A.The policy has a condition that restricts Scan operations based on the time of day.
B.The role does not have permission to read from the base table.
C.The IAM policy does not include the GSI's ARN in the resource statement.
D.The IAM policy does not allow the 'dynamodb:Scan' action on the table.
AnswerC

GSIs have separate ARNs that must be explicitly allowed.

Why this answer

Option B is correct because DynamoDB GSIs have separate ARNs, and the policy must include the GSI ARN. Option A is wrong because the Scan action is allowed on the table, but the GSI requires its own resource. Option C is wrong because condition keys are not relevant if the action is denied.

Option D is wrong because the role is allowed to read and write, but Scan is a read action.

1020
MCQeasy

A database administrator needs to audit all SQL queries executed on an Amazon RDS for PostgreSQL instance, including SELECT statements. What is the most efficient way to achieve this?

A.Enable AWS CloudTrail for the RDS instance.
B.Install the pgAudit extension and configure it to log all statements.
C.Configure the DB instance to export logs to Amazon CloudWatch Logs.
D.Enable Enhanced Monitoring for the DB instance.
AnswerB

pgAudit captures detailed query logs including SELECT.

Why this answer

Option D is correct because enabling pgAudit extension logs all queries including SELECT. Option A is wrong because CloudTrail does not capture SQL queries. Option B is wrong because enhanced monitoring does not log queries.

Option C is wrong because database logs may not capture all queries without audit extension.

1021
MCQhard

A company runs a critical application on Amazon RDS for PostgreSQL with Multi-AZ deployment. The database is a db.r5.xlarge instance with 500 GB of Provisioned IOPS (io1) storage. The application writes a large volume of time-series data every 5 minutes. Recently, the team noticed that the replica lag between the primary and standby instance has increased to over 10 seconds during peak write periods. The application requires that the standby be within 5 seconds of the primary for disaster recovery purposes. The team has already verified that network latency between AZs is minimal, and the standby instance is the same size as the primary. The CloudWatch metric 'TransactionLogsDiskUsage' shows that the primary is generating logs at a high rate. Which combination of actions should the database administrator take to reduce the replica lag? (Choose the best option.)

A.Disable synchronous commit on the primary to reduce log generation
B.Change the standby instance to a larger instance type (e.g., db.r5.2xlarge) to improve apply throughput
C.Reduce the batch write frequency to every 10 minutes to lower the log generation rate
D.Increase the Provisioned IOPS on both the primary and standby instances to improve log write throughput
AnswerD

Higher IOPS reduces the time to flush transaction logs, reducing replica lag.

Why this answer

Option B is correct because increasing the storage IOPS on both instances reduces the time to write transaction logs to disk, which is the bottleneck. The primary generates logs, and the standby applies them; both need fast I/O. Option A is insufficient because disabling synchronous commit might cause data loss.

Option C is incorrect because the standby is already the same size; increasing its size alone may not help if the bottleneck is I/O. Option D is incorrect because reducing the batch size reduces write volume, affecting application performance.

1022
MCQeasy

A company is migrating its on-premises Oracle database to Amazon RDS for Oracle. The database is 2 TB in size and contains both transactional and analytical workloads. The company uses Oracle Data Pump for migration. During the migration, the database specialist notices that the export job on the source database is taking longer than expected and is generating significant I/O, impacting production performance. The company needs to minimize the impact on the source database while completing the migration within a 48-hour window. The source database is currently running on a dedicated server with sufficient CPU and memory. Which course of action should the database specialist take?

A.Use AWS Database Migration Service (AWS DMS) with full load and change data capture (CDC) to migrate the database.
B.Use Data Pump to export to a networked file system (NFS) mount point to offload storage I/O to the network.
C.Use Oracle Data Pump in network_link mode to directly import the data from the source to the target RDS instance without intermediate files.
D.Increase the parallel workers for the Data Pump export job to 8 to speed up the export and reduce the time window.
AnswerC

Correct: This minimizes source I/O as data is transferred directly.

Why this answer

Option C is correct because Oracle Data Pump's network_link mode allows the source database to export data directly to the target RDS for Oracle instance over a database link, bypassing the need to write intermediate dump files to disk. This eliminates the I/O overhead on the source server's storage subsystem, which is the primary cause of the production performance impact, while still completing the migration within the 48-hour window.

Exam trap

The trap here is that candidates often assume increasing parallelism (Option D) is always the best way to speed up a Data Pump job, but they overlook that the primary issue is I/O impact on production, not throughput, and that network_link mode eliminates the I/O bottleneck entirely.

How to eliminate wrong answers

Option A is wrong because AWS DMS with full load and CDC would still require reading the source database, which can generate significant I/O and impact production performance; additionally, DMS may not support all Oracle-specific features or data types that Data Pump handles natively. Option B is wrong because exporting to an NFS mount point still writes dump files to a networked file system, which does not eliminate the I/O on the source server's local storage and can introduce network latency and additional overhead. Option D is wrong because increasing parallel workers for the Data Pump export job would increase I/O and CPU consumption on the source database, exacerbating the production performance impact rather than minimizing it.

1023
MCQhard

A database administrator is troubleshooting an Amazon RDS for PostgreSQL DB instance that is experiencing high CPU utilization. The administrator runs the following query to find the current running queries: SELECT pid, now() - pg_stat_activity.query_start AS duration, query, state FROM pg_stat_activity WHERE state = 'active'; The output shows a high number of queries with a state of 'active' and durations exceeding several minutes. What should the administrator do FIRST to reduce CPU utilization?

A.Modify the max_connections parameter to limit concurrent sessions.
B.Scale up the DB instance to a larger instance class.
C.Use pg_terminate_backend to terminate the long-running queries.
D.Enable pg_stat_statements to collect query performance data.
AnswerC

Terminating long-running queries immediately reduces CPU usage.

Why this answer

Option C is correct because the immediate cause of high CPU utilization is the long-running active queries consuming resources. Using pg_terminate_backend to terminate these queries will quickly free up CPU cycles, providing immediate relief. This is the first troubleshooting step before making configuration changes or scaling, as it directly addresses the symptom shown in the pg_stat_activity output.

Exam trap

The trap here is that candidates may choose to scale up or adjust parameters first, overlooking that the immediate problem is the active long-running queries, which can be resolved quickly with pg_terminate_backend without incurring cost or configuration changes.

How to eliminate wrong answers

Option A is wrong because modifying max_connections limits the number of concurrent sessions but does not address the existing long-running queries that are already consuming CPU; it may also cause application errors if connections are rejected. Option B is wrong because scaling up the DB instance to a larger class is a reactive and costly measure that does not resolve the root cause of inefficient queries; it should only be considered after optimizing queries or confirming a sustained workload increase. Option D is wrong because enabling pg_stat_statements collects query performance data for analysis but does not reduce current CPU utilization; it is a diagnostic tool for future optimization, not an immediate fix.

1024
MCQhard

A company is using Amazon Redshift for data warehousing. The security team requires column-level access control so that certain users cannot view specific columns containing PII. Which approach should the data engineer implement?

A.Create views that exclude the sensitive columns and grant SELECT on the views to the users.
B.Implement row-level security policies using CREATE ROW LEVEL SECURITY POLICY.
C.Use GRANT SELECT ON table (col1, col2) TO user.
D.Encrypt the sensitive columns using AWS KMS and decrypt in the application.
AnswerA

Views can restrict column access.

Why this answer

Option D is correct because Redshift supports column-level security via views that restrict columns, and you grant access to the view instead of the table. Option A is wrong because Redshift does not support column-level GRANT. Option B is wrong because row-level security does not restrict columns.

Option C is wrong because column-level encryption is not natively supported in Redshift and would require application changes.

1025
Multi-Selecthard

Which THREE factors should be considered when planning a cross-Region disaster recovery strategy for an Amazon Aurora MySQL DB cluster? (Choose 3.)

Select 3 answers
A.Provisioned IOPS for the primary cluster.
B.Network latency between source and target Regions.
C.Storage costs in the target Region.
D.Failover priority of reader instances.
E.Recovery Point Objective (RPO) requirements.
AnswersB, C, E

Latency affects replication lag and RTO.

Why this answer

Options A, C, and E are correct because RPO determines acceptable data loss, network latency affects replication lag, and storage costs vary by region. Option B is wrong because IOPS are not a direct DR consideration. Option D is wrong because failover priority is for local replication, not cross-Region.

1026
MCQhard

A media streaming company uses Amazon DynamoDB as the primary data store for user session information. The table has a partition key of 'user_id' (String) and a sort key of 'session_start_time' (Number). The table is provisioned with 5000 read capacity units (RCU) and 5000 write capacity units (WCU). Over the past week, the company noticed occasional throttling on writes during peak hours, even though the average consumed WCU is only 3500. The DynamoDB table also experiences hot partitions. The development team is considering using DynamoDB Accelerator (DAX) to cache read-heavy workloads, but the issue is with writes. The database administrator needs to resolve the write throttling and hot partitions. Which action should the administrator take?

A.Enable DynamoDB adaptive capacity to automatically handle uneven access patterns.
B.Deploy DAX to cache frequent writes and reduce write load.
C.Reduce the provisioned WCU to match the average consumption to save costs.
D.Enable DynamoDB auto scaling for write capacity to scale based on demand.
AnswerA

Adaptive capacity helps manage hot partitions by allowing more throughput to hot keys.

Why this answer

Option A is correct because adaptive capacity automatically adjusts throughput to handle uneven access patterns, helping with hot partitions. Option B is wrong because reducing WCU would worsen throttling. Option C is wrong because enabling auto scaling adjusts capacity but doesn't address hot partitions directly.

Option D is wrong because DAX caches reads, not writes.

1027
MCQhard

A company is building a real-time analytics dashboard from IoT sensor data. Data arrives as time-series with millions of writes per second. The dashboard queries the last hour of data with aggregations. Which database design is most cost-effective?

A.Amazon DynamoDB with TTL and DAX
B.Amazon Redshift with streaming ingestion
C.Amazon Timestream
D.Amazon RDS for PostgreSQL with TimescaleDB extension
AnswerC

Optimized for time-series with low cost for high write throughput and efficient recent data queries.

Why this answer

Amazon Timestream is purpose-built for time-series data, offering automatic tiered storage (in-memory for recent data and magnetic for historical) and built-in aggregation functions optimized for time-based queries. This design handles millions of writes per second cost-effectively, as it eliminates the need for manual sharding or TTL management, and its serverless model charges only for data written and queried, making it ideal for real-time analytics on the last hour of IoT sensor data.

Exam trap

The trap here is that candidates often choose DynamoDB with TTL and DAX because they associate it with high write throughput and caching, but they overlook that time-series aggregation queries require native time-based functions and cost-efficient storage tiering, which Timestream uniquely provides.

How to eliminate wrong answers

Option A is wrong because DynamoDB with TTL and DAX is optimized for key-value and low-latency point lookups, not for time-series aggregations over a sliding window; TTL only deletes expired data but does not provide native time-based aggregation functions, and DAX accelerates reads but does not reduce the cost or complexity of scanning and aggregating millions of writes per second. Option B is wrong because Redshift with streaming ingestion is designed for large-scale analytical queries on structured data, but its minimum cluster size and compute costs make it over-provisioned and expensive for real-time dashboards querying only the last hour of data; streaming ingestion adds latency and complexity for sub-second updates. Option D is wrong because RDS for PostgreSQL with TimescaleDB extension requires manual provisioning of compute and storage, incurs costs for idle capacity, and its hypertable partitioning and continuous aggregates still involve overhead for millions of writes per second, making it less cost-effective than a fully managed serverless time-series service like Timestream.

1028
Multi-Selecthard

A company uses Amazon DynamoDB with auto scaling enabled. During a flash sale, write traffic spikes and some requests receive ThrottlingException errors. The table's write capacity auto scaling reaches the maximum configured capacity but still throttles. Which TWO actions should resolve the throttling? (Choose TWO.)

Select 2 answers
A.Increase the maximum write capacity setting for the auto scaling policy.
B.Review the partition key design to ensure even access distribution.
C.Add a DynamoDB Accelerator (DAX) cluster to cache writes.
D.Enable DynamoDB Streams to offload write traffic.
E.Disable auto scaling and use On-Demand capacity mode.
AnswersA, B

Allows auto scaling to scale higher.

Why this answer

Option A increases maximum capacity to allow auto scaling to scale higher. Option C improves partition key distribution to avoid hot partitions. Option B does not help because auto scaling already reached max.

Option D is not a DynamoDB feature. Option E is irrelevant.

1029
Multi-Selectmedium

Which TWO database services are suitable for storing time-series data with high ingestion rates? (Select TWO.)

Select 2 answers
A.Amazon Timestream
B.Amazon RDS for MySQL
C.Amazon ElastiCache for Memcached
D.Amazon DynamoDB with TTL
E.Amazon Redshift
AnswersA, D

Purpose-built for time-series.

Why this answer

Amazon Timestream is purpose-built for time-series. DynamoDB with TTL can be used for time-series with efficient expiration. Options C, D, E are not optimal for high ingestion time-series.

1030
MCQmedium

A company is designing a database for a social media application that needs to handle friend-of-friend queries and recommendation engine traversals. Which AWS database is best suited?

A.Amazon DynamoDB
B.Amazon DocumentDB (with MongoDB compatibility)
C.Amazon ElastiCache for Redis
D.Amazon Neptune
AnswerD

Graph database optimized for traversals and relationships.

Why this answer

Amazon Neptune is a fully managed graph database service optimized for storing and querying highly connected data. It supports both property graph (Apache TinkerPop/Gremlin) and RDF (SPARQL) models, making it ideal for friend-of-friend queries and recommendation engine traversals that require navigating complex relationships with low latency.

Exam trap

The trap here is that candidates often choose DynamoDB or ElastiCache because they associate social media with key-value or in-memory caching, overlooking that graph databases are specifically designed for relationship-heavy traversals like friend-of-friend queries.

How to eliminate wrong answers

Option A is wrong because Amazon DynamoDB is a key-value and document database that lacks native graph traversal capabilities; performing friend-of-friend queries would require multiple expensive queries and client-side joins, leading to poor performance at scale. Option B is wrong because Amazon DocumentDB (MongoDB-compatible) is a document database that does not support graph-specific query patterns like Gremlin or SPARQL, and its aggregation pipeline is inefficient for multi-hop relationship traversals. Option C is wrong because Amazon ElastiCache for Redis is an in-memory data store that can model graphs using data structures like sets or sorted sets, but it lacks a native graph query language and optimized traversal engine, making it unsuitable for complex multi-level recommendation traversals at scale.

1031
MCQhard

A company is migrating a 1 TB SQL Server database to Amazon RDS for SQL Server. They use AWS DMS with full load and ongoing replication. After the full load completes, they observe that the ongoing replication is falling behind and the target database is not consistent. The source database has high transaction volume. What is the most effective way to improve replication performance?

A.Disable CloudWatch logging for the DMS replication instance.
B.Configure multiple parallel load tasks for ongoing replication.
C.Enable batch apply mode in the DMS task.
D.Increase the size of the DMS replication instance (e.g., from dms.c5.xlarge to dms.c5.2xlarge).
AnswerD

A larger instance provides more resources to process transactions faster.

Why this answer

Option D is correct because increasing the replication instance size provides more CPU and memory, which can handle higher volumes of changes. Option A is wrong because parallel load tasks apply to full load, not ongoing replication. Option B is wrong because batch apply can help but may not be sufficient if the instance is underpowered.

Option C is wrong because disabling logging reduces fault tolerance but does not improve replication speed.

1032
MCQeasy

A retail company runs its inventory management system on Amazon RDS for PostgreSQL. The application performs frequent updates to inventory counts. The operations team notices that write latency increases significantly during peak sales hours. The database is a single db.r5.large instance with General Purpose SSD (gp2) storage. The CPU utilization is around 40% during peaks, but the write latency spikes. The team suspects a storage bottleneck. Which change would most effectively reduce write latency?

A.Enable Multi-AZ deployment.
B.Change storage type to Provisioned IOPS (io2) with sufficient IOPS.
C.Add a read replica to offload read traffic.
D.Scale up to a db.r5.xlarge instance.
AnswerB

Provisioned IOPS provides consistent low-latency write performance.

Why this answer

Option B is correct. Provisioned IOPS (io1/io2) storage provides consistent low-latency I/O performance compared to gp2, which can have variable performance due to burst credits. Option A (increase instance size) may not address I/O bottleneck.

Option C (Multi-AZ) improves availability, not latency. Option D (read replica) offloads reads, not writes.

1033
MCQmedium

A company is migrating an on-premises MongoDB workload to Amazon DocumentDB. The current workload uses secondary indexes heavily for reporting queries. Which design consideration should the company evaluate to ensure optimal performance on DocumentDB?

A.Enable Multi-AZ deployment to improve read performance.
B.Shard the collection across multiple DocumentDB clusters.
C.Use the MongoDB aggregation pipeline to bypass indexing.
D.Evaluate using covered queries instead of secondary indexes.
AnswerD

DocumentDB does not support secondary indexes; covered queries can help performance.

Why this answer

Covered queries retrieve all required data from an index without accessing the underlying documents, reducing I/O and improving performance. In Amazon DocumentDB, which is compatible with MongoDB 4.0, covered queries can often replace secondary indexes for reporting workloads, minimizing index maintenance overhead and storage costs. This design consideration directly addresses the heavy reliance on secondary indexes by optimizing query execution.

Exam trap

The trap here is that candidates assume secondary indexes are always necessary for query performance, overlooking that covered queries can eliminate document lookups and reduce index overhead, which is a key optimization for DocumentDB's architecture.

How to eliminate wrong answers

Option A is wrong because Multi-AZ deployment provides high availability and automatic failover, not improved read performance; read replicas (not Multi-AZ) are used for read scaling. Option B is wrong because DocumentDB does not support manual sharding across clusters; it uses a single cluster with auto-scaling storage, and sharding is not a native feature. Option C is wrong because the MongoDB aggregation pipeline does not bypass indexing; it can leverage indexes for performance, and avoiding indexes would degrade query performance, not improve it.

1034
MCQmedium

A company uses Amazon RDS for MySQL with encryption at rest enabled. The security team mandates that all access to the database must be authenticated using IAM database authentication. The database administrator has created a user 'app_user' and granted appropriate privileges. However, when the application tries to connect using an IAM authentication token, it receives an 'Access denied' error. Which action should be taken to resolve this issue?

A.Create a password for 'app_user' and use that password in the connection string.
B.Modify the security group to allow inbound traffic on port 3306 from the application's IP address.
C.Ensure the IAM role used by the application has a name that matches the database user 'app_user' and has the necessary policy attached.
D.Download the latest Amazon RDS CA certificate and add it to the application trust store.
AnswerC

IAM database authentication requires the database user name to match the IAM user or role name (or a mapped DB user) that has been granted the rds_iam role.

Why this answer

Option C is correct because IAM database authentication for RDS MySQL requires that the database user name matches the IAM role or user name used to generate the authentication token. The IAM role must have a policy that allows the `rds-db:connect` action with a resource ARN specifying the database user. Without this exact match, the authentication token is rejected, resulting in an 'Access denied' error.

Exam trap

The trap here is that candidates often confuse IAM database authentication with network-level security (security groups) or TLS certificate management, when the core requirement is the exact name match between the database user and the IAM principal (role or user) used to generate the token.

How to eliminate wrong answers

Option A is wrong because IAM database authentication does not use a static password; it relies on a temporary authentication token generated via the AWS CLI or SDK, and creating a password would bypass the mandated IAM authentication. Option B is wrong because the 'Access denied' error is an authentication failure, not a network connectivity issue; security group rules control network access, not IAM token validation. Option D is wrong because the CA certificate is used for TLS/SSL encryption of the connection, not for IAM authentication; the error is unrelated to certificate trust.

1035
MCQmedium

A company is designing a database for a ride-sharing application that requires real-time location updates and driver-passenger matching. The database must support geospatial queries to find nearby drivers within a radius. The expected throughput is 10,000 writes per second and 5,000 reads per second. The company wants a fully managed solution with low latency. The application team has experience with PostgreSQL. Which database design should they choose?

A.Use Amazon Aurora PostgreSQL with the PostGIS extension and use read replicas for scaling reads.
B.Use Amazon DynamoDB with a geospatial library to encode locations into a partition key.
C.Use Amazon DynamoDB with a global secondary index on a geohash attribute for proximity queries.
D.Use Amazon RDS for MySQL with spatial indexes and Multi-AZ deployment.
AnswerA

Aurora PostgreSQL with PostGIS provides geospatial support, scalability, and managed service.

Why this answer

Option A is correct because Amazon Aurora PostgreSQL supports PostGIS for geospatial queries, can scale to handle the throughput with write replicas and auto-scaling, and is fully managed. Option B (DynamoDB) is not ideal for geospatial queries; it requires complex partitioning. Option C (DynamoDB with GSI) still not good for radius queries.

Option D (RDS MySQL) has geospatial support but may not scale as well as Aurora.

1036
Multi-Selectmedium

A company is building a real-time leaderboard for a mobile game using Amazon DynamoDB. The leaderboard displays the top 100 players by score. The table has 'game_id' as partition key and 'player_id' as sort key. The score is updated frequently. Which THREE design patterns should the company implement to ensure low-latency reads for the leaderboard? (Choose three.)

Select 3 answers
A.Use 'ScanIndexForward: false' on the base table to get top players.
B.Enable DynamoDB Accelerator (DAX) to cache the leaderboard query.
C.Use 'begins_with' operator on the sort key to filter by score range.
D.Create a global secondary index (GSI) with 'game_id' as partition key and 'score' as sort key.
E.Use DynamoDB Streams and AWS Lambda to maintain a separate leaderboard table.
AnswersB, D, E

Caches the query results for low-latency reads.

Why this answer

Option B is correct because DynamoDB Accelerator (DAX) provides an in-memory cache that can serve repeated leaderboard queries with microsecond latency, reducing the read load on the base table and avoiding throttling. For a real-time leaderboard that is read frequently, DAX ensures low-latency responses without needing to query DynamoDB directly each time.

Exam trap

The trap here is that candidates may think using ScanIndexForward on the base table (Option A) is sufficient, but they overlook that the base table's sort key is player_id, not score, so it cannot sort by score without a GSI or separate table.

1037
MCQeasy

A company needs to ensure that all changes to an Amazon RDS DB instance's security group are logged for auditing purposes. Which AWS service should be enabled?

A.Amazon RDS Event Subscriptions
B.AWS CloudTrail
C.AWS Config
D.VPC Flow Logs
AnswerB

CloudTrail logs all API actions, including security group modifications.

Why this answer

AWS CloudTrail records API calls made to the AWS environment, including changes to security groups. RDS event subscriptions are for database events, not API calls. Config tracks configuration changes but is not primarily for API logging.

VPC Flow Logs capture network traffic, not API calls.

1038
MCQeasy

A company wants to audit all SQL statements executed on their Amazon Aurora MySQL database for compliance. Which AWS feature should be enabled?

A.Database Activity Streams
B.VPC Flow Logs
C.Amazon CloudWatch Logs
D.AWS CloudTrail
AnswerA

This feature streams database activity to CloudWatch Logs or Kinesis.

Why this answer

Option A is correct because Database Activity Streams provide a stream of database activities including SQL queries. Option B is wrong because CloudTrail logs API calls, not SQL statements. Option C is wrong because VPC Flow Logs capture network traffic.

Option D is wrong because CloudWatch Logs can store logs but the source should be Database Activity Streams.

1039
Matchingmedium

Match each AWS database feature to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Synchronous standby replica for high availability

Asynchronous read-only copy for scaling reads

Automatic adjustment of Aurora replica count

In-memory cache for DynamoDB with microsecond latency

Connection pooling for RDS to handle Lambda bursts

Why these pairings

Key features for performance and availability.

1040
MCQmedium

A company is running an Amazon Aurora MySQL-Compatible DB cluster. The application is experiencing increased latency during peak hours. The DB cluster's CPU utilization is at 40%, but the ReadReplicaLag metric is high. Which of the following is the most likely cause?

A.The writer instance is experiencing I/O bottlenecks, causing slow replication
B.The read replica is receiving too many write requests
C.The DB cluster parameter group is misconfigured
D.The binary log retention period is too long
AnswerA

I/O bottlenecks on the writer can delay writing to the binary log, increasing replica lag.

Why this answer

Option A is correct because high replica lag indicates the replica is falling behind, often due to insufficient I/O capacity on the writer or replica. Option B is wrong because read replicas handle SELECT queries. Option C is wrong because binary log retention does not affect replica lag directly.

Option D is wrong because the DB cluster parameter group is shared.

1041
MCQeasy

A company uses Amazon DynamoDB with auto scaling enabled. During a sales event, the write capacity consumption increases, but the table does not scale up as expected, resulting in throttled requests. The table has read/write capacity mode set to 'Provisioned' with auto scaling configured. What should the team check first to troubleshoot the issue?

A.Check the target utilization percentage in the auto scaling policy
B.Verify that the auto scaling role has the necessary IAM permissions
C.Check whether the table class is DynamoDB Standard-IA
D.Check if a global secondary index (GSI) has its own write capacity that is throttling
AnswerA

If target utilization is high (e.g., 90%), scaling may not trigger until sustained high usage.

Why this answer

Option B is correct because auto scaling uses a target utilization percentage; if it's set too high, it may not trigger scaling soon enough. Option A is incorrect because auto scaling controls the provisioned capacity, not the table class. Option C is incorrect because auto scaling does not require manual approval.

Option D is incorrect because auto scaling can increase capacity up to the maximum limit, regardless of the GSI.

1042
MCQhard

A company is migrating an on-premises Oracle database to Amazon RDS for Oracle. The security team requires that all network traffic between the application servers and the database be encrypted using TLS. The application servers are in a different VPC connected via VPC Peering. What is the simplest way to enforce encryption in transit?

A.Modify the security group for the RDS instance to only allow traffic on port 443.
B.Enable the rds.force_ssl parameter in the DB parameter group and configure the application to use SSL connections.
C.Use a default DB parameter group, as it already enforces SSL.
D.Set up a VPN connection between the two VPCs and route all traffic through it.
AnswerB

This enforces SSL at the database level, and the client can connect using SSL certificates.

Why this answer

Option A is correct because enabling the rds.force_ssl parameter ensures that Oracle connections require SSL, and using SSL certificates on the client side establishes encrypted connections. Option B is wrong because a VPN adds complexity and is not necessary. Option C is wrong because the default parameter group may not have SSL enabled.

Option D is wrong because the security group does not enforce encryption.

1043
MCQmedium

A company is using Amazon ElastiCache for Redis as a caching layer. The application is experiencing higher latency than expected. The team suspects that cache evictions are occurring due to memory pressure. Which ElastiCache metric should be monitored to confirm this?

A.CurrConnections
B.Evictions
C.ReplicationLag
D.CacheHits
AnswerB

Evictions metric directly counts the number of keys evicted due to memory pressure.

Why this answer

Option D is correct because `Evictions` metric shows the number of evicted keys due to memory limit. Option A is wrong because `CacheHits` shows successful reads. Option B is wrong because `CurrConnections` shows current connections.

Option C is wrong because `ReplicationLag` shows replication delay, not evictions.

1044
MCQeasy

A database administrator needs to monitor the number of connections to an Amazon RDS for PostgreSQL DB instance. Which Amazon CloudWatch metric should be used?

A.DatabaseConnections
B.CPUUtilization
C.WriteLatency
D.FreeableMemory
AnswerA

This metric tracks the number of connections to the DB instance.

Why this answer

Option B is correct because 'DatabaseConnections' is the CloudWatch metric that tracks the number of client connections to the DB instance. Option A is wrong because 'CPUUtilization' measures CPU usage. Option C is wrong because 'FreeableMemory' tracks available memory.

Option D is wrong because 'WriteLatency' measures write I/O latency.

1045
Multi-Selectmedium

A database specialist is monitoring an Amazon RDS for MySQL instance and notices that the 'CPUUtilization' metric is consistently above 90%. Which TWO actions should the specialist take to investigate the issue? (Select TWO.)

Select 2 answers
A.Disable the MySQL query cache to free up CPU.
B.Use Performance Insights to identify the queries that are consuming the most CPU.
C.Increase the instance class to provide more CPU resources.
D.Enable Multi-AZ to distribute the load to a standby instance.
E.Enable Enhanced Monitoring to get OS-level metrics for the RDS instance.
AnswersB, E

Performance Insights shows top queries by load.

Why this answer

Option A is correct because Performance Insights can identify high-load queries. Option B is correct because Enhanced Monitoring provides OS-level metrics like CPU, memory, and disk I/O. Option C is wrong because increasing instance class is a solution, not an investigation step.

Option D is wrong because enabling Multi-AZ does not help investigate CPU usage. Option E is wrong because disabling query cache is not a diagnostic action.

1046
MCQeasy

A company wants to migrate an on-premises MySQL database to Amazon RDS for MySQL with minimal downtime. They plan to use AWS DMS. Which source database configuration is required to enable ongoing replication (CDC)?

A.Enable binary logging (binlog) on the source database
B.Set auto_increment_increment to 1
C.Enable the slow query log
D.Enable the query cache
AnswerA

Binlog captures changes for CDC.

Why this answer

AWS DMS requires binary logging (binlog) enabled on the source MySQL database to capture ongoing changes for continuous replication (CDC). The binlog records all data modifications (INSERT, UPDATE, DELETE) in a sequential log, which DMS reads to apply those changes to the target RDS instance with minimal downtime. Without binlog enabled, DMS can only perform a full load migration and cannot support ongoing replication.

Exam trap

The trap here is that candidates may confuse MySQL's binary log with other logs (slow query log, query cache) or assume that auto-increment settings are required for replication, when in fact only binlog enables the change stream DMS needs for CDC.

How to eliminate wrong answers

Option B is wrong because setting auto_increment_increment to 1 is the default behavior and does not enable CDC; it controls the step size for auto-increment columns, not replication logging. Option C is wrong because the slow query log captures queries that exceed a defined execution time threshold, which is used for performance tuning and has no role in CDC replication. Option D is wrong because the query cache is a deprecated MySQL feature that caches SELECT results for performance; it does not provide the change data capture stream that DMS requires.

1047
Multi-Selecthard

A company is migrating a 5 TB Oracle database to Amazon RDS for Oracle. The migration must have minimal downtime and support a cutover window of less than 30 minutes. The company is using AWS DMS with ongoing CDC. Which THREE steps should be taken to minimize cutover time? (Choose three.)

Select 3 answers
A.Configure AWS DMS to use ongoing replication and set the target to apply changes until the source is caught up.
B.Pause application writes to the source database and allow CDC to catch up.
C.Validate that the target database is consistent with the source using AWS DMS data validation.
D.Take a full backup of the source database and restore it to the target before cutover.
E.Use AWS Schema Conversion Tool (SCT) to convert remaining schema objects before cutover.
AnswersA, B, C

Ongoing replication with CDC catches up the target.

Why this answer

Options A, C, and D are correct. Validating data before cutover ensures consistency. Pausing application writes and draining transactions reduces CDC lag.

Catching up CDC replication ensures the target is current. Option B is wrong because taking a full backup before cutover is not necessary with CDC. Option E is wrong because AWS SCT is for schema conversion, not for cutover.

1048
MCQhard

A company runs a production Amazon RDS for MySQL Multi-AZ DB instance with 10 TB of storage. The application team notices that database write latency has increased from 5 ms to 80 ms over the past week. The DB instance is a db.r5.8xlarge with 500 GB of gp2 storage. CloudWatch metrics show WriteIOPS averaging 10,000, WriteThroughput at 50 MB/s, and BurstBalance decreasing from 100% to 20% over the same period. The DB instance has no reserved IOPS. The database workload is write-heavy with frequent small transactions. The company needs to resolve the high write latency while minimizing costs and downtime. Which solution should the database specialist recommend?

A.Create a read replica to offload write traffic to the replica and use it for failover.
B.Upgrade the DB instance to a db.r5.16xlarge with more vCPUs and memory to handle higher write throughput.
C.Enable Performance Insights to identify slow queries and add database-level caching to reduce write load.
D.Modify the DB instance to increase the allocated storage to 1 TB using gp2, allowing the volume to operate with higher baseline IOPS and burst credits.
AnswerD

Increasing volume size boosts baseline IOPS and burst balance, resolving the bottleneck without changing instance type.

Why this answer

Option D is correct because increasing gp2 storage from 500 GB to 1 TB raises the baseline IOPS from 1,500 (3 IOPS/GB) to 3,000, and also increases the burst credit pool size. With WriteIOPS averaging 10,000, the volume is depleting burst credits faster than they can be replenished, causing BurstBalance to drop to 20% and latency to spike. Doubling the storage provides a higher baseline and more credits, reducing reliance on burst and resolving the latency issue without changing instance class or adding cost for reserved IOPS.

Exam trap

AWS often tests the misconception that increasing instance size (vCPUs/memory) resolves storage I/O bottlenecks, when in fact gp2 burst credit exhaustion is a storage-level issue that requires increasing volume size or switching to provisioned IOPS.

How to eliminate wrong answers

Option A is wrong because a read replica cannot offload write traffic; it only serves read queries and does not reduce write latency on the primary. Option B is wrong because upgrading to a db.r5.16xlarge increases CPU and memory but does not change the gp2 volume's IOPS baseline or burst credit behavior, so write latency caused by storage exhaustion would persist. Option C is wrong because Performance Insights and caching address query performance and read load, not the underlying gp2 burst credit depletion causing high write latency; the workload is write-heavy with frequent small transactions, not slow queries.

1049
MCQmedium

A company is deploying a new web application that uses Amazon RDS for MySQL. To improve read performance, they add a read replica. However, the application reports stale data. What is the most likely cause?

A.The application is using a connection pool that caches connections to the primary.
B.The read replica is in a different AWS Region.
C.The replication is asynchronous and there is replication lag.
D.The application is reading from the replica before the write is committed on the primary.
AnswerC

Asynchronous replication causes eventual consistency.

Why this answer

Amazon RDS for MySQL uses asynchronous replication for read replicas. The primary instance commits writes and then sends the binary log (binlog) events to the replica, which applies them. This asynchronous nature introduces replication lag, meaning the replica may not have the most recent writes.

If the application reads from the replica before the lag is resolved, it will see stale (older) data.

Exam trap

The trap here is that candidates often confuse asynchronous replication with synchronous replication, assuming the replica always has the latest data, or they incorrectly attribute the issue to geographic distance or connection pooling rather than the fundamental replication lag inherent in MySQL's async model.

How to eliminate wrong answers

Option A is wrong because a connection pool that caches connections to the primary would not cause stale data on a read replica; it would simply direct reads to the primary, which always has the latest data. Option B is wrong because a read replica in a different AWS Region can introduce additional latency but does not inherently cause stale data; replication lag is the primary cause, and cross-region replicas still replicate asynchronously. Option D is wrong because the application cannot read from the replica before the write is committed on the primary; the write must be committed on the primary before it is even sent to the replica, so the issue is the time it takes for the replica to apply the committed change, not the commit order.

1050
MCQmedium

A company uses Amazon Aurora MySQL-Compatible Edition and needs to audit all SQL statements executed by database users. Which feature should be enabled?

A.Enable the database engine audit logs (advanced auditing).
B.Enable AWS CloudTrail data events for the DB instance.
C.Enable database activity streams.
D.Enable RDS Enhanced Monitoring.
AnswerA

Aurora MySQL can log SQL statements using the audit plugin.

Why this answer

Option A is correct because Aurora MySQL supports advanced auditing through database engine audit logs. Option B is wrong because CloudTrail logs API calls, not SQL queries. Option C is wrong because RDS Enhanced Monitoring provides OS metrics, not SQL audit.

Option D is wrong because database activity streams capture activity in near real-time but are designed for monitoring and not primarily for SQL audit logging; however, they can be used, but the most direct answer is advanced auditing.

Page 13

Page 14 of 24

Page 15