AWS Certified Database Specialty DBS-C01 (DBS-C01) — Questions 15011575

1730 questions total · 24pages · All types, answers revealed

Page 20

Page 21 of 24

Page 22
1501
MCQmedium

A company is running an Amazon RDS for MySQL Multi-AZ DB instance. The application experiences a brief write disruption during automatic failover. The database workload has low write latency requirements. Which configuration change would minimize application impact during failover?

A.Create a read replica in a different Availability Zone and promote it during failover.
B.Change the DB instance to use a Multi-AZ DB cluster configuration.
C.Use a single-AZ deployment and rely on automated backups for recovery.
D.Increase the DB instance class to reduce failover time.
AnswerB

Multi-AZ DB cluster provides faster failover than standard Multi-AZ.

Why this answer

Using a read replica for failover is not supported in RDS MySQL; Multi-AZ is the correct approach. Option D (Multi-AZ cluster) provides faster failover than Multi-AZ with a standby. Option A is correct because RDS Multi-AZ cluster uses a writer and two reader instances, reducing failover time.

Option B is not supported. Option C increases cost without performance benefit.

1502
Multi-Selectmedium

A company is using Amazon DynamoDB with autoscaling enabled. The table has a partition key of 'order_id' and a sort key of 'order_date'. The application performs both point queries and range queries. Recently, the 'ConsumedReadCapacityUnits' metric shows that the table is consistently using 100% of the provisioned capacity. Which THREE factors should the database engineer investigate to determine the cause?

Select 3 answers
A.Whether autoscaling is configured correctly to add capacity.
B.Whether the application is using Scan operations instead of Query operations.
C.Whether the partition key is evenly distributed across partitions.
D.Whether a specific 'order_id' is being accessed frequently, creating a hot key.
E.Whether a global secondary index is being used for queries.
AnswersB, C, D

Scans consume more read capacity than queries.

Why this answer

Option B is correct because Scan operations read the entire table or index before applying filters, consuming far more read capacity than Query operations, which target specific partition and sort key values. If the application is using Scans instead of Queries, it would consistently consume 100% of provisioned capacity even for small result sets, leading to throttling and high utilization.

Exam trap

AWS often tests the misconception that autoscaling misconfiguration is the primary cause of high capacity utilization, when in reality the root cause is often inefficient access patterns (Scans) or uneven data distribution (hot keys) that autoscaling cannot fix.

1503
MCQmedium

A company is using Amazon RDS for MySQL with Multi-AZ deployment. The application team reports that write latency has increased significantly over the past hour. CloudWatch shows elevated 'ReadLatency' and 'WriteLatency' metrics. The DB instance is a db.r5.large with 500 GB General Purpose SSD (gp2) storage. Which action is most likely to resolve the issue?

A.Enable Multi-AZ deployment
B.Create a read replica to offload read traffic
C.Increase the allocated storage size to 1,000 GB
D.Scale up the DB instance class to db.r5.xlarge
AnswerC

Larger gp2 volume provides higher baseline IOPS, resolving I/O credit exhaustion.

Why this answer

Option C is correct because elevated latency combined with gp2 storage suggests that the I/O credits are exhausted, causing throughput to drop to baseline. Increasing storage size increases baseline IOPS. Option A is wrong because Multi-AZ is already enabled.

Option B is wrong because increasing instance size improves compute but does not address storage I/O limits. Option D is wrong because read replicas help read scaling but do not reduce write latency.

1504
MCQhard

A company is running a production Amazon DynamoDB table that supports a gaming application with millions of concurrent users. The table uses on-demand capacity mode. Recently, the application started experiencing throttling (ProvisionedThroughputExceededException) during peak hours. The company wants to resolve this with minimal operational overhead. What should the company do?

A.Enable DynamoDB Accelerator (DAX) to cache reads
B.Partition the table across multiple tables and use application-level sharding
C.Request a service quota increase for the on-demand table's maximum throughput
D.Switch to provisioned capacity mode with auto scaling
AnswerC

On-demand tables have default throughput limits that can be increased.

Why this answer

On-demand capacity mode in DynamoDB has a default throughput quota (typically 40,000 read/write request units per second per table, though this can vary by region and account). When traffic exceeds this soft limit, DynamoDB returns ProvisionedThroughputExceededException. Requesting a service quota increase raises this ceiling, allowing the table to handle higher bursts without throttling, and requires no architectural changes or capacity management—minimizing operational overhead.

Exam trap

The trap here is that candidates assume on-demand capacity is unlimited and never throttles, but AWS imposes a default throughput quota per table that must be explicitly raised for sustained high-traffic workloads.

How to eliminate wrong answers

Option A is wrong because DAX is an in-memory cache that reduces read latency and offloads read traffic, but it does not increase the table's write throughput quota; throttling on writes or high-volume reads that bypass DAX would still occur. Option B is wrong because application-level sharding across multiple tables adds significant operational complexity (routing logic, cross-table consistency, management overhead) and is unnecessary when a simple quota increase can resolve the throttling. Option D is wrong because switching to provisioned capacity with auto scaling introduces capacity planning and scaling lag, increasing operational overhead compared to simply raising the on-demand quota; on-demand already scales instantly within its quota limits.

1505
MCQhard

A company runs a customer-facing application on Amazon RDS for MySQL. The application experiences frequent read replicas lagging behind the primary due to long-running analytics queries. The analytics team runs complex SELECT queries that scan large tables. Which design change would minimize replica lag without affecting production writes?

A.Use Amazon DynamoDB Accelerator (DAX) for caching.
B.Increase the instance size of the primary and all read replicas.
C.Enable Multi-AZ on the primary instance.
D.Create a cross-Region read replica for analytics queries.
AnswerD

Offloads analytics to a separate replica, reducing lag.

Why this answer

Creating a cross-Region read replica for analytics queries offloads the long-running SELECT statements to a separate read replica in a different AWS Region, isolating the analytics workload from the primary instance and its in-Region replicas. This prevents the analytics queries from competing for I/O and CPU resources on the primary or its local replicas, thereby minimizing replica lag without affecting production writes. Cross-Region replicas use asynchronous replication, so they can handle heavy read traffic without impacting the primary's write performance.

Exam trap

The trap here is that candidates often assume increasing instance size (Option B) or enabling Multi-AZ (Option C) will solve replica lag, but they fail to recognize that the lag is caused by resource contention from analytics queries on the same replicas, not by insufficient hardware or lack of high availability.

How to eliminate wrong answers

Option A is wrong because Amazon DynamoDB Accelerator (DAX) is an in-memory cache for DynamoDB, not for RDS for MySQL, and it does not address replica lag caused by long-running analytics queries on RDS. Option B is wrong because increasing the instance size of the primary and all read replicas may improve performance but does not isolate the analytics workload; the long-running queries on the replicas will still consume resources and cause lag, and it does not prevent the analytics queries from affecting the primary's write performance. Option C is wrong because enabling Multi-AZ on the primary instance provides high availability with a standby replica that cannot be used for reads (it is not a read replica), so it does not offload analytics queries or reduce replica lag.

1506
MCQmedium

A company uses Amazon RDS for PostgreSQL for its e-commerce platform. The application team reports increasing read latency on the primary instance during sales events. Which action should be taken to reduce read load on the primary?

A.Enable Multi-AZ deployment
B.Migrate to Amazon DynamoDB
C.Create one or more read replicas
D.Increase the instance size of the primary
AnswerC

Read replicas offload read queries from primary.

Why this answer

Creating one or more read replicas offloads read traffic from the primary RDS for PostgreSQL instance, directly addressing the increased read latency during sales events. Read replicas are asynchronous replicas that can serve SELECT queries, reducing the load on the primary without requiring application changes to the write path. This is the standard AWS solution for scaling read-heavy workloads in RDS.

Exam trap

The trap here is that candidates often confuse Multi-AZ with read replicas, assuming the standby in a Multi-AZ deployment can serve reads, but in RDS for PostgreSQL the standby is not accessible for read traffic—only Oracle and SQL Server Multi-AZ deployments offer readable standbys under specific configurations.

How to eliminate wrong answers

Option A is wrong because Multi-AZ deployment provides high availability and automatic failover via synchronous standby replication, but it does not offload read traffic—the standby is not accessible for reads in RDS for PostgreSQL. Option B is wrong because migrating to DynamoDB is a complete architectural change that is unnecessary for simply reducing read load on an existing PostgreSQL database; it would require rewriting application queries and data modeling, and it does not address the immediate symptom of read latency on the primary. Option D is wrong because increasing the instance size of the primary only vertically scales the server, which can help but is less cost-effective and does not distribute read load; it also does not leverage the horizontal read scaling that read replicas provide.

1507
MCQeasy

A company wants to migrate a 10 GB PostgreSQL database from an on-premises server to Amazon RDS for PostgreSQL. The migration can tolerate several hours of downtime. Which migration method is the MOST straightforward?

A.Use AWS Database Migration Service (AWS DMS) with ongoing replication
B.Use AWS Schema Conversion Tool (AWS SCT) to migrate the data
C.Create an Amazon RDS Read Replica from the on-premises database
D.Use pg_dump to export the database and pg_restore to import into RDS
AnswerD

This is the simplest method for a one-time migration with downtime tolerance.

Why this answer

Option D is correct because pg_dump and pg_restore are native PostgreSQL utilities that provide a straightforward, reliable method for migrating a 10 GB database with acceptable downtime. The 10 GB size is well within the practical limits of a logical dump, and the process requires no additional AWS services or complex configuration, making it the simplest approach for a migration that can tolerate several hours of downtime.

Exam trap

The trap here is that candidates may over-engineer the solution by choosing AWS DMS with ongoing replication, assuming it is always the best migration tool, when the question explicitly states that several hours of downtime are acceptable, making the simpler native pg_dump/pg_restore approach the most straightforward.

How to eliminate wrong answers

Option A is wrong because AWS DMS with ongoing replication is designed for minimal-downtime migrations and introduces unnecessary complexity (e.g., setting up a replication instance, source/target endpoints, and change data capture) for a scenario where several hours of downtime are acceptable. Option B is wrong because AWS SCT is used for schema conversion when migrating between different database engines (e.g., Oracle to PostgreSQL), not for migrating data between two PostgreSQL databases where the schema is already compatible. Option C is wrong because an Amazon RDS Read Replica cannot be created from an on-premises database; read replicas in RDS are only supported between RDS instances or from an RDS instance to an external source, not the reverse.

1508
MCQhard

A financial company uses Amazon DynamoDB to store customer transaction data. The compliance team requires that all data be encrypted at rest using a customer-managed AWS KMS key. Additionally, they need to ensure that the key is used only for DynamoDB and no other AWS service. How can the company meet these requirements?

A.Use a KMS key with no key policy, and rely on IAM policies to restrict access to only DynamoDB.
B.Use an AWS Organizations service control policy (SCP) to deny all AWS services except DynamoDB from using the KMS key.
C.Create a KMS key with a key policy that includes a condition such as "kms:ViaService": "dynamodb.amazonaws.com" to restrict usage to DynamoDB.
D.Create a KMS key with a key policy that allows DynamoDB to use the key, and attach an IAM policy to deny all other services.
AnswerC

This condition ensures the key can only be used through DynamoDB, preventing other services.

Why this answer

Option D is correct because a KMS key policy with a condition that restricts usage to DynamoDB and prevents other services is the proper way. Option A is wrong because SCPs do not control KMS key permissions. Option B is wrong because IAM policies alone cannot restrict the key usage; the key policy must also enforce it.

Option C is wrong because you cannot prevent other services from using the key via IAM if the key policy allows them.

1509
MCQhard

A company uses Amazon DynamoDB to store IoT sensor data. Each sensor sends data every minute. The table has a partition key of sensor_id and a sort key of timestamp. The application queries data for a sensor over the last hour. The table uses on-demand capacity. Recently, the query latency increased for sensors that generate a high volume of data. The application retrieves all attributes for the sensor data. Which design change should be made to reduce latency?

A.Use DynamoDB Accelerator (DAX) for the table.
B.Create a global secondary index (GSI) with the same key structure but projecting only the required attributes.
C.Enable DynamoDB Streams to replicate data to Amazon ElastiCache.
D.Increase the read capacity units (RCUs) on the table.
AnswerB

A GSI with projected attributes reduces the amount of data read, lowering latency.

Why this answer

Option B is correct because creating a GSI with the same key structure but projecting only the required attributes reduces the amount of data read from the base table. Since the application retrieves all attributes, but the GSI can be designed to project only the necessary columns, this minimizes read I/O and reduces latency. This is especially effective for sensors with high data volume, as it avoids fetching large item payloads from the base table.

Exam trap

The trap here is that candidates assume DAX is the universal solution for read latency, but the real issue is the volume of data read per query, not cache misses, making GSI projection the correct optimization.

How to eliminate wrong answers

Option A is wrong because DAX is an in-memory cache that accelerates reads by caching hot data, but it does not reduce the amount of data read from DynamoDB; it only speeds up repeated queries. For high-volume sensors, the latency increase is due to reading large items, not cache misses. Option C is wrong because DynamoDB Streams replicate data to ElastiCache asynchronously, which adds complexity and introduces eventual consistency, not reducing query latency for real-time reads.

Option D is wrong because the table uses on-demand capacity, which automatically scales RCUs; increasing RCUs is not applicable and would not reduce latency caused by reading large items.

1510
MCQeasy

A company is using Amazon RDS for PostgreSQL to store application data. The security team wants to ensure that database audit logs are stored securely and cannot be modified after creation. Which AWS service should be used to meet this requirement?

A.AWS Key Management Service (KMS)
B.AWS CloudTrail
C.Amazon S3
D.Amazon CloudWatch Logs
AnswerD

CloudWatch Logs can store audit logs with encryption and access controls.

Why this answer

Option A is correct because Amazon RDS can publish audit logs to CloudWatch Logs, and CloudWatch Logs can be configured with a retention policy and prevent modification of logs via IAM policies or log group encryption. Option B is wrong because S3 can store logs but requires additional configuration to ensure immutability (e.g., S3 Object Lock). Option C is wrong because CloudTrail is for API auditing, not database audit logs.

Option D is wrong because KMS is used for encryption keys, not for storing logs.

1511
MCQhard

A company is migrating a 5 TB SQL Server database to Amazon RDS for SQL Server using AWS DMS. They are using Full LOB mode. The migration is failing with an error about memory allocation. What should they do to resolve this?

A.Decrease the MaxLobSize setting.
B.Increase the DMS replication instance class.
C.Split the migration into multiple DMS tasks.
D.Enable BatchApply on the DMS task.
AnswerB

More memory resolves allocation errors.

Why this answer

The error about memory allocation when using Full LOB mode in AWS DMS indicates that the replication instance does not have sufficient memory to buffer the LOB data during migration. Increasing the replication instance class provides more memory, allowing DMS to handle the LOB data without hitting allocation limits. This is the direct and recommended fix for memory-related failures in DMS LOB migrations.

Exam trap

The trap here is that candidates might confuse memory allocation errors with network or throughput issues and incorrectly choose to split the task or adjust LOB settings, rather than recognizing that the root cause is insufficient instance memory for Full LOB mode.

How to eliminate wrong answers

Option A is wrong because decreasing MaxLobSize would truncate LOB data, potentially causing data loss or migration failure if LOBs exceed the reduced limit; Full LOB mode is designed to handle LOBs of any size without truncation. Option C is wrong because splitting the migration into multiple tasks does not address the underlying memory constraint on the replication instance; each task still runs on the same instance and would encounter the same memory limitation. Option D is wrong because BatchApply optimizes target commit behavior for high-volume transactions but does not affect the memory allocation for LOB processing during the read phase; it is irrelevant to the memory error.

1512
MCQeasy

A company wants to automate backups for an Amazon RDS for PostgreSQL DB instance. The backup retention period should be 35 days. Which step is required?

A.Enable automated backups with a retention period of 35 days.
B.Use AWS Backup to schedule backups.
C.Create a manual snapshot every day and delete after 35 days.
D.Set up a cross-region snapshot copy.
AnswerA

RDS automated backups can be configured with a retention period up to 35 days.

Why this answer

Amazon RDS for PostgreSQL supports automated backups with a configurable retention period of up to 35 days. By enabling automated backups and setting the retention period to 35 days, the company meets the requirement without additional tooling or manual effort. Automated backups include transaction logs for point-in-time recovery, which is not available with manual snapshots alone.

Exam trap

The trap here is that candidates may overcomplicate the solution by choosing AWS Backup or manual snapshots, when the simplest and most direct method is to enable automated backups with the desired retention period, which is a native RDS feature.

How to eliminate wrong answers

Option B is wrong because AWS Backup can be used to schedule backups, but it is not required; RDS native automated backups already support a 35-day retention period natively, and AWS Backup adds no benefit for this specific requirement. Option C is wrong because creating a manual snapshot every day and deleting after 35 days is operationally complex and does not provide automated point-in-time recovery, which is a key feature of automated backups. Option D is wrong because cross-region snapshot copy is a separate feature for disaster recovery, not a step required to set the backup retention period to 35 days.

1513
MCQeasy

A company is using Amazon RDS for PostgreSQL. The security team wants to ensure that all connections to the database are encrypted in transit. Currently, applications connect using the PostgreSQL native encryption (SSL/TLS). What is the MOST secure way to enforce encrypted connections?

A.Configure the security group to only allow traffic on port 5432 from trusted IP addresses.
B.Enable the 'force_ssl' parameter in the DB parameter group and restart the instance.
C.Use a custom database port that is not commonly used, such as 5433, to avoid unencrypted traffic.
D.Modify the DB parameter group to set 'ssl' to 'on' and 'require_ssl' to 'on', then reboot the instance.
AnswerD

This enforces SSL/TLS for all connections.

Why this answer

Option C is correct because modifying the DB parameter group to set 'ssl' to 'on' and 'require_ssl' to 'on' forces all connections to use SSL. Option A is wrong because just enabling 'force_ssl' in the parameter group is not a valid parameter. Option B is wrong because the default security group does not enforce encryption.

Option D is wrong because the database port does not affect encryption.

1514
MCQhard

A company uses Amazon ElastiCache for Redis as a caching layer for a database. The cache cluster has one primary and one replica node. During a maintenance event, the primary node fails and the replica is promoted. After promotion, the application experiences increased latency. What should a database specialist do to reduce the impact of future failovers?

A.Disable replica reads to avoid stale data.
B.Enable automatic backups with a retention period of 35 days.
C.Enable cluster mode and distribute the cache across multiple shards.
D.Add more replica nodes to the cluster.
AnswerC

Cluster mode spreads data across shards, reducing the impact of a single node failure.

Why this answer

Option D is correct because enabling Multi-AZ with automatic failover ensures a replica in a different AZ is promoted, but the key is to pre-warm the cache or use a larger instance. However, among the options, using a cluster mode with shards distributes load and reduces impact. Option A is incorrect because disabling replica reads doesn't help.

Option B is incorrect because increasing replica count without cluster mode may not help. Option C is incorrect because automatic backup does not reduce latency after failover.

1515
MCQeasy

An application is experiencing increased latency when writing to an Amazon DynamoDB table. The table uses on-demand capacity mode. The CloudWatch metric 'WriteThrottleEvents' is zero. What is the most likely cause of the increased latency?

A.The write capacity units (WCUs) are set too low.
B.DynamoDB Accelerator (DAX) is not configured for writes.
C.A hot partition is causing excessive write traffic to a single partition.
D.The table is experiencing write throttling due to exceeding the provisioned write capacity.
AnswerC

Hot partitions can cause increased latency even when overall throughput is within limits, as a single partition's capacity is constrained.

Why this answer

Option C is correct because on-demand tables can throttle if you exceed the previous peak traffic by more than double in a short time, but since WriteThrottleEvents is zero, latency is likely due to hot partitions. Option A is wrong because throttling would show WriteThrottleEvents > 0. Option B is wrong because insufficient WCUs is not applicable for on-demand.

Option D is wrong because while DAX can reduce read latency, it does not affect write latency.

1516
MCQeasy

Refer to the exhibit. A developer created a DynamoDB table 'UserSessions' with a simple primary key. The application needs to query by user_id as well. What design change should the developer make to support this query efficiently?

A.Use a Scan operation with a filter
B.Add a sort key to the table
C.Create a Local Secondary Index on user_id
D.Create a Global Secondary Index on user_id
AnswerD

A GSI enables efficient querying on user_id.

Why this answer

Option D is correct because a Global Secondary Index (GSI) on user_id allows efficient querying by user_id without altering the base table's primary key structure. The base table uses a simple primary key (likely session_id), and a GSI provides a separate index with its own partition key (user_id) to support non-key attribute queries with eventual consistency, enabling the application to query by user_id efficiently without scanning the entire table.

Exam trap

AWS often tests the misconception that a Local Secondary Index can be used to query on any attribute, but the trap here is that an LSI requires the same partition key as the base table, so it cannot index user_id as a partition key unless user_id is already the base table's partition key.

How to eliminate wrong answers

Option A is wrong because a Scan operation with a filter reads every item in the table, incurring high read capacity consumption and latency, which is inefficient for frequent queries. Option B is wrong because adding a sort key to the table would change the primary key structure, requiring a new table or migration, and does not directly support querying by user_id unless user_id is already the partition key. Option C is wrong because a Local Secondary Index (LSI) can only be created at table creation time and shares the same partition key as the base table; if the base table's partition key is not user_id, an LSI cannot index user_id as a partition key, making it unsuitable for this use case.

1517
Multi-Selecteasy

Which TWO design patterns are commonly used to handle hot partitions in Amazon DynamoDB? (Choose 2.)

Select 2 answers
A.Write sharding
B.Decreasing write capacity units
C.Using a single partition key
D.Increasing read capacity units
E.Adding random suffixes to partition keys
AnswersA, E

Distributes writes across many partition key values.

Why this answer

Write sharding distributes writes across multiple partition keys to prevent a single partition from exceeding the 1,000 WCU limit. Adding random suffixes to partition keys is a specific write sharding technique that spreads writes across many partitions, avoiding hot spots.

Exam trap

AWS often tests the misconception that increasing capacity units alone resolves hot partitions, but the real solution requires redistributing the workload across partitions via sharding or suffix-based strategies.

1518
MCQhard

An e-commerce platform uses Amazon DynamoDB for a shopping cart table with partition key 'user_id' and sort key 'product_id'. The table experiences throttled write requests during flash sales. The access pattern includes reading the entire cart at checkout. Which design change would improve write performance without changing the read pattern?

A.Enable DynamoDB Accelerator (DAX) to cache writes
B.Increase the provisioned write capacity units (WCU) to a higher value
C.Change the table design to use only partition key 'user_id' and remove the sort key
D.Enable DynamoDB Adaptive Capacity and ensure the table uses on-demand capacity mode
AnswerD

Adaptive capacity helps distribute traffic across partitions, and on-demand mode handles spikes.

Why this answer

Option C is correct because DynamoDB adaptive capacity automatically adjusts partitions based on traffic patterns, mitigating hot keys. Option A (increase WCU) doesn't solve hot key issue. Option B (DAX) improves read, not write.

Option D (remove sort key) would break the data model.

1519
MCQhard

A company is migrating a 10 TB Oracle database to Amazon Aurora PostgreSQL. The migration uses AWS DMS with CDC. After the full load, the CDC phase is falling behind by several minutes. The source Oracle database generates 500 MB of redo logs per minute. Which action will most likely improve CDC performance?

A.Disable CDC and perform a full load only
B.Increase the number of parallel apply threads on the DMS task
C.Reduce the batch size in the DMS task settings
D.Increase the source Oracle redo log size
AnswerB

More parallel apply threads can increase throughput for applying changes to the target.

Why this answer

Option C is correct because increasing the DMS task's parallel apply threads can speed up the apply phase. Option A is wrong because increasing source redo log size does not affect DMS performance. Option B is wrong because disabling CDC is not a solution.

Option D is wrong because reducing batch size would slow down processing.

1520
MCQmedium

A company is using Amazon Neptune to run graph queries. The cluster has one writer and two reader instances. After a major version upgrade, the query performance degrades for complex traversal queries. The database specialist suspects that the query optimizer is not using indexes effectively. Which action should the specialist take to identify the issue?

A.Drop and recreate all indexes to ensure they are up to date.
B.Enable the Neptune explain plan feature and review the output.
C.Add more reader instances to distribute the query load.
D.Check the CloudWatch metrics for CPU utilization and query latency.
AnswerB

Explain plan shows query execution steps and index usage.

Why this answer

Option C is correct because enabling the Neptune Query Language (SPARQL or Gremlin) explain plan can show how queries are executed and whether indexes are used. Option A is incorrect because instance metrics show system health, not query execution details. Option B is incorrect because removing indexes would worsen performance.

Option D is incorrect because adding readers does not fix query optimization.

1521
Multi-Selectmedium

Which TWO factors should you consider when choosing between Amazon RDS and Amazon DynamoDB for a new application?

Select 2 answers
A.RDS requires a predefined schema, while DynamoDB is schema-less.
B.DynamoDB can only be accessed from within a VPC, while RDS can be public.
C.Only RDS supports Multi-AZ deployments for high availability.
D.Both services support encryption at rest and in transit.
E.DynamoDB is better suited for unstructured data, while RDS is better for structured data with complex relationships.
AnswersA, E

This is a key difference that affects application design.

Why this answer

Option B is correct because DynamoDB uses a NoSQL model, while RDS uses relational. Option E is correct because DynamoDB supports flexible schema, while RDS requires fixed schema. Option A is wrong because both support encryption.

Option C is wrong because both support VPC. Option D is wrong because both support multi-AZ deployments (RDS Multi-AZ, DynamoDB global tables).

1522
MCQmedium

A company is migrating a 2 TB Oracle database from on-premises to Amazon RDS for Oracle using AWS DMS. The migration completes successfully, but the new RDS instance shows higher CPU utilization than the on-premises database for the same workload. Which action is MOST likely to reduce CPU utilization on RDS?

A.Disable automated backups to free resources
B.Enable Oracle Multitenant architecture
C.Increase the allocated storage to improve IOPS
D.Change the RDS instance to a burstable class
AnswerB

Multitenant reduces resource overhead by running multiple PDBs in a single CDB.

Why this answer

Option A is correct because enabling Oracle Multitenant reduces overhead by consolidating containers. Option B is wrong because RDS does not allow direct instance type change without downtime. Option C is wrong because increasing storage does not directly reduce CPU.

Option D is wrong because disabling backups is not recommended and may not be the cause.

1523
MCQhard

A company is using Amazon DynamoDB to store financial transactions. The security team requires that all access to the table be logged for auditing, and that any unauthorized access attempts trigger an immediate alert. The company has enabled AWS CloudTrail to log all DynamoDB API calls. However, the security team is concerned that CloudTrail logs may not capture all access patterns, such as queries that return no results. Which additional step should the company take to ensure comprehensive auditing and alerting?

A.Configure Amazon Inspector to assess the DynamoDB table for vulnerabilities.
B.Enable DynamoDB Accelerator (DAX) and configure it to log all read requests.
C.Create a CloudWatch Logs metric filter on the CloudTrail log group to detect unauthorized access attempts and set up a CloudWatch alarm.
D.Enable VPC Flow Logs on the subnet where DynamoDB endpoints are deployed.
AnswerC

CloudWatch Logs can analyze CloudTrail logs and trigger alarms based on patterns.

Why this answer

Option B is correct because CloudWatch Logs can be used to monitor CloudTrail logs and trigger alerts on specific patterns like unauthorized access. Option A only monitors performance, not access. Option C does not monitor access.

Option D may miss some operations.

1524
MCQhard

An IAM policy is attached to a user. What is the effect of this policy on the user's ability to delete the DB instance named prod-db?

A.The user can delete the DB instance only after creating a final snapshot.
B.The user can delete the DB instance because the Allow statement grants all actions.
C.The user cannot delete the DB instance because the Deny statement explicitly denies it.
D.The user can delete the DB instance because the Allow statement is broader and applies to all resources.
AnswerC

An explicit Deny always overrides an Allow.

Why this answer

Option B is correct. The Deny statement explicitly denies the DeleteDBInstance action on the specific resource, and an explicit Deny overrides any Allow. Option A is wrong because the Deny overrides.

Option C is wrong because the condition is not based on snapshot existence. Option D is wrong because the policy does not allow deletion.

1525
MCQeasy

A startup is building a social media application with a news feed feature. The feed must be personalized and updated in real-time as users post. Which AWS database service is best suited for this workload?

A.Amazon DynamoDB with Global Secondary Indexes
B.Amazon S3 with Select and Glacier
C.Amazon RDS for PostgreSQL with read replicas
D.Amazon ElastiCache for Redis with sorted sets and pub/sub
AnswerD

Redis provides real-time data structures and pub/sub for feeds.

Why this answer

Option C is correct because Amazon ElastiCache for Redis supports sorted sets and pub/sub, ideal for real-time feeds. Option A is wrong because DynamoDB is optimized for key-value access, not for real-time feed aggregation across many users. Option B is wrong because RDS is not designed for sub-millisecond real-time updates.

Option D is wrong because S3 is object storage, not a database for real-time queries.

1526
MCQhard

A company uses Amazon DynamoDB as the primary database for a global gaming application. The application requires single-digit millisecond latency for user profile lookups by user ID. However, some queries need to retrieve all active users in a region (e.g., 'us-east-1') for administrative dashboards, and these queries currently perform full table scans, causing high costs and throttling. What design approach should be taken to optimize this?

A.Implement DynamoDB Accelerator (DAX) to cache the dashboard queries.
B.Increase the read capacity units (RCUs) on the base table.
C.Create a global secondary index (GSI) on the region attribute.
D.Create a local secondary index (LSI) on the region attribute.
AnswerC

A GSI allows efficient querying on region without scanning the base table, reducing cost and throttling.

Why this answer

Option C is correct because creating a Global Secondary Index (GSI) on the 'region' attribute allows the administrative dashboard queries to retrieve all active users in a specific region using an efficient index scan instead of a full table scan. This reduces read capacity consumption, avoids throttling, and maintains single-digit millisecond latency for the indexed queries, while the base table remains optimized for user ID lookups.

Exam trap

The trap here is that candidates often confuse LSIs with GSIs, assuming an LSI can be used to query by a non-key attribute like region, but LSIs are limited to the same partition key as the base table and cannot avoid a full scan when the query predicate is on a different partition key.

How to eliminate wrong answers

Option A is wrong because DynamoDB Accelerator (DAX) is an in-memory cache that accelerates reads on the base table or existing indexes, but it does not eliminate the need for a full table scan when querying by region; it would only cache the results of expensive scans, not prevent them. Option B is wrong because increasing read capacity units (RCUs) on the base table would temporarily reduce throttling but does not address the root cause—full table scans are inherently inefficient and costly at scale, and higher RCUs only mask the problem while increasing costs. Option D is wrong because a Local Secondary Index (LSI) can only be created at table creation time and shares the same partition key as the base table; since the base table's partition key is user ID (not region), an LSI on region would still require a full scan across all partitions to retrieve all users in a region, providing no performance benefit.

1527
MCQmedium

A company is migrating its on-premises Oracle database to Amazon RDS for Oracle. As part of the migration, they need to ensure that all sensitive data is encrypted at rest using AWS Key Management Service (AWS KMS). Which configuration step is required to achieve this?

A.Modify the existing DB instance to enable encryption.
B.Configure SSL/TLS on the DB instance to encrypt data at rest.
C.Use AWS CloudHSM to generate and store the encryption keys.
D.Create a new encrypted DB instance by enabling encryption and specifying a KMS key.
AnswerD

Creating a new encrypted RDS instance with a KMS key is the correct way to enable encryption at rest.

Why this answer

Option C is correct because Amazon RDS for Oracle supports encryption at rest using AWS KMS by enabling encryption when creating the DB instance. Option A is wrong because enabling encryption on an existing unencrypted DB instance requires a snapshot restore, not a direct modification. Option B is wrong because AWS CloudHSM is not required; AWS KMS is sufficient.

Option D is wrong because SSL/TLS encrypts data in transit, not at rest.

1528
MCQhard

A company uses Amazon DynamoDB for a gaming leaderboard. The application updates scores frequently. Reads must be strongly consistent, and writes must be optimized for cost. Which table design minimizes cost while meeting consistency requirements?

A.Use Amazon DynamoDB Accelerator (DAX) for caching.
B.Use eventually consistent reads with a conditional write.
C.Store scores in Amazon S3 and use S3 Select for reads.
D.Use DynamoDB Streams to replicate reads to a separate table.
AnswerA

DAX provides in-memory caching with strong consistency, reducing RCU cost.

Why this answer

Amazon DynamoDB Accelerator (DAX) provides an in-memory cache that supports strongly consistent reads, which meets the application's requirement for strongly consistent reads. By caching frequently accessed leaderboard data, DAX reduces the number of read capacity units consumed from the DynamoDB table, thereby lowering read costs. Writes are still performed directly on the DynamoDB table, and DAX does not affect write costs, so the design optimizes overall cost while maintaining consistency.

Exam trap

The trap here is that candidates may assume that eventually consistent reads are sufficient for a leaderboard, or that caching with DAX is only for performance and not for cost optimization, but the question explicitly requires strongly consistent reads and cost minimization, making DAX the correct choice.

How to eliminate wrong answers

Option B is wrong because eventually consistent reads do not meet the requirement for strongly consistent reads, and conditional writes are used for optimistic locking, not for consistency or cost optimization. Option C is wrong because storing scores in Amazon S3 and using S3 Select for reads introduces significant latency and does not support the low-latency, high-frequency updates required for a gaming leaderboard; S3 is not designed for real-time strongly consistent reads. Option D is wrong because using DynamoDB Streams to replicate reads to a separate table adds complexity, latency, and additional storage costs without providing strongly consistent reads from the replica; DynamoDB Streams is for change data capture, not for read consistency.

1529
Multi-Selecteasy

A developer is building a serverless application that uses Amazon DynamoDB. The application needs to access the database from an AWS Lambda function. The security team mandates that the Lambda function should not use long-term AWS credentials. Which TWO steps should be taken to securely grant access? (Choose TWO.)

Select 2 answers
A.Hardcode the AWS access key ID and secret access key in the Lambda environment variables.
B.Create an IAM role with a policy that allows DynamoDB actions.
C.Configure the Lambda function to access the internet for authentication.
D.Store the database credentials in AWS Secrets Manager and retrieve them in the Lambda function.
E.Attach the IAM role to the Lambda function's execution role.
AnswersB, E

IAM role provides temporary credentials.

Why this answer

Options A and C are correct. Option A: creating an IAM role for Lambda with appropriate permissions allows temporary credentials. Option C: attaching the role to the Lambda function provides access without hardcoding credentials.

Option B is wrong because storing credentials in Secrets Manager still requires handling secrets. Option D is wrong because environment variables are not secure for long-term credentials. Option E is wrong because the Lambda function should not have internet access for security; VPC endpoints are used for private access.

1530
MCQeasy

A database administrator notices that Amazon RDS for MySQL is experiencing high CPU utilization during peak hours. The application is read-heavy with many SELECT queries. Which action is most cost-effective to improve performance?

A.Create one or more read replicas and direct read traffic to them.
B.Increase the DB instance class to a larger size.
C.Increase the allocated storage to improve I/O throughput.
D.Scale up the DB instance vertically to a higher vCPU count.
AnswerA

Read replicas distribute read workload, reducing primary CPU.

Why this answer

Option C is correct because read replicas offload read traffic from the primary, reducing CPU utilization. Option A is wrong because increasing instance size is more expensive and may not be optimal. Option B is wrong because vertical scaling is not the most cost-effective.

Option D is wrong because adding storage does not reduce CPU.

1531
MCQmedium

A company is migrating an on-premises PostgreSQL database to Amazon RDS for PostgreSQL. The database is 2 TB in size and has a high write volume. The migration window is limited to 4 hours. Which migration approach provides the fastest initial load with minimal downtime?

A.Use pg_dump to export the database and pg_restore to import into RDS.
B.Create a read replica of the on-premises database and promote it to a standalone database in RDS.
C.Use AWS Schema Conversion Tool (AWS SCT) to convert the schema and then use AWS DMS for ongoing replication.
D.Use AWS DMS with PostgreSQL as source and target, using native logical replication for full load and ongoing replication.
AnswerD

DMS with logical replication can perform a full load quickly and then keep the target in sync with minimal downtime.

Why this answer

Option B is correct because AWS DMS can perform a full load using native PostgreSQL logical replication, which is faster than AWS SCT alone (which only converts schema) and faster than using pg_dump/pg_restore for a 2 TB database within 4 hours. Option A is wrong because SCT does not migrate data. Option C is wrong because traditional backup/restore requires downtime for the entire duration.

Option D is wrong because read replicas are not applicable for cross-engine migration.

1532
MCQeasy

A database specialist needs to monitor the resource utilization of Amazon RDS DB instances. Which AWS service provides OS-level metrics such as memory, disk, and CPU usage?

A.Amazon RDS Performance Insights
B.Amazon RDS Enhanced Monitoring
C.Amazon CloudWatch
D.AWS CloudTrail
AnswerB

Enhanced Monitoring provides OS-level metrics.

Why this answer

Option B is correct. Enhanced Monitoring provides OS-level metrics for RDS instances. Option A is wrong because Performance Insights provides database performance metrics, not OS metrics.

Option C is wrong because CloudWatch provides hypervisor-level metrics, not OS metrics. Option D is wrong because CloudTrail logs API calls.

1533
MCQhard

A database specialist is troubleshooting a performance issue on a self-managed PostgreSQL database that they plan to migrate to Amazon RDS. The database has a high number of 'idle in transaction' connections. What is the impact of these connections on the database?

A.They increase CPU usage due to constant polling.
B.They hold locks and prevent cleanup of dead tuples, leading to bloat.
C.They prevent new connections from being established.
D.They cause increased disk I/O from write-ahead logging.
AnswerB

Idle transactions keep locks and prevent autovacuum from marking dead tuples.

Why this answer

Option D is correct because idle-in-transaction connections hold locks and can cause bloat, reducing performance. Option A is wrong because they do not prevent new connections from being established. Option B is wrong because CPU usage is low for idle connections.

Option C is wrong because they do not affect disk I/O directly.

1534
Multi-Selecthard

A company is designing a document database on Amazon DocumentDB for a content management system. Which TWO design practices improve query performance and reduce costs?

Select 2 answers
A.Shard data based on access patterns to distribute load.
B.Design documents to avoid joins by frequently using $lookup.
C.Avoid denormalization to maintain strict normal forms.
D.Store all documents in a single collection without indexes to reduce overhead.
E.Use appropriate indexes to support common query patterns.
AnswersA, E

Sharding improves scalability.

Why this answer

Sharding data based on access patterns (Option A) improves query performance by distributing read/write load across multiple shards, reducing contention and latency. In Amazon DocumentDB, sharding is achieved through a cluster with multiple instances, and aligning shard keys with access patterns ensures even data distribution and efficient query routing. This also reduces costs by allowing you to scale horizontally only when needed, avoiding over-provisioning of larger instances.

Exam trap

The trap here is that candidates often confuse sharding with partitioning in relational databases or assume that avoiding indexes reduces overhead, but in DocumentDB, indexes are critical for performance and sharding is a horizontal scaling strategy that directly impacts cost and query speed.

1535
MCQhard

A company is using Amazon Redshift for data warehousing. The data engineering team notices that queries are taking longer than expected. The cluster has two nodes of type dc2.large. The database specialist checks the system tables and finds that many queries are using the disk for temporary storage. Which action should the specialist take to improve query performance?

A.Add distribution keys to the tables to improve data distribution.
B.Enable concurrency scaling to offload queries to additional clusters.
C.Increase the number of nodes to three to distribute the workload.
D.Upgrade the cluster to a node type with more memory, such as ra3.xlplus.
AnswerD

More memory reduces the need for disk-based operations.

Why this answer

Option B is correct because the need for temporary storage on disk indicates insufficient memory. Upgrading to a node type with more memory (such as ra3 nodes) reduces disk spills. Option A is wrong because increasing the number of nodes does not increase per-node memory.

Option C is wrong because adding distribution keys may not reduce memory usage. Option D is wrong because enabling concurrency scaling does not address memory issues.

1536
MCQeasy

A company is deploying Amazon RDS for MySQL in a Multi-AZ configuration for high availability. The database must be able to automatically failover to a standby in another Availability Zone. Which RDS feature enables this?

A.Multi-AZ deployment
B.Automated backups
C.Enhanced Monitoring
D.Read Replicas
AnswerA

Multi-AZ automatically fails over to standby in another AZ.

Why this answer

Option B is correct because Multi-AZ deployments provide automatic failover. Option A is wrong because Read Replicas are for read scaling, not automatic failover. Option C is wrong because Automated backups are for point-in-time recovery, not failover.

Option D is wrong because Enhanced Monitoring provides metrics, not failover.

1537
Multi-Selecthard

A company is migrating its on-premises Oracle database to Amazon RDS for Oracle. The database specialist needs to monitor the migration process and ensure data consistency. Which TWO AWS services should be used together to continuously monitor the replication lag and data integrity?

Select 2 answers
A.Amazon RDS Performance Insights
B.AWS Schema Conversion Tool (AWS SCT)
C.AWS Database Migration Service (AWS DMS)
D.AWS Glue
E.Amazon CloudWatch
AnswersC, E

DMS provides replication tasks and publishes latency metrics.

Why this answer

AWS DMS is the correct service because it is specifically designed for database migrations and provides built-in monitoring of replication lag via the 'CDC latency' metric. Amazon CloudWatch is the correct complementary service because it collects and visualizes DMS metrics, including replication lag and task status, and can trigger alarms if data integrity or latency thresholds are breached.

Exam trap

The trap here is that candidates may confuse AWS DMS with AWS Glue or SCT, thinking those services also handle continuous replication monitoring, but only DMS provides CDC metrics that CloudWatch can monitor for lag and integrity.

1538
Drag & Dropmedium

Arrange the steps to switch over from a primary Amazon RDS for Oracle DB instance to a standby in a Multi-AZ deployment (planned failover) in the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Planned failover involves verifying standby health, initiating failover, and confirming connectivity.

1539
MCQeasy

A startup is running an Amazon RDS for PostgreSQL database for its web application. The database size is 50 GB. The company wants to implement a backup strategy that allows point-in-time recovery (PITR) to any point within the last 35 days with minimal storage cost. Which backup strategy should be used?

A.Enable automated backups with a retention period of 35 days.
B.Use AWS Backup to schedule daily snapshots with 35-day retention.
C.Enable automated backups with 7-day retention and copy snapshots to another region.
D.Take manual snapshots daily and retain 35 snapshots.
AnswerA

Automated backups support PITR up to 35 days.

Why this answer

RDS automated backups provide PITR within the retention period. The maximum retention period is 35 days. Enabling automated backups with 35-day retention meets the requirement with no additional cost beyond the backup storage.

Option B is correct. Option A (manual snapshots) does not provide PITR. Option C (cross-region) adds cost.

Option D (AWS Backup) adds complexity and cost.

1540
Multi-Selecthard

A company uses Amazon DynamoDB with provisioned capacity for a critical application. During a traffic spike, the table experiences throttling on write requests. The DBA needs to resolve the issue quickly. Which THREE actions should the DBA take? (Choose THREE.)

Select 3 answers
A.Switch the table to on-demand capacity mode.
B.Implement exponential backoff in the application's write requests.
C.Temporarily increase the write capacity units (WCU) using the AWS Console or CLI.
D.Enable auto scaling for the table to automatically adjust capacity.
E.Enable DynamoDB Accelerator (DAX) to cache writes.
AnswersB, C, D

Exponential backoff reduces retry collisions.

Why this answer

Option A, Option D, and Option E are correct. Option A increases write capacity immediately. Option D implements exponential backoff to handle throttling.

Option E uses DynamoDB Auto Scaling to adjust capacity. Option B is wrong because DAX is for reads, not writes. Option C is wrong because switching to on-demand may cause higher costs and is not a quick fix for the spike.

1541
MCQhard

A company uses Amazon DynamoDB for a real-time analytics platform. The table has a partition key of 'customer_id' and a sort key of 'event_timestamp'. The table receives 50,000 write requests per second, evenly distributed across 10,000 customers. The application frequently queries the last 10 events for a given customer. The company notices that some queries are throttled during peak hours. The table's write capacity is set to 50,000 WCUs, and read capacity to 10,000 RCUs. The throttled queries are read requests. What is the most likely cause of the throttling, and what should be done to resolve it?

A.Increase the write capacity units to handle the write load.
B.Increase the read capacity units to 20,000 RCUs.
C.Optimize the query by using Query with KeyConditionExpression on the sort key and Limit=10.
D.Add a global secondary index with the same keys to distribute read load.
AnswerC

This ensures the query reads only the necessary items, reducing RCU consumption.

Why this answer

The throttling occurs because the application uses Scan or an inefficient query pattern that consumes excessive read capacity. Using Query with KeyConditionExpression on the sort key and Limit=10 retrieves only the last 10 events per customer efficiently, reducing read consumption and avoiding throttling without increasing RCUs.

Exam trap

Cisco often tests the misconception that throttling always requires increasing capacity, when in fact optimizing the access pattern with Query and Limit can resolve the issue without additional cost.

How to eliminate wrong answers

Option A is wrong because the issue is read throttling, not write throttling, and write capacity is already sufficient at 50,000 WCUs. Option B is wrong because increasing RCUs to 20,000 would mask the inefficiency without addressing the root cause—poor query design that consumes more capacity than necessary. Option D is wrong because adding a GSI with the same keys would not distribute read load differently; the base table already has the required keys, and a GSI would not improve query efficiency for this access pattern.

1542
MCQmedium

A company is migrating a 1 TB SQL Server database to Amazon RDS for SQL Server. They need to minimize downtime and support ongoing replication. Which combination of AWS services should they use?

A.AWS SCT and AWS DMS
B.AWS S3 and AWS Glue
C.AWS DMS alone
D.Native SQL Server backup and restore to RDS
AnswerA

SCT converts schema, DMS migrates data with ongoing replication.

Why this answer

Option C is correct because AWS DMS supports ongoing replication and SCT helps convert the schema. Option A is wrong because native backup/restore does not support ongoing replication. Option B is wrong because S3 is not directly involved in database replication.

Option D is wrong because DMS alone does not handle schema conversion.

1543
MCQhard

Refer to the exhibit. A database specialist is troubleshooting an issue where an application cannot connect to an RDS for MySQL instance using IAM database authentication. The application uses the database user 'db_user1'. The IAM policy shown is attached to the IAM role used by the application. What is the most likely reason for the connection failure?

A.The action 'rds-db:connect' is not allowed for RDS MySQL.
B.The policy should have 'Deny' effect instead of 'Allow'.
C.The resource ARN in the policy uses an incorrect RDS resource ID.
D.The database user name in the ARN must be 'admin', not 'db_user1'.
AnswerC

The RDS resource ID must be exactly 14 alphanumeric characters. The example has 18.

Why this answer

Option C is correct because IAM database authentication for RDS MySQL requires the resource ARN in the IAM policy to include the correct RDS resource ID (the 'db-xxxxx' identifier from the RDS console), not the DB instance name or endpoint. If the ARN uses an incorrect resource ID, the policy will not match the target RDS instance, causing the authentication to fail even if the user name and action are correct.

Exam trap

The trap here is that candidates often confuse the DB instance name or endpoint with the RDS resource ID, or assume the database user must be 'admin' for IAM authentication, when in fact the resource ID is a separate identifier and the user name must match the database user exactly.

How to eliminate wrong answers

Option A is wrong because the 'rds-db:connect' action is specifically allowed for RDS MySQL when using IAM database authentication; it is the required action for connecting. Option B is wrong because a 'Deny' effect would explicitly block the connection, whereas the goal is to allow it; the 'Allow' effect is correct for granting access. Option D is wrong because the database user name in the ARN must match the actual database user (here 'db_user1'), not 'admin'; the ARN format includes the database user name as it exists in the MySQL instance.

1544
MCQmedium

A development team is using Amazon RDS for MySQL with read replicas to offload reporting queries. They notice that the read replica is consistently lagging behind the primary by several seconds. The primary handles 5000 writes per second. Which action would most likely reduce replica lag?

A.Increase the 'max_connections' parameter on the primary instance.
B.Increase the instance size of the read replica.
C.Disable binary logging on the primary instance to reduce I/O.
D.Convert the primary instance to a Multi-AZ deployment.
AnswerB

A larger replica can apply changes more quickly, reducing lag.

Why this answer

Option D is correct because increasing the replica instance size can improve its ability to apply changes faster. Option A is incorrect because disabling binary logging would break replication. Option B is incorrect because the replica lag is due to the replica not keeping up, not the primary.

Option C is incorrect because Multi-AZ is for high availability, not for reducing replica lag.

1545
Multi-Selecteasy

Which TWO AWS services can be used to centrally manage database credentials securely? (Choose two.)

Select 2 answers
A.AWS Secrets Manager
B.AWS CloudFormation
C.Amazon S3
D.AWS Identity and Access Management (IAM)
E.AWS Systems Manager Parameter Store
AnswersA, E

Managed service for secrets.

Why this answer

Options B and D are correct. AWS Secrets Manager is designed to manage secrets, including database credentials. AWS Systems Manager Parameter Store can also store secrets securely.

Option A is wrong because S3 is not designed for secret management. Option C is wrong because CloudFormation can create resources but not manage secrets centrally. Option E is wrong because IAM manages permissions, not secrets.

1546
MCQhard

A company is using Amazon DynamoDB with auto scaling enabled. The table's read capacity is set to a minimum of 100 and maximum of 1000 read capacity units (RCUs). The actual consumed read capacity is consistently at 200 RCUs. What should the database specialist do to optimize costs without impacting performance?

A.Lower the minimum read capacity to 200 RCUs.
B.Decrease the maximum read capacity to 500 RCUs.
C.Disable auto scaling and set the read capacity to 200 RCUs.
D.Increase the minimum read capacity to 500 RCUs.
AnswerA

Matches the actual consumption, preventing over-provisioning.

Why this answer

Option A is correct because lowering the minimum to 200 RCUs ensures auto scaling does not scale below the actual usage, reducing provisioned capacity costs. Option B is wrong because decreasing the maximum could cause throttling during spikes. Option C is wrong because increasing the minimum would increase costs unnecessarily.

Option D is wrong because disabling auto scaling would require manual management and may lead to over-provisioning.

1547
MCQeasy

A company wants to migrate a 500 GB MySQL database from an on-premises server to Amazon RDS for MySQL. The migration must be completed within a 2-hour downtime window. Which migration approach is MOST suitable?

A.Use AWS Database Migration Service (DMS) with a full load.
B.Use mysqldump to export the database and then import it into RDS.
C.Create an RDS Read Replica of the on-premises database and promote it.
D.Create a compressed backup using Percona XtraBackup, upload it to S3, and restore it to RDS.
AnswerD

Percona XtraBackup creates a fast physical backup; restoring from S3 is efficient and can complete within 2 hours.

Why this answer

Creating a full backup, transferring to S3, and restoring to RDS is the fastest method with minimal downtime for the given size. DMS requires setting up endpoints and may have overhead. mysqldump is slower for large databases. Read replicas are not applicable for on-premises migration.

1548
Multi-Selecthard

A company is designing a secure strategy for managing Amazon RDS for Oracle encryption keys. They want to use AWS KMS with Customer Master Keys (CMKs) for encryption at rest. Which THREE best practices should they follow?

Select 3 answers
A.Grant the RDS service principal (rds.amazonaws.com) only the necessary KMS permissions to use the CMK.
B.Create separate KMS keys for different environments (e.g., production, development).
C.Disable key rotation to maintain consistent encryption across all snapshots.
D.Store the KMS CMK inside the Oracle database for faster encryption.
E.Enable automatic rotation of the KMS CMK annually.
AnswersA, B, E

Least privilege ensures that only RDS can use the key for encryption operations.

Why this answer

Options A, C, and D are correct. Using separate KMS keys for different environments provides isolation, enabling automatic key rotation is a security best practice, and granting least privilege access to KMS keys is fundamental. Option B is wrong because storing the CMK in the database is insecure.

Option E is wrong because disabling key rotation is not recommended.

1549
MCQmedium

A database specialist is troubleshooting an Amazon RDS for SQL Server instance that is running out of storage. The instance has 500 GB of provisioned storage and is using General Purpose SSD (gp2). The specialist wants to set up an alarm to notify when free storage space drops below 50 GB. Which CloudWatch metric and threshold should be used?

A.Monitor the 'FreeStorageSpace' metric in percent and set a threshold of 10.
B.Monitor the 'DiskSpaceUtilization' metric and set a threshold of 90.
C.Monitor the 'FreeStorageSpace' metric in bytes and set a threshold of 53687091200.
D.Monitor the 'FreeStorageSpace' metric in gigabytes and set a threshold of 50.
AnswerC

FreeStorageSpace is in bytes; 50 GB = 53687091200 bytes.

Why this answer

Option B is correct because 'FreeStorageSpace' metric in bytes should be monitored. 50 GB = 50 * 1024^3 bytes = 53687091200 bytes. Option A is wrong because 'FreeStorageSpace' in bytes is the correct metric. Option C is wrong because 'FreeStorageSpace' is in bytes, not percent.

Option D is wrong because 'FreeStorageSpace' is the correct metric.

1550
MCQhard

An IAM policy is attached to an application role that accesses a DynamoDB table named 'Orders'. The table has a global secondary index named 'OrderDateIndex'. The application needs to write new orders and query the index. Based on the exhibit, will the application be able to perform these operations?

A.Yes, but only writes are allowed; index queries are denied.
B.Yes, the policy allows both writes and querying the index.
C.No, the policy does not grant access to the index.
D.No, the policy denies Query on the index.
AnswerB

PutItem allowed on table, Query allowed on index.

Why this answer

The policy allows PutItem on the table, so writes are allowed. For querying the index, the policy explicitly allows GetItem and Query on the index resource. However, the index resource ARN is correct.

Therefore, both operations are allowed. Option B is wrong because the index is not denied; Option C is wrong because the policy includes the index; Option D is wrong because the policy covers both.

1551
MCQmedium

A company is using an Amazon RDS for MySQL DB instance. The security team requires that all database connections be encrypted in transit. Which configuration step ensures this requirement is met?

A.Enable encryption at rest for the RDS instance.
B.Store the database password in AWS Secrets Manager.
C.Modify the network ACL to only allow traffic on port 3306.
D.Set the 'require_secure_transport' parameter to 1 in the DB parameter group.
AnswerD

This forces TLS connections.

Why this answer

Option A is correct because enabling the 'require_secure_transport' parameter forces clients to use TLS/SSL for connections. Option B is wrong because encryption at rest (RDS encryption) does not enforce in-transit encryption. Option C is wrong because a network ACL controls traffic at the subnet level but does not enforce encryption.

Option D is wrong because storing secrets in AWS Secrets Manager does not enforce encrypted connections.

1552
MCQeasy

A company is using Amazon DynamoDB with auto scaling enabled. The table's write capacity is set to a minimum of 50 and maximum of 500 write capacity units (WCUs). The actual consumed write capacity is consistently at 100 WCUs. What should the database specialist do to optimize costs without impacting performance?

A.Increase the minimum write capacity to 200 WCUs.
B.Disable auto scaling and set the write capacity to 100 WCUs.
C.Lower the minimum write capacity to 100 WCUs.
D.Decrease the maximum write capacity to 200 WCUs.
AnswerC

Matches actual consumption.

Why this answer

Option A is correct because lowering the minimum to 100 WCUs matches the actual usage, preventing over-provisioning. Option B is wrong because decreasing the maximum could cause throttling during spikes. Option C is wrong because increasing the minimum would increase costs.

Option D is wrong because disabling auto scaling would require manual management.

1553
MCQmedium

A company has an Amazon Redshift cluster that is running slowly on complex queries. The cluster has 10 dc2.large nodes. The 'QueryDuration' metric shows high values for several queries. The team wants to improve performance without changing queries. Which action is MOST likely to help?

A.Add more nodes of the same type to the cluster.
B.Enable compression on all columns.
C.Enable Redshift Spectrum to offload queries to Amazon S3.
D.Increase the workload management (WLM) concurrency level.
AnswerC

Redshift Spectrum allows querying data directly in S3, reducing load on the cluster and improving performance for complex queries.

Why this answer

Option C is correct because Redshift Spectrum allows querying data directly in S3, offloading compute from the cluster. Option A is wrong because increasing WLM concurrency may actually slow down queries due to resource contention. Option B is wrong because adding more nodes can improve performance but may be overkill and more expensive.

Option D is wrong because compression is for storage, not query performance.

1554
Multi-Selecthard

A company runs a production Amazon RDS for PostgreSQL instance with Multi-AZ deployment. The DB instance has a large number of connections from application servers. The operations team wants to monitor the number of database connections and receive an alert when it exceeds 80% of the maximum connections. Which combination of steps should be taken to set up this monitoring? (Choose two.)

Select 2 answers
A.Set the alarm threshold to 80 and the evaluation period to 5 minutes
B.Enable Enhanced Monitoring and create a CloudWatch alarm on the 'database_connections' metric
C.Set the alarm threshold to (0.8 * max_connections) and the evaluation period to 1 minute
D.Create a CloudWatch alarm on the 'DatabaseConnections' metric for the RDS instance
E.Enable Performance Insights and create a CloudWatch alarm using the 'DBLoad' metric
AnswersC, D

This ensures the alarm triggers when connections exceed 80% of the maximum.

Why this answer

Correct answers are B and D. B: Create a CloudWatch alarm using the 'DatabaseConnections' metric. D: Set the alarm threshold to 80% of max_connections and the period to 1 minute for timely alerts.

A is wrong because RDS Performance Insights does not provide connection count metrics via CloudWatch. C is wrong because Enhanced Monitoring provides OS metrics, not DB connection counts. E is wrong because the max_connections parameter should be checked from the DB parameter group, not the alarm.

1555
Multi-Selectmedium

A company uses Amazon DynamoDB with global tables. During a regional outage, the application fails over to the secondary region. After recovery, the DBA notices that the data in the secondary region is not fully consistent with the primary. Which THREE steps should the DBA take to diagnose the issue? (Choose THREE.)

Select 3 answers
A.Verify that DynamoDB Streams is enabled on the table.
B.Disable and re-enable global tables to force resync.
C.Increase the write capacity on the secondary table.
D.Review the DynamoDB Streams error logs in CloudWatch Logs.
E.Check the ReplicationLatency metric in CloudWatch.
AnswersA, D, E

Streams are required for global tables to replicate changes.

Why this answer

Options A, C, and D are correct. Checking ReplicationLatency (A) identifies replication lag. Reviewing CloudWatch Logs for error logs (C) can reveal replication errors.

Checking DynamoDB Streams (D) ensures changes are being captured. Option B is wrong because disabling global tables is not a diagnostic step. Option E is wrong because increasing write capacity does not fix consistency issues.

1556
MCQmedium

A company is designing a new application that requires a relational database with sub-millisecond read latency for a global user base. The workload is read-heavy with occasional writes. Which database solution should they choose?

A.Amazon DynamoDB with DAX
B.Amazon RDS for MySQL with Multi-AZ
C.Amazon Aurora with Auto Scaling
D.Amazon ElastiCache for Redis
AnswerC

Aurora provides low latency (single-digit ms) and is relational; Auto Scaling handles read scaling.

Why this answer

Amazon Aurora with Auto Scaling is the correct choice because it provides a relational database (MySQL/PostgreSQL-compatible) with sub-millisecond read latency via its distributed storage layer and read replicas. The read-heavy workload benefits from Aurora's automatic scaling of read capacity, while occasional writes are efficiently handled by the cluster volume. Aurora's architecture decouples compute and storage, enabling fast failover and consistent performance for global users.

Exam trap

The trap here is that candidates may confuse DynamoDB with DAX (which offers sub-millisecond latency) as a relational database, but DynamoDB is NoSQL and does not support relational features like joins or ACID transactions across multiple tables.

How to eliminate wrong answers

Option A is wrong because Amazon DynamoDB with DAX is a NoSQL key-value/document database, not a relational database, and while DAX provides microsecond latency for reads, the question explicitly requires a relational database. Option B is wrong because Amazon RDS for MySQL with Multi-AZ provides high availability but does not achieve sub-millisecond read latency; typical RDS read latency is in the single-digit milliseconds, and Multi-AZ is for failover, not read performance. Option D is wrong because Amazon ElastiCache for Redis is an in-memory cache, not a relational database; it can accelerate reads but does not serve as the primary relational database with ACID transactions and SQL querying.

1557
MCQeasy

A startup is building a real-time chat application that requires storing messages with high write throughput and low-latency reads. The data model is simple: each message has a conversation ID, timestamp, and content. Which database design is MOST appropriate?

A.Amazon RDS for MySQL with a single table and indexes on conversation_id and timestamp
B.Amazon Timestream to store messages as time-series data
C.Amazon Redshift with columnar storage and compression
D.Amazon DynamoDB with conversation_id as partition key and timestamp as sort key
AnswerD

This model supports high write throughput and efficient queries by conversation.

Why this answer

Option C is correct because DynamoDB is a NoSQL database that can handle high write throughput and low-latency reads with a simple key-value model. Option A is wrong because RDS may struggle with high write throughput. Option B is wrong because Timestream is for time-series, not chat messages.

Option D is wrong because Redshift is for analytics.

1558
Multi-Selectmedium

Which THREE factors should be considered when choosing between Amazon RDS and Amazon DynamoDB for a new application? (Choose 3.)

Select 3 answers
A.Cost of storage
B.Need for encryption at rest
C.Access patterns (predictable vs. ad-hoc)
D.Scalability requirements (horizontal vs. vertical)
E.Query complexity (joins, aggregations)
AnswersC, D, E

DynamoDB suits predictable patterns; RDS for complex queries.

Why this answer

Amazon RDS is a relational database service that excels at complex queries involving joins and aggregations, while DynamoDB is a NoSQL key-value and document database optimized for predictable, high-scale access patterns. The choice between them hinges on whether the application requires relational features (RDS) or can tolerate denormalized schemas for low-latency, horizontal scaling (DynamoDB). Option C is correct because DynamoDB is designed for ad-hoc, single-key lookups and simple queries, whereas RDS supports complex, ad-hoc SQL queries with joins.

Exam trap

The trap here is that candidates often assume encryption at rest is exclusive to one service, but both RDS and DynamoDB support it via AWS KMS, making it a non-differentiating factor.

1559
Multi-Selectmedium

Which THREE factors should be considered when choosing between a native database migration tool (e.g., pg_dump) and AWS DMS for migrating a database to Amazon RDS? (Choose three.)

Select 3 answers
A.Whether the target database is in a different AWS region
B.Downtime tolerance during migration
C.Requirement for ongoing replication to keep the target in sync
D.Need to perform complex data transformations during migration
E.Total size of the database and network bandwidth
AnswersB, C, E

Native tools typically require full downtime; DMS can minimize downtime with ongoing replication.

Why this answer

Option A is correct because native tools like pg_dump require downtime for the entire export/import. Option D is correct because native tools do not support ongoing replication; DMS does. Option E is correct because native tools can be faster for full load of large databases.

Option B is wrong because DMS supports cross-region migrations. Option C is wrong because DMS supports complex transformations.

1560
MCQeasy

A company has an Amazon DynamoDB table that stores IoT sensor data. The table has a partition key of device_id and a sort key of timestamp. The team wants to efficiently retrieve the latest reading for each device. Which query pattern should be used?

A.Scan with FilterExpression to get the latest timestamp for each device
B.Query with ScanIndexForward=true and Limit=1
C.GetItem with the device_id and timestamp values
D.Query with ScanIndexForward=false and Limit=1
AnswerD

This retrieves the most recent item for a given partition key by ordering the sort key in descending order and limiting to one result.

Why this answer

Option A is correct because using the Query API with ScanIndexForward set to false and Limit 1 will return the most recent item for a given partition key. Option B is wrong because ScanIndexForward=true returns items in ascending order, which would give the oldest item first. Option C is wrong because Scan operations scan the entire table and are inefficient.

Option D is wrong because GetItem requires both partition and sort key; the sort key value is not known in advance.

1561
Multi-Selectmedium

A company runs a production Amazon RDS for PostgreSQL DB instance. The database experiences intermittent high latency during peak hours. The company's monitoring shows that CPU utilization is below 40%, memory is adequate, and network throughput is normal. The DB instance uses General Purpose SSD (gp2) storage with 3,000 Provisioned IOPS. Which TWO actions should a database specialist take to diagnose and resolve the performance issue? (Choose two.)

Select 2 answers
A.Check the Burst Balance metric in Amazon CloudWatch for the DB instance.
B.Change the storage type to Provisioned IOPS SSD (io1) with 10,000 IOPS.
C.Increase the Read IOPS by modifying the instance to a larger instance class.
D.Review the SwapUsage metric for the DB instance to check for memory pressure.
E.Monitor the Read/Write Latency metrics in CloudWatch to identify storage performance issues.
AnswersA, E

Correct: gp2 volumes accumulate burst credits; if exhausted, performance drops to baseline IOPS, causing latency.

Why this answer

Option A is correct because gp2 storage uses a credit-based burst model, and the Burst Balance metric indicates the remaining I/O credits. If the burst balance is depleted, the instance is throttled to the baseline IOPS (3,000 for this size), causing high latency despite low CPU and adequate memory. Checking this metric directly identifies whether the storage is starved for I/O credits.

Exam trap

The trap here is that candidates assume high latency must be caused by CPU or memory pressure, overlooking the gp2 burst credit mechanism that throttles I/O when credits are depleted, even when other resources appear healthy.

1562
MCQmedium

A company is experiencing increased latency on their Amazon RDS for PostgreSQL instance. The application team reports that queries are taking longer than usual. The database metrics show high CPU utilization and a spike in write operations. Which initial step should the database specialist take to diagnose the issue?

A.Enable Performance Insights on the DB instance to analyze the workload.
B.Create a read replica to offload read traffic from the primary instance.
C.Modify the DB instance to a larger instance class to handle the load.
D.Enable enhanced monitoring to get OS-level metrics of the DB instance.
AnswerA

Performance Insights provides a comprehensive view of database performance and helps pinpoint the bottleneck.

Why this answer

Enabling Performance Insights provides a detailed performance analysis and helps identify the root cause of the latency. It is the recommended first step for diagnosing database performance issues.

1563
Multi-Selecteasy

A company uses Amazon RDS for PostgreSQL for its CRM application. The application experiences intermittent spikes in read traffic. Which TWO actions can the company take to improve read scalability with minimal application changes?

Select 2 answers
A.Enable Multi-AZ deployment for automatic failover.
B.Migrate to Amazon Aurora and enable Auto Scaling.
C.Create one or more read replicas in the same region.
D.Upgrade to a larger DB instance class.
E.Enable Amazon RDS Proxy to manage database connections.
AnswersC, E

Read replicas handle read traffic without application changes.

Why this answer

Option C is correct because creating read replicas in Amazon RDS for PostgreSQL offloads read traffic from the primary DB instance, directly addressing intermittent read spikes with minimal application changes. Read replicas are asynchronous replicas that can serve read queries, and the application only needs to update its connection string to point to the replica endpoint for read operations.

Exam trap

The trap here is that candidates often confuse Multi-AZ (which provides failover but no read scaling) with read replicas, or assume that scaling up the instance class is the only way to handle read spikes, ignoring the horizontal scaling benefit of read replicas with minimal application changes.

1564
MCQmedium

A database administrator is creating an IAM policy to allow a DevOps engineer to manage production RDS instances. The policy above is attached to the engineer's IAM role. The engineer reports that they cannot create a new DB instance with the identifier 'prod-analytics'. What is the most likely reason?

A.The policy does not allow the 'rds:CreateDBInstance' action on the required resource because the resource ARN pattern is incorrect.
B.The policy does not include the 'rds:CreateDBSecurityGroup' action.
C.The engineer does not have permissions to pass an IAM role to the DB instance if one is specified.
D.The policy does not include the 'rds:CreateDBInstance' action for all regions.
AnswerC

When creating a DB instance with an IAM role, the 'iam:PassRole' permission is required. This is a common missing permission.

Why this answer

The policy grants permissions to resources matching 'prod-*', but creating a DB instance requires the 'rds:CreateDBInstance' action on the 'arn:aws:rds:us-east-1:123456789012:db:prod-*' resource. However, the CreateDBInstance API call also requires permissions on other resources such as security groups, subnets, etc. But the error is likely because the policy does not allow the action on the specific resource, but the resource ARN matches.

Actually, the most common issue is that the policy does not include 'rds:CreateDBInstance' on the 'aws:RequestTag' condition or the resource ARN pattern is incorrect. However, the policy looks correct for the resource. A common mistake is that the policy does not allow 'rds:CreateDBInstance' on the 'arn:aws:rds:us-east-1:123456789012:db:*' for creation, but the policy uses 'prod-*'.

That should work. Another possibility is that the engineer is trying to create the instance in a different region or account. But the exhibit shows the policy is for 'us-east-1'.

So the most likely reason is that the 'rds:CreateDBInstance' action requires additional permissions on other resources (like EC2 security groups) that are not granted.

1565
MCQmedium

A company is investigating a performance issue with an Amazon Aurora MySQL database. The output of the describe-db-instances command is shown. The application experiences intermittent slowdowns during write-heavy periods. Which change would MOST likely improve write performance?

A.Add an Aurora Replica to distribute read traffic and reduce load on the writer
B.Increase the provisioned IOPS to 10000
C.Change StorageType to gp2 and increase AllocatedStorage to 200 GB
D.Set StorageEncrypted to false to reduce encryption overhead
AnswerA

Adding replicas offloads reads, freeing the writer for writes.

Why this answer

Option D is correct because Aurora's write performance is tied to cluster size; adding more nodes can distribute load. Option A is wrong because Aurora uses its own storage; changing to gp2 is not applicable. Option B is wrong because disabling encryption would compromise security and may not improve performance.

Option C is wrong because Aurora MySQL does not have a provisioned IOPS setting like RDS.

1566
MCQmedium

A company uses Amazon DynamoDB with on-demand capacity. Users report increased latency during peak hours. The application uses the DynamoDB API. Which monitoring metric should be examined first to identify throttling issues?

A.ThrottledRequests
B.SuccessfulRequestLatency
C.ReadThrottleEvents
D.ConsumedWriteCapacityUnits
AnswerA

ThrottledRequests directly indicates requests that were throttled.

Why this answer

Option B is correct because ThrottledRequests indicates requests that were rejected due to exceeding capacity. Option A is wrong because ConsumedWriteCapacityUnits might be lower than expected if throttling occurs, but it does not directly show throttled requests. Option C is wrong because SuccessfulRequestLatency is a latency metric, not a throttling indicator.

Option D is wrong because ReadThrottleEvents is a CloudWatch metric for throttled reads, but it's less direct than ThrottledRequests.

1567
MCQhard

Refer to the exhibit. You run the command and get the output shown. The database is an RDS for MySQL instance. You need to connect to it from an EC2 instance in the same VPC. Which connection string should be used?

A.mysql -h mydb.123456789012.us-east-1.rds.amazonaws.com -P 3306 -u admin -p
B.psql -h mydb.123456789012.us-east-1.rds.amazonaws.com -p 5432 -U admin
C.mysql -h mydb.us-east-1.rds.amazonaws.com -P 3306 -u admin -p
D.mysql -h mydb.123456789012.us-east-1.rds.amazonaws.com -P 5432 -u admin -p
AnswerA

Correct endpoint and port.

Why this answer

Option C is correct because the endpoint address and port are shown. Option A is wrong because it uses the wrong port. Option B is wrong because it uses the wrong address.

Option D is wrong because it uses the wrong engine.

1568
MCQeasy

A database administrator is troubleshooting a slow-running query on an Amazon RDS for MySQL DB instance. Which CloudWatch metric should be monitored to determine if the query is experiencing storage I/O bottlenecks?

A.ReadLatency and WriteLatency
B.CPUUtilization
C.NetworkThroughput
D.DatabaseConnections
AnswerA

High latency indicates I/O bottlenecks.

Why this answer

Option A is correct because ReadLatency and WriteLatency indicate I/O performance. Option B is wrong because CPUUtilization measures processor usage. Option C is wrong because DatabaseConnections measures connections.

Option D is wrong because NetworkThroughput measures network traffic.

1569
MCQeasy

A company needs to encrypt data at rest for their Amazon Aurora PostgreSQL database. Which solution is the MOST secure and requires the least operational overhead?

A.Enable encryption at rest using AWS KMS when creating the Aurora cluster.
B.Use Amazon EBS encryption on the underlying volumes.
C.Encrypt the database after creation by modifying the DB instance.
D.Use client-side encryption in the application.
AnswerA

This is the recommended approach with minimal overhead.

Why this answer

Enabling encryption at rest using AWS KMS during database creation is the simplest and most secure approach. Option A is correct. Option B is wrong because encrypting after creation requires a manual snapshot and restore.

Option C is wrong because client-side encryption adds complexity. Option D is wrong because EBS encryption does not cover the database engine layer.

1570
MCQmedium

A database administrator notices that an Amazon RDS for MySQL instance's CPU utilization is consistently above 80% during peak hours. The DB instance is a db.r5.large with 16 GB memory and 500 GB gp2 storage. The application is a read-intensive web application. Which action is MOST effective to reduce CPU load without significant cost increase?

A.Increase the instance size to db.r5.xlarge
B.Create a read replica and redirect read traffic to it
C.Enable Performance Insights to identify slow queries and optimize them
D.Increase the allocated storage to 1000 GB to improve I/O performance
AnswerB

Offloads read queries, reducing CPU on the primary instance.

Why this answer

Option B is correct because creating a read replica offloads read traffic from the primary instance, reducing CPU utilization without requiring a larger instance or more storage. Option A increases cost significantly. Option C may not help if the issue is CPU, not I/O.

Option D increases storage but does not directly reduce CPU.

1571
MCQmedium

A company needs to run complex analytical queries on structured data in Amazon S3 without loading data into a database. The queries must execute quickly and support standard SQL. Which service should they use?

A.Amazon QuickSight
B.AWS Glue ETL jobs
C.Amazon Redshift Spectrum
D.Amazon Athena
AnswerD

Serverless, queries S3 directly with SQL.

Why this answer

Amazon Athena is an interactive query service that analyzes data in S3 using standard SQL. Option B (Redshift Spectrum) also works but requires a Redshift cluster. Option C (Glue ETL) is for ETL jobs.

Option D (QuickSight) is a BI tool.

1572
MCQhard

A company is migrating a 5 TB PostgreSQL database from on-premises to Amazon RDS for PostgreSQL. The database has a 24/7 uptime requirement and must be migrated with minimal downtime. The on-premises network bandwidth is 100 Mbps. The migration must be completed within 48 hours. The team has chosen to use AWS Database Migration Service (DMS) with ongoing replication from a change data capture (CDC) source. After setting up the source endpoint, target endpoint, and replication instance, the initial full load takes 30 hours. However, during the CDC phase, the target falls behind by over 2 hours and continues to lag. The replication instance is a dms.c5.large (2 vCPUs, 4 GB memory). The source database is heavily utilized with frequent updates. What should the team do to reduce the CDC lag and meet the migration deadline?

A.Increase the replication instance size to dms.c5.2xlarge.
B.Enable Multi-AZ on the replication instance for better performance.
C.Split the migration into multiple DMS tasks for parallel processing.
D.Disable ongoing replication and use a one-time full load migration.
AnswerA

More CPU and memory reduce CDC lag.

Why this answer

Option A is correct: increasing the replication instance size to dms.c5.2xlarge provides more CPU and memory, which can handle higher transaction throughput. Option B is wrong because splitting into multiple tasks adds overhead and may not help with a single source. Option C is wrong because DMS does not use Multi-AZ.

Option D is wrong because disabling ongoing replication would cause data loss.

1573
Multi-Selectmedium

A company is migrating a 1 TB Oracle database to Amazon Aurora PostgreSQL using AWS DMS. They need to ensure minimal downtime and data consistency. Which TWO actions should the company take?

Select 2 answers
A.Increase the target Aurora storage to 2 TB to avoid storage issues
B.Enable change data capture (CDC) on the source Oracle database
C.Enable data validation on the DMS task
D.Disable foreign key constraints on the target during migration
E.Use AWS Schema Conversion Tool to convert the schema
AnswersB, C

CDC captures ongoing changes to minimize downtime.

Why this answer

Option B is correct because enabling Change Data Capture (CDC) on the source Oracle database allows AWS DMS to capture ongoing changes after the full load, enabling a near-zero downtime migration by continuously replicating transactions to the target Aurora PostgreSQL. Option C is correct because enabling data validation on the DMS task ensures that the data migrated is consistent between the source and target, verifying that no data loss or corruption occurred during the migration process.

Exam trap

The trap here is that candidates often confuse the AWS Schema Conversion Tool (SCT) with DMS, thinking it is part of the migration process for minimizing downtime, when in fact SCT is used for schema assessment and conversion before migration, not for ongoing replication or consistency checks.

1574
MCQeasy

A company runs an application that requires a relational database with high availability across multiple Availability Zones. The database must automatically failover with minimal downtime. Which AWS service meets these requirements?

A.Amazon RDS for MySQL with Multi-AZ deployment.
B.Amazon DynamoDB with global tables.
C.Amazon Redshift with cross-Region snapshots.
D.Amazon RDS for MySQL with a single instance.
AnswerA

Automatic failover to standby in different AZ.

Why this answer

Amazon RDS for MySQL with Multi-AZ deployment automatically provisions and maintains a synchronous standby replica in a different Availability Zone. If the primary instance fails, Amazon RDS automatically fails over to the standby, typically within 60–120 seconds, providing high availability with minimal downtime. This meets the requirement for a relational database with automatic failover across multiple Availability Zones.

Exam trap

The trap here is that candidates may confuse DynamoDB global tables (multi-Region replication) with Multi-AZ failover, or assume that a single RDS instance with automated backups provides the same availability as Multi-AZ, but automated backups do not provide automatic failover or synchronous replication.

How to eliminate wrong answers

Option B is wrong because Amazon DynamoDB is a NoSQL key-value and document database, not a relational database, and global tables provide multi-Region replication, not the Multi-AZ failover required. Option C is wrong because Amazon Redshift is a data warehouse, not a transactional relational database, and cross-Region snapshots are manual or scheduled backups, not automatic failover. Option D is wrong because a single-instance Amazon RDS for MySQL deployment does not provide Multi-AZ redundancy or automatic failover; it runs in a single Availability Zone and requires manual recovery if the instance fails.

1575
MCQmedium

A company uses Amazon CloudWatch to monitor an RDS for Oracle instance. They want to receive an alert when the database connection count exceeds 90% of the maximum connections. Which CloudWatch metric should be used to create the alarm?

A.ActiveTransactions
B.DatabaseConnections
C.ReadIOPS
D.NetworkThroughput
AnswerB

Correct. This metric directly reflects the number of connections.

Why this answer

Option A is correct because DatabaseConnections tracks the number of client connections. Option B is wrong because ActiveTransactions measures transactions. Option C is wrong because NetworkThroughput measures network traffic.

Option D is wrong because ReadIOPS measures disk I/O.

Page 20

Page 21 of 24

Page 22