1. A Developer has been asked to make changes to the source code of an AWS Lambda function. The function is managed using an AWS CloudFormation template. The template is configured to load the source code from an Amazon S3 bucket. The Developer manually created a .ZIP file deployment package containing the changes and put the file into the correct location on Amazon S3. When the function is invoked, the code changes have not been applied. What step is required to update the function with the changes?

A) Delete the .ZIP file on S3, and re-upload by using a different object key name.
B) Modify the execution role of the Lambda function to allow S3 access permission to the deployment package .ZIP file.
C) Ensure that the function source code is base64-encoded before uploading the deployment package to S3.
D) Update the CloudFormation stack with the correct values for the function code properties



2. An application on AWS is using third-party APIs. The Developer needs to monitor API errors in the code, and wants to receive notifications if failures go above a set threshold value. How can the Developer achieve these requirements?

A) Use an Amazon CloudWatch API-error metric and use Amazon SES for notification.
B) Publish a custom metric on Amazon CloudWatch and use Amazon SES for notification.
C) Use an Amazon CloudWatch API-error metric and use Amazon SNS for notification.
D) Publish a custom metric on Amazon CloudWatch and use Amazon SNS for notification.



3. A development team is using AWS Elastic Beanstalk to deploy a two-tier application that consists of a load-balanced web tier and an Amazon RDS database tier in production. The team would like to separate the RDS instance from the Elastic Beanstalk. How can this be accomplished?

A) Change the deployment policy to disassociate the database.
B) Use the AWS CLI to disassociate the database.
C) Use the Elastic Beanstalk CLI to disassociate the database.
D) Recreate a new Elastic Beanstalk environment without Amazon RDS.



4. An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C. What is the MOST secure way to allow the application to call AWS services in each audited account?

A) Deploy an application in each audited account with its own role. Have Account A authenticate with the application
B) Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys
C) Configure cross-account roles in each audited account. Write code in Account a that assumes those roles
D) Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions



5. A company is providing services to many downstream consumers. Each consumer may connect to one or more services. This has resulted in a complex architecture that is difficult to manage and does not scale well. The company needs a single interface to manage these services to consumers. Which AWS service should be used to refactor this architecture?

A) AWS Lambda
B) Amazon SQS
C) AWS X-Ray
D) Amazon API Gateway