Amazon Exam DVA-C02 Topic 7 Question 32 Discussion

Actual exam question for Amazon's DVA-C02 exam

Question #: 32
Topic #: 7

An application is using Amazon Cognito user pools and identity pools for secure access. A developer wants to integrate the user-specific file upload and download features in the application with Amazon S3. The developer must ensure that the files are saved and retrieved in a secure manner and that users can access only their own files. The file sizes range from 3 KB to 300 MB.

Which option will meet these requirements with the HIGHEST level of security?

AUse S3 Event Notifications to validate the file upload and download requests and update the user interface (UI).

BSave the details of the uploaded files in a separate Amazon DynamoDB table. Filter the list of files in the user interface (UI) by comparing the current user ID with the user ID associated with the file in the table.

CUse Amazon API Gateway and an AWS Lambda function to upload and download files. Validate each request in the Lambda function before performing the requested operation.

DUse an IAM policy within the Amazon Cognito identity prefix to restrict users to use their own folders in Amazon S3.

Show Suggested Answer

Suggested Answer: B

Global Secondary Index (GSI):GSIs enable alternative query patterns on a DynamoDB table by using different partition and sort keys.

Addressing Query Bottleneck:By making the slow-query attribute the GSI's partition key, you optimize queries on that attribute.

Scalability:GSIs automatically scale to handle increasing data volumes.

Amazon DynamoDB Global Secondary Indexes:https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html

by Devon at Jul 15, 2024, 05:52 AM

Limited Time Offer

25%

Off

Get Premium DVA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Rossana

10 hours ago

Option A? What is this, amateur hour? S3 Event Notifications to validate file uploads and downloads? That's like using a butter knife to defuse a bomb. Go big or go home, people!

upvoted 0 times

...

Markus

2 days ago

I'm gonna have to go with option C on this one. Leveraging the power of Lambda to validate the requests is a brilliant idea. Plus, API Gateway will make the integration with S3 a breeze. *whistles* This is the way to secure those files, my dudes.

upvoted 0 times

...

Izetta

6 days ago

Hmm, option D sounds interesting. Using the IAM policy within the Cognito identity prefix could be a neat way to handle the file access control. But I'm curious how well it would scale for large file sizes and high volumes of requests.

upvoted 0 times

...

Blondell

7 days ago

I'm not too sure about option B. Storing the file details in a separate DynamoDB table feels a bit convoluted. I think the direct integration with S3 through a Lambda function is a cleaner and more secure solution.

upvoted 0 times

...

Desirae

12 days ago

Option C looks like the way to go. Validating each request in the Lambda function adds an extra layer of security, and using API Gateway to handle the uploads and downloads seems like a smart approach.

upvoted 0 times

...