Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon DVA-C02 Exam - Topic 7 Question 32 Discussion

An application is using Amazon Cognito user pools and identity pools for secure access. A developer wants to integrate the user-specific file upload and download features in the application with Amazon S3. The developer must ensure that the files are saved and retrieved in a secure manner and that users can access only their own files. The file sizes range from 3 KB to 300 MB.Which option will meet these requirements with the HIGHEST level of security?
B) Save the details of the uploaded files in a separate Amazon DynamoDB table. Filter the list of files in the user interface (UI) by comparing the current user ID with the user ID associated with the file in the table.
A) Use S3 Event Notifications to validate the file upload and download requests and update the user interface (UI).
C) Use Amazon API Gateway and an AWS Lambda function to upload and download files. Validate each request in the Lambda function before performing the requested operation.
D) Use an IAM policy within the Amazon Cognito identity prefix to restrict users to use their own folders in Amazon S3.

Amazon DVA-C02 Exam - Topic 7 Question 32 Discussion

Actual exam question for Amazon's DVA-C02 exam
Question #: 32
Topic #: 7
[All DVA-C02 Questions]

An application is using Amazon Cognito user pools and identity pools for secure access. A developer wants to integrate the user-specific file upload and download features in the application with Amazon S3. The developer must ensure that the files are saved and retrieved in a secure manner and that users can access only their own files. The file sizes range from 3 KB to 300 MB.

Which option will meet these requirements with the HIGHEST level of security?

Show Suggested Answer Hide Answer
Suggested Answer: B

Global Secondary Index (GSI):GSIs enable alternative query patterns on a DynamoDB table by using different partition and sort keys.

Addressing Query Bottleneck:By making the slow-query attribute the GSI's partition key, you optimize queries on that attribute.

Scalability:GSIs automatically scale to handle increasing data volumes.


Amazon DynamoDB Global Secondary Indexes:https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html

by Devon at Jul 15, 2024, 05:52 AM

Limited Time Offer

25%

Off

Get Premium DVA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Cecilia
6 months ago
Not sure about B, using DynamoDB feels like an extra step for this.
upvoted 0 times
...
Lashon
6 months ago
I think option C is solid too, Lambda adds a nice layer of validation.
upvoted 0 times
...
Deandrea
7 months ago
Wait, can you really restrict S3 access that way? Sounds too good to be true!
upvoted 0 times
...
Tasia
7 months ago
I agree, IAM policies are super effective for access control.
upvoted 0 times
...
Rebbecca
7 months ago
Option D seems like the best choice for security!
upvoted 0 times
...
Alaine
7 months ago
I vaguely recall that S3 Event Notifications (option A) are more about triggering actions rather than securing access, so I'm leaning towards option D for the highest security level.
upvoted 0 times
...
Velda
7 months ago
I practiced a similar question where we had to manage user permissions, and I feel like option B might not be the most secure since it relies on filtering in the UI.
upvoted 0 times
...
Peggie
8 months ago
I'm not entirely sure, but I think using API Gateway with Lambda (option C) could add an extra layer of validation for uploads and downloads.
upvoted 0 times
...
Jesse
8 months ago
I remember discussing how IAM policies can help restrict access to specific resources, so option D seems like a strong candidate for security.
upvoted 0 times
...
Sheron
8 months ago
Option B with the DynamoDB table seems like a good way to track the file details, but I'm not sure if it's the most secure option compared to the others. I'll need to think through the pros and cons of each approach.
upvoted 0 times
...
Elmira
8 months ago
Based on the details provided, I think Option C is the best choice. Validating each request in the Lambda function before performing the operation seems like the most secure approach.
upvoted 0 times
...
Casie
8 months ago
I'm a bit confused by the different options. Option C with API Gateway and Lambda sounds interesting, but I'm not sure how it compares to the other options in terms of security.
upvoted 0 times
...
Erin
8 months ago
This seems like a tricky question, but I think the key is to focus on the security requirements. Option D looks promising since it uses IAM policies to restrict access to user-specific folders in S3.
upvoted 0 times
...
Truman
8 months ago
I'm a little confused by the wording of this question. What exactly are they looking for in terms of "suitable" suppliers? I'll need to think about that a bit more before making my selections.
upvoted 0 times
...
Aaron
8 months ago
Hmm, I'm a bit confused on this one. I'm not sure if a VPN gateway or a service endpoint would also work for this scenario. I'll need to review the requirements again carefully.
upvoted 0 times
...
Rossana
1 year ago
Option A? What is this, amateur hour? S3 Event Notifications to validate file uploads and downloads? That's like using a butter knife to defuse a bomb. Go big or go home, people!
upvoted 0 times
Justine
12 months ago
D) Use an IAM policy within the Amazon Cognito identity prefix to restrict users to use their own folders in Amazon S3.
upvoted 0 times
...
Joye
1 year ago
C) Use Amazon API Gateway and an AWS Lambda function to upload and download files. Validate each request in the Lambda function before performing the requested operation.
upvoted 0 times
...
Diane
1 year ago
B) Save the details of the uploaded files in a separate Amazon DynamoDB table. Filter the list of files in the user interface (UI) by comparing the current user ID with the user ID associated with the file in the table.
upvoted 0 times
...
...
Markus
1 year ago
I'm gonna have to go with option C on this one. Leveraging the power of Lambda to validate the requests is a brilliant idea. Plus, API Gateway will make the integration with S3 a breeze. *whistles* This is the way to secure those files, my dudes.
upvoted 0 times
Daren
12 months ago
Definitely, leveraging Lambda for validation and using API Gateway for integration sounds like a secure approach.
upvoted 0 times
...
Cheryl
12 months ago
I agree, it's important to validate each request before performing any operation on the files.
upvoted 0 times
...
Dominque
1 year ago
Yeah, using API Gateway with Lambda seems like a solid choice for securing the file uploads and downloads.
upvoted 0 times
...
Jina
1 year ago
Option C sounds like the way to go. Lambda can really help validate those requests.
upvoted 0 times
...
...
Izetta
1 year ago
Hmm, option D sounds interesting. Using the IAM policy within the Cognito identity prefix could be a neat way to handle the file access control. But I'm curious how well it would scale for large file sizes and high volumes of requests.
upvoted 0 times
...
Blondell
1 year ago
I'm not too sure about option B. Storing the file details in a separate DynamoDB table feels a bit convoluted. I think the direct integration with S3 through a Lambda function is a cleaner and more secure solution.
upvoted 0 times
...
Desirae
1 year ago
Option C looks like the way to go. Validating each request in the Lambda function adds an extra layer of security, and using API Gateway to handle the uploads and downloads seems like a smart approach.
upvoted 0 times
Clarinda
1 year ago
I agree, using API Gateway and Lambda for file operations ensures that each request is validated before any action is taken. It's definitely a secure way to handle user-specific file uploads and downloads.
upvoted 0 times
...
Jean
1 year ago
Option C looks like the way to go. Validating each request in the Lambda function adds an extra layer of security, and using API Gateway to handle the uploads and downloads seems like a smart approach.
upvoted 0 times
...
...
Caitlin
1 year ago
I'm not sure, but option C also sounds secure with API Gateway and Lambda function validation.
upvoted 0 times
...
Murray
1 year ago
I agree with Rodrigo. Option D seems to provide the highest level of security by restricting access to user-specific folders.
upvoted 0 times
...
Rodrigo
1 year ago
I think option D is the best choice because it restricts users to their own folders in S3.
upvoted 0 times
...

Save Cancel