AWS Certified Developer – Associate
Practice Exam Questions And Correct
Answers (Verified Answers) Plus
Rationales 2025/2026 Q& A
1. Which AWS service allows developers to run code without provisioning or
managing servers?
A. EC2
B. ECS
C. Lambda
D. Elastic Beanstalk
AWS Lambda is a serverless compute service that runs code in response to
events without requiring server management.
2. Which database is best suited for a key-value store with microsecond
latency?
A. Amazon RDS
B. Amazon DynamoDB
C. Amazon Redshift
D. Amazon Aurora
DynamoDB is AWS’s NoSQL key-value database optimized for low-latency
access.
3. Which AWS service is ideal for storing static website content?
A. Amazon EC2
B. Amazon S3
C. Amazon RDS
D. Amazon EBS
S3 provides highly available object storage perfect for static websites.
,4. How can a Lambda function access an S3 bucket securely?
A. Using IAM user credentials
B. Using an IAM role assigned to the Lambda function
C. Hardcoding access keys in the function
D. Using S3 pre-signed URLs
Assigning an IAM role to Lambda grants temporary credentials for secure
access.
5. Which API Gateway feature helps protect against traffic spikes?
A. Caching
B. Throttling
C. Stages
D. Authorization
Throttling limits the number of requests to protect back-end systems.
6. What does Amazon CloudWatch Logs primarily monitor?
A. Cost optimization
B. Application and system log data
C. Network topology
D. VPC peering
CloudWatch Logs collects and stores application/system log data for analysis.
7. Which of the following services supports Infrastructure as Code (IaC)?
A. AWS Config
B. AWS Systems Manager
C. AWS CloudFormation
D. AWS CloudTrail
CloudFormation automates resource provisioning using templates.
8. Which service is best for asynchronous message queuing?
, A. SNS
B. SQS
C. Step Functions
D. Kinesis
SQS provides fully managed message queues for decoupled communication.
9. To manage application secrets securely, a developer should use:
A. AWS Config
B. AWS KMS directly
C. AWS Secrets Manager
D. AWS CloudTrail
Secrets Manager securely stores and rotates API keys, passwords, and tokens.
10. Which AWS SDK component is responsible for request signing?
A. Serializer
B. Marshaller
C. AWS Signature Version 4
D. SDK Config
Signature Version 4 signs requests to authenticate them securely.
11. How can a Lambda function be triggered when a new S3 object is
uploaded?
A. CloudFormation stack
B. SNS topic
C. S3 event notification
D. CloudWatch alarm
S3 can invoke Lambda functions automatically when specific events occur.
12. Which AWS service provides continuous delivery and deployment?
A. CodeCommit
B. CodeDeploy
C. CodeBuild
Practice Exam Questions And Correct
Answers (Verified Answers) Plus
Rationales 2025/2026 Q& A
1. Which AWS service allows developers to run code without provisioning or
managing servers?
A. EC2
B. ECS
C. Lambda
D. Elastic Beanstalk
AWS Lambda is a serverless compute service that runs code in response to
events without requiring server management.
2. Which database is best suited for a key-value store with microsecond
latency?
A. Amazon RDS
B. Amazon DynamoDB
C. Amazon Redshift
D. Amazon Aurora
DynamoDB is AWS’s NoSQL key-value database optimized for low-latency
access.
3. Which AWS service is ideal for storing static website content?
A. Amazon EC2
B. Amazon S3
C. Amazon RDS
D. Amazon EBS
S3 provides highly available object storage perfect for static websites.
,4. How can a Lambda function access an S3 bucket securely?
A. Using IAM user credentials
B. Using an IAM role assigned to the Lambda function
C. Hardcoding access keys in the function
D. Using S3 pre-signed URLs
Assigning an IAM role to Lambda grants temporary credentials for secure
access.
5. Which API Gateway feature helps protect against traffic spikes?
A. Caching
B. Throttling
C. Stages
D. Authorization
Throttling limits the number of requests to protect back-end systems.
6. What does Amazon CloudWatch Logs primarily monitor?
A. Cost optimization
B. Application and system log data
C. Network topology
D. VPC peering
CloudWatch Logs collects and stores application/system log data for analysis.
7. Which of the following services supports Infrastructure as Code (IaC)?
A. AWS Config
B. AWS Systems Manager
C. AWS CloudFormation
D. AWS CloudTrail
CloudFormation automates resource provisioning using templates.
8. Which service is best for asynchronous message queuing?
, A. SNS
B. SQS
C. Step Functions
D. Kinesis
SQS provides fully managed message queues for decoupled communication.
9. To manage application secrets securely, a developer should use:
A. AWS Config
B. AWS KMS directly
C. AWS Secrets Manager
D. AWS CloudTrail
Secrets Manager securely stores and rotates API keys, passwords, and tokens.
10. Which AWS SDK component is responsible for request signing?
A. Serializer
B. Marshaller
C. AWS Signature Version 4
D. SDK Config
Signature Version 4 signs requests to authenticate them securely.
11. How can a Lambda function be triggered when a new S3 object is
uploaded?
A. CloudFormation stack
B. SNS topic
C. S3 event notification
D. CloudWatch alarm
S3 can invoke Lambda functions automatically when specific events occur.
12. Which AWS service provides continuous delivery and deployment?
A. CodeCommit
B. CodeDeploy
C. CodeBuild
