AWS Certified Developer - Associate (DVA-C02) #15 Full-Scale Multiple-Choice Mock Exam — 50 Questions + Explanations

18 min read

This is the step that checks whether everything from #1 through #14 is locked into your head. You solve 50 questions at the same domain weights as the real exam.

How to Take It #

  • Solve within 90–100 minutes (the real exam is 65 questions/130 minutes, but this mock exam is based on 50 questions).
  • Don’t check each explanation immediately; solve all the way through, then score.
  • Getting 36 or more (72%) puts you safely in the passing range.
  • If a domain looks weak, go back to its post and review it.

Domain Distribution #

DomainQuestionsRange
Domain 1 — Development (32%)16Q1 ~ Q16
Domain 2 — Security (26%)13Q17 ~ Q29
Domain 3 — Deployment (24%)12Q30 ~ Q41
Domain 4 — Troubleshooting and Optimization (18%)9Q42 ~ Q50

Domain 1 — Development with AWS Services #

Q1. A Lambda invoked synchronously by API Gateway threw an error. What is Lambda’s retry behavior?
Q2. A Lambda invoked asynchronously by an S3 event failed even after all retries. How do you avoid losing the event?
Q3. The response to a Lambda function’s first invocation is slow (cold start). What is the most appropriate way to reduce the latency?
Q4. One Lambda function consumes the entire account concurrency, throttling other functions. How do you isolate it?
Q5. Cost and latency matter most, and you only need a simple Lambda proxy backend. Which API Gateway is appropriate?
Q6. You want to set a monthly API-call quota per customer tier. Which is appropriate?
Q7. Calling a proxy-integrated Lambda makes API Gateway return 502 Bad Gateway. What’s the cause?
Q8. You need to frequently query a DynamoDB table by an attribute that isn’t the partition key. The table is already in production. Which is appropriate?
Q9. Two clients modify the same DynamoDB item simultaneously, causing an overwrite conflict. How do you prevent it?
Q10. You want to create the item only once even if a request comes in twice with the same order ID. Which is appropriate?
Q11. You want to attach follow-up processing that automatically sends a notification when a new item is added to DynamoDB. Which is appropriate?
Q12. Orders must be processed in the order received, without duplicates, exactly once. Which is appropriate?
Q13. One order event must be processed independently and durably by the payment,notification,analytics systems. Which is appropriate?
Q14. You want to trigger a Lambda that runs a cleanup job at midnight every day. Which is appropriate?
Q15. You called a list API and only part of the results came back. What’s the most likely cause?
Q16. You want the browser to upload a large file directly to S3 without going through a server, while not distributing AWS keys to the client. Which is appropriate?

Domain 2 — Security #

Q17. After a mobile app user logs in, you must issue temporary AWS credentials so they can upload directly to S3. Which is appropriate?
Q18. A web app needs sign-up,login,JWT issuance. Which is appropriate?
Q19. An application running on EC2 needs to access S3. What is the most secure method?
Q20. You must periodically and automatically rotate RDS database credentials. Which is appropriate?
Q21. You want to store and retrieve application configuration values in hierarchical paths at no cost. Which is appropriate?
Q22. You must be able to audit who decrypted an S3 object and when. Which encryption is appropriate?
Q23. You want to encrypt data several GB in size with a KMS key. What’s the correct approach?
Q24. You must control a resource in another account from code. Which method is appropriate?
Q25. A Lambda function must write to a DynamoDB table. What’s the correct way to grant permission?
Q26. Multiple policies apply, and one of them has an explicit Deny. What is the final result?
Q27. At API Gateway, you must validate a third-party OAuth token with your own logic to control access. Which is appropriate?
Q28. With temporary credentials from an Identity Pool, you want each user to access only their own S3 prefix. Which is appropriate?
Q29. You want to issue and manage TLS certificates to protect data in transit. Which is appropriate?

Domain 3 — Deployment #

Q30. Which tool handles the stage that compiles and tests the source to produce a deployment artifact?
Q31. Which file defines the build phase’s commands and phases (install/pre_build/build/post_build)?
Q32. You want to pause the pipeline so a human reviews and approves before production deployment. Which is appropriate?
Q33. You want to define and deploy a serverless application (Lambda + API Gateway + DynamoDB) with little code. Which is appropriate?
Q34. You want to preview which resources will change and how before updating a CloudFormation stack. Which is appropriate?
Q35. You want to preserve the RDS database even when deleting a CloudFormation stack. Which is appropriate?
Q36. You want to run and debug Lambda in a local environment. Which is appropriate?
Q37. You want to deploy a web application quickly without worrying about infrastructure management (EC2,ELB,ASG auto-configured). Which is appropriate?
Q38. You must be able to revert to the previous version immediately on a deployment failure, with no downtime. Which deployment method is appropriate?
Q39. You want to send a new Lambda version to only 10% of traffic at first, then expand to all if there’s no problem. Which is appropriate?
Q40. After deploying a new version, you want to automatically revert to the previous version if the error rate crosses a threshold. Which is appropriate?
Q41. You want to securely host,share internal npm,pip dependency packages and cache external repositories. Which is appropriate?

Domain 4 — Troubleshooting and Optimization #

Q42. You want to find the bottleneck — where a request passing through several microservices slows down. Which is appropriate?
Q43. You want to monitor an EC2 instance’s memory utilization in CloudWatch. Which is appropriate?
Q44. In serverless, you want to generate custom metrics from logs alone without API-call cost. Which is appropriate?
Q45. You must trace who deleted a specific S3 bucket. Which is appropriate?
Q46. A Lambda function is slow on a CPU-bound task. If you can’t set CPU directly, what’s the appropriate action?
Q47. A task behind API Gateway takes more than 30 seconds, causing a 504 Gateway Timeout. What’s the appropriate fix?
Q48. ProvisionedThroughputExceededException frequently occurs on a provisioned DynamoDB table. Which is NOT an appropriate response?
Q49. You want to lower DynamoDB read responses to the microsecond level. Which is appropriate?
Q50. What is the client’s correct retry method for throttling (429/ThrottlingException)?

Scoring and wrap-up #

Total Score
Correct 0 / 0
Answered 0 / 0

36 questions (72%) or more puts you safely in the passing range. For the ones you missed, don’t just memorize the answer; review until you can explain “what the constraint keyword was and why that choice is optimal” using the criteria from #14. In particular, nail the frequently confused pairs to the end (User Pool vs Identity Pool, Secrets Manager vs Parameter Store, SQS vs SNS vs EventBridge, 502 vs 504).

Closing the Series #

Starting from #1 Exam Introduction, we went once around the four domains — development (32%) → security (26%) → deployment (24%) → troubleshooting and optimization (18%) — and wrapped up with exam strategy and a mock exam. If you remember that DVA-C02 asks not for rote memorization but for how you handle, deploy, and debug AWS services with code, you won’t be shaken even by a scenario you’ve never seen.

After passing DVA-C02, you can move on to the operations-focused SysOps Administrator Associate (SOA-C02), or to the Solutions Architect Associate (SAA-C03) which goes deeper into design. If you want more hands-on practice, going back to the 27-post AWS hands-on track and actually running things on the console and in code is also good review. Best of luck on your exam.

X