Amazon Web Services DVA-C02 Exam With Confidence Using Practice Dumps

Browsers enforce the Same-Origin Policy, which restricts web pages from requesting resources (like JavaScript files, fonts, and other assets) from a different domain/origin unless the target explicitly allows it. When the developer moved shared JavaScript and web fonts into a separate “central” S3 bucket, the applications likely began fetching these assets from a different origin than the app’s primary origin (for example, different domain, subdomain, or CloudFront distribution). As a result, the browser blocks those requests unless the response includes the appropriate CORS headers.

AWS documentation for Amazon S3 explains that to allow cross-origin requests from browsers, you must configure Cross-Origin Resource Sharing (CORS) on the S3 bucket that serves the resources. A CORS configuration defines allowed origins, methods (such as GET), and headers. For fonts in particular, browsers are strict and commonly require CORS headers to load fonts across origins.

Option C directly addresses this by adding a CORS policy to the central bucket, allowing the subsidiary application origins to retrieve JS and font files without being blocked.

Option B (bucket policy) controls authorization at the AWS request level, but it does not instruct browsers to allow cross-origin access. Even if the request is authorized, the browser can still block it if CORS headers are missing.

Option A (access points) is also about access management and does not solve browser CORS enforcement.

Option D (Content-MD5) is for integrity checking and is unrelated to cross-origin browser blocking.

The base table’s primary key is UserID, which means efficient Query operations on the table natively require specifying UserID (partition key equality). The required access pattern, however, is to retrieve many users for a given Location and then filter/sort by RegistrationDate (users who registered after a given date). Because Location is not part of the table’s primary key, the efficient DynamoDB approach is to create an index that supports this access pattern.

A global secondary index (GSI) can have a different partition key and sort key than the base table. By creating a GSI with Location as the partition key and RegistrationDate as the sort key, the application can use the Query operation to fetch all users in a specific location (Location = :loc) and apply a sort key condition such as RegistrationDate > :date (or BETWEEN), which is efficient and avoids a full-table scan. This design is the canonical pattern for optimizing DynamoDB queries: model the table and indexes around known access patterns so the application can use Query instead of Scan.

Option C (LSI) is not valid for this requirement because an LSI must use the same partition key as the base table (UserID). Since the access pattern is by Location, an LSI cannot make Location the partition key. Option B (Scan + filter) is inefficient at scale because Scan reads every item (or every item in the scanned segments) and then filters results, consuming read capacity and increasing latency. Option D (BatchGetItem) requires the caller to already know the primary keys of the items to retrieve; it cannot discover “all users in a location after a date” and does not support filtering in the way Query on an index does.

Therefore, A is the correct and most efficient solution: a GSI on (Location, RegistrationDate) and Query with a date range condition.