CLF-C02 Part 1
Question #: 1
Topic #: 1
A company plans to use an Amazon Snowball Edge device to transfer files to the AWS Cloud.
Which activities related to a Snowball Edge device are available to the company at no cost?
A. Use of the Snowball Edge appliance for a 10-day period
B. The transfer of data out of Amazon S3 and to the Snowball Edge appliance
C. The transfer of data from the Snowball Edge appliance into Amazon S3
D. Daily use of the Snowball Edge appliance after 10 days
Question #: 2
Topic #: 1
A company has deployed applications on Amazon EC2 instances. The company needs to assess application vulnerabilities and must identify infrastructure deployments that do not meet best practices.
Which AWS service can the company use to meet these requirements?
A. AWS Trusted Advisor
B. Amazon Inspector
C. AWS Config
D. Amazon GuardDuty
Question #: 3
Topic #: 1
A company has a centralized group of users with large file storage requirements that have exceeded the space available on premises. The company wants to extend its file storage capabilities for this group while retaining the performance benefit of sharing content locally.
What is the MOST operationally efficient AWS solution for this scenario?
A. Create an Amazon S3 bucket for each user. Mount each bucket by using an S3 file system mounting utility.
B. Configure and deploy an AWS Storage Gateway file gateway. Connect each user’s workstation to the file gateway.
C. Move each user’s working environment to Amazon WorkSpaces. Set up an Amazon WorkDocs account for each user.
D. Deploy an Amazon EC2 instance and attach an Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS volume. Share the EBS volume directly with the users.
Question #: 4
Topic #: 1
According to security best practices, how should an Amazon EC2 instance be given access to an Amazon S3 bucket?
A. Hard code an IAM user’s secret key and access key directly in the application, and upload the file.
B. Store the IAM user’s secret key and access key in a text file on the EC2 instance, read the keys, then upload the file.
C. Have the EC2 instance assume a role to obtain the privileges to upload the file.
D. Modify the S3 bucket policy so that any service can upload to it at any time.
Question #: 5
Topic #: 1
Which option is a customer responsibility when using Amazon DynamoDB under the AWS Shared Responsibility Model?
A. Physical security of DynamoDB
B. Patching of DynamoDB
C. Access to DynamoDB tables
D. Encryption of data at rest in DynamoDB
Question #: 6
Topic #: 1
Which option is a perspective that includes foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)?
A. Sustainability
B. Performance efficiency
C. Governance
D. Reliability
Question #: 7
Topic #: 1
A company is running and managing its own Docker environment on Amazon EC2 instances. The company wants an alternative to help manage cluster size, scheduling, and environment maintenance.
Which AWS service meets these requirements?
A. AWS Lambda
B. Amazon RDS
C. AWS Fargate
D. Amazon Athena
Question #: 8
Topic #: 1
A company wants to run a NoSQL database on Amazon EC2 instances.
Which task is the responsibility of AWS in this scenario?
A. Update the guest operating system of the EC2 instances.
B. Maintain high availability at the database layer.
C. Patch the physical infrastructure that hosts the EC2 instances.
D. Configure the security group firewall.
Question #: 9
Topic #: 1
Which AWS services or tools can identify rightsizing opportunities for Amazon EC2 instances? (Choose two.)
A. AWS Cost Explorer
B. AWS Billing Conductor
C. Amazon CodeGuru
D. Amazon SageMaker
E. AWS Compute Optimizer
Question #: 10
Topic #: 1
Which of the following are benefits of using AWS Trusted Advisor? (Choose two.)
A. Providing high-performance container orchestration
B. Creating and rotating encryption keys
C. Detecting underutilized resources to save costs
D. Improving security by proactively monitoring the AWS environment
E. Implementing enforced tagging across AWS resources
Question #: 11
Topic #: 1
Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud?
A. Elimination of expenses for running and maintaining data centers
B. Price discounts that are identical to discounts from hardware providers
C. Distribution of all operational controls to AWS
D. Elimination of operational expenses
Question #: 12
Topic #: 1
A company wants to manage deployed IT services and govern its infrastructure as code (IaC) templates.
Which AWS service will meet this requirement?
A. AWS Resource Explorer
B. AWS Service Catalog
C. AWS Organizations
D. AWS Systems Manager
Question #: 13
Topic #: 1
Which AWS service or tool helps users visualize, understand, and manage spending and usage over time?
A. AWS Organizations
B. AWS Pricing Calculator
C. AWS Cost Explorer
D. AWS Service Catalog
Question #: 14
Topic #: 1
A company is using a central data platform to manage multiple types of data for its customers. The company wants to use AWS services to discover, transform, and visualize the data.
Which combination of AWS services should the company use to meet these requirements? (Choose two.)
A. AWS Glue
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Redshift
D. Amazon QuickSight
E. Amazon Quantum Ledger Database (Amazon QLDB)
Question #: 15
Topic #: 1
A global company wants to migrate its third-party applications to the AWS Cloud. The company wants help from a global team of experts to complete the migration faster and more reliably in accordance with AWS internal best practices.
Which AWS service or resource will meet these requirements?
A. AWS Support
B. AWS Professional Services
C. AWS Launch Wizard
D. AWS Managed Services (AMS)
Question #: 16
Topic #: 1
An e-learning platform needs to run an application for 2 months each year. The application will be deployed on Amazon EC2 instances. Any application downtime during those 2 months must be avoided.
Which EC2 purchasing option will meet these requirements MOST cost-effectively?
A. Reserved Instances
B. Dedicated Hosts
C. Spot Instances
D. On-Demand Instances
Question #: 17
Topic #: 1
A developer wants to deploy an application quickly on AWS without manually creating the required resources.
Which AWS service will meet these requirements?
A. Amazon EC2
B. AWS Elastic Beanstalk
C. AWS CodeBuild
D. Amazon Personalize
Question #: 18
Topic #: 1
A company is storing sensitive customer data in an Amazon S3 bucket. The company wants to protect the data from accidental deletion or overwriting.
Which S3 feature should the company use to meet these requirements?
A. S3 Lifecycle rules
B. S3 Versioning
C. S3 bucket policies
D. S3 server-side encryption
Question #: 19
Topic #: 1
Which AWS service provides the ability to manage infrastructure as code?
A. AWS CodePipeline
B. AWS CodeDeploy
C. AWS Direct Connect
D. AWS CloudFormation
Question #: 20
Topic #: 1
An online gaming company needs to choose a purchasing option to run its Amazon EC2 instances for 1 year. The web traffic is consistent, and any increases in traffic are predictable. The EC2 instances must be online and available without any disruption.
Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Spot Fleet
Question #: 21
Topic #: 1
Which AWS service or feature allows a user to establish a dedicated network connection between a company’s on-premises data center and the AWS Cloud?
A. AWS Direct Connect
B. VPC peering
C. AWS VPN
D. Amazon Route 53
Question #: 22
Topic #: 1
Which option is a physical location of the AWS global infrastructure?
A. AWS DataSync
B. AWS Region
C. Amazon Connect
D. AWS Organizations
Question #: 23
Topic #: 1
A company wants to protect its AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks.
Which pillar of the AWS Well-Architected Framework is supported by these goals?
A. Reliability
B. Security
C. Operational excellence
D. Performance efficiency
Question #: 24
Topic #: 1
What is the purpose of having an internet gateway within a VPC?
A. To create a VPN connection to the VPC
B. To allow communication between the VPC and the internet
C. To impose bandwidth constraints on internet traffic
D. To load balance traffic from the internet across Amazon EC2 instances
Question #: 25
Topic #: 1
A company is running a monolithic on-premises application that does not scale and is difficult to maintain. The company has a plan to migrate the application to AWS and divide the application into microservices.
Which best practice of the AWS Well-Architected Framework is the company following with this plan?
A. Integrate functional testing as part of AWS deployment.
B. Use automation to deploy changes.
C. Deploy the application to multiple locations.
D. Implement loosely coupled dependencies.
Question #: 26
Topic #: 1
A company has an AWS account. The company wants to audit its password and access key rotation details for compliance purposes.
Which AWS service or tool will meet this requirement?
A. IAM Access Analyzer
B. AWS Artifact
C. IAM credential report
D. AWS Audit Manager
Question #: 27
Topic #: 1
A company wants to receive a notification when a specific AWS cost threshold is reached.
Which AWS services or tools can the company use to meet this requirement? (Choose two.)
A. Amazon Simple Queue Service (Amazon SQS)
B. AWS Budgets
C. Cost Explorer
D. Amazon CloudWatch
E. AWS Cost and Usage Report
Question #: 28
Topic #: 1
Which AWS service or resource provides answers to the most frequently asked security-related questions that AWS receives from its users?
A. AWS Artifact
B. Amazon Connect
C. AWS Chatbot
D. AWS Knowledge Center
Question #: 29
Topic #: 1
Which tasks are customer responsibilities, according to the AWS shared responsibility model? (Choose two.)
A. Configure the AWS provided security group firewall.
B. Classify company assets in the AWS Cloud.
C. Determine which Availability Zones to use for Amazon S3 buckets.
D. Patch or upgrade Amazon DynamoDB.
E. Select Amazon EC2 instances to run AWS Lambda on.
Question #: 30
Topic #: 1
Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.)
A. Availability
B. Reliability
C. Scalability
D. Responsive design
E. Operational excellence
Question #: 31
Topic #: 1
Which AWS service or feature is used to send both text and email messages from distributed applications?
A. Amazon Simple Notification Service (Amazon SNS)
B. Amazon Simple Email Service (Amazon SES)
C. Amazon CloudWatch alerts
D. Amazon Simple Queue Service (Amazon SQS)
Question #: 32
Topic #: 1
A user needs programmatic access to AWS resources through the AWS CLI or the AWS API.
Which option will provide the user with the appropriate access?
A. Amazon Inspector
B. Access keys
C. SSH public keys
D. AWS Key Management Service (AWS KMS) keys
Question #: 33
Topic #: 1
A company runs thousands of simultaneous simulations using AWS Batch. Each simulation is stateless, is fault tolerant, and runs for up to 3 hours.
Which pricing model enables the company to optimize costs and meet these requirements?
A. Reserved Instances
B. Spot Instances
C. On-Demand Instances
D. Dedicated Instances
Question #: 34
Topic #: 1
What does the concept of agility mean in AWS Cloud computing? (Choose two.)
A. The speed at which AWS resources are implemented
B. The speed at which AWS creates new AWS Regions
C. The ability to experiment quickly
D. The elimination of wasted capacity
E. The low cost of entry into cloud computing
Question #: 35
Topic #: 1
A company needs to block SQL injection attacks.
Which AWS service or feature can meet this requirement?
A. AWS WAF
B. AWS Shield
C. Network ACLs
D. Security groups
Question #: 36
Topic #: 1
Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity?
A. AWS Service Catalog
B. AWS Systems Manager
C. AWS IAM Access Analyzer
D. AWS Organizations
Question #: 37
Topic #: 1
A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud.
How can these reports be generated?
A. Contact the AWS Compliance team.
B. Download the reports from AWS Artifact.
C. Open a case with AWS Support.
D. Generate the reports with Amazon Macie.
Question #: 38
Topic #: 1
An ecommerce company has migrated its IT infrastructure from an on-premises data center to the AWS Cloud.
Which cost is the company’s direct responsibility?
A. Cost of application software licenses
B. Cost of the hardware infrastructure on AWS
C. Cost of power for the AWS servers
D. Cost of physical security for the AWS data center
Question #: 39
Topic #: 1
A company is setting up AWS Identity and Access Management (IAM) on an AWS account.
Which recommendation complies with IAM security best practices?
A. Use the account root user access keys for administrative tasks.
B. Grant broad permissions so that all company employees can access the resources they need.
C. Turn on multi-factor authentication (MFA) for added security during the login process.
D. Avoid rotating credentials to prevent issues in production applications.
Question #: 40
Topic #: 1
Elasticity in the AWS Cloud refers to which of the following? (Choose two.)
A. How quickly an Amazon EC2 instance can be restarted
B. The ability to rightsize resources as demand shifts
C. The maximum amount of RAM an Amazon EC2 instance can use
D. The pay-as-you-go billing model
E. How easily resources can be procured when they are needed
Question #: 41
Topic #: 1
Which service enables customers to audit API calls in their AWS accounts?
A. AWS CloudTrail
B. AWS Trusted Advisor
C. Amazon Inspector
D. AWS X-Ray
Question #: 42
Topic #: 1
What is a customer responsibility when using AWS Lambda according to the AWS shared responsibility model?
A. Managing the code within the Lambda function
B. Confirming that the hardware is working in the data center
C. Patching the operating system
D. Shutting down Lambda functions when they are no longer in use
Question #: 43
Topic #: 1
A company has 5 TB of data stored in Amazon S3. The company plans to occasionally run queries on the data for analysis.
Which AWS service should the company use to run these queries in the MOST cost-effective manner?
A. Amazon Redshift
B. Amazon Athena
C. Amazon Kinesis
D. Amazon RDS
Question #: 44
Topic #: 1
Which AWS service can be used at no additional cost?
A. Amazon SageMaker
B. AWS Config
C. AWS Organizations
D. Amazon CloudWatch
Question #: 45
Topic #: 1
Which AWS Cloud Adoption Framework (AWS CAF) capability belongs to the people perspective?
A. Data architecture
B. Event management
C. Cloud fluency
D. Strategic partnership
Question #: 46
Topic #: 1
A company wants to make an upfront commitment for continued use of its production Amazon EC2 instances in exchange for a reduced overall cost.
Which pricing options meet these requirements with the LOWEST cost? (Choose two.)
A. Spot Instances
B. On-Demand Instances
C. Reserved Instances
D. Savings Plans
E. Dedicated Hosts
Question #: 47
Topic #: 1
A company wants to migrate its on-premises relational databases to the AWS Cloud. The company wants to use infrastructure as close to its current geographical location as possible.
Which AWS service or resource should the company use to select its Amazon RDS deployment area?
A. Amazon Connect
B. AWS Wavelength
C. AWS Regions
D. AWS Direct Connect
Question #: 48
Topic #: 1
A company is exploring the use of the AWS Cloud, and needs to create a cost estimate for a project before the infrastructure is provisioned.
Which AWS service or feature can be used to estimate costs before deployment?
A. AWS Free Tier
B. AWS Pricing Calculator
C. AWS Billing and Cost Management
D. AWS Cost and Usage Report
Question #: 49
Topic #: 1
A company is building an application that needs to deliver images and videos globally with minimal latency.
Which approach can the company use to accomplish this in a cost effective manner?
A. Deliver the content through Amazon CloudFront.
B. Store the content on Amazon S3 and enable S3 cross-region replication.
C. Implement a VPN across multiple AWS Regions.
D. Deliver the content through AWS PrivateLink.
Question #: 50
Topic #: 1
Which option is a benefit of the economies of scale based on the advantages of cloud computing?
A. The ability to trade variable expense for fixed expense
B. Increased speed and agility
C. Lower variable costs over fixed costs
D. Increased operational costs across data centers
Question #: 51
Topic #: 1
Which of the following is a software development framework that a company can use to define cloud resources as code and provision the resources through AWS CloudFormation?
A. AWS CLI
B. AWS Developer Center
C. AWS Cloud Development Kit (AWS CDK)
D. AWS CodeStar
Question #: 52
Topic #: 1
A company is developing an application that uses multiple AWS services. The application needs to use temporary, limited-privilege credentials for authentication with other AWS APIs.
Which AWS service or feature should the company use to meet these authentication requirements?
A. Amazon API Gateway
B. IAM users
C. AWS Security Token Service (AWS STS)
D. IAM instance profiles
Question #: 53
Topic #: 1
Which AWS service is a cloud security posture management (CSPM) service that aggregates alerts from various AWS services and partner products in a standardized format?
A. AWS Security Hub
B. AWS Trusted Advisor
C. Amazon EventBridge
D. Amazon GuardDuty
Question #: 54
Topic #: 1
Which AWS service is always provided at no charge?
A. Amazon S3
B. AWS Identity and Access Management (IAM)
C. Elastic Load Balancers
D. AWS WAF
Question #: 55
Topic #: 1
To reduce costs, a company is planning to migrate a NoSQL database to AWS.
Which AWS service is fully managed and can automatically scale throughput capacity to meet database workload demands?
A. Amazon Redshift
B. Amazon Aurora
C. Amazon DynamoDB
D. Amazon RDS
Question #: 56
Topic #: 1
A company is using Amazon DynamoDB.
Which task is the company’s responsibility, according to the AWS shared responsibility model?
A. Patch the operating system.
B. Provision hosts.
C. Manage database access permissions.
D. Secure the operating system.
Question #: 57
Topic #: 1
A company has a test AWS environment. A company is planning on testing an application within AWS. The application testing can be interrupted and does not need to run continuously.
Which Amazon EC2 purchasing option will meet these requirements MOST cost-effectively?
A. On-Demand Instances
B. Dedicated Instances
C. Spot Instances
D. Reserved Instances
Question #: 58
Topic #: 1
Which AWS service gives users the ability to discover and protect sensitive data that is stored in Amazon S3 buckets?
A. Amazon Macie
B. Amazon Detective
C. Amazon GuardDuty
D. AWS IAM Access Analyzer
Question #: 59
Topic #: 1
Which of the following services can be used to block network traffic to an instance? (Choose two.)
A. Security groups
B. Amazon Virtual Private Cloud (Amazon VPC) flow logs
C. Network ACLs
D. Amazon CloudWatch
E. AWS CloudTrail
Question #: 60
Topic #: 1
Which AWS service can identify when an Amazon EC2 instance was terminated?
A. AWS Identity and Access Management (IAM)
B. AWS CloudTrail
C. AWS Compute Optimizer
D. Amazon EventBridge