CLF-C02 Part 11
Question #: 601
Topic #: 1
A company runs its production workload in the AWS Cloud. The company needs to choose one of the AWS Support Plans.
Which of the AWS Support Plans will meet these requirements at the LOWEST cost?
A. Developer
B. Enterprise On-Ramp
C. Enterprise
D. Business
Question #: 602
Topic #: 1
What is the primary use case for Amazon GuardDuty?
A. Prevention of DDoS attacks
B. Protection against SQL injection attacks
C. Automatic monitoring for threats to AWS workloads
D. Automatic provisioning of AWS resources
Question #: 603
Topic #: 1
Which VPC component can a company use to set up a virtual firewall at the Amazon EC2 instance level?
A. Network ACL
B. Security group
C. Route table
D. NAT gateway
Question #: 604
Topic #: 1
A developer needs to interact with AWS by using the AWS CLI.
Which security feature or AWS service must be provisioned in the developer’s account to meet this requirement?
A. User name and password
B. AWS Systems Manager
C. Root password access
D. AWS access key
Question #: 605
Topic #: 1
A food delivery company needs to block users in certain countries from accessing its website.
Which AWS service should the company use to meet this requirement?
A. AWS WAF
B. AWS Control Tower
C. Amazon Fraud Detector
D. Amazon Pinpoint
Question #: 606
Topic #: 1
A company needs to use Amazon S3 to store audio files that are each 5 megabytes in size. The company will rarely access the files, but the company must be able to retrieve the files immediately.
Which S3 storage class will meet these requirements MOST cost-effectively?
A. S3 Standard
B. S3 Standard-Infrequent Access (S3 Standard-IA)
C. S3 Glacier Flexible Retrieval
D. S3 Glacier Deep Archive
Question #: 607
Topic #: 1
A company wants to set up a secure network connection from on premises to the AWS Cloud within 1 week.
Which solution will meet these requirements?
A. AWS Direct Connect
B. Amazon VPC
C. AWS Site-to-Site VPN
D. Edge location
Question #: 608
Topic #: 1
What is a customer responsibility under the AWS shared responsibility model when using AWS Lambda?
A. Maintenance of the underlying Lambda hardware.
B. Maintenance of the Lambda networking infrastructure.
C. The code and libraries that run in the Lambda functions.
D. The Lambda server software.
Question #: 609
Topic #: 1
Which tasks are the responsibility of AWS according to the AWS shared responsibility model? (Choose two.)
A. Configure AWS Identity and Access Management (IAM).
B. Configure security groups on Amazon EC2 instances.
C. Secure the access of physical AWS facilities.
D. Patch applications that run on Amazon EC2 instances.
E. Perform infrastructure patching and maintenance.
Question #: 610
Topic #: 1
A company’s compliance officer wants to review the AWS Service Organization Control (SOC) reports.
Which AWS service or feature should the compliance officer use to complete this task?
A. AWS Artifact
B. AWS Concierge Support
C. AWS Support
D. AWS Trusted Advisor
Question #: 611
Topic #: 1
A company has a compliance requirement to record and evaluate configuration changes, as well as perform remediation actions on AWS resources.
Which AWS service should the company use?
A. AWS Config
B. AWS Secrets Manager
C. AWS CloudTrail
D. AWS Trusted Advisor
Question #: 612
Topic #: 1
A company plans to perform a one-time migration of a large dataset with millions of files from its on-premises data center to the AWS Cloud.
Which AWS service should the company use for the migration?
A. AWS Database Migration Service (AWS DMS)
B. AWS DataSync
C. AWS Migration Hub
D. AWS Application Migration Service
Question #: 613
Topic #: 1
Which AWS network services or features allow CIDR block notation when providing an IP address range? (Choose two.)
A. Security groups
B. Amazon Machine Image (AMI)
C. Network access control list (network ACL)
D. AWS Budgets
E. Amazon Elastic Block Store (Amazon EBS)
Question #: 614
Topic #: 1
A company wants to develop an accessibility application that will convert text into audible speech.
Which AWS service will meet this requirement?
A. Amazon MQ
B. Amazon Polly
C. Amazon Neptune
D. Amazon Timestream
Question #: 615
Topic #: 1
A company needs to set up dedicated network connectivity between its on-premises data center and the AWS Cloud. The network cannot use the public internet.
Which AWS service or feature will meet these requirements?
A. AWS Transit Gateway
B. AWS VPN
C. Amazon CloudFront
D. AWS Direct Connect
Question #: 616
Topic #: 1
A company needs to use dashboards and charts to analyze insights from business data.
Which AWS service will provide the dashboards and charts for these insights?
A. Amazon Macie
B. Amazon Aurora
C. Amazon QuickSight
D. AWS CloudTrail
Question #: 617
Topic #: 1
A company wants to migrate its on-premises infrastructure to the AWS Cloud.
Which advantage of cloud computing will help the company reduce upfront costs?
A. Go global in minutes
B. Increase speed and agility
C. Benefit from massive economies of scale
D. Trade fixed expense for variable expense
Question #: 618
Topic #: 1
A company is designing workloads in the AWS Cloud. The company wants the workloads to perform their intended function correctly and consistently throughout their lifecycle.
Which pillar of the AWS Well-Architected Framework does this goal represent?
A. Operational excellence
B. Security
C. Reliability
D. Performance efficiency
Question #: 619
Topic #: 1
Which AWS service is used to temporarily provide federated security credentials to access AWS resources?
A. Amazon GuardDuty
B. AWS Simple Token Service (AWS STS)
C. AWS Secrets Manager
D. AWS Certificate Manager
Question #: 620
Topic #: 1
What is a benefit of using an Elastic Load Balancing (ELB) load balancer with applications running in the AWS Cloud?
A. An ELB will automatically scale resources to meet capacity needs.
B. An ELB can balance traffic across multiple compute resources.
C. An ELB can span multiple AWS Regions.
D. An ELB can balance traffic between multiple internet gateways.
Question #: 621
Topic #: 1
A company needs to convert video files and audio files to a format that will play on smartphones.
Which AWS service will meet this requirement?
A. Amazon Comprehend
B. Amazon Rekognition
C. Amazon Elastic Transcoder
D. Amazon Polly
Question #: 622
Topic #: 1
A company wants to securely store Amazon RDS database credentials and automatically rotate user passwords periodically.
Which AWS service or capability will meet these requirements?
A. Amazon S3
B. AWS Systems Manager Parameter Store
C. AWS Secrets Manager
D. AWS CloudTrail
Question #: 623
Topic #: 1
A company needs to have the ability to set up infrastructure for new applications in minutes.
Which advantage of cloud computing will help the company meet this requirement?
A. Trade fixed expense for variable expense
B. Go global in minutes
C. Increase speed and agility
D. Stop guessing capacity
Question #: 624
Topic #: 1
A company needs a managed NFS file system that the company can use with its AWS compute resources.
Which AWS service or feature will meet these requirements?
A. Amazon Elastic Block Store (Amazon EBS)
B. AWS Storage Gateway Tape Gateway
C. Amazon S3 Glacier Flexible Retrieval
D. Amazon Elastic File System (Amazon EFS)
Question #: 625
Topic #: 1
A company plans to migrate to the AWS Cloud. The company wants to gather information about its on-premises data center.
Which AWS service should the company use to meet these requirements?
A. AWS Application Discovery Service
B. AWS DataSync
C. AWS Storage Gateway
D. AWS Database Migration Service (AWS DMS)
Question #: 626
Topic #: 1
Which tasks are responsibilities of the customer, according to the AWS shared responsibility model? (Choose two.)
A. Secure the virtualization layer.
B. Encrypt data and maintain data integrity.
C. Patch the Amazon RDS operating system.
D. Maintain identity and access management controls.
E. Secure Availability Zones.
Question #: 627
Topic #: 1
An online retail company wants to migrate its on-premises workload to AWS. The company needs to automatically handle a seasonal workload increase in a cost-effective manner.
Which AWS Cloud features will help the company meet this requirement? (Choose two.)
A. Cross-Region workload deployment
B. Pay-as-you-go pricing
C. Built-in AWS CloudTrail audit capabilities
D. Auto Scaling policies
E. Centralized logging
Question #: 628
Topic #: 1
A developer needs to use a standardized template to create copies of a company’s AWS architecture for development, test, and production environments.
Which AWS service should the developer use to meet this requirement?
A. AWS Cloud Map
B. AWS CloudFormation
C. Amazon Cloud Front
D. AWS CloudTrail
Question #: 629
Topic #: 1
Which AWS service can create a private network connection from on premises to the AWS Cloud?
A. AWS Config
B. Virtual Private Cloud (Amazon VPC)
C. AWS Direct Connect
D. Amazon Route 53
Question #: 630
Topic #: 1
Under the AWS shared responsibility model, which of the following is a responsibility of the customer?
A. Shred disk drives before they leave a data center.
B. Prevent customers from gathering packets or collecting traffic at the hypervisor level.
C. Patch the guest operating system with the latest security patches.
D. Maintain security systems that provide physical monitoring of data centers.
Question #: 631
Topic #: 1
Which AWS service uses speech-to-text conversion to help users create meeting notes?
A. Amazon Polly
B. Amazon Textract
C. Amazon Rekognition
D. Amazon Transcribe
Question #: 632
Topic #: 1
Which AWS service or tool provides users with a graphical interface that they can use to manage AWS services?
A. AWS Copilot
B. AWS CLI
C. AWS Management Console
D. AWS software development kits (SDKs)
Question #: 633
Topic #: 1
A company has a workload that will run continuously for 1 year. The workload cannot tolerate service interruptions.
Which Amazon EC2 purchasing option will be MOST cost-effective?
A. All Upfront Reserved Instances
B. Partial Upfront Reserved Instances
C. Dedicated Instances
D. On-Demand Instances
Question #: 634
Topic #: 1
A company migrated its systems to the AWS Cloud. The systems are rightsized, and a security review did not reveal any issues. The company must ensure that additional developments, integrations, changes, and system usage growth do not jeopardize this optimized AWS infrastructure.
Which AWS service should the company use to report ongoing optimization and security?
A. AWS Trusted Advisor
B. AWS Health Dashboard
C. Amazon Connect
D. AWS Systems Manager
Question #: 635
Topic #: 1
Which AWS service integrates with other AWS services to provide the ability to encrypt data at rest?
A. AWS Key Management Service (AWS KMS)
B. AWS Certificate Manager (ACM)
C. AWS Identity and Access Management (IAM)
D. AWS Security Hub
Question #: 636
Topic #: 1
A company wants to track the monthly cost and usage of all Amazon EC2 instances in a specific AWS environment.
Which AWS service or tool will meet these requirements?
A. AWS Cost Anomaly Detection
B. AWS Budgets
C. AWS Compute Optimizer
D. AWS Trusted Advisor
Question #: 637
Topic #: 1
A company wants the ability to automatically acquire resources as needed and release the resources when they are no longer needed.
Which cloud concept describes this functionality?
A. Availability
B. Elasticity
C. Durability
D. Reliability
Question #: 638
Topic #: 1
A company wants a cost-effective option when running its applications in an Amazon EC2 instance for short time periods. The applications can be interrupted.
Which EC2 instance type will meet these requirements?
A. Spot Instances
B. On-Demand Instances
C. Reserved Instances
D. Dedicated Instances
Question #: 639
Topic #: 1
A company has an AWS Business Support plan. The company needs to gain access to the AWS DDoS Response Team (DRT) to help mitigate DDoS events.
Which AWS service or resource must the company use to meet these requirements?
A. AWS Shield Standard
B. AWS Enterprise Support
C. AWS WAF
D. AWS Shield Advanced
Question #: 640
Topic #: 1
Which AWS service or tool provides a visualization of historical AWS spending patterns and projections of future AWS costs?
A. AWS Cost and Usage Report
B. AWS Budgets
C. Cost Explorer
D. Amazon Cloud Watch
Question #: 641
Topic #: 1
A company is migrating to the AWS Cloud instead of running its infrastructure on premises.
Which of the following are advantages of this migration? (Choose two.)
A. Elimination of the need to perform security auditing
B. Increased global reach and agility
C. Ability to deploy globally in minutes
D. Elimination of the cost of IT staff members
E. Redundancy by default for all compute services
Question #: 642
Topic #: 1
Which AWS service uses edge locations to cache content?
A. Amazon Kinesis
B. Amazon Simple Queue Service (Amazon SQS)
C. Amazon CloudFront
D. Amazon Route 53
Question #: 643
Topic #: 1
A company wants to securely access an Amazon S3 bucket from an Amazon EC2 instance without accessing the internet.
What should the company use to accomplish this goal?
A. VPN connection
B. Internet gateway
C. VPC endpoint
D. NAT gateway
Question #: 644
Topic #: 1
A company wants an AWS service that can automate software deployment in Amazon EC2 instances and on-premises instances.
Which AWS service will meet this requirement?
A. AWS CodeCommit
B. AWS CodeBuild
C. AWS CodeDeploy
D. AWS CodePipeline
Question #: 645
Topic #: 1
Which AWS services are serverless? (Choose two.)
A. AWS Fargate
B. Amazon Managed Streaming for Apache Kafka
C. Amazon EMR
D. Amazon S3
E. Amazon EC2
Question #: 646
Topic #: 1
A company wants to continuously improve processes and procedures to deliver business value.
Which pillar of the AWS Well-Architected Framework does this goal represent?
A. Performance efficiency
B. Operational excellence
C. Reliability
D. Sustainability
Question #: 647
Topic #: 1
Which of the following is a customer responsibility according to the AWS shared responsibility model?
A. Apply security patches for Amazon S3 infrastructure devices.
B. Provide physical security for AWS datacenters.
C. Install operating system updates on Lambda@Edge.
D. Implement multi-factor authentication (MFA) for IAM user accounts.
Question #: 648
Topic #: 1
Which AWS service should a company use to organize, characterize, and search large numbers of images?
A. Amazon Transcribe
B. Amazon Rekognition
C. Amazon Aurora
D. Amazon QuickSight
Question #: 649
Topic #: 1
Which AWS service is always available free of charge to users?
A. Amazon Athena
B. AWS Identity and Access Management (IAM)
C. AWS Secrets Manager
D. Amazon ElastiCache
Question #: 650
Topic #: 1
A company needs to run some of its workloads on premises to comply with regulatory guidelines. The company wants to use the AWS Cloud to run workloads that are not required to be on premises. The company also wants to be able to use the same API calls for the on-premises workloads and the cloud workloads.
Which AWS service or feature should the company use to meet these requirements?
A. Dedicated Hosts
B. AWS Outposts
C. Availability Zones
D. AWS Wavelength
Question #: 651
Topic #: 1
What is the recommended use case for Amazon EC2 On-Demand Instances?
A. A steady-state workload that requires a particular EC2 instance configuration for a long period of time
B. A workload that can be interrupted for a project that requires the lowest possible cost
C. An unpredictable workload that does not require a long-term commitment
D. A workload that is expected to run for longer than 1 year
Question #: 652
Topic #: 1
A company wants to use an AWS networking solution that can act as a centralized gateway between multiple VPCs and on-premises networks.
Which AWS service or feature will meet this requirement?
A. Gateway VPC endpoint
B. AWS Direct Connect
C. AWS Transit Gateway
D. AWS PrivateLink
Question #: 653
Topic #: 1
An administrator observed that multiple AWS resources were deleted yesterday.
Which AWS service will help identify the cause and determine which user deleted the resources?
A. AWS CloudTrail
B. Amazon Inspector
C. Amazon GuardDuty
D. AWS Trusted Advisor
Question #: 654
Topic #: 1
To assist companies with Payment Card Industry Data Security Standard (PCI DSS) compliance in the cloud, AWS provides:
A. physical Inspections of data centers by appointment.
B. required PCI compliance certifications for any application running on AWS.
C. an AWS Attestation of Compliance (AOC) report for specific AWS services.
D. professional PCI compliance services.
Question #: 655
Topic #: 1
In which situations should a company create an IAM user instead of an IAM role?
A. When an application that runs on Amazon EC2 instances requires access to other AWS services
B. When the company creates AWS access credentials for individuals
C. When the company creates an application that runs on a mobile phone that makes requests to AWS
D. When the company needs to add users to IAM groups
E. When users are authenticated in the corporate network and want to be able to use AWS without having to sign in a second time
Question #: 656
Topic #: 1
A company hosts a web application on AWS. The company has improved the availability of its application by provisioning multiple Amazon EC2 instances. The company wants to distribute its traffic across the EC2 instances while providing a single point of contact to the web clients.
Which AWS service can distribute the traffic to multiple EC2 instances as targets?
A. VPC endpoints
B. Application Load Balancer
C. NAT gateway
D. Internet gateway
Question #: 657
Topic #: 1
What is the total volume of data that can be stored in Amazon S3?
A. 10 PB
B. 50 PB
C. 100 PB
D. Virtually unlimited
Question #: 658
Topic #: 1
Which design principle is related to the reliability pillar according to the AWS Well-Architected Framework?
A. Test recovery procedures
B. Experiment more often
C. Go global in minutes
D. Analyze and attribute to expenditure
Question #: 659
Topic #: 1
A company stores data in an Amazon S3 bucket.
Which task is the responsibility of AWS?
A. Configure an S3 Lifecycle policy.
B. Activate S3 Versioning.
C. Configure S3 bucket policies.
D. Protect the infrastructure that supports S3 storage.
Question #: 660
Topic #: 1
A company wants to transfer a virtual Windows Server 2022 that is currently running in its own data center to AWS. The company wants to automatically convert the existing server to run directly on AWS infrastructure instead of visualized hardware.
Which AWS service will meet these requirements?
A. AWS DataSync
B. AWS Database Migration Service (AWS DMS)
C. AWS Application Discovery Service
D. AWS Application Migration Service