CLF-C02 Part 12
220. Which AWS service or resource helps on-premises applications connect to AWS Cloud-based storage and caches the data locally for low-latency access?
A. AWS Direct Connect
B. AWS Storage Gateway
C. Amazon S3
D. AWS Snowball Edge
221. An online retail company has seasonal sales spikes several times a year, primarily around holidays. Demand is lower at other times. The company finds it difficult to predict the increasing infrastructure demand for each season. Which advantages of moving to the AWS Cloud would MOST benefit the company? (Choose two.)
A. Global footprint
B. Elasticity
C. AWS service quotas
D. AWS shared responsibility model
E. Pay-as-you-go pricing
222. A company wants to ensure that two Amazon EC2 instances are in separate data centers with minimal communication latency between the data centers. How can the company meet this requirement?
A. Place the EC2 instances in two separate AWS Regions connected with a VPC peering connection.
B. Place the EC2 instances in two separate Availability Zones within the same AWS Region.
C. Place one EC2 instance on premises and the other in an AWS Region. Then connect them by using an AWS VPN connection.
D. Place both EC2 instances in a placement group for dedicated bandwidth.
223. Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co-location environments, or on premises facilities?
A. AWS Snowmobile
B. AWS Local Zones
C. AWS Outposts
D. AWS Fargate
224. A company wants to eliminate the need to guess infrastructure capacity before deployments. The company also wants to spend its budget on cloud resources only as the company uses the resources. Which advantage of the AWS Cloud matches the company’s requirements?
A. Reliability
B. Global reach
C. Economies of scale
D. Pay-as-you-go pricing
225. A retail company wants to provision only the necessary amount of resources to handle the current demand. Which cloud benefit is the company trying to achieve with this goal?
A. Reliability
B. Global reach
C. Scalability
D. High availability
226. A company wants to migrate a small website and database quickly from on-premises infrastructure to the AWS Cloud. The company has limited operational knowledge to perform the migration. Which AWS service supports this use case?
A. Amazon EC2
B. Amazon Lightsail
C. Amazon S3
D. AWS Lambda
227. Which AWS service or feature allows a user to set up consolidated billing?
A. AWS Billing Management Console
B. AWS Organizations
C. AWS Cost and Usage Report
D. WAS Systems Manager
228. Which AWS service can be used to encrypt data at rest?
A. Amazon GuardDuty
B. AWS Shield
C. AWS Security Hub
D. AWS Key Management Service (AWS KMS)
229. What is an IAM best practice for AWS account root user access keys?
A. Delete all root user access keys, if possible.
B. Use root user credentials to access sensitive information stored on AWS.
C. Allow the system administrator group to use the root user credentials for daily access.
D. Use root user credentials to access production database instances.
230. A company has performance and regulatory requirements that call for it to run its workload only in its on-premises data center. Which AWS services or resources should the company use? (Choose two.)
A. Amazon Pinpoint
B. Amazon WorkLink
C. AWS Outposts
D. AWS Snowball Edge
E. AWS AppSync
231. Elasticity in the AWS Cloud refers to which of the following? (Choose two.)
A. How quickly an Amazon EC2 instance can be restarted
B. The ability to rightsize resources as demand shifts
C. The maximum amount of RAM an Amazon EC2 instance can use
D. The pay-as-you-go billing model
E. How easily resources can be produced when they are needed
232. A company wants to migrate to AWS and use the same security software it uses on premises. The security software vendor offers its security software as a service on AWS. Where can the company purchase the security solution?
A. AWS Partner Solutions Finder
B. AWS Support Center
C. AWS Management Console
D. AWS Marketplace
234. A company needs to improve the response rate of high-volume queries to its relational database. Which AWS service should the company use to offload requests to the database and improve overall response times?
A. Amazon DynamoDB Accelerator (DAX)
B. Amazon ElastiCache
C. Elastic Load Balancing
D. AWS Global Accelerator
235. Which AWS services or features enable users to connect on-premises networks to a VPC? (Choose two.)
A. AWS VPN
B. Elastic Load Balancing
C. AWS Direct Connect
D. VPC peering
E. Amazon CloudFront
236. Which pillar of the AWS Well-Architected Framework specifies that resources be provisioned in a timely manner and scale as needed to maintain effectiveness as demand changes?
A. Cost optimization
B. Security
C. Operational excellence
D. Performance efficiency
237. An IT department provisions more servers than are needed to run a workload. Which cloud architecture design principle supports changing this approach?
A. Protect data in transit and at rest.
B. Stop guessing capacity.
C. Improve through game days.
D. Annotate documentation.
238. A solutions architect needs to create a cost estimate for running workloads on AWS. The cost estimate must then be exported for management review. Which AWS service or feature should be used to accomplish these tasks?
A. Cost Explorer
B. Amazon QuickSight
C. AWS Pricing Calculator
D. AWS Budgets
239. Which AWS service should a company use to decouple large monolithic applications into smaller microservices components?
A. AWS Direct Connect
B. Amazon Lightsail
C. Amazon Simple Queue Service (Amazon SQS)
D. Amazon CloudWatch
240. A company has defined the AWS resources that it needs for a new application. The company needs to estimate the costs of running the application on AWS. What should the company do to meet this requirement?
A. Take advantage of AWS on-demand pricing.
B. Use the AWS Pricing Calculator to generate an approximate dollar amount.
C. Use Amazon QuickSight to analyze current on-premises spending.
D. Use Amazon AppStream 2.0 for real-time pricing analytics.
241. A company has a globally distributed user base. The company needs its application to be highly available and have low latency for end users. Which AWS architectural approach will MOST effectively support these requirements?
A. Single-Region, Multi-AZ architecture
B. Multi-Region, active-active architecture
C. Multi-Region, active-passive architecture
D. Single-Region, Single-AZ architecture
242. Which AWS service or feature for technical assistance is available to a user who has the AWS Basic Support plan?
A. AWS senior support engineers
B. AWS technical account manager (TAM)
C. AWS Trusted Advisor
D. AWS Discussion Forums
243. A company needs to migrate its on-premises data to the AWS Cloud. The company requires elastic, highly optimized connectivity. Which AWS service meets these requirements?
A. Amazon S3 Glacier
B. AWS Storage Gateway
C. AWS Backup
D. Amazon Elastic File System (Amazon EFS)
244. When an Amazon EC2 instance is terminated, which AWS service can identify the user that made the API call?
A. Amazon CloudWatch
B. AWS CloudTrail
C. AWS X-Ray
D. AWS Identity and Access Management (IAM)
245. Which controls does the customer fully inherit from AWS in the AWS shared responsibility model?
A. Patch management controls
B. Awareness and training controls
C. Physical and environmental controls
D. Configuration management controls
246. Which feature can be used to protect Amazon S3 buckets from accidental overwrites or deletes?
A. Lifecycle policy
B. Object versioning
C. Server-side encryption
D. Bucket ACL
247. Which of the following are AWS security best practices for using AWS Identity and Access Management (IAM) to manage an AWS account root user? (Choose two.)
A. Set up multi-factor authentication (MFA) for the root user.
B. Remove all IAM policies from the root user.
C. Delete the root user access keys.
D. Use the root user for daily tasks.
E. Assign a read-only access policy to the root user.
248. Service control policies (SCPs) manage permissions for which of the following?
A. Availability Zones
B. AWS Regions
C. AWS Organizations
D. Edge locations
249. A database administrator is trying to determine who deleted a critical Amazon Redshift cluster. Which AWS service helps with monitoring and retaining this type of account activity?
A. AWS CloudTrail
B. AWS Organizations
C. AWS Identity and Access Management (IAM)
D. AWS Trusted Advisor
250. Which pillar of the AWS Well-Architected Framework includes the AWS shared responsibility model?
A. Operational excellence
B. Performance efficiency
C. Reliability
D. Security
251. A company runs its business-critical web application on Amazon Elastic Container Service (Amazon ECS) and Amazon DynamoDB. The workload spikes up to 10 times the normal workload multiple times during the day. Which AWS Cloud feature enables the company to meet these changes in demand?
A. Agility
B. Global reach
C. Scalability
D. Security
252. A company’s traffic logs show that IP addresses owned by AWS are being used in an attempt to flood ports on system resources. To whom should the cloud practitioner report this issue?
A. AWS Professional Services
B. AWS Abuse team
C. AWS Partner Network (APN)
D. AWS technical account manager (TAM)
253. An Amazon EC2 instance previously used for development is inaccessible and no longer appears in the AWS Management Console. Which AWS service should be used to determine what action made this EC2 instance inaccessible?
A. Amazon CloudWatch Logs
B. AWS Security Hub
C. Amazon Inspector
D. AWS CloudTrail
254. Which AWS service is a highly available and scalable DNS web service?
A. Amazon VPC
B. Amazon CloudFront
C. Amazon Route 53
D. Amazon Connect
255. A company is moving its office and must establish an encrypted connection to AWS. Which AWS service will help meet this requirement?
A. AWS VPN
B. Amazon Route 53
C. Amazon API Gateway
D. Amazon Connect
256. Which statement explains the benefit of agility in the AWS Cloud?
A. Agility gives users the ability to host applications in multiple AWS Regions around the world.
B. Agility gives users the ability to pay upfront to reduce cost.
C. Agility provides customizable physical hardware at the lowest possible cost.
D. Agility provides the means for users to provision resources in minutes.
257. Which of the following are user authentication services managed by AWS? (Choose two.)
A. Amazon Cognito
B. AWS Lambda
C. AWS License Manager
D. AWS Identity and Access Management (IAM)
E. AWS CodeStar
258. Which AWS service or tool helps identify underutilized Amazon EC2 instances and idle Amazon RDS DB instances at no additional charge?
A. Cost Explorer
B. AWS Budgets
C. AWS Organizations
D. AWS Trusted Advisor
259. Which of the following are customer responsibilities under the AWS shared responsibility model? (Choose two.)
A. Physical security of AWS facilities
B. Configuration of security groups
C. Encryption of customer data on AWS
D. Management of AWS Lambda infrastructure
E. Management of network throughput of each AWS Region
260. A user should contact the AWS Abuse team to report which situations? (Choose two.)
A. A DDoS attack is being made on an AWS resource.
B. A SQL injection attack is being made from an IP address that is not an AWS address.
C. AWS resources are being used to host objectionable or illegal content.
D. A company’s resources are being used in a way that is inconsistent with corporate policy.
E. A company is receiving HTTPS requests on a web server that is serving HTTP.
261. A company uses Amazon DynamoDB in its AWS Cloud architecture. According to the AWS shared responsibility model, which of the following are responsibilities of the company? (Choose two.)
A. Operating system patching and upgrades
B. Application of appropriate permissions with IAM tools
C. Configuration of data encryption options
D. Creation of DynamoDB endpoints
E. Infrastructure provisioning and maintenance
262. What should a user do to deploy an application in geographically separate locations?
A. Deploy the application in different placement groups.
B. Deploy the application to a VPC.
C. Deploy the application to multiple AWS Regions.
D. Deploy the application by using Amazon CloudFront.
263. A company wants to rightsize its infrastructure to control costs. At which points should the company rightsize? (Choose two.)
A. Rightsize before a migration occurs to the cloud.
B. Rightsize continuously after the cloud onboarding process.
C. Rightsize when AWS Support calls and explains that rightsizing is needed.
D. Rightsize when seasonal workloads are at their peak.
E. Rightsize after purchasing all Reserved Instances.
264. Which tasks should a user perform if the user suspects that an AWS account has been compromised? (Choose two.)
A. Remove any multi-factor authentication (MFA) tokens.
B. Rotate and delete all AWS access keys.
C. Move resources to a different AWS Region.
D. Delete AWS CloudTrail resources.
E. Contact AWS Support.
265. A company needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer speed. Which AWS service meets these requirements?
A. Amazon CloudFront
B. Elastic Load Balancing
C. Amazon S3
D. Amazon Elastic Transcoder
266. Which AWS Cloud benefit is shown by an architecture’s ability to withstand failures with minimal downtime?
A. Agility
B. Elasticity
C. Scalability
D. High availability
268. A company is moving its development and test environments to AWS to increase agility and reduce cost. Because these are not production workloads and the servers are not fully utilized, occasional unavailability is acceptable. What is the MOST cost-effective Amazon EC2 pricing model that will meet these requirements?
A. Reserved Instances
B. On-Demand Instances
C. Spot Instances
D. Dedicated Instances
269. Which guidelines are key AWS architectural design principles? (Choose two.)
A. Design for fixed resources.
B. Build scalable architectures.
C. Use tightly coupled components.
D. Use managed services when possible.
E. Design for human interaction
270. What is the LEAST expensive AWS Support plan that provides 24-hour access to AWS customer service and AWS communities?
A. AWS Enterprise Support
B. AWS Business Support
C. AWS Developer Support
D. AWS Basic Support
271. A company with AWS Enterprise Support has questions about its consolidated bill. Which AWS service, feature, or tool should the company use for assistance?
A. AWS Pricing Calculator
B. AWS Concierge Support
C. AWS Trusted Advisor
D. AWS Budgets
272. A company needs to perform a one-time migration of 40TB of data from its on-premises storage servers to Amazon S3. The transfer must happen as quickly as possible while keeping costs to a minimum. The company has 100 Mbps internet connectivity. Which AWS service will meet these requirements?
A. AWS Snowball
B. AWS Direct Connect
C. AWS Storage Gateway
D. Amazon S3 Transfer Acceleration
273. A company uses Amazon S3 buckets. One of the company’s departments enabled S3 CrossRegion Replication for those buckets to meet new requirements. The company’s bill for that month was larger than usual. Which AWS service or feature can the company use to confirm that the cost increase was caused by the data replication?
A. Consolidated billing
B. Cost Explorer
C. AWS Pricing Calculator
D. AWS Trusted Advisor
274. A company wants to store data with high availability, encrypt the data at rest, and have direct access to the data over the internet. Which AWS service will meet these requirements MOST cost-effectively?
A. Amazon Elastic Block Store (Amazon EBS)
B. Amazon S3
C. Amazon Elastic File System (Amazon EFS)
D. AWS Storage Gateway
275. How do AWS users trade infrastructure expenses for operational expenses?
A. Secure their physical infrastructure to prevent malicious attacks.
B. Use AWS Budgets to ensure that spending on AWS resources does not exceed preset thresholds.
C. Eliminate the electricity costs that are associated with the hosting of physical servers.
D. Use AWS Auto Scaling to dynamically increase and decrease compute resources as needed.
276. A network engineer needs to establish a dedicated 10 Gbps network connection from an on premises environment to AWS. Which AWS service or feature should the engineer use?
A. Amazon Route 53
B. AWS Direct Connect
C. AWS PrivateLink
D. AWS VPN
277. Which AWS service or feature provides an online, managed software catalog that helps users purchase and deploy third-party software?
A. AWS Support
B. AWS Marketplace
C. Amazon EC2 private Amazon Machine Images (AMIs)
D. AWS reseller programs
278. A company has a Java web application. The company wants to use auto deployment to create the AWS environment and deploy new versions of its application. Which AWS service will meet these requirements?
A. AWS Auto Scaling
B. AWS Elastic Beanstalk
C. AWS Control Tower
D. Amazon EC2
279. Which action will provide documentation to help a company evaluate whether its use of the AWS Cloud is compliant with local regulatory standards?
A. Running Amazon GuardDuty
B. Using AWS Artifact
C. Creating an AWS Support ticket
D. Evaluating AWS CloudTrail logs
280. A company is launching a new application in the AWS Cloud. The application will run on an Amazon EC2 instance. More EC2 instances will be needed when the workload increases. Which AWS service or tool can the company use to launch the number of EC2 instances that will be needed to handle the workload?
A. Elastic Load Balancing
B. Amazon EC2 Auto Scaling
C. AWS App2Container (A2C)
D. AWS Systems Manager