CLF-C02 Part 2
Question #: 61
Topic #: 1
Which of the following is a fully managed MySQL-compatible database?
A. Amazon S3
B. Amazon DynamoDB
C. Amazon Redshift
D. Amazon Aurora
Question #: 62
Topic #: 1
Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co-location environments, or on-premises facilities?
A. AWS Snowmobile
B. AWS Local Zones
C. AWS Outposts
D. AWS Fargate
Question #: 63
Topic #: 1
Which AWS service can run a managed PostgreSQL database that provides online transaction processing (OLTP)?
A. Amazon DynamoDB
B. Amazon Athena
C. Amazon RDS
D. Amazon EMR
Question #: 64
Topic #: 1
A company wants to provide managed Windows virtual desktops and applications to its remote employees over secure network connections.
Which AWS services can the company use to meet these requirements? (Choose two.)
A. Amazon Connect
B. Amazon AppStream 2.0
C. Amazon WorkSpaces
D. AWS Site-to-Site VPN
E. Amazon Elastic Container Service (Amazon ECS)
Question #: 65
Topic #: 1
A company wants to monitor for misconfigured security groups that are allowing unrestricted access to specific ports.
Which AWS service will meet this requirement?
A. AWS Trusted Advisor
B. Amazon CloudWatch
C. Amazon GuardDuty
D. AWS Health Dashboard
Question #: 66
Topic #: 1
Which AWS service is a key-value database that provides sub-millisecond latency on a large scale?
A. Amazon DynamoDB
B. Amazon Aurora
C. Amazon DocumentDB (with MongoDB compatibility)
D. Amazon Neptune
Question #: 67
Topic #: 1
A company is deploying a machine learning (ML) research project that will require a lot of compute power over several months. The ML processing jobs do not need to run at specific times.
Which Amazon EC2 instance purchasing option will meet these requirements at the lowest cost?
A. On-Demand Instances
B. Spot Instances
C. Reserved Instances
D. Dedicated Instances
Question #: 68
Topic #: 1
Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Choose two.)
A. EC2 Reserved Instances
B. EC2 Amazon Machine Images (AMIs)
C. Amazon Elastic Block Store (Amazon EBS) snapshots
D. AWS Shield
E. Amazon GuardDuty
Question #: 69
Topic #: 1
Which AWS service provides command line access to AWS tools and resources directly from a web browser?
A. AWS CloudHSM
B. AWS CloudShell
C. Amazon WorkSpaces
D. AWS Cloud Map
Question #: 70
Topic #: 1
A network engineer needs to build a hybrid cloud architecture connecting on-premises networks to the AWS Cloud using AWS Direct Connect. The company has a few VPCs in a single AWS Region and expects to increase the number of VPCs to hundreds over time.
Which AWS service or feature should the engineer use to simplify and scale this connectivity as the VPCs increase in number?
A. VPC endpoints
B. AWS Transit Gateway
C. Amazon Route 53
D. AWS Secrets Manager
Question #: 71
Topic #: 1
A company wants to assess its operational readiness. It also wants to identify and mitigate any operational risks ahead of a new product launch.
Which AWS Support plan offers guidance and support for this kind of event at no additional charge?
A. AWS Business Support
B. AWS Basic Support
C. AWS Developer Support
D. AWS Enterprise Support
Question #: 72
Topic #: 1
A company wants to establish a schedule for rotating database user credentials.
Which AWS service will support this requirement with the LEAST amount of operational overhead?
A. AWS Systems Manager
B. AWS Secrets Manager
C. AWS License Manager
D. AWS Managed Services
Question #: 73
Topic #: 1
Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?
A. Amazon Route 53
B. Amazon Macie
C. AWS Direct Connect
D. AWS PrivateLink
Question #: 74
Topic #: 1
Which AWS service is used to provide encryption for Amazon EBS?
A. AWS Certificate Manager
B. AWS Systems Manager
C. AWS KMS
D. AWS Config
Question #: 75
Topic #: 1
A company wants to manage its AWS Cloud resources through a web interface.
Which AWS service will meet this requirement?
A. AWS Management Console
B. AWS CLI
C. AWS SDK
D. AWS Cloud9
Question #: 76
Topic #: 1
Which of the following are advantages of the AWS Cloud? (Choose two.)
A. Trade variable expenses for capital expenses
B. High economies of scale
C. Launch globally in minutes
D. Focus on managing hardware infrastructure
E. Overprovision to ensure capacity
Question #: 77
Topic #: 1
Which AWS Cloud benefit is shown by an architecture’s ability to withstand failures with minimal downtime?
A. Agility
B. Elasticity
C. Scalability
D. High availability
Question #: 78
Topic #: 1
A developer needs to maintain a development environment infrastructure and a production environment infrastructure in a repeatable fashion.
Which AWS service should the developer use to meet these requirements?
A. AWS Ground Station
B. AWS Shield
C. AWS IoT Device Defender
D. AWS CloudFormation
Question #: 79
Topic #: 1
Which task is the customer’s responsibility, according to the AWS shared responsibility model?
A. Maintain the security of the AWS Cloud.
B. Configure firewalls and networks.
C. Patch the operating system of Amazon RDS instances.
D. Implement physical and environmental controls.
Question #: 80
Topic #: 1
Which AWS service helps deliver highly available applications with fast failover for multi-Region and Multi-AZ architectures?
A. AWS WAF
B. AWS Global Accelerator
C. AWS Shield
D. AWS Direct Connect
Question #: 81
Topic #: 1
A company has a set of ecommerce applications. The applications need to be able to send messages to each other.
Which AWS service meets this requirement?
A. AWS Auto Scaling
B. Elastic Load Balancing
C. Amazon Simple Queue Service (Amazon SQS)
D. Amazon Kinesis Data Streams
Question #: 82
Topic #: 1
What are the benefits of consolidated billing for AWS Cloud services? (Choose two.)
A. Volume discounts
B. A minimal additional fee for use
C. One bill for multiple accounts
D. Installment payment options
E. Custom cost and usage budget creation
Question #: 83
Topic #: 1
A user wants to review all Amazon S3 buckets with ACLs and S3 bucket policies in the S3 console.
Which AWS service or resource will meet this requirement?
A. S3 Multi-Region Access Points
B. S3 Storage Lens
C. AWS IAM Identity Center (AWS Single Sign-On)
D. Access Analyzer for S3
Question #: 84
Topic #: 1
What is the best resource for a user to find compliance-related information and reports about AWS?
A. AWS Artifact
B. AWS Marketplace
C. Amazon Inspector
D. AWS Support
Question #: 85
Topic #: 1
Which AWS service enables companies to deploy an application close to end users?
A. Amazon CloudFront
B. AWS Auto Scaling
C. AWS AppSync
D. Amazon Route 53
Question #: 86
Topic #: 1
Which AWS service or feature improves network performance by sending traffic through the AWS worldwide network infrastructure?
A. Route table
B. AWS Transit Gateway
C. AWS Global Accelerator
D. Amazon VPC
Question #: 87
Topic #: 1
Which AWS service provides highly durable object storage?
A. Amazon S3
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Block Store (Amazon EBS)
D. Amazon FSx
Question #: 88
Topic #: 1
Which responsibility belongs to AWS when a company hosts its databases on Amazon EC2 instances?
A. Database backups
B. Database software patches
C. Operating system patches
D. Operating system installations
Question #: 89
Topic #: 1
Which of the following are advantages of moving to the AWS Cloud? (Choose two.)
A. The ability to turn over the responsibility for all security to AWS.
B. The ability to use the pay-as-you-go model.
C. The ability to have full control over the physical infrastructure.
D. No longer having to guess what capacity will be required.
E. No longer worrying about users access controls.
Question #: 90
Topic #: 1
Which AWS service is a hybrid cloud storage service that provides on-premises users access to virtually unlimited cloud storage?
A. AWS DataSync
B. Amazon S3 Glacier
C. AWS Storage Gateway
D. Amazon Elastic Block Store (Amazon EBS)
Question #: 91
Topic #: 1
A company plans to migrate to AWS and wants to create cost estimates for its AWS use cases.
Which AWS service or tool can the company use to meet these requirements?
A. AWS Pricing Calculator
B. Amazon CloudWatch
C. AWS Cost Explorer
D. AWS Budgets
Question #: 92
Topic #: 1
Which tool should a developer use to integrate AWS service features directly into an application?
A. AWS Software Development Kit
B. AWS CodeDeploy
C. AWS Lambda
D. AWS Batch
Question #: 93
Topic #: 1
Which of the following is a recommended design principle of the AWS Well-Architected Framework?
A. Reduce downtime by making infrastructure changes infrequently and in large increments.
B. Invest the time to configure infrastructure manually.
C. Learn to improve from operational failures.
D. Use monolithic application design for centralization.
Question #: 94
Topic #: 1
Using AWS Identity and Access Management (IAM) to grant access only to the resources needed to perform a task is a concept known as:
A. restricted access.
B. as-needed access.
C. least privilege access.
D. token access.
Question #: 95
Topic #: 1
Which AWS service or tool can be used to set up a firewall to control traffic going into and coming out of an Amazon VPC subnet?
A. Security group
B. AWS WAF
C. AWS Firewall Manager
D. Network ACL
Question #: 96
Topic #: 1
A company wants to operate a data warehouse to analyze data without managing the data warehouse infrastructure.
Which AWS service will meet this requirement?
A. Amazon Aurora
B. Amazon Redshift Serverless
C. AWS Lambda
D. Amazon RDS
Question #: 97
Topic #: 1
How does AWS Cloud computing help businesses reduce costs? (Choose two.)
A. AWS charges the same prices for services in every AWS Region.
B. AWS enables capacity to be adjusted on demand.
C. AWS offers discounts for Amazon EC2 instances that remain idle for more than 1 week.
D. AWS does not charge for data sent from the AWS Cloud to the internet.
E. AWS eliminates many of the costs of building and maintaining on-premises data centers.
Question #: 98
Topic #: 1
A company wants to grant users in one AWS account access to resources in another AWS account. The users do not currently have permission to access the resources.
Which AWS service will meet this requirement?
A. IAM group
B. IAM role
C. IAM tag
D. IAM Access Analyzer
Question #: 99
Topic #: 1
Which task is the responsibility of AWS when using AWS services?
A. Management of IAM user permissions
B. Creation of security group rules for outbound access
C. Maintenance of physical and environmental controls
D. Application of Amazon EC2 operating system patches
Question #: 100
Topic #: 1
A company wants to automate infrastructure deployment by using infrastructure as code (IaC). The company wants to scale production stacks so the stacks can be deployed in multiple AWS Regions.
Which AWS service will meet these requirements?
A. Amazon CloudWatch
B. AWS Config
C. AWS Trusted Advisor
D. AWS CloudFormation
Question #: 101
Topic #: 1
Which option is an AWS Cloud Adoption Framework (AWS CAF) platform perspective capability?
A. Data architecture
B. Data protection
C. Data governance
D. Data science
Question #: 102
Topic #: 1
A company is running a workload in the AWS Cloud.
Which AWS best practice ensures the MOST cost-effective architecture for the workload?
A. Loose coupling
B. Rightsizing
C. Caching
D. Redundancy
Question #: 103
Topic #: 1
A company is using a third-party service to back up 10 TB of data to a tape library. The on-premises backup server is running out of space. The company wants to use AWS services for the backups without changing its existing backup workflows.
Which AWS service should the company use to meet these requirements?
A. Amazon Elastic Block Store (Amazon EBS)
B. AWS Storage Gateway
C. Amazon Elastic Container Service (Amazon ECS)
D. AWS Lambda
Question #: 104
Topic #: 1
Which AWS tool gives users the ability to plan their service usage, service costs, and instance reservations, and also allows them to set custom alerts when their costs or usage exceed established thresholds?
A. Cost Explorer
B. AWS Budgets
C. AWS Cost and Usage Report
D. Reserved Instance reporting
Question #: 105
Topic #: 1
Which tasks are the customer’s responsibility, according to the AWS shared responsibility model? (Choose two.)
A. Establish the global infrastructure.
B. Perform client-side data encryption.
C. Configure IAM credentials.
D. Secure edge locations.
E. Patch Amazon RDS DB instances.
Question #: 106
Topic #: 1
A developer has been hired by a large company and needs AWS credentials.
Which are security best practices that should be followed? (Choose two.)
A. Grant the developer access to only the AWS resources needed to perform the job.
B. Share the AWS account root user credentials with the developer.
C. Add the developer to the administrator’s group in AWS IAM.
D. Configure a password policy that ensures the developer’s password cannot be changed.
E. Ensure the account password policy requires a minimum length.
Question #: 107
Topic #: 1
A company has multiple AWS accounts that include compute workloads that cannot be interrupted. The company wants to obtain billing discounts that are based on the company’s use of AWS services.
Which AWS feature or purchasing option will meet these requirements?
A. Resource tagging
B. Consolidated billing
C. Pay-as-you-go pricing
D. Spot Instances
Question #: 108
Topic #: 1
A user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services. The access granted must be secure.
Which AWS service or feature should be used?
A. Security groups
B. AWS Firewall Manager
C. IAM roles
D. IAM user SSH keys
Question #: 109
Topic #: 1
A company wants a fully managed Windows file server for its Windows-based applications.
Which AWS service will meet this requirement?
A. Amazon FSx
B. Amazon Elastic Kubernetes Service (Amazon EKS)
C. Amazon Elastic Container Service (Amazon ECS)
D. Amazon EMR
Question #: 110
Topic #: 1
A company wants to migrate its NFS on-premises workload to AWS.
Which AWS Storage Gateway type should the company use to meet this requirement?
A. Tape Gateway
B. Volume Gateway
C. Amazon FSx File Gateway
D. Amazon S3 File Gateway
Question #: 111
Topic #: 1
A company needs to track the activity in its AWS accounts, and needs to know when an API call is made against its AWS resources.
Which AWS tool or service can be used to meet these requirements?
A. Amazon CloudWatch
B. Amazon Inspector
C. AWS CloudTrail
D. AWS IAM
Question #: 112
Topic #: 1
A company has an uninterruptible application that runs on Amazon EC2 instances. The application constantly processes a backlog of files in an Amazon Simple Queue Service (Amazon SQS) queue. This usage is expected to continue to grow for years.
What is the MOST cost-effective EC2 instance purchasing model to meet these requirements?
A. Spot Instances
B. On-Demand Instances
C. Savings Plans
D. Dedicated Hosts
Question #: 113
Topic #: 1
A company wants an AWS service to provide product recommendations based on its customer data.
Which AWS service will meet this requirement?
A. Amazon Polly
B. Amazon Personalize
C. Amazon Comprehend
D. Amazon Rekognition
Question #: 114
Topic #: 1
A company is planning its migration to the AWS Cloud. The company is identifying its capability gaps by using the AWS Cloud Adoption Framework (AWS CAF) perspectives.
Which phase of the cloud transformation journey includes these identification activities?
A. Envision
B. Align
C. Scale
D. Launch
Question #: 115
Topic #: 1
A social media company wants to protect its web application from common web exploits such as SQL injections and cross-site scripting.
Which AWS service will meet these requirements?
A. Amazon Inspector
B. AWS WAF
C. Amazon GuardDuty
D. Amazon CloudWatch
Question #: 116
Topic #: 1
Which fully managed AWS service assists with the creation, testing, and management of custom Amazon EC2 images?
A. EC2 Image Builder
B. Amazon Machine Image (AMI)
C. AWS Launch Wizard
D. AWS Elastic Beanstalk
Question #: 117
Topic #: 1
A company wants an automated process to continuously scan its Amazon EC2 instances for software vulnerabilities.
Which AWS service will meet these requirements?
A. Amazon GuardDuty
B. Amazon Inspector
C. Amazon Detective
D. Amazon Cognito
Question #: 118
Topic #: 1
A company needs to perform data processing once a week that typically takes about 5 hours to complete.
Which AWS service should the company use for this workload?
A. AWS Lambda
B. Amazon EC2
C. AWS CodeDeploy
D. AWS Wavelength
Question #: 119
Topic #: 1
Which AWS service or feature provides log information of the inbound and outbound traffic on network interfaces in a VPC?
A. Amazon CloudWatch Logs
B. AWS CloudTrail
C. VPC Flow Logs
D. AWS Identity and Access Management (IAM)
Question #: 120
Topic #: 1
A company wants to design a centralized storage system to manage the configuration data and passwords for its critical business applications.
Which AWS service or capability will meet these requirements MOST cost-effectively?
A. AWS Systems Manager Parameter Store
B. AWS Secrets Manager
C. AWS Config
D. Amazon S3