CLF-C02 Part 3
Question #: 121
Topic #: 1
A company plans to deploy containers on AWS. The company wants full control of the compute resources that host the containers. Which AWS service will meet these requirements?
A. Amazon Elastic Kubernetes Service (Amazon EKS)
B. AWS Fargate
C. Amazon EC2
D. Amazon Elastic Container Service (Amazon ECS)
Question #: 122
Topic #: 1
Which AWS service or feature allows users to create new AWS accounts, group multiple accounts to organize workflows, and apply policies to groups of accounts?
A. AWS Identity and Access Management (IAM)
B. AWS Trusted Advisor
C. AWS CloudFormation
D. AWS Organizations
Question #: 123
Topic #: 1
A company wants to store and retrieve files in Amazon S3 for its existing on-premises applications by using industry-standard file system protocols.
Which AWS service will meet these requirements?
A. AWS DataSync
B. AWS Snowball Edge
C. Amazon S3 File Gateway
D. AWS Transfer Family
Question #: 124
Topic #: 1
A company wants to block SQL injection attacks.
Which AWS service or feature should the company use to meet this requirement?
A. AWS WAF
B. Network ACLs
C. Security groups
D. AWS Certificate Manager (ACM)
Question #: 125
Topic #: 1
A company wants a unified tool to provide a consistent method to interact with AWS services.
Which AWS service or tool will meet this requirement?
A. AWS CLI
B. Amazon Elastic Container Service (Amazon ECS)
C. AWS Cloud9
D. AWS Virtual Private Network (AWS VPN)
Question #: 126
Topic #: 1
A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance and security.
Which AWS service can the company use to meet these requirements?
A. AWS Shield
B. AWS WAF
C. AWS Trusted Advisor
D. AWS Service Catalog
Question #: 127
Topic #: 1
Which perspective in the AWS Cloud Adoption Framework (AWS CAF) includes capabilities for configuration management and patch management?
A. Platform
B. Operations
C. Security
D. Governance
Question #: 128
Topic #: 1
A company has a compute workload that is steady, predictable, and uninterruptible.
Which Amazon EC2 instance purchasing options meet these requirements MOST cost-effectively? (Choose two.)
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Saving Plans
E. Dedicated Hosts
Question #: 129
Topic #: 1
Which Amazon EC2 pricing model is the MOST cost efficient for an uninterruptible workload that runs once a year for 24 hours?
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Dedicated Instances
Question #: 130
Topic #: 1
Which option is a shared responsibility between AWS and its customers under the AWS shared responsibility model?
A. Configuration of Amazon EC2 instance operating systems
B. Application file system server-side encryption
C. Patch management
D. Security of the physical infrastructure
Question #: 131
Topic #: 1
A company wants to migrate its on-premises workloads to the AWS Cloud. The company wants to separate workloads for chargeback to different departments.
Which AWS services or features will meet these requirements? (Choose two.)
A. Placement groups
B. Consolidated billing
C. Edge locations
D. AWS Config
E. Multiple AWS accounts
Question #: 132
Topic #: 1
Which task is a responsibility of AWS, according to the AWS shared responsibility model?
A. Enable client-side encryption for objects that are stored in Amazon S3.
B. Configure IAM security policies to comply with the principle of least privilege.
C. Patch the guest operating system on an Amazon EC2 instance.
D. Apply updates to the Nitro Hypervisor.
Question #: 133
Topic #: 1
Which option is a benefit of using AWS for cloud computing?
A. Trade variable expense for fixed expense
B. Pay-as-you-go pricing
C. Decreased speed and agility
D. Spending money running and maintaining data centers
Question #: 134
Topic #: 1
Which option is an AWS Cloud Adoption Framework (AWS CAF) business perspective capability?
A. Culture evolution
B. Event management
C. Data monetization
D. Platform architecture
Question #: 135
Topic #: 1
A company is assessing its AWS Business Support plan to determine if the plan still meets the company’s needs. The company is considering switching to AWS Enterprise Support.
Which additional benefit will the company receive with AWS Enterprise Support?
A. A full set of AWS Trusted Advisor checks
B. Phone, email, and chat access to cloud support engineers 24 hours a day, 7 days a week
C. A designated technical account manager (TAM) to assist in monitoring and optimization
D. A consultative review and architecture guidance for the company’s applications
Question #: 136
Topic #: 1
Which pricing model will interrupt a running Amazon EC2 instance if capacity becomes temporarily unavailable?
A. On-Demand Instances
B. Standard Reserved Instances
C. Spot Instances
D. Convertible Reserved Instances
Question #: 137
Topic #: 1
Which options are AWS Cloud Adoption Framework (AWS CAF) security perspective capabilities? (Choose two.)
A. Observability
B. Incident and problem management
C. Incident response
D. Infrastructure protection
E. Availability and continuity
Question #: 138
Topic #: 1
A company wants to run its workload on Amazon EC2 instances for more than 1 year. This workload will run continuously.
Which option offers a discounted hourly rate compared to the hourly rate of On-Demand Instances?
A. AWS Graviton processor
B. Dedicated Hosts
C. EC2 Instance Savings Plans
D. Amazon EC2 Auto Scaling instances
Question #: 139
Topic #: 1
Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?
A. Agility
B. Elasticity
C. Reliability
D. Durability
Question #: 140
Topic #: 1
Which AWS services can a company use to achieve a loosely coupled architecture? (Choose two.)
A. Amazon WorkSpaces
B. Amazon Simple Queue Service (Amazon SQS)
C. Amazon Connect
D. AWS Trusted Advisor
E. AWS Step Functions
Question #: 141
Topic #: 1
Which AWS Cloud service can send alerts to customers if custom spending thresholds are exceeded?
A. AWS Budgets
B. AWS Cost Explorer
C. AWS Cost Allocation Tags
D. AWS Organizations
Question #: 142
Topic #: 1
A company plans to migrate to the AWS Cloud. The company wants to use the AWS Cloud Adoption Framework (AWS CAF) to define and track business outcomes as part of its cloud transformation journey.
Which AWS CAF governance perspective capability will meet these requirements?
A. Benefits management
B. Risk management
C. Application portfolio management
D. Cloud financial management
Question #: 143
Topic #: 1
A company needs to quickly and securely move files over long distances between its client and an Amazon S3 bucket.
Which S3 feature will meet this requirement?
A. S3 Versioning
B. S3 Transfer Acceleration
C. S3ACLs
D. S3 Intelligent-Tiering
Question #: 144
Topic #: 1
A company needs to continuously run an experimental workload on an Amazon EC2 instance and stop the instance after 12 hours.
Which instance purchasing option will meet this requirement MOST cost-effectively?
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Dedicated Instances
Question #: 145
Topic #: 1
A company needs to continuously run an experimental workload on an Amazon EC2 instance and stop the instance after 12 hours.
Which instance purchasing option will meet this requirement MOST cost-effectively?
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Dedicated Instances
Question #: 146
Topic #: 1
Which cloud transformation journey phase of the AWS Cloud Adoption Framework (AWS CAF) focuses on demonstrating how the cloud helps accelerate business outcomes?
A. Scale
B. Envision
C. Align
D. Launch
Question #: 147
Topic #: 1
Which option is a customer responsibility under the AWS shared responsibility model?
A. Maintenance of underlying hardware of Amazon EC2 instances
B. Application data security
C. Physical security of data centers
D. Maintenance of VPC components
Question #: 148
Topic #: 1
A company wants its Amazon EC2 instances to operate in a highly available environment, even if there is a natural disaster in a particular geographic area.
Which approach will achieve this goal?
A. Use EC2 instances in multiple AWS Regions.
B. Use EC2 instances in multiple Amazon CloudFront locations.
C. Use EC2 instances in multiple edge locations.
D. Use EC2 instances in AWS Local Zones.
Question #: 149
Topic #: 1
A company wants to modernize and convert a monolithic application into microservices. The company wants to move the application to AWS.
Which migration strategy should the company use?
A. Rehost
B. Replatform
C. Repurchase
D. Refactor
Question #: 150
Topic #: 1
A systems administrator created a new IAM user for a developer and assigned the user an access key instead of a user name and password. What is the access key used for?
A. To access the AWS account as the AWS account root user
B. To access the AWS account through the AWS Management Console
C. To access the AWS account through a CLI
D. To access all of a company’s AWS accounts
Question #: 151
Topic #: 1
Which option is an environment that consists of one or more data centers?
A. Amazon CloudFront
B. Availability Zone
C. VPC
D. AWS Outposts
Question #: 152
Topic #: 1
A company is moving an on-premises data center to the AWS Cloud. The company must migrate 50 petabytes of file storage data to AWS with the least possible operational overhead.
Which AWS service or resource should the company use to meet these requirements?
A. AWS Snowmobile
B. AWS Snowball Edge
C. AWS Data Exchange
D. AWS Database Migration Service (AWS DMS)
Question #: 153
Topic #: 1
A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops.
Which AWS service will help the company deploy the application without investing in backend infrastructure or high-end client hardware?
A. Amazon AppStream 2.0
B. AWS AppSync
C. Amazon WorkLink
D. AWS Elastic Beanstalk
Question #: 154
Topic #: 1
A company wants to query its server logs to gain insights about its customers’ experiences.
Which AWS service will store this data MOST cost-effectively?
A. Amazon Aurora
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Block Store (Amazon EBS)
D. Amazon S3
Question #: 155
Topic #: 1
Which of the following is a recommended design principle for AWS Cloud architecture?
A. Design tightly coupled components.
B. Build a single application component that can handle all the application functionality.
C. Make large changes on fewer iterations to reduce chances of failure.
D. Avoid monolithic architecture by segmenting workloads.
Question #: 156
Topic #: 1
Which AWS service helps users audit API activity across their AWS account?
A. AWS CloudTrail
B. Amazon Inspector
C. AWS WAF
D. AWS Config
Question #: 157
Topic #: 1
Which task is a customer’s responsibility, according to the AWS shared responsibility model?
A. Management of the guest operating systems
B. Maintenance of the configuration of infrastructure devices
C. Management of the host operating systems and virtualization
D. Maintenance of the software that powers Availability Zones
Question #: 158
Topic #: 1
A company wants to automatically add and remove Amazon EC2 instances. The company wants the EC2 instances to adjust to varying workloads dynamically.
Which service or feature will meet these requirements?
A. Amazon DynamoDB
B. Amazon EC2 Spot Instances
C. AWS Snow Family
D. Amazon EC2 Auto Scaling
Question #: 159
Topic #: 1
A user wants to securely automate the management and rotation of credentials that are shared between applications, while spending the least amount of time on managing tasks.
Which AWS service or feature can be used to accomplish this?
A. AWS CloudHSM
B. AWS Key Management Service (AWS KMS)
C. AWS Secrets Manager
D. Server-side encryption
Question #: 160
Topic #: 1
Which security service automatically recognizes and classifies sensitive data or intellectual property on AWS?
A. Amazon GuardDuty
B. Amazon Macie
C. Amazon Inspector
D. AWS Shield
Question #: 161
Topic #: 1
Which actions are best practices for an AWS account root user? (Choose two.)
A. Share root user credentials with team members.
B. Create multiple root users for the account, separated by environment.
C. Enable multi-factor authentication (MFA) on the root user.
D. Create an IAM user with administrator privileges for daily administrative tasks, instead of using the root user.
E. Use programmatic access instead of the root user and password.
Question #: 162
Topic #: 1
A company is running a critical workload on an Amazon RDS DB instance. The company needs the DB instance to be highly available with a recovery time of less than 5 minutes.
Which solution will meet these requirements?
A. Create a read replica of the DB instance.
B. Create a template of the DB instance by using AWS CloudFormation.
C. Take frequent snapshots of the DB instance. Store the snapshots in Amazon S3.
D. Modify the DB instance to be a Multi-AZ deployment.
Question #: 163
Topic #: 1
A company plans to migrate its application to AWS and run the application on Amazon EC2 instances. The application will have continuous usage for 1 year.
Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?
A. Reserved Instances
B. Spot Instances
C. On-Demand Instances
D. Dedicated Hosts
Question #: 164
Topic #: 1
A company needs to transfer data between an Amazon S3 bucket and an on-premises application.
Who is responsible for the security of this data, according to the AWS shared responsibility model?
A. The company
B. AWS
C. Firewall vendor
D. AWS Marketplace partner
Question #: 165
Topic #: 1
Which pillar of the AWS Well-Architected Framework refers to the ability of a system to recover from infrastructure or service disruptions and dynamically acquire computing resources to meet demand?
A. Security
B. Reliability
C. Performance efficiency
D. Cost optimization
Question #: 166
Topic #: 1
A company wants to identify Amazon S3 buckets that are shared with another AWS account.
Which AWS service or feature will meet these requirements?
A. AWS Lake Formation
B. IAM credential report
C. Amazon CloudWatch
D. IAM Access Analyzer
Question #: 167
Topic #: 1
Which AWS service gives users the ability to build interactive business intelligence dashboards that include machine learning insights?
A. Amazon Athena
B. Amazon Kendra
C. Amazon QuickSight
D. Amazon Redshift
Question #: 168
Topic #: 1
Which of the following is an AWS value proposition that describes a user’s ability to scale infrastructure based on demand?
A. Speed of innovation
B. Resource elasticity
C. Decoupled architecture
D. Global deployment
Question #: 169
Topic #: 1
Which action is a security best practice for access to sensitive data that is stored in an Amazon S3 bucket?
A. Enable S3 Cross-Region Replication (CRR) on the S3 bucket.
B. Use IAM roles for applications that require access to the S3 bucket.
C. Configure AWS WAF to prevent unauthorized access to the S3 bucket.
D. Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket.
Question #: 170
Topic #: 1
A company wants to know more about the benefits offered by cloud computing. The company wants to understand the operational advantage of agility. How does AWS provide agility for users?
A. The ability the ensure high availability by deploying workloads to multiple regions
B. A pay-as-you-go model for many services and resources
C. The ability to transfer infrastructure management to the AWS Cloud
D. The ability to provision and deprovision resources quickly with minimal effort
Question #: 171
Topic #: 1
A company needs a central user portal so that users can log in to third-party business applications that support Security Assertion Markup Language (SAML) 2.0.
Which AWS service will meet this requirement?
A. AWS Identity and Access Management (IAM)
B. Amazon Cognito
C. AWS IAM Identity Center (AWS Single Sign-On)
D. AWS CLI
Question #: 172
Topic #: 1
Which AWS service should users use to learn about AWS service availability and operations?
A. Amazon EventBridge
B. AWS Service Catalog
C. AWS Control Tower
D. AWS Health Dashboard
Question #: 173
Topic #: 1
Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?
A. VPC Flow Logs
B. Amazon Inspector
C. VPC endpoint services
D. NAT gateway
Question #: 174
Topic #: 1
What is the customer ALWAYS responsible for managing, according to the AWS shared responsibility model?
A. Software licenses
B. Networking
C. Customer data
D. Encryption keys
Question #: 175
Topic #: 1
Which AWS service can be used to retrieve compliance reports on demand?
A. AWS Secrets Manager
B. AWS Artifact
C. AWS Security Hub
D. AWS Certificate Manager
Question #: 176
Topic #: 1
Which AWS service enables users to check for vulnerabilities on Amazon EC2 instances by using predefined assessment templates?
A. AWS WAF
B. AWS Trusted Advisor
C. Amazon Inspector
D. AWS Shield
Question #: 177
Topic #: 1
A company plans to migrate to the AWS Cloud. The company is gathering information about its on-premises infrastructure and requires information such as the hostname, IP address, and MAC address.
Which AWS service will meet these requirements?
A. AWS DataSync
B. AWS Application Migration Service
C. AWS Application Discovery Service
D. AWS Database Migration Service (AWS DMS)
Question #: 178
Topic #: 1
Which action will help increase security in the AWS Cloud?
A. Enable programmatic access for all IAM users.
B. Use IAM users instead of IAM roles to delegate permissions.
C. Rotate access keys on a reoccurring basis.
D. Use inline policies instead of customer managed policies.
Question #: 179
Topic #: 1
A company is planning to migrate its application to the AWS Cloud.
Which AWS tool or set of resources should the company use to analyze and assess its readiness for migration?
A. AWS Cloud Adoption Framework (AWS CAF)
B. AWS Pricing Calculator
C. AWS Well-Architected Framework
D. AWS Budgets
Question #: 180
Topic #: 1
Which of the following describes some of the core functionality of Amazon S3?
A. Amazon S3 is a high-performance block storage service that is designed for use with Amazon EC2.
B. Amazon S3 is an object storage service that provides high-level performance, security, scalability, and data availability.
C. Amazon S3 is a fully managed, highly reliable, and scalable file storage system that is accessible over the industry-standard SMB protocol.
D. Amazon S3 is a scalable, fully managed elastic NFS for use with AWS Cloud services and on-premises resources.