AWS Certified Cloud Practitioner CLF-C02 → CLF-C02 Part 3

CLF-C02 Part 3

1. Which principles are used to architect applications for reliability on the AWS Cloud? (Choose two.)

A. Design for automated failure recovery
B. Use multiple Availability Zones
C. Manage changes via documented processes
D. Test for moderate demand to ensure reliability
E. Backup recovery to an on-premises environment

2. What tasks should a customer perform when that customer suspects an AWS account has been compromised? (Choose two.)

A. Rotate passwords and access keys.
B. Remove MFA tokens.
C. Move resources to a different AWS Region.
D. Delete AWS CloudTrail Resources.
E. Contact AWS Support.

3. What is an example of high availability in the AWS Cloud?

A. Consulting AWS technical support at any time day or night
B. Ensuring an application remains accessible, even if a resource fails
C. Making any AWS service available for use by paying on demand
D. Deploying in any part of the world using AWS Regions

4. Which AWS security service protects applications from distributed denial of service attacks with always-on detection and automatic inline mitigations?

A. Amazon Inspector
B. AWS Web Application Firewall (AWS WAF)
C. Elastic Load Balancing (ELB)
D. AWS Shield

5. A company wants to monitor the CPU usage of its Amazon EC2 resources.
Which AWS service should the company use?

A. AWS CloudTrail
B. Amazon CloudWatch
C. AWS Cost and Usage report
D. Amazon Simple Notification Service (Amazon SNS)

6. What is an AWS Identity and Access Management (IAM) role?

A. A user associated with an AWS resource
B. A group associated with an AWS resource
C. An entity that defines a set of permissions for use with an AWS resource
D. An authentication credential associated with a multi-factor authentication (MFA) token

7. What are the advantages of Reserved Instances? (Choose two.)

A. They provide a discount over on-demand pricing.
B. They provide access to additional instance types.
C. They provide additional networking capability.
D. Customers can upgrade instances as new types become available.
E. Customers can reserve capacity in an Availability Zone.

8. How do Amazon EC2 Auto Scaling groups help achieve high availability for a web application?

A. They automatically add more instances across multiple AWS Regions based on global demand of the application.
B. They automatically add or replace instances across multiple Availability Zones when the application needs it.
C. They enable the application’s static content to reside closer to end users.
D. They are able to distribute incoming requests across a tier of web server instances.

9. How can one AWS account use Reserved Instances from another AWS account?

A. By using Amazon EC2 Dedicated Instances
B. By using AWS Organizations consolidated billing
C. By using the AWS Cost Explorer tool
D. By using AWS Budgets

10. A customer runs an On-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes, and 6 seconds.
For how much time will the customer be billed?

A. 3 hours, 5 minutes
B. 3 hours, 5 minutes, and 6 seconds
C. 3 hours, 6 minutes
D. 4 hours

11. Which of the following AWS services provide compute resources? (Choose two.)

A. AWS Lambda
B. Amazon Elastic Container Service (Amazon ECS)
C. AWS CodeDeploy
D. Amazon Glacier
E. AWS Organizations

12. Which AWS service enables users to deploy infrastructure as code by automating the process of provisioning resources?

A. Amazon GameLift
B. AWS CloudFormation
C. AWS Data Pipeline
D. AWS Glue

13. Which AWS services provide a way to extend an on-premises architecture to the AWS Cloud? (Choose two.)

A. Amazon EBS
B. AWS Direct Connect
C. Amazon CloudFront
D. AWS Storage Gateway
E. Amazon Connect

14. Which of the following allows users to provision a dedicated network connection from their internal network to AWS?

A. AWS CloudHSM
B. AWS Direct Connect
C. AWS VPN
D. Amazon Connect

15. Which services use AWS edge locations? (Choose two.)

A. Amazon CloudFront
B. AWS Shield
C. Amazon EC2
D. Amazon RDS
E. Amazon ElastiCache

16. Which service would provide network connectivity in a hybrid architecture that includes the AWS Cloud?

A. Amazon VPC
B. AWS Direct Connect
C. AWS Directory Service
D. Amazon API Gateway

17. Which tool can be used to compare the costs of running a web application in a traditional hosting environment to running it on AWS?

A. AWS Cost Explorer
B. AWS Budgets
C. AWS Cost and Usage report
D. AWS Total Cost of Ownership (TCO) Calculator

18. What is the value of using third-party software from AWS Marketplace instead of installing third-party software on Amazon EC2? (Choose two.)

A. Users pay for software by the hour or month depending on licensing.
B. AWS Marketplace enables the user to launch applications with 1-Click.
C. AWS Marketplace data encryption is managed by a third-party vendor.
D. AWS Marketplace eliminates the need to upgrade to newer software versions.
E. Users can deploy third-party software without testing.

19. Which of the following is a cloud architectural design principle?

A. Scale up, not out.
B. Loosely couple components.
C. Build monolithic systems.
D. Use commercial database software.

20. Under the shared responsibility model; which of the following areas are the customer’s responsibility? (Choose two.)

A. Firmware upgrades of network infrastructure
B. Patching of operating systems
C. Patching of the underlying hypervisor
D. Physical security of data centers
E. Configuration of the security group

21. Which service enables customers to audit and monitor changes in AWS resources?

A. AWS Trusted Advisor
B. Amazon GuardDuty
C. Amazon Inspector
D. AWS Config

22. Which AWS service identifies security groups that allow unrestricted access to a user’s AWS resources?

A. AWS CloudTrail
B. AWS Trusted Advisor
C. Amazon CloudWatch
D. Amazon Inspector

23. According to the AWS shared responsibility model, who is responsible for configuration management?

A. It is solely the responsibility of the customer.
B. It is solely the responsibility of AWS.
C. It is shared between AWS and the customer.
D. It is not part of the AWS shared responsibility model.

24. Which AWS service is a content delivery network that securely delivers data, video, and applications to users globally with low latency and high speeds?

A. AWS CloudFormation
B. AWS Direct Connect
C. Amazon CloudFront
D. Amazon Pinpoint

25. Which benefit of the AWS Cloud supports matching the supply of resources with changing workload demands?

A. Security
B. Reliability
C. Elasticity
D. High availability

26. A user is running an application on AWS and notices that one or more AWS-owned IP addresses is involved in a distributed denial-of-service (DDoS) attack. Who should the user contact FIRST about this situation?

A. AWS Premium Support
B. AWS Technical Account Manager
C. AWS Solutions Architect
D. AWS Abuse team

27. Which of the following are benefits of hosting infrastructure in the AWS Cloud? (Choose two.)

A. There are no upfront commitments.
B. AWS manages all security in the cloud.
C. Users have the ability to provision resources on demand.
D. Users have access to free and unlimited storage.
E. Users have control over the physical infrastructure.

28. What AWS service would be used to centrally manage AWS access policies across multiple accounts?

A. AWS Service Catalog
B. AWS Config
C. AWS Trusted Advisor
D. AWS Organizations

29. What is AWS Trusted Advisor?

A. It is an AWS staff member who provides recommendations and best practices on how to use AWS.
B. It is a network of AWS partners who provide recommendations and best practices on how to use AWS.
C. It is an online tool with a set of automated checks that provides recommendations on cost optimization, performance, and security.
D. It is another name for AWS Technical Account Managers who provide recommendations on cost optimization, performance, and security.

30. Which AWS service or feature allows a company to visualize, understand, and manage AWS costs and usage over time?

A. AWS Budgets
B. AWS Cost Explorer
C. AWS Organizations
D. Consolidated billing

31. Which AWS service offers on-demand access to AWS security and compliance reports?

A. AWS CloudTrail
B. AWS Artifact
C. AWS Health
D. Amazon CloudWatch

32. Which AWS services can host a Microsoft SQL Server database? (Select TWO.)

A. Amazon EC2
B. Amazon Relational Database Service (Amazon RDS)
C. Amazon Aurora
D. Amazon Redshift
E. Amazon S3

33. Which AWS characteristics make AWS cost effective for a workload with dynamic user demand? (Select TWO.)

A. High availability
B. Shared security model
C. Elasticity
D. Pay-as-you-go pricing
E. Reliability

34. Which of the following are characteristics of Amazon S3? (Select TWO.)

A. A global file system
B. An object store
C. A local file store
D. A network file system
E. A durable storage system

35. Which services can be used across hybrid AWS Cloud architectures? (Select TWO.)

A. Amazon Route 53
B. Virtual Private Gateway
C. Classic Load Balancer
D. Auto Scaling
E. Amazon CloudWatch default metrics

36. Which AWS tools assist with estimating costs? (Select three.)

A. Detailed billing report
B. Cost allocation tags
C. AWS Simple Monthly Calculator
D. AWS Total Cost of Ownership (TCO) Calculator
E. Cost Estimator

37. AWS supports which of the following methods to add security to Identity and Access Management (IAM) users? (Select TWO.)

A. Implementing Amazon Rekognition
B. Using AWS Shield-protected resources
C. Blocking access with Security Groups
D. Using Multi-Factor Authentication (MFA)
E. Enforcing password strength and expiration

38. Which AWS services should be used for read/write of constantly changing data? (Select TWO.)

A. Amazon Glacier
B. Amazon RDS
C. AWS Snowball
D. Amazon Redshift
E. Amazon EFS

39. Which of the following are features of Amazon CloudWatch Logs? (Select TWO.)

A. Summaries by Amazon Simple Notification Service (Amazon SNS)
B. Free Amazon Elasticsearch Service analytics
C. Provided at no charge
D. Real-time monitoring
E. Adjustable retention

40. Which of the following are valid ways for a customer to interact with AWS services? (Select TWO.)

A. Command line interface
B. On-premises
C. Software Development Kits
D. Software-as-a-service
E. Hybrid

41. Which of the following AWS services can be used to serve large amounts of online video content with the lowest possible latency? (Select TWO.)

A. AWS Storage Gateway
B. Amazon S3
C. Amazon Elastic File System (EFS)
D. Amazon Glacier
E. Amazon CloudFront

42. Which of the following security-related services does AWS offer? (Select TWO.)

A. Multi-factor authentication physical tokens
B. AWS Trusted Advisor security checks
C. Data encryption
D. Automated penetration testing
E. Amazon S3 copyrighted content detection

43. Which of the following are categories of AWS Trusted Advisor? (Select TWO.)

A. Fault Tolerance
B. Instance Usage
C. Infrastructure
D. Performance
E. Storage Capacity

44. Which of the following services could be used to deploy an application to servers running on-premises? (Select TWO.)

A. AWS Elastic Beanstalk
B. AWS OpsWorks
C. AWS CodeDeploy
D. AWS Batch
E. AWS X-Ray

45. Which design principles for cloud architecture are recommended when re-architecting a large monolithic application? (Select TWO.)

A. Use manual monitoring.
B. Use fixed servers.
C. Implement loose coupling.
D. Rely on individual components.
E. Design for scalability.

46. Which AWS services are defined as global instead of regional? (Select TWO.)

A. Amazon Route 53
B. Amazon EC2
C. Amazon S3
D. Amazon CloudFront
E. Amazon DynamoDB

47. The financial benefits of using AWS are: (Select TWO.)

A. reduced Total Cost of Ownership (TCO).
B. increased capital expenditure (capex).
C. reduced operational expenditure (opex).
D. deferred payment plans for startups.
E. business credit lines for stratups.

48. Which of the following can an AWS customer use to launch a new Amazon Relational Database Service (Amazon RDS) cluster? (Select TWO.)

A. AWS Concierge
B. AWS CloudFormation
C. Amazon Simple Storage Service (Amazon S3)
D. Amazon EC2 Auto Scaling
E. AWS Management Console

49. Which of the following security measures protect access to an AWS account? (Select TWO.)

A. Enable AWS CloudTrail.
B. Grant least privilege access to IAM users.
C. Create one IAM user and share with many developers and users.
D. Enable Amazon CloudFront.
E. Activate multi-factor authentication (MFA) for privileged users.

50. Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Select TWO.)

A. AWS Trusted Advisor
B. AWS Online Tech Talks
C. AWS Blog
D. AWS Forums
E. AWS Classroom Training

51. Which of the following features can be configured through the Amazon Virtual Private Cloud (Amazon VPC) Dashboard? (Select TWO.)

A. Amazon CloudFront distributions
B. Amazon Route 53
C. Security Groups
D. Subnets
E. Elastic Load Balancing

52. Which AWS services can be used to gather information about AWS account activity? (Select TWO.)

A. Amazon CloudFront
B. AWS Cloud9
C. AWS CloudTrail
D. AWS CloudHSM
E. Amazon CloudWatch

53. Which of the following common IT tasks can AWS cover to free up company IT resources? (Select TWO.)

A. Patching databases software
B. Testing application releases
C. Backing up databases
D. Creating database schema
E. Running penetration tests

54. What can AWS edge locations be used for? (Select TWO.)

A. Hosting applications
B. Delivering content closer to users
C. Running NoSQL database caching services
D. Reducing traffic on the server by caching responses
E. Sending notification messages to end users

55. Access keys in AWS Identity and Access Management (IAM) are used to:

A. log in to the AWS Management Console.
B. make programmatic calls to AWS from AWS APIs.
C. log in to Amazon EC2 instances.
D. authenticate to AWS CodeCommit repositories.

56. What are the benefits of using the AWS Cloud for companies with customers in many countries around the world? (Choose two.)

A. Companies can deploy applications in multiple AWS Regions to reduce latency.
B. Amazon Translate automatically translates third-party website interfaces into multiple languages.
C. Amazon CloudFront has multiple edge locations around the world to reduce latency.
D. Amazon Comprehend allows users to build applications that can respond to user requests in many languages.
E. Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the world, which reduces latency.

57. Which AWS service handles the deployment details of capacity provisioning, load balancing, Auto Scaling, and application health monitoring?

A. AWS Config
B. AWS Elastic Beanstalk
C. Amazon Route 53
D. Amazon CloudFront

58. Which AWS service provides inbound and outbound network ACLs to harden external connectivity to Amazon EC2?

A. AWS IAM
B. Amazon Connect
C. Amazon VPC
D. Amazon API Gateway

59. When a company provisions web servers in multiple AWS Regions, what is being increased?

A. Coupling
B. Availability
C. Security
D. Durability

60. The pay-as-you-go pricing model for AWS services:

A. reduces capital expenditures.
B. requires payment up front for AWS services.
C. is relevant only for Amazon EC2, Amazon S3, and Amazon RDS.
D. reduces operational expenditures.

Cart

Actual Exam Questions

Protect Your System: Understanding CVE-2024-3400 Zero-Day Vulnerability

AWS Certified Cloud Practitioner CLF-C02 Exam Part 6

Cart