CLF-C02 Part 4
Question #: 181
Topic #: 1
Which AWS benefit is demonstrated by on-demand technology services that enable companies to replace upfront fixed expenses with variable expenses?
A. High availability
B. Economies of scale
C. Pay-as-you-go pricing
D. Global reach
Question #: 182
Topic #: 1
Which AWS services or features enable users to connect on-premises networks to a VPC? (Choose two.)
A. AWS VPN
B. Elastic Load Balancing
C. AWS Direct Connect
D. VPC peering
E. Amazon CloudFront
Question #: 183
Topic #: 1
A user needs to quickly deploy a nonrelational database on AWS. The user does not want to manage the underlying hardware or the database software.
Which AWS service can be used to accomplish this?
A. Amazon RDS
B. Amazon DynamoDB
C. Amazon Aurora
D. Amazon Redshift
Question #: 184
Topic #: 1
Which actions are examples of a company’s effort to rightsize its AWS resources to control cloud costs? (Choose two.)
A. Switch from Amazon RDS to Amazon DynamoDB to accommodate NoSQL datasets.
B. Base the selection of Amazon EC2 instance types on past utilization patterns.
C. Use Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers.
D. Use Multi-AZ deployments for Amazon RDS.
E. Replace existing Amazon EC2 instances with AWS Elastic Beanstalk.
Question #: 185
Topic #: 1
Which AWS service or feature can a company use to apply security rules to specific Amazon EC2 instances?
A. Network ACLs
B. Security groups
C. AWS Trusted Advisor
D. AWS WAF
Question #: 186
Topic #: 1
Which design principles support the reliability pillar of the AWS Well-Architected Framework? (Choose two.)
A. Perform operations as code.
B. Enable traceability.
C. Automatically scale to meet demand.
D. Deploy resources globally to improve response time.
E. Automatically recover from failure.
Question #: 187
Topic #: 1
A company that uses AWS needs to transfer 2 TB of data.
Which type of transfer of that data would result in no cost for the company?
A. Inbound data transfer from the internet
B. Outbound data transfer to the internet
C. Data transfer between AWS Regions
D. Data transfer between Availability Zones
Question #: 188
Topic #: 1
A company wants to create templates that the company can reuse to deploy multiple AWS resources.
Which AWS service or feature can the company use to meet this requirement?
A. AWS Marketplace
B. Amazon Machine Image (AMI)
C. AWS CloudFormation
D. AWS OpsWorks
Question #: 189
Topic #: 1
A company is building an application that requires the ability to send, store, and receive messages between application components. The company has another requirement to process messages in first-in, first-out (FIFO) order.
Which AWS service should the company use?
A. AWS Step Functions
B. Amazon Simple Notification Service (Amazon SNS)
C. Amazon Kinesis Data Streams
D. Amazon Simple Queue Service (Amazon SQS)
Question #: 190
Topic #: 1
Which AWS service or feature is a browser-based, pre-authenticated service that can be launched directly from the AWS Management Console?
A. AWS API
B. AWS Lightsail
C. AWS Cloud9
D. AWS CloudShell
Question #: 191
Topic #: 1
A company wants to migrate its database to a managed AWS service that is compatible with PostgreSQL.
Which AWS services will meet these requirements? (Choose two.)
A. Amazon Athena
B. Amazon RDS
C. Amazon EC2
D. Amazon DynamoDB
E. Amazon Aurora
Question #: 192
Topic #: 1
A company has a fleet of cargo ships. The cargo ships have sensors that collect data at sea, where there is intermittent or no internet connectivity. The company needs to collect, format, and process the data at sea and move the data to AWS later.
Which AWS service should the company use to meet these requirements?
A. AWS IoT Core
B. Amazon Lightsail
C. AWS Storage Gateway
D. AWS Snowball Edge
Question #: 193
Topic #: 1
A company hosts an application on multiple Amazon EC2 instances. The application uses Amazon Simple Notification Service (Amazon SNS) to send messages.
Which AWS service or feature will give the application permission to access required AWS services?
A. AWS Certificate Manager (ACM)
B. IAM roles
C. AWS Security Hub
D. Amazon GuardDuty
Question #: 194
Topic #: 1
A user has limited knowledge of AWS services, but wants to quickly deploy a scalable Node.js application in the AWS Cloud.
Which service should be used to deploy the application?
A. AWS CloudFormation
B. AWS Elastic Beanstalk
C. Amazon EC2
D. AWS OpsWorks
Question #: 195
Topic #: 1
A company needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer speeds.
Which AWS service meets these requirements?
A. Amazon CloudFront
B. Elastic Load Balancing
C. Amazon S3
D. Amazon Elastic Transcoder
Question #: 196
Topic #: 1
A company needs to use third-party software for its workload on AWS.
Which AWS service or feature can the company use to purchase the software?
A. AWS Resource Access Manager
B. AWS Managed Services
C. AWS License Manager
D. AWS Marketplace
Question #: 197
Topic #: 1
A company needs fully managed, highly reliable, and scalable file storage that is accessible over the Server Message Block (SMB) protocol.
Which AWS service will meet these requirements?
A. Amazon S3
B. Amazon Elastic File System (Amazon EFS)
C. Amazon FSx for Windows File Server
D. Amazon Elastic Block Store (Amazon EBS)
Question #: 198
Topic #: 1
A company needs to centrally configure and manage Amazon VPC security groups across multiple AWS accounts within an organization in AWS Organizations.
Which AWS service should the company use to meet these requirements?
A. AWS Firewall Manager
B. Amazon GuardDuty
C. Amazon Detective
D. AWS WAF
Question #: 199
Topic #: 1
Which task is a responsibility of AWS, according to the AWS shared responsibility model?
A. Configure identity and access management for applications.
B. Manage encryption options for data that is stored on AWS.
C. Configure security groups for Amazon EC2 instances.
D. Maintain the physical hardware of the infrastructure.
Question #: 200
Topic #: 1
A company has an Amazon EC2 instance in a private subnet. The company wants to initiate a connection to the internet to pull operating system updates while preventing traffic from the internet from accessing the EC2 instance.
Which AWS managed service allows this?
A. VPC endpoint
B. NAT gateway
C. Amazon PrivateLink
D. VPC peering
Question #: 201
Topic #: 1
Which actions are the responsibility of AWS, according to the AWS shared responsibility model? (Choose two.)
A. Securing the virtualization layer
B. Patching the operating system on Amazon EC2 instances
C. Enforcing a strict password policy for IAM users
D. Patching the operating system on Amazon RDS instances
E. Configuring security groups and network ACLs
Question #: 202
Topic #: 1
A company is storing data that will not be frequently accessed in the AWS Cloud. If the company needs to access the data, the data needs to be retrieved within 12 hours. The company wants a solution that is cost-effective for storage costs for each gigabyte.
Which Amazon S3 storage class will meet these requirements?
A. S3 Standard
B. S3 Glacier Flexible Retrieval
C. S3 One Zone-Infrequent Access (S3 One Zone-IA)
D. S3 Standard-Infrequent Access (S3 Standard-IA)
Question #: 203
Topic #: 1
Which AWS service or resource can be used to identify services that have been used by a user within a specified date range?
A. Amazon S3 access control lists (ACLs)
B. AWS Certificate Manager (ACM)
C. Network Access Analyzer
D. AWS Identity and Access Management Access Analyzer
Question #: 204
Topic #: 1
A company needs to engage third-party consultants to help maintain and support its AWS environment and the company’s business needs.
Which AWS service or resource will meet these requirements?
A. AWS Support
B. AWS Organizations
C. AWS Service Catalog
D. AWS Partner Network (APN)
Question #: 205
Topic #: 1
A company wants to create Amazon QuickSight dashboards every week by using its billing data.
Which AWS feature or tool can the company use to meet these requirements?
A. AWS Budgets
B. AWS Cost Explorer
C. AWS Cost and Usage Report
D. AWS Cost Anomaly Detection
Question #: 206
Topic #: 1
A company is planning to move data backups to the AWS Cloud. The company needs to replace on-premises storage with storage that is cloud-based but locally cached.
Which AWS service meets these requirements?
A. AWS Storage Gateway
B. AWS Snowcone
C. AWS Backup
D. Amazon Elastic File System (Amazon EFS)
Question #: 207
Topic #: 1
A company needs to organize its resources and track AWS costs on a detailed level. The company needs to categorize costs by business department, environment, and application.
Which solution will meet these requirements?
A. Access the AWS Cost Management console to organize resources, set an AWS budget, and receive notifications of unintentional usage.
B. Use tags to organize the resources. Activate cost allocation tags to track AWS costs on a detailed level.
C. Create Amazon CloudWatch dashboards to visually organize and track costs individually.
D. Access the AWS Billing and Cost Management dashboard to organize and track resource consumption on a detailed level.
Question #: 208
Topic #: 1
A company needs to plan, schedule, and run hundreds of thousands of computing jobs on AWS.
Which AWS service can the company use to meet this requirement?
A. AWS Step Functions
B. AWS Service Catalog
C. Amazon Simple Queue Service (Amazon SQS)
D. AWS Batch
Question #: 209
Topic #: 1
Which AWS services or features provide high availability and low latency by enabling failover across different AWS Regions? (Choose two.)
A. Amazon Route 53
B. Network Load Balancer
C. Amazon S3 Transfer Acceleration
D. AWS Global Accelerator
E. Application Load Balancer
Question #: 210
Topic #: 1
Which of the following is a way to use Amazon EC2 Auto Scaling groups to scale capacity in the AWS Cloud?
A. Scale the number of EC2 instances in or out automatically, based on demand.
B. Use serverless EC2 instances.
C. Scale the size of EC2 instances up or down automatically, based on demand.
D. Transfer unused CPU resources between EC2 instances.
Question #: 211
Topic #: 1
Which abilities are benefits of the AWS Cloud? (Choose two.)
A. Trade variable expenses for capital expenses.
B. Deploy globally in minutes.
C. Plan capacity in advance of deployments.
D. Take advantage of economies of scale.
E. Reduce dependencies on network connectivity.
Question #: 212
Topic #: 1
Which AWS security service protects applications from distributed denial of service attacks with always-on detection and automatic inline mitigations?
A. Amazon Inspector
B. AWS Web Application Firewall (AWS WAF)
C. Elastic Load Balancing (ELB)
D. AWS Shield
Question #: 213
Topic #: 1
Which AWS service allows users to model and provision AWS resources using common programming languages?
A. AWS CloudFormation
B. AWS CodePipeline
C. AWS Cloud Development Kit (AWS CDK)
D. AWS Systems Manager
Question #: 214
Topic #: 1
Which Amazon EC2 instance pricing model can provide discounts of up to 90%?
A. Reserved Instances
B. On-Demand
C. Dedicated Hosts
D. Spot Instances
Question #: 215
Topic #: 1
Which of the following acts as an instance-level firewall to control inbound and outbound access?
A. Network access control list
B. Security groups
C. AWS Trusted Advisor
D. Virtual private gateways
Question #: 216
Topic #: 1
A company must be able to develop, test, and launch an application in the AWS Cloud quickly.
Which advantage of cloud computing will meet these requirements?
A. Stop guessing capacity
B. Trade fixed expense for variable expense
C. Achieve economies of scale
D. Increase speed and agility
Question #: 217
Topic #: 1
A company has teams that have different job roles and responsibilities. The company’s employees often change teams. The company needs to manage permissions for the employees so that the permissions are appropriate for the job responsibilities.
Which IAM resource should the company use to meet this requirement with the LEAST operational overhead?
A. IAM user groups
B. IAM roles
C. IAM instance profiles
D. IAM policies for individual users
Question #: 218
Topic #: 1
Which AWS service can a company use to securely store and encrypt passwords for a database?
A. AWS Shield
B. AWS Secrets Manager
C. AWS Identity and Access Management (IAM)
D. Amazon Cognito
Question #: 219
Topic #: 1
What can a cloud practitioner use to retrieve AWS security and compliance documents and submit them as evidence to an auditor or regulator?
A. AWS Certificate Manager
B. AWS Systems Manager
C. AWS Artifact
D. Amazon Inspector
Question #: 220
Topic #: 1
Which encryption types can be used to protect objects at rest in Amazon S3? (Choose two.)
A. Server-side encryption with Amazon S3 managed encryption keys (SSE-S3)
B. Server-side encryption with AWS KMS managed keys (SSE-KMS)
C. TLS
D. SSL
E. Transparent Data Encryption (TDE)
Question #: 221
Topic #: 1
A company wants to integrate its online shopping website with social media login credentials.
Which AWS service can the company use to make this integration?
A. AWS Directory Service
B. AWS Identity and Access Management (IAM)
C. Amazon Cognito
D. AWS IAM Identity Center (AWS Single Sign-On)
Question #: 222
Topic #: 1
Which AWS service is used to track, record, and audit configuration changes made to AWS resources?
A. AWS Shield
B. AWS Config
C. AWS IAM
D. Amazon Inspector
Question #: 223
Topic #: 1
A customer runs an On-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes, and 6 seconds.
For how much time will the customer be billed?
A. 3 hours, 5 minutes
B. 3 hours, 5 minutes, and 6 seconds
C. 3 hours, 6 minutes
D. 4 hours
Question #: 224
Topic #: 1
A company website is experiencing DDoS attacks.
Which AWS service can help protect the company website against these attacks?
A. AWS Resource Access Manager
B. AWS Amplify
C. AWS Shield
D. Amazon GuardDuty
Question #: 225
Topic #: 1
A company wants a customized assessment of its current on-premises environment. The company wants to understand its projected running costs in the AWS Cloud.
Which AWS service or tool will meet these requirements?
A. AWS Trusted Advisor
B. Amazon Inspector
C. AWS Control Tower
D. Migration Evaluator
Question #: 226
Topic #: 1
A company that has multiple business units wants to centrally manage and govern its AWS Cloud environments. The company wants to automate the creation of AWS accounts, apply service control policies (SCPs), and simplify billing processes.
Which AWS service or tool should the company use to meet these requirements?
A. AWS Organizations
B. Cost Explorer
C. AWS Budgets
D. AWS Trusted Advisor
Question #: 227
Topic #: 1
A company is hosting an application in the AWS Cloud. The company wants to verify that underlying AWS services and general AWS infrastructure are operating normally.
Which combination of AWS services can the company use to gather the required information? (Choose two.)
A. AWS Personal Health Dashboard
B. AWS Systems Manager
C. AWS Trusted Advisor
D. AWS Service Health Dashboard
E. AWS Service Catalog
Question #: 228
Topic #: 1
A company needs to migrate a PostgreSQL database from on-premises to Amazon RDS.
Which AWS service or tool should the company use to meet this requirement?
A. Cloud Adoption Readiness Tool
B. AWS Migration Hub
C. AWS Database Migration Service (AWS DMS)
D. AWS Application Migration Service
Question #: 229
Topic #: 1
Which cloud concept is demonstrated by using AWS Compute Optimizer?
A. Security validation
B. Rightsizing
C. Elasticity
D. Global reach
Question #: 230
Topic #: 1
A company hosts a large amount of data in AWS. The company wants to identify if any of the data should be considered sensitive.
Which AWS service will meet the requirement?
A. Amazon Inspector
B. Amazon Macie
C. AWS Identity and Access Management (IAM)
D. Amazon CloudWatch
Question #: 231
Topic #: 1
A user has a stateful workload that will run on Amazon EC2 for the next 3 years.
What is the MOST cost-effective pricing model for this workload?
A. On-Demand Instances
B. Reserved Instances
C. Dedicated Instances
D. Spot Instances
Question #: 232
Topic #: 1
Who enables encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?
A. AWS Support
B. AWS customers
C. AWS Key Management Service (AWS KMS)
D. AWS Trusted Advisor
Question #: 233
Topic #: 1
What can a user accomplish using AWS CloudTrail?
A. Generate an IAM user credentials report.
B. Record API calls made to AWS services.
C. Assess the compliance of AWS resource configurations with policies and guidelines.
D. Ensure that Amazon EC2 instances are patched with the latest security updates.
Question #: 234
Topic #: 1
A company is planning to host its workloads on AWS.
Which AWS service requires the company to update and patch the guest operating system?
A. Amazon DynamoDB
B. Amazon S3
C. Amazon EC2
D. Amazon Aurora
Question #: 235
Topic #: 1
Which AWS service or feature will search for and identify AWS resources that are shared externally?
A. Amazon OpenSearch Service
B. AWS Control Tower
C. AWS IAM Access Analyzer
D. AWS Fargate
Question #: 236
Topic #: 1
A company is migrating its workloads to the AWS Cloud. The company must retain full control of patch management for the guest operating systems that host its applications.
Which AWS service should the company use to meet these requirements?
A. Amazon DynamoDB
B. Amazon EC2
C. AWS Lambda
D. Amazon RDS
Question #: 237
Topic #: 1
At what support level do users receive access to a support concierge?
A. Basic Support
B. Developer Support
C. Business Support
D. Enterprise Support
Question #: 238
Topic #: 1
Which AWS service can a company use to visually design and build serverless applications?
A. AWS Lambda
B. AWS Batch
C. AWS Application Composer
D. AWS App Runner
Question #: 239
Topic #: 1
A company wants to migrate to AWS and use the same security software it uses on premises. The security software vendor offers its security software as a service on AWS.
Where can the company purchase the security solution?
A. AWS Partner Solutions Finder
B. AWS Support Center
C. AWS Management Console
D. AWS Marketplace
Question #: 240
Topic #: 1
A company has deployed an Amazon EC2 instance.
Which option is an AWS responsibility under the AWS shared responsibility model?
A. Managing and encrypting application data
B. Installing updates and security patches of guest operating system
C. Configuration of infrastructure devices
D. Configuration of security groups on each instance