Which Amazon EC2 instance purchasing option must the company use for this license type?
A. Reserved Instances B. Dedicated Hosts C. Spot Instances D. Dedicated Instances
B. Dedicated Hosts
Explanation/Reference:
B. Dedicated Hosts.
Dedicated Hosts ?Pay for a physical host that is fully dedicated to running your instances, and bring your existing per-socket, per-core, or per-VM software licenses to reduce costs.
Question 1123:
Which of the following are categories of AWS Trusted Advisor? (Choose two.)
A. Fault Tolerance B. Instance Usage C. Infrastructure D. Performance E. Storage Capacity
A. Fault Tolerance D. Performance
Explanation/Reference:
Like your customized cloud expert, AWS Trusted Advisor analyzes your AWS environment and provides best practice recommendations in five categories: cost optimization, performance, security, fault tolerance and service limits. Reference: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/
Question 1124:
Which AWS service monitors AWS accounts for security threats?
A. Amazon GuardDuty B. AWS Secrets Manager C. Amazon Cognito D. AWS Certificate Manager (ACM)
A. Amazon GuardDuty
Question 1125:
A company wants its Amazon EC2 instances to provide a low-latency static website to global users.
What should the company do to meet this requirement?
A. Use the EC2 instances in multiple edge locations. B. Use an Application Load Balancer with the EC2 instances configured as the target. C. Use the EC2 instances in the same Availability Zone but in different AWS Regions. D. Use Amazon Cloud Front with the EC2 instances configured as the source.
D. Use Amazon Cloud Front with the EC2 instances configured as the source.
Question 1126:
Which component must be attached to a VPC to enable inbound Internet access?
A. NAT gateway B. VPC endpoint C. VPN connection D. Internet gateway
Which AWS services allow users to monitor and retain records of account activities that include governance, compliance, and auditing? (Choose two.)
A. Amazon CloudWatch B. AWS CloudTrail C. Amazon GuardDuty D. AWS Shield E. AWS WAF
B. AWS CloudTrail C. Amazon GuardDuty
Explanation/Reference:
B and C AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of AWS account activities. It records account activity and event history in AWS, and delivers this information to customers as log files. Amazon GuardDuty is a threat detection service that continuously monitors AWS accounts for malicious activity and unauthorized behavior, and delivers findings to customers as alerts. It also provides detailed event data that can be used for
compliance and auditing purposes.
Question 1128:
A Cloud Practitioner needs a consistent and dedicated connection between AWS resources and an on-premises system. Which AWS service can fulfill this requirement?
A. AWS Direct Connect B. AWS VPN C. Amazon Connect D. AWS Data Pipeline
A. AWS Direct Connect
Explanation/Reference:
You can use AWS Direct Connect to establish a private virtual interface from your on-premise network directly to your Amazon VPC, providing you with a private, high bandwidth network connection between your network and your VPC. With multiple virtual interfaces, you can even establish private connectivity to multiple VPCs while maintaining network isolation.
Reference: https://aws.amazon.com/directconnect/
Question 1129:
A customer is deploying a new application and needs to choose an AWS Region. Which of the following factors could influence the customer's decision? (Choose two.)
A. Reduced latency to users B. The application's presentation in the local language C. Data sovereignty compliance D. Cooling costs in hotter climates E. Proximity to the customer's office for on-site visits
A. Reduced latency to users C. Data sovereignty compliance
Question 1130:
A developer has created a web API that uses Amazon Elastic Container Service (Amazon ECS) and an Application Load Balancer (ALB) An Amazon CloudFront distribution uses the API as an origin for web clients The application has received millions of requests with a JSON Web Token (JWT) that is not valid in the authorization header The developer has scaled out the application to handle the unauthenticated requests.
What should the developer do to reduce the number of unauthenticated requests to the API?
A. Add a request routing rule to the ALB to return a 401 status code if the authorization header is missing B. Add a container to the ECS task definition to validate JWTs Set the new container as a dependency of the application container C. Create a CloudFront function for the distribution Use the crypto module in the function to validate the JWT D. Add a custom authorizer for AWS Lambda to the CloudFront distribution to validate the JWT
D. Add a custom authorizer for AWS Lambda to the CloudFront distribution to validate the JWT
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your CLF-C01 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.