Which AWS service or tool provides a visualization of historical AWS spending patterns and projections of future AWS costs?
A. AWS Cost and Usage Report B. AWS Budgets C. Cost Explorer D. Amazon CloudWatch
C. Cost Explorer
Question 1383:
What are some advantages of using Amazon EC2 instances to host applications in the AWS Cloud instead of on premises? (Choose two.)
A. EC2 includes operating system patch management. B. EC2 integrates with Amazon VPC, AWS CloudTrail, and AWS Identity and Access Management (IAM). C. EC2 has a 100% service level agreement (SLA). D. EC2 has a exible, pay-as-you-go pricing model. E. EC2 has automatic storage cost optimization.
B. EC2 integrates with Amazon VPC, AWS CloudTrail, and AWS Identity and Access Management (IAM). D. EC2 has a exible, pay-as-you-go pricing model.
Explanation/Reference:
BD as EC2 doesn't have any storage cost optimization options, only S3 has: https://aws.amazon.com/s3/cost-optimization/
Question 1384:
A company needs the ability to acquire resources when the resources are needed. The company also needs the ability to release the resources when the resources are no longer needed.
Which AWS concept represents the company's goals?
A. Scalability B. Sustainability C. Elasticity D. Operational excellence
A. Scalability
Question 1385:
Who has the responsibility to patch the host operating system of an Amazon EC2 instance, according to the AWS shared responsibility model?
A. Both AWS and the customer B. The customer only C. The EC2 hardware manufacturer D. AWS only
D. AWS only
Explanation/Reference:
*D* Straight from the Docks "Security and Compliance is a shared responsibility between AWS and the customer. This shared model can help relieve the customer's operational burden as AWS operates, manages and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates. The customer assumes responsibility and management of the guest operating system (including updates and security patches)"
A company is moving its virtual machines (VMs) from an on-premises environment to the AWS Cloud. The company plans to deploy Amazon EC2 instances. Which cloud computing model will the company use in this scenario?
A. Platform as a service (PaaS) B. Infrastructure as a service (laaS) C. Function as a service (FaaS) D. Software as a service (SaaS)
B. Infrastructure as a service (laaS)
Question 1387:
A company wants to add a layer of security beyond user names and passwords to make the login to the AWS Management Console more secure.
Which AWS service or feature can the company use to meet this requirement?
A. Secret access keys B. AWS Security Token Service (AWS STS) C. Multi-factor authentication (MFA) D. IAM password policies
C. Multi-factor authentication (MFA)
Question 1388:
Which AWS service can be used to automatically scale an application up and down without making capacity planning decisions?
A. Amazon AutoScaling B. Amazon Redshift C. AWS CloudTrail D. AWS Lambda
A company provides Amazon Workspaces to its remote employees. The company wants to prevent employees from using their virtual desktops to visit specific websites that are known to be malicious. Which AWS service should the company use to meet this requirement?
A. AWS Shield Advanced B. Amazon Route 53 C. Amazon GuardDuty D. AWS Network Firewall
AWS Network Firewall extends protection beyond SG- and NACL-levels by protecting at the route level and offering stateless and stateful rules from layers 3 through 7 in the OSI Model. It uses the certificate fully qualified domain name (FQDN) or Server Name Indication (SNI) to determine if a website is allowed for HTTPS traffic. This is a commonly requested security requirement. Reviewing these design examples of AWS Network Firewall will accelerate your migration to Amazon WorkSpaces. AWS Network Firewall is a managed service, with no infrastructure to manage or patch you can simplify operational excellence. Native settings for advanced filtering (including domain name), and network traffic inspection can alert and block traffic related to malware. It also has layer 7 intrusion prevent system (IPS) rules, and the ability to apply TLS fingerprinting to prevent a spoofed IP or FQDN.
Question 1390:
Which solution provides a fast, automated and repeatable method of deploying AWS Cloud infrastructure to multiple AWS Regions?
A. Use AWS CodeStar to set up a continuous delivery toolchain for automated deployment B. Create and launch an Amazon EC2 Amazon Machine Image (AMI) containing the source code with butt-m deployment hooks lo launch other AWS services C. Create and use an AWS CloudFormation template D. Use AWS Systems Manager to automate management tasks such as creating Amazon EC2 Amazon Machine images (AMIS) and applying patches
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your CLF-C01 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.