A company is designing an identity access management solution for an application. The company wants users to be able to use their social media, email, or online shopping accounts to access the application. Which AWS service provides this functionality?
A. AWS IAM Identity Center (AWS Single Sign-On)
B. AWS config
C. Amazon Cognito
D. AWS Identity and Access Management (IAM)
Correct Answer: C
Question 352:
Which option is the default pricing model for Amazon EC2 instances?
A. On-Demand Instances
B. Savings Plans
C. Spot instances
D. Reserved Instances
Correct Answer: A
A. On-demand instances
In addition, EC2 On-Demand pricing is available for all Availability Zones (AZs), Regions, and operating systems (Linux, Windows, and RedHat Enterprise Limited Edition (RHEL)).
This is also the default pricing for EC2 instances and offers the most flexibility. The tradeoff is that On- Demand pricing is more expensive than other EC2 pricing methods, as you'll notice below.
Also, On-Demand pricing is highly variable and depends on your choice of region/availability zone, OS, instance type, and instance size.
Question 353:
Which AWS service can a company use to control permissions to AWS services in the cloud?
A. Amazon EC2
B. AWS Lambda
C. Amazon Elastic Container Service (Amazon ECS)
D. AWS Identity and Access Management (IAM)
Correct Answer: D
D. AWS Identity and Access Management (IAM). IAM is a web service that helps you securely control access to AWS resources. It enables you to manage users, groups, and permissions to allow and deny access to AWS services and resources. IAM is a fundamental service that provides authentication and authorization for all AWS services.
Question 354:
Which of the following is a benefit of operating in the AWS Cloud?
A. The ability to migrate on-premises network devices to the AWS Cloud
B. The ability to expand compute, storage, and memory when needed
C. The ability to host custom hardware in the AWS Cloud
D. The ability to customize the underlying hypervisor layer for Amazon EC2
Correct Answer: B
B. The ability to expand compute, storage, and memory when needed: One of the main benefits of operating in the AWS Cloud is the ability to rapidly scale your resources up or down as your needs change. With AWS, you can quickly provision new resources such as EC2 instances, databases, and storage to handle changing workloads or spikes in traffic. You can also scale resources automatically using services like AWS Auto Scaling, which automatically adjusts the number of EC2 instances in response to changes in demand.
Question 355:
Which AWS service is designed to help users orchestrate a work ow process for a set of AWS Lambda functions?
A. Amazon DynamoDB
B. AWS CodePipeline
C. AWS Batch
D. AWS Step Functions
Correct Answer: D
D. AWS Step Functions is designed to help users orchestrate a workflow process for a set of AWS Lambda functions. It allows users to coordinate the components of distributed applications and microservices using visual workflows.
Question 356:
A developer is writing a program that must switch between multiple IAM roles.
Which AWS services or features can the program use to meet this requirement? (Choose two.)
A. AWS CLI
B. AWS Security Token Service (AWS STS) API
C. IAM inline policies
D. AWS Organizations
E. AWS Trusted Advisor
Correct Answer: AB
B. AWS Security Token Service (AWS STS) API
The AWS Security Token Service (STS) API can be used to request temporary security credentials for IAM roles. The program can use the STS API to assume an IAM role and obtain temporary credentials that are associated with that role.
The temporary credentials can be used to access AWS resources and services that the IAM role is authorized to access.
A. AWS CLI
The AWS Command Line Interface (CLI) is a command-line tool that can be used to interact with AWS services and resources, including the AWS STS API. The program can use the AWS CLI to assume an IAM role and obtain temporary
security credentials that are associated with that role.
Question 357:
An application is running on multiple Amazon EC2 instances. The company wants to make the application highly available by configuring a load balancer with requests forwarded to the EC2 instances based on URL paths. Which AWS load balancer will meet these requirements and take the LEAST amount of effort to deploy?
A. Network Load Balancer
B. Application Load Balancer
C. AWS OpsWorks Load Balancer
D. Custom Load Balancer on Amazon EC2
Correct Answer: B
The Application Load Balancer (ALB) is a Layer 7 load balancer that is designed to route traffic to multiple targets, such as Amazon EC2 instances, based on the content of the request. The ALB supports path- based routing, which means that requests can be forwarded to specific targets based on the URL path.
Question 358:
A company uses Amazon Aurora as its database service. The company wants to encrypt its databases and database backups.
Which party manages the encryption of the database clusters and database snapshots, according to the AWS shared responsibility model?
A. AWS
B. The company
C. AWS Marketplace partners
D. Third-party partners
Correct Answer: A
According to the AWS shared responsibility model, both AWS and the customer have responsibilities when it comes to encryption of data.
In the case of Amazon Aurora, the encryption of database clusters and snapshots is managed by AWS, as this is a built-in feature of the service. However, the customer is responsible for managing the encryption keys used for this encryption.
Therefore, the correct answer is A. AWS manages the encryption of the database clusters and database snapshots, while the company is responsible for managing the encryption keys used for this encryption.
Question 359:
A company wants to host its relational databases on AWS. The databases have predefined schemas that the company needs to replicate on AWS. Which AWS services could the company use for the databases? (Choose two.)
A. Amazon Aurora
B. Amazon RDS
C. Amazon DocumentDB (with MongoDB compatibility)
D. Amazon Neptune
E. Amazon DynamoDB
Correct Answer: AB
B. Amazon RDS: Amazon RDS is a fully managed relational database service that makes it easy to set up, operate, and scale a relational database in the cloud. Amazon RDS supports popular relational database engines, including Amazon Aurora, MySQL, MariaDB, PostgreSQL, Oracle, and Microsoft SQL Server. With Amazon RDS, the company can replicate its predefined schemas on AWS, and AWS will manage the infrastructure for them.
A. Amazon Aurora: Amazon Aurora is a MySQL and PostgreSQL-compatible relational database engine that is designed to be highly scalable and performant. Aurora is a fully managed service that can automatically scale up or down based on your application needs. Aurora is a good option if the company is looking for a highly scalable relational database service that supports replication of predefined schemas.
Question 360:
A company runs an ecommerce website that is hosted on AWS. External auditors have requested proof that the AWS services that the company uses are compliant with the Payment Card Industry Data Security Standard (PCI DSS). Which AWS service will provide this information?
A. AWS Certificate Manager (ACM)
B. AWS Artifact
C. AWS License Manager
D. AWS CloudTrail
Correct Answer: B
AWS Artifact is a service that provides access to AWS compliance reports and other audit documents. It includes reports on compliance with a range of industry standards and regulations, including PCI DSS.
To provide proof of compliance with PCI DSS, the company can use AWS Artifact to access the relevant compliance report. The report will provide details on the AWS services that are in scope for PCI DSS compliance, as well as the controls that are implemented by AWS to meet the requirements of the standard.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CLF-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.