A company wants to implement controls (guardrails) in a newly created AWS Control Tower landing zone.
Which AWS services or features can the company use to create and define these controls (guardrails)? (Choose two.)
A. AWS config
B. Service control policies (SCPs)
C. Amazon Guard Duly
D. AWS Identity and Access Management (1AM)
E. Security groups
Correct Answer: BD
When creating a new AWS Control Tower landing zone, you can define policies to enforce permissions boundaries and ensure compliance across your AWS environment. AWS provides several services and features to help create and define these policies, and two of the primary tools are Service Control Policies (SCPs) and AWS Identity and Access Management (IAM) policies.
Service Control Policies (SCPs) are used to define permission guardrails across accounts in a Control Tower landing zone. With SCPs, you can limit permissions for IAM entities (users, groups, and roles) and the resources they can access. SCPs work as a whitelist, explicitly allowing access to only the specified resources and services, and denying access to all other resources and services. This helps to enforce compliance policies across all accounts and resources within the AWS Control Tower environment.
Question 452:
A company is considering migration to the AWS Cloud. The company wants a fully managed service or feature that can transfer streaming data from multiple sources to an Amazon S3 bucket. Which AWS service or feature should the company use to meet these requirement?
A. AWS DataSync
B. Amazon Kinesis Data Firehose
C. S3 Select
D. AWS Transfer Family
Correct Answer: B
Amazon Kinesis Data Firehose is a fully managed service that can capture, transform, and load streaming data in real-time from multiple sources, including AWS services such as Amazon S3, Amazon Redshift, and Amazon Elasticsearch. It is designed to make it easy to load streaming data into AWS data stores, data lakes, and analytics services. With Amazon Kinesis Data Firehose, you can transform and compress data before loading it into Amazon S3.
In this scenario, the company wants a fully managed service or feature that can transfer streaming data from multiple sources to an Amazon S3 bucket, which is exactly what Amazon Kinesis Data Firehose is designed to do. Therefore, the best option to meet the company's requirement is Amazon Kinesis Data Firehose.
Question 453:
A company wants to create a chatbot and integrate the chatbot with its current web application. Which AWS service will meet these requirements?
A. Amazon Kendra
B. Amazon Lex
C. Amazon Textract
D. Amazon Polly
Correct Answer: B
Option B (Amazon Lex) will meet the company's requirements for creating a chatbot and integrating it with its current web application.
Amazon Lex is a service for building conversational interfaces (chatbots) into any application using voice and text. Amazon Lex provides a complete conversational interface for your applications, allowing you to create bots that respond to natural language text and voice commands. Amazon Lex is based on the same technology that powers Amazon Alexa, which means that it can be used to build bots that can understand and respond to conversational queries.
Question 454:
A company needs to connect on-premises applications to AWS Cloud storage by using industry-standard internet Small Computer Systems Interface (iSCSI) connectivity. Which AWS solution can the company use to meet this requirement?
A. AWS Storage Gateway file gateway
B. Amazon API Gateway
C. AWS Storage Gateway volume gateway
D. AWS Transit Gateway
Correct Answer: C
The AWS solution that can be used to connect on-premises applications to AWS Cloud storage by using industry-standard internet Small Computer Systems Interface (iSCSI) connectivity is AWS Storage Gateway volume gateway.
AWS Storage Gateway volume gateway is a hybrid storage service that enables on-premises applications to use AWS Cloud storage. It supports iSCSI connectivity, which allows applications to read and write data to AWS storage volumes using standard iSCSI initiators. Volume gateway provides two modes of operation: stored volumes and cached volumes. In stored volumes mode, entire datasets are stored on-premises, and a copy of the data
Question 455:
Which AWS service or feature can be used to control inbound and outbound traffic on an Amazon EC2 instance?
A. Internet gateways
B. AWS Identity and Access Management (IAM)
C. Network ACLs
D. Security groups
Correct Answer: D
D. Security groups can be used to control inbound and outbound traffic on an Amazon EC2 instance.
Security groups act as a virtual firewall for your EC2 instances, allowing you to control inbound and outbound traffic at the instance level. You can specify the inbound and outbound traffic rules by defining security group rules, which act as virtual firewall rules that filter traffic based on protocols, ports, and source/destination IP addresses.
Internet Gateways are used to enable communication between instances in your VPC and the internet. AWS Identity and Access Management (IAM) is used for managing user access and permissions to AWS resources. Network ACLs can be used to control traffic at the subnet level in your VPC.
Question 456:
Which AWS Well-Architected Framework concept represents a system's ability to remain functional when the system encounters operational problems?
A. Consistency
B. Elasticity
C. Durability
D. Latency
Correct Answer: C
Question 457:
A company is migrating its data center to AWS. The company needs an AWS Support plan that provides chat access to a cloud support engineer 24 hours a day, 7 days a week. The company does not require access to infrastructure event management.
What is the MOST cost-effective AWS Support plan that meets these requirements?
A. AWS Enterprise Support
B. AWS Business Support
C. AWS Developer Support
D. AWS Basic Support
Correct Answer: B
The most cost-effective AWS Support plan that meets these requirements is AWS Developer Support, which provides 24/7 chat and email support from cloud support engineers. This plan is designed for developers and is priced at a lower rate than AWS Business Support
Question 458:
A developer needs to build an application for a retail company. The application must provide real-time product recommendations that are based on machine learning. Which AWS service should the developer use to meet this requirement?
A. AWS Health Dashboard
B. Amazon Personalize
C. Amazon Forecast
D. Amazon Transcribe
Correct Answer: B
The developer should use Amazon Personalize to meet the requirement for real-time product recommendations based on machine learning. Amazon Personalize is a machine learning service that uses advanced algorithms to create custom personalization models that can be used to deliver real-time product recommendations, personalized search results, and targeted marketing campaigns. Amazon Personalize can be used to build recommendation engines for various use cases, including retail product recommendations.
Question 459:
A company runs Amazon EC2 instances in a research lab. The instances run for 3 hours each week and cannot be interrupted. What is the MOST cost-effective instance purchasing option to meet these requirements?
A. Compute Savings Plan
B. On-Demand Instances
C. Convertible Reserved Instances
D. Spot Instances
Correct Answer: B
Since the instances cannot be interrupted, Spot Instances cannot be used. On-Demand Instances do not provide any discounts or benefits for long-term usage. Compute Savings Plans and Convertible Reserved Instances offer cost savings
for longer-term usage.
However, since the instances are only run for 3 hours each week, it may be more cost-effective to use On- Demand Instances rather than purchasing any instance reservation or savings plan.
Therefore, the MOST cost-effective instance purchasing option for this requirement is B. On-Demand Instances.
Question 460:
A company wants to build a new web application by using AWS services. The application must meet the on-demand load for periods of heavy activity. Which AWS services or resources provide the necessary workload adjustments to meet these requirements? (Choose two.)
A. Amazon Machine Image (AMI)
B. Amazon EC2 Auto Scaling
C. Amazon EC2 instance
D. AWS Lambda
E. EC2 Image Builder
Correct Answer: BD
Amazon EC2 Auto Scaling is a service that automatically adjusts the number of Amazon EC2 instances in a group based on changing application demand. This helps to maintain the performance of the application during periods of high traffic or demand, and reduces costs during periods of low demand.
AWS Lambda is a serverless computing service that automatically scales based on the incoming request rate. It provides an event-driven, serverless computing platform for building applications that respond to events and automatically scales to handle changes in traffic.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CLF-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.