A company needs to report on events that involve the specific AWS services that the company uses.
Which AWS service or resource can the company use with Amazon CloudWatch to meet this requirement?
A. Amazon Inspector
B. AWS Personal Health Dashboard
C. AWS Trusted Advisor
D. AWS Cloud Trail logs
Correct Answer: D
D. AWS CloudTrail logs
AWS CloudTrail logs provide a record of all the AWS Management Console sign-in events and API calls made in the AWS account. CloudTrail logs can be used to report on events that involve specific AWS services that a company uses. The company can use CloudTrail logs with Amazon CloudWatch to monitor and alert on specific activities that occur within their AWS environment.
CloudWatch is a monitoring service for AWS resources and the applications you run on AWS. You can use CloudWatch to collect and track metrics, collect and monitor log files, and set alarms.
Amazon Inspector, AWS Personal Health Dashboard, and AWS Trusted Advisor are not the right services to use for this specific use case. Inspector is an automated security assessment service, Personal Health Dashboard is a service that provides a personalized view into the performance and availability of the AWS resources, and Trusted Advisor is a service that provides real-time guidance to help optimize performance, security, and cost.
Question 792:
Which of the following is an AWS key-value database offering consistent single-digit millisecond performance at any scale?
A. Amazon RDS
B. Amazon Aurora
C. Amazon DynamoDB
D. Amazon Redshift
Correct Answer: C
Amazon DynamoDB is designed to provide consistent single-digit millisecond latency for any scale of workloads. This consistent performance is a big part of why the Snapchat Stories feature, which includes Snapchat's largest storage write workload, moved to DynamoDB.
Question 793:
Which combination of steps will enable multi-factor authentication (MFA) on an AWS account? (Select TWO.)
A. Contact AWS Support to initiate MFA activation.
B. Activate AWS Shield on an MFA-compatible device.
C. Acquire an MFA-compatible device.
D. Activate the MFA device by using Amazon GuardDuty.
E. Activate the MFA device in the IAM console or by using the AWS CLI.
Correct Answer: BC
AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their user name and password (the first factor--what they know), as well as for an authentication response from their AWS MFA device (the second factor--what they have). Taken together, these multiple factors provide increased security for your AWS account settings and resources.
Question 794:
A company needs to process data from satellite communications without managing any infrastructure.
Which AWS service should the company use to meet these requirements?
A. Amazon CloudWatch
B. Amazon Aurora
C. Amazon Athena
D. AWS Ground Station
Correct Answer: D
AWS Ground Station is a fully managed service that lets you control satellite communications, process data, and scale your operations without having to worry about building or managing your own ground station infrastructure. Satellites are used for a wide variety of use cases, including weather forecasting, surface imaging, communications, and video broadcasts. Ground stations form the core of global satellite networks. With AWS Ground Station, you have direct access to AWS services and the AWS Global Infrastructure including a low-latency global fiber network. For example, you can use Amazon S3 to store the downloaded data, Amazon Kinesis Data Streams for managing data ingestion from satellites, and Amazon SageMaker for building custom machine learning applications that apply to your data sets. You can save up to 80% on the cost of your ground station operations by paying only for the actual antenna time used, and relying on the global footprint of ground stations to download data when and where you need it. There are no long-term commitments, and you gain the ability to rapidly scale your satellite communications on-demand when your business needs it.
Question 795:
Which task can a company complete by using AWS Organizations?
A. Track application deployment statuses globally.
B. Remove unused and underutilized AWS resources across all accounts.
C. Activate DDoS protection across all accounts.
D. Share pre-purchased Amazon EC2 resources across accounts.
Correct Answer: D
Question 796:
A company is using AWS Lambda. Which task is the company's responsibility, according to the AWS shared responsibility model?
A. Update the Lambda runtime language.
B. Maintain the runtime environment.
C. Maintain the networking infrastructure.
D. Configure the resource.
Correct Answer: D
D. Configure the resource.
According to the AWS shared responsibility model, the company is responsible for configuring the resources that they create in AWS Lambda, such as setting up the function, defining the function's triggers, specifying the function's runtime settings, and granting permissions to the function.
Question 797:
A company needs to run an application on Amazon EC2 instances. The instances cannot be interrupted at any time. The company needs an instance purchasing option that requires no long-term commitment or upfront payment. Which instance purchasing option will meet these requirements MOST cost-effectively?
A. On-Demand Instances
B. Spot Instances
C. Dedicated Hosts
D. Reserved Instances
Correct Answer: A
Question 798:
A system automatically recovers from failure when a company launches its workload on the AWS Cloud services platform. Which pillar of the AWS Well-Architected Framework does this situation demonstrate?
Built around six pillars--operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability--AWS Well-Architected provides a consistent approach for customers and partners to evaluate architectures and
implement scalable designs.
Reliability
The Reliability pillar encompasses the ability of a workload to perform its intended function correctly and consistently when it's expected to. This includes the ability to operate and test the workload through its total lifecycle. You can find
prescriptive guidance on implementation in the Reliability Pillar whitepaper.
Question 799:
Which of the following are characteristics of AWS WAF? (Select TWO.)
A. Acts as a firewall that controls inbound and outbound traffic between Amazon EC2 instances
B. Acts as a firewall that controls inbound and outbound traffic between subnets
C. Gives users the ability to block traffic that has specific HTTP headers
D. Protects websites that are not hosted on AWS
E. Scans Amazon EC2 instances for common vulnerabilities
Correct Answer: BC
AWS WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. This gives you an additional layer of protection from web attacks that attempt to exploit vulnerabilities in custom or third party web applications. In addition, AWS WAF makes it easy to create rules that block common web exploits like SQL injection and cross site scripting. AWS WAF allows you to create a centralized set of rules that you can deploy across multiple websites. This means that in an environment with many websites and web applications you can create a single set of rules that you can reuse across applications rather than recreating that rule on every application you want to protect.
Question 800:
Which of the following are AWS best practice recommendations for the use of AWS Identity and Access Management (IAM)? (Select TWO.)
A. Use the AWS account root user for daily access.
B. Use access keys and secret access keys on Amazon EC2.
C. Rotate credentials on a regular basis.
D. Create a shared set of access keys for system administrators.
E. Configure multi-factor authentication (MFA).
Correct Answer: CE
If you do have an access key for your AWS account root user, delete it. If you must keep it, rotate (change) the access key regularly. To delete or rotate your root user access keys, go to the My Security Credentials page in the AWS Management Console and sign in with your account's email address and password. You can manage your access keys in the Access keys section. For more information about rotating access keys, see Rotating access keys.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CLF-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.